build(deps): bump snyk from 1.1303.1 to 1.1303.2

[dependabot]

Bumps snyk from 1.1303.1 to 1.1303.2.

Release notes

Sourced from snyk's releases.

v1.1303.2

1.1303.2 (2026-03-23)

The Snyk CLI is being deployed to different deployment channels, users can select the stability level according to their needs. For details please see this documentation

Features

• redteam: Introducing Snyk Agent Red Teaming with attack profiles (fast, security, safety) via the new --profile flag, allowing users to select pre-configured sets of attack goals. (99e2953)
• redteam: New terminology for goals, strategies, and attacks to better describe Agent Red Teaming workflows. (99e2953)
• redteam: Tenant-based authentication using --tenant-id for routing Agent Red Teaming commands. (99e2953)
• redteam: Interactive wizard to guide users through Agent Red Teaming configuration and setup. (99e2953)
• container: Add Go stdlib vulnerability detection to container scans (aacdc53)

Bug Fixes

• test: Fixes a bug where the CLI repeatedly evaluated user privileges (feature flags) when scanning multiple Go projects.(d348cb7)
• test: Fixes a bug where scanning Go projects (with a replace directive pointing at a relative path) would fail due to badly formatted PackageURLs.(4c6b663)
• container: upgrade minimatch dependency to 3.1.3 (aacdc53)
• dependencies: Fix CVE-2026-33186 (f8a0602)
• dependencies: Fix CVE-2025-69873 (d240fcf)
• container: Fixes an issue where container scans of OCI archive images (including hybrid-format archives produced by Docker Desktop's containerd image store) could silently fail, returning exit code 0 with no vulnerability results. (4ad137f)

Commits

• a748517 Merge pull request #6675 from snyk/release-candidate
• ebf17c8 Merge pull request #6661 from snyk/hotfix/1.1303.2
• a31ec3d chore: update release notes
• 00e9bd7 fix: update snyk-docker-plugin to 9.1.4 for OCI extraction fix
• 09d5953 chore: set up fake server in golang acceptance test
• 7758a0c fix(ci): remove busybox dependency
• 7887c13 fix: reachability tests
• 8c73756 chore: fix unit test mocking
• 3fce6d4 chore: add release notes for v1.1303.2
• 84ece6a fix: migrate red teaming to standalone extension
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)