Open Source Projects that must be built before testing with the Snyk CLI

Language

Project type

Build required?

JavaScript

npm

Build required only if no package-lock.json file is present; run npm install to generate. See the Snyk for JavaScript documentation for supported lockfile versions

Javascript

Yarn

Build required only if no yarn.lock file is present; run yarn install to generate

Java

Maven

Yes Run mvn install before testing.

Java

Gradle

No

.NET

NuGet

Build required only if no packages.config file is present.

.NET

Paket

Yes

Python

pip

Yes Run pip install -r requirements.txt before testing. Install is required so that the full dependency tree (nested dependencies included) can be tested.

Alternatively, pass the CLI --skip-unresolved=true option when testing to test only the dependencies available without building.

Python

pipenv

Yes Run pipenv update before testing

Python

setup.py

Yes Run pip install -e . before testing

Python

Poetry

Yes If no Poetry lockfile exists, run poetry lock to generate a poetry.lock file before testing. No If the lockfile exists.

Python

dep

Yes Run dep ensure before testing.

Golang

Go Modules

No

Swift / Objective-C

Cocoapods

Build required only if no Podfile.lock file is present; run pod install to generate

Swift

Swift Package Manager

No

Scala

sbt

No

Ruby

Bundler

Build required only if no Gemfile.lock file present; run bundle install to generate.

PHP

Composer

Build required only if no composer.lock file is present; run composer install to generate.