Get Issues By Revision
https://app.fossa.com/api/v2/issues/revisionsRetrieve issue metadata that is grouped by revision
Query parameters
categoryenumrequiredIssue category
licensingvulnerabilityqualitystatusenumIssue status
activeignoredscope[type]enumrequiredScope of issues to view / update
globalprojectreleaseGroupscope[id]stringProject or release group ID (required when scope[type] is "project" or "releaseGroup")
scope[revision]stringRevision ID (when scope[type] is "project")
scope[revisionScanId]integer <int32>Revision scan ID (when scope[type] is "project")
scope[release]stringRelease group ID (when scope[type] is "releaseGroup")
scope[releaseScanId]stringRelease scan ID (when scope[type] is "releaseGroup")
scope[compareTo][revision]stringThe revision ID to compare issues with. Only available for Project Scope.
scope[compareTo][changeStatus]enumThe status of issues to fetch when comparing issues. - New issues are present in the current revision but not in the comparison revision. - Remediated issues are present in the comparison revision but not in the current revision. - Unchanged issues are present in both revisions. Only available for Project Scope.
newremediatedunchangedids[]integer[]Filter by specific issue IDs
filter[revisionIds][]string[]Filter by specific revision IDs
filter[search]stringFilter by package name or CVE (when category is "vulnerability")
filter[depths][]enum[]Filter by issue depth
filter[ticketed][]enum[]Filter by ticketed status. Only available to premium users.
filter[containerLayers][]enum[]Filter by container layer
filter[type][]enum[]Filter by licensing issue type (when category is "licensing") or quality issue type (when category is "quality")
filter[packageManagers][]string[]Filter by specific package managers
filter[projectLabels][]string[]Filter by specific project labels
filter[identification][]enum[]Filter by license identification (when category is "licensing")
filter[severity][]enum[]Filter by vuln severity (when category is "vulnerability")
filter[foundAfter]string <date-time>Include only issues found on after a given ISO timestamp. Only available to premium users
filter[hasFix][]enum[]Filter by vuln fixability (when category is "vulnerability")
filter[upgradeDistance][]enum[]Filter by vuln upgrade distance (when category is "vulnerability")
filter[exploitMaturity][]enum[]Filter by vuln exploit maturity (when category is "vulnerability")
filter[ignoreReason][]enum[]Filter by vuln ignore reason (when category is "vulnerability") This value appears in the vulnerabilities.analysis.detail field in CycloneDX SBOM reports
filter[licenses][]string[]Filter by issues affected by a set of license ID's (when category is "licensing")
filter[issueSource][]enum[]Filter by issue source. Use 'dependency' and 'snippet' to filter by whether the issue comes from a dependency or a code snippet. When the vendored dependency detection feature is enabled, use 'managed-dependency' and 'vendored-dependency' to filter dependency issues by whether the dependency is managed or vendored.
sortenumSort by package name, when the issue was created, or total number of issues
package_ascpackage_desccreated_at_asccreated_at_descissue_count_ascissue_count_descepss_ascepss_descpageintegerThe specific page of data to return
countintegerThe number of items to return in each page of results
teamIdstring | string[] | enumFilter issues by one or more team IDs. Accepts a single team ID, an array of team IDs, or the literal string `"null"` to scope to unassigned projects. Requires the `View` permission on each requested team; otherwise the request is rejected with a `403`. Ignored for organizations on the free tier.
Responses
200Issue revisions responserevisionsobject[]revisionIdstringdependencyNamestringissueCountintegerprojectCountintegerjiraTicketCountintegerdepthobjectdirectintegertransitiveintegertypeobject202Empty results with a message indicating the scoped project's build statusmessagestringrevisionsobject[]revisionIdstringdependencyNamestringissueCountintegerprojectCountintegerjiraTicketCountintegerdepthobjectdirectintegertransitiveintegertypeobject400Bad RequestuuidstringUnique identifier associated with the error
codeintegerfossa specific error code
messagestringmessage associated with this error
namestringname of the error
httpStatusCodeintegerhttp status code number
403ForbiddenuuidstringUnique identifier associated with the error
codeintegerfossa specific error code
messagestringmessage associated with this error
namestringname of the error
httpStatusCodeintegerhttp status code number
500Server ErroruuidstringUnique identifier associated with the error
codeintegerfossa specific error code
messagestringmessage associated with this error
namestringname of the error
httpStatusCodeintegerhttp status code number
Try this endpoint
Build a request and run it against app.fossa.com.
Stored in this browser for 24 hours. Try It uses a docs proxy for CORS and does not store tokens server-side.
GET https://app.fossa.com/api/v2/issues/revisionscurl --request GET \ --url 'https://app.fossa.com/api/v2/issues/revisions' \ --header 'accept: application/json' \ --header 'authorization: Bearer YOUR_API_TOKEN'Real request. Mutating methods can change data.
Query params
categoryenumrequiredIssue category
statusenumIssue status
scope[type]enumrequiredScope of issues to view / update
scope[id]stringProject or release group ID (required when scope[type] is "project" or "releaseGroup")
scope[revision]stringRevision ID (when scope[type] is "project")
scope[revisionScanId]integerRevision scan ID (when scope[type] is "project")
scope[release]stringRelease group ID (when scope[type] is "releaseGroup")
scope[releaseScanId]stringRelease scan ID (when scope[type] is "releaseGroup")
scope[compareTo][revision]stringThe revision ID to compare issues with. Only available for Project Scope.
scope[compareTo][changeStatus]enumThe status of issues to fetch when comparing issues. - New issues are present in the current revision but not in the comparison revision. - Remediated issues are present in the comparison revision but not in the current revision. - Unchanged issues are present in both revisions. Only available for Project Scope.
ids[]arrayFilter by specific issue IDs
filter[revisionIds][]arrayFilter by specific revision IDs
filter[search]stringFilter by package name or CVE (when category is "vulnerability")
filter[depths][]arrayFilter by issue depth
filter[ticketed][]arrayFilter by ticketed status. Only available to premium users.
filter[containerLayers][]arrayFilter by container layer
filter[type][]stringFilter by licensing issue type (when category is "licensing") or quality issue type (when category is "quality")
filter[packageManagers][]arrayFilter by specific package managers
filter[projectLabels][]arrayFilter by specific project labels
filter[identification][]arrayFilter by license identification (when category is "licensing")
filter[severity][]arrayFilter by vuln severity (when category is "vulnerability")
filter[foundAfter]stringInclude only issues found on after a given ISO timestamp. Only available to premium users
filter[hasFix][]arrayFilter by vuln fixability (when category is "vulnerability")
filter[upgradeDistance][]arrayFilter by vuln upgrade distance (when category is "vulnerability")
filter[exploitMaturity][]arrayFilter by vuln exploit maturity (when category is "vulnerability")
filter[ignoreReason][]arrayFilter by vuln ignore reason (when category is "vulnerability") This value appears in the vulnerabilities.analysis.detail field in CycloneDX SBOM reports
filter[licenses][]arrayFilter by issues affected by a set of license ID's (when category is "licensing")
filter[issueSource][]stringFilter by issue source. Use 'dependency' and 'snippet' to filter by whether the issue comes from a dependency or a code snippet. When the vendored dependency detection feature is enabled, use 'managed-dependency' and 'vendored-dependency' to filter dependency issues by whether the dependency is managed or vendored.
sortenumSort by package name, when the issue was created, or total number of issues
pageintegerThe specific page of data to return
countintegerThe number of items to return in each page of results
teamIdstringFilter issues by one or more team IDs. Accepts a single team ID, an array of team IDs, or the literal string `"null"` to scope to unassigned projects. Requires the `View` permission on each requested team; otherwise the request is rejected with a `403`. Ignored for organizations on the free tier.