Get Issues By Revision

gethttps://app.fossa.com/api/v2/issues/revisions

Retrieve issue metadata that is grouped by revision

Query parameters

categoryenumrequired

Issue category

licensingvulnerabilityquality
statusenum

Issue status

activeignored
scope[type]enumrequired

Scope of issues to view / update

globalprojectreleaseGroup
scope[id]string

Project or release group ID (required when scope[type] is "project" or "releaseGroup")

scope[revision]string

Revision ID (when scope[type] is "project")

scope[revisionScanId]integer <int32>

Revision scan ID (when scope[type] is "project")

scope[release]string

Release group ID (when scope[type] is "releaseGroup")

scope[releaseScanId]string

Release scan ID (when scope[type] is "releaseGroup")

scope[compareTo][revision]string

The revision ID to compare issues with. Only available for Project Scope.

scope[compareTo][changeStatus]enum

The status of issues to fetch when comparing issues. - New issues are present in the current revision but not in the comparison revision. - Remediated issues are present in the comparison revision but not in the current revision. - Unchanged issues are present in both revisions. Only available for Project Scope.

newremediatedunchanged
ids[]integer[]

Filter by specific issue IDs

filter[revisionIds][]string[]

Filter by specific revision IDs

filter[search]string

Filter by package name or CVE (when category is "vulnerability")

filter[depths][]enum[]

Filter by issue depth

filter[ticketed][]enum[]

Filter by ticketed status. Only available to premium users.

filter[containerLayers][]enum[]

Filter by container layer

filter[type][]enum[]

Filter by licensing issue type (when category is "licensing") or quality issue type (when category is "quality")

filter[packageManagers][]string[]

Filter by specific package managers

filter[projectLabels][]string[]

Filter by specific project labels

filter[identification][]enum[]

Filter by license identification (when category is "licensing")

filter[severity][]enum[]

Filter by vuln severity (when category is "vulnerability")

filter[foundAfter]string <date-time>

Include only issues found on after a given ISO timestamp. Only available to premium users

filter[hasFix][]enum[]

Filter by vuln fixability (when category is "vulnerability")

filter[upgradeDistance][]enum[]

Filter by vuln upgrade distance (when category is "vulnerability")

filter[exploitMaturity][]enum[]

Filter by vuln exploit maturity (when category is "vulnerability")

filter[ignoreReason][]enum[]

Filter by vuln ignore reason (when category is "vulnerability") This value appears in the vulnerabilities.analysis.detail field in CycloneDX SBOM reports

filter[licenses][]string[]

Filter by issues affected by a set of license ID's (when category is "licensing")

filter[issueSource][]enum[]

Filter by issue source. Use 'dependency' and 'snippet' to filter by whether the issue comes from a dependency or a code snippet. When the vendored dependency detection feature is enabled, use 'managed-dependency' and 'vendored-dependency' to filter dependency issues by whether the dependency is managed or vendored.

sortenum

Sort by package name, when the issue was created, or total number of issues

package_ascpackage_desccreated_at_asccreated_at_descissue_count_ascissue_count_descepss_ascepss_desc
pageinteger

The specific page of data to return

countinteger

The number of items to return in each page of results

teamIdstring | string[] | enum

Filter issues by one or more team IDs. Accepts a single team ID, an array of team IDs, or the literal string `"null"` to scope to unassigned projects. Requires the `View` permission on each requested team; otherwise the request is rejected with a `403`. Ignored for organizations on the free tier.

Responses

200Issue revisions response
revisionsobject[]
revisionIdstring
dependencyNamestring
issueCountinteger
projectCountinteger
jiraTicketCountinteger
depthobject
directinteger
transitiveinteger
typeobject
202Empty results with a message indicating the scoped project's build status
messagestring
revisionsobject[]
revisionIdstring
dependencyNamestring
issueCountinteger
projectCountinteger
jiraTicketCountinteger
depthobject
directinteger
transitiveinteger
typeobject
400Bad Request
uuidstring

Unique identifier associated with the error

codeinteger

fossa specific error code

messagestring

message associated with this error

namestring

name of the error

httpStatusCodeinteger

http status code number

403Forbidden
uuidstring

Unique identifier associated with the error

codeinteger

fossa specific error code

messagestring

message associated with this error

namestring

name of the error

httpStatusCodeinteger

http status code number

500Server Error
uuidstring

Unique identifier associated with the error

codeinteger

fossa specific error code

messagestring

message associated with this error

namestring

name of the error

httpStatusCodeinteger

http status code number

Try this endpoint

Build a request and run it against app.fossa.com.

Bearer

Stored in this browser for 24 hours. Try It uses a docs proxy for CORS and does not store tokens server-side.

GET https://app.fossa.com/api/v2/issues/revisions
curl --request GET \  --url 'https://app.fossa.com/api/v2/issues/revisions' \  --header 'accept: application/json' \  --header 'authorization: Bearer YOUR_API_TOKEN'

Real request. Mutating methods can change data.

Click Try It to run a request and see the response here.
Enter a Bearer token before running this request.

Query params

categoryenumrequired

Issue category

statusenum

Issue status

scope[type]enumrequired

Scope of issues to view / update

scope[id]string

Project or release group ID (required when scope[type] is "project" or "releaseGroup")

scope[revision]string

Revision ID (when scope[type] is "project")

scope[revisionScanId]integer

Revision scan ID (when scope[type] is "project")

scope[release]string

Release group ID (when scope[type] is "releaseGroup")

scope[releaseScanId]string

Release scan ID (when scope[type] is "releaseGroup")

scope[compareTo][revision]string

The revision ID to compare issues with. Only available for Project Scope.

scope[compareTo][changeStatus]enum

The status of issues to fetch when comparing issues. - New issues are present in the current revision but not in the comparison revision. - Remediated issues are present in the comparison revision but not in the current revision. - Unchanged issues are present in both revisions. Only available for Project Scope.

ids[]array

Filter by specific issue IDs

filter[revisionIds][]array

Filter by specific revision IDs

filter[search]string

Filter by package name or CVE (when category is "vulnerability")

filter[depths][]array

Filter by issue depth

filter[ticketed][]array

Filter by ticketed status. Only available to premium users.

filter[containerLayers][]array

Filter by container layer

filter[type][]string

Filter by licensing issue type (when category is "licensing") or quality issue type (when category is "quality")

filter[packageManagers][]array

Filter by specific package managers

filter[projectLabels][]array

Filter by specific project labels

filter[identification][]array

Filter by license identification (when category is "licensing")

filter[severity][]array

Filter by vuln severity (when category is "vulnerability")

filter[foundAfter]string

Include only issues found on after a given ISO timestamp. Only available to premium users

filter[hasFix][]array

Filter by vuln fixability (when category is "vulnerability")

filter[upgradeDistance][]array

Filter by vuln upgrade distance (when category is "vulnerability")

filter[exploitMaturity][]array

Filter by vuln exploit maturity (when category is "vulnerability")

filter[ignoreReason][]array

Filter by vuln ignore reason (when category is "vulnerability") This value appears in the vulnerabilities.analysis.detail field in CycloneDX SBOM reports

filter[licenses][]array

Filter by issues affected by a set of license ID's (when category is "licensing")

filter[issueSource][]string

Filter by issue source. Use 'dependency' and 'snippet' to filter by whether the issue comes from a dependency or a code snippet. When the vendored dependency detection feature is enabled, use 'managed-dependency' and 'vendored-dependency' to filter dependency issues by whether the dependency is managed or vendored.

sortenum

Sort by package name, when the issue was created, or total number of issues

pageinteger

The specific page of data to return

countinteger

The number of items to return in each page of results

teamIdstring

Filter issues by one or more team IDs. Accepts a single team ID, an array of team IDs, or the literal string `"null"` to scope to unassigned projects. Requires the `View` permission on each requested team; otherwise the request is rejected with a `403`. Ignored for organizations on the free tier.