While importing a project into the Snyk console, you may sometimes encounter an error; for example:
Some common errors and suggested resolutions are described below.
General
Failed to process manifest FILE_NAME
The manifest file is missing, has been moved or renamed. If this is intentional, please deactivate or delete this project in the settings.
You may receive this error if you delete, move or rename the manifest file that Snyk reads during the initial project import.
To resolve this issue, restore the manifest file to the location it was at during the initial project import. Or, if the file move was intentional, deactivate or delete the Snyk project, then re-import the project.
No supported target files detected.
If the repo does not contain any supported target files, (or import settings exclude them), then no open-source project will be created.
Please see our documentation for supported languages and target files.
Maven
Detected 0 dependencies (no project created)
In this case, we were able to read the pom.xml file correctly, but it contained no dependencies so we did not create a project for it. This is expected behaviour.
This can often happen when processing Bill of Material pom files, which do not contain any of their own dependencies but specify package versions for other pom files that import it via a dependencyManagement
element.
Yarn and npm
Failed to parse package.json or package-lock.json as valid JSON
Failed to parse package.json or yarn.lock as valid JSON
Please check the package.json and lockfile is valid JSON, any manual manipulation of these files may result in a missing/extra character where it is not expected.
Use any of the online tools to validate it is correct JSON. To test locally: npm install should pass without errors.
Note: Snyk supports Yarn v2 via the Snyk CLI only. More details can be found in our official documentation.
Your package.json and yarn.lock are probably out of sync. OR
Your package.json and package-lock.json are probably out of sync.
Please see here for a discussion of how to resolve this issue
Found package-lock.json | unable to download the file
If you see this message and have a GitHub or GitHub Enterprise integration running via Broker, please check the size of the package-lock.json - by default the Broker will block any files >1MB. Please see Broker Troubleshooting for details on how to allow these files.
Go Modules
Failed to access private module
Go Modules projects that depend on modules from private Git repositories are supported where the private repositories are in the same Git organisation as the main project repository.
Imports for projects with private modules from repos in other Git organisations will fail.
Missing go.mod file in private dependency
Support for Go Modules requires that every private dependency has a `go.mod` file within every package.
To troubleshoot the issue, please run `go mod graph` locally in the root of the imported repository in order to find any missing `go.mod` files. Once found, please add them to the appropriate repository.
If you were not able to identify missing `go.mod` files please contact support@snyk.io.
RubyGems
Failed to process RubyGems lockfile contents
We were unable to process the Gemfile.lock to extract dependencies from it. Please contact support at support@snyk.io and if possible share the lockfile you used so we can identify the issue.
Bitbucket
If you manually add a project to Snyk using Add custom file location, ensure the folder path and file name are in the correct case that matches your repo.
For example, if you have on BBS myproject / MyRepo with a subfolder GoofFolder, adding manually gooffolder/package.json will fail; specify GoofFolder/package.json instead.
.NET
Satisfying version not found for cousin dependencies
When importing a .Net project, Snyk creates the dependency tree according to the .*proj file. According to the NuGet logic, you cannot use the same package with different versions in the same project.
For example, if Package A and Package B are direct dependencies of the same project, and both use Package C, then Package C is a transitive dependency. When resolving the version of Package C, it must be resolved into one version and to satisfy the requirements of Package A and Package B. Failing to do that results in the error message Satisfying version not found for cousin dependencies.
To troubleshoot the issue, please try to build the project. If it was built successfully, please reach out to support@snyk.io and we will look into it. If not, please make sure that all of the dependencies you use in your project are not conflicting.
Satisfying version not found
When importing a .Net project, Snyk creates the dependency tree according to the packages.config or .*proj files. To resolve the version of all dependencies, they must be compatible with the target framework of the project. If one or more dependencies are not compatible, the error message appears Satisfying version not found.
To troubleshoot the issue, please try to build the project. If it was built successfully, please reach out to support@snyk.io and we will look into it. If it wasn't, please make sure that all of the dependencies you are using in your project are compatible with the target framework of the project.
Target framework not present in <project_FileName>
To build a dependency tree, Snyk needs to determine the target framework of the project. Currently, we require the target framework to be part of the .*proj file.
Snyk Container
Cannot test existing Dockerfile project where scanning setting is disabled
This error occurs when a Dockefile is detected, but the settings for the integration have Dockerfile detection turned off. This is shown so that it is clear a Dockerfile is found in the repo, but integration settings do not allow for import.
This can be adjusted by turning on the Detect Dockerfiles option in the integration settings for the Organization.
Failed to detect OS release
This error may appear while testing/importing a Docker image if you have a Scratch-based Container Image. This is a current known limitation for Scratch-based container images.
As a workaround, you can use the CLI to import/test these docker images.
See Test your container images with our CLI tool for details on how to run a Snyk test in the CLI.
Also, see What are docker scratch-based images.
For any other reasons please do reach out to support@snyk.io
Image size exceeds allowed size
When importing an image from AWS ECR you can come up against the following error when Importing large AWS ECR images:
Image size exceeds allowed size (4.XXXGb > 2.000Gb) when importing container from AWS ECR
Unfortunately, there is currently a limit of 2GB for AWS ECR images. You can test your images greater than 2GB with the CLI using `snyk container test`
Base image detection
Failed to detect base image in: <FileName>
A Dockerfile must begin with a FROM instruction. This may be after parsing directives, comments, and globally scoped ARGs.
Failed to fully resolve base image in: <FileName>
A Dockerfile imported through SCM must have default values for all ARG instructions. ARG NAME=""
(using a blank "" value) is not supported.
Infrastructure as Code (Kubernetes / Helm)
Failed to download Helm chart file
This error may be caused by a failure to download the Chart.yaml
file from your git repository. This might mean Snyk does not have the correct permissions to access the file or that it has been deleted.
If you are using a Snyk broker, make sure you follow the relevant configuration instructions.
Failed to find a proper values file
Snyk needs the values.yaml
file to render the template. This file needs to be in the same folder as the Charts.yaml
file.
Failed to receive the content of the templates folder
Failed to get the file: <FileName> in order to template the chart
Ensure there is a templates
folder in the same directory as the Chart.yaml
file. This folder should contain templates and helper files (*.tpl
) that we access as part of the import flow. For more details about the expected format of Helm Charts, see Scan and fix security issues in your Helm Charts.
If you use a Snyk broker, follow the relevant configuration instructions.
Failed to run Helm template using the chart
You can check whether your chart is valid by testing locally, by running helm template
, which should pass without errors.
Infrastructure as Code (Terraform)
Unsupported Terraform file format
This error appears if the imported repository contains HCL version 1 files. Snyk only supports HCL version 2, used from Terraform version 0.12+.
Use the terraform validate
command to check your configuration file version.
Go Template placeholders found in Terraform File
We detected the usage of Go Template syntax (e.g. {{...}}) in this file, we do not support this syntax in Terraform files.
Python
Problem with --no-binary flag. Use the following instead:
psycopg2==2.7.5 --no-binary=psycopg2
Even though pip does not require "=" between the flag and the value, Snyk requires the character in order to prevent parsing failures.