Fixing out of sync project warning
You may receive one of the following errors:
Your package.json and yarn.lock are probably out of sync.
Please run "yarn install" and try again.
Your package.json and package-lock.json are probably out of sync.
Please run "npm install" and try again.
What does this mean?
Out of sync lock file
Sometimes a project may become out of sync between the lockfile and the manifest file. This might happen if the package.json is modified or updated but the lockfile is not.
This can display differently depending on how you are scanning your project.
If Snyk detects this issue, you may receive a warning that a given dependency was not found and the project is not being tested.
This can be resolved by ensuring the lockfile and manifest file are correctly synced, by executing
npm install or
In some cases, it may be necessary to delete the
node_modules folder and the
package-lock.json and run
npm install again to force a full reinstall.
You can also add the following argument to the Snyk command to ignore out-of-sync errors:
On import, you might get an error:
For SCM Projects, this can be resolved by re-importing the Project after re-syncing the manifest and lockfiles as described above.
npm workspaces are supported via CLI scan, but not currently via GIT (SCM) import. Projects using workspaces will give an
out of sync message when imported via SCM.