You may encounter an error such as the following while running one of the Snyk CLI commands:
This generally occurs on larger projects where the default amount of memory allocated by Node (1.5gb) is insufficient to complete the command successfully.
You can increase the amount of memory allocated to the command by running the following command prior to running the Snyk CLI:
From the control panel go to System -> Advanced system settings -> Environment Variables -> New (user or system) and increase the Variable value as shown in the following screenshot:
Or do this in powershell with the following:
You can also increase the number, if necessary. Some users have increased this up to 14gb for some larger projects.
Additionally, for Snyk CLI version 1.1090.0 and above, you can exclude the scanning of app layers by using the
--exclude-app-vulns option with
container test. You can also opt out of jar scanning using
--nest-jar-depth=0. We advise using multi-stage builds so that each layer can be tested as far left as possible, as mentioned in our 5 Best Practices for Container Security