Get Packages

gethttps://app.fossa.com/api/packages

Retrieve the number of projects that a dependency is used in and how many versions of it are blocked. This endpoint is paginated.

Query parameters

fetchersenum[]

Filter packages to those from the specified fetchers. For example, fetchers[0]=npm&fetchers[1]=apk will match all NPM packages and all APK packages.

packageNamestring

Filter results to only packages with the specified name. Supports partial matches. For example "foo" will match "foo", "foobar", and "foo-bar".

depthenum[]

Filter results to only include packages which are direct or transitive dependencies of your projects.

labelsstring[]

Filter packages to those belonging to your projects with the specified labels.

projectNamestring

Filter packages to only one of your specific projects. Exact match only.

sourcesstring[]

Filter packages to those belonging to your projects from the specified set of sources

visibilityenum[]

Filter results to your projects which are public or private

blockTypesenum[]

Filter packages to include only packages that do or do not have packages as dependencies which are blocked by your organization

cvestring

Filter packages to those with vulnerabilities that have specific Common Vulnerabilities and Exposures (CVE) identifiers

cwesstring[]

Filter packages to those with vulnerabilities that have specific Common Weakness Enumeration (CWE) identifiers

fixTypesenum[]

Filter packages to those with vulnerabilities that either have or do not have a fix available

severitiesenum[]

Filter packages by severity levels of issues

teamIdsnumber[]

Filter packages to just those owned by the specified teams. Specify the string "null" to filter packages that are not owned by any team.

locatorsstring[]

Filter packages by the specified dependency project locators without revision / version data. Locators are unique identifiers for packages in the FOSSA system. Exact matches only.

pageinteger

The page number to retrieve

countinteger

The number of results to return per page. Values above the maximum of 50 are silently clamped to 50.

sortenum

The field to sort by

matchalphabeticalusage

Responses

200A paginated list of packages used by your organization.
dataobject[]required

The page of packages matching the supplied filters.

locatorstringrequired

The package locator (without revision / version data).

titlestringrequired

The human-readable package title.

numberOfProjectsintegerrequired

The number of your projects that depend on this package.

blockedVersionCountintegerrequired

The number of versions of this package that are blocked by your organization.

countintegerrequired

The total number of packages matching the supplied filters across all pages.

400Bad request
uuidstring

Unique identifier associated with the error

codeinteger

fossa specific error code

messagestring

message associated with this error

namestring

name of the error

httpStatusCodeinteger

http status code number

403Forbidden
uuidstring

Unique identifier associated with the error

codeinteger

fossa specific error code

messagestring

message associated with this error

namestring

name of the error

httpStatusCodeinteger

http status code number

Try this endpoint

Build a request and run it against app.fossa.com.

Bearer

Stored in this browser for 24 hours. Try It uses a docs proxy for CORS and does not store tokens server-side.

GET https://app.fossa.com/api/packages
curl --request GET \  --url 'https://app.fossa.com/api/packages' \  --header 'accept: application/json'

Real request. Mutating methods can change data.

Click Try It to run a request and see the response here.

Query params

fetchersarray

Filter packages to those from the specified fetchers. For example, fetchers[0]=npm&fetchers[1]=apk will match all NPM packages and all APK packages.

packageNamestring

Filter results to only packages with the specified name. Supports partial matches. For example "foo" will match "foo", "foobar", and "foo-bar".

deptharray

Filter results to only include packages which are direct or transitive dependencies of your projects.

labelsarray

Filter packages to those belonging to your projects with the specified labels.

projectNamestring

Filter packages to only one of your specific projects. Exact match only.

sourcesarray

Filter packages to those belonging to your projects from the specified set of sources

visibilityarray

Filter results to your projects which are public or private

blockTypesarray

Filter packages to include only packages that do or do not have packages as dependencies which are blocked by your organization

cvestring

Filter packages to those with vulnerabilities that have specific Common Vulnerabilities and Exposures (CVE) identifiers

cwesarray

Filter packages to those with vulnerabilities that have specific Common Weakness Enumeration (CWE) identifiers

fixTypesarray

Filter packages to those with vulnerabilities that either have or do not have a fix available

severitiesarray

Filter packages by severity levels of issues

teamIdsarray

Filter packages to just those owned by the specified teams. Specify the string "null" to filter packages that are not owned by any team.

locatorsarray

Filter packages by the specified dependency project locators without revision / version data. Locators are unique identifiers for packages in the FOSSA system. Exact matches only.

pageinteger

The page number to retrieve

countinteger

The number of results to return per page. Values above the maximum of 50 are silently clamped to 50.

sortenum

The field to sort by