New Compromised Dependency
Data Element for a Compromised Dependency
Overview
The tables below define the data elements available in the Workflow action for a Compromised Dependency Detected trigger.
Please note you will need to prepend all data elements with data.
Example: data.dependency_version.name
Event Metadata
9406
Unique identifier for the workflow execution
69
Unique identifier for the workflow definition
h4r>>github>>github_repository>>acme-demo>>demo-repo
Heeler resource identifier for the repository
927397705
Repository numeric identifier
https://github.com/acme-demo/demo-repo
Repository URL
Dependency Version
1
Unique identifier for the dependency version
test-package
Name of the compromised dependency
2.0.0
Version of the compromised dependency
null
Declared version constraint from the manifest (when available)
pypi
Package ecosystem where the dependency originates
true
Indicates whether the dependency is currently active
true
Indicates the dependency was detected in source code
false
Indicates the dependency was observed at runtime
null
Indicates whether this is a direct dependency (when known)
2026-02-03T15:26:31.268883
First time the dependency version was observed
2026-02-03T15:26:31.268883
Most recent observation of the dependency version
2026-02-03T15:26:31.268882
Timestamp when the dependency was introduced
def456
Commit that introduced the dependency
["3","4"]
Line numbers where the dependency was introduced
2026-02-03T15:26:31.268883
Last known observation timestamp
def456
Commit where the dependency was last observed
["3","4"]
Line numbers where the dependency was last observed
unknown
Indicates whether the dependency version is pinned
Malicious Package
1
Unique identifier for the malicious package record
test-package
Name of the malicious package
2.0.0
Version identified as malicious or compromised
maven
Package ecosystem associated with the malicious package
2026-02-03T15:26:31.268825
Publish timestamp of the malicious package version
2026-02-03T15:26:31.268827
Last modification timestamp for the malicious package record
null
Short summary describing the malicious behavior (when available)
null
Detailed description of the malicious activity (when available)
null
External references or advisories related to the malicious package (when available)
Code Root
1
Unique identifier for the code root
h4r>>github>>github_repository>>acme-demo>>demo-repo
Repository identifier associated with the code root
requirements.txt
File where the compromised dependency was detected
Path within the repository (when applicable)
pypi
Dependency ecosystem
2024-10-09T21:43:50
Commit timestamp for the code root
2025-01-07T17:28:40.241944
Timestamp when the code root record was created
2026-01-08T08:18:14.508890
Timestamp when the code root record was last updated
http://app.heeler.com/.../modules/1
Direct link to the module (code root) in Heeler
Resource (Repository)
927397705
Internal identifier for the repository
acme-demo
Organization that owns the repository
demo-repo
Repository name
acme-demo/demo-repo
Fully qualified repository name
Go
Primary programming language
main
Default branch of the repository
true
Indicates whether the repository is private
internal
Visibility level of the repository in Heeler
https://github.com/acme-demo/demo-repo
Repository URL
https://github.com/acme-demo/demo-repo.git
Git clone URL
http://app.heeler.com/.../repositories/...
Direct link to the repository in the Heeler UI
Team (Optional Context)
1
Internal identifier for the team (when included)
You're Awesome Demo Team
Team name (when included)
Last updated
Was this helpful?