Updates to Existing APIs
The following section describes updates that have occurred to existing APIs in this release:
Resource |
API Name/Endpoint |
Method |
Function Change Description |
|||||||||||||||||||||
vulnerability |
Get suppressed vulnerabilities vulnerability/suppress |
GET |
The response now includes the following properties for a given vulnerability suppression:
|
|||||||||||||||||||||
Suppress vulnerability /vulnerability/suppress |
POST |
The request now includes the two new properties, suppressionScope and suppressionDetails. These properties enable you to define the scope of a specified vulnerability suppression, either at the project level or globally:
|
||||||||||||||||||||||
(Continued) |
(Continued) |
(Continued) |
Important:To suppress the specified vulnerability at the project level, the versionScope property must be set to SPECIFIC_VERSIONS and setting the reason property is optional. This API also enables you to globally suppress a vulnerability that was initially suppressed for a project; however, you cannot suppress a globally suppressed vulnerability at the project level. The project’s Security Contact (also called Security Reviewer) and Developer Contact (also called Remediation Developer) can invoke this API only for project-level suppression, and the System Administrator can invoke the API only for global-level suppression. |
|||||||||||||||||||||
Get vulnerability suppress details /vulnerability/suppress/details |
GET |
The response now includes a relevant error message when attempting to call the API for a given vulnerability that was suppressed at the project level. Only the System Administrator can invoke this API successfully. |
||||||||||||||||||||||
UnSuppress vulnerability /vulnerability/unSuppress |
POST |
The request now includes a new property, projectId, which allows you to unsuppress a specified vulnerability at project level:
|
||||||||||||||||||||||
(Continued) |
(Continued) |
(Continued) |
The project’s Security Contact (also called Security Reviewer) and Developer Contact (also called Remediation Developer) can invoke this API only for project-level unsuppression, and the System Administrator can invoke the API only for global-level unsuppression. |