List Ignored Violations

Xray REST APIs

Products
JFrog Xray
Content Type
REST API
ft:sourceType
Paligo

Description: Returns ignored violations by filters.

Since: 3.11

Security: Requires a valid user with the "Manage Watches" permission.

Usage: POST /api/v1/violations/ignored

Parameters:

“vulnerabilities”/“licenses”/“cves”/“policies”/“watches”/“docker-layers” - []string

“release-bundles”/“builds”/“components” - []{name(string), version(string)} (name - must)

“artifacts” - []{name(string), version(string), path(string)} (name - must)

Pagination:

"order_by","offset", "limit"

Ignore filters:

Functionality level

Objective

Scope

Source

Filters

“vulnerabilities”

“licenses”

“cves”

“policies”

“watches”

“builds”

“release-bundles”

“docker-layers”

“artifacts”

“components”

Sample Request

{
  "vulnerabilities":[
    "vuln1",
    "vuln2"
  ],
  "artifacts": [
    { 
      "name": "docker://redis"
    }
  ],
  "docker-layers":[
    "4c5fa3a86e3b1d07979ff011af3b58481e519faa6ee27eb23622a6fe0"
  ]
 }

Sample Response

{
   "data": [
       {
           "violation_id": "1323291645094375424",
           "issue_id": "AGPL-3.0",
           "type": "License",
           "created": "2020-11-02T17:51:28+02:00",
           "watch_name": "w",
           "description": "GNU AFFERO GENERAL PUBLIC LICENSE v3",
           "severity": "High",
           "impacted_artifact": {
               "name":       "generic://sha256:4c5fa3a86e3b1d07979ff011af3b58481e519faa6ee27eb23622a6fe00d89935/jfrog-artifactory-pro-6.0.0.zip",
               "path": "example-repo-local/jfrog-artifactory-pro-6.0.0.zip"
           },
           "matched_policies": [
               {
                   "policy": "pl",
                   "rule": "l",
                   "is_blocking": false
               }
           ],
           "ignore_rule_details": {
               "id": "a11b59c0-a94e-4d99-4135-74dda0e0c354",
               "author": "admin",
               "created": "2020-11-02T17:53:41+02:00",
               "notes": "license"
               "expires_at": "2020-12-29T00:00:00Z",
               "deleted_by": "admin",
               "deleted_at": "2020-12-28T00:00:00Z"
           }
       },
       {
           "violation_id": "1323291688811606016",
           "issue_id": "XRAY-100646",
           "type": "Security",
           "created": "2020-11-02T17:51:38+02:00",
           "watch_name": "w",
           "provider": "JFrog",
           "description": "FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).",
           "severity": "Medium",
           "properties": [
               {
                   "Cve": "CVE-2020-14062",
                   "Cwe": [
                       "CWE-502"
                   ],
                   "CvssV2": "6.8/CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P",
                   "CvssV3": "8.1/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
               }
           ],
           "impacted_artifact": {
               "name": "generic://sha256:4c5fa3a86e3b1d07979ff011af3b58481e519faa6ee27eb23622a6fe00d89935/jfrog-artifactory-pro-6.0.0.zip",
               "path": "example-repo-local/jfrog-artifactory-pro-6.0.0.zip"
           },
           "matched_policies": [
               {
                   "policy": "ps",
                   "rule": "s",
                   "is_blocking": false
               }
           ],
           "ignore_rule_details": {
               "id": "d33d30d1-a775-41f2-6e0d-c2955d496ab1",
               "author": "admin",
               "created": "2020-11-02T17:53:57+02:00",
               "notes": "sec1"
           }
       }
   ],
   "total_count": 2
}


Response Codes:

200 - OK

500 - Failed to get ignored violations

400 - Parsing/validation error

401 - Unauthorized

403 - Forbidden