Updates to Existing APIs

The following sections describe updates that have occurred to existing APIs in this release.

CWE Information Added

For APIs that retrieve security vulnerability information, the property vulnerabilityCWE has been added to the list of properties for each vulnerability to identify the vulnerability’s CWE (Common Weakness Enumeration). The property value includes both the category ID (name field) of the CWE and the category label (title field). The value contains empty brackets if the CWE is not available.

Other API Enhancements

The following lists other changes to existing APIs in this release.

Updates to Existing APIs

Resource

API Name/Endpoint

Method

Function Description

Files

Get details of a file by Id

/files/{fileId}

GET

Retrieves the following additional information for each file in the results:

sourceMatchCount—Total number of source-code snippets found in the file that match other source-code snippets stored in the Code Insight data library.
exactFileMatchCount—The number of files in the Compliance Library that identically match the given file.

Previously, the results simply indicated (with a true or false for sourceMatches and exactFileMatches) whether matching code snippets and other exact-match files existed in the libraries.

Inventory

Create inventory

/inventories

POST

Enables project analysts to update custom-field values for the inventory item. (The IDs for the custom inventory fields can be obtained through the Get details of inventory or Get Project Inventory API.)

Update inventory

/inventories/{inventoryId}

PUT

Project

Get Project Information

/project/inventory/{projectId}

GET

In the results for the given project, shows the project’s current values (including null) for the custom project fields. Only enabled custom fields are listed. If all custom fields are disabled or no custom fields have been configured for projects, an empty array is displayed in the customFields section.

Create Project

POST

Enables project administrators to update custom-field values in the project. (The IDs for the custom project fields can be obtained through the Get Project Information API.)

Update Project

PUT

Fetch Evidences for a project

/project/{projectId}

 

For every codebase file in a given project, retrieves the following additional information in the results:

sourceMatchCount—Total number of source-code snippets in the file that match source-code snippets stored in the Code Insight data library.
exactFileMatchCount—The number of files in the Compliance Library that identically match the given file.

Previously, the results simply indicated (with a true or false for sourceMatches and exactFileMatches) whether matching code snippets and other exact-match files existed in the libraries.

Export Project Data

/project/exportProjectData

GET

Supports the export of all custom fields for the project and its inventory.

Import Project Data

/project/{projectId}/import

POST

Supports the import of custom fields according to the specific rules explained in “Exporting and Importing Project Data” in the Code Insight User Guide.