Open Source Projects that must be built before testing with the Snyk CLI
For some types of Open Source Projects, you must build the Project before testing it with the Snyk CLI.
Manifests provide some dependency information. However, other dependencies are resolved only after the Project is built. In addition, lockfiles giving dependency information may not be available before the Project is built.
The following types of Projects must be built before testing with the CLI.
Language
Project type
Build required?
JavaScript
npm
Build required only if no package-lock.json file is present; run npm install to generate.
See the Snyk for JavaScript documentation for supported lockfile versions
Javascript
Yarn
Build required only if no yarn.lock file is present; run yarn install to generate
Java
Maven
Yes
Run mvn install before testing.
Java
Gradle
No
.NET
NuGet
Build required only if no packages.config file is present.