Get Package Index Export

gethttps://app.fossa.com/api/packages/report

Request an export of the package index with the applied set of filters. The export will be generated asynchronously and a link to the export will be emailed to you.

Query parameters

fetchersenum[]

Filter packages to those from the specified fetchers. For example, fetchers[0]=npm&fetchers[1]=apk will match all NPM packages and all APK packages.

packageNamestring

Filter results to only packages with the specified name. Supports partial matches. For example "foo" will match "foo", "foobar", and "foo-bar".

depthenum[]

Filter results to only include packages which are direct or transitive dependencies of your projects.

labelsstring[]

Filter packages to those belonging to your projects with the specified labels.

projectNamestring

Filter packages to only one of your specific projects. Exact match only.

sourcesstring[]

Filter packages to those belonging to your projects from the specified set of sources

visibilityenum[]

Filter results to your projects which are public or private

blockTypesenum[]

Filter packages to include only packages that do or do not have packages as dependencies which are blocked by your organization

cvestring

Filter packages to those with vulnerabilities that have specific Common Vulnerabilities and Exposures (CVE) identifiers

cwesstring[]

Filter packages to those with vulnerabilities that have specific Common Weakness Enumeration (CWE) identifiers

locatorsstring[]

Filter packages to those with specific package locators (exact match only)

fixTypesenum[]

Filter packages to those with vulnerabilities that either have or do not have a fix available

severitiesenum[]

Filter packages by severity levels of issues

teamIdsnumber[]

Filter packages to just those owned by the specified teams. Specify the string "null" to filter packages that are not owned by any team.

Responses

201The report generation task was created successfully. This does not mean the job completed successfully -- when the job is complete, you will receive an email with a link to download the report.
taskobject
taskstring
jobTokenstring
targetstring

Email address where the report link will be sent

400Bad request
uuidstring

Unique identifier associated with the error

codeinteger

fossa specific error code

messagestring

message associated with this error

namestring

name of the error

httpStatusCodeinteger

http status code number

403Forbidden
uuidstring

Unique identifier associated with the error

codeinteger

fossa specific error code

messagestring

message associated with this error

namestring

name of the error

httpStatusCodeinteger

http status code number

Try this endpoint

Build a request and run it against app.fossa.com.

Bearer

Stored in this browser for 24 hours. Try It uses a docs proxy for CORS and does not store tokens server-side.

GET https://app.fossa.com/api/packages/report
curl --request GET \  --url 'https://app.fossa.com/api/packages/report' \  --header 'accept: application/json'

Real request. Mutating methods can change data.

Click Try It to run a request and see the response here.

Query params

fetchersarray

Filter packages to those from the specified fetchers. For example, fetchers[0]=npm&fetchers[1]=apk will match all NPM packages and all APK packages.

packageNamestring

Filter results to only packages with the specified name. Supports partial matches. For example "foo" will match "foo", "foobar", and "foo-bar".

deptharray

Filter results to only include packages which are direct or transitive dependencies of your projects.

labelsarray

Filter packages to those belonging to your projects with the specified labels.

projectNamestring

Filter packages to only one of your specific projects. Exact match only.

sourcesarray

Filter packages to those belonging to your projects from the specified set of sources

visibilityarray

Filter results to your projects which are public or private

blockTypesarray

Filter packages to include only packages that do or do not have packages as dependencies which are blocked by your organization

cvestring

Filter packages to those with vulnerabilities that have specific Common Vulnerabilities and Exposures (CVE) identifiers

cwesarray

Filter packages to those with vulnerabilities that have specific Common Weakness Enumeration (CWE) identifiers

locatorsarray

Filter packages to those with specific package locators (exact match only)

fixTypesarray

Filter packages to those with vulnerabilities that either have or do not have a fix available

severitiesarray

Filter packages by severity levels of issues

teamIdsarray

Filter packages to just those owned by the specified teams. Specify the string "null" to filter packages that are not owned by any team.