2019-07-16 09:06:09 -04:00
# Dependencies API **(ULTIMATE)**
CAUTION: **Caution:**
This API is in an alpha stage and considered unstable.
The response payload may be subject to change or breakage
across GitLab releases.
2019-08-23 07:34:05 -04:00
Every call to this endpoint requires authentication. To perform this call, user should be authorized to read repository.
To see vulnerabilities in response, user should be authorized to read
2019-08-22 04:50:31 -04:00
[Project Security Dashboard ](../user/application_security/security_dashboard/index.md#project-security-dashboard ).
2019-07-16 09:06:09 -04:00
## List project dependencies
2019-08-22 04:50:31 -04:00
Get a list of project dependencies. This API partially mirroring
2019-08-15 02:15:15 -04:00
[Dependency List ](../user/application_security/dependency_list/index.md ) feature.
2019-07-16 09:06:09 -04:00
This list can be generated only for [languages and package managers ](../user/application_security/dependency_scanning/index.md#supported-languages-and-package-managers )
2019-08-22 04:50:31 -04:00
supported by Gemnasium.
2019-07-16 09:06:09 -04:00
```
GET /projects/:id/dependencies
2019-08-23 07:34:05 -04:00
GET /projects/:id/dependencies?package_manager=maven
GET /projects/:id/dependencies?package_manager=yarn,bundler
2019-07-16 09:06:09 -04:00
```
| Attribute | Type | Required | Description |
| ------------- | -------------- | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `id` | integer/string | yes | The ID or [URL-encoded path of the project ](README.md#namespaced-path-encoding ). |
| `package_manager` | string array | no | Returns dependencies belonging to specified package manager. Valid values: `bundler` , `composer` , `maven` , `npm` , `pip` or `yarn` . |
2020-01-30 10:09:15 -05:00
```shell
2019-07-16 09:06:09 -04:00
curl --header "PRIVATE-TOKEN: < your_access_token > " https://gitlab.example.com/api/v4/projects/4/dependencies
```
Example response:
```json
[
{
"name": "rails",
"version": "5.0.1",
"package_manager": "bundler",
2019-08-23 07:34:05 -04:00
"dependency_file_path": "Gemfile.lock",
"vulnerabilities": [{
"name": "DDoS",
"severity": "unknown"
}]
2019-07-16 09:06:09 -04:00
},
{
"name": "hanami",
"version": "1.3.1",
"package_manager": "bundler",
2019-08-23 07:34:05 -04:00
"dependency_file_path": "Gemfile.lock",
"vulnerabilities": []
2019-07-16 09:06:09 -04:00
}
]
```