openapi: 3.1.0 info: title: ZeroPath API version: 1.0.0 description: Public API for ZeroPath servers: - url: https://zeropath.com description: Production server x-fern-server-name: Production - url: https://dev.branch.zeropath.com description: Development server x-fern-server-name: Development tags: - name: Organizations description: Operations related to organizations - name: Stats description: Operations related to stats - name: Repositories description: Operations related to repositories - name: Installations description: Operations related to installations - name: Issues description: Operations related to issues - name: SCA description: Software Composition Analysis - name: Scans description: Operations related to scans - name: Rules description: Operations related to custom security rules - name: Referrals description: Operations related to referrals paths: /api/v1/orgs/list: post: summary: List organizations tags: - Organizations requestBody: content: application/json: schema: $ref: "#/components/schemas/ListOrganizationsInput" responses: "200": description: Successful response content: application/json: schema: type: array items: $ref: "#/components/schemas/Organization" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/orgs/create: post: summary: Create an organization tags: - Organizations requestBody: content: application/json: schema: $ref: "#/components/schemas/CreateOrganizationInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/CreateOrganizationResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/orgs/invite: post: summary: Invite a user to an organization tags: - Organizations requestBody: content: application/json: schema: $ref: "#/components/schemas/InviteUserInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/InviteUserResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/orgs/delete: post: summary: Delete an organization tags: - Organizations requestBody: content: application/json: schema: $ref: "#/components/schemas/DeleteOrganizationInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/list: post: summary: Get repositories tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/ListRepositoriesInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/RepositoryList" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/add-github: post: summary: Add a GitHub repository to zeropath tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/AddGitHubRepoInput" responses: "200": description: Successful response content: application/json: schema: type: array items: type: object properties: id: type: string required: - id "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/add-gitlab: post: summary: Add a GitLab repository to zeropath tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/AddGitLabRepoInput" responses: "200": description: Successful response content: application/json: schema: type: array items: type: object properties: id: type: string required: - id "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/add-bitbucket: post: summary: Add a BitBucket repository to zeropath tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/AddBitBucketRepoInput" responses: "200": description: Successful response content: application/json: schema: type: array items: type: object properties: id: type: string required: - id "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/add-github-pat: post: summary: Link GitHub repository with Personal Access Token tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/AddGitHubPatInput" responses: "200": $ref: "#/components/responses/IdResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/create-standalone: post: summary: Create standalone repository tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/CreateStandaloneRepositoryInput" responses: "200": $ref: "#/components/responses/IdResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/delete: post: summary: Delete repository tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/DeleteRepositoryInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/set-scan-branch: post: summary: Set scan branch tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/SetScanBranchInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/set-pr-scanning: post: summary: Set PR scanning enabled tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/SetPrScanningInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/set-pr-scan-issue-summary: post: summary: Set PR scan issue summary enabled tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/SetPrScanIssueSummaryInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/set-pr-scan-clean-summary: post: summary: Set PR scan clean summary enabled tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/SetPrScanCleanSummaryInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/set-pr-scan-summaries-enabled: post: summary: Set PR scan issue and clean summaries together description: Atomically enables or disables both PR issue-summary comments and clean-scan summary comments for a repository tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/SetPrScanSummariesEnabledInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/set-max-pr-timeout: post: summary: Set max PR timeout minutes tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/SetMaxPrTimeoutMinutesInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/reset-scanner-settings: post: summary: Reset scanner settings description: Delete custom scanner settings for the provided repositories tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/ResetRepositorySettingsInput" responses: "200": description: Scanner settings reset content: application/json: schema: $ref: "#/components/schemas/ResetRepositorySettingsResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "404": $ref: "#/components/responses/NotFound" /api/v1/repositories/branches: post: summary: Get repository branches description: Fetches available branches for a linked repository. Supports GitHub, GitLab, Bitbucket, and Generic Git (best-effort). tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/GetRepositoryBranchesInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/RepositoryBranches" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/set-show-check-status: post: summary: Set check status visibility tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/SetShowCheckStatusInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/set-pr-branch-format: post: summary: Set PR branch format tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/SetPrBranchFormatInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/set-pr-commit-message-format: post: summary: Set PR commit message format tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/SetPrCommitMessageFormatInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/set-pr-title-template: post: summary: Set PR title template tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/SetPrTitleTemplateInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/set-pr-description-template: post: summary: Set PR description template tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/SetPrDescriptionTemplateInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/repositories/resolve-by-url: post: summary: Resolve repository by URL description: Given a repository URL and VCS, returns the matching repository and provider object IDs tags: - Repositories requestBody: content: application/json: schema: $ref: "#/components/schemas/ResolveRepositoryByUrlInput" responses: "200": description: Repository resolved content: application/json: schema: $ref: "#/components/schemas/ResolveRepositoryByUrlResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "404": $ref: "#/components/responses/NotFound" /api/v1/installations/repositories: post: summary: Get installation repositories tags: - Installations requestBody: content: application/json: schema: type: object properties: organizationId: type: string appId: type: string required: [] responses: "200": description: Successful response content: application/json: schema: type: array items: $ref: "#/components/schemas/InstallationRepository" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/installations/create-gitlab-installation: post: summary: Create GitLab installation tags: - Installations requestBody: content: application/json: schema: $ref: "#/components/schemas/AddGitLabInstallationInput" responses: "200": $ref: "#/components/responses/IdResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/installations/update-gitlab-installation: post: summary: Update GitLab installation tags: - Installations requestBody: content: application/json: schema: $ref: "#/components/schemas/UpdateGitLabInstallationInput" responses: "200": $ref: "#/components/responses/IdResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/installations/create-github-installation: post: summary: Create GitHub app installation tags: - Installations requestBody: content: application/json: schema: $ref: "#/components/schemas/CreateGitHubAppInstallationInput" responses: "200": $ref: "#/components/responses/IdResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/installations/create-bitbucket-token-installation: post: summary: Create Bitbucket Workspace Access Token Installation tags: - Installations requestBody: content: application/json: schema: $ref: "#/components/schemas/CreateBitbucketTokenInstallationInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/installations/create-bitbucket-oauth-installation: post: summary: Create Bitbucket OAuth Installation (MSP) tags: - Installations requestBody: content: application/json: schema: $ref: "#/components/schemas/CreateBitbucketOAuthInstallationInput" responses: "200": $ref: "#/components/responses/IdResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/stats/securityPosture: post: summary: Get security posture tags: - Stats requestBody: content: application/json: schema: type: object properties: organizationId: type: string projectId: type: string startDate: type: string format: date endDate: type: string format: date timeGranularity: type: string enum: - day - week - month severities: type: array items: type: string enum: - critical - high - medium - low - info vulnClasses: type: array items: type: string responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/SecurityPostureResponse" /api/v1/stats/timeSaved: post: summary: Get time saved tags: - Stats requestBody: content: application/json: schema: type: object properties: organizationId: type: string projectId: type: string startDate: type: string format: date endDate: type: string format: date responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/TimeSavedResponse" /api/v1/stats/issuesBySeverity: post: summary: Get issues by severity tags: - Stats requestBody: content: application/json: schema: type: object properties: organizationId: type: string projectId: type: string startDate: type: string format: date endDate: type: string format: date severities: type: array items: type: string enum: - critical - high - medium - low - info vulnClasses: type: array items: type: string responses: "200": description: Successful response content: application/json: schema: type: object properties: severityCounts: $ref: "#/components/schemas/IssuesByScore" total: type: number /api/v1/stats/issuesByRepository: post: summary: Get issues by repository tags: - Stats requestBody: content: application/json: schema: type: object properties: organizationId: type: string projectId: type: string startDate: type: string format: date endDate: type: string format: date severities: type: array items: type: string enum: - critical - high - medium - low - info vulnClasses: type: array items: type: string responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/IssuesByRepositoryResponse" /api/v1/stats/issuesByAuthor: post: summary: Get issues by PR author tags: - Stats requestBody: content: application/json: schema: type: object properties: organizationId: type: string projectId: type: string startDate: type: string format: date endDate: type: string format: date severities: type: array items: type: string enum: - critical - high - medium - low - info vulnClasses: type: array items: type: string responses: "200": description: Successful response content: application/json: schema: type: array items: type: object properties: prAuthor: type: string critical: type: number high: type: number medium: type: number low: type: number info: type: number /api/v1/stats/issuesByVulnClass: post: summary: Get issues by vulnerability class tags: - Stats requestBody: content: application/json: schema: type: object properties: organizationId: type: string projectId: type: string startDate: type: string format: date endDate: type: string format: date severities: type: array items: type: string enum: - critical - high - medium - low - info vulnClasses: type: array items: type: string responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/IssuesByVulnClassResponse" /api/v1/stats/topIssues: post: summary: Get top critical issues tags: - Stats requestBody: content: application/json: schema: type: object properties: organizationId: type: string projectId: type: string startDate: type: string format: date endDate: type: string format: date type: type: string enum: - open - patched severities: type: array items: type: string enum: - critical - high - medium - low - info vulnClasses: type: array items: type: string responses: "200": description: Successful response content: application/json: schema: type: array items: type: object properties: id: type: string title: type: string vulnClass: type: string score: type: number cwes: type: array items: type: string status: type: string enum: - open - patched /api/v1/stats/summary: post: summary: Get summary statistics tags: - Stats requestBody: content: application/json: schema: type: object properties: organizationId: type: string repositoryId: type: string scanId: type: string responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/SummaryResponse" /api/v1/issues/search: post: summary: Search issues description: >- Search for security issues across your repositories. You can filter by various criteria including custom rule ID. To find all issues detected by a specific custom rule, include the `ruleId` parameter in your request. tags: - Issues requestBody: content: application/json: schema: $ref: "#/components/schemas/ListIssuesInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/IssueListResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/issues/get: post: summary: Get issue tags: - Issues requestBody: content: application/json: schema: $ref: "#/components/schemas/GetIssueInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/Issue" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/issues/archive: post: summary: Archive issue tags: - Issues requestBody: content: application/json: schema: $ref: "#/components/schemas/ArchiveIssueInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/issues/mark-true-positive: post: summary: Mark issue as true positive tags: - Issues requestBody: content: application/json: schema: $ref: "#/components/schemas/MarkAsTruePositiveInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/issues/mark-false-positive: post: summary: Mark issue as false positive tags: - Issues requestBody: content: application/json: schema: $ref: "#/components/schemas/MarkAsFalsePositiveInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/issues/generate-patch: post: summary: Generate patch tags: - Issues requestBody: content: application/json: schema: $ref: "#/components/schemas/GeneratePatchInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/issues/approve-patch: post: summary: Approve patch tags: - Issues requestBody: content: application/json: schema: $ref: "#/components/schemas/ApprovePatchInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/issues/update-severity: post: summary: Update issue severity tags: - Issues requestBody: content: application/json: schema: $ref: "#/components/schemas/UpdateSeverityInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/issues/unarchive: post: summary: Unarchive issue tags: - Issues requestBody: content: application/json: schema: $ref: "#/components/schemas/UnarchiveIssueInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/issues/resolve: post: summary: Resolve issue tags: - Issues requestBody: content: application/json: schema: $ref: "#/components/schemas/ResolveIssueInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/issues/unresolve: post: summary: Unresolve issue tags: - Issues requestBody: content: application/json: schema: $ref: "#/components/schemas/UnresolveIssueInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/issues/delete: post: summary: Delete issue tags: - Issues requestBody: content: application/json: schema: $ref: "#/components/schemas/DeleteIssueInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/sca/licenses/search: post: summary: List SCA licenses description: List licenses grouped with their packages for the user's repositories. tags: - SCA requestBody: content: application/json: schema: $ref: "#/components/schemas/ListScaLicensesInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/ScaLicenseListResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/sca/alerts/facets: post: summary: List SCA alert facet options description: Retrieve lists of facet options for alerts, currently languages. tags: - SCA requestBody: content: application/json: schema: $ref: "#/components/schemas/ListScaAlertFacetOptionsInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/ScaAlertFacetOptions" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/sca/alerts/search: post: summary: List SCA alerts description: List consolidated SCA alerts with filters for language, severity, and reachability. tags: - SCA requestBody: content: application/json: schema: $ref: "#/components/schemas/ListScaAlertsInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/ScaAlertListResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/sca/vulnerabilities/search: post: summary: List SCA vulnerabilities description: Search and paginate SCA package vulnerabilities derived from inventory and metadata. tags: - SCA requestBody: content: application/json: schema: $ref: "#/components/schemas/ListScaVulnerabilitiesInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/ScaVulnerabilityListResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/sca/facets: post: summary: List SCA facet options description: Retrieve global lists of dependencies and advisories for filter UIs. tags: - SCA requestBody: content: application/json: schema: $ref: "#/components/schemas/ListScaFacetOptionsInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/ScaFacetOptions" /api/v1/sca/vulnerabilities/get: post: summary: Get SCA vulnerability tags: - SCA requestBody: content: application/json: schema: $ref: "#/components/schemas/GetScaVulnerabilityInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/ScaVulnerability" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/sca/packages/get: post: summary: Get SCA package tags: - SCA requestBody: content: application/json: schema: $ref: "#/components/schemas/GetScaPackageInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/ScaPackage" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/sca/repositories/search: post: summary: List SCA repositories with dependency inventory description: Fetch repositories along with aggregated dependency inventory data. tags: - SCA requestBody: content: application/json: schema: $ref: "#/components/schemas/ListScaRepositoryInventoryInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/ScaRepositoryInventoryResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/sca/manifests/search: post: summary: List manifests for a repository description: Fetch manifests associated with a repository scan along with dependency counts. tags: - SCA requestBody: content: application/json: schema: $ref: "#/components/schemas/ListScaManifestsForRepositoryInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/ScaRepositoryManifestListResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/sca/manifests/packages/search: post: summary: List packages for an SCA manifest description: Retrieve deduplicated dependency records for a specific manifest. tags: - SCA requestBody: content: application/json: schema: $ref: "#/components/schemas/ListScaManifestPackagesInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/ScaManifestPackageListResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/scans/start: post: summary: Start a new scan tags: - Scans requestBody: content: application/json: schema: $ref: "#/components/schemas/StartScanInput" responses: "200": description: Scan started successfully content: application/json: schema: $ref: "#/components/schemas/StartScanResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/scans/list: post: summary: List scans tags: - Scans requestBody: content: application/json: schema: $ref: "#/components/schemas/ListScansInput" responses: "200": description: List of scans content: application/json: schema: type: object properties: codeScans: type: array items: $ref: "#/components/schemas/ScanItem" totalCount: type: number "401": $ref: "#/components/responses/Unauthorized" /api/v1/scans/upsert-schedule: post: summary: Upsert scan schedule tags: - Scans requestBody: content: application/json: schema: $ref: "#/components/schemas/UpsertScheduleInput" responses: "200": $ref: "#/components/responses/OkResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v1/scans/get-schedule: post: summary: Get scan schedules tags: - Scans requestBody: content: application/json: schema: $ref: "#/components/schemas/GetSchedulesInput" responses: "200": description: Scan schedule content: application/json: schema: $ref: "#/components/schemas/ScanScheduleResponse" "401": $ref: "#/components/responses/Unauthorized" /api/v1/scans/scan-standalone-repo: post: summary: Scan standalone repository tags: - Scans requestBody: content: application/json: schema: $ref: "#/components/schemas/ScanStandaloneRepoInput" responses: "200": description: Scan started successfully content: application/json: schema: $ref: "#/components/schemas/ScanStandaloneRepoResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v2/rules/create: post: summary: Create custom rule description: Create a new natural language security rule that will be applied during scans tags: - Rules requestBody: content: application/json: schema: $ref: "#/components/schemas/CreateRuleInput" responses: "200": description: Rule created successfully content: application/json: schema: $ref: "#/components/schemas/Rule" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v2/rules/update: post: summary: Update custom rule description: Update an existing natural language security rule tags: - Rules requestBody: content: application/json: schema: $ref: "#/components/schemas/UpdateRuleInput" responses: "200": description: Rule updated successfully content: application/json: schema: $ref: "#/components/schemas/Rule" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "404": $ref: "#/components/responses/BadRequest" /api/v2/rules/list: post: summary: List custom rules description: List all custom rules for the organization, optionally filtered by repository tags: - Rules requestBody: content: application/json: schema: $ref: "#/components/schemas/ListRulesInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/RuleListResponse" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" /api/v2/rules/get: post: summary: Get custom rule description: Get details of a specific custom rule including associated repositories tags: - Rules requestBody: content: application/json: schema: $ref: "#/components/schemas/GetRuleInput" responses: "200": description: Successful response content: application/json: schema: $ref: "#/components/schemas/RuleWithRepositories" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "404": $ref: "#/components/responses/BadRequest" /api/v2/rules/delete: post: summary: Delete custom rule description: Delete a custom rule tags: - Rules requestBody: content: application/json: schema: $ref: "#/components/schemas/DeleteRuleInput" responses: "200": description: Successful response content: application/json: schema: type: object properties: success: type: boolean "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "404": $ref: "#/components/responses/BadRequest" /api/v1/referral/create: post: tags: - Referrals summary: Create a new referral description: Submit a referral for a demo. This is an unauthenticated endpoint. operationId: createReferral requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/CreateReferralRequest" responses: "200": description: Referral created successfully content: application/json: schema: $ref: "#/components/schemas/CreateReferralResponse" "400": $ref: "#/components/responses/BadRequest" "500": description: Internal server error content: application/json: schema: type: object properties: error: type: string components: schemas: Organization: type: object properties: id: type: string name: type: string role: type: string CreateOrganizationInput: type: object required: - name properties: name: type: string domain: type: string DeleteOrganizationInput: type: object required: - organizationId properties: organizationId: type: string InviteUserInput: type: object required: - organizationId - email properties: organizationId: type: string email: type: string format: email CreateOrganizationResponse: type: object properties: organizationId: type: string InviteUserResponse: type: object properties: success: type: boolean ListOrganizationsInput: type: object properties: searchQuery: type: string AddGitLabInstallationInput: type: object properties: token: type: string url: type: string organizationId: type: string groupName: type: string projectName: type: string required: - token - url CreateGitHubAppInstallationInput: type: object properties: externalGithubAppInstallationId: type: string externalGithubAppId: type: string organizationId: type: string required: - externalGithubAppInstallationId - externalGithubAppId - organizationId ListRepositoriesInput: type: object properties: organizationId: type: string appId: type: string getCounts: type: boolean default: true AddGitHubPatInput: type: object properties: organizationId: type: string repositoryUrl: type: string accessToken: type: string required: - repositoryUrl - accessToken CreateStandaloneRepositoryInput: type: object properties: organizationId: type: string repositoryName: type: string isEphemeral: type: boolean required: - repositoryName DeleteRepositoryInput: type: object properties: organizationId: type: string repositoryId: type: string required: - repositoryId SetScanBranchInput: type: object properties: organizationId: type: string repositoryId: type: string scanBranch: type: string required: - repositoryId - scanBranch SetPrScanningInput: type: object properties: organizationId: type: string repositoryId: type: string isPrScanningEnabled: type: boolean required: - repositoryId - isPrScanningEnabled SetPrScanIssueSummaryInput: type: object properties: organizationId: type: string repositoryId: type: string isPrScanIssueSummaryEnabled: type: boolean required: - repositoryId - isPrScanIssueSummaryEnabled SetPrScanCleanSummaryInput: type: object properties: organizationId: type: string repositoryId: type: string isPrScanCleanSummaryEnabled: type: boolean required: - repositoryId - isPrScanCleanSummaryEnabled SetPrScanSummariesEnabledInput: type: object properties: organizationId: type: string repositoryId: type: string prScanSummariesEnabled: type: boolean description: When true, both issue-found and clean-scan PR summary comments are enabled; when false, both are disabled (single atomic update) required: - repositoryId - prScanSummariesEnabled SetShowCheckStatusInput: type: object properties: organizationId: type: string repositoryId: type: string postVcsCheckStatus: type: boolean required: - repositoryId - postVcsCheckStatus SetPrBranchFormatInput: type: object properties: organizationId: type: string repositoryId: type: string prBranchFormat: type: string required: - repositoryId - prBranchFormat SetPrCommitMessageFormatInput: type: object properties: organizationId: type: string repositoryId: type: string prCommitMessageFormat: type: string required: - repositoryId - prCommitMessageFormat SetPrTitleTemplateInput: type: object properties: organizationId: type: string repositoryId: type: string prTitleTemplate: type: string required: - repositoryId - prTitleTemplate SetPrDescriptionTemplateInput: type: object properties: organizationId: type: string repositoryId: type: string prDescriptionTemplate: type: string required: - repositoryId - prDescriptionTemplate SetMaxPrTimeoutMinutesInput: type: object properties: organizationId: type: string repositoryId: type: string maxPrTimeoutMinutes: type: number required: - repositoryId - maxPrTimeoutMinutes ResetRepositorySettingsInput: type: object properties: organizationId: type: string repositoryIds: type: array items: type: string minItems: 1 required: - repositoryIds ResetRepositorySettingsResponse: type: object properties: ok: type: boolean deletedCount: type: number required: - ok - deletedCount ResolveRepositoryByUrlInput: type: object properties: organizationId: type: string repositoryUrl: type: string vcs: type: string enum: - github - gitlab - bitbucket - generic required: - repositoryUrl - vcs ResolveRepositoryByUrlResponse: type: object properties: repositoryId: type: string vcsObjectId: type: string externalId: type: string vcs: type: string enum: - github - gitlab - bitbucket - generic repositoryUrl: type: string required: - repositoryId - vcsObjectId - vcs - repositoryUrl GetRepositoryBranchesInput: type: object properties: organizationId: type: string repositoryId: type: string externalGithubRepositoryId: type: string search: type: string page: type: integer minimum: 1 oneOf: - required: - repositoryId - required: - externalGithubRepositoryId AddGitHubRepoInput: type: object properties: organizationId: type: string allowNonOrgInstallations: type: boolean repos: type: array items: type: object properties: githubAppInstallationId: type: string repositoryUrl: type: string repositoryName: type: string defaultBranch: type: string externalGithubRepositoryId: type: string required: - githubAppInstallationId - repositoryUrl - repositoryName - defaultBranch - externalGithubRepositoryId required: - repos AddGitLabRepoInput: type: object properties: organizationId: type: string repos: type: array items: type: object properties: gitlabInstallationId: type: string repositoryUrl: type: string repositoryName: type: string defaultBranch: type: string webhookSigningSecret: type: string externalGitlabProjectId: type: string required: - gitlabInstallationId - repositoryUrl - repositoryName - defaultBranch - webhookSigningSecret - externalGitlabProjectId required: - repos AddBitBucketRepoInput: type: object properties: organizationId: type: string repos: type: array items: type: object properties: gitAuthorEmail: type: string repositoryUrl: type: string repositoryName: type: string defaultBranch: type: string webhookSigningSecret: type: string required: - gitAuthorEmail - repositoryUrl - repositoryName - defaultBranch - webhookSigningSecret required: - repos RepositoryList: type: array items: $ref: "#/components/schemas/Repository" Repository: type: object properties: issueCounts: $ref: "#/components/schemas/IssuesByType" id: type: string projectId: type: string name: type: string url: type: string repositoryUrl: type: string fullScanAutoPatching: type: boolean defaultScanTargetBranch: type: string isPrScanningEnabled: type: boolean isPrScanIssueSummaryEnabled: type: boolean isPrScanCleanSummaryEnabled: type: boolean prBranchFormat: type: - string - "null" prCommitMessageFormat: type: - string - "null" prTitleTemplate: type: - string - "null" prDescriptionTemplate: type: - string - "null" includeVulnDetailsInPrComment: type: boolean isInlinePrReviewsEnabled: type: boolean postVcsCheckStatus: type: boolean fullScanPrGenerationThreshold: type: number fullScanPatchThreshold: type: number prCheckFailureThreshold: type: number enabledSourceTypes: type: array items: type: string githubRepository: type: object properties: id: type: string externalGithubRepositoryId: type: string githubAppInstallationId: type: string gitlabRepository: type: object properties: id: type: string gitlabInstallationId: type: string bitbucket: type: object properties: repositoryUrl: type: string linkActive: type: boolean genericGit: type: object properties: repositoryUrl: type: string linkActive: type: boolean required: - id - projectId - name - url - defaultScanTargetBranch - isPrScanningEnabled - includeVulnDetailsInPrComment - isInlinePrReviewsEnabled - isPrScanIssueSummaryEnabled - isPrScanCleanSummaryEnabled - postVcsCheckStatus RepositoryAnalysis: type: object properties: id: type: string description: type: string blacklistedScanDirectories: type: array items: type: string RepositoryBranches: type: object properties: defaultBranch: type: string branches: type: array items: type: string hasMore: type: boolean required: - defaultBranch - branches - hasMore UpdateGitLabInstallationInput: type: object properties: token: type: string url: type: string organizationId: type: string groupName: type: string projectName: type: string required: - token - url CreateBitbucketTokenInstallationInput: type: object properties: accessToken: type: string workspace: type: string organizationId: type: string customDomain: type: string required: - accessToken - workspace - organizationId CreateBitbucketOAuthInstallationInput: type: object properties: accessToken: type: string refreshToken: type: string workspace: type: string organizationId: type: string bitbucketAppId: type: string required: - accessToken - workspace - organizationId - bitbucketAppId InstallationRepository: type: object properties: id: type: string repositoryUrl: type: string repositoryName: type: string defaultBranch: type: string github: type: object properties: githubAppInstallationId: type: string externalGithubRepositoryId: type: string externalGithubAppInstallationId: type: string required: - githubAppInstallationId - externalGithubRepositoryId - externalGithubAppInstallationId gitlab: type: object properties: gitlabInstallationId: type: string externalGitlabProjectId: type: string required: - gitlabInstallationId - externalGitlabProjectId bitbucket: type: object properties: bitbucketInstallationId: type: string externalBitbucketRepositoryId: type: string required: - bitbucketInstallationId - externalBitbucketRepositoryId required: - id - repositoryUrl - repositoryName GitHubRepository: type: object properties: id: type: string repositoryUrl: type: string repositoryName: type: string defaultBranch: type: string githubAppInstallationId: type: string externalGithubRepositoryId: type: string externalGithubAppInstallationId: type: string required: - id - repositoryUrl - repositoryName GitLabRepository: type: object properties: id: type: string repositoryUrl: type: string repositoryName: type: string defaultBranch: type: string gitlabInstallationId: type: string externalGitlabProjectId: type: string required: - id - repositoryUrl - repositoryName ScansSummary: type: object properties: fullScans: type: number prScans: type: number runningScans: type: number failedScans: type: number IssuesBySeverity: type: object properties: critical: type: number high: type: number medium: type: number low: type: number IssuesByType: type: object properties: open: type: number patched: type: number falsePositive: type: number archived: type: number SecurityPostureResponse: type: object properties: summary: type: object properties: overallRiskScore: type: number riskTrend: type: string enum: - improving - worsening - stable totalOpenIssues: type: number criticalIssues: type: number highIssues: type: number mediumIssues: type: number lowIssues: type: number vulnerabilityDensity: type: number repositoriesAtRisk: type: number totalRepositories: type: number meanRemediationTime: type: number averagePrScanTime: type: number exposure: type: object properties: meanCriticalExposure: type: number meanHighExposure: type: number meanMediumExposure: type: number meanLowExposure: type: number meanInfoExposure: type: number oldestCriticalAge: type: number oldestHighAge: type: number oldestMediumAge: type: number oldestLowAge: type: number oldestInfoAge: type: number trends: type: array items: type: object properties: date: type: string format: date openIssues: type: number newIssues: type: number resolvedIssues: type: number riskScore: type: number criticalIssues: type: number meanRemediationTime: type: number exposure: type: object properties: meanCriticalExposure: type: number meanHighExposure: type: number meanMediumExposure: type: number meanLowExposure: type: number meanInfoExposure: type: number oldestCriticalAge: type: number oldestHighAge: type: number oldestMediumAge: type: number oldestLowAge: type: number oldestInfoAge: type: number topRiskFactors: type: array items: type: object properties: vulnClass: type: string count: type: number repositoryRiskScores: type: array items: type: object properties: id: type: string name: type: string riskScore: type: number openIssues: type: number criticalIssues: type: number highIssues: type: number mediumIssues: type: number lowIssues: type: number infoIssues: type: number TimeSavedResponse: type: object properties: totalMinutesSaved: type: number patchingMinutesSaved: type: number validationMinutesSaved: type: number counts: type: object properties: totalPatches: type: number totalSources: type: number totalSinks: type: number totalScenarios: type: number timeSaved: type: object properties: logicMinutesSaved: type: number sinkMinutesSaved: type: number natLangMinutesSaved: type: number patchMinutesSaved: type: number totalMinutesSaved: type: number IssuesByRepositoryResponse: type: array items: type: object properties: id: type: string name: type: string critical: type: number high: type: number medium: type: number low: type: number info: type: number IssuesByVulnClassResponse: type: array items: type: object properties: type: type: string count: type: number IssuesByScore: type: object properties: critical: type: number high: type: number medium: type: number low: type: number info: type: number SummaryResponse: type: object properties: scans: $ref: "#/components/schemas/ScansSummary" issues: $ref: "#/components/schemas/IssuesByType" issuesByScore: $ref: "#/components/schemas/IssuesByScore" ListIssuesInput: type: object properties: organizationId: type: string page: type: integer minimum: 1 default: 1 pageSize: type: integer minimum: 1 default: 10 searchQuery: type: string severities: type: object properties: min: type: integer minimum: 0 maximum: 10 max: type: integer minimum: 0 maximum: 10 required: - min - max scores: type: object description: Filter by score range (severity × confidence). Applied additively with other filters. properties: min: type: integer minimum: 0 maximum: 100 description: Minimum score (inclusive) max: type: integer minimum: 0 maximum: 100 description: Maximum score (inclusive) required: - min - max sortBy: type: string enum: - createdAt - severity - score - title - class - file - detected - patch default: score sortOrder: type: string enum: - asc - desc default: desc languages: type: array items: type: string vulnerabilityClasses: type: array items: type: string repositoryIds: type: array items: type: string projectId: type: string scanId: type: string codeScanTypes: type: array items: type: string enum: - FullScan - PrScan default: - FullScan types: type: array items: type: string enum: - open - patched - falsePositive - notExploitable - archived - closed - silenced default: - open status: type: array items: type: string enum: - PENDING_REVIEW - REVIEWING - PATCHING - NON_EXPLOITABLE - FALSE_POSITIVE - ACCEPTED_RISK - RESOLVED - BACKLOG - INFORMATIONAL description: Filter issues by issue status getCounts: type: boolean returnAll: type: boolean ruleId: type: string description: Filter issues by custom rule ID - returns only issues that were found by the specified custom rule GetIssueInput: type: object properties: issueId: type: string organizationId: type: string required: - issueId ArchiveIssueInput: type: object properties: issueId: type: string organizationId: type: string reason: type: string required: - issueId MarkAsTruePositiveInput: type: object properties: issueId: type: string organizationId: type: string required: - issueId MarkAsFalsePositiveInput: type: object properties: issueId: type: string organizationId: type: string required: - issueId ApprovePatchInput: type: object properties: issueId: type: string organizationId: type: string required: - issueId GeneratePatchInput: type: object properties: issueId: type: string organizationId: type: string required: - issueId UpdateSeverityInput: type: object properties: issueId: type: string severity: type: integer minimum: 0 maximum: 10 organizationId: type: string required: - issueId - severity UnarchiveIssueInput: type: object properties: issueId: type: string organizationId: type: string required: - issueId ResolveIssueInput: type: object properties: issueId: type: string organizationId: type: string reason: type: string required: - issueId - organizationId UnresolveIssueInput: type: object properties: issueId: type: string organizationId: type: string required: - issueId - organizationId DeleteIssueInput: type: object properties: issueId: type: string organizationId: type: string required: - issueId Issue: type: object properties: id: type: string repositoryId: type: string repositoryName: type: string status: type: string enum: - open - patched - falsePositive - notExploitable - archived - silenced issueStatus: type: string enum: - PENDING_REVIEW - REVIEWING - PATCHING - NON_EXPLOITABLE - FALSE_POSITIVE - ACCEPTED_RISK - RESOLVED - BACKLOG - INFORMATIONAL generatedTitle: type: string generatedDescription: type: string businessLogicScenario: type: string language: type: string vulnClass: type: string cwes: type: array items: type: string vulnCategory: type: string enum: - SAST - SCA - IAC - SECRETS - SMART_CONTRACT severity: type: integer confidence: type: integer score: type: integer discoveryTool: type: string codeScanId: type: string affectedFile: type: string sastCodeSegment: type: string startLine: type: integer endLine: type: integer startColumn: type: integer endColumn: type: integer isPrBlocked: type: boolean validated: oneOf: - type: string enum: - CONFIRMED - DISCONFIRMED - UNKNOWN - type: "null" validationSecurityAssessment: oneOf: - type: string - type: "null" unpatchable: oneOf: - type: boolean - type: "null" unpatchableReason: oneOf: - type: string - type: "null" unpatchableRemediationInstructions: oneOf: - type: string - type: "null" archivedAt: oneOf: - type: string format: date-time - type: "null" noLongerDetectedAt: oneOf: - type: string format: date-time - type: "null" noLongerDetectedReason: oneOf: - type: string - type: "null" createdAt: type: string format: date-time updatedAt: type: string format: date-time naturalLanguageRuleEvaluationId: oneOf: - type: string description: ID of the natural language rule evaluation that found this issue (if applicable) - type: "null" naturalLanguageRuleViolationId: oneOf: - type: string description: ID of the natural language rule violation that found this issue (if applicable) - type: "null" naturalLanguageRuleViolation: oneOf: - type: object description: Natural language rule violation details if this issue was found by a custom rule properties: id: type: string description: Unique identifier for the rule violation ruleId: type: string description: ID of the rule that was violated title: type: string description: Title of the violation description: type: string description: Detailed description of why this is a violation confidence: type: number description: Confidence score for the violation (0-1) rule: oneOf: - type: object description: The rule that was violated properties: id: type: string description: Unique identifier for the rule name: oneOf: - type: string description: Name of the rule - type: "null" required: - id - name - type: "null" required: - id - ruleId - title - description - confidence - type: "null" codeScan: type: object properties: id: type: string scanTargetBranchCommitSha: oneOf: - type: string - type: "null" stateChangeAuthor: type: string closedBy: oneOf: - type: object properties: id: oneOf: - type: string - type: "null" name: oneOf: - type: string - type: "null" email: oneOf: - type: string - type: "null" - type: "null" falsePositiveReason: oneOf: - type: string - type: "null" falsePositiveAt: oneOf: - type: string format: date-time - type: "null" introducedBy: oneOf: - type: object properties: contributorId: oneOf: - type: string - type: "null" userId: oneOf: - type: string - type: "null" name: oneOf: - type: string - type: "null" email: oneOf: - type: string - type: "null" platform: oneOf: - type: string - type: "null" username: oneOf: - type: string - type: "null" profileUrl: oneOf: - type: string - type: "null" profileImageUrl: oneOf: - type: string - type: "null" lineStart: oneOf: - type: integer - type: "null" lineEnd: oneOf: - type: integer - type: "null" timestamp: oneOf: - type: string format: date-time - type: "null" - type: "null" scaVulnerabilityAlertingGroupId: oneOf: - type: string description: ID of the SCA vulnerability alerting group that created this issue (if applicable) - type: "null" scaReachabilityAnalyses: oneOf: - type: array description: Reachability analyses associated with this SCA vulnerability items: type: object properties: id: type: string title: oneOf: - type: string - type: "null" description: oneOf: - type: string - type: "null" confidence: oneOf: - type: number - type: "null" severity: oneOf: - type: number - type: "null" isFalsePositive: oneOf: - type: boolean - type: "null" falsePositiveReasoning: oneOf: - type: string - type: "null" pocCode: oneOf: - type: string - type: "null" vulnerabilityLocation: oneOf: - type: object properties: id: type: string filePath: oneOf: - type: string - type: "null" startLine: oneOf: - type: integer - type: "null" endLine: oneOf: - type: integer - type: "null" startColumn: oneOf: - type: integer - type: "null" endColumn: oneOf: - type: integer - type: "null" snippet: oneOf: - type: string - type: "null" language: oneOf: - type: string - type: "null" - type: "null" cvssScore: oneOf: - type: object properties: id: type: string cvssVector: oneOf: - type: string - type: "null" severity: oneOf: - type: number - type: "null" - type: "null" required: - id - type: "null" patchAttemptErrorDuringScan: oneOf: - type: object properties: id: type: string rawError: type: string displayError: type: string errorType: type: string createdAt: type: string format: date-time prSubmissionErrorDuringScan: oneOf: - type: object properties: id: type: string rawError: type: string displayError: type: string errorType: type: string createdAt: type: string format: date-time patch: oneOf: - type: object properties: id: type: string prLink: oneOf: - type: string - type: "null" prTitle: oneOf: - type: string - type: "null" prDescription: oneOf: - type: string - type: "null" gitDiff: type: string pullRequestStatus: type: string validated: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time - type: "null" detectedSecret: oneOf: - type: object properties: detectorName: oneOf: - type: string - type: "null" detectorDescription: oneOf: - type: string - type: "null" decoderName: oneOf: - type: string - type: "null" rotationGuide: oneOf: - type: string - type: "null" redactedSecret: oneOf: - type: string - type: "null" verified: oneOf: - type: boolean - type: "null" - type: "null" url: type: string description: URL to view the issue in the ZeroPath UI required: - id - codeScanId - repositoryId - status - generatedTitle - generatedDescription - language - vulnClass - cwes - vulnCategory - severity - discoveryTool - affectedFile - sastCodeSegment - startLine - endLine - isPrBlocked - createdAt - updatedAt - url IssueCounts: type: object properties: open: type: integer patched: type: integer falsePositive: type: integer notExploitable: type: integer archived: type: integer silenced: type: integer closed: type: integer IssueListResponse: type: object properties: issues: type: array items: $ref: "#/components/schemas/Issue" totalCount: type: integer totalCountAllCategories: type: integer categoryCounts: $ref: "#/components/schemas/IssueCounts" currentPage: type: integer pageSize: type: integer ListScaAlertsInput: type: object properties: organizationId: type: string repositoryIds: type: array items: type: string page: type: integer minimum: 1 default: 1 pageSize: type: integer minimum: 1 default: 50 query: type: string description: Filter by advisory identifier, aliases, or title languages: type: array items: type: string description: Filter by programming languages associated with reachability severities: type: array items: type: string enum: - critical - high - medium - low reachability: type: array items: type: string enum: - reachable - needs_review - unreachable description: Reachability classification for grouped issues ListScaLicensesInput: type: object properties: organizationId: type: string repositoryIds: type: array items: type: string ListScaVulnerabilitiesInput: type: object properties: organizationId: type: string repositoryIds: type: array items: type: string page: type: integer minimum: 1 default: 1 pageSize: type: integer minimum: 1 default: 50 searchQuery: type: string ecosystems: type: array items: type: string groupBy: type: string enum: - none - cve - cve_manifest default: none description: Group vulnerabilities by CVE or by CVE+manifest advisoryQuery: type: string description: Filter by advisory identifier or alias (CVE, GHSA, etc.) dependencyNames: type: array items: type: string description: Filter by dependency/package names (contains match) transitivity: type: string enum: - direct - transitive description: Filter by direct vs transitive dependencies. When omitted, returns both direct and transitive. reachability: type: array items: type: string enum: - reachable - needs_review - unreachable description: "Filter by exploitability status. When omitted, defaults to all three: reachable, needs_review, and unreachable." ListScaFacetOptionsInput: type: object properties: organizationId: type: string repositoryIds: type: array items: type: string ecosystems: type: array items: type: string ListScaAlertFacetOptionsInput: type: object properties: organizationId: type: string repositoryIds: type: array items: type: string ScaFacetOptions: type: object properties: dependencies: type: array items: type: string advisories: type: array items: type: string ScaAlertFacetOptions: type: object properties: languages: type: array items: type: string GetScaVulnerabilityInput: type: object properties: id: type: string organizationId: type: string required: - id GetScaPackageInput: type: object properties: id: type: string organizationId: type: string required: - id ScaAlert: type: object properties: id: type: string isAlerted: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time metadata: type: object properties: id: type: string packageIdentifier: type: string aliases: type: array items: type: string references: type: array items: type: string summary: type: string description: type: string severityScore: type: - number - "null" severity: type: - string - "null" enum: - critical - high - medium - low - info - null required: - id - packageIdentifier - summary - description languages: type: array items: type: string reachabilityCounts: type: object properties: reachable: type: integer needsReview: type: integer unreachable: type: integer required: - reachable - needsReview - unreachable required: - id - isAlerted - createdAt - updatedAt - metadata - languages - reachabilityCounts ScaVulnerability: type: object properties: id: type: string package: type: object properties: id: type: string name: type: string version: type: - string - "null" ecosystem: type: string manifestPath: type: - string - "null" manifestStartLine: type: - integer - "null" manifestEndLine: type: - integer - "null" manifestStartColumn: type: - integer - "null" manifestEndColumn: type: - integer - "null" metadata: type: object properties: id: type: string packageIdentifier: type: string aliases: type: array items: type: string references: type: array items: type: string summary: type: string description: type: string severityScore: type: - number - "null" severity: type: - string - "null" enum: - critical - high - medium - low - info - null repositoryId: type: string branch: type: string commitSha: type: string codeScanVulnerabilityId: type: - string - "null" description: ID of the related CodeScanVulnerability issue count: type: integer description: Number of occurrences in this group items: type: array description: Representative items in this group items: $ref: "#/components/schemas/ScaVulnerability" required: - id - package - metadata - repositoryId - branch - commitSha ScaPackage: type: object properties: id: type: string name: type: string version: type: - string - "null" ecosystem: type: string manifestPath: type: - string - "null" manifestStartLine: type: - integer - "null" manifestEndLine: type: - integer - "null" manifestStartColumn: type: - integer - "null" manifestEndColumn: type: - integer - "null" repositoryId: type: - string - "null" repositoryName: type: - string - "null" branch: type: - string - "null" commitSha: type: - string - "null" count: type: integer description: Number of packages in this group items: type: array items: $ref: "#/components/schemas/ScaPackage" required: - id - name - ecosystem ScaLicense: type: object properties: id: type: string name: type: string packages: type: array items: $ref: "#/components/schemas/ScaPackage" required: - id - name - packages ScaLicenseListResponse: type: object properties: licenses: type: array items: $ref: "#/components/schemas/ScaLicense" ScaAlertListResponse: type: object properties: alerts: type: array items: $ref: "#/components/schemas/ScaAlert" totalCount: type: integer page: type: integer pageSize: type: integer ScaVulnerabilityListResponse: type: object properties: vulnerabilities: type: array items: $ref: "#/components/schemas/ScaVulnerability" totalCount: type: integer page: type: integer pageSize: type: integer ListScaRepositoryInventoryInput: type: object properties: organizationId: type: string repositoryIds: type: array items: type: string cursor: type: string limit: type: integer minimum: 1 maximum: 50 default: 10 searchQuery: type: string hasVulnerabilities: type: boolean packageType: type: string enum: - public - private ecosystems: type: array items: type: string ScaRepositoryInventoryItem: type: object properties: repositoryId: type: string repositoryName: type: string monorepoName: type: - string - "null" monorepoPartitionRole: type: string enum: - none - scoped - fallback scaScanId: type: string scaScanUpdatedAt: type: string format: date-time manifestCount: type: integer uniquePackageCount: type: integer totalInstanceCount: type: integer vulnerablePackageCount: type: - integer - "null" required: - repositoryId - repositoryName - monorepoPartitionRole - scaScanId - scaScanUpdatedAt - manifestCount - uniquePackageCount - totalInstanceCount ScaRepositoryInventoryResponse: type: object properties: repositories: type: array items: $ref: "#/components/schemas/ScaRepositoryInventoryItem" nextCursor: type: - string - "null" required: - repositories ListScaManifestsForRepositoryInput: type: object properties: organizationId: type: string repositoryId: type: string scaScanId: type: string cursor: type: string limit: type: integer minimum: 1 maximum: 50 default: 10 searchQuery: type: string hasVulnerabilities: type: boolean transitivity: type: string enum: - direct - transitive packageType: type: string enum: - public - private ecosystems: type: array items: type: string required: - repositoryId - scaScanId ScaRepositoryManifest: type: object properties: manifestId: type: string manifestPath: type: string applicationName: type: - string - "null" ecosystem: type: - string - "null" totalPackages: type: integer vulnerablePackages: type: integer directPackages: type: integer transitivePackages: type: integer required: - manifestId - manifestPath - totalPackages - vulnerablePackages - directPackages - transitivePackages ScaRepositoryManifestListResponse: type: object properties: manifests: type: array items: $ref: "#/components/schemas/ScaRepositoryManifest" nextCursor: type: - string - "null" required: - manifests ListScaManifestPackagesInput: type: object properties: organizationId: type: string manifestId: type: string offset: type: integer minimum: 0 default: 0 limit: type: integer minimum: 1 maximum: 100 default: 25 searchQuery: type: string hasVulnerabilities: type: boolean transitivity: type: string enum: - direct - transitive packageType: type: string enum: - public - private ecosystems: type: array items: type: string sortBy: type: string enum: - name - vulnerabilities default: name required: - manifestId ScaManifestPackageLicense: type: object properties: name: type: string required: - name ScaManifestPackage: type: object properties: id: type: string name: type: string version: type: - string - "null" ecosystem: type: string isDirectDependency: type: boolean hasTransitivePaths: type: boolean pathCount: type: integer manifestStartLine: type: - integer - "null" manifestEndLine: type: - integer - "null" isPrivate: type: boolean licenses: type: array items: $ref: "#/components/schemas/ScaManifestPackageLicense" vulnerabilityCount: type: integer codeScanVulnerabilityId: type: - string - "null" allInstanceIds: type: array items: type: string repositoryId: type: string repositoryName: type: string manifestPath: type: string branch: type: - string - "null" commitSha: type: - string - "null" required: - id - name - ecosystem - isDirectDependency - hasTransitivePaths - pathCount - isPrivate - licenses - vulnerabilityCount - allInstanceIds - repositoryId - repositoryName - manifestPath ScaManifestPackageListResponse: type: object properties: packages: type: array items: $ref: "#/components/schemas/ScaManifestPackage" totalCount: type: integer hasMore: type: boolean required: - packages - totalCount - hasMore ListScansInput: type: object properties: organizationId: type: string page: type: number default: 1 pageSize: type: number default: 10 searchQuery: type: string repositoryIds: type: array items: type: string projectId: type: string scanId: type: string scanType: type: string enum: - FullScan - PrScan - SCAScan sortBy: type: string enum: - createdAt - updatedAt sortOrder: type: string enum: - asc - desc getCounts: type: boolean default: false returnAll: type: boolean default: false showEphemeral: type: boolean default: false StartScanInput: type: object properties: organizationId: type: string repositoryIds: type: array items: type: string repositories: type: array items: type: object properties: id: type: string branch: type: string required: - id scanType: type: string enum: - FullScan description: Optional. Must be FullScan when provided; PR scans are webhook-triggered. scanTargetBranch: type: string description: Branch to scan. prTargetBranch: type: string description: Optional comparison base branch for branch-aware scans. StartScanResponse: type: array items: type: string GetSchedulesInput: type: object properties: organizationId: type: string repositoryId: type: string required: - repositoryId ScanItem: type: object properties: name: type: string githubRepositoryId: type: string gitlabRepositoryId: type: string bitbucketRepositoryId: type: string status: type: string enum: - Scheduled - Queued - Running - Errored - Finished - Indexing - Cloning repository - Scanning for vulnerabilities - Generating patches - Setting up repository - Identifying application(s) - Generating AST - Identifying source(s) - Detecting vulnerabilities - Validating results description: Current status of the scan projectId: type: string applicationId: type: string scanId: type: string prTargetBranch: type: string scanTargetBranch: type: string codeScanType: type: string prTriggeredURL: type: string isStaged: type: boolean codeScanFinished: type: boolean issueCounts: $ref: "#/components/schemas/IssuesByType" finished: type: boolean createdAt: type: string format: date-time updatedAt: type: string format: date-time scanFinishedAt: type: - string - "null" format: date-time repositoryId: type: string errorMessage: type: string trigger: type: string sastScan: type: object properties: id: type: string error: type: string UpsertScheduleInput: type: object properties: organizationId: type: string repositoryId: type: string executionCriteriaCrontab: type: string timezone: type: string default: UTC required: - executionCriteriaCrontab - repositoryId UpsertScheduleResponse: type: string ScanSchedule: type: object properties: repoId: type: string scanBranch: oneOf: - type: string - type: "null" executionCriteriaCrontab: type: string id: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time codeScans: type: array items: type: string stagedCodeScans: type: array items: type: string ScanScheduleResponse: type: array items: $ref: "#/components/schemas/ScanSchedule" ScanStandaloneRepoInput: type: object properties: organizationId: type: string repositoryId: type: string chunk: type: string chunkIndex: type: number totalChunks: type: number fileId: type: string required: - repositoryId - chunk - chunkIndex - totalChunks ScanStandaloneRepoResponse: type: object properties: fileId: type: string stagedCodeScanId: type: string required: - fileId CreateRuleInput: type: object properties: organizationId: type: string name: type: string description: Name for the custom rule rule: type: string description: Natural language description of the security rule globPattern: type: string default: "**/*" description: Glob pattern for files this rule applies to sourceTypes: type: array items: type: string enum: - HTTP_HANDLER - FILE_HANDLER - STDIN_HANDLER - BROWSER_DATA - WEBSOCKET - SOCKET - CLI_ARGUMENT - MOBILE_INPUTS description: Source types this rule applies to repositoryIds: type: array items: type: string description: Specific repository IDs to apply this rule to (if not specified, applies to all) required: - name - rule UpdateRuleInput: type: object properties: organizationId: type: string ruleId: type: string name: type: string rule: type: string description: Natural language description of the security rule globPattern: type: string description: Glob pattern for files this rule applies to sourceTypes: type: array items: type: string enum: - HTTP_HANDLER - FILE_HANDLER - STDIN_HANDLER - BROWSER_DATA - WEBSOCKET - SOCKET - CLI_ARGUMENT - MOBILE_INPUTS repositoryIds: type: array items: type: string required: - ruleId ListRulesInput: type: object properties: organizationId: type: string repositoryId: type: string description: Filter rules by repository page: type: integer minimum: 1 default: 1 pageSize: type: integer minimum: 1 maximum: 100 default: 20 GetRuleInput: type: object properties: organizationId: type: string ruleId: type: string required: - ruleId DeleteRuleInput: type: object properties: organizationId: type: string ruleId: type: string required: - ruleId Rule: type: object properties: id: type: string name: type: string rule: type: string description: Natural language description of the security rule globPattern: type: string sourceTypes: type: array items: type: string enum: - HTTP_HANDLER - FILE_HANDLER - STDIN_HANDLER - BROWSER_DATA - WEBSOCKET - SOCKET - CLI_ARGUMENT - MOBILE_INPUTS repositoryIds: type: array items: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - rule - globPattern - sourceTypes - repositoryIds - createdAt - updatedAt RuleWithRepositories: type: object properties: id: type: string name: type: string rule: type: string description: Natural language description of the security rule globPattern: type: string sourceTypes: type: array items: type: string enum: - HTTP_HANDLER - FILE_HANDLER - STDIN_HANDLER - BROWSER_DATA - WEBSOCKET - SOCKET - CLI_ARGUMENT - MOBILE_INPUTS repositories: type: array items: type: object properties: id: type: string name: type: string required: - id - name createdAt: type: string format: date-time updatedAt: type: string format: date-time required: - id - name - rule - globPattern - sourceTypes - repositories - createdAt - updatedAt RuleListResponse: type: object properties: rules: type: array items: $ref: "#/components/schemas/Rule" totalCount: type: integer page: type: integer pageSize: type: integer totalPages: type: integer required: - rules - totalCount - page - pageSize - totalPages CreateReferralRequest: type: object required: - firstName - lastName - email - mobilePhone - companyName - referrerFirstName - referrerLastName - referrerEmail - type properties: firstName: type: string minLength: 1 maxLength: 100 description: First name of the referred person lastName: type: string minLength: 1 maxLength: 100 description: Last name of the referred person email: type: string format: email description: Email address of the referred person mobilePhone: type: string minLength: 10 maxLength: 20 description: Mobile phone number of the referred person companyName: type: string minLength: 1 maxLength: 200 description: Company name of the referred person notes: type: string maxLength: 1000 description: Optional notes about the referral referrerFirstName: type: string minLength: 1 maxLength: 100 description: First name of the person making the referral referrerLastName: type: string minLength: 1 maxLength: 100 description: Last name of the person making the referral referrerEmail: type: string format: email description: Email address of the person making the referral type: type: string enum: - DEMO description: Type of referral CreateReferralResponse: type: object required: - success - referralId properties: success: type: boolean description: Whether the referral was created successfully referralId: type: string format: uuid description: Unique identifier of the created referral responses: BadRequest: description: Bad Request content: application/json: schema: type: object properties: error: type: string Unauthorized: description: Unauthorized content: application/json: schema: type: object properties: error: type: string IdResponse: description: Successful response content: application/json: schema: type: object properties: id: type: string OkResponse: description: Successful response content: application/json: schema: type: object properties: ok: type: boolean NotFound: description: Not Found content: application/json: schema: type: object properties: error: type: string securitySchemes: apiTokenId: type: apiKey in: header name: X-ZeroPath-API-Token-Id x-fern-header: name: apiTokenId env: ZEROPATH_API_TOKEN_ID apiTokenSecret: type: apiKey in: header name: X-ZeroPath-API-Token-Secret x-fern-header: name: apiTokenSecret env: ZEROPATH_API_TOKEN_SECRET security: - apiTokenId: [] apiTokenSecret: []