dependency_review
Creates, updates, deletes, gets or lists a dependency_review resource.
Overview
| Name | dependency_review |
| Type | Resource |
| Id | github.dependency_graph.dependency_review |
Fields
The following fields are returned by SELECT queries:
- diff_range
Response
| Name | Datatype | Description |
|---|---|---|
name | string | (example: @actions/core) |
change_type | string | (added, removed) |
ecosystem | string | (example: npm) |
license | string | (example: MIT) |
manifest | string | (example: path/to/package-lock.json) |
package_url | string | (example: pkg:/npm/%40actions/core@1.1.0) |
scope | string | Where the dependency is utilized. development means that the dependency is only utilized in the development environment. runtime means that the dependency is utilized at runtime and in the development environment. (unknown, runtime, development) |
source_repository_url | string | (example: https://github.com/github/actions) |
version | string | (example: 1.0.0) |
vulnerabilities | array |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
diff_range | select | owner, repo, basehead | name | Gets the diff of the dependency changes between two commits of a repository, based on the changes to the dependency manifests made in those commits. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
basehead | string | The base and head Git revisions to compare. The Git revisions will be resolved to commit SHAs. Named revisions will be resolved to their corresponding HEAD commits, and an appropriate merge base will be determined. This parameter expects the format {base}...{head}. |
owner | string | The account owner of the repository. The name is not case sensitive. |
repo | string | The name of the repository without the .git extension. The name is not case sensitive. |
name | string | The full path, relative to the repository root, of the dependency manifest file. |
SELECT examples
- diff_range
Gets the diff of the dependency changes between two commits of a repository, based on the changes to the dependency manifests made in those commits.
SELECT
name,
change_type,
ecosystem,
license,
manifest,
package_url,
scope,
source_repository_url,
version,
vulnerabilities
FROM github.dependency_graph.dependency_review
WHERE owner = '{{ owner }}' -- required
AND repo = '{{ repo }}' -- required
AND basehead = '{{ basehead }}' -- required
AND name = '{{ name }}'
;