API to check outdated packages

Hi, I sometimes receive emails about outdated packages in my snap.
Is there any API I can use to check the current status?

Something like https://snapcraft.io/api/security/my_unsafe_snap

  "name": "my_unsafe_snap",
  "channels": {
    "stable": {
      "revision": 5,
      "outdatedPackages": [
          "packageName": "libglib2.0-0",
          "USNs": {
            "url": "https://ubuntu.com/security/notices/USN-4764-1",
            "code": "4764-1",
            "issue": "GLib could be made to create files if it opened a specially crafted archive."

I currently have a CI that rebuilds the snap weekly, but if such an API existed I could add a daily conditional rebuild.

You can locally run the review-tools snap’s check-notices command against your snap which gives you JSON output of affected USN’s for the snap’s stage-packages

$ review-tools.check-notices somesnap_80.snap


  "somesnap": {
    "80": {
      "libglib2.0-0": [
      "libtiff5": [

if you are doing this on a lot of snaps, you can pre-load the USN database with

$ cd $HOME/snap/review-tools/common
$ review-tools.fetch-usn-db database.json.bz2

and then do

$ review-tools.check-notices --no-fetch somesnap_80.snap

Amazing, thanks a lot. Is this documented anywhere on snap docs? :blush:

No, I don’t think so, but I can try and start one…

1 Like

Great thanks :smiley: If you do, please, link back here, so I can check it and eventually contribute :blush:

See Checking Ubuntu Security Notices for a snap


Thanks, great job! :smiley: