fix: upgrade snyk-docker-plugin

[kateeselius]

Pull Request Submission Checklist

• Follows CONTRIBUTING guidelines
• Commit messages
  are release-note ready, emphasizing
  what was changed, not how.
• Includes detailed description of changes
• Contains risk assessment (Low | Medium | High)
• Highlights breaking API changes (if applicable)
• Links to automated tests covering new functionality
• Includes manual testing instructions (if necessary)
• Updates relevant GitBook documentation (PR link: ___)
• Includes product update to be announced in the next stable release notes

What does this PR do?

This PR upgrades the container scanner snyk-docker-plugin - hoping to get a hot fix for an urgent fix for Walmart customer ticket

Where should the reviewer start?

Review the package.json version bump and the associated snyk-docker-plugin changes listed above.

How should this be manually tested?

Build the CLI locally with the new dependencies and run it (container monitor / container test )

What's the product update that needs to be communicated to CLI users?

Hotfix is to include: feat: override packages with inaccurate pom.properties files (snyk/snyk-docker-plugin#764) — Handles cases where Java pom.properties files report incorrect package metadata.

Other features that will be included by upgrading to this version include:
feat: add Go stdlib vulnerability detection to container scans (snyk/snyk-docker-plugin#767) — Adds detection of Go standard library vulnerabilities when scanning containers.
fix: add snyk ignores for tar symlink attack vulns (snyk/snyk-docker-plugin#769) — Ignores known tar symlink attack vulnerabilities (likely internal/dev dependency noise).
feat: extend support for java runtime binary scanning (snyk/snyk-docker-plugin@79a0114)

Risk assessment (Low | Medium | High)?

low

Any background context you want to provide?

n/a

What are the relevant tickets?

customer ticket

Screenshots (if appropriate)

n/a

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[snyk-pr-review-bot]

PR Reviewer Guide 🔍

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Dependency Mismatch 🟡 [minor] The top-level package-lock.json dependencies for snyk-docker-plugin (line 71) use a caret range ^9.6.0, whereas package.json (line 119) uses a pinned version 9.6.0. While not a breaking bug, this inconsistency in version locking can lead to 'package-lock.json' being out of sync with 'package.json' in future npm install runs if a newer minor version of the plugin is released. "snyk-docker-plugin": "^9.6.0",

📚 Repository Context Analyzed This review considered 6 relevant code sections from 2 files (average relevance: 0.55) package-lock.json (5 segments, lines 18951-19181) package.json (lines 1-223)