Replies: 3 comments
-
Hi, If you need to query the version range, you can omit the {
"package": {
"name": "@apollo/client",
"ecosystem": "npm"
}
} May I ask what your use-case is that you need to do this? |
Beta Was this translation helpful? Give feedback.
-
@giftcup circling back on the request for more detail on your particular use case |
Beta Was this translation helpful? Give feedback.
-
I was trying to build a tool that would detect vulnerable packages in a package.json file without creating the package-lock.json. I thought I could query the package with the version ranges like those listed on a package.json file. Sorry for the late reply. |
Beta Was this translation helpful? Give feedback.
-
How would you query for vulnerabilities that are related to a range of versions for of an npm package?
For example, if you have a package listed as follows; "@apollo/client": "^3.0.0" in the package.json file, how would you query for all vulnerabilities that are related to the package's versions using the OSV api?
Beta Was this translation helpful? Give feedback.
All reactions