dependabit / manifest/src / addDependency
Function: addDependency()
function addDependency(path, dependency): Promise<{
dependencies: {
accessMethod: "context7" | "arxiv" | "openapi" | "github-api" | "http";
auth?: {
secretEnvVar?: string;
type: "token" | "oauth" | "basic" | "none";
};
changeHistory: {
detectedAt: string;
falsePositive: boolean;
issueNumber?: number;
newVersion?: string;
oldVersion?: string;
severity: "breaking" | "major" | "minor";
}[];
currentStateHash: string;
currentVersion?: string;
description?: string;
detectedAt: string;
detectionConfidence: number;
detectionMethod: | "llm-analysis"
| "manual"
| "package-json"
| "requirements-txt"
| "code-comment";
id: string;
lastChanged?: string;
lastChecked: string;
monitoring?: {
checkFrequency: "hourly" | "daily" | "weekly" | "monthly";
enabled: boolean;
ignoreChanges: boolean;
severityOverride?: "breaking" | "major" | "minor";
};
name: string;
referencedIn: {
context?: string;
file: string;
line?: number;
}[];
type: | "reference-implementation"
| "schema"
| "documentation"
| "research-paper"
| "api-example"
| "other";
url: string;
}[];
generatedAt: string;
generatedBy: {
action: string;
llmModel?: string;
llmProvider: string;
version: string;
};
repository: {
branch: string;
commit: string;
name: string;
owner: string;
};
statistics: {
averageConfidence: number;
byAccessMethod: Record<string, number>;
byDetectionMethod: Record<string, number>;
byType: Record<string, number>;
falsePositiveRate?: number;
totalDependencies: number;
};
version: "1.0.0";
}>;Defined in: packages/manifest/src/manifest.ts:145
Appends a new dependency entry to the on-disk manifest.
Parameters
| Parameter | Type | Description |
|---|---|---|
path | string | Path to the manifest file. |
dependency | { accessMethod: "context7" | "arxiv" | "openapi" | "github-api" | "http"; auth?: { secretEnvVar?: string; type: "token" | "oauth" | "basic" | "none"; }; changeHistory: { detectedAt: string; falsePositive: boolean; issueNumber?: number; newVersion?: string; oldVersion?: string; severity: "breaking" | "major" | "minor"; }[]; currentStateHash: string; currentVersion?: string; description?: string; detectedAt: string; detectionConfidence: number; detectionMethod: | "llm-analysis" | "manual" | "package-json" | "requirements-txt" | "code-comment"; id: string; lastChanged?: string; lastChecked: string; monitoring?: { checkFrequency: "hourly" | "daily" | "weekly" | "monthly"; enabled: boolean; ignoreChanges: boolean; severityOverride?: "breaking" | "major" | "minor"; }; name: string; referencedIn: { context?: string; file: string; line?: number; }[]; type: | "reference-implementation" | "schema" | "documentation" | "research-paper" | "api-example" | "other"; url: string; } | The new DependencyEntry to add. |
dependency.accessMethod | "context7" | "arxiv" | "openapi" | "github-api" | "http" | - |
dependency.auth? | { secretEnvVar?: string; type: "token" | "oauth" | "basic" | "none"; } | - |
dependency.auth.secretEnvVar? | string | - |
dependency.auth.type | "token" | "oauth" | "basic" | "none" | - |
dependency.changeHistory | { detectedAt: string; falsePositive: boolean; issueNumber?: number; newVersion?: string; oldVersion?: string; severity: "breaking" | "major" | "minor"; }[] | - |
dependency.currentStateHash | string | - |
dependency.currentVersion? | string | - |
dependency.description? | string | - |
dependency.detectedAt | string | - |
dependency.detectionConfidence | number | - |
dependency.detectionMethod | | "llm-analysis" | "manual" | "package-json" | "requirements-txt" | "code-comment" | - |
dependency.id | string | - |
dependency.lastChanged? | string | - |
dependency.lastChecked | string | - |
dependency.monitoring? | { checkFrequency: "hourly" | "daily" | "weekly" | "monthly"; enabled: boolean; ignoreChanges: boolean; severityOverride?: "breaking" | "major" | "minor"; } | - |
dependency.monitoring.checkFrequency | "hourly" | "daily" | "weekly" | "monthly" | - |
dependency.monitoring.enabled | boolean | - |
dependency.monitoring.ignoreChanges | boolean | - |
dependency.monitoring.severityOverride? | "breaking" | "major" | "minor" | - |
dependency.name | string | - |
dependency.referencedIn | { context?: string; file: string; line?: number; }[] | - |
dependency.type | | "reference-implementation" | "schema" | "documentation" | "research-paper" | "api-example" | "other" | - |
dependency.url | string | - |
Returns
Promise<{ dependencies: { accessMethod: "context7" | "arxiv" | "openapi" | "github-api" | "http"; auth?: { secretEnvVar?: string; type: "token" | "oauth" | "basic" | "none"; }; changeHistory: { detectedAt: string; falsePositive: boolean; issueNumber?: number; newVersion?: string; oldVersion?: string; severity: "breaking" | "major" | "minor"; }[]; currentStateHash: string; currentVersion?: string; description?: string; detectedAt: string; detectionConfidence: number; detectionMethod: | "llm-analysis" | "manual" | "package-json" | "requirements-txt" | "code-comment"; id: string; lastChanged?: string; lastChecked: string; monitoring?: { checkFrequency: "hourly" | "daily" | "weekly" | "monthly"; enabled: boolean; ignoreChanges: boolean; severityOverride?: "breaking" | "major" | "minor"; }; name: string; referencedIn: { context?: string; file: string; line?: number; }[]; type: | "reference-implementation" | "schema" | "documentation" | "research-paper" | "api-example" | "other"; url: string; }[]; generatedAt: string; generatedBy: { action: string; llmModel?: string; llmProvider: string; version: string; }; repository: { branch: string; commit: string; name: string; owner: string; }; statistics: { averageConfidence: number; byAccessMethod: Record<string, number>; byDetectionMethod: Record<string, number>; byType: Record<string, number>; falsePositiveRate?: number; totalDependencies: number; }; version: "1.0.0"; }>
The updated manifest.
Throws
If a dependency with the same id or url already exists.
Pitfalls
- Duplicate URL detection is exact-match only. Trailing slashes or fragment identifiers will not be treated as duplicates.
- Same race condition as updateDependency applies.