Get SBOM Results

curl --request POST \
  --url https://api.codeant.ai/api/analysis/results/sbomb \
  --header 'Content-Type: application/json' \
  --data '
{
  "repo": "owner/repository",
  "commit_id": "abc123def456",
  "access_token": "ghp_xxxxxxxxxxxx",
  "service": "github"
}
'

{
  "results": {
    "rootFolder": "/mnt/lambda/owner/repository/abc123def456",
    "timestamp": null,
    "sboms": [
      {
        "language": "Python",
        "sourceFile": "/tmp/requirements.txt",
        "packages": [
          {
            "name": "requests",
            "version": "2.28.0",
            "licenseDeclared": "Apache-2.0",
            "licenseConcluded": "Apache-2.0",
            "licenseReason": "NOASSERTION",
            "licenseStandard": true,
            "copyleftStrength": "permissive",
            "policyLevel": "allow",
            "policyNote": "Permissive license: keep license and notices",
            "spdxId": "Apache-2.0"
          }
        ],
        "packagesCount": 1
      }
    ]
  },
  "status": "done",
  "commit_id": "abc123def456"
}

POST

api

analysis

results

sbomb

Get SBOM Results

curl --request POST \
  --url https://api.codeant.ai/api/analysis/results/sbomb \
  --header 'Content-Type: application/json' \
  --data '
{
  "repo": "owner/repository",
  "commit_id": "abc123def456",
  "access_token": "ghp_xxxxxxxxxxxx",
  "service": "github"
}
'

{
  "results": {
    "rootFolder": "/mnt/lambda/owner/repository/abc123def456",
    "timestamp": null,
    "sboms": [
      {
        "language": "Python",
        "sourceFile": "/tmp/requirements.txt",
        "packages": [
          {
            "name": "requests",
            "version": "2.28.0",
            "licenseDeclared": "Apache-2.0",
            "licenseConcluded": "Apache-2.0",
            "licenseReason": "NOASSERTION",
            "licenseStandard": true,
            "copyleftStrength": "permissive",
            "policyLevel": "allow",
            "policyNote": "Permissive license: keep license and notices",
            "spdxId": "Apache-2.0"
          }
        ],
        "packagesCount": 1
      }
    ]
  },
  "status": "done",
  "commit_id": "abc123def456"
}

Body

application/json

repo

string

required

Repository identifier (format varies by service)

Example:

"owner/repository"

access_token

string

required

Authentication token for the service

Example:

"ghp_xxxxxxxxxxxx"

service

enum<string>

required

Version control service provider

Available options:

github,

azuredevops,

gitlab,

bitbucket

Example:

"github"

commit_id

string

Git commit SHA or identifier. Either commit_id or branch is required. If both are provided, commit_id takes precedence.

Example:

"abc123def456"

branch

string

Git branch name. When provided without commit_id, the service resolves the latest commit from scan history for this branch. Either commit_id or branch is required.

Example:

"main"

gitlab_base_url

string

Base URL for the service (optional for GitHub, required for GitLab)

Example:

"https://gitlab.com"

Response

SBOM results retrieved successfully

Software Bill of Materials (SBOM) response containing package and license information

results

object

SBOM analysis results

Show child attributes

status

enum<string>

Status of the SBOM analysis

Available options:

pending,

processing,

done,

failed

Example:

"done"

commit_id

string

Git commit SHA that was analyzed

Example:

"abc123def456"

Get Analysis Results Get Secrets Scan Results

⌘I