Supply Chain

This part of the documentation covers all the supplychain APIs.

Dependency Graph API

class ghastoolkit.DependencyGraph(repository: Repository | None = None, enable_graphql: bool = True, enable_clearlydefined: bool = False)

Dependency Graph API.

__init__(repository: Repository | None = None, enable_graphql: bool = True, enable_clearlydefined: bool = False) None

Initialise Dependency Graph.

exportBOM() Dependencies

Download / Export DependencyGraph SBOM.

https://docs.github.com/en/rest/dependency-graph/sboms#export-a-software-bill-of-materials-sbom-for-a-repository

getDependencies() Dependencies

Get Dependencies.

getDependenciesGraphQL(dependencies_count: int = 100) Dependencies

Get Dependencies from GraphQL.

This functions requests each manifest file in the repository and the dependencies associated with it. It then paginates through both the manifests and dependencies.

This is done to avoid the timeout errors in the GraphQL API when requesting large projects with many manifests and dependencies.

getDependenciesInPR(base: str, head: str) Dependencies

Get all the dependencies from a Pull Request.

getDependenciesSbom() Dependencies

Get Dependencies from SBOM.

getOrganizationDependencies() Dict[Repository, Dependencies]

Get Organization Dependencies.

submitDependencies(dependencies: Dependencies, tool: str, path: str, sha: str = '', ref: str = '', version: str = '0.0.0', url: str = '')

Submit dependencies to GitHub Dependency Graph snapshots API.

https://docs.github.com/en/rest/dependency-graph/dependency-submission?apiVersion=2022-11-28#create-a-snapshot-of-dependencies-for-a-repository

submitSbom(sbom: dict[Any, Any])

Submit SBOM.

Dependabot API

class ghastoolkit.Dependabot(repository: Repository | None = None)

Dependabot API instance.

__init__(repository: Repository | None = None) None

Initialise Dependabot API class.

getAlerts(state: str = 'open', severity: str | None = None, ecosystem: str | None = None, package: str | None = None, manifest: str | None = None, scope: str | None = None) list[DependencyAlert]

Get All Dependabot alerts from REST API.

https://docs.github.com/en/rest/dependabot/alerts

getAlertsGraphQL() list[DependencyAlert]

Get All Dependabot alerts from GraphQL API using the GetDependencyAlerts query.

getAlertsInPR() list[DependencyAlert]

Get All Dependabot alerts from REST API in Pull Request.

isEnabled() bool

Is Dependabot enabled.

isSecurityUpdatesEnabled() bool

Is Security Updates for Dependabot enabled.

https://docs.github.com/en/rest/reference/repos#get-a-repository