A Python library for interacting with Open Source Insights API (deps.dev)

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for eclipseo from gravatar.com eclipseo

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers
Report project as malware

Project description

PyDepsDev

A Python library for interacting with Open Source Insights API (deps.dev).
Easily fetch package, version, project, advisory, container, and PURL data—and leverage automatic name normalization and hash encoding.

Table of Contents

Installation

pip install pydepsdev

Quick Start

import asyncio
from pydepsdev.api import DepsdevAPI

async def main():
    # Simple init
    api = DepsdevAPI()

    # …use api methods…

    await api.close()

asyncio.run(main())

Or use as an async context manager:

import asyncio
from pydepsdev.api import DepsdevAPI

async def main():
    async with DepsdevAPI() as api:
        pkg_info = await api.get_package("npm", "foo")
        print(pkg_info)

asyncio.run(main())

Name Normalization & Hash Encoding

  • System names are case‐insensitive but always sent uppercase.
  • NuGet package names are lowercased.
  • PyPI package names are normalized per [PEP 503].
  • When you call query_package_versions(hash_type, hash_value, …), your hash_value is automatically Base64‐encoded before sending.

Endpoints

Package & Version

# Get basic package info + versions list
await api.get_package(system_name: str, package_name: str)

# Get metadata for a specific version
await api.get_version(system_name: str, package_name: str, version: str)

Batch Version Queries

# One page (up to 5000) of versions
await api.get_version_batch(
    [(system, pkg, ver), ],
    page_token: Optional[str] = None
)

# Retrieve ALL pages for a batch
await api.get_all_versions_batch(
    [(system, pkg, ver), ]
)

Requirements, Dependencies & Dependents

# NuGet only
await api.get_requirements("NuGet", "package_name", "version")

# Any supported system
await api.get_dependencies(system_name, package_name, version)

# Dependent counts
await api.get_dependents(system_name, package_name, version)

Capabilities & Similarly-Named

# Go only
await api.get_capabilities("Go", "module_path", "version")

# Find similarly-named packages
await api.get_similarly_named_packages(system_name, package_name)

Query Package Versions

# By hash (hash.value is auto base64‐encoded)
await api.query_package_versions(
    hash_type: str,     # e.g. "SHA256"
    hash_value: str,    # raw hex or bytes
    version_system: Optional[str] = None,
    version_name:   Optional[str] = None,
    version:        Optional[str] = None,
)

Project

# Single project metadata
await api.get_project(project_id: str)

# One page of project batch
await api.get_project_batch(
    [project_id1, project_id2, ],
    page_token: Optional[str] = None
)

# Retrieve all pages
await api.get_all_projects_batch([])

# List package versions derived from a project
await api.get_project_package_versions(project_id: str)

Advisories

# Fetch OSV advisory details
await api.get_advisory(advisory_id: str)

PURL Lookup

# Single purl
await api.get_purl_lookup(purl: str)

# One page of PURL batch
await api.get_purl_lookup_batch(
    [purl1, purl2, ],
    page_token: Optional[str] = None
)

# Retrieve all pages
await api.get_all_purl_lookup_batch([])

Container Images

# Query container images by OCI chain ID
await api.query_container_images(chain_id: str)

For full details on parameters and response schemas, see the Deps.dev API docs.

Contributing

Contributions, issues and feature requests are welcome!
Feel free to check issues page or submit a pull request.

License

This project is licensed under the Apache Software License 2.0.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for eclipseo from gravatar.com eclipseo

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

This version

0.2.3

0.2.2

0.2.1

0.2.0

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pydepsdev-0.2.3.tar.gz (18.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pydepsdev-0.2.3-py3-none-any.whl (16.2 kB view details)

Uploaded Python 3

File details

Details for the file pydepsdev-0.2.3.tar.gz.

File metadata

  • Download URL: pydepsdev-0.2.3.tar.gz
  • Upload date:
  • Size: 18.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for pydepsdev-0.2.3.tar.gz
Algorithm Hash digest
SHA256 c009e35eeb1f33632044ac23597ada38221fdac27d075be1cab73914317e4eef
MD5 572f06aa5cde7a9046555e152fc18b56
BLAKE2b-256 d63f652eb5ca0ea80eda43197a3d132dacfb6f1b1b7d91a4e0b5bde180c80173

See more details on using hashes here.

File details

Details for the file pydepsdev-0.2.3-py3-none-any.whl.

File metadata

  • Download URL: pydepsdev-0.2.3-py3-none-any.whl
  • Upload date:
  • Size: 16.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for pydepsdev-0.2.3-py3-none-any.whl
Algorithm Hash digest
SHA256 919d1320784b18c69953982cbbe96b593b9c0faf51b921e1bbe6860ae69da4f6
MD5 448565d6ae292a8eb29fdffd8b65d39a
BLAKE2b-256 2fc00b28a329276d81c0db6e85772441ef2cdc7e6fd880a4f1a3851a0bd49bd2

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page