Get reports from API
Base URL: app.coana.tech
The following endpoints are available:
-
GET /api/v1/reports?projectUid=<uuid>
Returns the 10 latest reports for a given project. The projectidnumber can be found in the dashboard url. -
GET /api/v1/reports/latest?projectUid=<uuid>
Returns latest report for a given project. The projectidnumber can be found in the dashboard url. SetincludeVulnerabilityDetails=trueto include vulnerability details. -
GET /api/v1/reports/<id>
Returns a specific report. The reportidnumber can be found in the dashboard url. SetincludeVulnerabilityDetails=trueto include vulnerability details.
Report Type Definition
interface ReportEntity {
id: number;
createdAt: Date;
projectUid: string;
cliVersion: string;
packageSpecifier: string;
cliExecutionTimeMS: number;
// Not available in lists
vulnerabilityInstances: VulnerabilityInstanceEntity[];
commitSha: string | null;
branchName: string | null;
}
interface VulnerabilityInstanceEntity {
id: number;
vulnerabilityUrl: string;
reportId: number;
workspacePath: string;
reachability: Reachability;
details?: Details;
// fields below may be null for legacy reports
packageName: string | null;
packageVersion: string | null;
dependencyType: 'prod' | 'dev' | 'prod&dev' | null;
}
interface Details {
cvss: {
score: number;
vectorString: string | null;
};
cwes?: Array<{
id: string;
name: string;
description: string;
}>;
dependency: string; // name of the affected package
name: string; // typically, also the name of the affected package
range: string;
severity: AuditSeverityType;
source: number; // might change over time
title: string;
url: string;
cve?: string | null;
accessPathDescription?: string; // human-readable description of what Coana scans for when looking for occurrences of this vulnerability
}
type AuditSeverityType = 'INFO' | 'LOW' | 'MODERATE' | 'HIGH' | 'CRITICAL';
type Reachability = 'REACHABLE' | 'UNKNOWN' | 'UNREACHABLE';