The Wayback Machine - https://web.archive.org/web/20230105012520/https://docs.github.com/fr/rest/dependency-graph/dependency-review
Skip to main content
The REST API is now versioned. For more information, see "About API versioning."

Vérification des dépendances

L’API Vérification des dépendances vous permet de comprendre les changements de dépendances et l’impact de sécurité de ces changements avant de les ajouter à votre environnement.

À propos de l’API Dependency review

L’API Dependency review vous permet de comprendre les changements de dépendances et l’impact de sécurité de ces changements avant de les ajouter à votre environnement. Vous pouvez voir la différence des dépendances entre deux commits d’un dépôt, y compris les données de vulnérabilité de toutes les mises à jour de version avec des vulnérabilités connues. Pour plus d’informations sur la révision des dépendances, consultez « À propos de la révision des dépendances ».

Get a diff of the dependencies between commits

Gets the diff of the dependency changes between two commits of a repository, based on the changes to the dependency manifests made in those commits.

Paramètres

Headers
Name, Type, Description
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

baseheadstringRequired

The base and head Git revisions to compare. The Git revisions will be resolved to commit SHAs. Named revisions will be resolved to their corresponding HEAD commits, and an appropriate merge base will be determined. This parameter expects the format {base}...{head}.

Query parameters
Name, Type, Description
namestring

The full path, relative to the repository root, of the dependency manifest file.

Codes de statut de réponse HTTP

Code d’étatDescription
200

OK

403

Forbidden

404

Resource not found

Exemples de code

get/repos/{owner}/{repo}/dependency-graph/compare/{basehead}
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>"\ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/dependency-graph/compare/BASEHEAD

Response

Status: 200
[ { "change_type": "removed", "manifest": "package.json", "ecosystem": "npm", "name": "helmet", "version": "4.6.0", "package_url": "pkg:npm/helmet@4.6.0", "license": "MIT", "source_repository_url": "https://github.com/helmetjs/helmet", "vulnerabilities": [] }, { "change_type": "added", "manifest": "package.json", "ecosystem": "npm", "name": "helmet", "version": "5.0.0", "package_url": "pkg:npm/helmet@5.0.0", "license": "MIT", "source_repository_url": "https://github.com/helmetjs/helmet", "vulnerabilities": [] }, { "change_type": "added", "manifest": "Gemfile", "ecosystem": "rubygems", "name": "ruby-openid", "version": "2.7.0", "package_url": "pkg:gem/ruby-openid@2.7.0", "license": null, "source_repository_url": "https://github.com/openid/ruby-openid", "vulnerabilities": [ { "severity": "critical", "advisory_ghsa_id": "GHSA-fqfj-cmh6-hj49", "advisory_summary": "Ruby OpenID", "advisory_url": "https://github.com/advisories/GHSA-fqfj-cmh6-hj49" } ] } ]