Updates to Existing APIs

The following section describes updates that have occurred to existing APIs in this release:

Resource

API Name/Endpoint

Method

Function Change Description

vulnerability

Get suppressed vulnerabilities

vulnerability/suppress

GET

The response now includes the following properties for a given vulnerability suppression:

itemNumber—Indicates the number for each vulnerability suppression record.
suppressionScope—Indicates whether the given vulnerability is suppressed for a project or suppressed globally. If the vulnerability is suppressed at the project level, value is PROJECT.
suppressionDetails—Indicates detailed information about the suppression, when the given vulnerability is suppressed at the project level, via the following sub-properties:
projectId—The ID of the project for which the vulnerability was suppressed.
state—The state of the suppressed vulnerability.
justification—The reason for suppressing the vulnerability.
response—Any response or action taken related to the suppressed vulnerability.

Suppress vulnerability

/vulnerability/suppress

POST

The request now includes the two new properties, suppressionScope and suppressionDetails. These properties enable you to define the scope of a specified vulnerability suppression, either at the project level or globally:

Setting the suppressionScope property to PROJECT enables you to set the following sub-properties of the suppressionDetails property for project-level suppression:
projectId—The ID of the project for which the specified vulnerability should be suppressed.
state—The current state of the specified vulnerability.
justification—The reason for suppressing the specified vulnerability.
response—Any response or action taken related to the specified vulnerability.

(Continued)

(Continued)

(Continued)

Setting the suppressionScope property to the GLOBAL suppresses the specified vulnerability globally across all projects. If the suppressionScope property is kept undefined, by default, the specified vulnerability suppresses globally across all projects.

Important:To suppress the specified vulnerability at the project level, the versionScope property must be set to SPECIFIC_VERSIONS and setting the reason property is optional.

This API also enables you to globally suppress a vulnerability that was initially suppressed for a project; however, you cannot suppress a globally suppressed vulnerability at the project level.

The project’s Security Contact (also called Security Reviewer) and Developer Contact (also called Remediation Developer) can invoke this API only for project-level suppression, and the System Administrator can invoke the API only for global-level suppression.

Get vulnerability suppress details

/vulnerability/suppress/details

GET

The response now includes a relevant error message when attempting to call the API for a given vulnerability that was suppressed at the project level.

Only the System Administrator can invoke this API successfully.

UnSuppress vulnerability

/vulnerability/unSuppress

POST

The request now includes a new property, projectId, which allows you to unsuppress a specified vulnerability at project level:

If the projectId property is set to a value (required project ID), the specified vulnerability will be unsuppressed only for that specified project.
If the projectId property is kept undefined, the specified vulnerability will be unsuppressed globally across all projects.

(Continued)

(Continued)

(Continued)

The project’s Security Contact (also called Security Reviewer) and Developer Contact (also called Remediation Developer) can invoke this API only for project-level unsuppression, and the System Administrator can invoke the API only for global-level unsuppression.