SecureCore
SecureCore Project (CodeCertify module) Meta Data
Retrieve SecureCore project with associated last 10 scans and meta data including component, vulnerability, license and asset metrics
import requests
# Define the GraphQL endpoint URL
url = "https://app.threatrix.io/graphql"
apikey = "{THREATRIX_API_OR_SERVICE_KEY}" # Replace with your actual service key
# Example GraphQL query - adjust based on your needs
query = """
{
project(projectId: "{PROJECT_ID}") {
projectId
parentProjectId
entityId
orgId
name
tags
projectMetricsGroup {
projectMetrics {
measureDate
vulnerabilityMetrics {
severityMetrics
__typename
}
assetMetrics {
assetCompositionMetrics
__typename
}
componentMetrics {
vulnerabilityMetrics
licenseCategoryMetrics
licenseFamilyMetrics
licenseNameMetrics
__typename
}
licenseMetrics {
licenseCategoryMetrics
licenseFamilyMetrics
licenseNameMetrics
__typename
}
supplyChainMetrics {
supplyChainMetrics
__typename
}
__typename
}
__typename
}
scans(first: 10) {
totalCount
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
edges {
node {
scanId
orgId
projectId
branch
tag
version
versionHash
created
status
errorMsg
log
otMetaData
scanAssets {
otCount
__typename
}
components {
totalCount
__typename
}
scanMetricsSummary(isComposite: true) {
componentCountMetrics {
totalCount
riskyLicenses
vulnerableComponents
__typename
}
vulnerabilityMetrics {
critical
high
medium
low
info
unassigned
__typename
}
componentVulnerabilityMetrics {
critical
high
medium
low
info
unassigned
__typename
}
licenseMetrics {
copyleftStrong
copyleftWeak
copyleftPartial
copyleftLimited
copyleft
custom
dual
permissive
proprietary
proprietaryFree
__typename
}
assetMetrics {
embedded
openSource
unique
__typename
}
__typename
}
__typename
}
__typename
}
__typename
}
__typename
}
}
"""
# Define the headers with the Bearer token for authentication
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer "+apikey,
}
# Define the payload to send with the request
payload = {
"query": query
}
# Make the request to the GraphQL endpoint
response = requests.post(url, json=payload, headers=headers)
# Check if the request was successful
if response.status_code == 200:
# Print the response data
print("Response data:", response.json())
else:
print(f"Request failed with status code {response.status_code}")
Components, Vulnerabilites & Licenses
Retrieve list of first 25 components, vulnerabilities and licenses for SecureCore project, in a single query. See below for individual queries.
import requests
# Define the GraphQL endpoint URL
url = "https://app.threatrix.io/graphql"
apikey = "{THREATRIX_API_OR_SERVICE_KEY}" # Replace with your actual service key
# Example GraphQL query - adjust based on your needs
query = """
{
scan(scanId: "{PROJECT_ID}") {
scanId
vulnerabilities(isComposite: true, first: 25) {
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
totalCount
edges {
node {
components {
edges {
node {
group
name
version
componentId
componentType
componentDiscoveryMethod
workspaceRelativeFilePath
vulnLinkCorrect
__typename
}
__typename
}
__typename
}
vulnerabilityId
vulnerabilityAlias
source
recommendation
vulnerableVersions
patchedVersions
published
cwe {
cweId
name
__typename
}
cvssV2BaseScore
cvssV3BaseScore
severity
__typename
}
__typename
}
__typename
}
components(isComposite: true, first: 25) {
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
totalCount
edges {
node {
componentId
name
group
version
isInternal
componentType
componentLocation
componentDiscoveryMethod
dependencyManagerType
licenses {
edges {
node {
licenseId
name
category
spdxId
licenseDiscovery
__typename
}
__typename
}
__typename
}
vulnerabilities {
edges {
node {
vulnerabilityId
severity
patchedVersions
__typename
}
__typename
}
__typename
}
metrics {
critical
high
medium
low
unassigned
vulnerabilities
suppressed
findingsTotal
findingsAudited
findingsUnaudited
inheritedRiskScore
firstOccurrence
lastOccurrence
__typename
}
__typename
}
__typename
}
__typename
}
licenses(isComposite: true, first: 25) {
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
totalCount
edges {
node {
licenseId
spdxId
name
category
style
type
spdxId
publicationYear
isOsiApproved
isFsfLibre
licenseDiscovery
licenseOrigin
trustLevel
__typename
}
__typename
}
__typename
}
__typename
}
}
"""
# Define the headers with the Bearer token for authentication
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer "+apikey,
}
# Define the payload to send with the request
payload = {
"query": query
}
# Make the request to the GraphQL endpoint
response = requests.post(url, json=payload, headers=headers)
# Check if the request was successful
if response.status_code == 200:
# Print the response data
print("Response data:", response.json())
else:
print(f"Request failed with status code {response.status_code}")
Components
Retrieve list of first 25 components for SecureCore project.
import requests
# Define the GraphQL endpoint URL
url = "https://app.threatrix.io/graphql"
apikey = "{THREATRIX_API_OR_SERVICE_KEY}" # Replace with your actual service key
# Example GraphQL query - adjust based on your needs
query = """
{
scan(scanId: "{PROJECT_ID}") {
scanId
components(isComposite: true, first: 25) {
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
totalCount
edges {
node {
componentId
name
group
version
isInternal
componentType
componentLocation
componentDiscoveryMethod
dependencyManagerType
licenses {
edges {
node {
licenseId
name
category
spdxId
licenseDiscovery
__typename
}
__typename
}
__typename
}
vulnerabilities {
edges {
node {
vulnerabilityId
severity
patchedVersions
__typename
}
__typename
}
__typename
}
metrics {
critical
high
medium
low
unassigned
vulnerabilities
suppressed
findingsTotal
findingsAudited
findingsUnaudited
inheritedRiskScore
firstOccurrence
lastOccurrence
__typename
}
__typename
}
__typename
}
__typename
}
__typename
}
}
"""
# Define the headers with the Bearer token for authentication
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer "+apikey,
}
# Define the payload to send with the request
payload = {
"query": query
}
# Make the request to the GraphQL endpoint
response = requests.post(url, json=payload, headers=headers)
# Check if the request was successful
if response.status_code == 200:
# Print the response data
print("Response data:", response.json())
else:
print(f"Request failed with status code {response.status_code}")
Vulnerabilities
Retrieve list of first 25 vulnerabilities for SecureCore project.
import requests
# Define the GraphQL endpoint URL
url = "https://app.threatrix.io/graphql"
apikey = "{THREATRIX_API_OR_SERVICE_KEY}" # Replace with your actual service key
# Example GraphQL query - adjust based on your needs
query = """
{
scan(scanId: "{PROJECT_ID}") {
scanId
vulnerabilities(isComposite: true, first: 25) {
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
totalCount
edges {
node {
components {
edges {
node {
group
name
version
componentId
componentType
componentDiscoveryMethod
workspaceRelativeFilePath
vulnLinkCorrect
__typename
}
__typename
}
__typename
}
vulnerabilityId
vulnerabilityAlias
source
recommendation
vulnerableVersions
patchedVersions
published
cwe {
cweId
name
__typename
}
cvssV2BaseScore
cvssV3BaseScore
severity
__typename
}
__typename
}
__typename
}
__typename
}
}
"""
# Define the headers with the Bearer token for authentication
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer "+apikey,
}
# Define the payload to send with the request
payload = {
"query": query
}
# Make the request to the GraphQL endpoint
response = requests.post(url, json=payload, headers=headers)
# Check if the request was successful
if response.status_code == 200:
# Print the response data
print("Response data:", response.json())
else:
print(f"Request failed with status code {response.status_code}")
Licenses
Retrieve list of first 25 licenses for SecureCore project.
import requests
# Define the GraphQL endpoint URL
url = "https://app.threatrix.io/graphql"
apikey = "{THREATRIX_API_OR_SERVICE_KEY}" # Replace with your actual service key
# Example GraphQL query - adjust based on your needs
query = """
{
scan(scanId: "{PROJECT_ID}") {
scanId
licenses(isComposite: true, first: 25) {
pageInfo {
hasNextPage
hasPreviousPage
startCursor
endCursor
__typename
}
totalCount
edges {
node {
licenseId
spdxId
name
category
style
type
spdxId
publicationYear
isOsiApproved
isFsfLibre
licenseDiscovery
licenseOrigin
trustLevel
__typename
}
__typename
}
__typename
}
__typename
}
}
"""
# Define the headers with the Bearer token for authentication
headers = {
"Content-Type": "application/json",
"Authorization": "Bearer "+apikey,
}
# Define the payload to send with the request
payload = {
"query": query
}
# Make the request to the GraphQL endpoint
response = requests.post(url, json=payload, headers=headers)
# Check if the request was successful
if response.status_code == 200:
# Print the response data
print("Response data:", response.json())
else:
print(f"Request failed with status code {response.status_code}")
Last updated