Get Project Dependency
https://app.fossa.com/api/v2/revisions/{locator}/dependencies/{dependencyRevisionLocator}Get a single dependency by locator for a given project revision. **Note:** Unlike the list endpoint (`GET /v2/revisions/{locator}/dependencies`), this single-dependency endpoint returns the full, unsanitized dependency object. In addition to the fields documented in the response schema below, the payload includes these extra fields: - Top-level: `authors`, `description`, `url`, `individualLicenses`, `groupedLicenses`, `sourceType`, `lastPublishedDate` - Each entry in `rootProjects` additionally includes `type`, `teams`, `paths`, and `depth` - Each entry in `issues` additionally includes `notes`
Path parameters
locatorstringrequiredThe locator of the project revision
dependencyRevisionLocatorstringrequiredThe locator of the dependency to retrieve
Query parameters
includeResolutionNotesbooleanInclude resolution notes in issue data
includeLicenseTextbooleanInclude full license text in license data
includeCopyrightbooleanInclude copyright information in license data
includeMatchesbooleanInclude license match details in license data
includeDownloadUrlbooleanInclude download URL in package data
Responses
200OKdependencyobjectlocatorstringtitlestringisManualbooleanisIgnoredbooleanisUnknownbooleanisSnippetConversionbooleanconclusionsobjectscopedobjectlicensesstring[]lastEditedBystringupdatedAtstringbaseobjectlicensesstring[]justificationstringlicensesstring[]declaredLicensesstring[]discoveredLicensesstring[]licenseGroupsobject[]The grouped licenses discovered for this dependency.
licenseGroupIdintegersignaturestringignoredbooleanisDeclaredbooleanlicensesobject[]titlestringlicenseIdstringignoredbooleanurlstring | nulllicenseGroupIdintegerrevisionLicenseIdintegerprojectCorrectionIdinteger | nulllabelsobject[]The package label assignments applied to this dependency.
idintegerrequiredThe ID of the package label assignment.
createdAtstring <date-time>requiredThe date and time the package label assignment was created.
updatedAtstring <date-time>requiredThe date and time the package label assignment was last updated.
organizationIdintegerrequiredThe ID of the organization that owns the package label assignment.
labelIdintegerrequiredThe ID of the label that was assigned to the package.
packageIdstringrequiredThe ID of the package that the label was assigned to.
packageVersionstringThe version of the package that the label was assigned to or null if the label was assigned to all versions.
scopeenumrequiredThe scope of the package label assignment.
orgprojectrevisionscopeIdstringrequiredThe ID of the scope that the label was assigned to or null if the label was assigned to all scopes.
namestringrequiredThe name of the label that was assigned to the package.
depthintegeroriginPathsstring[]statusobjecterrorstringresolvedbooleanunsupportedbooleananalyzingbooleanissuesobject[]idintegertypestringstatusenumactiveignoredlicensestringcvssScorenumberrootProjectsobject[]titlestringrevisionstringbranchstringconclusionsobjectscopedobjectlicensesstring[]lastEditedBystringupdatedAtstringbaseobjectlicensesstring[]justificationstringlayerDepthnumbercpesstring[]vendoredPathsstring[]versionstring400Bad RequestuuidstringUnique identifier associated with the error
codeintegerfossa specific error code
messagestringmessage associated with this error
namestringname of the error
httpStatusCodeintegerhttp status code number
404Not FounduuidstringUnique identifier associated with the error
codeintegerfossa specific error code
messagestringmessage associated with this error
namestringname of the error
httpStatusCodeintegerhttp status code number
Try this endpoint
Build a request and run it against app.fossa.com.
Stored in this browser for 24 hours. Try It uses a docs proxy for CORS and does not store tokens server-side.
GET https://app.fossa.com/api/v2/revisions/%7Blocator%7D/dependencies/%7BdependencyRevisionLocator%7Dcurl --request GET \ --url 'https://app.fossa.com/api/v2/revisions/%7Blocator%7D/dependencies/%7BdependencyRevisionLocator%7D' \ --header 'accept: application/json' \ --header 'authorization: Bearer YOUR_API_TOKEN'Real request. Mutating methods can change data.
Path params
locatorstringrequiredThe locator of the project revision
dependencyRevisionLocatorstringrequiredThe locator of the dependency to retrieve
Query params
includeResolutionNotesbooleanInclude resolution notes in issue data
includeLicenseTextbooleanInclude full license text in license data
includeCopyrightbooleanInclude copyright information in license data
includeMatchesbooleanInclude license match details in license data
includeDownloadUrlbooleanInclude download URL in package data