Use this API to create a custom component that represents OSS or third-party software not found in the Code Insight data library or that represents commercial software that you want to track as part of your Software Bill of Materials.
The custom component is saved to the data library and made available for global use.
To create a custom component, the name, title, and URL field is required. Allowable values of forgeId (optional) are:
| ID Value | Forge Description |
|---|---|
| 1 | Other (default when no other ID is specified) |
| 2 | SourceForge |
| 3 | Apache |
| 5 | MySQL AB |
| 11 | kernel.org |
| 53 | Mozilla |
| 78 | Java.net |
| 87 | GNU |
| 175 | Free Software Directory |
| 176 | CodePlex |
| 186 | Savannah |
| 248 | CPAN |
| 419 | Google Code |
| 628 | Ibiblio Maven2 |
| 696 | GitHub |
| 2033 | NuGet Gallery |
| 2037 | npm |
| 2039 | RubyGems |
| 2040 | CentOS Project |
| 2067 | PyPI |
| 2070 | Packagist |
| 2073 | Google's Maven Repository |
| 2076 | crates.io |
Created
Bad Request
Internal Server Error
{- "name": "Comp1",
- "title": "Component1",
- "url": "http://abc@xyz.com | NA",
- "description": "This is a custom component.",
- "encryption": "YES | default: NO",
- "forgeId": "2 | default: 1"
}This API enables you to provide a set of criteria to look up components in the Code Insight data library. The response includes information about all components that meet the criteria and can optionally include versions. However, it does not include information about security vulnerabilities and licenses associated with the retrieved versions.
OK
Bad request
Internal Server Error
{- "id": 0,
- "name": "string",
- "description": "string",
- "title": "string",
- "url": "string",
- "forge": "string",
- "versionList": [
- {
- "id": 0,
- "name": "string",
- "custom": false
}
], - "licenseList": [
- {
- "id": 0,
- "name": "string",
- "url": "string",
- "priority": "string"
}
], - "cpeList": [
- {
- "cpeName": "cpe://a:gnome:gedit",
- "cpeVendor": "Vendor name",
- "cpeProduct": "Product name"
}
]
}This API retrieves details about a specific component version (identified by its versionId). The response does not include information about security vulnerabilities associated with the version.
OK
Bad Request
Unauthorized
Not Found
Internal Server Error
This API retrieves details about a specific component (identified by its componentId) and each of its versions. Information returned for each version includes license details and security vulnerability information. (You can choose to retrieve either detailed information about each vulnerability or a summary of the vulnerabilities for each version.)
OK
Not Found
Internal Server Error
{- "name": "Comp1",
- "title": "Component1",
- "url": "http://abc@xyz.com | NA",
- "description": "This is a custom component.",
- "encryption": "YES | default: NO",
- "forgeId": "2 | default: 1",
- "id": 0,
- "forge": "string",
- "versionList": [
- {
- "name": "string",
- "vulnerabilitySummary": [
- {
- "property1": {
- "property1": 0,
- "property2": 0
}, - "property2": {
- "property1": 0,
- "property2": 0
}
}
]
}
], - "licenseList": [
- {
- "name": "General Public License",
- "shortName": "GPL",
- "licenseText": "License Text",
- "priority": "P1 | P2 | P3 | default: P3",
- "description": "License description",
- "familyName": "License family"
}
], - "componentCPEList": [
- {
- "cpeName": "cpe://a:gnome:gedit",
- "cpeVendor": "Vendor name",
- "cpeProduct": "Product name"
}
]
}Use this API to create a custom version for a component (identified by its componentId) and include information about the version’s associated security vulnerabilities.
Created
Bad Request
Not Found
Internal Server Error
{- "name": "string",
- "vulnerabilitySummary": [
- {
- "property1": {
- "property1": 0,
- "property2": 0
}, - "property2": {
- "property1": 0,
- "property2": 0
}
}
]
}This API retrieves details for each security vulnerability associated a specific version of a component (identified by the versionId).
OK
Bad Request
Unauthorized
Not Found
Internal Server Error