Open Context Protocol is live! 🚀 Read the launch post
Registry
Browse APIs
Development
GitHub
dependencyGraphDiffRange

dependencyGraphDiffRange

Get a diff of the dependencies between commits

GET /repos/{owner}/{repo}/dependency-graph/compare/{basehead} HTTP/1.1

Parameters 

{
  "owner": {
    "description": "The account owner of the repository. The name is not case sensitive.",
    "required": true,
    "location": "path",
    "type": "string"
  },
  "repo": {
    "description": "The name of the repository without the `.git` extension. The name is not case sensitive.",
    "required": true,
    "location": "path",
    "type": "string"
  },
  "basehead": {
    "description": "The base and head Git revisions to compare. The Git revisions will be resolved to commit SHAs. Named revisions will be resolved to their corresponding HEAD commits, and an appropriate merge base will be determined. This parameter expects the format `{base}...{head}`.",
    "required": true,
    "location": "path",
    "type": "string"
  },
  "name": {
    "description": "The full path, relative to the repository root, of the dependency manifest file.",
    "required": false,
    "location": "query",
    "type": "string"
  }
}

Response Schema 

{
  "title": "Dependency Graph Diff",
  "description": "A diff of the dependencies between two commits.",
  "type": "array",
  "items": {
    "type": "object",
    "properties": {
      "change_type": {
        "type": "string",
        "enum": [
          "added",
          "removed"
        ]
      },
      "manifest": {
        "type": "string",
        "example": "path/to/package-lock.json"
      },
      "ecosystem": {
        "type": "string",
        "example": "npm"
      },
      "name": {
        "type": "string",
        "example": "@actions/core"
      },
      "version": {
        "type": "string",
        "example": "1.0.0"
      },
      "package_url": {
        "type": "string",
        "nullable": true,
        "example": "pkg:/npm/%40actions/core@1.1.0"
      },
      "license": {
        "type": "string",
        "nullable": true,
        "example": "MIT"
      },
      "source_repository_url": {
        "type": "string",
        "nullable": true,
        "example": "https://github.com/github/actions"
      },
      "vulnerabilities": {
        "type": "array",
        "items": {
          "type": "object",
          "properties": {
            "severity": {
              "type": "string",
              "example": "critical"
            },
            "advisory_ghsa_id": {
              "type": "string",
              "example": "GHSA-rf4j-j272-fj86"
            },
            "advisory_summary": {
              "type": "string",
              "example": "A summary of the advisory."
            },
            "advisory_url": {
              "type": "string",
              "example": "https://github.com/advisories/GHSA-rf4j-j272-fj86"
            }
          },
          "required": [
            "severity",
            "advisory_ghsa_id",
            "advisory_summary",
            "advisory_url"
          ]
        }
      },
      "scope": {
        "description": "Where the dependency is utilized. `development` means that the dependency is only utilized in the development environment. `runtime` means that the dependency is utilized at runtime and in the development environment.",
        "type": "string",
        "enum": [
          "unknown",
          "runtime",
          "development"
        ]
      }
    },
    "required": [
      "change_type",
      "manifest",
      "ecosystem",
      "name",
      "version",
      "package_url",
      "license",
      "source_repository_url",
      "vulnerabilities",
      "scope"
    ]
  }
}