GitLab API icon

GitLab API

Gitlab
Join our community

Actions917

Overview

This node interacts with the GitLab API, specifically supporting the operation to quickly audit npm package security vulnerabilities via the endpoint `/api/v4/packages/npm/-/npm/v1/security/audits/quick`. It is useful for developers and DevOps teams who want to automate security checks on npm packages used in their projects, ensuring dependencies are safe and up to date.

Use Case Examples

  1. A developer automates security audits of npm packages in their CI/CD pipeline to catch vulnerabilities early.
  2. A security team integrates this node to regularly scan npm dependencies across multiple projects for known security issues.

Properties

Name Meaning
Skip Authentication Determines whether to skip authentication for the API request.
Authentication Specifies the authentication method to use, defaulting to GitLab API key authentication.
baseUrl The base URL of the GitLab instance to which the API requests are sent, defaulting to https://gitlab.com.
Method The HTTP method used for the API request, defaulting to GET but can be set to POST, PUT, DELETE, HEAD, or PATCH.
Parameter Schema Hidden property for the parameter schema of the POST operation to the npm security audits quick endpoint.
Request Body Schema Hidden property for the request body schema of the POST operation to the npm security audits quick endpoint.
Request Path Hidden property specifying the API endpoint path for the npm security audits quick operation.

Output

JSON

  • response - The JSON response from the GitLab API containing the results of the npm security audit.

Dependencies

  • GitLab API key credential

Troubleshooting

  • Ensure the GitLab API key credential is correctly configured and has the necessary permissions to access the npm security audit endpoint.
  • Verify the baseUrl is correct and accessible, especially if using a self-hosted GitLab instance.
  • Check that the HTTP method is set to POST for the npm security audit quick operation, as this endpoint requires a POST request.
  • If the request body schema is not correctly formed or missing required fields, the API may return validation errors.

Links

Discussion