Get Issue Diff Comparison Summaries

gethttps://app.fossa.com/api/v2/issues/compare/summaries

Retrieve the counts for the different change statuses when in Issue Comparison mode. Supports both Project (revision comparison) and Release Group (release comparison) scopes.

Query parameters

categoryenumrequired

Issue category

licensingvulnerabilityquality
scope[type]enumrequired

Scope of issues to view

projectreleaseGroup
scope[id]string

Project or release group ID (required when scope[type] is "project" or "releaseGroup")

scope[revision]string

Revision ID (when scope[type] is "project")

scope[revisionScanId]integer <int32>

Revision scan ID (when scope[type] is "project")

scope[release]string

Release group ID (when scope[type] is "releaseGroup")

scope[releaseScanId]string

Release scan ID (when scope[type] is "releaseGroup")

scope[compareTo][revision]string

The revision ID to compare issues with. Only available for Project Scope.

scope[compareTo][release]string

The release ID to compare issues with. Only available for Release Group Scope.

scope[compareTo][changeStatus]enum

The status of issues to fetch when comparing issues. - New issues are present in the current revision but not in the comparison revision. - Remediated issues are present in the comparison revision but not in the current revision. - Unchanged issues are present in both revisions. Only available for Project Scope.

newremediatedunchanged
ids[]integer[]

Filter by specific issue IDs

filter[revisionIds][]string[]

Filter by specific revision IDs

filter[search]string

Filter by package name or CVE (when category is "vulnerability")

filter[depths][]enum[]

Filter by issue depth

filter[ticketed][]enum[]

Filter by ticketed status. Only available to premium users.

filter[containerLayers][]enum[]

Filter by container layer

filter[type][]enum[]

Filter by licensing issue type (when category is "licensing") or quality issue type (when category is "quality")

filter[packageManagers][]string[]

Filter by specific package managers

filter[cwes][]string[]

Filter by specific CWE identifiers

filter[projectLabels][]string[]

Filter by specific project labels

filter[identification][]enum[]

Filter by license identification (when category is "licensing")

filter[severity][]enum[]

Filter by vuln severity (when category is "vulnerability")

filter[foundAfter]string <date-time>

Include only issues found on after a given ISO timestamp. Only available to premium users

filter[hasFix][]enum[]

Filter by vuln fixability (when category is "vulnerability")

filter[upgradeDistance][]enum[]

Filter by vuln upgrade distance (when category is "vulnerability")

filter[exploitMaturity][]enum[]

Filter by vuln exploit maturity (when category is "vulnerability")

filter[ignoreReason][]enum[]

Filter by vuln ignore reason (when category is "vulnerability") This value appears in the vulnerabilities.analysis.detail field in CycloneDX SBOM reports

filter[epss]object

Filter by epss 'score' or 'percentile'. All fields are required. Only available to premium users.

filter[confidence][]enum[]

Filter issues by their binary dependency confidence level(s)

filter[issueSource][]enum[]

Filter by issue source. Use 'dependency' and 'snippet' to filter by whether the issue comes from a dependency or a code snippet. When the vendored dependency detection feature is enabled, use 'managed-dependency' and 'vendored-dependency' to filter dependency issues by whether the dependency is managed or vendored.

Responses

200Vulnerability, licensing, or quality issues response
issuesobject
newinteger
remediatedinteger
unchangedinteger
revisionsobject
newinteger
remediatedinteger
unchangedinteger
400Bad Request
uuidstring

Unique identifier associated with the error

codeinteger

fossa specific error code

messagestring

message associated with this error

namestring

name of the error

httpStatusCodeinteger

http status code number

403Forbidden
uuidstring

Unique identifier associated with the error

codeinteger

fossa specific error code

messagestring

message associated with this error

namestring

name of the error

httpStatusCodeinteger

http status code number

406Not Acceptable
uuidstring

Unique identifier associated with the error

codeinteger

fossa specific error code

messagestring

message associated with this error

namestring

name of the error

httpStatusCodeinteger

http status code number

500Server Error
uuidstring

Unique identifier associated with the error

codeinteger

fossa specific error code

messagestring

message associated with this error

namestring

name of the error

httpStatusCodeinteger

http status code number

Try this endpoint

Build a request and run it against app.fossa.com.

Bearer

Stored in this browser for 24 hours. Try It uses a docs proxy for CORS and does not store tokens server-side.

GET https://app.fossa.com/api/v2/issues/compare/summaries
curl --request GET \  --url 'https://app.fossa.com/api/v2/issues/compare/summaries' \  --header 'accept: application/json' \  --header 'authorization: Bearer YOUR_API_TOKEN'

Real request. Mutating methods can change data.

Click Try It to run a request and see the response here.
Enter a Bearer token before running this request.

Query params

categoryenumrequired

Issue category

scope[type]enumrequired

Scope of issues to view

scope[id]string

Project or release group ID (required when scope[type] is "project" or "releaseGroup")

scope[revision]string

Revision ID (when scope[type] is "project")

scope[revisionScanId]integer

Revision scan ID (when scope[type] is "project")

scope[release]string

Release group ID (when scope[type] is "releaseGroup")

scope[releaseScanId]string

Release scan ID (when scope[type] is "releaseGroup")

scope[compareTo][revision]string

The revision ID to compare issues with. Only available for Project Scope.

scope[compareTo][release]string

The release ID to compare issues with. Only available for Release Group Scope.

scope[compareTo][changeStatus]enum

The status of issues to fetch when comparing issues. - New issues are present in the current revision but not in the comparison revision. - Remediated issues are present in the comparison revision but not in the current revision. - Unchanged issues are present in both revisions. Only available for Project Scope.

ids[]array

Filter by specific issue IDs

filter[revisionIds][]array

Filter by specific revision IDs

filter[search]string

Filter by package name or CVE (when category is "vulnerability")

filter[depths][]array

Filter by issue depth

filter[ticketed][]array

Filter by ticketed status. Only available to premium users.

filter[containerLayers][]array

Filter by container layer

filter[type][]string

Filter by licensing issue type (when category is "licensing") or quality issue type (when category is "quality")

filter[packageManagers][]array

Filter by specific package managers

filter[cwes][]array

Filter by specific CWE identifiers

filter[projectLabels][]array

Filter by specific project labels

filter[identification][]array

Filter by license identification (when category is "licensing")

filter[severity][]array

Filter by vuln severity (when category is "vulnerability")

filter[foundAfter]string

Include only issues found on after a given ISO timestamp. Only available to premium users

filter[hasFix][]array

Filter by vuln fixability (when category is "vulnerability")

filter[upgradeDistance][]array

Filter by vuln upgrade distance (when category is "vulnerability")

filter[exploitMaturity][]array

Filter by vuln exploit maturity (when category is "vulnerability")

filter[ignoreReason][]array

Filter by vuln ignore reason (when category is "vulnerability") This value appears in the vulnerabilities.analysis.detail field in CycloneDX SBOM reports

filter[epss]object

Filter by epss 'score' or 'percentile'. All fields are required. Only available to premium users.

filter[confidence][]array

Filter issues by their binary dependency confidence level(s)

filter[issueSource][]string

Filter by issue source. Use 'dependency' and 'snippet' to filter by whether the issue comes from a dependency or a code snippet. When the vendored dependency detection feature is enabled, use 'managed-dependency' and 'vendored-dependency' to filter dependency issues by whether the dependency is managed or vendored.