Open Source Projects that must be built before testing with the Snyk CLI

For some types of Open Source Projects, you must build the Project before testing it with the Snyk CLI.

Manifests provide some dependency information. However, other dependencies are resolved only after the Project is built. In addition, lockfiles giving dependency information may not be available before the Project is built.

The following types of Projects must be built before testing with the CLI.

Language

Project type

Build required?

JavaScript

npm

Build required only if no package-lock.json file is present; run npm install to generate. See the Snyk for JavaScript documentation for supported lockfile versions

Javascript

Yarn

Build required only if no yarn.lock file is present; run yarn install to generate

Java

Maven

Yes Run mvn install before testing.

Java

Gradle

No

.NET

NuGet

Build required only if no packages.config file is present.