Code Scanning (SAST)

Use the REST API to query static code scanning (SAST) metrics

Table of Contents

Introduction

The SAST API provides a RESTful interface for querying various metrics related to code-scanning findings and events. It offers endpoints to retrieve information about SAST findings, events, and counts.

Get SAST Events

This endpoint returns the list of events that have occurred related to code findings.

Event types:

  • new-branch-summary

  • new-finding

  • new-findings

  • new-fix

  • new-fixes

  • new-allowlisted-finding

  • new-allowlisted-findings

  • new-unallowlisted-finding

  • new-unallowlisted-findings

  • new-pull-request-finding

  • new-pull-request-findings

  • new-pull-request-fix

  • new-pull-request-fixes

  • new-pull-request-allowlisted-finding

  • new-pull-request-allowlisted-findings

  • new-pull-request-unallowlisted-finding

  • new-pull-request-unallowlisted-findings

curl -L \
   -H "Accept: application/json" \
   -H "Authorization: Bearer <YOUR-TOKEN>" \
   https://api.nullify.ai/sast/events?githubOwnerId=1234

Get SAST Findings

This endpoint returns the list of findings found in the code.

curl -L \
   -H "Accept: application/json" \
   -H "Authorization: Bearer <YOUR-TOKEN>" \
   https://api.nullify.ai/sast/findings?githubOwnerId=1234

Get SAST Finding

This endpoint returns the details of a SAST finding

curl -L \
   -H "Accept: application/json" \
   -H "Authorization: Bearer <YOUR-TOKEN>" \
   https://api.nullify.ai/sast/findings/01J6EEXK3NKYKWW9XTPQYAF41N?githubOwnerId=1234

Last updated

© 2023 Nullify | All Rights Reserved.