If you have your SOOS account configured to Scan full dependency tree your dependency tree will be scanned up to 20 levels deep. Dependency trees larger than this are considered overly complex and will not be scanned past the 20th level. Because of this, SOOS cannot provide a complete assessment of the presence (or absence) of vulnerabilities and/or license identification for packages that exceed the maximum dependency depth.
If SOOS detects a manifest that fits this description, the following notification will be displayed on the Project Details page.
Read here about the maximum allowable declared dependencies within the dependency tree.