The Wayback Machine - https://web.archive.org/web/20230105012525/https://docs.github.com/de/rest/dependency-graph/dependency-review
Skip to main content
The REST API is now versioned. For more information, see "About API versioning."

Abhängigkeitsüberprüfung

Mithilfe der Abhängigkeitsüberprüfungs-API kannst du Änderungen an Abhängigkeiten und deren Auswirkungen auf die Sicherheit nachvollziehen, bevor du diese deiner Umgebung hinzufügst.

Informationen zur Abhängigkeitsüberprüfungs-API

Mithilfe der Abhängigkeitsüberprüfungs-API kannst du Änderungen an Abhängigkeiten und deren Auswirkungen auf die Sicherheit nachvollziehen, bevor du diese deiner Umgebung hinzufügst. Du siehst die unterschiedlichen Abhängigkeiten zwischen zwei Commits eines Repositorys, einschließlich der Sicherheitsrisikodaten für sämtliche Versionsupdates mit bekannten Sicherheitsrisiken. Weitere Informationen zur Abhängigkeitsüberprüfung findest du unter Informationen zur Abhängigkeitsüberprüfung.

Get a diff of the dependencies between commits

Gets the diff of the dependency changes between two commits of a repository, based on the changes to the dependency manifests made in those commits.

Parameter

Headers
Name, Type, Description
acceptstring

Setting to application/vnd.github+json is recommended.

Path parameters
Name, Type, Description
ownerstringRequired

The account owner of the repository. The name is not case sensitive.

repostringRequired

The name of the repository. The name is not case sensitive.

baseheadstringRequired

The base and head Git revisions to compare. The Git revisions will be resolved to commit SHAs. Named revisions will be resolved to their corresponding HEAD commits, and an appropriate merge base will be determined. This parameter expects the format {base}...{head}.

Query parameters
Name, Type, Description
namestring

The full path, relative to the repository root, of the dependency manifest file.

HTTP-Antwortstatuscodes

StatuscodeBESCHREIBUNG
200

OK

403

Forbidden

404

Resource not found

Codebeispiele

get/repos/{owner}/{repo}/dependency-graph/compare/{basehead}
curl \ -H "Accept: application/vnd.github+json" \ -H "Authorization: Bearer <YOUR-TOKEN>"\ -H "X-GitHub-Api-Version: 2022-11-28" \ https://api.github.com/repos/OWNER/REPO/dependency-graph/compare/BASEHEAD

Response

Status: 200
[ { "change_type": "removed", "manifest": "package.json", "ecosystem": "npm", "name": "helmet", "version": "4.6.0", "package_url": "pkg:npm/helmet@4.6.0", "license": "MIT", "source_repository_url": "https://github.com/helmetjs/helmet", "vulnerabilities": [] }, { "change_type": "added", "manifest": "package.json", "ecosystem": "npm", "name": "helmet", "version": "5.0.0", "package_url": "pkg:npm/helmet@5.0.0", "license": "MIT", "source_repository_url": "https://github.com/helmetjs/helmet", "vulnerabilities": [] }, { "change_type": "added", "manifest": "Gemfile", "ecosystem": "rubygems", "name": "ruby-openid", "version": "2.7.0", "package_url": "pkg:gem/ruby-openid@2.7.0", "license": null, "source_repository_url": "https://github.com/openid/ruby-openid", "vulnerabilities": [ { "severity": "critical", "advisory_ghsa_id": "GHSA-fqfj-cmh6-hj49", "advisory_summary": "Ruby OpenID", "advisory_url": "https://github.com/advisories/GHSA-fqfj-cmh6-hj49" } ] } ]