Support Snyk Learn API reference Product updates Sign up for free

Projects (v1)

This document uses the v1 API. For more details, see the v1 API.

PreviousPolicies NextProjects

Last updated 6 months ago

Was this helpful?

Update a project

Required permissions

View Organization
View Project
Edit Project

put

/org/{orgId}/project/{projectId}

Path parameters

orgIdstringrequired

The organization ID the project belongs to. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID.

Example: 463c1ee5-31bc-428c-b451-b79a3270db08

Body

branchstring

The branch that this project should be monitoring

Example: main

ownerall of

any

Example: {"branch":"main","owner":{"id":"1acd4d09-5602-4d04-9640-045fe928aaea"}}

Responses

application/json; charset=utf-8

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}' \
  --header 'Content-Type: application/json' \
  --data '{"branch":"main","owner":{"id":"1acd4d09-5602-4d04-9640-045fe928aaea"}}'

200

{
  "name": "snyk/goof",
  "id": "af137b96-6966-46c1-826b-2e79ac49bbd9",
  "created": "2018-10-29T09:50:54.014Z",
  "origin": "github",
  "type": "maven",
  "readOnly": false,
  "testFrequency": "daily",
  "totalDependencies": 42,
  "imageId": "sha256:caf27325b298a6730837023a8a342699c8b7b388b8d878966b064a1320043019",
  "imageTag": "latest",
  "imageBaseImage": "alpine:3",
  "imagePlatform": "linux/arm64",
  "imageCluster": "Production",
  "hostname": "text",
  "remoteRepoUrl": "https://github.com/snyk/goof.git",
  "lastTestedDate": "2019-02-05T08:54:07.704Z",
  "owner": {},
  "browseUrl": "https://app.snyk.io/org/4a18d42f-0706-4ad0-b127-24078731fbed/project/af137b96-6966-46c1-826b-2e79ac49bbd9",
  "isMonitored": true,
  "branch": "text",
  "targetReference": "text",
  "attributes": "text",
  "tags": [
    "text"
  ],
  "issueCountsBySeverity": {
    "low": 13,
    "medium": 8,
    "high": 1,
    "critical": 3
  },
  "importingUser": {
    "id": "e713cf94-bb02-4ea0-89d9-613cce0caed2",
    "name": "example-user@snyk.io",
    "username": "exampleUser",
    "email": "example-user@snyk.io"
  },
  "remediation": {
    "upgrade": {},
    "patch": {},
    "pin": {}
  }
}

Retrieve a single project

Required permissions

View Organization
View Project
View Project Snapshot

get

/org/{orgId}/project/{projectId}

Path parameters

orgIdstringrequired

The organization ID the project belongs to. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID.

Example: 463c1ee5-31bc-428c-b451-b79a3270db08

Header parameters

Content-Typestring · enumrequired

Example: application/json

Options: application/json

Responses

application/json; charset=utf-8

cURL

JavaScript

Python

HTTP

curl -L \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}' \
  --header 'Content-Type: application/json'

200

{
  "name": "snyk/goof",
  "id": "af137b96-6966-46c1-826b-2e79ac49bbd9",
  "created": "2018-10-29T09:50:54.014Z",
  "origin": "github",
  "type": "maven",
  "readOnly": false,
  "testFrequency": "daily",
  "totalDependencies": 42,
  "imageId": "sha256:caf27325b298a6730837023a8a342699c8b7b388b8d878966b064a1320043019",
  "imageTag": "latest",
  "imageBaseImage": "alpine:3",
  "imagePlatform": "linux/arm64",
  "imageCluster": "Production",
  "hostname": "text",
  "remoteRepoUrl": "https://github.com/snyk/goof.git",
  "lastTestedDate": "2019-02-05T08:54:07.704Z",
  "owner": {},
  "browseUrl": "https://app.snyk.io/org/4a18d42f-0706-4ad0-b127-24078731fbed/project/af137b96-6966-46c1-826b-2e79ac49bbd9",
  "isMonitored": true,
  "branch": "text",
  "targetReference": "text",
  "attributes": "text",
  "tags": [
    "text"
  ],
  "issueCountsBySeverity": {
    "low": 13,
    "medium": 8,
    "high": 1,
    "critical": 3
  },
  "importingUser": {
    "id": "e713cf94-bb02-4ea0-89d9-613cce0caed2",
    "name": "example-user@snyk.io",
    "username": "exampleUser",
    "email": "example-user@snyk.io"
  },
  "remediation": {
    "upgrade": {},
    "patch": {},
    "pin": {}
  }
}

Delete a project

Required permissions

View Organization
View Project
Remove Project

delete

/org/{orgId}/project/{projectId}

Path parameters

orgIdstringrequired

The organization ID the project belongs to. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID.

Example: 463c1ee5-31bc-428c-b451-b79a3270db08

Header parameters

Content-Typestring · enumrequired

Example: application/json

Options: application/json

Responses

cURL

JavaScript

Python

HTTP

curl -L \
  --request DELETE \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}' \
  --header 'Content-Type: application/json'

200

No body

Add a tag to a project

Required permissions

Group Admin

post

/org/{orgId}/project/{projectId}/tags

Path parameters

orgIdstringrequired

The organization ID. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID to apply the tag to

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454545

Body

keystring

Alphanumeric including - and _ with a limit of 30 characters

Example: example-tag-key

valuestring

Alphanumeric including - and _ with a limit of 50 characters

Example: example-tag-value

any

Example: {"key":"example-tag-key","value":"example-tag-value"}

Responses

application/json; charset=utf-8

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}/tags' \
  --header 'Content-Type: application/json' \
  --data '{"key":"example-tag-key","value":"example-tag-value"}'

200

{
  "tags": [
    {
      "key": "example-tag-key",
      "value": "example-tag-value"
    }
  ]
}

Remove a tag from a project

Required permissions

Group Admin

post

/org/{orgId}/project/{projectId}/tags/remove

Path parameters

orgIdstringrequired

The organization ID. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID to remove a tag from

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454545

Body

keystring

Alphanumeric including - and _ with a limit of 30 characters

Example: example-tag-key

valuestring

Alphanumeric including - and _ with a limit of 50 characters

Example: example-tag-value

any

Example: {"key":"example-tag-key","value":"example-tag-value"}

Responses

application/json; charset=utf-8

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}/tags/remove' \
  --header 'Content-Type: application/json' \
  --data '{"key":"example-tag-key","value":"example-tag-value"}'

200

{
  "tags": [
    {
      "key": "example-tag-key",
      "value": "example-tag-value"
    }
  ]
}

Update project settings

Required permissions

View Organization
View Project
Edit Project

put

/org/{orgId}/project/{projectId}/settings

Path parameters

orgIdstringrequired

The organization ID to which the project belongs. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID

Example: 463c1ee5-31bc-428c-b451-b79a3270db08

Body

autoDepUpgradeEnabledboolean

If set to true, Snyk will raise dependency upgrade PRs automatically.

autoDepUpgradeMinAgenumber

The age (in days) that an automatic dependency check is valid for

autoDepUpgradeLimitnumber

The limit on auto dependency upgrade PRs.

pullRequestFailOnAnyVulnsboolean

If set to true, fail Snyk Test if the repo has any vulnerabilities. Otherwise, fail only when the PR is adding a vulnerable dependency.

pullRequestFailOnlyForHighSeverityboolean

If set to true, fail Snyk Test only for high and critical severity vulnerabilities

pullRequestTestEnabledboolean

If set to true, Snyk Test checks PRs for vulnerabilities.:cq

pullRequestAssignmentstring

assign Snyk pull requests

autoRemediationPrsstring

Defines automatic remediation policies

autoDepUpgradeIgnoredDependenciesstring[]

An array of comma-separated strings with names of dependencies you wish Snyk to ignore to upgrade.

any

Example:

{"autoDepUpgradeLimit":2,"autoDepUpgradeEnabled":false,"autoDepUpgradeMinAge":21,"pullRequestFailOnAnyVulns":false,"pullRequestFailOnlyForHighSeverity":true,"pullRequestTestEnabled":true,"pullRequestAssignment":"{\"enabled\":true,\"type\":\"manual\",\"assignees\":[\"username\"]}","autoRemediationPrs":"{\"freshPrsEnabled\":true,\"backlogPrsEnabled\":false,\"usePatchRemediation\":false}","autoDepUpgradeIgnoredDependencies":["tap","ava"]}

Responses

application/json; charset=utf-8

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}/settings' \
  --header 'Content-Type: application/json' \
  --data '{"autoDepUpgradeLimit":2,"autoDepUpgradeEnabled":false,"autoDepUpgradeMinAge":21,"pullRequestFailOnAnyVulns":false,"pullRequestFailOnlyForHighSeverity":true,"pullRequestTestEnabled":true,"pullRequestAssignment":"{\"enabled\":true,\"type\":\"manual\",\"assignees\":[\"username\"]}","autoRemediationPrs":"{\"freshPrsEnabled\":true,\"backlogPrsEnabled\":false,\"usePatchRemediation\":false}","autoDepUpgradeIgnoredDependencies":["tap","ava"]}'

200

{
  "autoDepUpgradeLimit": 2,
  "autoDepUpgradeEnabled": false,
  "autoDepUpgradeMinAge": 21,
  "pullRequestTestEnabled": true,
  "pullRequestFailOnAnyVulns": false,
  "pullRequestFailOnlyForHighSeverity": true,
  "pullRequestAssignment": "{\"enabled\":true,\"type\":\"manual\",\"assignees\":[\"username\"]}",
  "autoRemediationPrs": "{\"freshPrsEnabled\":true,\"backlogPrsEnabled\":false,\"usePatchRemediation\":false}",
  "autoDepUpgradeIgnoredDependencies": [
    "tap",
    "ava"
  ]
}

The response will contain the attributes and values that have been sent in the request and successfully updated.

List project settings

Required permissions

View Organization
View Project

get

/org/{orgId}/project/{projectId}/settings

Path parameters

orgIdstringrequired

The organization ID to which the project belongs. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID

Example: 463c1ee5-31bc-428c-b451-b79a3270db08

Header parameters

Content-Typestring · enumrequired

Example: application/json

Options: application/json

Responses

application/json; charset=utf-8

cURL

JavaScript

Python

HTTP

curl -L \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}/settings' \
  --header 'Content-Type: application/json'

200

{
  "autoDepUpgradeLimit": 2,
  "autoDepUpgradeEnabled": false,
  "autoDepUpgradeMinAge": 21,
  "pullRequestFailOnAnyVulns": false,
  "pullRequestFailOnlyForHighSeverity": true,
  "pullRequestTestEnabled": true,
  "pullRequestAssignment": "{\"enabled\":true,\"type\":\"manual\",\"assignees\":[\"username\"]}",
  "autoRemediationPrs": "{\"freshPrsEnabled\":true,\"backlogPrsEnabled\":false,\"usePatchRemediation\":true}",
  "autoDepUpgradeIgnoredDependencies": [
    "tap",
    "ava"
  ]
}

The response will contain only attributes that can be updated (see ATTRIBUTES section in Update project settings) and that have been previously set.

Delete project settings

Deleting project settings will set the project to inherit default settings from its integration.

Required permissions

View Organization
View Project
Edit Project

delete

/org/{orgId}/project/{projectId}/settings

Path parameters

orgIdstringrequired

The organization ID to which the project belongs. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID

Example: 463c1ee5-31bc-428c-b451-b79a3270db08

Header parameters

Content-Typestring · enumrequired

Example: application/json

Options: application/json

Responses

cURL

JavaScript

Python

HTTP

curl -L \
  --request DELETE \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}/settings' \
  --header 'Content-Type: application/json'

204

No body

Move project to a different organization

Note: when moving a project to a new organization, the historical data used for reporting does not move with it.

Required permissions

View Organization
View Project
Move Project

put

/org/{orgId}/project/{projectId}/move

Path parameters

orgIdstringrequired

The organization ID to which the project belongs. The API_KEY must have group admin permissions. If the project is moved to a new group, a personal level API key is needed.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID.

Example: 463c1ee5-31bc-428c-b451-b79a3270db08

Body

targetOrgIdstring

The ID of the organization that the project should be moved to. The API_KEY must have group admin permissions. If the project is moved to a new group, a personal level API key is needed.

any

Example: {"targetOrgId":"4a18d42f-0706-4ad0-b127-24078731fbed"}

Responses

application/json; charset=utf-8

cURL

JavaScript

Python

HTTP

curl -L \
  --request PUT \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}/move' \
  --header 'Content-Type: application/json' \
  --data '{"targetOrgId":"4a18d42f-0706-4ad0-b127-24078731fbed"}'

200

{
  "originOrg": "4a18d42f-0706-4ad0-b127-24078731fbed",
  "destinationOrg": "4a18d42f-0706-4ad0-b127-24078731fbed",
  "movedProject": "463c1ee5-31bc-428c-b451-b79a3270db08"
}

List all project issue paths

Required permissions

View Project
View Project Snapshot

get

/org/{orgId}/project/{projectId}/issue/{issueId}/paths

Path parameters

orgIdstringrequired

The organization ID. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID for which to return issue paths.

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454545

issueIdstringrequired

The issue ID for which to return issue paths.

Example: SNYK-JS-LODASH-590103

Query parameters

snapshotIdstring

The project snapshot ID for which to return issue paths. If set to latest, the most recent snapshot will be used. Use the "List all project snapshots" endpoint to find suitable values for this.

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454553

perPagenumber · double

The number of results to return per page (1 - 1000, inclusive).

Example: 3

pagenumber · double

The page of results to return.

Example: 2

Header parameters

Content-Typestring · enumrequired

Example: application/json

Options: application/json

Responses

application/json; charset=utf-8

cURL

JavaScript

Python

HTTP

curl -L \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}/issue/{issueId}/paths' \
  --header 'Content-Type: application/json'

200

{
  "snapshotId": "6d5813be-7e6d-4ab8-80c2-1e3e2a454553",
  "total": 10,
  "links": {
    "prev": "https://api.snyk.io/v1/org/4a18d42f-0706-4ad0-b127-24078731fbed/project/6d5813be-7e6d-4ab8-80c2-1e3e2a454545/issue/SNYK-JS-LODASH-590103?snapshotId=6d5813be-7e6d-4ab8-80c2-1e3e2a454553&page=1&perPage=3",
    "next": "https://api.snyk.io/v1/org/4a18d42f-0706-4ad0-b127-24078731fbed/project/6d5813be-7e6d-4ab8-80c2-1e3e2a454545/issue/SNYK-JS-LODASH-590103?snapshotId=6d5813be-7e6d-4ab8-80c2-1e3e2a454553&page=3&perPage=3",
    "last": "https://api.snyk.io/v1/org/4a18d42f-0706-4ad0-b127-24078731fbed/project/6d5813be-7e6d-4ab8-80c2-1e3e2a454545/issue/SNYK-JS-LODASH-590103?snapshotId=6d5813be-7e6d-4ab8-80c2-1e3e2a454553&page=4&perPage=3"
  },
  "paths": [
    [
      {
        "name": "tap",
        "version": "11.1.5"
      },
      {
        "name": "nyc",
        "version": "11.9.0"
      },
      {
        "name": "istanbul-lib-instrument",
        "version": "1.10.1"
      },
      {
        "name": "babel-traverse",
        "version": "6.26.0"
      },
      {
        "name": "lodash",
        "version": "4.17.10"
      }
    ],
    [
      {
        "name": "tap",
        "version": "11.1.5",
        "fixVersion": "11.1.5"
      },
      {
        "name": "nyc",
        "version": "11.9.0"
      },
      {
        "name": "istanbul-lib-instrument",
        "version": "1.10.1"
      },
      {
        "name": "babel-template",
        "version": "6.26.0"
      },
      {
        "name": "lodash",
        "version": "4.17.10"
      }
    ],
    [
      {
        "name": "tap",
        "version": "11.1.5",
        "fixVersion": "11.1.6"
      },
      {
        "name": "nyc",
        "version": "11.9.0"
      },
      {
        "name": "istanbul-lib-instrument",
        "version": "1.10.1"
      },
      {
        "name": "babel-generator",
        "version": "6.26.1"
      },
      {
        "name": "babel-types",
        "version": "6.26.0"
      },
      {
        "name": "lodash",
        "version": "4.17.10"
      }
    ]
  ]
}

Get Project dependency graph

Required permissions

View Organization
View Project
View Project Snapshot

get

/org/{orgId}/project/{projectId}/dep-graph

Path parameters

orgIdstringrequired

The organization ID. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID to return issues for.

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454545

Header parameters

Content-Typestring · enumrequired

Example: application/json

Options: application/json

Responses

application/json; charset=utf-8

cURL

JavaScript

Python

HTTP

curl -L \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}/dep-graph' \
  --header 'Content-Type: application/json'

200

{
  "depGraph": {
    "schemaVersion": "1.1.0",
    "pkgManager": {
      "name": "npm"
    },
    "pkgs": [
      {
        "id": "demo-app-for-test@1.1.1",
        "info": {
          "name": "demo-app-for-test",
          "version": "1.1.1"
        }
      },
      {
        "id": "express@4.4.0",
        "info": {
          "name": "express",
          "version": "4.4.0"
        }
      },
      {
        "id": "ws@1.0.0",
        "info": {
          "name": "ws",
          "version": "1.0.0"
        }
      }
    ],
    "graph": {
      "rootNodeId": "root-node",
      "nodes": [
        {
          "nodeId": "root-node",
          "pkgId": "demo-app-for-test@1.1.1",
          "deps": [
            {
              "nodeId": "express@4.4.0"
            },
            {
              "nodeId": "ws@1.0.0"
            }
          ]
        },
        {
          "nodeId": "express@4.4.0",
          "pkgId": "express@4.4.0",
          "deps": []
        },
        {
          "nodeId": "ws@1.0.0",
          "pkgId": "ws@1.0.0",
          "deps": []
        }
      ]
    }
  }
}

A reference implementation of the graph, as well as conversion functions to/from legacy tree format, can be found at: https://github.com/snyk/dep-graph.
The object might contain additional fields in the future, in a backward-compatible way (schemaVersion will change accordingly).

Deactivate

Deactivating a project will:

Disable pull request tests for new vulnerabilities.
Disable Fix pull request from being opened for newly disclosed vulnerabilities.
Disable recurring tests - email alerts about newly disclosed vulnerabilities will be turned off.
If the repository has no other active projects, then remove any webhooks related to the project.

Required permissions

View Organization
View Project
Project Status

post

/org/{orgId}/project/{projectId}/deactivate

Path parameters

orgIdstringrequired

The organization ID the project belongs to. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID.

Example: 463c1ee5-31bc-428c-b451-b79a3270db08

Header parameters

Content-Typestring · enumrequired

Example: application/json

Options: application/json

Responses

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}/deactivate' \
  --header 'Content-Type: application/json'

200

No body

Applying attributes

Attributes are static and non-configurable fields which allow to add additional metadata to a project. Attributes have a pre-defined list of values that a user can select from.

Business criticality	Environment	Lifecycle stage
critical	frontend	production
high	backend	development
medium	internal	sandbox
low	external
	mobile
	saas
	onprem
	hosted
	distributed
It is possible to assign multiple values to each attribute, but you can only assign values to one of the predefined attribute categories, using the predefined options for this category.
Assigning an attribute requires the caller to be either an Organization Administrator or a Group Administrator.
Assigning an attribute will override any existing values that the specific attribute already has set.
In order to clear out an attribute value, an empty array can be set.

Note: Organization admins can add an attribute to a Project. However, only Group admins can modify Project attributes in cases where attributes match a policy, because policies can only be managed by Group admins.

Required permissions

View Organization
View Project
Edit Project Attributes

post

/org/{orgId}/project/{projectId}/attributes

Path parameters

orgIdstringrequired

The organization ID. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID to remove a tag from

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454545

Body

criticalitycriticality[]

environmentenvironment[]

lifecyclelifecycle[]

any

Example: {"criticality":["high"],"environment":["backend"],"lifecycle":["development"]}

Responses

application/json; charset=utf-8

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}/attributes' \
  --header 'Content-Type: application/json' \
  --data '{"criticality":["high"],"environment":["backend"],"lifecycle":["development"]}'

200

{
  "attributes": {
    "criticality": [
      "high"
    ],
    "environment": [
      "backend"
    ],
    "lifecycle": [
      "development"
    ]
  }
}

List all Aggregated issues

Required permissions

View Project
View Project Snapshot

post

/org/{orgId}/project/{projectId}/aggregated-issues

Path parameters

orgIdstringrequired

The organization ID. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID to return issues for.

Example: 6d5813be-7e6d-4ab8-80c2-1e3e2a454545

Body

includeDescriptionboolean

If set to true, Include issue's description, if set to false (by default), it won't (Non-IaC projects only)

includeIntroducedThroughboolean

If set to true, include the dockerfile instruction that the issue is introducedThrough. If set to false (default), it won’t. This only applies to Container projects with an associated Dockerfile (CLI or Container Registry source)

filtersaggregatedProjectIssuesFilter

any

Example: {"includeDescription":false,"includeIntroducedThrough":false}

Responses

application/json; charset=utf-8

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}/aggregated-issues' \
  --header 'Content-Type: application/json' \
  --data '{"includeDescription":false,"includeIntroducedThrough":false}'

200

{
  "issues": [
    {
      "id": "npm:ms:20170412",
      "issueType": "vuln",
      "pkgName": "ms",
      "isPatched": true,
      "isIgnored": true,
      "pkgVersions": [
        "text"
      ],
      "introducedThrough": [
        {
          "kind": "imageLayer",
          "data": {}
        }
      ],
      "ignoreReasons": [
        {
          "reason": "text",
          "expires": "text",
          "source": null
        }
      ],
      "issueData": {
        "id": "npm:ms:20170412",
        "title": "Regular Expression Denial of Service (ReDoS)",
        "severity": "low",
        "originalSeverity": "high",
        "url": "https://snyk.io/vuln/npm:ms:20170412",
        "description": "`## Overview\\r\\n[`ms`](https://www.npmjs.com/package/ms) is a tiny millisecond conversion utility.\\r\\n\\r\\nAffected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) due to an incomplete fix for previously reported vulnerability [npm:ms:20151024](https://snyk.io/vuln/npm:ms:20151024). The fix limited the length of accepted input string to 10,000 characters, and turned to be insufficient making it possible to block the event loop for 0.3 seconds (on a typical laptop) with a specially crafted string passed to `ms",
        "exploitMaturity": "no-known-exploit",
        "publicationTime": "2017-05-15T06:02:45Z",
        "disclosureTime": "2017-04-11T21:00:00Z",
        "CVSSv3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
        "cvssScore": 3.7,
        "language": "js",
        "nearestFixedInVersion": "2.0.0",
        "path": "[DocId: 1].input.spec.template.spec.containers[snyk2].securityContext.privileged",
        "violatedPolicyPublicId": "SNYK-CC-K8S-1",
        "isMaliciousPackage": true,
        "credit": [
          "text"
        ],
        "patches": [
          {
            "id": "patch:npm:ms:20170412:0",
            "version": "=1.0.0",
            "modificationTime": "2019-12-03T11:40:45.863964Z",
            "urls": [
              "text"
            ],
            "comments": [
              "text"
            ]
          }
        ],
        "identifiers": {
          "CVE": [
            "text"
          ],
          "CWE": [
            "text"
          ],
          "OSVDB": [
            "text"
          ]
        },
        "semver": {
          "unaffected": "text",
          "vulnerable": [
            "text"
          ]
        },
        "severities": [
          {
            "assigner": "NVD",
            "severity": "medium",
            "baseScore": 4.8,
            "vector": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:N/VI:N/VA:N/SC:H/SI:L/SA:L/E:A",
            "cvssVersion": "4.0",
            "modificationTime": "2024-03-07T07:47:26.644482Z"
          }
        ],
        "exploitDetails": {
          "sources": [
            "CISA"
          ],
          "maturityLevels": [
            {
              "format": "CVSS_v3",
              "level": "no-known-exploit"
            }
          ]
        }
      },
      "fixInfo": {
        "isUpgradable": true,
        "isPinnable": true,
        "isPatchable": true,
        "isFixable": true,
        "isPartiallyFixable": true,
        "nearestFixedInVersion": "2.0.0",
        "fixedIn": [
          "text"
        ]
      },
      "priority": {
        "score": 399,
        "factors": [
          {}
        ]
      },
      "links": {
        "paths": "text"
      }
    }
  ]
}

Activate

Activating a project will:

Add a repository webhook for supported integrations.
Enable pull request tests for new vulnerabilities.
Open Fix pull request for newly disclosed vulnerabilities.
Enable recurring tests, sending email alerts about newly disclosed vulnerabilities.

Required permissions

View Organization
View Project
Project Status

post

/org/{orgId}/project/{projectId}/activate

Path parameters

orgIdstringrequired

The organization ID the project belongs to. The API_KEY must have access to this organization.

Example: 4a18d42f-0706-4ad0-b127-24078731fbed

projectIdstringrequired

The project ID.

Example: 463c1ee5-31bc-428c-b451-b79a3270db08

Header parameters

Content-Typestring · enumrequired

Example: application/json

Options: application/json

Responses

cURL

JavaScript

Python

HTTP

curl -L \
  --request POST \
  --url 'https://api.snyk.io/v1/org/{orgId}/project/{projectId}/activate' \
  --header 'Content-Type: application/json'

200

No body