While importing a project from GitHub, some users have reported getting an error such as the below example:
This can occur while attempting to import a large or complex project that generates a large dependency tree. While we are working on improving our ability to handle these larger projects, a possible workaround for this would be to use the Snyk CLI tool. https://snyk.io/docs/using-snyk/
If the CLI commands also yield issues handling this large project, you can use the following command to monitor the project :
snyk monitor --prune-repeated-subdependencies
What it does:
As mentioned in the Snyk help section, when building the dependency tree Snyk will prune sub-dependencies that have already been detected with all of their subsequent sub-dependencies. This will help streamline the running of the command, eliminating duplicate cycles.
A potential consequence of this will be potentially not all vulnerable paths being calculated correctly; however, this will not affect the number of vulnerabilities or whether a vulnerability is found.