Container: New pruning option for large dependency graphs

We have introduced a new optimization mechanism to support scanning for enterprise-scale projects with massive dependency graphs. We added a graph pruning capability that allows scans exceeding the standard maxVulnPathsLimit to complete successfully.

Certain large projects generate dependency graphs with over 100,000 vulnerable paths. Previously, these massive graphs hit a hard limit in the Snyk Container monitor, causing the scan to fail completely for large enterprise workloads.

This unblocks scans for large projects. Users who were previously unable to monitor their largest containers due to timeout or complexity errors can now successfully scan them.

CLI users can use the --prune-repeated-subdependencies flag immediately. Customers using container registry integrations should request that the corresponding Feature Flag be enabled for their organization by contacting support.