# SecureCore
## SecureCore Project (CodeCertify module) Meta Data
Retrieve SecureCore project with associated last 10 scans and meta data including component, vulnerability, license and asset metrics
{% tabs %}
{% tab title="Python" %}
```python
import requests
# Define the GraphQL endpoint URL
url = "https://app.threatrix.io/graphql"
apikey = "{THREATRIX_API_OR_SERVICE_KEY}" # Replace with your actual service key
# Example GraphQL query - adjust based on your needs
query = """
{
project(projectId: "{PROJECT_ID}") {
projectId
parentProjectId
entityId
orgId
name
tags
projectMetricsGroup {
projectMetrics {
measureDate
vulnerabilityMetrics {
severityMetrics
__typename
}
assetMetrics {
assetCompositionMetrics
__typename
}
componentMetrics {
vulnerabilityMetrics
licenseCategoryMetrics
licenseFamilyMetrics
licenseNameMetrics
__typename
}
licenseMetrics {
licenseCategoryMetrics
licenseFamilyMetrics
licenseNameMetrics
__typename
}
supplyChainMetrics {
supplyChainMetrics
__typename
}
__typename
}
__typename
}
scans(first: 10) {
totalCount
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
edges {
node {
scanId
orgId
projectId
branch
tag
version
versionHash
created
status
errorMsg
log
otMetaData
scanAssets {
otCount
__typename
}
components {
totalCount
__typename
}
scanMetricsSummary(isComposite: true) {
componentCountMetrics {
totalCount
riskyLicenses
vulnerableComponents
__typename
}
vulnerabilityMetrics {
critical
high
medium
low
info
unassigned
__typename
}
componentVulnerabilityMetrics {
critical
high
medium
low
info
unassigned
__typename
}
licenseMetrics {
copyleftStrong
copyleftWeak
copyleftPartial
copyleftLimited
copyleft
custom
dual
permissive
proprietary
proprietaryFree
__typename
}
assetMetrics {
embedded
openSource
unique
__typename
}
__typename
}
__typename
}
__typename
}
__typename
}
__typename
}
}
"""
# Define the headers with the Bearer token for authentication
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer "+apikey,
}
# Define the payload to send with the request
payload = {
"query": query
}
# Make the request to the GraphQL endpoint
response = requests.post(url, json=payload, headers=headers)
# Check if the request was successful
if response.status_code == 200:
# Print the response data
print("Response data:", response.json())
else:
print(f"Request failed with status code {response.status_code}")
```
{% endtab %}
{% endtabs %}
## Components, Vulnerabilites & Licenses
Retrieve list of first 25 components, vulnerabilities and licenses for SecureCore project, in a single query. See below for individual queries.
{% tabs %}
{% tab title="Python" %}
```python
import requests
# Define the GraphQL endpoint URL
url = "https://app.threatrix.io/graphql"
apikey = "{THREATRIX_API_OR_SERVICE_KEY}" # Replace with your actual service key
# Example GraphQL query - adjust based on your needs
query = """
{
scan(scanId: "{PROJECT_ID}") {
scanId
vulnerabilities(isComposite: true, first: 25) {
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
totalCount
edges {
node {
components {
edges {
node {
group
name
version
componentId
componentType
componentDiscoveryMethod
workspaceRelativeFilePath
vulnLinkCorrect
__typename
}
__typename
}
__typename
}
vulnerabilityId
vulnerabilityAlias
source
recommendation
vulnerableVersions
patchedVersions
published
cwe {
cweId
name
__typename
}
cvssV2BaseScore
cvssV3BaseScore
severity
__typename
}
__typename
}
__typename
}
components(isComposite: true, first: 25) {
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
totalCount
edges {
node {
componentId
name
group
version
isInternal
componentType
componentLocation
componentDiscoveryMethod
dependencyManagerType
licenses {
edges {
node {
licenseId
name
category
spdxId
licenseDiscovery
__typename
}
__typename
}
__typename
}
vulnerabilities {
edges {
node {
vulnerabilityId
severity
patchedVersions
__typename
}
__typename
}
__typename
}
metrics {
critical
high
medium
low
unassigned
vulnerabilities
suppressed
findingsTotal
findingsAudited
findingsUnaudited
inheritedRiskScore
firstOccurrence
lastOccurrence
__typename
}
__typename
}
__typename
}
__typename
}
licenses(isComposite: true, first: 25) {
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
totalCount
edges {
node {
licenseId
spdxId
name
category
style
type
spdxId
publicationYear
isOsiApproved
isFsfLibre
licenseDiscovery
licenseOrigin
trustLevel
__typename
}
__typename
}
__typename
}
__typename
}
}
"""
# Define the headers with the Bearer token for authentication
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer "+apikey,
}
# Define the payload to send with the request
payload = {
"query": query
}
# Make the request to the GraphQL endpoint
response = requests.post(url, json=payload, headers=headers)
# Check if the request was successful
if response.status_code == 200:
# Print the response data
print("Response data:", response.json())
else:
print(f"Request failed with status code {response.status_code}")
```
{% endtab %}
{% endtabs %}
## Components
Retrieve list of first 25 components for SecureCore project.
{% tabs %}
{% tab title="Python" %}
```python
import requests
# Define the GraphQL endpoint URL
url = "https://app.threatrix.io/graphql"
apikey = "{THREATRIX_API_OR_SERVICE_KEY}" # Replace with your actual service key
# Example GraphQL query - adjust based on your needs
query = """
{
scan(scanId: "{PROJECT_ID}") {
scanId
components(isComposite: true, first: 25) {
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
totalCount
edges {
node {
componentId
name
group
version
isInternal
componentType
componentLocation
componentDiscoveryMethod
dependencyManagerType
licenses {
edges {
node {
licenseId
name
category
spdxId
licenseDiscovery
__typename
}
__typename
}
__typename
}
vulnerabilities {
edges {
node {
vulnerabilityId
severity
patchedVersions
__typename
}
__typename
}
__typename
}
metrics {
critical
high
medium
low
unassigned
vulnerabilities
suppressed
findingsTotal
findingsAudited
findingsUnaudited
inheritedRiskScore
firstOccurrence
lastOccurrence
__typename
}
__typename
}
__typename
}
__typename
}
__typename
}
}
"""
# Define the headers with the Bearer token for authentication
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer "+apikey,
}
# Define the payload to send with the request
payload = {
"query": query
}
# Make the request to the GraphQL endpoint
response = requests.post(url, json=payload, headers=headers)
# Check if the request was successful
if response.status_code == 200:
# Print the response data
print("Response data:", response.json())
else:
print(f"Request failed with status code {response.status_code}")
```
{% endtab %}
{% endtabs %}
## Vulnerabilities
Retrieve list of first 25 vulnerabilities for SecureCore project.
{% tabs %}
{% tab title="Python" %}
```python
import requests
# Define the GraphQL endpoint URL
url = "https://app.threatrix.io/graphql"
apikey = "{THREATRIX_API_OR_SERVICE_KEY}" # Replace with your actual service key
# Example GraphQL query - adjust based on your needs
query = """
{
scan(scanId: "{PROJECT_ID}") {
scanId
vulnerabilities(isComposite: true, first: 25) {
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
totalCount
edges {
node {
components {
edges {
node {
group
name
version
componentId
componentType
componentDiscoveryMethod
workspaceRelativeFilePath
vulnLinkCorrect
__typename
}
__typename
}
__typename
}
vulnerabilityId
vulnerabilityAlias
source
recommendation
vulnerableVersions
patchedVersions
published
cwe {
cweId
name
__typename
}
cvssV2BaseScore
cvssV3BaseScore
severity
__typename
}
__typename
}
__typename
}
__typename
}
}
"""
# Define the headers with the Bearer token for authentication
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer "+apikey,
}
# Define the payload to send with the request
payload = {
"query": query
}
# Make the request to the GraphQL endpoint
response = requests.post(url, json=payload, headers=headers)
# Check if the request was successful
if response.status_code == 200:
# Print the response data
print("Response data:", response.json())
else:
print(f"Request failed with status code {response.status_code}")
```
{% endtab %}
{% endtabs %}
## Licenses
Retrieve list of first 25 licenses for SecureCore project.
{% tabs %}
{% tab title="Python" %}
```python
import requests
# Define the GraphQL endpoint URL
url = "https://app.threatrix.io/graphql"
apikey = "{THREATRIX_API_OR_SERVICE_KEY}" # Replace with your actual service key
# Example GraphQL query - adjust based on your needs
query = """
{
scan(scanId: "{PROJECT_ID}") {
scanId
licenses(isComposite: true, first: 25) {
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
totalCount
edges {
node {
licenseId
spdxId
name
category
style
type
spdxId
publicationYear
isOsiApproved
isFsfLibre
licenseDiscovery
licenseOrigin
trustLevel
__typename
}
__typename
}
__typename
}
__typename
}
}
"""
# Define the headers with the Bearer token for authentication
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer "+apikey,
}
# Define the payload to send with the request
payload = {
"query": query
}
# Make the request to the GraphQL endpoint
response = requests.post(url, json=payload, headers=headers)
# Check if the request was successful
if response.status_code == 200:
# Print the response data
print("Response data:", response.json())
else:
print(f"Request failed with status code {response.status_code}")
```
{% endtab %}
{% endtabs %}
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://partner.threatrix.io/api-code-examples/securecore.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.