APIs.io Engineering Platform · Schema
snapshot
Create a new snapshot of a repository's dependencies.
APIs.ioEngineeringPlatform
Properties
| Name | Type | Description |
|---|---|---|
| version | integer | The version of the repository snapshot submission. |
| job | object | |
| sha | string | The commit SHA associated with this dependency snapshot. Maximum length: 40 characters. |
| ref | string | The repository branch that triggered this snapshot. |
| detector | object | A description of the detector used. |
| metadata | object | |
| manifests | object | A collection of package manifests, which are a collection of related dependencies declared in a file or representing a logical group of dependencies. |
| scanned | string | The time at which the snapshot was scanned. |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "#/components/schemas/snapshot",
"title": "snapshot",
"description": "Create a new snapshot of a repository's dependencies.",
"type": "object",
"properties": {
"version": {
"description": "The version of the repository snapshot submission.",
"type": "integer"
},
"job": {
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "The external ID of the job.",
"example": "5622a2b0-63f6-4732-8c34-a1ab27e102a11"
},
"correlator": {
"type": "string",
"description": "Correlator provides a key that is used to group snapshots submitted over time. Only the \"latest\" submitted snapshot for a given combination of `job.correlator` and `detector.name` will be considered when calculating a repository's current dependencies. Correlator should be as unique as it takes to distinguish all detection runs for a given \"wave\" of CI workflow you run. If you're using GitHub Actions, a good default value for this could be the environment variables GITHUB_WORKFLOW and GITHUB_JOB concatenated together. If you're using a build matrix, then you'll also need to add additional key(s) to distinguish between each submission inside a matrix variation.",
"example": "yourworkflowname_yourjobname"
},
"html_url": {
"type": "string",
"description": "The url for the job.",
"example": "http://example.com/build"
}
},
"required": [
"id",
"correlator"
],
"additionalProperties": false
},
"sha": {
"description": "The commit SHA associated with this dependency snapshot. Maximum length: 40 characters.",
"type": "string",
"example": "ddc951f4b1293222421f2c8df679786153acf689",
"minLength": 40,
"maxLength": 40
},
"ref": {
"description": "The repository branch that triggered this snapshot.",
"type": "string",
"pattern": "^refs/",
"example": "refs/heads/main"
},
"detector": {
"type": "object",
"description": "A description of the detector used.",
"properties": {
"name": {
"type": "string",
"description": "The name of the detector used.",
"example": "docker buildtime detector"
},
"version": {
"type": "string",
"description": "The version of the detector used.",
"example": "1.0.0"
},
"url": {
"type": "string",
"description": "The url of the detector used.",
"example": "http://example.com/docker-buildtimer-detector"
}
},
"required": [
"name",
"version",
"url"
],
"additionalProperties": false
},
"metadata": {
"$ref": "#/components/schemas/metadata"
},
"manifests": {
"type": "object",
"description": "A collection of package manifests, which are a collection of related dependencies declared in a file or representing a logical group of dependencies.",
"additionalProperties": {
"$ref": "#/components/schemas/manifest"
}
},
"scanned": {
"type": "string",
"format": "date-time",
"description": "The time at which the snapshot was scanned.",
"example": "2020-06-13T14:52:50-05:00"
}
},
"required": [
"detector",
"version",
"ref",
"sha",
"job",
"scanned"
],
"additionalProperties": false
}