When you are testing larger packages using the Snyk CLI, the
monitor command in particular may time out or fail with an error such as:
- Connection timeout
Typically this happens because a package has many dependencies and sub-dependencies that have expanded the project beyond a manageable size.
Snyk enabled the following option to help expedite and ensure the success of running the
snyk monitor command for larger projects:
$ snyk test --prune-repeated-subdependencies
$ snyk monitor --prune-repeated-subdependencies
Use this option to prune dependency trees, removing duplicate sub-dependencies. The command continues to find all vulnerabilities, but may not find all of the vulnerable paths.
The limitation occurs because when building the dependency tree, Snyk prunes sub-dependencies that have already been detected with all of their subsequent sub-dependencies. This helps streamline the running of the command, eliminating duplicate cycles. However, a potential consequence is that all vulnerable paths may not be calculated correctly.