Get Package Index Export
https://app.fossa.com/api/packages/reportRequest an export of the package index with the applied set of filters. The export will be generated asynchronously and a link to the export will be emailed to you.
Query parameters
fetchersenum[]Filter packages to those from the specified fetchers. For example, fetchers[0]=npm&fetchers[1]=apk will match all NPM packages and all APK packages.
packageNamestringFilter results to only packages with the specified name. Supports partial matches. For example "foo" will match "foo", "foobar", and "foo-bar".
depthenum[]Filter results to only include packages which are direct or transitive dependencies of your projects.
labelsstring[]Filter packages to those belonging to your projects with the specified labels.
projectNamestringFilter packages to only one of your specific projects. Exact match only.
sourcesstring[]Filter packages to those belonging to your projects from the specified set of sources
visibilityenum[]Filter results to your projects which are public or private
blockTypesenum[]Filter packages to include only packages that do or do not have packages as dependencies which are blocked by your organization
cvestringFilter packages to those with vulnerabilities that have specific Common Vulnerabilities and Exposures (CVE) identifiers
cwesstring[]Filter packages to those with vulnerabilities that have specific Common Weakness Enumeration (CWE) identifiers
locatorsstring[]Filter packages to those with specific package locators (exact match only)
fixTypesenum[]Filter packages to those with vulnerabilities that either have or do not have a fix available
severitiesenum[]Filter packages by severity levels of issues
teamIdsnumber[]Filter packages to just those owned by the specified teams. Specify the string "null" to filter packages that are not owned by any team.
Responses
201The report generation task was created successfully. This does not mean the job completed successfully -- when the job is complete, you will receive an email with a link to download the report.taskobjecttaskstringjobTokenstringtargetstringEmail address where the report link will be sent
400Bad requestuuidstringUnique identifier associated with the error
codeintegerfossa specific error code
messagestringmessage associated with this error
namestringname of the error
httpStatusCodeintegerhttp status code number
403ForbiddenuuidstringUnique identifier associated with the error
codeintegerfossa specific error code
messagestringmessage associated with this error
namestringname of the error
httpStatusCodeintegerhttp status code number
Try this endpoint
Build a request and run it against app.fossa.com.
Stored in this browser for 24 hours. Try It uses a docs proxy for CORS and does not store tokens server-side.
GET https://app.fossa.com/api/packages/reportcurl --request GET \ --url 'https://app.fossa.com/api/packages/report' \ --header 'accept: application/json'Real request. Mutating methods can change data.
Query params
fetchersarrayFilter packages to those from the specified fetchers. For example, fetchers[0]=npm&fetchers[1]=apk will match all NPM packages and all APK packages.
packageNamestringFilter results to only packages with the specified name. Supports partial matches. For example "foo" will match "foo", "foobar", and "foo-bar".
deptharrayFilter results to only include packages which are direct or transitive dependencies of your projects.
labelsarrayFilter packages to those belonging to your projects with the specified labels.
projectNamestringFilter packages to only one of your specific projects. Exact match only.
sourcesarrayFilter packages to those belonging to your projects from the specified set of sources
visibilityarrayFilter results to your projects which are public or private
blockTypesarrayFilter packages to include only packages that do or do not have packages as dependencies which are blocked by your organization
cvestringFilter packages to those with vulnerabilities that have specific Common Vulnerabilities and Exposures (CVE) identifiers
cwesarrayFilter packages to those with vulnerabilities that have specific Common Weakness Enumeration (CWE) identifiers
locatorsarrayFilter packages to those with specific package locators (exact match only)
fixTypesarrayFilter packages to those with vulnerabilities that either have or do not have a fix available
severitiesarrayFilter packages by severity levels of issues
teamIdsarrayFilter packages to just those owned by the specified teams. Specify the string "null" to filter packages that are not owned by any team.