When you are testing a project in the CLI using the
snyk test command, you may receive an unexpected result:
Tested 0 dependencies for known issues, no vulnerable paths found
This message means that the Snyk CLI was unable to find any known dependencies in your project. This may be for a variety of reasons including the following:
- There are no production dependencies, but rather all of them are devDependencies. Consider adding
--devto your command to scan for devDependencies as well.
- There are no dependencies at all; this may be an empty file. See Open Source language and package manager support for the type of project that you are scanning.
- You may be unintentionally scanning a different project from what you expect. For a monorepo consider adding the
--all-projectsflag to scan all supported manifest files at once.
- For some languages you may have to install the dependencies before scanning. For npm, you may need to run
yarn install. For DotNet you may need to run
dotnet restore. See Open Source language and package manager support for the type of project you are scanning.