diff --git a/openapi.json b/openapi.json index 4ed7cf0b..bd73b32a 100644 --- a/openapi.json +++ b/openapi.json @@ -23,6 +23,9 @@ { "name": "Full Scans" }, + { + "name": "Fixes" + }, { "name": "Diff Scans" }, @@ -9709,6 +9712,7 @@ "SocketPURL_Type": { "type": "string", "enum": [ + "alpm", "apk", "bitbucket", "cocoapods", @@ -9738,6 +9742,7 @@ "rpm", "swid", "swift", + "vscode", "unknown" ], "description": "Package ecosystem type identifier based on the PURL specification", @@ -10511,6 +10516,16 @@ "type": "boolean", "default": false } + }, + { + "name": "cachedResultsOnly", + "in": "query", + "required": false, + "description": "Return only cached results, do not attempt to scan new artifacts or rescan stale results.", + "schema": { + "type": "boolean", + "default": false + } } ], "requestBody": { @@ -34185,6 +34200,8 @@ "dependencies", "dependencies:list", "dependencies:trend", + "fixes", + "fixes:list", "full-scans", "full-scans:list", "full-scans:create", @@ -34532,6 +34549,8 @@ "dependencies", "dependencies:list", "dependencies:trend", + "fixes", + "fixes:list", "full-scans", "full-scans:list", "full-scans:create", @@ -34696,6 +34715,8 @@ "dependencies", "dependencies:list", "dependencies:trend", + "fixes", + "fixes:list", "full-scans", "full-scans:list", "full-scans:create", @@ -35354,6 +35375,11 @@ "type": "boolean", "default": false, "description": "Whether the threat still is in need of human review by the threat research team" + }, + "threatInstanceId": { + "type": "integer", + "description": "Unique threat instance identifier across artifacts", + "default": 0 } }, "description": "" @@ -35636,6 +35662,11 @@ "type": "boolean", "default": false, "description": "Whether the threat still is in need of human review by the threat research team" + }, + "threatInstanceId": { + "type": "integer", + "description": "Unique threat instance identifier across artifacts", + "default": 0 } }, "description": "" @@ -35677,6 +35708,973 @@ "x-readme": {} } }, + "/orgs/{org_slug}/fixes": { + "get": { + "tags": [ + "Fixes" + ], + "summary": "Fetch fixes for vulnerabilities in a repository or scan", + "operationId": "fetch-fixes", + "parameters": [ + { + "name": "org_slug", + "in": "path", + "required": true, + "description": "The slug of the organization", + "schema": { + "type": "string" + } + }, + { + "name": "repo_slug", + "in": "query", + "required": false, + "description": "The slug of the repository to fetch fixes for. Computes fixes based on the latest scan on the default branch", + "schema": { + "type": "string" + } + }, + { + "name": "full_scan_id", + "in": "query", + "required": false, + "description": "The ID of the scan to fetch fixes for", + "schema": { + "type": "string" + } + }, + { + "name": "vulnerability_ids", + "in": "query", + "required": true, + "description": "Comma-separated list of GHSA or CVE IDs, or \"*\" for all vulnerabilities", + "schema": { + "type": "string" + } + }, + { + "name": "allow_major_updates", + "in": "query", + "required": true, + "description": "Whether to allow major version updates in fixes", + "schema": { + "type": "boolean", + "default": false + } + }, + { + "name": "minimum_release_age", + "in": "query", + "required": false, + "description": "Minimum release age for fixes packages (e.g., \"1h\", \"2d\", \"1w\"). Higher values reduces risk of installing recently released untested package versions.", + "schema": { + "type": "string", + "default": "0d" + } + }, + { + "name": "include_details", + "in": "query", + "required": false, + "description": "Whether to include advisory details in the response", + "schema": { + "type": "boolean", + "default": false + } + } + ], + "security": [ + { + "bearerAuth": [ + "fixes:list" + ] + }, + { + "basicAuth": [ + "fixes:list" + ] + } + ], + "description": "Fetches available fixes for vulnerabilities in a repository or scan.\nRequires either repo_slug or full_scan_id as well as vulnerability_ids to be provided.\nvulnerability_ids can be a comma-separated list of GHSA or CVE IDs, or \"*\" for all vulnerabilities.\n\nThis endpoint consumes 10 units of your quota.\n\nThis endpoint requires the following org token scopes:\n- fixes:list", + "responses": { + "200": { + "content": { + "application/json": { + "schema": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "fixDetails": { + "type": "object", + "additionalProperties": { + "anyOf": [ + { + "type": "object", + "additionalProperties": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "fixFound" + ] + }, + "value": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "type": { + "type": "string", + "enum": [ + "fixFound" + ], + "description": "", + "default": "fixFound" + }, + "ghsa": { + "type": "string", + "description": "", + "default": "" + }, + "cve": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "fixDetails": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "responsibleDirectDependencyPurls": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "The PURL (unique package identifier) of the direct dependency(ies) responsible for introducing the vulnerability" + }, + "description": "" + }, + "fixes": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "purl": { + "type": "string", + "description": "", + "default": "The PURL (unique package identifier) of the package to upgrade" + }, + "fixedVersion": { + "type": "string", + "description": "", + "default": "The version of the package to upgrade to" + }, + "manifestFiles": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "The manifest file(s) that contain the package" + }, + "description": "" + }, + "updateType": { + "type": "string", + "enum": [ + "patch", + "minor", + "major", + "unknown" + ], + "description": "The type of version update (patch, minor, major, or unknown if it cannot be determined)", + "default": "unknown" + } + }, + "required": [ + "fixedVersion", + "manifestFiles", + "purl", + "updateType" + ] + }, + "description": "" + } + }, + "required": [ + "fixes", + "responsibleDirectDependencyPurls" + ] + }, + "advisoryDetails": { + "type": "object", + "additionalProperties": false, + "properties": { + "title": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "description": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "cwes": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "" + }, + "severity": { + "type": "string", + "enum": [ + "LOW", + "MODERATE", + "HIGH", + "CRITICAL" + ], + "description": "Severity level of the vulnerability", + "default": "LOW" + }, + "cvssVector": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "publishedAt": { + "type": "string", + "description": "", + "default": "" + }, + "kev": { + "type": "boolean", + "default": false, + "description": "Whether the vulnerability is a Known Exploited Vulnerability" + }, + "epss": { + "type": "number", + "description": "Exploit Prediction Scoring System score", + "default": 0, + "nullable": true + }, + "affectedPurls": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "purl": { + "type": "string", + "description": "", + "default": "", + "format": "The PURL (unique package identifier) of the affected package" + }, + "affectedRange": { + "type": "string", + "description": "", + "default": "The range of vulnerable versions" + } + }, + "required": [ + "affectedRange", + "purl" + ] + }, + "description": "" + } + }, + "description": "", + "nullable": true + } + }, + "required": [ + "advisoryDetails", + "cve", + "fixDetails", + "ghsa", + "type" + ] + } + } + }, + { + "type": "object", + "additionalProperties": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "partialFixFound" + ] + }, + "value": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "type": { + "type": "string", + "enum": [ + "partialFixFound" + ], + "description": "", + "default": "partialFixFound" + }, + "ghsa": { + "type": "string", + "description": "", + "default": "" + }, + "cve": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "fixDetails": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "responsibleDirectDependencyPurls": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "The PURL (unique package identifier) of the direct dependency(ies) responsible for introducing the vulnerability" + }, + "description": "" + }, + "fixes": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "purl": { + "type": "string", + "description": "", + "default": "The PURL (unique package identifier) of the package to upgrade" + }, + "fixedVersion": { + "type": "string", + "description": "", + "default": "The version of the package to upgrade to" + }, + "manifestFiles": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "The manifest file(s) that contain the package" + }, + "description": "" + }, + "updateType": { + "type": "string", + "enum": [ + "patch", + "minor", + "major", + "unknown" + ], + "description": "The type of version update (patch, minor, major, or unknown if it cannot be determined)", + "default": "unknown" + } + }, + "required": [ + "fixedVersion", + "manifestFiles", + "purl", + "updateType" + ] + }, + "description": "" + }, + "unfixablePurls": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "purl": { + "type": "string", + "description": "", + "default": "The PURL (unique package identifier) of the package that cannot be upgraded" + }, + "manifestFiles": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "The manifest file(s) that contain the package" + }, + "description": "" + } + }, + "required": [ + "manifestFiles", + "purl" + ] + }, + "description": "" + } + }, + "required": [ + "fixes", + "responsibleDirectDependencyPurls", + "unfixablePurls" + ] + }, + "advisoryDetails": { + "type": "object", + "additionalProperties": false, + "properties": { + "title": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "description": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "cwes": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "" + }, + "severity": { + "type": "string", + "enum": [ + "LOW", + "MODERATE", + "HIGH", + "CRITICAL" + ], + "description": "Severity level of the vulnerability", + "default": "LOW" + }, + "cvssVector": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "publishedAt": { + "type": "string", + "description": "", + "default": "" + }, + "kev": { + "type": "boolean", + "default": false, + "description": "Whether the vulnerability is a Known Exploited Vulnerability" + }, + "epss": { + "type": "number", + "description": "Exploit Prediction Scoring System score", + "default": 0, + "nullable": true + }, + "affectedPurls": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "purl": { + "type": "string", + "description": "", + "default": "", + "format": "The PURL (unique package identifier) of the affected package" + }, + "affectedRange": { + "type": "string", + "description": "", + "default": "The range of vulnerable versions" + } + }, + "required": [ + "affectedRange", + "purl" + ] + }, + "description": "" + } + }, + "description": "", + "nullable": true + } + }, + "required": [ + "advisoryDetails", + "cve", + "fixDetails", + "ghsa", + "type" + ] + } + } + }, + { + "type": "object", + "additionalProperties": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "errorComputingFix" + ] + }, + "value": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "type": { + "type": "string", + "enum": [ + "errorComputingFix" + ], + "description": "", + "default": "errorComputingFix" + }, + "ghsa": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "cve": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "message": { + "type": "string", + "description": "", + "default": "" + }, + "advisoryDetails": { + "type": "object", + "additionalProperties": false, + "properties": { + "title": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "description": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "cwes": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "" + }, + "severity": { + "type": "string", + "enum": [ + "LOW", + "MODERATE", + "HIGH", + "CRITICAL" + ], + "description": "Severity level of the vulnerability", + "default": "LOW" + }, + "cvssVector": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "publishedAt": { + "type": "string", + "description": "", + "default": "" + }, + "kev": { + "type": "boolean", + "default": false, + "description": "Whether the vulnerability is a Known Exploited Vulnerability" + }, + "epss": { + "type": "number", + "description": "Exploit Prediction Scoring System score", + "default": 0, + "nullable": true + }, + "affectedPurls": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "purl": { + "type": "string", + "description": "", + "default": "", + "format": "The PURL (unique package identifier) of the affected package" + }, + "affectedRange": { + "type": "string", + "description": "", + "default": "The range of vulnerable versions" + } + }, + "required": [ + "affectedRange", + "purl" + ] + }, + "description": "" + } + }, + "description": "", + "nullable": true + } + }, + "required": [ + "advisoryDetails", + "cve", + "ghsa", + "message", + "type" + ] + } + } + }, + { + "type": "object", + "additionalProperties": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "noFixAvailable" + ] + }, + "value": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "type": { + "type": "string", + "enum": [ + "noFixAvailable" + ], + "description": "", + "default": "noFixAvailable" + }, + "ghsa": { + "type": "string", + "description": "", + "default": "" + }, + "cve": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "advisoryDetails": { + "type": "object", + "additionalProperties": false, + "properties": { + "title": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "description": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "cwes": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "" + }, + "severity": { + "type": "string", + "enum": [ + "LOW", + "MODERATE", + "HIGH", + "CRITICAL" + ], + "description": "Severity level of the vulnerability", + "default": "LOW" + }, + "cvssVector": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "publishedAt": { + "type": "string", + "description": "", + "default": "" + }, + "kev": { + "type": "boolean", + "default": false, + "description": "Whether the vulnerability is a Known Exploited Vulnerability" + }, + "epss": { + "type": "number", + "description": "Exploit Prediction Scoring System score", + "default": 0, + "nullable": true + }, + "affectedPurls": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "purl": { + "type": "string", + "description": "", + "default": "", + "format": "The PURL (unique package identifier) of the affected package" + }, + "affectedRange": { + "type": "string", + "description": "", + "default": "The range of vulnerable versions" + } + }, + "required": [ + "affectedRange", + "purl" + ] + }, + "description": "" + } + }, + "description": "", + "nullable": true + } + }, + "required": [ + "advisoryDetails", + "cve", + "ghsa", + "type" + ] + } + } + }, + { + "type": "object", + "additionalProperties": false, + "properties": { + "type": { + "type": "string", + "enum": [ + "fixNotApplicable" + ] + }, + "value": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "type": { + "type": "string", + "enum": [ + "fixNotApplicable" + ], + "description": "", + "default": "fixNotApplicable" + }, + "ghsa": { + "type": "string", + "description": "", + "default": "" + }, + "cve": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "advisoryDetails": { + "type": "object", + "additionalProperties": false, + "properties": { + "title": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "description": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "cwes": { + "type": "array", + "items": { + "type": "string", + "description": "", + "default": "" + }, + "description": "" + }, + "severity": { + "type": "string", + "enum": [ + "LOW", + "MODERATE", + "HIGH", + "CRITICAL" + ], + "description": "Severity level of the vulnerability", + "default": "LOW" + }, + "cvssVector": { + "type": "string", + "description": "", + "default": "", + "nullable": true + }, + "publishedAt": { + "type": "string", + "description": "", + "default": "" + }, + "kev": { + "type": "boolean", + "default": false, + "description": "Whether the vulnerability is a Known Exploited Vulnerability" + }, + "epss": { + "type": "number", + "description": "Exploit Prediction Scoring System score", + "default": 0, + "nullable": true + }, + "affectedPurls": { + "type": "array", + "items": { + "type": "object", + "additionalProperties": false, + "description": "", + "properties": { + "purl": { + "type": "string", + "description": "", + "default": "", + "format": "The PURL (unique package identifier) of the affected package" + }, + "affectedRange": { + "type": "string", + "description": "", + "default": "The range of vulnerable versions" + } + }, + "required": [ + "affectedRange", + "purl" + ] + }, + "description": "" + } + }, + "description": "", + "nullable": true + } + }, + "required": [ + "advisoryDetails", + "cve", + "ghsa", + "type" + ] + } + } + } + ] + }, + "properties": {}, + "description": "" + } + }, + "required": [ + "fixDetails" + ] + } + } + }, + "description": "Fix details for requested vulnerabilities" + }, + "400": { + "$ref": "#/components/responses/SocketBadRequest" + }, + "401": { + "$ref": "#/components/responses/SocketUnauthorized" + }, + "403": { + "$ref": "#/components/responses/SocketForbidden" + }, + "404": { + "$ref": "#/components/responses/SocketNotFoundResponse" + }, + "429": { + "$ref": "#/components/responses/SocketTooManyRequestsResponse" + } + }, + "x-readme": {} + } + }, "/license-policy": { "post": { "tags": [ diff --git a/types/api.d.ts b/types/api.d.ts index 1f90b4a9..255e9925 100644 --- a/types/api.d.ts +++ b/types/api.d.ts @@ -901,6 +901,20 @@ export interface paths { */ get: operations['getOrgThreatFeedItems'] } + '/orgs/{org_slug}/fixes': { + /** + * Fetch fixes for vulnerabilities in a repository or scan + * @description Fetches available fixes for vulnerabilities in a repository or scan. + * Requires either repo_slug or full_scan_id as well as vulnerability_ids to be provided. + * vulnerability_ids can be a comma-separated list of GHSA or CVE IDs, or "*" for all vulnerabilities. + * + * This endpoint consumes 10 units of your quota. + * + * This endpoint requires the following org token scopes: + * - fixes:list + */ + get: operations['fetch-fixes'] + } '/license-policy': { /** * License Policy (Beta) @@ -4229,6 +4243,7 @@ export interface components { * @enum {string} */ SocketPURL_Type: + | 'alpm' | 'apk' | 'bitbucket' | 'cocoapods' @@ -4258,6 +4273,7 @@ export interface components { | 'rpm' | 'swid' | 'swift' + | 'vscode' | 'unknown' /** * @default low @@ -4746,6 +4762,8 @@ export interface operations { licensedetails?: boolean /** @description Return errors found with handling PURLs as error objects in the stream. */ purlErrors?: boolean + /** @description Return only cached results, do not attempt to scan new artifacts or rescan stale results. */ + cachedResultsOnly?: boolean } } requestBody?: { @@ -13501,6 +13519,8 @@ export interface operations { | 'dependencies' | 'dependencies:list' | 'dependencies:trend' + | 'fixes' + | 'fixes:list' | 'full-scans' | 'full-scans:list' | 'full-scans:create' @@ -13612,6 +13632,8 @@ export interface operations { | 'dependencies' | 'dependencies:list' | 'dependencies:trend' + | 'fixes' + | 'fixes:list' | 'full-scans' | 'full-scans:list' | 'full-scans:create' @@ -13743,6 +13765,8 @@ export interface operations { | 'dependencies' | 'dependencies:list' | 'dependencies:trend' + | 'fixes' + | 'fixes:list' | 'full-scans' | 'full-scans:list' | 'full-scans:create' @@ -14052,6 +14076,11 @@ export interface operations { * @default false */ needsHumanReview?: boolean + /** + * @description Unique threat instance identifier across artifacts + * @default 0 + */ + threatInstanceId?: number }> /** @default */ nextPage: string | null @@ -14160,6 +14189,11 @@ export interface operations { * @default false */ needsHumanReview?: boolean + /** + * @description Unique threat instance identifier across artifacts + * @default 0 + */ + threatInstanceId?: number }> /** @default */ nextPageCursor: string | null @@ -14173,6 +14207,350 @@ export interface operations { 429: components['responses']['SocketTooManyRequestsResponse'] } } + /** + * Fetch fixes for vulnerabilities in a repository or scan + * @description Fetches available fixes for vulnerabilities in a repository or scan. + * Requires either repo_slug or full_scan_id as well as vulnerability_ids to be provided. + * vulnerability_ids can be a comma-separated list of GHSA or CVE IDs, or "*" for all vulnerabilities. + * + * This endpoint consumes 10 units of your quota. + * + * This endpoint requires the following org token scopes: + * - fixes:list + */ + 'fetch-fixes': { + parameters: { + query: { + /** @description The slug of the repository to fetch fixes for. Computes fixes based on the latest scan on the default branch */ + repo_slug?: string + /** @description The ID of the scan to fetch fixes for */ + full_scan_id?: string + /** @description Comma-separated list of GHSA or CVE IDs, or "*" for all vulnerabilities */ + vulnerability_ids: string + /** @description Whether to allow major version updates in fixes */ + allow_major_updates: boolean + /** @description Minimum release age for fixes packages (e.g., "1h", "2d", "1w"). Higher values reduces risk of installing recently released untested package versions. */ + minimum_release_age?: string + /** @description Whether to include advisory details in the response */ + include_details?: boolean + } + path: { + /** @description The slug of the organization */ + org_slug: string + } + } + responses: { + /** @description Fix details for requested vulnerabilities */ + 200: { + content: { + 'application/json': { + fixDetails: { + [key: string]: + | { + /** @enum {string} */ + type?: 'fixFound' + value?: { + /** + * @default fixFound + * @enum {string} + */ + type: 'fixFound' + /** @default */ + ghsa: string + /** @default */ + cve: string | null + fixDetails: { + responsibleDirectDependencyPurls: string[] + fixes: Array<{ + /** @default The PURL (unique package identifier) of the package to upgrade */ + purl: string + /** @default The version of the package to upgrade to */ + fixedVersion: string + manifestFiles: string[] + /** + * @description The type of version update (patch, minor, major, or unknown if it cannot be determined) + * @default unknown + * @enum {string} + */ + updateType: 'patch' | 'minor' | 'major' | 'unknown' + }> + } + advisoryDetails: { + /** @default */ + title?: string | null + /** @default */ + description?: string | null + cwes?: string[] + /** + * @description Severity level of the vulnerability + * @default LOW + * @enum {string} + */ + severity?: 'LOW' | 'MODERATE' | 'HIGH' | 'CRITICAL' + /** @default */ + cvssVector?: string | null + /** @default */ + publishedAt?: string + /** + * @description Whether the vulnerability is a Known Exploited Vulnerability + * @default false + */ + kev?: boolean + /** + * @description Exploit Prediction Scoring System score + * @default 0 + */ + epss?: number | null + affectedPurls?: Array<{ + /** + * Format: The PURL (unique package identifier) of the affected package + * @default + */ + purl: string + /** @default The range of vulnerable versions */ + affectedRange: string + }> + } | null + } + } + | { + /** @enum {string} */ + type?: 'partialFixFound' + value?: { + /** + * @default partialFixFound + * @enum {string} + */ + type: 'partialFixFound' + /** @default */ + ghsa: string + /** @default */ + cve: string | null + fixDetails: { + responsibleDirectDependencyPurls: string[] + fixes: Array<{ + /** @default The PURL (unique package identifier) of the package to upgrade */ + purl: string + /** @default The version of the package to upgrade to */ + fixedVersion: string + manifestFiles: string[] + /** + * @description The type of version update (patch, minor, major, or unknown if it cannot be determined) + * @default unknown + * @enum {string} + */ + updateType: 'patch' | 'minor' | 'major' | 'unknown' + }> + unfixablePurls: Array<{ + /** @default The PURL (unique package identifier) of the package that cannot be upgraded */ + purl: string + manifestFiles: string[] + }> + } + advisoryDetails: { + /** @default */ + title?: string | null + /** @default */ + description?: string | null + cwes?: string[] + /** + * @description Severity level of the vulnerability + * @default LOW + * @enum {string} + */ + severity?: 'LOW' | 'MODERATE' | 'HIGH' | 'CRITICAL' + /** @default */ + cvssVector?: string | null + /** @default */ + publishedAt?: string + /** + * @description Whether the vulnerability is a Known Exploited Vulnerability + * @default false + */ + kev?: boolean + /** + * @description Exploit Prediction Scoring System score + * @default 0 + */ + epss?: number | null + affectedPurls?: Array<{ + /** + * Format: The PURL (unique package identifier) of the affected package + * @default + */ + purl: string + /** @default The range of vulnerable versions */ + affectedRange: string + }> + } | null + } + } + | { + /** @enum {string} */ + type?: 'errorComputingFix' + value?: { + /** + * @default errorComputingFix + * @enum {string} + */ + type: 'errorComputingFix' + /** @default */ + ghsa: string | null + /** @default */ + cve: string | null + /** @default */ + message: string + advisoryDetails: { + /** @default */ + title?: string | null + /** @default */ + description?: string | null + cwes?: string[] + /** + * @description Severity level of the vulnerability + * @default LOW + * @enum {string} + */ + severity?: 'LOW' | 'MODERATE' | 'HIGH' | 'CRITICAL' + /** @default */ + cvssVector?: string | null + /** @default */ + publishedAt?: string + /** + * @description Whether the vulnerability is a Known Exploited Vulnerability + * @default false + */ + kev?: boolean + /** + * @description Exploit Prediction Scoring System score + * @default 0 + */ + epss?: number | null + affectedPurls?: Array<{ + /** + * Format: The PURL (unique package identifier) of the affected package + * @default + */ + purl: string + /** @default The range of vulnerable versions */ + affectedRange: string + }> + } | null + } + } + | { + /** @enum {string} */ + type?: 'noFixAvailable' + value?: { + /** + * @default noFixAvailable + * @enum {string} + */ + type: 'noFixAvailable' + /** @default */ + ghsa: string + /** @default */ + cve: string | null + advisoryDetails: { + /** @default */ + title?: string | null + /** @default */ + description?: string | null + cwes?: string[] + /** + * @description Severity level of the vulnerability + * @default LOW + * @enum {string} + */ + severity?: 'LOW' | 'MODERATE' | 'HIGH' | 'CRITICAL' + /** @default */ + cvssVector?: string | null + /** @default */ + publishedAt?: string + /** + * @description Whether the vulnerability is a Known Exploited Vulnerability + * @default false + */ + kev?: boolean + /** + * @description Exploit Prediction Scoring System score + * @default 0 + */ + epss?: number | null + affectedPurls?: Array<{ + /** + * Format: The PURL (unique package identifier) of the affected package + * @default + */ + purl: string + /** @default The range of vulnerable versions */ + affectedRange: string + }> + } | null + } + } + | { + /** @enum {string} */ + type?: 'fixNotApplicable' + value?: { + /** + * @default fixNotApplicable + * @enum {string} + */ + type: 'fixNotApplicable' + /** @default */ + ghsa: string + /** @default */ + cve: string | null + advisoryDetails: { + /** @default */ + title?: string | null + /** @default */ + description?: string | null + cwes?: string[] + /** + * @description Severity level of the vulnerability + * @default LOW + * @enum {string} + */ + severity?: 'LOW' | 'MODERATE' | 'HIGH' | 'CRITICAL' + /** @default */ + cvssVector?: string | null + /** @default */ + publishedAt?: string + /** + * @description Whether the vulnerability is a Known Exploited Vulnerability + * @default false + */ + kev?: boolean + /** + * @description Exploit Prediction Scoring System score + * @default 0 + */ + epss?: number | null + affectedPurls?: Array<{ + /** + * Format: The PURL (unique package identifier) of the affected package + * @default + */ + purl: string + /** @default The range of vulnerable versions */ + affectedRange: string + }> + } | null + } + } + } + } + } + } + 400: components['responses']['SocketBadRequest'] + 401: components['responses']['SocketUnauthorized'] + 403: components['responses']['SocketForbidden'] + 404: components['responses']['SocketNotFoundResponse'] + 429: components['responses']['SocketTooManyRequestsResponse'] + } + } /** * License Policy (Beta) * @description Compare the license data found for a list of packages (given as PURL strings) with the contents of a configurable license policy,