Package

This document uses the REST API. For more details, see the Authentication for API page.

Get a package (Early Access)

get

Get package metadata for a specific package from an ecosystem.

Important: The security section of package_health refers to the latest_version of the package, not all versions. Since the overall_rating is computed from all health sections (including security), it is also influenced by the latest version's security data.

Supported Ecosystems: npm, pypi, maven, nuget, golang

Required permissions

View Organization (org.read)

Authorizations

AuthorizationstringRequired

API key value must be prefixed with "Token ".

Path parameters

org_idstring · uuidRequired

Org ID

ecosystemstring · enumRequired

The package ecosystem

Example: npmPossible values:

package_namestringRequired

Package name (URL encoded if needed)

Example: express

Query parameters

versionstringRequired

Requested API version

Example: 2025-11-05Pattern:

^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$

Responses

200

Returns package metadata

application/vnd.api+json

400

Bad Request: A parameter provided as a part of the request was invalid.

application/vnd.api+json

401

Unauthorized: the request requires an authentication token.

application/vnd.api+json

403

Forbidden: the request requires an authentication token with more or different permissions.

application/vnd.api+json

404

Not Found: The resource being operated on could not be found.

application/vnd.api+json

409

Conflict: The requested operation conflicts with the current state of the resource in some way.

application/vnd.api+json

500

Internal Server Error: An error was encountered while attempting to process the request.

application/vnd.api+json

get

/orgs/{org_id}/ecosystems/{ecosystem}/packages/{package_name}

GET /rest/orgs/{org_id}/ecosystems/{ecosystem}/packages/{package_name}?version=2025-11-05 HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": {
    "attributes": {
      "ecosystem": "npm",
      "language": "JavaScript",
      "latest_version": "4.19.2",
      "owner_details": {
        "followers_count": 123,
        "location": "somewhere",
        "name": "expressjs",
        "repositories_count": 45,
        "total_stars": 65000
      },
      "package_details": {
        "homepage_url": "https://expressjs.com",
        "registry_url": "https://www.npmjs.com/package/express",
        "repository_url": "https://github.com/expressjs/express"
      },
      "package_health": {
        "community": {
          "description": "...",
          "has_code_of_conduct_file": true,
          "has_contributing_file": true,
          "has_funding_file": false,
          "has_readme_file": true,
          "rating": "Active",
          "stargazers_count": 75000
        },
        "description": "The package has mixed or concerning signals that require closer review. Applies to medium, high, and critical vulnerabilities. Low-severity vulnerabilities are excluded.",
        "maintenance": {
          "description": "...",
          "first_release_published_at": "2010-01-03T00:00:00Z",
          "forks_count": 66,
          "is_archived": false,
          "is_forked": false,
          "latest_release_number": "4.19.2",
          "latest_release_published_at": "2024-10-08T00:00:00Z",
          "lifecycle": "active",
          "rating": "Healthy",
          "total_versions_count": 760
        },
        "overall_rating": "Review recommended",
        "popularity": {
          "dependent_packages_count": 280,
          "dependent_repos_count": 65000,
          "description": "...",
          "downloads": 12000,
          "rating": "Influential project"
        },
        "security": {
          "description": "...",
          "direct_vulnerabilities": true,
          "direct_vulnerabilities_total": 3,
          "rating": "Security issues found"
        }
      },
      "package_id": "pkg:npm/express",
      "package_name": "express"
    },
    "id": "pkg:npm/express",
    "type": "package"
  },
  "jsonapi": {
    "version": "1.0"
  },
  "links": {
    "self": "https://api.snyk.io/rest/orgs/12345/ecosystems/npm/packages/express?version=2024-10-15"
  }
}

PreviousPackage Version NextPersonalAccessToken

Last updated 2 months ago

Was this helpful?

{ "data": { "attributes": { "ecosystem": "npm", "language": "JavaScript", "latest_version": "4.19.2", "owner_details": { "followers_count": 123, "location": "somewhere", "name": "expressjs", "repositories_count": 45, "total_stars": 65000 }, "package_details": { "homepage_url": "https://expressjs.com", "registry_url": "https://www.npmjs.com/package/express", "repository_url": "https://github.com/expressjs/express" }, "package_health": { "community": { "description": "...", "has_code_of_conduct_file": true, "has_contributing_file": true, "has_funding_file": false, "has_readme_file": true, "rating": "Active", "stargazers_count": 75000 }, "description": "The package has mixed or concerning signals that require closer review. Applies to medium, high, and critical vulnerabilities. Low-severity vulnerabilities are excluded.", "maintenance": { "description": "...", "first_release_published_at": "2010-01-03T00:00:00Z", "forks_count": 66, "is_archived": false, "is_forked": false, "latest_release_number": "4.19.2", "latest_release_published_at": "2024-10-08T00:00:00Z", "lifecycle": "active", "rating": "Healthy", "total_versions_count": 760 }, "overall_rating": "Review recommended", "popularity": { "dependent_packages_count": 280, "dependent_repos_count": 65000, "description": "...", "downloads": 12000, "rating": "Influential project" }, "security": { "description": "...", "direct_vulnerabilities": true, "direct_vulnerabilities_total": 3, "rating": "Security issues found" } }, "package_id": "pkg:npm/express", "package_name": "express" }, "id": "pkg:npm/express", "type": "package" }, "jsonapi": { "version": "1.0" }, "links": { "self": "https://api.snyk.io/rest/orgs/12345/ecosystems/npm/packages/express?version=2024-10-15" } }

hashtagGet a package (Early Access)

Required permissions

Get a package (Early Access)