Merge remote-tracking branch 'upstream/master'

cliv2/scripts/sign_darwin.sh

@@ -48,7 +48,7 @@ rm $APPLE_SIGNING_SECRETS
 security set-key-partition-list -S apple-tool:,apple: -s -k "$KEYCHAIN_PASSWORD" "$KEYCHAIN_NAME"
 
 echo "$LOG_PREFIX Signing binary $APP_PATH"
-codesign -s "$APPLE_SIGNING_IDENTITY" -v "$APP_PATH" --options runtime
+codesign -s "$APPLE_SIGNING_IDENTITY" -v "$APP_PATH" --timestamp --options runtime 
 
 #
 # notarization

help/_about-this-project/snyk-code-signing-public.pgp

@@ -1,51 +1,13 @@
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 
-mQINBGJmfEwBEADWBKcDoaf8cAnCg1FPcibCzEtKLts9GEpv1ekXi3BP+ZVqdY6/
-vPVznMPgSCDJz4kahDoX18mSZcxJUc6cgu1XPvGHhQE0rcvpUwnTTjnoo4vzvOAM
-SNvaVTmCwO6jYecj5HrBLpy5dhyGUc68GKcOB0CnmsQYFnHrnJOcGdB0AgKsL1Ll
-TZ3qZYe7vS/1i3RoPfoOx+jW8hHPqKltaSf7HRiWcTBpQg8rPjpBRPY/PtXklHy8
-ib76GzEYA7J/X4azBs6I08mSUoUWH0ATwNFSsnR6xN96kEA+d4cL8O9gL9SNpZRX
-X1FPZXfUr8KjS7X2VfDAhG/Ch+aKmTgJF3dIUGHwuegJlVYia32EV3uQH93qnFxA
-oIkP5muhDNNlZ0SDVQLRCTuC6TTKy36VoHNTj3XzUG3+q49RaSdHsp/f90A+caVy
-R6HgYJfcvBhdX7SC+aYpU822j/4SLi2L3K32j+qcIE8iEPR2LlgopEecHQmyI2G4
-0K5HUWaHJPu+EH0s4fsIZfZgESkLQhiBEIon2zTO7Zz8tWxVV0aR4/85Djnn5UUq
-h6efMw2g8WaUkRD3Djsi9CpepyKLakWH3+bBVnKzH8pWdGMa272wn9PVfeCwF8xq
-wICI/PPfN7d7RpULWjphzqeEl/ni0yUIiNPiwBlYH5fbpUlVpndWWXROZwARAQAB
-tCNTbnlrIExpbWl0ZWQgPGNvZGUtc2lnbmluZ0BzbnlrLmlvPokCTgQTAQoAOBYh
-BGi/vM63eU5vwGogRKKcMukfS5VpBQJiZnxMAhsDBQsJCAcDBRUKCQgLBRYCAwEA
-Ah4BAheAAAoJEKKcMukfS5VpeQ0P/j5CgXpwsx3De56+4tibEBqHLfv4wwWxBsoy
-Wv6L1BfgKyI0NSs1IUJSx5GdsXSwtU9Mp5PhBlVVA6U0SwOxt5ghRSf/kCvB1oP1
-Oo8W3dBl4Y4oWFlIM280t2v/PveBdB1nNiPxmAG1jHtoMqbHFkmZDFvroYFSj/rm
-FOe2qXOc/gwj5RUVVu+tTCPwCyCF9tBfqnbYbLjmI2z1om90uFqSOVDZJbUCY9ZK
-OR9Szu0/Jybg9/7VQ2BDRLi4LSRIASHOc4ZbHfX/44NZOODwzCme78MbbS9cFvRX
-SkFzH1I1yEqtCzCF23Nav/Dbemyhe2zi/Qhi/XCufOsg3tK3uSjWWqeIm5knP/IL
-MSdoEOxIkGZ+FHJ6yzO5r4bLYrfwWLrFI/k5dCGgzKiX76TwakqkcJ0NX5kSLdle
-O2HBSuuoPCLcX7QfPWh51CF/EZ6IV/Rmc+ZbyW2UbJ4FuYWsb9wMdSiaoi8TGiVt
-1snb9QRbTo3ZJWRN+pE4bW2UadieE8wfyHHVEMo5RQ49heaR0Q5VJkapnPWfKb1v
-3QTJh4L2Jju0cGQD+OtAvTQ005ZjG0ZXR4GiKArCUMebJRzNR3FFR/vyItP2lb31
-GwCObABWUtP4oCMRxTGHpGRNLJCmMvWIs1RejxB9Y7svU7fcF06jHF5UXke7NSOs
-fLaduZz2uQINBGJmfEwBEACpd4neyneH+/2d5KKQyXpPnPpCnxPIcQ9Ql4QyGuJB
-Em/PeVZDMaqpuQwNfFsPCjV1C9uF9VJfTlvQnXPqA/OndVaWbfBFqEtnS6RX4NHf
-FWIMcYibpg+3lHSY5iY4B4R/WIrlO021g3ULpsVL/Sz4Zz4drF2lZXgcGiBmiRVo
-JopU+KPUbjO0rFh927EYEJ80+LT0E4M+dJnEofGd5P0bTeQWNqoVABLAKql+erHX
-kBUrwMk8/ekdqfn5DYM31OR19Ogud/3cxsxOkhgvWWwUhtihu9NiqtO2y0c4ijHG
-WgWXjM3K2zs23f+pfNLfTtE8pkZw7Swmr0GRQ6Ikx9LqhdGPKqoALr8TqVUudZXU
-8clact0OtmHKASAI4bH51b3XSTmj1+v8g4/oEjukniuFm5Fave78Rh/EaO2IXjxc
-moCSCk6bK2YEM2fSjCuTVI9zm+CzyQ9MmvEJcR0vBCU2vHcrwKkvKXQIssePZT12
-B8IO9LT5jeVnFmtI+tLY2E/r7tqrmcgmHciAw0ugFGG7uYQivF21Mlqz72Dx+P0+
-WVch456NHUy26ALhAv8jU7OQprpzuRQOytYKiUK5GwrF91/6WmhYyIzlVFIYoqfQ
-s0WEu2apcPIx9OVtWoot8cynskneJ9s+EtPNF4T/Zh8YTCvGIhRy7Tvt6GbEnDQE
-UQARAQABiQI2BBgBCgAgFiEEaL+8zrd5Tm/AaiBEopwy6R9LlWkFAmJmfEwCGwwA
-CgkQopwy6R9LlWkJpg/+JWhBKpWJ9Kv4I0XWpMOlCzaKPk0TDqXpSPg+MWOGrv3i
-Q2Xeyi4HCy7oBISI1YpF4mJeaJikC1KQIikOmCKyj6kYj+WnHfjBUkplOKMe80ZU
-X5AZWsUfw2p1LJn0fCcdJrHDAn29R0abaoe9ExYPlXgFmBNoIQNvG/fMzwoIYmPO
-WsWPmqCzYQ7oCi4kOHhOo1isDlrunT0egSb6KXKdLPwn1u+rTQno1fBFQB/cY9s5
-F036QfVx0M4NdX8LzNQCObXZdln0PSqSNs7EXzHGv5ivuBZaFVsKv+HPSnaUng/M
-fyDZhOowNy6NEgB042lnOl0wO8JEm8Av1PC7y/1gTijAd1bFAjX7m0FqIfkJnhvY
-yGwSnGq4qXECpivBGA4Y2xUXURaSDNk8h1TjUT4366CGqSaVgTL5zZ2Jiu6rDozk
-9A4ur3GwldHpszUm3zAhDrjTHxDVFohhbBW9kmcQQmsz1PKiWMqCKT2V3J+Pn/HE
-VEu6go9VxdW4bZyb4Zc0ikB5T+FEuHOMK8QSeEfdWgzG87YJZkTCf5o90wl3A8YJ
-dvQcwQJsZ4FGInMk62VVyHrrJmD7W6+35/dLcAbrjMfrkR9FE97q3wRk4KkGPzDi
-r3OBWax7GYllVWd94kYFN4mRQxQISPRpO9yvH58WbsGxlymYr5lfibYI7AX+/B0=
-=vpdV
+mDMEY7bmTBYJKwYBBAHaRw8BAQdAYBCJOraO3kiE/7Q2/7k6WNZG9I3KSmbm6aNp
+05rNYji0I1NueWsgTGltaXRlZCA8Y29kZS1zaWduaW5nQHNueWsuaW8+iJkEExYK
+AEEWIQSiJmX7lsqw4Jc2BMg2dsS4KJwpbgUCY7bmTAIbAwUJA8JnAAULCQgHAgIi
+AgYVCgkICwIEFgIDAQIeBwIXgAAKCRA2dsS4KJwpbnQGAQCspMHbIQxwH0juRMye
+j3zCcQK2hDCWPIs4ecx8T4Be2wEAtcD8AnZSbmXbrnPAarKeCGwfIWCKcUsmkqzz
+rB04/gm4OARjtuZMEgorBgEEAZdVAQUBAQdAOALchLEyLdhJ0U/RF+c+HFczClpE
+yqMOyzPlF9OOaAwDAQgHiH4EGBYKACYWIQSiJmX7lsqw4Jc2BMg2dsS4KJwpbgUC
+Y7bmTAIbDAUJA8JnAAAKCRA2dsS4KJwpbv9eAQDD25qh5WF7TkOZUUhe+4hLDkS3
+RdLL7tBDogAoIORt8QEA2XZvHmEfFyJgrJus+gv3GRKXHwiScYhlpmXV4T4+gws=
+=MsMZ
 -----END PGP PUBLIC KEY BLOCK-----

package.json

@@ -115,7 +115,7 @@
     "snyk-cpp-plugin": "2.20.1",
     "snyk-docker-plugin": "5.7.2",
     "snyk-go-plugin": "^1.19.4",
-    "snyk-gradle-plugin": "3.24.6",
+    "snyk-gradle-plugin": "3.25.1",
     "snyk-module": "3.1.0",
     "snyk-mvn-plugin": "2.32.0",
     "snyk-nodejs-lockfile-parser": "1.45.1",

release-scripts/sha256sums.txt.asc.sh

@@ -11,7 +11,7 @@ echo "${SNYK_CODE_SIGNING_PGP_PRIVATE}" \
 echo "Signing shasums file"
 gpg \
     --clear-sign \
-    --local-user=1F4B9569 \
+    --local-user=3676C4B8289C296E \
     --passphrase="${SNYK_CODE_SIGNING_GPG_PASSPHRASE}" \
     --pinentry-mode=loopback \
     --armor \

src/cli/commands/monitor/index.ts

@@ -175,7 +175,16 @@ export default async function monitor(...args0: MethodArgs): Promise<any> {
       } else {
         packageManager = detect.detectPackageManager(path, options);
       }
-
+      const unsupportedPackageManagers: Array<{
+        label: string;
+        name: string;
+      }> = [{ label: 'Swift PM', name: 'swift' }];
+      const unsupportedPackageManager = unsupportedPackageManagers.find(
+        (pm) => pm.name === packageManager,
+      );
+      if (unsupportedPackageManager) {
+        return `${unsupportedPackageManager.label} projects do not currently support "snyk monitor"`;
+      }
       const targetFile =
         !options.scanAllUnmanaged && options.docker && !options.file // snyk monitor --docker (without --file)
           ? undefined

test/smoke/spec/snyk_code_spec.sh

@@ -7,15 +7,15 @@ Describe "Snyk Code test command"
   Describe "snyk code test"
     run_test_in_subfolder() {
       cd ../fixtures/sast/shallow_sast_webgoat || return
-      snyk code test . --org=snyk-cli-smoke-test-with-snykcode
+      snyk code test .
     }
 
     It "finds vulns in a project in the same folder"
       When run run_test_in_subfolder
       The output should include "Static code analysis"
       The output should include "✗ [High] SQL Injection"
       The status should be failure
-      if should_have_deprecation_warnings; then 
+      if should_have_deprecation_warnings; then
         The stderr should not equal ""
       else
         The stderr should equal ""
@@ -25,11 +25,11 @@ Describe "Snyk Code test command"
 
   Describe "code test with SARIF output"
     It "outputs a valid SARIF with vulns"
-      When run snyk code test ../fixtures/sast/shallow_sast_webgoat --sarif --org=snyk-cli-smoke-test-with-snykcode
+      When run snyk code test ../fixtures/sast/shallow_sast_webgoat --sarif
       The status should be failure # issues found
       The output should include '"$schema": "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json"'
       The output should include '"name": "SnykCode"'
-      if should_have_deprecation_warnings; then 
+      if should_have_deprecation_warnings; then
         The stderr should not equal ""
       else
         The stderr should equal ""