scanossapi

package module
v0.4.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 10, 2026 License: MIT Imports: 4 Imported by: 0

README

scanoss.api-sdk (Go types)

Generated Go types for the SCANOSS REST API. These are the request/response DTOs the API is documented with in its docs/openapi.yaml, produced with oapi-codegen. Import them so your service (un)marshals against the exact structs the API ships.

Generated — do not edit. types.gen.go is produced from the API's OpenAPI spec and published here automatically on every API release. Hand edits will be overwritten. File issues and spec changes against scanoss/scanoss.api.

Install

go get github.com/scanoss/scanoss.api-sdk@vX.Y.Z

Versioning

This package is published on every vX.Y.Z tag of the API, with the same version: scanoss.api-sdk vX.Y.Z contains the types generated from scanoss.api vX.Y.Z. Pin the SDK to the API version your service targets.

Usage

import scanossapi "github.com/scanoss/scanoss.api-sdk"

var env scanossapi.ScanEnvelope
_ = json.Unmarshal(body, &env)

License

MIT © SCANOSS

Documentation

Overview

Package scanossapi provides primitives to interact with the openapi HTTP API.

Code generated by github.com/oapi-codegen/oapi-codegen/v2 version v2.4.1 DO NOT EDIT.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AttributionFile

type AttributionFile struct {
	// AttributionUrl URL to the full content of the attribution file.
	AttributionUrl string `json:"attribution_url"`

	// File Relative path of the attribution file within the component.
	File string `json:"file"`

	// FileId MD5 of the content — the same hash that is the last path segment
	// of `attribution_url`.
	FileId string `json:"file_id"`
}

AttributionFile defines model for AttributionFile.

type AttributionItem

type AttributionItem struct {
	AttributionFiles *[]AttributionFile `json:"attribution_files,omitempty"`

	// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
	// (a nearest-version was substituted); the others mark failures.
	InfoCode    *InfoCode `json:"info_code,omitempty"`
	InfoMessage *string   `json:"info_message,omitempty"`
	Purl        string    `json:"purl"`
	Requirement *string   `json:"requirement,omitempty"`

	// Url Present only when `search.show_url` is set (placeholder — not yet populated).
	Url *string `json:"url,omitempty"`

	// Version Concrete version resolved from `requirement`.
	Version *string `json:"version,omitempty"`
}

AttributionItem defines model for AttributionItem.

type AttributionResponse

type AttributionResponse struct {
	Components []AttributionItem `json:"components"`
	Status     BatchStatus       `json:"status"`
}

AttributionResponse defines model for AttributionResponse.

type BadRequest

type BadRequest = ErrorBody

BadRequest defines model for BadRequest.

type BatchRequest

type BatchRequest struct {
	Components []Request `json:"components"`

	// Search Optional request-level search configuration applied to every component
	// in the batch (for GET endpoints the same knobs are query params). All
	// fields are optional; the defaults disable every fallback (strict version
	// matching, no related results). Honored by endpoints that support search
	// criteria — currently `/v3/license/evidence`.
	Search *SearchCriteria `json:"search,omitempty"`
}

BatchRequest defines model for BatchRequest.

type BatchStatus

type BatchStatus struct {
	Message string            `json:"message"`
	Status  BatchStatusStatus `json:"status"`
}

BatchStatus defines model for BatchStatus.

type BatchStatusStatus

type BatchStatusStatus string

BatchStatusStatus defines model for BatchStatus.Status.

const (
	BatchStatusStatusERROR          BatchStatusStatus = "ERROR"
	BatchStatusStatusPARTIALSUCCESS BatchStatusStatus = "PARTIAL_SUCCESS"
	BatchStatusStatusSUCCESS        BatchStatusStatus = "SUCCESS"
)

Defines values for BatchStatusStatus.

type CVSS

type CVSS struct {
	// Cvss CVSS vector string
	Cvss         *string  `json:"cvss,omitempty"`
	CvssScore    *float32 `json:"cvss_score,omitempty"`
	CvssSeverity *string  `json:"cvss_severity,omitempty"`
}

CVSS defines model for CVSS.

type CallArgument

type CallArgument struct {
	// ArgumentExpression The exact argument expression as written in source.
	ArgumentExpression string            `json:"argument_expression"`
	ParameterIndex     int32             `json:"parameter_index"`
	SourceNodes        *[]DataFlowSource `json:"source_nodes,omitempty"`

	// Type Argument type inferred at the call site.
	Type string `json:"type"`

	// VariableName Variable name at the call site; empty for literals/expressions.
	VariableName *string `json:"variable_name,omitempty"`
}

CallArgument One argument passed at a call site with full data-flow provenance.

type CallNode

type CallNode struct {
	CanonicalSignature string `json:"canonical_signature"`

	// EntryCall The call site where one node in a chain invokes the next.
	// Present on every chain node except the entry-point node.
	EntryCall    *CallSite `json:"entry_call,omitempty"`
	FilePath     *string   `json:"file_path,omitempty"`
	FunctionName string    `json:"function_name"`

	// IsFinal Present and true only on the last frame of each emitted call chain.
	IsFinal         *bool                    `json:"is_final,omitempty"`
	OwnerVisibility *CallNodeOwnerVisibility `json:"owner_visibility,omitempty"`
	ParameterTypes  []string                 `json:"parameter_types"`
	ReturnType      string                   `json:"return_type"`
	StartLine       *int32                   `json:"start_line,omitempty"`
	Visibility      *CallNodeVisibility      `json:"visibility,omitempty"`
}

CallNode One function/method in a call chain. The first node in a chain is the entry point; subsequent nodes carry `entry_call` describing the invocation that reached them. In API responses, the final node in each emitted `call_chains[]` path is marked with `is_final: true`.

type CallNodeOwnerVisibility

type CallNodeOwnerVisibility string

CallNodeOwnerVisibility defines model for CallNode.OwnerVisibility.

const (
	CallNodeOwnerVisibilityPackagePrivate CallNodeOwnerVisibility = "package-private"
	CallNodeOwnerVisibilityPrivate        CallNodeOwnerVisibility = "private"
	CallNodeOwnerVisibilityProtected      CallNodeOwnerVisibility = "protected"
	CallNodeOwnerVisibilityPublic         CallNodeOwnerVisibility = "public"
)

Defines values for CallNodeOwnerVisibility.

type CallNodeVisibility

type CallNodeVisibility string

CallNodeVisibility defines model for CallNode.Visibility.

const (
	CallNodeVisibilityPackagePrivate CallNodeVisibility = "package-private"
	CallNodeVisibilityPrivate        CallNodeVisibility = "private"
	CallNodeVisibilityProtected      CallNodeVisibility = "protected"
	CallNodeVisibilityPublic         CallNodeVisibility = "public"
)

Defines values for CallNodeVisibility.

type CallSite

type CallSite struct {
	CanonicalSignature string `json:"canonical_signature"`

	// FilePath File where the call expression appears.
	FilePath string `json:"file_path"`

	// FunctionName FQN of the invoked function.
	FunctionName   string          `json:"function_name"`
	Line           int32           `json:"line"`
	ParameterTypes []string        `json:"parameter_types"`
	Parameters     *[]CallArgument `json:"parameters,omitempty"`
	ReturnType     string          `json:"return_type"`
}

CallSite The call site where one node in a chain invokes the next. Present on every chain node except the entry-point node.

type Component

type Component struct {
	Name     *string             `json:"name,omitempty"`
	Purl     *string             `json:"purl,omitempty"`
	Url      *string             `json:"url,omitempty"`
	Versions *[]ComponentVersion `json:"versions,omitempty"`
}

Component defines model for Component.

type ComponentAlgorithms

type ComponentAlgorithms struct {
	Algorithms *[]CryptoAlgorithm `json:"algorithms,omitempty"`

	// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
	// (a nearest-version was substituted); the others mark failures.
	InfoCode    *InfoCode `json:"info_code,omitempty"`
	InfoMessage *string   `json:"info_message,omitempty"`
	Purl        *string   `json:"purl,omitempty"`
	Requirement *string   `json:"requirement,omitempty"`
	Version     *string   `json:"version,omitempty"`
}

ComponentAlgorithms defines model for ComponentAlgorithms.

type ComponentAlgorithmsInRange

type ComponentAlgorithmsInRange struct {
	Algorithms *[]CryptoAlgorithm `json:"algorithms,omitempty"`

	// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
	// (a nearest-version was substituted); the others mark failures.
	InfoCode    *InfoCode `json:"info_code,omitempty"`
	InfoMessage *string   `json:"info_message,omitempty"`
	Purl        *string   `json:"purl,omitempty"`
	Versions    *[]string `json:"versions,omitempty"`
}

ComponentAlgorithmsInRange defines model for ComponentAlgorithmsInRange.

type ComponentCpesInfo

type ComponentCpesInfo struct {
	Cpes        *[]string `json:"cpes,omitempty"`
	InfoCode    *string   `json:"info_code,omitempty"`
	InfoMessage *string   `json:"info_message,omitempty"`
	Purl        *string   `json:"purl,omitempty"`
	Requirement *string   `json:"requirement,omitempty"`
	Version     *string   `json:"version,omitempty"`
}

ComponentCpesInfo defines model for ComponentCpesInfo.

type ComponentData

type ComponentData struct {
	// ActualMinedVersion Present only when the requested exact version was not present in
	// `component_crypto_findings` and the server resolved to the highest mined version
	// in the same `major.minor` bucket, treating it as a representative for
	// the requested version. Absent on exact matches and on range-constraint
	// resolutions (those echo the original constraint in `requirement`).
	ActualMinedVersion *string `json:"actual_mined_version,omitempty"`

	// CryptoEntryPoints Per-block projection of the merged callgraph's `crypto_entry_points[]`
	// (callgraph 6.x schema), narrowed to entries whose `reachable_findings`
	// intersect this block's surviving assets. Passed through as raw JSON.
	// Populated only when `include_crypto_entry_points: true`.
	//
	// This field **replaced** the legacy `entry_point_index` present in
	// callgraph schemas prior to 6.x.
	CryptoEntryPoints *[]CryptoEntryPoint `json:"crypto_entry_points,omitempty"`

	// FindingCount Total cryptographic_assets count across all findings[] in this
	// block. POST-PRUNE — when a filter is active, reflects surviving
	// assets, NOT the unfiltered universe.
	FindingCount int32     `json:"finding_count"`
	Findings     []Finding `json:"findings"`
	Purl         string    `json:"purl"`

	// Requirement Echo of the request requirement string when known.
	Requirement *string `json:"requirement,omitempty"`

	// Schemas Source crypto-finder schema versions for this component block.
	Schemas *ComponentSchemas `json:"schemas,omitempty"`

	// SupportingCalls Deduped object-lifecycle calls (e.g. IV generation, key-size
	// initialisation) referenced by surviving assets in this block.
	// Passed through as raw JSON from the merged callgraph 6.x
	// `supporting_calls[]`. Populated only when
	// `include_supporting_calls: true`.
	//
	// Each entry is identified by `supporting_id`, which is the
	// foreign key referenced from:
	// - `cryptographic_asset.supporting_call_ids[]` (per-asset breadcrumb)
	// - `crypto_entry_points[].reachable_supporting_calls[].supporting_id`
	SupportingCalls *[]SupportingCall `json:"supporting_calls,omitempty"`
	Version         string            `json:"version"`
}

ComponentData Per-component reachability block. Each `data[]` element corresponds to one component:

  • For `/component`, `data` has length 1 — the target with all merged transitive findings collapsed in (own + indirect already discriminated by `cryptographic_asset.source`).
  • For `/dep-tree`, `data` has one element per supplied dep, each carrying that dep's OWN findings (per-dep, not merged across deps).

`metadata` is passed through verbatim from crypto-finder's findings schema. `call_chains` follows crypto-finder's callgraph 6.x schema, with this API adding `is_final: true` to each chain's final frame.

type ComponentHealth

type ComponentHealth struct {
	// Detail Error message or extra context (present on error / when relevant).
	Detail *string               `json:"detail,omitempty"`
	Status ComponentHealthStatus `json:"status"`
}

ComponentHealth Status of one dependency in the readiness response.

type ComponentHealthStatus

type ComponentHealthStatus string

ComponentHealthStatus defines model for ComponentHealth.Status.

const (
	ComponentHealthStatusDisabled ComponentHealthStatus = "disabled"
	ComponentHealthStatusError    ComponentHealthStatus = "error"
	ComponentHealthStatusOk       ComponentHealthStatus = "ok"
)

Defines values for ComponentHealthStatus.

type ComponentHints

type ComponentHints struct {
	Hints *[]CryptoHint `json:"hints,omitempty"`

	// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
	// (a nearest-version was substituted); the others mark failures.
	InfoCode    *InfoCode `json:"info_code,omitempty"`
	InfoMessage *string   `json:"info_message,omitempty"`
	Purl        *string   `json:"purl,omitempty"`
	Requirement *string   `json:"requirement,omitempty"`
	Version     *string   `json:"version,omitempty"`
}

ComponentHints defines model for ComponentHints.

type ComponentHintsInRange

type ComponentHintsInRange struct {
	Hints *[]CryptoHint `json:"hints,omitempty"`

	// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
	// (a nearest-version was substituted); the others mark failures.
	InfoCode    *InfoCode `json:"info_code,omitempty"`
	InfoMessage *string   `json:"info_message,omitempty"`
	Purl        *string   `json:"purl,omitempty"`
	Versions    *[]string `json:"versions,omitempty"`
}

ComponentHintsInRange defines model for ComponentHintsInRange.

type ComponentLicenseInfo

type ComponentLicenseInfo struct {
	InfoCode    *string        `json:"info_code,omitempty"`
	InfoMessage *string        `json:"info_message,omitempty"`
	Licenses    *[]LicenseInfo `json:"licenses,omitempty"`
	Purl        *string        `json:"purl,omitempty"`
	Requirement *string        `json:"requirement,omitempty"`

	// Statement License IDs joined with " AND ".
	Statement *string `json:"statement,omitempty"`
	Url       *string `json:"url,omitempty"`
	Version   *string `json:"version,omitempty"`
}

ComponentLicenseInfo Per-component license result. `info_code` is one of `REQUIREMENT_NOT_MET`, `VERSION_NOT_FOUND`, `NO_INFO` (absent on an exact match).

type ComponentLicenseResponse

type ComponentLicenseResponse struct {
	// Component Per-component license result. `info_code` is one of
	// `REQUIREMENT_NOT_MET`, `VERSION_NOT_FOUND`, `NO_INFO` (absent on an exact
	// match).
	Component *ComponentLicenseInfo `json:"component,omitempty"`

	// Status Outcome of a licenses-service call (papi common StatusResponse).
	Status *LookupStatusResponse `json:"status,omitempty"`
}

ComponentLicenseResponse defines model for ComponentLicenseResponse.

type ComponentLifecycleStatus

type ComponentLifecycleStatus struct {
	FirstIndexedDate *string `json:"first_indexed_date,omitempty"`

	// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
	// (a nearest-version was substituted); the others mark failures.
	InfoCode         *InfoCode `json:"info_code,omitempty"`
	InfoMessage      *string   `json:"info_message,omitempty"`
	LastIndexedDate  *string   `json:"last_indexed_date,omitempty"`
	RepositoryStatus *string   `json:"repository_status,omitempty"`
	Status           *string   `json:"status,omitempty"`
	StatusChangeDate *string   `json:"status_change_date,omitempty"`
}

ComponentLifecycleStatus defines model for ComponentLifecycleStatus.

type ComponentLocation

type ComponentLocation struct {
	// InfoCode INVALID_PURL | NO_INFO | TOO_MANY_CONTRIBUTORS
	InfoCode    *string        `json:"info_code,omitempty"`
	InfoMessage *string        `json:"info_message,omitempty"`
	Locations   *[]GeoLocation `json:"locations,omitempty"`
	Purl        *string        `json:"purl,omitempty"`
}

ComponentLocation defines model for ComponentLocation.

type ComponentLocationInfo

type ComponentLocationInfo struct {
	CuratedLocations  *[]GeoCuratedLocation  `json:"curated_locations,omitempty"`
	DeclaredLocations *[]GeoDeclaredLocation `json:"declared_locations,omitempty"`

	// InfoCode INVALID_PURL | NO_INFO | TOO_MANY_CONTRIBUTORS
	InfoCode    *string `json:"info_code,omitempty"`
	InfoMessage *string `json:"info_message,omitempty"`
	Purl        *string `json:"purl,omitempty"`
}

ComponentLocationInfo defines model for ComponentLocationInfo.

type ComponentReachabilityRequest

type ComponentReachabilityRequest struct {
	// EntryPointSignatures Optional exact-match filter on entry-point canonical signatures.
	// When non-empty, `assets[]` is **restricted to findings reachable
	// from at least one supplied entry point**. Findings unreachable
	// from any supplied entry are REMOVED entirely from `assets[]` —
	// they do NOT appear as `reachable=false` entries. An empty array
	// (or absent field) means no filter; all findings are returned.
	// Signatures that matched zero call chains are listed in
	// `unmatched_signatures` at the top level of the response
	// (diagnostic for typos).
	EntryPointSignatures *[]string `json:"entry_point_signatures,omitempty"`

	// IncludeCallChains When true, decorates each asset with its `call_chains[]` array
	// (raw callgraph 6.x frame arrays) and the `reachable` bool.
	// Default false produces a pure CBOM response (findings without
	// reachability decoration). Independent of `entry_point_signatures`
	// (which controls whether assets are PRUNED to reachable ones).
	// Independent of `include_crypto_entry_points` and
	// `include_supporting_calls`.
	IncludeCallChains *bool `json:"include_call_chains,omitempty"`

	// IncludeCryptoEntryPoints When true, populates `crypto_entry_points[]` at the top level
	// of each `ComponentData` block — the public reachability surface
	// (entry-point functions with their `reachable_findings[]`).
	// This is the projection that **replaced** the legacy
	// `entry_point_index` field.
	// Independent of `include_call_chains` and `include_supporting_calls`.
	IncludeCryptoEntryPoints *bool `json:"include_crypto_entry_points,omitempty"`

	// IncludeRawCallgraph When true, `callgraph` at the top level of the response carries
	// the unfiltered merged callgraph.
	IncludeRawCallgraph *bool `json:"include_raw_callgraph,omitempty"`

	// IncludeSupportingCalls When true, populates `supporting_calls[]` at the top level of
	// each `ComponentData` block (deduped object-lifecycle calls such
	// as IV generation and key-size initialisation) AND attaches
	// `supporting_call_ids[]` to each `cryptographic_asset` whose
	// finding graph references supporting calls. Each
	// `supporting_call_id` resolves to a `supporting_calls[].supporting_id`
	// in the same block.
	// Independent of `include_call_chains` and `include_crypto_entry_points`.
	IncludeSupportingCalls *bool `json:"include_supporting_calls,omitempty"`

	// MaxChainsPerAsset Per-asset cap on `call_chains[]` length. Hard cap 128.
	// `0` (the default) means no cap — all chains are returned. Use a
	// positive integer to limit chains per asset. Values above 128 are
	// rejected with HTTP 400.
	MaxChainsPerAsset *int32 `json:"max_chains_per_asset,omitempty"`
	Purl              string `json:"purl"`

	// Requirement Version constraint. Accepts exact versions (`1.5.2`, `=1.5.2`) or
	// SemVer constraint expressions (`>=1.5.0`, `^1.5.0`, `~1.5.0`,
	// `>=1.5.0,<2.0.0`). The leading `=` is optional. For range
	// expressions, the server resolves to the highest mined version
	// satisfying the constraint; no match → `VERSION_NOT_FOUND`.
	Requirement *string `json:"requirement,omitempty"`
}

ComponentReachabilityRequest defines model for ComponentReachabilityRequest.

type ComponentReachabilityResponse

type ComponentReachabilityResponse struct {
	// Callgraph Raw merged callgraph as JSON, populated only when the request set
	// `include_raw_callgraph: true`. Shape matches crypto-finder
	// callgraph schema 6.x verbatim.
	Callgraph *map[string]interface{} `json:"callgraph,omitempty"`
	Data      *[]ComponentData        `json:"data,omitempty"`

	// InfoCode One of:
	// - `READY` — reachability data computed successfully.
	// - `INVALID_PURL` — the supplied PURL could not be parsed.
	// - `INVALID_SEMVER` — the requirement is structurally invalid.
	// - `COMPONENT_NOT_FOUND` — the purl has no mining results at any version.
	// - `VERSION_NOT_FOUND` — no mined version matches the supplied requirement.
	// - `NO_INFO` — reachability data unavailable (stitch failed or timed out).
	InfoCode    string  `json:"info_code"`
	InfoMessage *string `json:"info_message,omitempty"`

	// RulesVersion Echoed on READY — the rules_version active for this row.
	RulesVersion *string `json:"rules_version,omitempty"`

	// Status Top-level outcome for the request as a whole.
	Status StatusResponse `json:"status"`

	// UnmatchedSignatures Signatures from `entry_point_signatures` that matched zero chains.
	UnmatchedSignatures *[]string `json:"unmatched_signatures,omitempty"`
}

ComponentReachabilityResponse Response envelope for `/component`. Top-level shape: `{data, info_code, info_message, rules_version, status, unmatched_signatures, callgraph}`.

`data` is an array of length 1 — the target component block with all merged transitive findings collapsed in (own + indirect, discriminated by `cryptographic_asset.source`). Component identity (`purl`, `version`, `requirement`) lives inside `data[0]`, not at the top level.

`unmatched_signatures` and `callgraph` live at the TOP LEVEL.

Each `data[]` block optionally carries `crypto_entry_points[]` and `supporting_calls[]` when the corresponding opt-in flags are set.

type ComponentRequest

type ComponentRequest struct {
	// Purl Package URL identifying the component.
	Purl string `json:"purl"`

	// Requirement Version constraint when the PURL has no explicit version. Accepts:
	// - Exact versions with or without leading `=`: `1.15`, `=1.15`
	// - SemVer constraint expressions: `>=1.10,<1.16`, `^1.5.0`, `~1.5.0`
	//
	// For range expressions, the server resolves to the highest mined
	// version that satisfies the constraint. Maven non-SemVer qualifiers
	// (e.g. `1.5.2.RELEASE`) are accepted as exact literals.
	Requirement *string `json:"requirement,omitempty"`
}

ComponentRequest Identifies one component by PURL and optional version constraint.

type ComponentResult

type ComponentResult struct {
	Component   string   `json:"component,omitempty"`
	File        string   `json:"file,omitempty"`
	Purls       []string `json:"purls,omitempty"`
	Rank        int      `json:"rank,omitempty"`
	ReleaseDate string   `json:"release_date,omitempty"`
	Url         string   `json:"url,omitempty"`
	Vendor      string   `json:"vendor,omitempty"`
	Version     string   `json:"version,omitempty"`
}

ComponentResult A resolved component in a batchScanner report, keyed by url_hash in `ScanResult.components`. Open to extra upstream fields.

type ComponentSchemas

type ComponentSchemas struct {
	Callgraph *string `json:"callgraph,omitempty"`
	Findings  *string `json:"findings,omitempty"`
}

ComponentSchemas Source crypto-finder schema versions for this component block.

type ComponentSearchHit

type ComponentSearchHit struct {
	Name *string `json:"name,omitempty"`
	Purl *string `json:"purl,omitempty"`

	// Url Project URL reconstructed from mine_id (may be empty).
	Url *string `json:"url,omitempty"`
}

ComponentSearchHit defines model for ComponentSearchHit.

type ComponentStatusResult

type ComponentStatusResult struct {
	ComponentStatus *ComponentLifecycleStatus `json:"component_status,omitempty"`
	Name            *string                   `json:"name,omitempty"`
	Purl            *string                   `json:"purl,omitempty"`
	Requirement     *string                   `json:"requirement,omitempty"`
	VersionStatus   *ComponentVersionStatus   `json:"version_status,omitempty"`
}

ComponentStatusResult defines model for ComponentStatusResult.

type ComponentVersion

type ComponentVersion struct {
	// Date Release date as reported by the upstream registry.
	Date     *string                    `json:"date,omitempty"`
	Licenses *[]ComponentVersionLicense `json:"licenses,omitempty"`
	Version  *string                    `json:"version,omitempty"`
}

ComponentVersion defines model for ComponentVersion.

type ComponentVersionLicense

type ComponentVersionLicense struct {
	IsSpdxApproved *bool   `json:"is_spdx_approved,omitempty"`
	Name           *string `json:"name,omitempty"`
	SpdxId         *string `json:"spdx_id,omitempty"`
	Url            *string `json:"url,omitempty"`
}

ComponentVersionLicense defines model for ComponentVersionLicense.

type ComponentVersionStatus

type ComponentVersionStatus struct {
	IndexedDate *string `json:"indexed_date,omitempty"`

	// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
	// (a nearest-version was substituted); the others mark failures.
	InfoCode    *InfoCode `json:"info_code,omitempty"`
	InfoMessage *string   `json:"info_message,omitempty"`

	// RepositoryStatus Raw status string reported by the registry.
	RepositoryStatus *string `json:"repository_status,omitempty"`

	// Status Canonical lifecycle (active / removed / deprecated / deleted).
	Status           *string `json:"status,omitempty"`
	StatusChangeDate *string `json:"status_change_date,omitempty"`
	Version          *string `json:"version,omitempty"`
}

ComponentVersionStatus defines model for ComponentVersionStatus.

type ComponentVersionsInRange

type ComponentVersionsInRange struct {
	// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
	// (a nearest-version was substituted); the others mark failures.
	InfoCode        *InfoCode `json:"info_code,omitempty"`
	InfoMessage     *string   `json:"info_message,omitempty"`
	Purl            *string   `json:"purl,omitempty"`
	VersionsWith    *[]string `json:"versions_with,omitempty"`
	VersionsWithout *[]string `json:"versions_without,omitempty"`
}

ComponentVersionsInRange defines model for ComponentVersionsInRange.

type ComponentVersionsResponse

type ComponentVersionsResponse struct {
	Component Component   `json:"component"`
	Status    BatchStatus `json:"status"`
}

ComponentVersionsResponse defines model for ComponentVersionsResponse.

type ComponentVulnerabilityInfo

type ComponentVulnerabilityInfo struct {
	InfoCode        *string          `json:"info_code,omitempty"`
	InfoMessage     *string          `json:"info_message,omitempty"`
	Purl            *string          `json:"purl,omitempty"`
	Requirement     *string          `json:"requirement,omitempty"`
	Version         *string          `json:"version,omitempty"`
	Vulnerabilities *[]Vulnerability `json:"vulnerabilities,omitempty"`
}

ComponentVulnerabilityInfo defines model for ComponentVulnerabilityInfo.

type ComponentsLicenseResponse

type ComponentsLicenseResponse struct {
	Components *[]ComponentLicenseInfo `json:"components,omitempty"`

	// Status Outcome of a licenses-service call (papi common StatusResponse).
	Status *LookupStatusResponse `json:"status,omitempty"`
}

ComponentsLicenseResponse defines model for ComponentsLicenseResponse.

type ComponentsSearchResponse

type ComponentsSearchResponse struct {
	Components []ComponentSearchHit `json:"components"`
	Status     BatchStatus          `json:"status"`
}

ComponentsSearchResponse defines model for ComponentsSearchResponse.

type ComponentsStatusResponse

type ComponentsStatusResponse struct {
	Components []ComponentStatusResult `json:"components"`
	Status     BatchStatus             `json:"status"`
}

ComponentsStatusResponse defines model for ComponentsStatusResponse.

type ContentIdPath

type ContentIdPath = string

ContentIdPath defines model for ContentIdPath.

type CopyrightDetection

type CopyrightDetection struct {
	// Copyright Detected copyright statement (verbatim).
	Copyright string `json:"copyright"`

	// Detector Name of the detector that produced the evidence.
	Detector DetectorEnum `json:"detector"`

	// Evidence Line range or byte range of the evidence, depending on the server's
	// license-hints backend: 1-based inclusive **line numbers** with the
	// default `postgres` backend, or **byte offsets** with the `ldb` backend.
	// The content endpoints slice `?start=&end=` by the same unit.
	Evidence EvidenceRange `json:"evidence"`

	// Holder Holder parsed out of the raw statement (years / boilerplate
	// removed). Optional — absent when it could not be parsed.
	Holder *string `json:"holder,omitempty"`

	// Source Origin/category of the evidence. Today only `header_declared`,
	// `notice_declared` and `metadata_declared` are emitted (derived from
	// the file path); `spdx_tag` and `project_declared` are reserved for a
	// richer signal.
	Source SourceEnum `json:"source"`
}

CopyrightDetection defines model for CopyrightDetection.

type CopyrightEvidenceFile

type CopyrightEvidenceFile struct {
	Detections []CopyrightDetection `json:"detections"`
	File       string               `json:"file"`
	FileId     string               `json:"file_id"`
}

CopyrightEvidenceFile defines model for CopyrightEvidenceFile.

type CopyrightEvidenceItem

type CopyrightEvidenceItem struct {
	Files *[]CopyrightEvidenceFile `json:"files,omitempty"`

	// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
	// (a nearest-version was substituted); the others mark failures.
	InfoCode    *InfoCode `json:"info_code,omitempty"`
	InfoMessage *string   `json:"info_message,omitempty"`
	Purl        string    `json:"purl"`
	Requirement *string   `json:"requirement,omitempty"`

	// Url Present only when `search.show_url` is set (placeholder — not yet populated).
	Url     *string `json:"url,omitempty"`
	Version *string `json:"version,omitempty"`
}

CopyrightEvidenceItem defines model for CopyrightEvidenceItem.

type CopyrightEvidenceResponse

type CopyrightEvidenceResponse struct {
	Components []CopyrightEvidenceItem `json:"components"`
	Status     BatchStatus             `json:"status"`
}

CopyrightEvidenceResponse defines model for CopyrightEvidenceResponse.

type CopyrightHolder

type CopyrightHolder struct {
	// Count Number of detections referencing this holder.
	Count  int    `json:"count"`
	Holder string `json:"holder"`
}

CopyrightHolder defines model for CopyrightHolder.

type CopyrightHoldersItem

type CopyrightHoldersItem struct {
	Holders *[]CopyrightHolder `json:"holders,omitempty"`

	// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
	// (a nearest-version was substituted); the others mark failures.
	InfoCode    *InfoCode `json:"info_code,omitempty"`
	InfoMessage *string   `json:"info_message,omitempty"`
	Purl        string    `json:"purl"`
	Requirement *string   `json:"requirement,omitempty"`

	// Url Present only when `search.show_url` is set (placeholder — not yet populated).
	Url     *string `json:"url,omitempty"`
	Version *string `json:"version,omitempty"`
}

CopyrightHoldersItem defines model for CopyrightHoldersItem.

type CopyrightHoldersResponse

type CopyrightHoldersResponse struct {
	Components []CopyrightHoldersItem `json:"components"`
	Status     BatchStatus            `json:"status"`
}

CopyrightHoldersResponse defines model for CopyrightHoldersResponse.

type CpesResponse

type CpesResponse struct {
	Components []ComponentCpesInfo `json:"components"`
	Status     BatchStatus         `json:"status"`
}

CpesResponse defines model for CpesResponse.

type CryptoAlgorithm

type CryptoAlgorithm struct {
	Algorithm *string `json:"algorithm,omitempty"`
	Strength  *string `json:"strength,omitempty"`
}

CryptoAlgorithm defines model for CryptoAlgorithm.

type CryptoAlgorithmsInRangeResponse

type CryptoAlgorithmsInRangeResponse struct {
	Components []ComponentAlgorithmsInRange `json:"components"`
	Status     BatchStatus                  `json:"status"`
}

CryptoAlgorithmsInRangeResponse defines model for CryptoAlgorithmsInRangeResponse.

type CryptoAlgorithmsResponse

type CryptoAlgorithmsResponse struct {
	Components []ComponentAlgorithms `json:"components"`
	Status     BatchStatus           `json:"status"`
}

CryptoAlgorithmsResponse defines model for CryptoAlgorithmsResponse.

type CryptoAsset

type CryptoAsset struct {
	// CallChains Ordered call chains from entry points to this asset, following
	// crypto-finder's callgraph 6.x schema. Each element is an array of
	// call-chain frame objects (see `CallNode`); this API adds
	// `is_final: true` to each chain's last frame. Present only when the
	// reachability endpoint was called with `include_call_chains: true`.
	CallChains *[][]CallNode `json:"call_chains,omitempty"`
	EndLine    int32         `json:"end_line"`

	// FindingId Stable hash of the detection. Use as primary key.
	FindingId string `json:"finding_id"`

	// Match Exact source line that triggered the detection.
	Match string `json:"match"`

	// Metadata Pass-through metadata block as emitted by crypto-finder's findings
	// envelope (v1.3). The shape is owned by crypto-finder, not by this
	// service. Keys are CAMEL CASE (e.g. `assetType`, `algorithmName`,
	// `protocolName`, `materialType`). `assetType` is the discriminator
	// used by consumers that want to branch on the variant. All other keys
	// are optional and depend on the variant — for `assetType: algorithm`
	// you'll see `algorithmName`, `algorithmFamily`, `algorithmPrimitive`,
	// `algorithmMode`, `algorithmPadding`, `algorithmParameterSetIdentifier`;
	// for `assetType: protocol` you'll see `protocolName`, `protocolStrength`;
	// for `assetType: certificate` you'll see `certificateFormat`,
	// `certificateAlgorithm`, `certificateType`, `certificateStoreType`;
	// for `assetType: related-crypto-material` you'll see `materialType`,
	// `materialAlgorithm`, `materialFormat`, `materialSize`.
	// Schema evolution (new fields, new variants) is forward-compatible —
	// this service does NOT re-curate or translate metadata.
	Metadata CryptoFinderMetadata `json:"metadata"`

	// Oid RFC 5280 / CBOM Object Identifier when applicable.
	Oid *string `json:"oid,omitempty"`

	// Reachable True iff at least one entry point reaches this asset. Present
	// only when the reachability endpoint was called with
	// `include_call_chains: true`.
	Reachable *bool             `json:"reachable,omitempty"`
	Source    CryptoAssetSource `json:"source"`
	StartLine int32             `json:"start_line"`

	// SupportingCallIds Foreign-key breadcrumb to the block-level `supporting_calls[]`
	// array. Each string value is a `supporting_calls[].supporting_id`.
	// Present only when `include_supporting_calls: true` and this
	// asset's finding graph references supporting calls.
	SupportingCallIds *[]string `json:"supporting_call_ids,omitempty"`
}

CryptoAsset One cryptographic operation detected in source code — thin pass-through over the crypto-finder findings.json `cryptographic_assets[]` entry.

`metadata` is the verbatim crypto-finder block (camelCase keys; see `CryptoFinderMetadata`). This service does NOT split it into typed sub-objects. Consumers branch on `metadata.assetType`.

`reachable` and `call_chains` are populated ONLY when `include_call_chains: true`. `call_chains` follows crypto-finder's callgraph 6.x schema (each chain is an ordered array of `CallNode` frame objects), with this API adding `is_final: true` to each chain's last frame. `supporting_call_ids` is populated ONLY when `include_supporting_calls: true`.

type CryptoAssetSource

type CryptoAssetSource string

CryptoAssetSource defines model for CryptoAsset.Source.

const (
	Direct   CryptoAssetSource = "direct"
	Indirect CryptoAssetSource = "indirect"
)

Defines values for CryptoAssetSource.

type CryptoEntryPoint

type CryptoEntryPoint struct {
	CanonicalSignature string  `json:"canonical_signature"`
	Class              string  `json:"class"`
	DisplaySymbol      *string `json:"display_symbol,omitempty"`

	// FunctionKey Stable internal key for this function in the callgraph.
	FunctionKey       string                           `json:"function_key"`
	FunctionName      string                           `json:"function_name"`
	Method            string                           `json:"method"`
	OwnerVisibility   *CryptoEntryPointOwnerVisibility `json:"owner_visibility,omitempty"`
	ParameterTypes    *[]string                        `json:"parameter_types,omitempty"`
	ReachableFindings []ReachableFinding               `json:"reachable_findings"`

	// ReachableSupportingCalls Supporting calls reachable from this entry point.
	ReachableSupportingCalls *[]ReachableSupportingCall  `json:"reachable_supporting_calls,omitempty"`
	ReturnType               *string                     `json:"return_type,omitempty"`
	Visibility               *CryptoEntryPointVisibility `json:"visibility,omitempty"`
}

CryptoEntryPoint One entry-point function that can reach one or more cryptographic operations, as emitted by the callgraph 6.x `crypto_entry_points[]` array. Passed through as raw JSON from the merged callgraph. Populated only when `include_crypto_entry_points: true`.

This is the projection that **replaced** the legacy `entry_point_index` field present in callgraph schemas prior to 6.x.

type CryptoEntryPointOwnerVisibility

type CryptoEntryPointOwnerVisibility string

CryptoEntryPointOwnerVisibility defines model for CryptoEntryPoint.OwnerVisibility.

const (
	CryptoEntryPointOwnerVisibilityPackagePrivate CryptoEntryPointOwnerVisibility = "package-private"
	CryptoEntryPointOwnerVisibilityPrivate        CryptoEntryPointOwnerVisibility = "private"
	CryptoEntryPointOwnerVisibilityProtected      CryptoEntryPointOwnerVisibility = "protected"
	CryptoEntryPointOwnerVisibilityPublic         CryptoEntryPointOwnerVisibility = "public"
)

Defines values for CryptoEntryPointOwnerVisibility.

type CryptoEntryPointVisibility

type CryptoEntryPointVisibility string

CryptoEntryPointVisibility defines model for CryptoEntryPoint.Visibility.

const (
	CryptoEntryPointVisibilityPackagePrivate CryptoEntryPointVisibility = "package-private"
	CryptoEntryPointVisibilityPrivate        CryptoEntryPointVisibility = "private"
	CryptoEntryPointVisibilityProtected      CryptoEntryPointVisibility = "protected"
	CryptoEntryPointVisibilityPublic         CryptoEntryPointVisibility = "public"
)

Defines values for CryptoEntryPointVisibility.

type CryptoFinderMetadata

type CryptoFinderMetadata struct {
	Api *string `json:"api,omitempty"`

	// AssetType Discriminator (camelCase from crypto-finder). Known values:
	// `algorithm`, `protocol`, `certificate`, `related-crypto-material`.
	// Unknown values are forwarded verbatim.
	AssetType            *string                `json:"assetType,omitempty"`
	Library              *string                `json:"library,omitempty"`
	Provider             *string                `json:"provider,omitempty"`
	AdditionalProperties map[string]interface{} `json:"-"`
}

CryptoFinderMetadata Pass-through metadata block as emitted by crypto-finder's findings envelope (v1.3). The shape is owned by crypto-finder, not by this service. Keys are CAMEL CASE (e.g. `assetType`, `algorithmName`, `protocolName`, `materialType`). `assetType` is the discriminator used by consumers that want to branch on the variant. All other keys are optional and depend on the variant — for `assetType: algorithm` you'll see `algorithmName`, `algorithmFamily`, `algorithmPrimitive`, `algorithmMode`, `algorithmPadding`, `algorithmParameterSetIdentifier`; for `assetType: protocol` you'll see `protocolName`, `protocolStrength`; for `assetType: certificate` you'll see `certificateFormat`, `certificateAlgorithm`, `certificateType`, `certificateStoreType`; for `assetType: related-crypto-material` you'll see `materialType`, `materialAlgorithm`, `materialFormat`, `materialSize`. Schema evolution (new fields, new variants) is forward-compatible — this service does NOT re-curate or translate metadata.

func (CryptoFinderMetadata) Get

func (a CryptoFinderMetadata) Get(fieldName string) (value interface{}, found bool)

Getter for additional properties for CryptoFinderMetadata. Returns the specified element and whether it was found

func (CryptoFinderMetadata) MarshalJSON

func (a CryptoFinderMetadata) MarshalJSON() ([]byte, error)

Override default JSON handling for CryptoFinderMetadata to handle AdditionalProperties

func (*CryptoFinderMetadata) Set

func (a *CryptoFinderMetadata) Set(fieldName string, value interface{})

Setter for additional properties for CryptoFinderMetadata

func (*CryptoFinderMetadata) UnmarshalJSON

func (a *CryptoFinderMetadata) UnmarshalJSON(b []byte) error

Override default JSON handling for CryptoFinderMetadata to handle AdditionalProperties

type CryptoHint

type CryptoHint struct {
	Category    *string `json:"category,omitempty"`
	Description *string `json:"description,omitempty"`
	Id          *string `json:"id,omitempty"`
	Name        *string `json:"name,omitempty"`
	Purl        *string `json:"purl,omitempty"`
	Url         *string `json:"url,omitempty"`
}

CryptoHint defines model for CryptoHint.

type CryptoHintsInRangeResponse

type CryptoHintsInRangeResponse struct {
	Components []ComponentHintsInRange `json:"components"`
	Status     BatchStatus             `json:"status"`
}

CryptoHintsInRangeResponse defines model for CryptoHintsInRangeResponse.

type CryptoHintsResponse

type CryptoHintsResponse struct {
	Components []ComponentHints `json:"components"`
	Status     BatchStatus      `json:"status"`
}

CryptoHintsResponse defines model for CryptoHintsResponse.

type CryptoVersionsInRangeResponse

type CryptoVersionsInRangeResponse struct {
	Components []ComponentVersionsInRange `json:"components"`
	Status     BatchStatus                `json:"status"`
}

CryptoVersionsInRangeResponse defines model for CryptoVersionsInRangeResponse.

type DataFlowSource

type DataFlowSource struct {
	// CallTarget FQN of the callee for CALL_RESULT sources.
	CallTarget *string `json:"call_target,omitempty"`

	// DeclaredType Declared type of the source symbol.
	DeclaredType *string        `json:"declared_type,omitempty"`
	Location     SourceLocation `json:"location"`

	// Name Variable / field / parameter name.
	Name *string `json:"name,omitempty"`

	// ParameterIndex 0-based parameter index. Set on PARAMETER.
	ParameterIndex *int32             `json:"parameter_index,omitempty"`
	SourceNodes    *[]DataFlowSource  `json:"source_nodes,omitempty"`
	Type           DataFlowSourceType `json:"type"`

	// Value Source-code expression / literal text.
	Value *string `json:"value,omitempty"`
}

DataFlowSource One step in the data-flow chain producing an argument value at a call site. `type` discriminates which fields are meaningful:

| type | name | declared_type | parameter_index | value | call_target | |---------------|------|---------------|-----------------|-------|-------------| | PARAMETER | ✓ | ✓ | ✓ | | | | VARIABLE | ✓ | ✓ | | | | | FIELD | ✓ | ✓ | | | | | CALL_RESULT | | | | ✓ | ✓ | | EXPRESSION | | | | ✓ | | | VALUE | | | | ✓ | | | LITERAL | | | | ✓ | |

`source_nodes` is recursive: each source can be itself sourced from prior sources, forming a full taint chain back to the value's origin.

type DataFlowSourceType

type DataFlowSourceType string

DataFlowSourceType defines model for DataFlowSource.Type.

const (
	CALLRESULT DataFlowSourceType = "CALL_RESULT"
	EXPRESSION DataFlowSourceType = "EXPRESSION"
	FIELD      DataFlowSourceType = "FIELD"
	LITERAL    DataFlowSourceType = "LITERAL"
	PARAMETER  DataFlowSourceType = "PARAMETER"
	VALUE      DataFlowSourceType = "VALUE"
	VARIABLE   DataFlowSourceType = "VARIABLE"
)

Defines values for DataFlowSourceType.

type DepTreeReachabilityRequest

type DepTreeReachabilityRequest struct {
	// Dependencies Flat list of every (purl, version) to be stitched. Every entry
	// MUST carry a version, either as an exact pin (`=1.5.2`) or as a
	// SemVer constraint expression (`>=1.0`, `^2.0`, `~1.5`).
	// Range constraints resolve to the highest mined version satisfying
	// the constraint. The server does NOT auto-resolve transitive deps.
	Dependencies []ComponentRequest `json:"dependencies"`

	// EntryPointSignatures Optional exact-match filter on entry-point canonical signatures.
	// When non-empty, `findings[]` is **restricted to assets reachable
	// from at least one supplied entry point**. Findings unreachable
	// from any supplied entry are REMOVED entirely —
	// they do NOT appear as `reachable=false` entries. An empty array
	// (or absent field) means no filter; all findings are returned.
	// Signatures that matched zero call chains are listed in
	// `unmatched_signatures` at the top level of the response
	// (diagnostic for typos).
	EntryPointSignatures *[]string `json:"entry_point_signatures,omitempty"`

	// IncludeCallChains When true, decorates each asset with its `call_chains[]` array
	// (raw callgraph 6.x frame arrays) and the `reachable` bool.
	// Default false produces a pure CBOM response (findings without
	// reachability decoration). Independent of `entry_point_signatures`
	// (which controls whether assets are PRUNED to reachable ones).
	// Independent of `include_crypto_entry_points` and
	// `include_supporting_calls`.
	IncludeCallChains *bool `json:"include_call_chains,omitempty"`

	// IncludeCryptoEntryPoints When true, populates `crypto_entry_points[]` at the top level
	// of each `ComponentData` block — the public reachability surface
	// (entry-point functions with their `reachable_findings[]`).
	// This is the projection that **replaced** the legacy
	// `entry_point_index` field.
	// Independent of `include_call_chains` and `include_supporting_calls`.
	IncludeCryptoEntryPoints *bool `json:"include_crypto_entry_points,omitempty"`
	IncludeRawCallgraph      *bool `json:"include_raw_callgraph,omitempty"`

	// IncludeSupportingCalls When true, populates `supporting_calls[]` at the top level of
	// each `ComponentData` block (deduped object-lifecycle calls such
	// as IV generation and key-size initialisation) AND attaches
	// `supporting_call_ids[]` to each `cryptographic_asset` whose
	// finding graph references supporting calls. Each
	// `supporting_call_id` resolves to a `supporting_calls[].supporting_id`
	// in the same block.
	// Independent of `include_call_chains` and `include_crypto_entry_points`.
	IncludeSupportingCalls *bool `json:"include_supporting_calls,omitempty"`

	// MaxChainsPerAsset Per-asset cap on `call_chains[]` length. `0` (the default) = no cap.
	// Positive integer sets a per-asset limit. Hard cap 128.
	MaxChainsPerAsset *int32 `json:"max_chains_per_asset,omitempty"`
}

DepTreeReachabilityRequest Request body for dep-tree reachability. There is no `root` field — the dependency tree IS the unit. Supply the flat list of dependencies to stitch; no application identity is required.

type DepTreeReachabilityResponse

type DepTreeReachabilityResponse struct {
	// Callgraph Raw merged callgraph as JSON, populated only when
	// `include_raw_callgraph: true`. Shape: crypto-finder callgraph
	// 6.x verbatim.
	Callgraph *map[string]interface{} `json:"callgraph,omitempty"`
	Data      *[]ComponentData        `json:"data,omitempty"`

	// InfoCode One of:
	// - `READY` — reachability data computed successfully.
	// - `INVALID_PURL` — a supplied PURL could not be parsed.
	// - `INVALID_SEMVER` — a requirement is structurally invalid
	//   (e.g. empty string) or is a valid constraint but no mined
	//   version satisfies it (version not in catalog).
	// - `INVALID_REQUEST` — the request is structurally invalid in a
	//   way not covered by `INVALID_PURL` or `INVALID_SEMVER`
	//   (e.g. empty `dependencies` array).
	// - `NO_INFO` — reachability data unavailable (one or more deps
	//   unmined, stitch failed, or request timed out). When caused by
	//   missing deps, `missing_components` lists the unsatisfied entries.
	InfoCode    string  `json:"info_code"`
	InfoMessage *string `json:"info_message,omitempty"`

	// MissingComponents Subset of the request's `dependencies` that the service could not
	// satisfy from mining data. Each entry carries the resolved
	// `(purl, version)` pair — version is the value after stripping the
	// leading `=` from the original requirement. Present only when
	// `info_code=NO_INFO` and the cause was unmined or callgraph-less
	// dependencies.
	MissingComponents *[]struct {
		Purl    string `json:"purl"`
		Version string `json:"version"`
	} `json:"missing_components,omitempty"`

	// RulesVersion Highest `rules_version` among the dependency rows that contributed
	// to this response. Dependencies may have been mined at different
	// points in time under different rules_versions; this field reports
	// the most recent contributor (by mining `created_at`), NOT a
	// uniform "all deps under this version" guarantee. Use this when
	// comparing two dep-tree responses to detect whether new rules
	// have landed since the last call. Present only when `info_code=READY`.
	RulesVersion *string `json:"rules_version,omitempty"`

	// Status Top-level outcome for the request as a whole.
	Status StatusResponse `json:"status"`

	// UnmatchedSignatures Signatures from `entry_point_signatures` that matched zero chains
	// across the merged callgraph.
	UnmatchedSignatures *[]string `json:"unmatched_signatures,omitempty"`
}

DepTreeReachabilityResponse Response envelope for dep-tree reachability. Top-level shape: `{data, info_code, info_message, missing_components, rules_version, status, unmatched_signatures, callgraph}`.

There is no `root` field — the dependency tree is self-contained. `data` is an array with one `ComponentData` block per supplied dep. Each block carries that dep's own findings (per-dep, not merged across deps). Component identity (`purl`, `version`, `requirement`) lives inside each `data[]` element, not at the top level.

`unmatched_signatures` and `callgraph` live at the TOP LEVEL.

type DependenciesResolveResponse

type DependenciesResolveResponse struct {
	Components []Dependency `json:"components"`
	Status     BatchStatus  `json:"status"`
}

DependenciesResolveResponse defines model for DependenciesResolveResponse.

type Dependency

type Dependency struct {
	Comment   *string `json:"comment,omitempty"`
	Component *string `json:"component,omitempty"`

	// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
	// (a nearest-version was substituted); the others mark failures.
	InfoCode    *InfoCode            `json:"info_code,omitempty"`
	InfoMessage *string              `json:"info_message,omitempty"`
	Licenses    *[]DependencyLicense `json:"licenses,omitempty"`
	Purl        *string              `json:"purl,omitempty"`
	Requirement *string              `json:"requirement,omitempty"`
	Url         *string              `json:"url,omitempty"`
	Version     *string              `json:"version,omitempty"`
}

Dependency defines model for Dependency.

type DependencyLicense

type DependencyLicense struct {
	IsSpdxApproved *bool   `json:"is_spdx_approved,omitempty"`
	Name           *string `json:"name,omitempty"`
	SpdxId         *string `json:"spdx_id,omitempty"`
	Url            *string `json:"url,omitempty"`
}

DependencyLicense defines model for DependencyLicense.

type DetectorEnum

type DetectorEnum string

DetectorEnum Name of the detector that produced the evidence.

const (
	Licenseclassifier DetectorEnum = "licenseclassifier"
	Nomos             DetectorEnum = "nomos"
	Scancode          DetectorEnum = "scancode"
	Scanoss           DetectorEnum = "scanoss"
	Spdx              DetectorEnum = "spdx"
)

Defines values for DetectorEnum.

type EPSS

type EPSS struct {
	Percentile  *float32 `json:"percentile,omitempty"`
	Probability *float32 `json:"probability,omitempty"`
}

EPSS defines model for EPSS.

type EndLineQuery

type EndLineQuery = int

EndLineQuery defines model for EndLineQuery.

type EngineUnavailable

type EngineUnavailable = ErrorBody

EngineUnavailable defines model for EngineUnavailable.

type ErrorBody

type ErrorBody struct {
	Error struct {
		// Code Stable machine-readable error identifier. Possible values:
		//   - INVALID_BODY, INVALID_QUERY, INVALID_MD5, INVALID_RANGE
		//   - EMPTY_BATCH
		//   - INVALID_PURL, COMPONENT_NOT_FOUND, VERSION_NOT_FOUND
		//   - NOTICE_NOT_FOUND, FILE_NOT_FOUND, MZ_READ_FAILED
		//   - TIMEOUT, INTERNAL_ERROR
		Code    string `json:"code"`
		Message string `json:"message"`
	} `json:"error"`
	Status    ErrorBodyStatus `json:"status"`
	Timestamp time.Time       `json:"timestamp"`
}

ErrorBody defines model for ErrorBody.

type ErrorBodyStatus

type ErrorBodyStatus string

ErrorBodyStatus defines model for ErrorBody.Status.

const (
	ErrorBodyStatusError ErrorBodyStatus = "error"
)

Defines values for ErrorBodyStatus.

type EvidenceRange

type EvidenceRange struct {
	// End Inclusive end (line or byte offset); 0 means whole-file evidence
	End int `json:"end"`

	// EvidenceUrl URL to the fragment backing the detection. The base endpoint is
	// chosen from the detection `source`:
	//   * `notice_declared`           → /v3/notice-contents/{id}
	//   * `header_declared`, `spdx_tag` → /v3/file-contents/{id}
	//   * `metadata_declared`         → /v3/metadata-contents/{id}
	// The `start`/`end` query string is omitted when both are 0.
	EvidenceUrl *string `json:"evidence_url,omitempty"`

	// Start Inclusive start (line or byte offset); 0 means whole-file evidence
	Start int `json:"start"`
}

EvidenceRange Line range or byte range of the evidence, depending on the server's license-hints backend: 1-based inclusive **line numbers** with the default `postgres` backend, or **byte offsets** with the `ldb` backend. The content endpoints slice `?start=&end=` by the same unit.

type FileResult

type FileResult struct {
	// FileHash MD5 of the matched file: equals `source_hash` for a `file` match, the matched OSS file's MD5 for a `snippet` match (differs from `source_hash`), and empty for a `none` match.
	FileHash string `json:"file_hash"`

	// MatchType Full-file match, partial (snippet) match, or no match.
	MatchType FileResultMatchType `json:"match_type"`

	// Matches Matched KB entries for this file.
	Matches []MatchResult `json:"matches"`

	// Path The scanned file path.
	Path string `json:"path"`

	// SourceHash MD5 of the input file (from the WFP).
	SourceHash string `json:"source_hash"`
}

FileResult One scanned-file entry in a batchScanner report.

type FileResultMatchType

type FileResultMatchType string

FileResultMatchType Full-file match, partial (snippet) match, or no match.

const (
	File    FileResultMatchType = "file"
	None    FileResultMatchType = "none"
	Snippet FileResultMatchType = "snippet"
)

Defines values for FileResultMatchType.

type Finding

type Finding struct {
	CryptographicAssets []CryptoAsset `json:"cryptographic_assets"`
	FilePath            string        `json:"file_path"`
	Language            string        `json:"language"`
}

Finding File-level grouping mirroring crypto-finder's findings.json `findings[]` entry. One Finding carries one file's `cryptographic_assets[]`.

type GeoContributorsResponse

type GeoContributorsResponse struct {
	ComponentsLocations []ComponentLocationInfo `json:"components_locations"`
	Status              BatchStatus             `json:"status"`
}

GeoContributorsResponse defines model for GeoContributorsResponse.

type GeoCuratedLocation

type GeoCuratedLocation struct {
	Count   *int    `json:"count,omitempty"`
	Country *string `json:"country,omitempty"`
}

GeoCuratedLocation defines model for GeoCuratedLocation.

type GeoDeclaredLocation

type GeoDeclaredLocation struct {
	Location *string `json:"location,omitempty"`

	// Type owner | contributor
	Type *string `json:"type,omitempty"`
}

GeoDeclaredLocation defines model for GeoDeclaredLocation.

type GeoLocation

type GeoLocation struct {
	Name       *string  `json:"name,omitempty"`
	Percentage *float32 `json:"percentage,omitempty"`
}

GeoLocation defines model for GeoLocation.

type GeoOriginResponse

type GeoOriginResponse struct {
	ComponentsLocations []ComponentLocation `json:"components_locations"`
	Status              BatchStatus         `json:"status"`
}

GeoOriginResponse defines model for GeoOriginResponse.

type GetComponentReachabilityJSONRequestBody

type GetComponentReachabilityJSONRequestBody = ComponentReachabilityRequest

GetComponentReachabilityJSONRequestBody defines body for GetComponentReachability for application/json ContentType.

type GetComponentStatusParams

type GetComponentStatusParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl PurlQuery `form:"purl" json:"purl"`

	// Requirement Optional version requirement (e.g. `v5.4.5`)
	Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`

	// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
	MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in results (placeholder — data source TBD).
	ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`

	// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
	OnVersionNotFound *GetComponentStatusParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}

GetComponentStatusParams defines parameters for GetComponentStatus.

type GetComponentStatusParamsOnVersionNotFound

type GetComponentStatusParamsOnVersionNotFound string

GetComponentStatusParamsOnVersionNotFound defines parameters for GetComponentStatus.

const (
	GetComponentStatusParamsOnVersionNotFoundShowAny       GetComponentStatusParamsOnVersionNotFound = "show_any"
	GetComponentStatusParamsOnVersionNotFoundShowClosestGt GetComponentStatusParamsOnVersionNotFound = "show_closest_gt"
	GetComponentStatusParamsOnVersionNotFoundShowClosestLt GetComponentStatusParamsOnVersionNotFound = "show_closest_lt"
	GetComponentStatusParamsOnVersionNotFoundShowLatest    GetComponentStatusParamsOnVersionNotFound = "show_latest"
	GetComponentStatusParamsOnVersionNotFoundStrict        GetComponentStatusParamsOnVersionNotFound = "strict"
)

Defines values for GetComponentStatusParamsOnVersionNotFound.

type GetComponentVersionsParams

type GetComponentVersionsParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl  PurlQuery `form:"purl" json:"purl"`
	Limit *int      `form:"limit,omitempty" json:"limit,omitempty"`
}

GetComponentVersionsParams defines parameters for GetComponentVersions.

type GetFileContentParams

type GetFileContentParams struct {
	// Start 1-based inclusive start line. Defaults to 1 when omitted.
	Start *StartLineQuery `form:"start,omitempty" json:"start,omitempty"`

	// End 1-based inclusive end line. Defaults to last line when omitted.
	End *EndLineQuery `form:"end,omitempty" json:"end,omitempty"`
}

GetFileContentParams defines parameters for GetFileContent.

type GetLicensesComponentParams

type GetLicensesComponentParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl PurlQuery `form:"purl" json:"purl"`

	// Requirement Optional version requirement (e.g. `v5.4.5`)
	Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`

	// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
	MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in results (placeholder — data source TBD).
	ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`

	// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
	OnVersionNotFound *GetLicensesComponentParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}

GetLicensesComponentParams defines parameters for GetLicensesComponent.

type GetLicensesComponentParamsOnVersionNotFound

type GetLicensesComponentParamsOnVersionNotFound string

GetLicensesComponentParamsOnVersionNotFound defines parameters for GetLicensesComponent.

const (
	GetLicensesComponentParamsOnVersionNotFoundShowAny       GetLicensesComponentParamsOnVersionNotFound = "show_any"
	GetLicensesComponentParamsOnVersionNotFoundShowClosestGt GetLicensesComponentParamsOnVersionNotFound = "show_closest_gt"
	GetLicensesComponentParamsOnVersionNotFoundShowClosestLt GetLicensesComponentParamsOnVersionNotFound = "show_closest_lt"
	GetLicensesComponentParamsOnVersionNotFoundShowLatest    GetLicensesComponentParamsOnVersionNotFound = "show_latest"
	GetLicensesComponentParamsOnVersionNotFoundStrict        GetLicensesComponentParamsOnVersionNotFound = "strict"
)

Defines values for GetLicensesComponentParamsOnVersionNotFound.

type GetLicensesDetailsParams

type GetLicensesDetailsParams struct {
	// Id SPDX license identifier (e.g. `MIT`, `GPL-2.0-only`).
	Id string `form:"id" json:"id"`
}

GetLicensesDetailsParams defines parameters for GetLicensesDetails.

type GetLicensesObligationsParams

type GetLicensesObligationsParams struct {
	// Id SPDX license identifier (e.g. `MIT`, `GPL-2.0-only`).
	Id string `form:"id" json:"id"`
}

GetLicensesObligationsParams defines parameters for GetLicensesObligations.

type GetMetadataContentParams

type GetMetadataContentParams struct {
	// Start 1-based inclusive start line. Defaults to 1 when omitted.
	Start *StartLineQuery `form:"start,omitempty" json:"start,omitempty"`

	// End 1-based inclusive end line. Defaults to last line when omitted.
	End *EndLineQuery `form:"end,omitempty" json:"end,omitempty"`
}

GetMetadataContentParams defines parameters for GetMetadataContent.

type GetNoticeContentParams

type GetNoticeContentParams struct {
	// Start 1-based inclusive start line. Defaults to 1 when omitted.
	Start *StartLineQuery `form:"start,omitempty" json:"start,omitempty"`

	// End 1-based inclusive end line. Defaults to last line when omitted.
	End *EndLineQuery `form:"end,omitempty" json:"end,omitempty"`
}

GetNoticeContentParams defines parameters for GetNoticeContent.

type GetReachabilityForDepTreeJSONRequestBody

type GetReachabilityForDepTreeJSONRequestBody = DepTreeReachabilityRequest

GetReachabilityForDepTreeJSONRequestBody defines body for GetReachabilityForDepTree for application/json ContentType.

type GetScanRawParams

type GetScanRawParams struct {
	// Md5 File hash — 32-char hex MD5 or 16-char hex CRC64, per the engine's key type.
	Md5 string `form:"md5" json:"md5"`
}

GetScanRawParams defines parameters for GetScanRaw.

type GetV3CryptographyAlgorithmsParams

type GetV3CryptographyAlgorithmsParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl PurlQuery `form:"purl" json:"purl"`

	// Requirement Optional version requirement (e.g. `v5.4.5`)
	Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`

	// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
	MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in results (placeholder — data source TBD).
	ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`

	// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
	OnVersionNotFound *GetV3CryptographyAlgorithmsParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}

GetV3CryptographyAlgorithmsParams defines parameters for GetV3CryptographyAlgorithms.

type GetV3CryptographyAlgorithmsParamsOnVersionNotFound

type GetV3CryptographyAlgorithmsParamsOnVersionNotFound string

GetV3CryptographyAlgorithmsParamsOnVersionNotFound defines parameters for GetV3CryptographyAlgorithms.

const (
	GetV3CryptographyAlgorithmsParamsOnVersionNotFoundShowAny       GetV3CryptographyAlgorithmsParamsOnVersionNotFound = "show_any"
	GetV3CryptographyAlgorithmsParamsOnVersionNotFoundShowClosestGt GetV3CryptographyAlgorithmsParamsOnVersionNotFound = "show_closest_gt"
	GetV3CryptographyAlgorithmsParamsOnVersionNotFoundShowClosestLt GetV3CryptographyAlgorithmsParamsOnVersionNotFound = "show_closest_lt"
	GetV3CryptographyAlgorithmsParamsOnVersionNotFoundShowLatest    GetV3CryptographyAlgorithmsParamsOnVersionNotFound = "show_latest"
	GetV3CryptographyAlgorithmsParamsOnVersionNotFoundStrict        GetV3CryptographyAlgorithmsParamsOnVersionNotFound = "strict"
)

Defines values for GetV3CryptographyAlgorithmsParamsOnVersionNotFound.

type GetV3CryptographyAlgorithmsRangeParams

type GetV3CryptographyAlgorithmsRangeParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl PurlQuery `form:"purl" json:"purl"`

	// Requirement Optional version requirement (e.g. `v5.4.5`)
	Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`

	// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
	MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in results (placeholder — data source TBD).
	ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`

	// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
	OnVersionNotFound *GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}

GetV3CryptographyAlgorithmsRangeParams defines parameters for GetV3CryptographyAlgorithmsRange.

type GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound

type GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound string

GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound defines parameters for GetV3CryptographyAlgorithmsRange.

const (
	GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFoundShowAny       GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound = "show_any"
	GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFoundShowClosestGt GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound = "show_closest_gt"
	GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFoundShowClosestLt GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound = "show_closest_lt"
	GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFoundShowLatest    GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound = "show_latest"
	GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFoundStrict        GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound = "strict"
)

Defines values for GetV3CryptographyAlgorithmsRangeParamsOnVersionNotFound.

type GetV3CryptographyAlgorithmsVersionsRangeParams

type GetV3CryptographyAlgorithmsVersionsRangeParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl PurlQuery `form:"purl" json:"purl"`

	// Requirement Optional version requirement (e.g. `v5.4.5`)
	Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`

	// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
	MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in results (placeholder — data source TBD).
	ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`

	// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
	OnVersionNotFound *GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}

GetV3CryptographyAlgorithmsVersionsRangeParams defines parameters for GetV3CryptographyAlgorithmsVersionsRange.

type GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound

type GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound string

GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound defines parameters for GetV3CryptographyAlgorithmsVersionsRange.

const (
	GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFoundShowAny       GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound = "show_any"
	GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFoundShowClosestGt GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound = "show_closest_gt"
	GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFoundShowClosestLt GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound = "show_closest_lt"
	GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFoundShowLatest    GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound = "show_latest"
	GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFoundStrict        GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound = "strict"
)

Defines values for GetV3CryptographyAlgorithmsVersionsRangeParamsOnVersionNotFound.

type GetV3CryptographyHintsParams

type GetV3CryptographyHintsParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl PurlQuery `form:"purl" json:"purl"`

	// Requirement Optional version requirement (e.g. `v5.4.5`)
	Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`

	// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
	MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in results (placeholder — data source TBD).
	ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`

	// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
	OnVersionNotFound *GetV3CryptographyHintsParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}

GetV3CryptographyHintsParams defines parameters for GetV3CryptographyHints.

type GetV3CryptographyHintsParamsOnVersionNotFound

type GetV3CryptographyHintsParamsOnVersionNotFound string

GetV3CryptographyHintsParamsOnVersionNotFound defines parameters for GetV3CryptographyHints.

const (
	GetV3CryptographyHintsParamsOnVersionNotFoundShowAny       GetV3CryptographyHintsParamsOnVersionNotFound = "show_any"
	GetV3CryptographyHintsParamsOnVersionNotFoundShowClosestGt GetV3CryptographyHintsParamsOnVersionNotFound = "show_closest_gt"
	GetV3CryptographyHintsParamsOnVersionNotFoundShowClosestLt GetV3CryptographyHintsParamsOnVersionNotFound = "show_closest_lt"
	GetV3CryptographyHintsParamsOnVersionNotFoundShowLatest    GetV3CryptographyHintsParamsOnVersionNotFound = "show_latest"
	GetV3CryptographyHintsParamsOnVersionNotFoundStrict        GetV3CryptographyHintsParamsOnVersionNotFound = "strict"
)

Defines values for GetV3CryptographyHintsParamsOnVersionNotFound.

type GetV3CryptographyHintsRangeParams

type GetV3CryptographyHintsRangeParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl PurlQuery `form:"purl" json:"purl"`

	// Requirement Optional version requirement (e.g. `v5.4.5`)
	Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`

	// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
	MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in results (placeholder — data source TBD).
	ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`

	// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
	OnVersionNotFound *GetV3CryptographyHintsRangeParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}

GetV3CryptographyHintsRangeParams defines parameters for GetV3CryptographyHintsRange.

type GetV3CryptographyHintsRangeParamsOnVersionNotFound

type GetV3CryptographyHintsRangeParamsOnVersionNotFound string

GetV3CryptographyHintsRangeParamsOnVersionNotFound defines parameters for GetV3CryptographyHintsRange.

const (
	GetV3CryptographyHintsRangeParamsOnVersionNotFoundShowAny       GetV3CryptographyHintsRangeParamsOnVersionNotFound = "show_any"
	GetV3CryptographyHintsRangeParamsOnVersionNotFoundShowClosestGt GetV3CryptographyHintsRangeParamsOnVersionNotFound = "show_closest_gt"
	GetV3CryptographyHintsRangeParamsOnVersionNotFoundShowClosestLt GetV3CryptographyHintsRangeParamsOnVersionNotFound = "show_closest_lt"
	GetV3CryptographyHintsRangeParamsOnVersionNotFoundShowLatest    GetV3CryptographyHintsRangeParamsOnVersionNotFound = "show_latest"
	GetV3CryptographyHintsRangeParamsOnVersionNotFoundStrict        GetV3CryptographyHintsRangeParamsOnVersionNotFound = "strict"
)

Defines values for GetV3CryptographyHintsRangeParamsOnVersionNotFound.

type GetV3DependenciesDependenciesParams

type GetV3DependenciesDependenciesParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl PurlQuery `form:"purl" json:"purl"`

	// Requirement Optional version requirement (e.g. `v5.4.5`)
	Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`

	// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
	MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in results (placeholder — data source TBD).
	ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`

	// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
	OnVersionNotFound *GetV3DependenciesDependenciesParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}

GetV3DependenciesDependenciesParams defines parameters for GetV3DependenciesDependencies.

type GetV3DependenciesDependenciesParamsOnVersionNotFound

type GetV3DependenciesDependenciesParamsOnVersionNotFound string

GetV3DependenciesDependenciesParamsOnVersionNotFound defines parameters for GetV3DependenciesDependencies.

const (
	GetV3DependenciesDependenciesParamsOnVersionNotFoundShowAny       GetV3DependenciesDependenciesParamsOnVersionNotFound = "show_any"
	GetV3DependenciesDependenciesParamsOnVersionNotFoundShowClosestGt GetV3DependenciesDependenciesParamsOnVersionNotFound = "show_closest_gt"
	GetV3DependenciesDependenciesParamsOnVersionNotFoundShowClosestLt GetV3DependenciesDependenciesParamsOnVersionNotFound = "show_closest_lt"
	GetV3DependenciesDependenciesParamsOnVersionNotFoundShowLatest    GetV3DependenciesDependenciesParamsOnVersionNotFound = "show_latest"
	GetV3DependenciesDependenciesParamsOnVersionNotFoundStrict        GetV3DependenciesDependenciesParamsOnVersionNotFound = "strict"
)

Defines values for GetV3DependenciesDependenciesParamsOnVersionNotFound.

type GetV3GeoprovenanceCountriesParams

type GetV3GeoprovenanceCountriesParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl PurlQuery `form:"purl" json:"purl"`

	// Requirement Optional version requirement (e.g. `v5.4.5`)
	Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`

	// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
	MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in results (placeholder — data source TBD).
	ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`

	// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
	OnVersionNotFound *GetV3GeoprovenanceCountriesParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}

GetV3GeoprovenanceCountriesParams defines parameters for GetV3GeoprovenanceCountries.

type GetV3GeoprovenanceCountriesParamsOnVersionNotFound

type GetV3GeoprovenanceCountriesParamsOnVersionNotFound string

GetV3GeoprovenanceCountriesParamsOnVersionNotFound defines parameters for GetV3GeoprovenanceCountries.

const (
	GetV3GeoprovenanceCountriesParamsOnVersionNotFoundShowAny       GetV3GeoprovenanceCountriesParamsOnVersionNotFound = "show_any"
	GetV3GeoprovenanceCountriesParamsOnVersionNotFoundShowClosestGt GetV3GeoprovenanceCountriesParamsOnVersionNotFound = "show_closest_gt"
	GetV3GeoprovenanceCountriesParamsOnVersionNotFoundShowClosestLt GetV3GeoprovenanceCountriesParamsOnVersionNotFound = "show_closest_lt"
	GetV3GeoprovenanceCountriesParamsOnVersionNotFoundShowLatest    GetV3GeoprovenanceCountriesParamsOnVersionNotFound = "show_latest"
	GetV3GeoprovenanceCountriesParamsOnVersionNotFoundStrict        GetV3GeoprovenanceCountriesParamsOnVersionNotFound = "strict"
)

Defines values for GetV3GeoprovenanceCountriesParamsOnVersionNotFound.

type GetV3GeoprovenanceOriginParams

type GetV3GeoprovenanceOriginParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl PurlQuery `form:"purl" json:"purl"`

	// Requirement Optional version requirement (e.g. `v5.4.5`)
	Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`

	// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
	MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in results (placeholder — data source TBD).
	ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`

	// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
	OnVersionNotFound *GetV3GeoprovenanceOriginParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}

GetV3GeoprovenanceOriginParams defines parameters for GetV3GeoprovenanceOrigin.

type GetV3GeoprovenanceOriginParamsOnVersionNotFound

type GetV3GeoprovenanceOriginParamsOnVersionNotFound string

GetV3GeoprovenanceOriginParamsOnVersionNotFound defines parameters for GetV3GeoprovenanceOrigin.

const (
	GetV3GeoprovenanceOriginParamsOnVersionNotFoundShowAny       GetV3GeoprovenanceOriginParamsOnVersionNotFound = "show_any"
	GetV3GeoprovenanceOriginParamsOnVersionNotFoundShowClosestGt GetV3GeoprovenanceOriginParamsOnVersionNotFound = "show_closest_gt"
	GetV3GeoprovenanceOriginParamsOnVersionNotFoundShowClosestLt GetV3GeoprovenanceOriginParamsOnVersionNotFound = "show_closest_lt"
	GetV3GeoprovenanceOriginParamsOnVersionNotFoundShowLatest    GetV3GeoprovenanceOriginParamsOnVersionNotFound = "show_latest"
	GetV3GeoprovenanceOriginParamsOnVersionNotFoundStrict        GetV3GeoprovenanceOriginParamsOnVersionNotFound = "strict"
)

Defines values for GetV3GeoprovenanceOriginParamsOnVersionNotFound.

type GetV3VulnerabilitiesCpesParams

type GetV3VulnerabilitiesCpesParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl PurlQuery `form:"purl" json:"purl"`

	// Requirement Optional version requirement (e.g. `v5.4.5`)
	Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`

	// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
	MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in results (placeholder — data source TBD).
	ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`

	// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
	OnVersionNotFound *GetV3VulnerabilitiesCpesParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}

GetV3VulnerabilitiesCpesParams defines parameters for GetV3VulnerabilitiesCpes.

type GetV3VulnerabilitiesCpesParamsOnVersionNotFound

type GetV3VulnerabilitiesCpesParamsOnVersionNotFound string

GetV3VulnerabilitiesCpesParamsOnVersionNotFound defines parameters for GetV3VulnerabilitiesCpes.

const (
	GetV3VulnerabilitiesCpesParamsOnVersionNotFoundShowAny       GetV3VulnerabilitiesCpesParamsOnVersionNotFound = "show_any"
	GetV3VulnerabilitiesCpesParamsOnVersionNotFoundShowClosestGt GetV3VulnerabilitiesCpesParamsOnVersionNotFound = "show_closest_gt"
	GetV3VulnerabilitiesCpesParamsOnVersionNotFoundShowClosestLt GetV3VulnerabilitiesCpesParamsOnVersionNotFound = "show_closest_lt"
	GetV3VulnerabilitiesCpesParamsOnVersionNotFoundShowLatest    GetV3VulnerabilitiesCpesParamsOnVersionNotFound = "show_latest"
	GetV3VulnerabilitiesCpesParamsOnVersionNotFoundStrict        GetV3VulnerabilitiesCpesParamsOnVersionNotFound = "strict"
)

Defines values for GetV3VulnerabilitiesCpesParamsOnVersionNotFound.

type GetV3VulnerabilitiesVulnerabilitiesParams

type GetV3VulnerabilitiesVulnerabilitiesParams struct {
	// Purl Package URL (e.g. `pkg:github/scanoss/engine`)
	Purl PurlQuery `form:"purl" json:"purl"`

	// Requirement Optional version requirement (e.g. `v5.4.5`)
	Requirement *RequirementQuery `form:"requirement,omitempty" json:"requirement,omitempty"`

	// MaxResultsPerPurl Caps the per-purl result array. 0/absent = no limit.
	MaxResultsPerPurl *SearchMaxResults `form:"max_results_per_purl,omitempty" json:"max_results_per_purl,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *SearchShowRelated `form:"show_related_results,omitempty" json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in results (placeholder — data source TBD).
	ShowUrl *SearchShowURL `form:"show_url,omitempty" json:"show_url,omitempty"`

	// OnVersionNotFound Version fallback strategy (not applied to range endpoints).
	OnVersionNotFound *GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound `form:"on_version_not_found,omitempty" json:"on_version_not_found,omitempty"`
}

GetV3VulnerabilitiesVulnerabilitiesParams defines parameters for GetV3VulnerabilitiesVulnerabilities.

type GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound

type GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound string

GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound defines parameters for GetV3VulnerabilitiesVulnerabilities.

const (
	GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFoundShowAny       GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound = "show_any"
	GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFoundShowClosestGt GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound = "show_closest_gt"
	GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFoundShowClosestLt GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound = "show_closest_lt"
	GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFoundShowLatest    GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound = "show_latest"
	GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFoundStrict        GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound = "strict"
)

Defines values for GetV3VulnerabilitiesVulnerabilitiesParamsOnVersionNotFound.

type InfoCode

type InfoCode string

InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational (a nearest-version was substituted); the others mark failures.

const (
	COMPONENTNOTFOUND InfoCode = "COMPONENT_NOT_FOUND"
	INVALIDPURL       InfoCode = "INVALID_PURL"
	REQUIREMENTNOTMET InfoCode = "REQUIREMENT_NOT_MET"
	RESOLVEFAILED     InfoCode = "RESOLVE_FAILED"
	VERSIONNOTFOUND   InfoCode = "VERSION_NOT_FOUND"
)

Defines values for InfoCode.

type InternalError

type InternalError = ErrorBody

InternalError defines model for InternalError.

type KnowledgeBase

type KnowledgeBase struct {
	// DailyVersion Daily KB delta version.
	DailyVersion string `json:"daily_version,omitempty"`

	// MonthlyVersion Monthly KB snapshot version.
	MonthlyVersion string `json:"monthly_version,omitempty"`
}

KnowledgeBase SCANOSS knowledge-base versions the scan ran against.

type LicenseDetails

type LicenseDetails struct {
	FullName *string `json:"full_name,omitempty"`

	// Osadl OSADL compliance metadata for a license.
	Osadl *OSADLInfo `json:"osadl,omitempty"`

	// Spdx SPDX registry metadata for a license.
	Spdx *SPDXInfo `json:"spdx,omitempty"`
}

LicenseDetails defines model for LicenseDetails.

type LicenseDetailsResponse

type LicenseDetailsResponse struct {
	License *LicenseDetails `json:"license,omitempty"`

	// Status Outcome of a licenses-service call (papi common StatusResponse).
	Status *LookupStatusResponse `json:"status,omitempty"`
}

LicenseDetailsResponse defines model for LicenseDetailsResponse.

type LicenseDetection

type LicenseDetection struct {
	Confidence float32 `json:"confidence"`

	// Detector Name of the detector that produced the evidence.
	Detector DetectorEnum `json:"detector"`

	// Evidence Line range or byte range of the evidence, depending on the server's
	// license-hints backend: 1-based inclusive **line numbers** with the
	// default `postgres` backend, or **byte offsets** with the `ldb` backend.
	// The content endpoints slice `?start=&end=` by the same unit.
	Evidence  EvidenceRange `json:"evidence"`
	LicenseId string        `json:"license_id"`

	// Source Origin/category of the evidence. Today only `header_declared`,
	// `notice_declared` and `metadata_declared` are emitted (derived from
	// the file path); `spdx_tag` and `project_declared` are reserved for a
	// richer signal.
	Source SourceEnum `json:"source"`
}

LicenseDetection defines model for LicenseDetection.

type LicenseEvidenceFile

type LicenseEvidenceFile struct {
	Detections []LicenseDetection `json:"detections"`
	File       string             `json:"file"`

	// FileId MD5 of the file content (used as the content endpoint id).
	FileId string `json:"file_id"`
}

LicenseEvidenceFile defines model for LicenseEvidenceFile.

type LicenseEvidenceItem

type LicenseEvidenceItem struct {
	Files *[]LicenseEvidenceFile `json:"files,omitempty"`

	// InfoCode Per-item resolution outcome. `REQUIREMENT_NOT_MET` is informational
	// (a nearest-version was substituted); the others mark failures.
	InfoCode    *InfoCode `json:"info_code,omitempty"`
	InfoMessage *string   `json:"info_message,omitempty"`
	Purl        string    `json:"purl"`
	Requirement *string   `json:"requirement,omitempty"`

	// Url Present only when `search.show_url` is set (placeholder — not yet populated).
	Url *string `json:"url,omitempty"`

	// Version Concrete version resolved from `requirement`.
	Version *string `json:"version,omitempty"`
}

LicenseEvidenceItem defines model for LicenseEvidenceItem.

type LicenseEvidenceResponse

type LicenseEvidenceResponse struct {
	Components []LicenseEvidenceItem `json:"components"`
	Status     BatchStatus           `json:"status"`
}

LicenseEvidenceResponse defines model for LicenseEvidenceResponse.

type LicenseInfo

type LicenseInfo struct {
	FullName       *string `json:"full_name,omitempty"`
	Id             *string `json:"id,omitempty"`
	IsSpdxApproved *bool   `json:"is_spdx_approved,omitempty"`
	Url            *string `json:"url,omitempty"`
}

LicenseInfo One resolved license of a component.

type LineRange

type LineRange struct {
	// EndLine Last line of the matched range.
	EndLine int `json:"end_line"`

	// StartLine First line of the matched range.
	StartLine int `json:"start_line"`
}

LineRange A matched line range (inclusive) within a file.

type LookupStatusResponse

type LookupStatusResponse struct {
	Message *string                     `json:"message,omitempty"`
	Status  *LookupStatusResponseStatus `json:"status,omitempty"`
}

LookupStatusResponse Outcome of a licenses-service call (papi common StatusResponse).

type LookupStatusResponseStatus

type LookupStatusResponseStatus string

LookupStatusResponseStatus defines model for LookupStatusResponse.Status.

const (
	LookupStatusResponseStatusFAILED                LookupStatusResponseStatus = "FAILED"
	LookupStatusResponseStatusSUCCEEDEDWITHWARNINGS LookupStatusResponseStatus = "SUCCEEDED_WITH_WARNINGS"
	LookupStatusResponseStatusSUCCESS               LookupStatusResponseStatus = "SUCCESS"
)

Defines values for LookupStatusResponseStatus.

type MatchResult

type MatchResult struct {
	// InputLineRanges Snippet matches only — matched line ranges in the input file.
	InputLineRanges []LineRange `json:"input_line_ranges,omitempty"`

	// MatchPercentage Snippet matches only; omitted for full-file matches.
	MatchPercentage int `json:"match_percentage,omitempty"`

	// OssFilePath Path of the matched file inside the OSS component.
	OssFilePath string `json:"oss_file_path,omitempty"`

	// OssLineRanges Snippet matches only — matched line ranges in the OSS file.
	OssLineRanges []LineRange `json:"oss_line_ranges,omitempty"`

	// UrlHash url_hash of the matched component release.
	UrlHash string `json:"url_hash"`
}

MatchResult One matched KB entry for a scanned file.

type MatchedOperation

type MatchedOperation struct {
	Expression *string              `json:"expression,omitempty"`
	Kind       MatchedOperationKind `json:"kind"`
	Line       int32                `json:"line"`
	Symbol     string               `json:"symbol"`
}

MatchedOperation The cryptographic operation matched by a detection rule.

type MatchedOperationKind

type MatchedOperationKind string

MatchedOperationKind defines model for MatchedOperation.Kind.

const (
	Call          MatchedOperationKind = "call"
	FieldAccess   MatchedOperationKind = "field_access"
	Instantiation MatchedOperationKind = "instantiation"
	TypeUsage     MatchedOperationKind = "type_usage"
)

Defines values for MatchedOperationKind.

type NotFound

type NotFound = ErrorBody

NotFound defines model for NotFound.

type OSADLInfo

type OSADLInfo struct {
	Compatibility          *[]string `json:"compatibility,omitempty"`
	CopyleftClause         *bool     `json:"copyleft_clause,omitempty"`
	DependingCompatibility *[]string `json:"depending_compatibility,omitempty"`
	Incompatibility        *[]string `json:"incompatibility,omitempty"`
	PatentHints            *bool     `json:"patent_hints,omitempty"`
}

OSADLInfo OSADL compliance metadata for a license.

type ObligationsResponse

type ObligationsResponse struct {
	// Obligations OSADL compliance metadata for a license.
	Obligations *OSADLInfo `json:"obligations,omitempty"`

	// Status Outcome of a licenses-service call (papi common StatusResponse).
	Status *LookupStatusResponse `json:"status,omitempty"`
}

ObligationsResponse defines model for ObligationsResponse.

type PayloadTooLarge

type PayloadTooLarge = ErrorBody

PayloadTooLarge defines model for PayloadTooLarge.

type PostComponentsStatusJSONRequestBody

type PostComponentsStatusJSONRequestBody = BatchRequest

PostComponentsStatusJSONRequestBody defines body for PostComponentsStatus for application/json ContentType.

type PostCopyrightEvidenceJSONRequestBody

type PostCopyrightEvidenceJSONRequestBody = BatchRequest

PostCopyrightEvidenceJSONRequestBody defines body for PostCopyrightEvidence for application/json ContentType.

type PostCopyrightHoldersJSONRequestBody

type PostCopyrightHoldersJSONRequestBody = BatchRequest

PostCopyrightHoldersJSONRequestBody defines body for PostCopyrightHolders for application/json ContentType.

type PostLicenseAttributionJSONRequestBody

type PostLicenseAttributionJSONRequestBody = BatchRequest

PostLicenseAttributionJSONRequestBody defines body for PostLicenseAttribution for application/json ContentType.

type PostLicenseEvidenceJSONRequestBody

type PostLicenseEvidenceJSONRequestBody = BatchRequest

PostLicenseEvidenceJSONRequestBody defines body for PostLicenseEvidence for application/json ContentType.

type PostLicensesComponentsJSONRequestBody

type PostLicensesComponentsJSONRequestBody = BatchRequest

PostLicensesComponentsJSONRequestBody defines body for PostLicensesComponents for application/json ContentType.

type PostScanBatchParams

type PostScanBatchParams struct {
	// XScanId Absent → Mode B (synchronous single-shot). Present → Mode A (chunked async): a client-generated canonical lowercase UUIDv7, sent on every block of the session.
	XScanId *openapi_types.UUID `json:"X-Scan-Id,omitempty"`

	// ContentRange Required in Mode A (`X-Scan-Id` present): byte range of this block, e.g. `bytes 0-8388607/26214400` (end inclusive, 0-based). Ignored in Mode B.
	ContentRange *string `json:"Content-Range,omitempty"`
}

PostScanBatchParams defines parameters for PostScanBatch.

type PostScanComponentsJSONRequestBody

type PostScanComponentsJSONRequestBody = ScanSbom

PostScanComponentsJSONRequestBody defines body for PostScanComponents for application/json ContentType.

type PostScanComponentsParams

type PostScanComponentsParams struct {
	// Urlhash One urlhash, or several comma-separated (`h1,h2,h3`).
	Urlhash string `form:"urlhash" json:"urlhash"`
}

PostScanComponentsParams defines parameters for PostScanComponents.

type PostScanDirectMultipartBody

type PostScanDirectMultipartBody struct {
	File openapi_types.File `json:"file"`
}

PostScanDirectMultipartBody defines parameters for PostScanDirect.

type PostScanDirectMultipartRequestBody

type PostScanDirectMultipartRequestBody PostScanDirectMultipartBody

PostScanDirectMultipartRequestBody defines body for PostScanDirect for multipart/form-data ContentType.

type PostScanSnippetsParams

type PostScanSnippetsParams struct {
	// Threshold Minimum match threshold (percent).
	Threshold *int `form:"threshold,omitempty" json:"threshold,omitempty"`
}

PostScanSnippetsParams defines parameters for PostScanSnippets.

type PostScanSnippetsTextBody

type PostScanSnippetsTextBody = string

PostScanSnippetsTextBody defines parameters for PostScanSnippets.

type PostScanSnippetsTextRequestBody

type PostScanSnippetsTextRequestBody = PostScanSnippetsTextBody

PostScanSnippetsTextRequestBody defines body for PostScanSnippets for text/plain ContentType.

type PostV3CryptographyAlgorithmsJSONRequestBody

type PostV3CryptographyAlgorithmsJSONRequestBody = BatchRequest

PostV3CryptographyAlgorithmsJSONRequestBody defines body for PostV3CryptographyAlgorithms for application/json ContentType.

type PostV3CryptographyAlgorithmsRangeJSONRequestBody

type PostV3CryptographyAlgorithmsRangeJSONRequestBody = BatchRequest

PostV3CryptographyAlgorithmsRangeJSONRequestBody defines body for PostV3CryptographyAlgorithmsRange for application/json ContentType.

type PostV3CryptographyAlgorithmsVersionsRangeJSONRequestBody

type PostV3CryptographyAlgorithmsVersionsRangeJSONRequestBody = BatchRequest

PostV3CryptographyAlgorithmsVersionsRangeJSONRequestBody defines body for PostV3CryptographyAlgorithmsVersionsRange for application/json ContentType.

type PostV3CryptographyHintsJSONRequestBody

type PostV3CryptographyHintsJSONRequestBody = BatchRequest

PostV3CryptographyHintsJSONRequestBody defines body for PostV3CryptographyHints for application/json ContentType.

type PostV3CryptographyHintsRangeJSONRequestBody

type PostV3CryptographyHintsRangeJSONRequestBody = BatchRequest

PostV3CryptographyHintsRangeJSONRequestBody defines body for PostV3CryptographyHintsRange for application/json ContentType.

type PostV3DependenciesDependenciesJSONRequestBody

type PostV3DependenciesDependenciesJSONRequestBody = BatchRequest

PostV3DependenciesDependenciesJSONRequestBody defines body for PostV3DependenciesDependencies for application/json ContentType.

type PostV3DependenciesTransitiveJSONRequestBody

type PostV3DependenciesTransitiveJSONRequestBody = TransitiveRequest

PostV3DependenciesTransitiveJSONRequestBody defines body for PostV3DependenciesTransitive for application/json ContentType.

type PostV3GeoprovenanceCountriesJSONRequestBody

type PostV3GeoprovenanceCountriesJSONRequestBody = BatchRequest

PostV3GeoprovenanceCountriesJSONRequestBody defines body for PostV3GeoprovenanceCountries for application/json ContentType.

type PostV3GeoprovenanceOriginJSONRequestBody

type PostV3GeoprovenanceOriginJSONRequestBody = BatchRequest

PostV3GeoprovenanceOriginJSONRequestBody defines body for PostV3GeoprovenanceOrigin for application/json ContentType.

type PostV3VulnerabilitiesCpesJSONRequestBody

type PostV3VulnerabilitiesCpesJSONRequestBody = BatchRequest

PostV3VulnerabilitiesCpesJSONRequestBody defines body for PostV3VulnerabilitiesCpes for application/json ContentType.

type PostV3VulnerabilitiesVulnerabilitiesJSONRequestBody

type PostV3VulnerabilitiesVulnerabilitiesJSONRequestBody = BatchRequest

PostV3VulnerabilitiesVulnerabilitiesJSONRequestBody defines body for PostV3VulnerabilitiesVulnerabilities for application/json ContentType.

type PurlQuery

type PurlQuery = string

PurlQuery defines model for PurlQuery.

type RangeConflict

type RangeConflict = ErrorBody

RangeConflict defines model for RangeConflict.

type RawScanResult

type RawScanResult map[string][]map[string]interface{}

RawScanResult Native SCANOSS engine scan output: an object keyed by each scanned file path, each value an array of match candidates. Field set is the engine's, passed through verbatim — modelled here as free-form.

type ReachableFinding

type ReachableFinding struct {
	// ChainDepth Number of intermediate hops between the entry point and this finding.
	ChainDepth int32 `json:"chain_depth"`

	// FindingGraphRef Reference to the `finding_id` of the finding graph this was resolved from.
	FindingGraphRef string `json:"finding_graph_ref"`
	FindingId       string `json:"finding_id"`

	// MatchedOperation The cryptographic operation matched by a detection rule.
	MatchedOperation MatchedOperation `json:"matched_operation"`
}

ReachableFinding One finding reachable from a crypto entry point.

type ReachableSupportingCall

type ReachableSupportingCall struct {
	ChainDepth        int32  `json:"chain_depth"`
	SupportingCallRef string `json:"supporting_call_ref"`
	SupportingId      string `json:"supporting_id"`
}

ReachableSupportingCall A supporting call reachable from a crypto entry point.

type ReadinessResponse

type ReadinessResponse struct {
	Checks map[string]ComponentHealth `json:"checks"`
	Status ReadinessResponseStatus    `json:"status"`
}

ReadinessResponse Readiness outcome. `status` is `ok` (200) when every critical dependency is healthy, else `not_ready` (503). `checks` maps each dependency name (database, reachability_db, ldb, notices_kb, sources_kb, metadata_kb) to its status.

type ReadinessResponseStatus

type ReadinessResponseStatus string

ReadinessResponseStatus defines model for ReadinessResponse.Status.

const (
	NotReady ReadinessResponseStatus = "not_ready"
	Ok       ReadinessResponseStatus = "ok"
)

Defines values for ReadinessResponseStatus.

type Request

type Request struct {
	// Purl Package URL
	Purl string `json:"purl"`

	// Requirement Optional version requirement
	Requirement *string `json:"requirement,omitempty"`
}

Request defines model for Request.

type RequirementQuery

type RequirementQuery = string

RequirementQuery defines model for RequirementQuery.

type SPDXInfo

type SPDXInfo struct {
	DetailsUrl    *string   `json:"details_url,omitempty"`
	FullName      *string   `json:"full_name,omitempty"`
	Id            *string   `json:"id,omitempty"`
	IsDeprecated  *bool     `json:"is_deprecated,omitempty"`
	IsFsfLibre    *bool     `json:"is_fsf_libre,omitempty"`
	IsOsiApproved *bool     `json:"is_osi_approved,omitempty"`
	ReferenceUrl  *string   `json:"reference_url,omitempty"`
	SeeAlso       *[]string `json:"see_also,omitempty"`
}

SPDXInfo SPDX registry metadata for a license.

type ScanComponentsResponse

type ScanComponentsResponse struct {
	Results *[]struct {
		Component *struct {
			ReleaseDate *string `json:"release_date,omitempty"`
			Version     *string `json:"version,omitempty"`
		} `json:"component,omitempty"`
		UrlHash *string `json:"url_hash,omitempty"`
	} `json:"results,omitempty"`
}

ScanComponentsResponse Engine component lookup. Carries a `results` array, one entry per resolved urlhash; entries across batched responses are concatenated.

type ScanEnvelope

type ScanEnvelope struct {
	// Error Populated only when status is `failed`.
	Error string `json:"error,omitempty"`

	// FilesTotal File count of the report, filled in on completion.
	FilesTotal int `json:"files_total,omitempty"`

	// Phase Current pipeline pass while scanning, e.g. 'Pass 1: scan files'.
	Phase string `json:"phase,omitempty"`

	// PhaseDone Items processed in the current phase.
	PhaseDone int `json:"phase_done,omitempty"`

	// PhaseTotal Total items in the current phase.
	PhaseTotal int `json:"phase_total,omitempty"`

	// ReceivedBytes Bytes received so far (Mode A upload; omitted when 0).
	ReceivedBytes int `json:"received_bytes,omitempty"`

	// Result Populated only when status is `completed`. The batchScanner report — byte-identical whether obtained synchronously (Mode B) or by polling an async session to completion (Mode A).
	Result *ScanResult `json:"result,omitempty"`

	// ScanId Canonical lowercase UUIDv7 session id. In Mode A this is the client-supplied id; in Mode B it is a server-generated id for traceability only (no session is created).
	ScanId string             `json:"scan_id"`
	Status ScanEnvelopeStatus `json:"status"`

	// TotalBytes Declared total upload size (Mode A; omitted when 0).
	TotalBytes int `json:"total_bytes,omitempty"`

	// UploadPercent Exact upload progress percent (Mode A; omitted when 0).
	UploadPercent int `json:"upload_percent,omitempty"`
}

ScanEnvelope Unified status envelope returned by `POST /v3/wfp/scan` (both modes) and `GET /v3/wfp/scan/{id}`. Mode B returns it synchronously already at `status: completed`; Mode A returns it per block (`uploading`) and on each poll. Zero-valued fields are omitted, so an uploading session carries no scan counters and a running scan carries no result.

type ScanEnvelopeStatus

type ScanEnvelopeStatus string

ScanEnvelopeStatus defines model for ScanEnvelope.Status.

const (
	Completed ScanEnvelopeStatus = "completed"
	Expired   ScanEnvelopeStatus = "expired"
	Failed    ScanEnvelopeStatus = "failed"
	Queued    ScanEnvelopeStatus = "queued"
	Scanning  ScanEnvelopeStatus = "scanning"
	Uploading ScanEnvelopeStatus = "uploading"
)

Defines values for ScanEnvelopeStatus.

type ScanExpired

type ScanExpired = ErrorBody

ScanExpired defines model for ScanExpired.

type ScanNotFound

type ScanNotFound = ErrorBody

ScanNotFound defines model for ScanNotFound.

type ScanRawMatch

type ScanRawMatch struct {
	Purl *string `json:"purl,omitempty"`

	// Rank Engine match ordering; lower is a stronger match.
	Rank      *int      `json:"rank,omitempty"`
	UrlHashes *[]string `json:"url_hashes,omitempty"`
}

ScanRawMatch defines model for ScanRawMatch.

type ScanRawResponse

type ScanRawResponse struct {
	FileMd5 *string         `json:"file_md5,omitempty"`
	Matches *[]ScanRawMatch `json:"matches,omitempty"`
}

ScanRawResponse defines model for ScanRawResponse.

type ScanResult

type ScanResult struct {
	// Components Resolved components keyed by url_hash. Extra fields may be present.
	Components map[string]ComponentResult `json:"components,omitempty"`

	// Files One entry per scanned file (order is unspecified).
	Files []FileResult `json:"files,omitempty"`

	// Server Optional run/server metadata passed through from the batchScanner pipeline when present; omitted otherwise.
	Server *ScanServer `json:"server,omitempty"`
}

ScanResult batchScanner multi-pass report: a `files` array of per-file match entries and a `components` map keyed by url_hash. Produced by /wfp/scan (not raw engine output).

type ScanSbom

type ScanSbom struct {
	Components *[]struct {
		Purl *string `json:"purl,omitempty"`
	} `json:"components,omitempty"`
}

ScanSbom Optional SBOM passed to the engine for context (`-s`).

type ScanServer

type ScanServer struct {
	// ApiVersion batchScanner API version.
	ApiVersion string `json:"api_version,omitempty"`

	// ElapsedMs Scan wall-clock time
	ElapsedMs int `json:"elapsed_ms,omitempty"`

	// Hostname Host that ran the scan.
	Hostname      string         `json:"hostname,omitempty"`
	KnowledgeBase *KnowledgeBase `json:"knowledge_base,omitempty"`
}

ScanServer Run/server metadata for the scan, produced by the batchScanner pipeline and passed through unchanged. Fields may be empty; open to extra passthrough fields.

type SearchComponentsParams

type SearchComponentsParams struct {
	// Search Free-form search term. Overrides `vendor`/`component` when present.
	Search    *string `form:"search,omitempty" json:"search,omitempty"`
	Vendor    *string `form:"vendor,omitempty" json:"vendor,omitempty"`
	Component *string `form:"component,omitempty" json:"component,omitempty"`

	// PurlType purl type (github, npm, pypi, gem, maven, …). Defaults to github.
	PurlType *string `form:"purl_type,omitempty" json:"purl_type,omitempty"`
	Limit    *int    `form:"limit,omitempty" json:"limit,omitempty"`
	Offset   *int    `form:"offset,omitempty" json:"offset,omitempty"`
}

SearchComponentsParams defines parameters for SearchComponents.

type SearchCriteria

type SearchCriteria struct {
	// MaxResultsPerPurl Caps the per-purl result array in the output. 0 = no limit.
	MaxResultsPerPurl *int `json:"max_results_per_purl,omitempty"`

	// OnVersionNotFound Version fallback when the requested version has no data:
	// `strict` (no fallback), `show_latest`, `show_closest_lt`,
	// `show_closest_gt`, `show_any`. Not applied to range endpoints.
	OnVersionNotFound *SearchCriteriaOnVersionNotFound `json:"on_version_not_found,omitempty"`

	// ShowRelatedResults Enable the source-purl fallback lookup.
	ShowRelatedResults *bool `json:"show_related_results,omitempty"`

	// ShowUrl Include a `url` in each result (placeholder — data source TBD).
	ShowUrl *bool `json:"show_url,omitempty"`
}

SearchCriteria Optional request-level search configuration applied to every component in the batch (for GET endpoints the same knobs are query params). All fields are optional; the defaults disable every fallback (strict version matching, no related results). Honored by endpoints that support search criteria — currently `/v3/license/evidence`.

type SearchCriteriaOnVersionNotFound

type SearchCriteriaOnVersionNotFound string

SearchCriteriaOnVersionNotFound Version fallback when the requested version has no data: `strict` (no fallback), `show_latest`, `show_closest_lt`, `show_closest_gt`, `show_any`. Not applied to range endpoints.

const (
	SearchCriteriaOnVersionNotFoundShowAny       SearchCriteriaOnVersionNotFound = "show_any"
	SearchCriteriaOnVersionNotFoundShowClosestGt SearchCriteriaOnVersionNotFound = "show_closest_gt"
	SearchCriteriaOnVersionNotFoundShowClosestLt SearchCriteriaOnVersionNotFound = "show_closest_lt"
	SearchCriteriaOnVersionNotFoundShowLatest    SearchCriteriaOnVersionNotFound = "show_latest"
	SearchCriteriaOnVersionNotFoundStrict        SearchCriteriaOnVersionNotFound = "strict"
)

Defines values for SearchCriteriaOnVersionNotFound.

type SearchMaxResults

type SearchMaxResults = int

SearchMaxResults defines model for SearchMaxResults.

type SearchOnVersionNotFound

type SearchOnVersionNotFound string

SearchOnVersionNotFound defines model for SearchOnVersionNotFound.

const (
	SearchOnVersionNotFoundShowAny       SearchOnVersionNotFound = "show_any"
	SearchOnVersionNotFoundShowClosestGt SearchOnVersionNotFound = "show_closest_gt"
	SearchOnVersionNotFoundShowClosestLt SearchOnVersionNotFound = "show_closest_lt"
	SearchOnVersionNotFoundShowLatest    SearchOnVersionNotFound = "show_latest"
	SearchOnVersionNotFoundStrict        SearchOnVersionNotFound = "strict"
)

Defines values for SearchOnVersionNotFound.

type SearchShowRelated

type SearchShowRelated = bool

SearchShowRelated defines model for SearchShowRelated.

type SearchShowURL

type SearchShowURL = bool

SearchShowURL defines model for SearchShowURL.

type SnippetCandidate

type SnippetCandidate struct {
	FileMd5 *string `json:"file_md5,omitempty"`
	Hits    *int    `json:"hits,omitempty"`

	// InputLineRanges Comma-separated line ranges in the posted WFP, e.g. "12-148".
	InputLineRanges *string `json:"input_line_ranges,omitempty"`
	LinesMatched    *int    `json:"lines_matched,omitempty"`
	MatchedPercent  *int    `json:"matched_percent,omitempty"`

	// OssLineRanges Comma-separated line ranges in the KB component.
	OssLineRanges *string `json:"oss_line_ranges,omitempty"`
}

SnippetCandidate defines model for SnippetCandidate.

type SnippetGroup

type SnippetGroup struct {
	Candidates *[]SnippetCandidate `json:"candidates,omitempty"`
	GroupIndex *int                `json:"group_index,omitempty"`
}

SnippetGroup defines model for SnippetGroup.

type SnippetResponse

type SnippetResponse struct {
	FileMd5       *string         `json:"file_md5,omitempty"`
	FilePath      *string         `json:"file_path,omitempty"`
	FileSize      *int            `json:"file_size,omitempty"`
	SnippetGroups *[]SnippetGroup `json:"snippet_groups,omitempty"`
	TolerancePct  *float32        `json:"tolerance_pct,omitempty"`
	TotalLines    *int            `json:"total_lines,omitempty"`
}

SnippetResponse defines model for SnippetResponse.

type SourceEnum

type SourceEnum string

SourceEnum Origin/category of the evidence. Today only `header_declared`, `notice_declared` and `metadata_declared` are emitted (derived from the file path); `spdx_tag` and `project_declared` are reserved for a richer signal.

const (
	HeaderDeclared   SourceEnum = "header_declared"
	MetadataDeclared SourceEnum = "metadata_declared"
	NoticeDeclared   SourceEnum = "notice_declared"
	ProjectDeclared  SourceEnum = "project_declared"
	SpdxTag          SourceEnum = "spdx_tag"
)

Defines values for SourceEnum.

type SourceLocation

type SourceLocation struct {
	FilePath string `json:"file_path"`
	Line     int32  `json:"line"`
}

SourceLocation defines model for SourceLocation.

type StartLineQuery

type StartLineQuery = int

StartLineQuery defines model for StartLineQuery.

type StatusResponse

type StatusResponse struct {
	Message *string               `json:"message,omitempty"`
	Status  *StatusResponseStatus `json:"status,omitempty"`
}

StatusResponse Top-level outcome for the request as a whole.

type StatusResponseStatus

type StatusResponseStatus string

StatusResponseStatus defines model for StatusResponse.Status.

const (
	FAILED                StatusResponseStatus = "FAILED"
	SUCCEEDEDWITHWARNINGS StatusResponseStatus = "SUCCEEDED_WITH_WARNINGS"
	SUCCESS               StatusResponseStatus = "SUCCESS"
	WARNING               StatusResponseStatus = "WARNING"
)

Defines values for StatusResponseStatus.

type SupportingCall

type SupportingCall struct {
	CanonicalSignature string `json:"canonical_signature"`

	// Category Semantic category of this supporting call. Known values include
	// `iv` (IV/nonce generation), `key` (key material setup), `param`
	// (cipher parameter initialisation). New categories may be added
	// as the schema evolves.
	Category      *string `json:"category,omitempty"`
	DisplaySymbol *string `json:"display_symbol,omitempty"`
	EndLine       *int32  `json:"end_line,omitempty"`
	FilePath      *string `json:"file_path,omitempty"`
	FunctionKey   *string `json:"function_key,omitempty"`
	FunctionName  string  `json:"function_name"`
	StartLine     *int32  `json:"start_line,omitempty"`

	// SupportingId Stable ID for this supporting call. Primary key for the foreign-key relationship.
	SupportingId string `json:"supporting_id"`
}

SupportingCall One deduped object-lifecycle call (e.g. IV generation, key-size setting) associated with a detected cryptographic operation. Entries in `supporting_calls[]` are referenced by `supporting_id` from: - `cryptographic_asset.supporting_call_ids[]` (per-asset breadcrumb) - `crypto_entry_points[].reachable_supporting_calls[].supporting_id`

Populated only when `include_supporting_calls: true`.

type Timeout

type Timeout = ErrorBody

Timeout defines model for Timeout.

type TransitiveDependency

type TransitiveDependency struct {
	Purl        *string `json:"purl,omitempty"`
	Requirement *string `json:"requirement,omitempty"`
	Version     *string `json:"version,omitempty"`
}

TransitiveDependency defines model for TransitiveDependency.

type TransitiveRequest

type TransitiveRequest struct {
	Components []Request `json:"components"`
	Depth      *int      `json:"depth,omitempty"`
	Limit      *int      `json:"limit,omitempty"`
}

TransitiveRequest defines model for TransitiveRequest.

type TransitiveResponse

type TransitiveResponse struct {
	Dependencies *[]TransitiveDependency `json:"dependencies,omitempty"`
	Status       BatchStatus             `json:"status"`
}

TransitiveResponse defines model for TransitiveResponse.

type VulnerabilitiesResponse

type VulnerabilitiesResponse struct {
	Components []ComponentVulnerabilityInfo `json:"components"`
	Status     BatchStatus                  `json:"status"`
}

VulnerabilitiesResponse defines model for VulnerabilitiesResponse.

type Vulnerability

type Vulnerability struct {
	Cve       *string              `json:"cve,omitempty"`
	Cvss      *[]CVSS              `json:"cvss,omitempty"`
	Epss      *EPSS                `json:"epss,omitempty"`
	Id        *string              `json:"id,omitempty"`
	Modified  *string              `json:"modified,omitempty"`
	Published *string              `json:"published,omitempty"`
	Severity  *string              `json:"severity,omitempty"`
	Source    *VulnerabilitySource `json:"source,omitempty"`
	Summary   *string              `json:"summary,omitempty"`
	Url       *string              `json:"url,omitempty"`
}

Vulnerability defines model for Vulnerability.

type VulnerabilitySource

type VulnerabilitySource string

VulnerabilitySource defines model for Vulnerability.Source.

const (
	NVD VulnerabilitySource = "NVD"
	OSV VulnerabilitySource = "OSV"
)

Defines values for VulnerabilitySource.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL