CODEWITHSUNDEEP
githubscriptingdependenciescommand-line-interface
Arielegend
Arielegend

Reputation: 23

Fetch dependencies from a project in Github using CLI

Are there any commands that enable the fetching of the dependencies for a repository on github?

On Github, under the 'Insights' tab, I can see the dependencies, by pressing the 'Dependencies Graph' button, and that displays all the dependencies for the project.

My question is, can I write a script, to fetch these dependencies?

I tried to navigate in Postman and make a GET request to the url 'https://github.com/-User-/-Project-/network/dependencies' and I received a 404 response.

But when I put the same url in Chrome, I can see the Dependencies Graph for that project.

Upvotes: 2

Views: 733

Answers (3)

nktnet
nktnet

Reputation: 486

github-dependents-info

Regarding

Are there any commands that enable the fetching of the dependencies for a repository on github?

This is possible using the Python library github-dependents-info:

You can install the library with

pip install github-dependents-info

github-dependents-info uses GitHub HTML to scrape dependencies information, rather than GitHub API directly. Here are a two examples listed in its documentation for command-line usage:

# Outputs Text
github-dependents-info --repo nvuillam/npm-groovy-lint

# Outputs JSON
github-dependents-info --repo nvuillam/npm-groovy-lint --json

Outputting to a markdown file is also supported, although it's best to consult the [official examples](github-dependents-info --repo nvuillam/npm-groovy-lint --json) for all the nuances.

As for

My question is, can I write a script, to fetch these dependencies?

You can import and use the library in your Python script as follows:

# only used for pretty-printing, not necessary
import json

from github_dependents_info import GithubDependentsInfo

REPO_NAME = 'nvuillam/npm-groovy-lint'

gh_deps_info = GithubDependentsInfo(REPO_NAME, debug=True, sort_key="stars")

# Starts scraping GitHub HTML web
repo_dependency_stats = gh_deps_info.collect()

# Outputs the JSON to terminal with 2 space indentation
print(json.dumps(repo_dependency_stats, indent=2))

I couldn't find much information on the documentation for Python usage, but was able to construct the above example by looking at nvuillam/github-dependents-info/blob/main/tests/test_gh_dependents_info/test_gh_dependents_info.py.

Upvotes: 1

Rob Bos
Rob Bos

Reputation: 1481

You can’t. There are no API calls available for this information at the moment. I’ve been wanting to get that information myself as well 😕.

Upvotes: 1

esnible
esnible

Reputation: 360

You can get it in SPDX SBOM format:

curl -L \
  -H "Accept: application/vnd.github+json" \
  -H "Authorization: Bearer $GITHUB_AUTH_TOKEN"\
  https://api.github.com/repos/<owner>/<name>/dependency-graph/sbom

You can get it using GraphQL:

gh api -H 'Accept: application/vnd.github.hawkgirl-preview+json' graphql --paginate -f query='query {
     repository(owner:"<owner>",name:"<name>") {
     dependencyGraphManifests {
     totalCount
     nodes {
      filename
    }
  edges {
    node {
      blobPath
      dependencies {
        totalCount
        nodes {
              packageName
              requirements
              hasDependencies
              packageManager
           }
          }
        }
      }
    }
  }
}'

Replace and with the owner and name of the repository you are interested in.

Upvotes: 1

Related Questions