Package Version

This document uses the REST API. For more details, see the Authentication for API page.

Get a package version (Early Access)

get

Get package version metadata for a specific version of a package from an ecosystem.

Important: The security section of package_health refers to the specific version in the request, not the latest version. Since the overall_rating is computed from all health sections (including security), it is also influenced by this version's security data.

Supported Ecosystems: npm, pypi, maven, nuget, golang

Version Format: Accepts standard semantic versioning formats (e.g., 1.2.3, v1.2.3). Note: Golang commit hashes are NOT supported as version identifiers. Use tagged versions only.

Required permissions

View Organization (org.read)

Authorizations

AuthorizationstringRequired

API key value must be prefixed with "Token ".

Path parameters

org_idstring · uuidRequired

Org ID

ecosystemstring · enumRequired

The package ecosystem

Example: npmPossible values:

package_namestringRequired

Package name (URL encoded if needed)

Example: express

package_versionstringRequired

Package version (URL encoded if needed). Accepts semantic versioning formats (e.g., 1.2.3, v1.2.3). Note: Golang commit hashes are NOT supported.

Example: 4.19.2

Query parameters

versionstringRequired

Requested API version

Example: 2025-11-05Pattern:

^(wip|work-in-progress|experimental|beta|((([0-9]{4})-([0-1][0-9]))-((3[01])|(0[1-9])|([12][0-9]))(~(wip|work-in-progress|experimental|beta))?))$

Responses

200

Returns package version metadata

application/vnd.api+json

400

Bad Request: A parameter provided as a part of the request was invalid.

application/vnd.api+json

401

Unauthorized: the request requires an authentication token.

application/vnd.api+json

403

Forbidden: the request requires an authentication token with more or different permissions.

application/vnd.api+json

404

Not Found: The resource being operated on could not be found.

application/vnd.api+json

409

Conflict: The requested operation conflicts with the current state of the resource in some way.

application/vnd.api+json

500

Internal Server Error: An error was encountered while attempting to process the request.

application/vnd.api+json

get

/orgs/{org_id}/ecosystems/{ecosystem}/packages/{package_name}/versions/{package_version}

GET /rest/orgs/{org_id}/ecosystems/{ecosystem}/packages/{package_name}/versions/{package_version}?version=2025-11-05 HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": {
    "attributes": {
      "ecosystem": "npm",
      "language": "JavaScript",
      "latest_version_indicator": true,
      "owner_details": {
        "followers_count": 123,
        "location": "somewhere",
        "name": "expressjs",
        "repositories_count": 45,
        "total_stars": 65000
      },
      "package_details": {
        "download_url": "https://registry.npmjs.org/express/-/express-4.19.2.tgz",
        "homepage_url": "https://expressjs.com",
        "registry_url": "https://www.npmjs.com/package/express",
        "registry_version_url": "https://www.npmjs.com/package/express/v/4.19.2",
        "repository_url": "https://github.com/expressjs/express"
      },
      "package_health": {
        "community": {
          "description": "...",
          "has_code_of_conduct_file": true,
          "has_contributing_file": true,
          "has_funding_file": false,
          "has_readme_file": true,
          "rating": "Active",
          "stargazers_count": 75000
        },
        "description": "The package has mixed or concerning signals that require closer review. Applies to medium, high, and critical vulnerabilities. Low-severity vulnerabilities are excluded.",
        "maintenance": {
          "description": "...",
          "first_release_published_at": "2010-01-03T00:00:00Z",
          "forks_count": 66,
          "is_archived": false,
          "is_forked": false,
          "latest_release_number": "4.19.2",
          "latest_release_published_at": "2024-10-08T00:00:00Z",
          "lifecycle": "active",
          "rating": "Healthy",
          "total_versions_count": 760
        },
        "overall_rating": "Review recommended",
        "popularity": {
          "dependent_packages_count": 280,
          "dependent_repos_count": 65000,
          "description": "...",
          "downloads": 12000,
          "rating": "Influential project"
        },
        "security": {
          "description": "...",
          "direct_vulnerabilities": true,
          "direct_vulnerabilities_total": 3,
          "rating": "Security issues found"
        }
      },
      "package_id": "pkg:npm/express",
      "package_name": "express",
      "package_version": "4.19.2",
      "package_version_id": "pkg:npm/[email protected]",
      "published_at": "2024-10-08T00:00:00Z"
    },
    "id": "pkg:npm/[email protected]",
    "package_version": "4.19.2",
    "type": "package_version"
  },
  "jsonapi": {
    "version": "1.0"
  },
  "links": {
    "self": "https://api.snyk.io/rest/orgs/12345/ecosystems/npm/packages/express/versions/4.19.2?version=2024-10-15"
  }
}

PreviousOrgs NextPackage

Last updated 2 months ago

Was this helpful?

{ "data": { "attributes": { "ecosystem": "npm", "language": "JavaScript", "latest_version_indicator": true, "owner_details": { "followers_count": 123, "location": "somewhere", "name": "expressjs", "repositories_count": 45, "total_stars": 65000 }, "package_details": { "download_url": "https://registry.npmjs.org/express/-/express-4.19.2.tgz", "homepage_url": "https://expressjs.com", "registry_url": "https://www.npmjs.com/package/express", "registry_version_url": "https://www.npmjs.com/package/express/v/4.19.2", "repository_url": "https://github.com/expressjs/express" }, "package_health": { "community": { "description": "...", "has_code_of_conduct_file": true, "has_contributing_file": true, "has_funding_file": false, "has_readme_file": true, "rating": "Active", "stargazers_count": 75000 }, "description": "The package has mixed or concerning signals that require closer review. Applies to medium, high, and critical vulnerabilities. Low-severity vulnerabilities are excluded.", "maintenance": { "description": "...", "first_release_published_at": "2010-01-03T00:00:00Z", "forks_count": 66, "is_archived": false, "is_forked": false, "latest_release_number": "4.19.2", "latest_release_published_at": "2024-10-08T00:00:00Z", "lifecycle": "active", "rating": "Healthy", "total_versions_count": 760 }, "overall_rating": "Review recommended", "popularity": { "dependent_packages_count": 280, "dependent_repos_count": 65000, "description": "...", "downloads": 12000, "rating": "Influential project" }, "security": { "description": "...", "direct_vulnerabilities": true, "direct_vulnerabilities_total": 3, "rating": "Security issues found" } }, "package_id": "pkg:npm/express", "package_name": "express", "package_version": "4.19.2", "package_version_id": "pkg:npm/[email protected]", "published_at": "2024-10-08T00:00:00Z" }, "id": "pkg:npm/[email protected]", "package_version": "4.19.2", "type": "package_version" }, "jsonapi": { "version": "1.0" }, "links": { "self": "https://api.snyk.io/rest/orgs/12345/ecosystems/npm/packages/express/versions/4.19.2?version=2024-10-15" } }

hashtagGet a package version (Early Access)

Required permissions

Get a package version (Early Access)