Use the dependency review API to check for any dependabot alerts from manifest/snapshots that have been submitted to the head branch have vulns in the diff compared to the base...
DR api: https://docs.github.com/en/rest/dependency-graph/dependency-review?apiVersion=2026-03-10
Looks like it would also need to call the advisory database by the GHSA to check for the CVE : https://docs.github.com/en/rest/security-advisories/global-advisories?apiVersion=2026-03-10#get-a-global-security-advisory
Use the dependency review API to check for any dependabot alerts from manifest/snapshots that have been submitted to the head branch have vulns in the diff compared to the base...
DR api: https://docs.github.com/en/rest/dependency-graph/dependency-review?apiVersion=2026-03-10
Looks like it would also need to call the advisory database by the GHSA to check for the CVE : https://docs.github.com/en/rest/security-advisories/global-advisories?apiVersion=2026-03-10#get-a-global-security-advisory