305.md

# Dependencies API

> 原文：[https://docs.gitlab.com/ee/api/dependencies.html](https://docs.gitlab.com/ee/api/dependencies.html)

*   [List project dependencies](#list-project-dependencies)

# Dependencies API[](#dependencies-api-ultimate "Permalink")

**警告：**此 API 处于 alpha 阶段，被认为是不稳定的. 响应有效载荷可能会在 GitLab 版本之间发生更改或损坏.

对此端点的每次调用都需要身份验证. 要执行此调用，应授权用户读取存储库. 要查看响应中的漏洞，应授权用户阅读[Project Security Dashboard](../user/application_security/security_dashboard/index.html#project-security-dashboard) .

## List project dependencies[](#list-project-dependencies "Permalink")

获取项目依赖项列表. 该 API 部分镜像了[依赖项列表](../user/application_security/dependency_list/index.html)功能. 只能为 Gemnasium 支持的[语言和程序包管理器](../user/application_security/dependency_scanning/index.html#supported-languages-and-package-managers)生成此列表.

```
GET /projects/:id/dependencies
GET /projects/:id/dependencies?package_manager=maven
GET /projects/:id/dependencies?package_manager=yarn,bundler 
```

| Attribute | Type | Required | Description |
| --- | --- | --- | --- |
| `id` | integer/string | yes | 项目的 ID 或[URL 编码的路径](README.html#namespaced-path-encoding) . |
| `package_manager` | 字符串数组 | no | 返回属于指定程序包管理器的依赖项. 有效值： `bundler` ， `composer` ， `maven` ， `npm` ， `pip`或`yarn` . |

```
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/projects/4/dependencies" 
```

响应示例：

```
[  {  "name":  "rails",  "version":  "5.0.1",  "package_manager":  "bundler",  "dependency_file_path":  "Gemfile.lock",  "vulnerabilities":  [{  "name":  "DDoS",  "severity":  "unknown"  }]  },  {  "name":  "hanami",  "version":  "1.3.1",  "package_manager":  "bundler",  "dependency_file_path":  "Gemfile.lock",  "vulnerabilities":  []  }  ] 
```