We have applied a fix for this issue, and projects are now testing and importing correctly. * Customers who have been affected are advised to import the affected repos again to ensure that projects are correctly identified, and any projects that were not able to import due to this incident are imported correctly. There is no need to delete existing projects.
Posted Dec 18, 2025 - 22:38 UTC
Identified
Our Engineers have identified the root cause and are now working on a solution.
We'll keep you updated with our progress.
Posted Dec 18, 2025 - 15:44 UTC
Investigating
We have detected an issue that is causing SCM scans of PNPM projects to be mis-attributed to NPM or Yarn. This is only occurring in the regional hosted environments (customers that login on sites other than app.snyk.io) Symptoms: * PNPM projects may be detected as NPM projects, or display import errors due to missing yarn.lock files. * Customers using set-and-forget may notice that projects previously detected as PNPM are deactivated and new NPM projects are created. * Customers may notice a change in dependency or vulnerability reports for these projects. This does not affect customers on app.snyk.io This does not affect customers using Snyk CLI to scan pnpm projects, where the PNPM option is enabled in snyk preview.
We will update with further information as it becomes available
Posted Dec 18, 2025 - 07:11 UTC
This incident affects: SNYK-US-02 (app.us.snyk.io) (Snyk Open Source), SNYK-EU-01 (app.eu.snyk.io) (Snyk Open Source), and SNYK-AU-01 (app.au.snyk.io) (Snyk Open Source).