Обзор¶
Этот документ сгенерирован из актуальной OpenAPI-схемы FastAPI и служит контрактным справочником по REST API. WebSocket-эндпоинты документируются отдельно и не входят в OpenAPI.
- Swagger UI:
/api/docs - ReDoc:
/api/redoc - OpenAPI JSON:
/api/openapi.json
Аутентификация¶
Схемы безопасности¶
APIKeyHeader: type=apiKey, in=headerHTTPBearer: type=http, scheme=bearer
Каталог эндпоинтов¶
Тег: Agent Client Protocol¶
GET /api/v1/acp/health¶
- Summary: Acp Health
- Description: ACP health check. Returns agent status and capabilities.
- Operation ID:
acp_health_api_v1_acp_health_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->ACPHealthResponse
GET /api/v1/acp/info¶
- Summary: Acp Info
- Description: ACP agent information. Returns agent metadata for discovery.
- Operation ID:
acp_info_api_v1_acp_info_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->object
POST /api/v1/acp/rpc¶
- Summary: Acp Rpc
- Description: ACP JSON-RPC endpoint. Handles all ACP method calls over HTTP. Authentication is optional but enables session persistence.
- Operation ID:
acp_rpc_api_v1_acp_rpc_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->JSONRPCRequest(обязательный)- Responses:
200: Successful Response;application/json->JSONRPCResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/acp/sessions¶
- Summary: List Sessions
- Description: List active ACP sessions for current user. Requires authentication.
- Operation ID:
list_sessions_api_v1_acp_sessions_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/acp/sessions/{session_id}¶
- Summary: Delete Session
- Description: Delete an ACP session. Requires authentication and ownership.
- Operation ID:
delete_session_api_v1_acp_sessions__session_id__delete - Parameters:
session_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/acp/stats¶
- Summary: Acp Stats
- Description: Get ACP statistics. Returns session and connection stats.
- Operation ID:
acp_stats_api_v1_acp_stats_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
Тег: Audit Diff¶
GET /api/v1/audit/{project_id}/diff¶
- Summary: Diff findings between two runs
- Description: Compare findings between two analysis runs (GOST 8.9).
- Operation ID:
diff_findings_api_v1_audit__project_id__diff_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)run1inquery(string, обязательный) - First run ID (baseline)run2inquery(string, обязательный) - Second run ID (current)hide_fpinquery(boolean, необязательный) - Hide suppressed findingsauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DiffResultResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/audit/{project_id}/diff/latest¶
- Summary: Diff findings between last two runs
- Description: Compare the last two analysis runs for the project.
- Operation ID:
diff_latest_api_v1_audit__project_id__diff_latest_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)hide_fpinquery(boolean, необязательный) - Hide suppressed findingsauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DiffResultResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/audit/{project_id}/scopes¶
- Summary: Get analysis scopes configuration
- Description: Return current analysis scope configuration for the project.
- Operation ID:
get_scopes_api_v1_audit__project_id__scopes_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ScopeConfigResponse422: Validation Error;application/json->HTTPValidationError
PUT /api/v1/audit/{project_id}/scopes¶
- Summary: Update analysis scopes configuration
- Description: Update analysis scope configuration for the project.
- Operation ID:
update_scopes_api_v1_audit__project_id__scopes_put - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ScopeUpdateRequest(обязательный)- Responses:
200: Successful Response;application/json->ScopeConfigResponse422: Validation Error;application/json->HTTPValidationError
Тег: Audit Progress¶
GET /api/v1/audit/analysis-status¶
- Summary: Full scan schedule status
- Description: Return last full scan timestamp and deadline status.
- Operation ID:
get_analysis_status_api_v1_audit_analysis_status_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
projectinquery(string, необязательный) - Project nameauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->AnalysisStatusResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/audit/markup-status¶
- Summary: Markup status for latest findings
- Description: Return unreviewed and overdue findings for the latest run.
- Operation ID:
get_markup_status_api_v1_audit_markup_status_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
projectinquery(string, необязательный) - Project nameauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->MarkupStatusResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/audit/progress¶
- Summary: Audit progress report
- Description: Return progress metrics for a date range.
- Operation ID:
get_audit_progress_api_v1_audit_progress_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
frominquery(string, обязательный)toinquery(string, обязательный)projectinquery(string, необязательный) - Project nameauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->AuditProgressResponse422: Validation Error;application/json->HTTPValidationError
Тег: Authentication¶
GET /api/v1/auth/api-keys¶
- Summary: List API keys
- Description: Get all API keys for the current user.
- Operation ID:
list_api_keys_api_v1_auth_api_keys_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
Portfolio Dashboard Runtime Notes¶
Для product path portfolio dashboard, помимо сгенерированного каталога endpoint’ов, критичны следующие маршруты:
GET /api/v2/dashboard/portfolio/compare-periodsGET /api/v2/dashboard/saved-viewsPOST /api/v2/dashboard/saved-viewsGET /api/v2/dashboard/saved-views/{view_id}DELETE /api/v2/dashboard/saved-views/{view_id}POST /api/v2/dashboard/subscriptionsPOST /api/v2/dashboard/export
POST /api/v1/auth/api-keys¶
- Summary: Create API key
- Description: Generate a new API key for programmatic access.
- Operation ID:
create_api_key_api_v1_auth_api_keys_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ApiKeyCreate(обязательный)- Responses:
200: Successful Response;application/json->ApiKeyResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/auth/api-keys/{key_id}¶
- Summary: Revoke API key
- Description: Revoke an API key.
- Operation ID:
revoke_api_key_api_v1_auth_api_keys__key_id__delete - Parameters:
key_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/auth/ldap¶
- Summary: LDAP authentication
- Description: Authenticate using LDAP/Active Directory.
- Operation ID:
ldap_login_api_v1_auth_ldap_post - Parameters:
- None
- Request Body:
application/json->LDAPAuthRequest(обязательный)- Responses:
200: Successful Response;application/json->TokenResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/auth/ldap/status¶
- Summary: LDAP status
- Description: Check LDAP connection status.
- Operation ID:
ldap_status_api_v1_auth_ldap_status_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->object
POST /api/v1/auth/login¶
- Summary: Login
- Description: Authenticate with username/password and get JWT tokens.
- Operation ID:
login_alias_api_v1_auth_login_post - Parameters:
- None
- Request Body:
application/json->TokenRequest(обязательный)- Responses:
200: Successful Response;application/json->TokenResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/auth/logout¶
- Summary: Logout
- Description: Invalidate current tokens.
- Operation ID:
logout_api_v1_auth_logout_delete - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/auth/me¶
- Summary: Get current user
- Description: Return the authenticated user profile.
- Operation ID:
get_current_profile_api_v1_auth_me_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->UserProfileResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/auth/oauth/providers¶
- Summary: List OAuth providers
- Description: Get list of available OAuth providers.
- Operation ID:
list_oauth_providers_api_v1_auth_oauth_providers_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->array
POST /api/v1/auth/oauth/token¶
- Summary: OAuth 2.0 Token Endpoint
- Description: RFC 6749-compatible token endpoint. Supports grant_type=password and grant_type=refresh_token. Designed for Claude Code MCP automatic token refresh and other OAuth-compatible clients.
- Operation ID:
oauth_token_api_v1_auth_oauth_token_post - Parameters:
grant_typeinquery(object, необязательный)usernameinquery(object, необязательный)passwordinquery(object, необязательный)refresh_token_paraminquery(object, необязательный)- Request Body:
application/json->object(необязательный)- Responses:
200: Successful Response;application/json->OAuthTokenResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/auth/oauth/{provider}¶
- Summary: Start OAuth flow
- Description: Redirect to OAuth provider for authentication.
- Operation ID:
oauth_start_api_v1_auth_oauth__provider__get - Parameters:
providerinpath(string, обязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/auth/oauth/{provider}/callback¶
- Summary: OAuth callback
- Description: Handle OAuth callback from provider.
- Operation ID:
oauth_callback_api_v1_auth_oauth__provider__callback_get - Parameters:
providerinpath(string, обязательный)codeinquery(string, обязательный)stateinquery(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->TokenResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/auth/refresh¶
- Summary: Refresh JWT token
- Description: Get new access token using refresh token.
- Operation ID:
refresh_token_api_v1_auth_refresh_post - Parameters:
- None
- Request Body:
application/json->RefreshTokenRequest(обязательный)- Responses:
200: Successful Response;application/json->TokenResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/auth/register¶
- Summary: Register local user
- Description: Create a local user account and return JWT tokens.
- Operation ID:
register_api_v1_auth_register_post - Parameters:
- None
- Request Body:
application/json->RegisterRequest(обязательный)- Responses:
201: Successful Response;application/json->TokenResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/auth/service-accounts¶
- Summary: List service accounts
- Description: List configured service accounts without credential secrets.
- Operation ID:
list_service_accounts_api_v1_auth_service_accounts_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v1/auth/service-accounts¶
- Summary: Create service account
- Description: Create a scoped service account and issue its initial credential.
- Operation ID:
create_service_account_api_v1_auth_service_accounts_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ServiceAccountCreate(обязательный)- Responses:
201: Successful Response;application/json->ServiceAccountCreatedResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/auth/service-accounts/action-catalog¶
- Summary: Get machine action catalog
- Description: Return the canonical versioned action catalog and policy templates for machine access.
- Operation ID:
get_service_account_action_catalog_api_v1_auth_service_accounts_action_catalog_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ActionCatalogResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/auth/service-accounts/{service_account_id}¶
- Summary: Get service account
- Description: Get a single service account without credential secrets.
- Operation ID:
get_service_account_api_v1_auth_service_accounts__service_account_id__get - Parameters:
service_account_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ServiceAccountDetailsResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/auth/service-accounts/{service_account_id}/credentials/{credential_id}/revoke¶
- Summary: Revoke service account credential
- Description: Revoke one credential while keeping the service account active.
- Operation ID:
revoke_service_account_credential_api_v1_auth_service_accounts__service_account_id__credentials__credential_id__revoke_post - Parameters:
service_account_idinpath(string, обязательный)credential_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/auth/service-accounts/{service_account_id}/deactivate¶
- Summary: Deactivate service account
- Description: Disable a service account and revoke its active credentials.
- Operation ID:
deactivate_service_account_api_v1_auth_service_accounts__service_account_id__deactivate_post - Parameters:
service_account_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/auth/service-accounts/{service_account_id}/rotate¶
- Summary: Rotate service account credential
- Description: Issue a new credential without revoking existing ones.
- Operation ID:
rotate_service_account_credential_api_v1_auth_service_accounts__service_account_id__rotate_post - Parameters:
service_account_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ServiceAccountCreatedResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/auth/token¶
- Summary: Get JWT token
- Description: Authenticate with username/password and get JWT tokens.
- Operation ID:
login_api_v1_auth_token_post - Parameters:
- None
- Request Body:
application/json->TokenRequest(обязательный)- Responses:
200: Successful Response;application/json->TokenResponse422: Validation Error;application/json->HTTPValidationError
Тег: CPG Data¶
GET /api/v1/cpg/method-detail¶
- Summary: Detailed method info
- Description: Returns method metrics, callers, callees, security findings, and taint paths.
- Operation ID:
cpg_method_detail_api_v1_cpg_method_detail_get - Parameters:
nameinquery(string, обязательный) - Method nameproject_idinquery(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->MethodDetailResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/cpg/methods¶
- Summary: Methods in a file
- Description: Returns methods with metrics for a given filename.
- Operation ID:
cpg_methods_api_v1_cpg_methods_get - Parameters:
filenameinquery(string, обязательный) - Source file pathproject_idinquery(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->MethodsResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/cpg/pattern-results¶
- Summary: Pattern scan results
- Description: Returns stored pattern findings filtered by category and/or filename.
- Operation ID:
cpg_pattern_results_api_v1_cpg_pattern_results_get - Parameters:
project_idinquery(object, необязательный)categoryinquery(object, необязательный)filenameinquery(object, необязательный)limitinquery(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->PatternResultsResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/cpg/stats¶
- Summary: CPG project statistics
- Description: Returns file/method counts, security findings count, and top complex methods.
- Operation ID:
cpg_stats_api_v1_cpg_stats_get - Parameters:
project_idinquery(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->CPGStatsResponse422: Validation Error;application/json->HTTPValidationError
Тег: Changelog¶
POST /api/v1/changelog/generate¶
- Summary: Generate changelog
- Description: Generate a changelog from git commit history between two refs.
- Operation ID:
generate_changelog_api_v1_changelog_generate_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ChangelogRequest(обязательный)- Responses:
200: Successful Response;application/json->ChangelogResponse422: Validation Error;application/json->HTTPValidationError
Тег: Chat¶
POST /api/v1/chat¶
- Summary: Send chat message
- Description: Send a query to the CodeGraph system and get a response.
- Operation ID:
chat_api_v1_chat_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ChatRequest(обязательный)- Responses:
200: Successful Response;application/json->ChatResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/chat/scenarios¶
- Summary: List available scenarios
- Description: Get list of available analysis scenarios.
- Operation ID:
list_scenarios_api_v1_chat_scenarios_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/chat/scenarios/{scenario_id}¶
- Summary: Get scenario info
- Description: Get information about a specific scenario.
- Operation ID:
get_scenario_api_v1_chat_scenarios__scenario_id__get - Parameters:
scenario_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/chat/stream¶
- Summary: Stream chat response
- Description: Send a query and receive streaming response via SSE.
- Operation ID:
chat_stream_api_v1_chat_stream_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ChatRequest(обязательный)- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
Тег: Code Context¶
POST /api/v1/context/completion¶
- Summary: Get completion context
- Description: Prefix-matched symbols and import suggestions for code completion.
- Operation ID:
get_completion_api_v1_context_completion_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->CompletionRequest(обязательный)- Responses:
200: Successful Response;application/json->CompletionResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/context/navigate¶
- Summary: Navigate to symbol
- Description: Find definition, references, and call hierarchy for a symbol.
- Operation ID:
navigate_symbol_api_v1_context_navigate_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->NavigateRequest(обязательный)- Responses:
200: Successful Response;application/json->NavigateResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/context/suggestions¶
- Summary: Get code suggestions at cursor
- Description: Returns callers, callees, types for the method at the given position.
- Operation ID:
get_suggestions_api_v1_context_suggestions_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SuggestionsRequest(обязательный)- Responses:
200: Successful Response;application/json->SuggestionsResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/context/test-hints¶
- Summary: Get test generation hints
- Description: Analyze method context for test generation.
- Operation ID:
get_test_hints_api_v1_context_test_hints_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->TestHintsRequest(обязательный)- Responses:
200: Successful Response;application/json->TestHintsResponse422: Validation Error;application/json->HTTPValidationError
Тег: Code Optimization¶
POST /api/v1/optimize/analyze¶
- Summary: Analyze for optimizations
- Description: Analyze files for optimization opportunities.
- Operation ID:
analyze_code_api_v1_optimize_analyze_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->OptimizationAnalyzeRequest(обязательный)- Responses:
200: Successful Response;application/json->OptimizationAnalyzeResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/optimize/apply-all¶
- Summary: Apply approved optimizations
- Description: Apply all approved optimization suggestions.
- Operation ID:
apply_approved_api_v1_optimize_apply_all_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ApplyResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/optimize/approve¶
- Summary: Approve suggestions
- Description: Approve optimization suggestions for application.
- Operation ID:
approve_suggestions_api_v1_optimize_approve_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ApproveRequest(обязательный)- Responses:
200: Successful Response;application/json->ApprovalResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/optimize/history¶
- Summary: Get optimization history
- Description: Get history of applied optimizations.
- Operation ID:
get_history_api_v1_optimize_history_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
limitinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/optimize/patterns¶
- Summary: List optimization patterns
- Description: List available optimization patterns.
- Operation ID:
list_patterns_api_v1_optimize_patterns_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
categoryinquery(object, необязательный) - Filter by categoryauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/optimize/reject¶
- Summary: Reject suggestions
- Description: Reject optimization suggestions.
- Operation ID:
reject_suggestions_api_v1_optimize_reject_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ApproveRequest(обязательный)- Responses:
200: Successful Response;application/json->ApprovalResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/optimize/suggestions/{suggestion_id}¶
- Summary: Get suggestion details
- Description: Get details of a specific optimization suggestion.
- Operation ID:
get_suggestion_api_v1_optimize_suggestions__suggestion_id__get - Security:
HTTPBearer,APIKeyHeader - Parameters:
suggestion_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->SuggestionResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/optimize/undo¶
- Summary: Undo last optimization
- Description: Undo the most recently applied optimization.
- Operation ID:
undo_last_api_v1_optimize_undo_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->OptimizationUndoResponse422: Validation Error;application/json->HTTPValidationError
Тег: Code Review¶
POST /api/v1/review¶
- Summary: Plugin review (simplified)
- Description: Simplified review endpoint for opencode-codegraph plugin. Accepts diff content and returns security findings + impact analysis. Restricted to localhost.
- Operation ID:
review_for_plugin_api_v1_review_post - Parameters:
- None
- Request Body:
application/json->PluginReviewRequest(обязательный)- Responses:
200: Successful Response;application/json->PluginReviewResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/review/commit-message¶
- Summary: Generate commit message
- Description: Generate a conventional commit message from a diff.
- Operation ID:
generate_commit_message_api_v1_review_commit_message_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->CommitMessageRequest(обязательный)- Responses:
200: Successful Response;application/json->CommitMessageResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/review/gitverse¶
- Summary: Review GitVerse PR
- Description: Review a GitVerse Pull Request.
- Operation ID:
review_gitverse_pr_api_v1_review_gitverse_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
X-GitVerse-Tokeninheader(object, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->GitVersePRReviewRequest(обязательный)- Responses:
200: Successful Response;application/json->ReviewResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/review/mr¶
- Summary: Review GitLab MR
- Description: Review a GitLab Merge Request.
- Operation ID:
review_gitlab_mr_api_v1_review_mr_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
X-GitLab-Tokeninheader(object, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->GitLabMRReviewRequest(обязательный)- Responses:
200: Successful Response;application/json->ReviewResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/review/patch¶
- Summary: Review patch
- Description: Review a git diff/patch for issues and best practices.
- Operation ID:
review_patch_api_v1_review_patch_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->PatchReviewRequest(обязательный)- Responses:
200: Successful Response;application/json->ReviewResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/review/pr¶
- Summary: Review GitHub PR
- Description: Review a GitHub Pull Request.
- Operation ID:
review_github_pr_api_v1_review_pr_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
X-GitHub-Tokeninheader(object, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->GitHubPRReviewRequest(обязательный)- Responses:
200: Successful Response;application/json->ReviewResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/review/sourcecraft¶
- Summary: Review SourceCraft MR
- Description: Review a SourceCraft Merge Request.
- Operation ID:
review_sourcecraft_mr_api_v1_review_sourcecraft_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
X-SourceCraft-Tokeninheader(object, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SourceCraftMRReviewRequest(обязательный)- Responses:
200: Successful Response;application/json->ReviewResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/review/summary¶
- Summary: Generate MR summary
- Description: Generate a structured summary for a merge request diff.
- Operation ID:
generate_summary_api_v1_review_summary_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->SummaryRequest(обязательный)- Responses:
200: Successful Response;application/json->SummaryResponse422: Validation Error;application/json->HTTPValidationError
Тег: Compliance GOST¶
GET /api/v1/compliance/gost-56939/{project_id}¶
- Summary: Get Compliance Report
- Description: Get full compliance report for a project.
- Operation ID:
get_compliance_report_api_v1_compliance_gost_56939__project_id__get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)include_traceabilityinquery(boolean, необязательный) - Include traceability matrixauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ComplianceReportResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/compliance/gost-56939/{project_id}/checklist¶
- Summary: Get Checklist
- Description: Get artifact checklist for a project.
- Operation ID:
get_checklist_api_v1_compliance_gost_56939__project_id__checklist_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)process_filterinquery(object, необязательный) - Comma-separated process IDsauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/compliance/gost-56939/{project_id}/delta¶
- Summary: Get Delta
- Description: Get delta between two compliance assessments.
- Operation ID:
get_delta_api_v1_compliance_gost_56939__project_id__delta_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)oldinquery(string, обязательный) - Old report IDnewinquery(string, обязательный) - New report IDauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->src__api__routers__compliance_gost__DeltaResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/compliance/gost-56939/{project_id}/evaluate¶
- Summary: Evaluate Compliance
- Description: Trigger compliance evaluation and optionally save to history.
- Operation ID:
evaluate_compliance_api_v1_compliance_gost_56939__project_id__evaluate_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ComplianceEvaluateRequest(необязательный)- Responses:
200: Successful Response;application/json->ComplianceReportResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/compliance/gost-56939/{project_id}/export¶
- Summary: Export Report
- Description: Export compliance report in specified format.
- Operation ID:
export_report_api_v1_compliance_gost_56939__project_id__export_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)formatinquery(string, необязательный) - Export format: gost|markdown|jsonlanguageinquery(string, необязательный) - Language: ru|enauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/compliance/gost-56939/{project_id}/history¶
- Summary: Get History
- Description: Get compliance assessment history for a project.
- Operation ID:
get_history_api_v1_compliance_gost_56939__project_id__history_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)limitinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/compliance/gost-56939/{project_id}/traceability¶
- Summary: Get Traceability
- Description: Get traceability matrix for a project.
- Operation ID:
get_traceability_api_v1_compliance_gost_56939__project_id__traceability_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
Тег: Compliance GOST 57580¶
GET /api/v1/compliance/{project_id}/report-57580¶
- Summary: Get Report 57580
- Description: Generate GOST R 57580.3 report.
- Operation ID:
get_report_57580_api_v1_compliance__project_id__report_57580_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)typeinquery(string, необязательный)languageinquery(string, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/compliance/{project_id}/report-57580/delta¶
- Summary: Get Report Delta
- Description: Compare two reports (delta).
- Operation ID:
get_report_delta_api_v1_compliance__project_id__report_57580_delta_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)oldinquery(string, обязательный) - Old report IDnewinquery(string, обязательный) - New report IDauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->src__api__routers__compliance_57580__DeltaResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/compliance/{project_id}/report-57580/generate¶
- Summary: Generate Report
- Description: Generate and optionally save a report.
- Operation ID:
generate_report_api_v1_compliance__project_id__report_57580_generate_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)typeinquery(string, необязательный)save_historyinquery(boolean, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/compliance/{project_id}/report-57580/history¶
- Summary: Get Report History
- Description: Get report history.
- Operation ID:
get_report_history_api_v1_compliance__project_id__report_57580_history_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)limitinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/compliance/{project_id}/report-57580/{report_id}¶
- Summary: Get Report By Id
- Description: Get stored report by ID.
- Operation ID:
get_report_by_id_api_v1_compliance__project_id__report_57580__report_id__get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)report_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
Тег: Composition¶
POST /api/v1/composition/apply¶
- Summary: Apply Edit
- Description: Apply a pending edit from a composite workflow session. Args: request: Apply request with session ID and finding ID Returns: CompositionApplyResponse with result of the apply operation
- Operation ID:
apply_edit_api_v1_composition_apply_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->CompositionApplyRequest(обязательный)- Responses:
200: Successful Response;application/json->CompositionApplyResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/composition/config¶
- Summary: Get Config
- Description: Get composition configuration. Returns the current configuration for composite workflows. Returns: ConfigResponse with configuration details
- Operation ID:
get_config_api_v1_composition_config_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ConfigResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/composition/conflicts/{session_id}¶
- Summary: Get Conflicts
- Description: Get conflict information for a session. Returns detected conflicts and their resolutions. Args: session_id: Session ID from query response Returns: ConflictListResponse with conflict details
- Operation ID:
get_conflicts_api_v1_composition_conflicts__session_id__get - Security:
HTTPBearer,APIKeyHeader - Parameters:
session_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ConflictListResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/composition/query¶
- Summary: Composite Query
- Description: Execute a composite workflow query. Invokes the specified orchestrator (S18 or S19) which orchestrates multiple sub-scenarios for comprehensive analysis. Args: request: Query request with orchestrator and optional parameters Returns: CompositeQueryResponse with unified findings and metadata
- Operation ID:
composite_query_api_v1_composition_query_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->CompositeQueryRequest(обязательный)- Responses:
200: Successful Response;application/json->CompositeQueryResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/composition/scenarios¶
- Summary: List Scenarios
- Description: List available scenarios for composition. Returns information about scenarios that can be orchestrated. Returns: Dictionary with scenario metadata
- Operation ID:
list_scenarios_api_v1_composition_scenarios_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/composition/session/{session_id}¶
- Summary: Get Session
- Description: Get full session state. Returns the complete state of a composite workflow session. Args: session_id: Session ID from query response Returns: Session state dictionary
- Operation ID:
get_session_api_v1_composition_session__session_id__get - Security:
HTTPBearer,APIKeyHeader - Parameters:
session_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/composition/session/{session_id}¶
- Summary: Delete Session
- Description: Delete a session. Args: session_id: Session ID to delete Returns: Confirmation message
- Operation ID:
delete_session_api_v1_composition_session__session_id__delete - Security:
HTTPBearer,APIKeyHeader - Parameters:
session_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
Тег: Dashboard¶
GET /api/v1/dashboard/dead-code¶
- Summary: Dead code listing
- Description: Get paginated list of dead (unreachable) methods.
- Operation ID:
get_dead_code_api_v1_dashboard_dead_code_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
limitinquery(integer, необязательный)offsetinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DeadCodeResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/dashboard/quality-trends¶
- Summary: Quality trends
- Description: Get quality metric trends over time.
- Operation ID:
get_quality_trends_api_v1_dashboard_quality_trends_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
daysinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->QualityTrendsResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/dashboard/security-posture¶
- Summary: Security posture
- Description: Get security findings summary by severity.
- Operation ID:
get_security_posture_api_v1_dashboard_security_posture_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->SecurityPostureResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/dashboard/tech-debt¶
- Summary: Technical debt summary
- Description: Get aggregated technical debt metrics including dead code and complexity.
- Operation ID:
get_tech_debt_api_v1_dashboard_tech_debt_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->TechDebtResponse422: Validation Error;application/json->HTTPValidationError
Тег: Dashboard V2¶
GET /api/v2/dashboard/audit-report-jobs/{job_id}¶
- Summary: Get Audit Report Job
- Description: Return background audit report job status.
- Operation ID:
get_audit_report_job_api_v2_dashboard_audit_report_jobs__job_id__get - Security:
HTTPBearer,APIKeyHeader - Parameters:
job_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->AuditReportJobResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/audit-report-jobs/{job_id}/download¶
- Summary: Download Audit Report Job
- Description: Download the generated markdown for a completed audit report job.
- Operation ID:
download_audit_report_job_api_v2_dashboard_audit_report_jobs__job_id__download_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
job_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/compare¶
- Summary: Compare Projects
- Description: Compare 2-10 projects across audit dimensions.
- Operation ID:
compare_projects_api_v2_dashboard_compare_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
projectsinquery(string, обязательный) - Comma-separated project names (2-10)dimensionsinquery(object, необязательный) - Comma-separated Q numbers (default: all 12)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->CrossProjectComparison422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/compliance/heatmap¶
- Summary: Get Compliance Heatmap
- Description: Compliance heatmap — projects x processes matrix.
- Operation ID:
get_compliance_heatmap_api_v2_dashboard_compliance_heatmap_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by grouporganizationinquery(object, необязательный) - Filter by organizationteaminquery(object, необязательный) - Filter by teamenvironmentinquery(object, необязательный) - Filter by environmentcriticalityinquery(object, необязательный) - Filter by system criticalityservice_typeinquery(object, необязательный) - Filter by service typestandardinquery(string, необязательный) - gost-56939 | gost-57580authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ComplianceHeatmapResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/cross-repo¶
- Summary: Get Cross Repo
- Description: Cross-repository analysis overview.
- Operation ID:
get_cross_repo_api_v2_dashboard_cross_repo_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by groupanalysis_typeinquery(string, необязательный) - summary | duplications | dependenciesauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->CrossRepoResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/deliveries¶
- Summary: List Notification Deliveries
- Description: List delivery attempts for the current user’s notification subscriptions.
- Operation ID:
list_notification_deliveries_api_v2_dashboard_deliveries_get - Parameters:
limitinquery(integer, необязательный)statusinquery(string, необязательный) - sent | failedchannelinquery(string, необязательный) - telegram | slack | emailevent_typeinquery(string, необязательный) - Notification event typeproject_nameinquery(string, необязательный) - Filter by project nameis_testinquery(object, необязательный) - Filter test deliveriesauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/deliveries/pending¶
- Summary: List Pending Notification Deliveries
- Description: List queued notification deliveries that have not been flushed yet.
- Operation ID:
list_pending_notification_deliveries_api_v2_dashboard_deliveries_pending_get - Parameters:
limitinquery(integer, необязательный)channelinquery(string, необязательный) - telegram | slack | emailauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v2/dashboard/deliveries/process-pending¶
- Summary: Process Pending Notification Deliveries
- Description: Manually process pending notification deliveries that are already due.
- Operation ID:
process_pending_notification_deliveries_api_v2_dashboard_deliveries_process_pending_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->PendingDeliveryProcessResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/deliveries/summary¶
- Summary: Get Notification Delivery Summary
- Description: Aggregate delivery and pending queue state for the current user.
- Operation ID:
get_notification_delivery_summary_api_v2_dashboard_deliveries_summary_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->NotificationDeliverySummaryResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/event-catalog¶
- Summary: Get Notification Event Catalog
- Description: Return versioned notification event catalog.
- Operation ID:
get_notification_event_catalog_api_v2_dashboard_event_catalog_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->NotificationEventCatalogResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v2/dashboard/export¶
- Summary: Export Dashboard
- Description: Export dashboard data in various formats (json, markdown, gost, pdf).
- Operation ID:
export_dashboard_api_v2_dashboard_export_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ExportRequest(обязательный)- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/metrics¶
- Summary: Dashboard Metrics
- Description: Export dashboard metrics in Prometheus text format. Scrapes all project health scores and updates Prometheus gauges, then returns the standard Prometheus text exposition.
- Operation ID:
dashboard_metrics_api_v2_dashboard_metrics_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by groupauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/metrics/mapping¶
- Summary: Dashboard Metrics Mapping
- Description: Export canonical dashboard metric samples for Grafana and automation.
- Operation ID:
dashboard_metrics_mapping_api_v2_dashboard_metrics_mapping_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by grouporganizationinquery(object, необязательный) - Filter by organizationteaminquery(object, необязательный) - Filter by teamenvironmentinquery(object, необязательный) - Filter by environmentcriticalityinquery(object, необязательный) - Filter by system criticalitylanguageinquery(object, необязательный) - Filter by languagedomaininquery(object, необязательный) - Filter by domainservice_typeinquery(object, необязательный) - Filter by service typemin_riskinquery(object, необязательный) - Minimum risk level filterauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DashboardMetricsMappingResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/portfolio¶
- Summary: Get Portfolio
- Description: Portfolio overview — aggregated health across all projects.
- Operation ID:
get_portfolio_api_v2_dashboard_portfolio_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by grouporganizationinquery(object, необязательный) - Filter by organizationteaminquery(object, необязательный) - Filter by teamenvironmentinquery(object, необязательный) - Filter by environmentcriticalityinquery(object, необязательный) - Filter by system criticalitylanguageinquery(object, необязательный) - Filter by languagedomaininquery(object, необязательный) - Filter by domainservice_typeinquery(object, необязательный) - Filter by service typemin_riskinquery(object, необязательный) - Minimum risk level filterauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->PortfolioSummary422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/projects¶
- Summary: Get Projects Catalog
- Description: Full catalog of registered dashboard projects with current health metrics.
- Operation ID:
get_projects_catalog_api_v2_dashboard_projects_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by grouporganizationinquery(object, необязательный) - Filter by organizationteaminquery(object, необязательный) - Filter by teamenvironmentinquery(object, необязательный) - Filter by environmentcriticalityinquery(object, необязательный) - Filter by system criticalitylanguageinquery(object, необязательный) - Filter by languagedomaininquery(object, необязательный) - Filter by domainservice_typeinquery(object, необязательный) - Filter by service typemin_riskinquery(object, необязательный) - Minimum risk level filterauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProjectCatalogResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v2/dashboard/projects/health¶
- Summary: Get Batch Health
- Description: Batch project health scores (max 50 projects).
- Operation ID:
get_batch_health_api_v2_dashboard_projects_health_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->BatchHealthRequest(обязательный)- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v2/dashboard/projects/{project_name}/audit-report-jobs¶
- Summary: Create Audit Report Job
- Description: Start a fresh audit report as a background job.
- Operation ID:
create_audit_report_job_api_v2_dashboard_projects__project_name__audit_report_jobs_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->AuditReportJobCreate(обязательный)- Responses:
202: Successful Response;application/json->AuditReportJobResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/projects/{project_name}/audit-report-jobs/latest¶
- Summary: Get Latest Audit Report Job
- Description: Return the latest audit report job for the current caller and project.
- Operation ID:
get_latest_audit_report_job_api_v2_dashboard_projects__project_name__audit_report_jobs_latest_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/projects/{project_name}/drilldown¶
- Summary: Get Project Drilldown
- Description: Expand a project/category pair into findings and source locations where available.
- Operation ID:
get_project_drilldown_api_v2_dashboard_projects__project_name__drilldown_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)categoryinquery(string, обязательный) - security | compliance | compliance-57580-maturity | compliance-57580-capabilities | compliance-57580-risk | release | sca | audit-total-methods | audit-dead-methods | audit-avg-complexity | audit-max-complexity | audit-doc-coverage | audit-dependency-cycleslimitinquery(integer, необязательный) - Max itemsauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DrilldownResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/projects/{project_name}/health¶
- Summary: Get Project Health
- Description: Single project health score with optional detail sections.
- Operation ID:
get_project_health_api_v2_dashboard_projects__project_name__health_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)include_sectionsinquery(boolean, необязательный) - Include 12 audit sectionsinclude_processesinquery(boolean, необязательный) - Include 25 GOST processesinclude_checksinquery(boolean, необязательный) - Include release gate checksinclude_scainquery(boolean, необязательный) - Include SCA detailsauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProjectHealthScore422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/projects/{project_name}/trends¶
- Summary: Get Trends
- Description: Historical trends for a project.
- Operation ID:
get_trends_api_v2_dashboard_projects__project_name__trends_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)periodinquery(string, необязательный) - 7d | 30d | 90d | 180d | 1ymetricsinquery(object, необязательный) - Comma-separated: health,audit,compliance,findings,coveragegranularityinquery(string, необязательный) - daily | weekly | monthly | autoauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->TrendsResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/red-zone¶
- Summary: Get Red Zone
- Description: Red zone items — critical issues requiring immediate attention.
- Operation ID:
get_red_zone_api_v2_dashboard_red_zone_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by grouporganizationinquery(object, необязательный) - Filter by organizationteaminquery(object, необязательный) - Filter by teamenvironmentinquery(object, необязательный) - Filter by environmentcriticalityinquery(object, необязательный) - Filter by system criticalityservice_typeinquery(object, необязательный) - Filter by service typeseverityinquery(string, необязательный) - Comma-separated severitiesoffsetinquery(integer, необязательный) - Pagination offsetlimitinquery(integer, необязательный) - Max itemscategoryinquery(object, необязательный) - security | compliance | release | sca | qualityauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->RedZoneResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/releases/{project_name}/compare¶
- Summary: Get Release Comparison
- Description: Compare two release gate runs and attach nearest snapshot deltas when available.
- Operation ID:
get_release_comparison_api_v2_dashboard_releases__project_name__compare_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)from_run_idinquery(string, необязательный) - Older release run IDto_run_idinquery(string, необязательный) - Newer release run IDauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ReleaseComparisonResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/saved-views¶
- Summary: List Saved Views
- Description: List saved dashboard views for the current user.
- Operation ID:
list_saved_views_api_v2_dashboard_saved_views_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v2/dashboard/saved-views¶
- Summary: Create Saved View
- Description: Create a saved dashboard view for later reuse.
- Operation ID:
create_saved_view_api_v2_dashboard_saved_views_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->SavedViewCreate(обязательный)- Responses:
201: Successful Response;application/json->SavedViewResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/saved-views/{view_id}¶
- Summary: Get Saved View
- Description: Get a saved dashboard view by ID.
- Operation ID:
get_saved_view_api_v2_dashboard_saved_views__view_id__get - Parameters:
view_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->SavedViewResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v2/dashboard/saved-views/{view_id}¶
- Summary: Delete Saved View
- Description: Delete a saved dashboard view.
- Operation ID:
delete_saved_view_api_v2_dashboard_saved_views__view_id__delete - Parameters:
view_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/sca/overview¶
- Summary: Get Sca Overview
- Description: SCA/SBOM portfolio overview — vulnerabilities across all projects.
- Operation ID:
get_sca_overview_api_v2_dashboard_sca_overview_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
group_idinquery(object, необязательный) - Filter by grouporganizationinquery(object, необязательный) - Filter by organizationteaminquery(object, необязательный) - Filter by teamenvironmentinquery(object, необязательный) - Filter by environmentcriticalityinquery(object, необязательный) - Filter by system criticalityservice_typeinquery(object, необязательный) - Filter by service typeseverityinquery(object, необязательный) - Filter by severityauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ScaPortfolioResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/snapshots¶
- Summary: List Snapshots
- Description: List snapshots limited to the current project or group access scope.
- Operation ID:
list_snapshots_api_v2_dashboard_snapshots_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
scopeinquery(string, необязательный) - project | groupproject_nameinquery(string, необязательный) - Project name for project scopegroup_idinquery(string, необязательный) - Group ID for group scopelimitinquery(object, необязательный) - Maximum items to returnauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->SnapshotListResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v2/dashboard/snapshots¶
- Summary: Create Snapshot
- Description: Create a manual snapshot for the current project or group context.
- Operation ID:
create_snapshot_api_v2_dashboard_snapshots_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SnapshotCreateRequest(обязательный)- Responses:
200: Successful Response;application/json->SnapshotResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v2/dashboard/snapshots/compare¶
- Summary: Compare Snapshots
- Description: Compare snapshots by IDs or by project/timestamp pair.
- Operation ID:
compare_snapshots_api_v2_dashboard_snapshots_compare_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SnapshotCompareRequest(обязательный)- Responses:
200: Successful Response;application/json->SnapshotDiffResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/snapshots/{project_name}/compare-periods¶
- Summary: Get Period Comparison
- Description: Compare two adjacent snapshot-backed periods for a project.
- Operation ID:
get_period_comparison_api_v2_dashboard_snapshots__project_name__compare_periods_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)baseline_periodinquery(string, необязательный) - Older window: 7d | 30d | 90d | 180d | 1ycomparison_periodinquery(string, необязательный) - Newer window: 7d | 30d | 90d | 180d | 1yauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->PeriodComparisonResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/snapshots/{project_name}/diff¶
- Summary: Get Snapshot Diff
- Description: Compare two materialized snapshots, defaulting to the latest pair.
- Operation ID:
get_snapshot_diff_api_v2_dashboard_snapshots__project_name__diff_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)from_timestampinquery(string, необязательный) - Older snapshot timestampto_timestampinquery(string, необязательный) - Newer snapshot timestampauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->SnapshotDiffResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/snapshots/{project_name}/trends¶
- Summary: Get Snapshot Trends
- Description: Get trends from snapshot store (faster than live adapter queries).
- Operation ID:
get_snapshot_trends_api_v2_dashboard_snapshots__project_name__trends_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_nameinpath(string, обязательный)periodinquery(string, необязательный) - 7d | 30d | 90d | 180d | 1yauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->TrendsResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v2/dashboard/snapshots/{snapshot_id}/export¶
- Summary: Export Snapshot
- Description: Export a snapshot or a compare report derived from it.
- Operation ID:
export_snapshot_api_v2_dashboard_snapshots__snapshot_id__export_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
snapshot_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SnapshotExportRequest(обязательный)- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v2/dashboard/subscriptions¶
- Summary: List Subscriptions
- Description: List notification subscriptions for the current user.
- Operation ID:
list_subscriptions_api_v2_dashboard_subscriptions_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v2/dashboard/subscriptions¶
- Summary: Create Subscription
- Description: Create a new notification subscription.
- Operation ID:
create_subscription_api_v2_dashboard_subscriptions_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->SubscriptionCreate(обязательный)- Responses:
201: Successful Response;application/json->SubscriptionResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v2/dashboard/subscriptions/test¶
- Summary: Test Subscription
- Description: Send a test notification without saving subscription settings.
- Operation ID:
test_subscription_api_v2_dashboard_subscriptions_test_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->SubscriptionTestRequest(обязательный)- Responses:
200: Successful Response;application/json->SubscriptionTestResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v2/dashboard/subscriptions/bootstrap¶
- Summary: Bootstrap Notification Runtime
- Description: Создать или переиспользовать реальную project-scoped subscription и получить первые live notification records.
- Operation ID:
bootstrap_notification_runtime_api_v2_dashboard_subscriptions_bootstrap_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->NotificationBootstrapRequest(обязательный)- Responses:
200: Successful Response;application/json->NotificationBootstrapResponse422: Validation Error;application/json->HTTPValidationError
PATCH /api/v2/dashboard/subscriptions/{sub_id}¶
- Summary: Update Subscription
- Description: Update an existing notification subscription.
- Operation ID:
update_subscription_api_v2_dashboard_subscriptions__sub_id__patch - Parameters:
sub_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->SubscriptionUpdate(обязательный)- Responses:
200: Successful Response;application/json->SubscriptionResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v2/dashboard/subscriptions/{sub_id}¶
- Summary: Delete Subscription
- Description: Delete a notification subscription.
- Operation ID:
delete_subscription_api_v2_dashboard_subscriptions__sub_id__delete - Parameters:
sub_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
Тег: Demo¶
POST /api/v1/demo/chat¶
- Summary: Demo Chat
- Description: Public demo endpoint for landing page. Rate limited to 30 requests per minute per IP.
- Operation ID:
demo_chat_api_v1_demo_chat_post - Parameters:
- None
- Request Body:
application/json->DemoRequest(обязательный)- Responses:
200: Successful Response;application/json->DemoResponse422: Validation Error;application/json->HTTPValidationError429: Rate limit exceeded503: Demo endpoint disabled
GET /api/v1/demo/status¶
- Summary: Demo Status
- Description: Check if demo endpoint is enabled and view configuration.
- Operation ID:
demo_status_api_v1_demo_status_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->object
Тег: Dependencies¶
Router зависимостей смонтирован под /api/v1/deps. Канонический multi-project SCA contract
использует project-scoped routes:
GET /api/v1/deps/projects/{project_name}/summaryGET /api/v1/deps/projects/{project_name}/dependenciesGET /api/v1/deps/projects/{project_name}/vulnerabilitiesGET /api/v1/deps/projects/{project_name}/sbomPOST /api/v1/deps/projects/{project_name}/auditGET /api/v1/deps/projects/{project_name}/gost-report
Legacy scan-scoped routes под /api/v1/deps/scan, /list, /graph, /check-vulnerabilities,
/licenses, /health-score, /sbom, /audit и /sync-cache сохранены для scan-first workflow.
POST /api/v1/deps/audit¶
- Summary: Audit dependencies
- Description: Audit dependencies for known vulnerabilities.
- Operation ID:
audit_dependencies_api_v1_deps_audit_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->AuditRequest(обязательный)- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/deps/check-vulnerabilities¶
- Summary: Check vulnerabilities
- Description: Check dependencies for known vulnerabilities.
- Operation ID:
check_vulnerabilities_api_v1_deps_check_vulnerabilities_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
severity_thresholdinquery(object, необязательный) - Minimum severity to report (low, medium, high, critical)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->VulnCheckResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/deps/gost-report¶
- Summary: GOST 5.16 report
- Description: Generate GOST R 56939-2024 section 5.16.3 composition analysis report.
- Operation ID:
gost_report_api_v1_deps_gost_report_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
languageinquery(string, необязательный) - Report language (ru, en)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/deps/graph¶
- Summary: Get dependency graph
- Description: Get the dependency graph in JSON format.
- Operation ID:
get_graph_api_v1_deps_graph_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->GraphResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/deps/health-score¶
- Summary: Get health score
- Description: Calculate dependency health score.
- Operation ID:
get_health_score_api_v1_deps_health_score_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/deps/licenses¶
- Summary: Check licenses
- Description: Check dependency licenses for compliance.
- Operation ID:
check_licenses_api_v1_deps_licenses_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->LicenseSummaryResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/deps/list¶
- Summary: List dependencies
- Description: List dependencies from the last scan.
- Operation ID:
list_dependencies_api_v1_deps_list_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
direct_onlyinquery(boolean, необязательный) - Only direct dependenciesdev_onlyinquery(boolean, необязательный) - Only dev dependenciesauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/deps/outdated¶
- Summary: Check outdated packages
- Description: Check for outdated packages.
- Operation ID:
check_outdated_api_v1_deps_outdated_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/deps/sbom¶
- Summary: Export SBOM
- Description: Export Software Bill of Materials.
- Operation ID:
export_sbom_api_v1_deps_sbom_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
formatinquery(string, необязательный) - SBOM format (spdx, cyclonedx)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/deps/scan¶
- Summary: Scan project
- Description: Scan a project for dependencies.
- Operation ID:
scan_project_api_v1_deps_scan_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ScanRequest(обязательный)- Responses:
200: Successful Response;application/json->ScanResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/deps/sync-cache¶
- Summary: Sync vulnerability cache
- Description: Sync local vulnerability cache.
- Operation ID:
sync_cache_api_v1_deps_sync_cache_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SyncCacheRequest(обязательный)- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
Тег: Documentation Generation¶
POST /api/v1/documentation/generate¶
- Summary: Generate full documentation
- Description: Generate all documentation sections, save to disk, and index in ChromaDB.
- Operation ID:
generate_documentation_api_v1_documentation_generate_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->DocGenerateRequest(обязательный)- Responses:
200: Successful Response;application/json->DocGenerateResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/documentation/generate/{section}¶
- Summary: Generate single section
- Description: Generate a single documentation section.
- Operation ID:
generate_section_api_v1_documentation_generate__section__post - Security:
HTTPBearer,APIKeyHeader - Parameters:
sectioninpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->DocSectionRequest(обязательный)- Responses:
200: Successful Response;application/json->DocSectionResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/documentation/search¶
- Summary: Search generated documentation
- Description: Semantic search in generated documentation stored in ChromaDB.
- Operation ID:
search_documentation_api_v1_documentation_search_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->DocSearchRequest(обязательный)- Responses:
200: Successful Response;application/json->DocSearchResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/documentation/stats¶
- Summary: Get documentation stats
- Description: Get generation statistics and ChromaDB collection info.
- Operation ID:
get_stats_api_v1_documentation_stats_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DocStatsResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/documentation/sync¶
- Summary: Run interface docs sync
- Description: Detect documentation drift across all configured interfaces (REST API, CLI, MCP, etc.).
- Operation ID:
run_docs_sync_api_v1_documentation_sync_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->DocsSyncRequest(обязательный)- Responses:
200: Successful Response;application/json->DocsSyncResponse422: Validation Error;application/json->HTTPValidationError
Тег: Dynamic Analysis¶
POST /api/v1/dynamic/{project_id}/correlate¶
- Summary: Correlate static and dynamic findings
- Description: Correlate static and dynamic findings.
- Operation ID:
correlate_findings_api_v1_dynamic__project_id__correlate_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->CorrelateRequest(обязательный)- Responses:
200: Successful Response;application/json->CorrelationResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/dynamic/{project_id}/fuzz-targets¶
- Summary: Generate fuzz targets from CPG
- Description: Generate prioritized fuzz targets from CPG analysis.
- Operation ID:
get_fuzz_targets_api_v1_dynamic__project_id__fuzz_targets_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)languageinquery(string, необязательный) - Filter by languagemax_targetsinquery(integer, необязательный)min_priorityinquery(number, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v1/dynamic/{project_id}/import¶
- Summary: Import dynamic analysis results
- Description: Import dynamic analysis results from inline content.
- Operation ID:
import_dynamic_results_api_v1_dynamic__project_id__import_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ImportRequest(обязательный)- Responses:
200: Successful Response;application/json->ImportResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/dynamic/{project_id}/report¶
- Summary: Generate GOST 5.11.3 dynamic analysis report
- Description: Generate GOST 5.11.3 report from all dynamic runs for a project.
- Operation ID:
get_dynamic_report_api_v1_dynamic__project_id__report_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)languageinquery(string, необязательный) - Report language (ru/en)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/dynamic/{project_id}/runs¶
- Summary: List dynamic analysis runs
- Description: List dynamic analysis runs for a project.
- Operation ID:
list_dynamic_runs_api_v1_dynamic__project_id__runs_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)limitinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/dynamic/{project_id}/runs/{run_id}¶
- Summary: Delete a dynamic analysis run
- Description: Delete a dynamic run and its findings.
- Operation ID:
delete_dynamic_run_api_v1_dynamic__project_id__runs__run_id__delete - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)run_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/dynamic/{project_id}/runs/{run_id}/findings¶
- Summary: Get findings for a dynamic run
- Description: Get all findings for a specific dynamic analysis run.
- Operation ID:
get_dynamic_findings_api_v1_dynamic__project_id__runs__run_id__findings_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)run_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
Тег: File Editing¶
POST /api/v1/edit/apply¶
- Summary: Apply edit
- Description: Apply the edit operation to the file.
- Operation ID:
apply_edit_api_v1_edit_apply_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->EditApplyRequest(обязательный)- Responses:
200: Successful Response;application/json->EditApplyResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/edit/find-target¶
- Summary: Find code targets
- Description: Find functions, classes, or methods matching the given criteria.
- Operation ID:
find_targets_api_v1_edit_find_target_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->FindTargetRequest(обязательный)- Responses:
200: Successful Response;application/json->FindTargetResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/edit/history¶
- Summary: Get edit history
- Description: Get the history of recent edits for potential undo.
- Operation ID:
get_edit_history_api_v1_edit_history_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
limitinquery(integer, необязательный) - Maximum entries to returnauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v1/edit/preview¶
- Summary: Preview edit
- Description: Generate a diff preview for the proposed edit.
- Operation ID:
preview_edit_api_v1_edit_preview_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->PreviewEditRequest(обязательный)- Responses:
200: Successful Response;application/json->PreviewEditResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/edit/undo¶
- Summary: Undo last edit
- Description: Undo the most recent edit operation.
- Operation ID:
undo_last_edit_api_v1_edit_undo_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->EditUndoResponse422: Validation Error;application/json->HTTPValidationError
Тег: GoCPG¶
GET /api/v1/gocpg/frontends¶
- Summary: List Frontends
- Description: List available language frontends.
- Operation ID:
list_frontends_api_v1_gocpg_frontends_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/gocpg/quality-stats¶
- Summary: Get Quality Stats
- Description: Get cross-language code quality metrics.
- Operation ID:
get_quality_stats_api_v1_gocpg_quality_stats_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
topinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/gocpg/stats¶
- Summary: Get Stats
- Description: Get CPG statistics.
- Operation ID:
get_stats_api_v1_gocpg_stats_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
Тег: Health¶
GET /api/v1/health¶
- Summary: Full health check
- Description: Returns detailed health status of all system components.
- Operation ID:
health_check_api_v1_health_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->HealthStatus
GET /api/v1/health/live¶
- Summary: Liveness probe
- Description: Kubernetes liveness probe endpoint. Returns 200 if service is running.
- Operation ID:
liveness_probe_api_v1_health_live_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->object
GET /api/v1/health/ready¶
- Summary: Readiness probe
- Description: Kubernetes readiness probe endpoint. Returns 200 if service is ready to accept traffic.
- Operation ID:
readiness_probe_api_v1_health_ready_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->object
GET /api/v1/health/version¶
- Summary: Get version
- Description: Returns API version information.
- Operation ID:
get_version_api_v1_health_version_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->object
Тег: History¶
GET /api/v1/history/{session_id}¶
- Summary: Get dialogue history
- Description: Get paginated dialogue history for a session.
- Operation ID:
get_history_api_v1_history__session_id__get - Parameters:
session_idinpath(string, обязательный)pageinquery(integer, необязательный)page_sizeinquery(integer, необязательный)include_metadatainquery(boolean, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DialogueHistoryResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/history/{session_id}/clear¶
- Summary: Clear history
- Description: Clear all dialogue history for a session (keeps the session).
- Operation ID:
clear_history_api_v1_history__session_id__clear_delete - Parameters:
session_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
POST /api/v1/history/{session_id}/export¶
- Summary: Export history
- Description: Export dialogue history in JSON or Markdown format.
- Operation ID:
export_history_api_v1_history__session_id__export_post - Parameters:
session_idinpath(string, обязательный)formatinquery(ExportFormat, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
Тег: Hypotheses¶
GET /api/v1/security/hypotheses/cwes¶
- Summary: List CWE entries from knowledge base
- Description: Returns CWE entries from the built-in security knowledge base. Optionally filter by vulnerability category.
- Operation ID:
list_cwes_api_v1_security_hypotheses_cwes_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
categoryinquery(object, необязательный) - Filter by vulnerability categoryauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->CWEListResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/hypotheses/providers¶
- Summary: List registered pattern providers
- Description: Returns all registered security pattern providers and their capabilities.
- Operation ID:
list_providers_api_v1_security_hypotheses_providers_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProviderListResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/hypotheses/run¶
- Summary: Run hypothesis-driven security analysis
- Description: Generates and validates security hypotheses against the project CPG. Returns metrics (precision, recall, F1) and confirmed findings.
- Operation ID:
run_hypotheses_api_v1_security_hypotheses_run_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->HypothesisRunRequest(обязательный)- Responses:
200: Successful Response;application/json->HypothesisRunResponse422: Validation Error;application/json->HTTPValidationError
Тег: Issue Tracker¶
POST /api/v1/issues/{project_id}/bulk-create¶
- Summary: Create issues from multiple findings
- Description: Create issues for multiple findings at once.
- Operation ID:
bulk_create_issues_api_v1_issues__project_id__bulk_create_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->BulkCreateRequest(обязательный)- Responses:
200: Successful Response;application/json->BulkCreateResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/issues/{project_id}/create¶
- Summary: Create issue from finding
- Description: Create an issue in the configured tracker from a finding.
- Operation ID:
create_issue_api_v1_issues__project_id__create_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->IssueCreateAPIRequest(обязательный)- Responses:
200: Successful Response;application/json->IssueResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/issues/{project_id}/status/{issue_id}¶
- Summary: Get issue status
- Description: Get current status of an issue from the tracker.
- Operation ID:
get_issue_status_api_v1_issues__project_id__status__issue_id__get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)issue_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/issues/{project_id}/sync¶
- Summary: Bidirectional sync findings with tracker
- Description: Bidirectional sync: create issues for new findings, check statuses, close fixed.
- Operation ID:
sync_issues_api_v1_issues__project_id__sync_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SyncRequest(обязательный)- Responses:
200: Successful Response;application/json->SyncResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/issues/{project_id}/update/{issue_id}¶
- Summary: Update issue status
- Description: Update issue status via tracker transitions API.
- Operation ID:
update_issue_api_v1_issues__project_id__update__issue_id__post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)issue_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->IssueUpdateRequest(обязательный)- Responses:
200: Successful Response;application/json->IssueResponse422: Validation Error;application/json->HTTPValidationError
Тег: Metrics¶
GET /api/v1/metrics¶
- Summary: Prometheus metrics
- Description: Returns metrics in Prometheus exposition format for scraping.
- Operation ID:
prometheus_metrics_api_v1_metrics_get - Parameters:
- None
- Request Body:
- None
- Responses:
200: Successful Response;application/json->object
Тег: Patterns¶
GET /api/v1/patterns/findings¶
- Summary: Query persisted pattern findings
- Description: Read pattern findings from DuckDB (populated by gocpg scan).
- Operation ID:
pattern_findings_api_v1_patterns_findings_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
rule_idinquery(object, необязательный)severityinquery(object, необязательный)filenameinquery(object, необязательный)categoryinquery(object, необязательный)limitinquery(object, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->PatternFindingsResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/patterns/fix¶
- Summary: Apply SSR pattern fixes
- Description: Apply structural pattern fixes. Returns diffs (dry_run=True) or applies changes.
- Operation ID:
pattern_fix_api_v1_patterns_fix_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->PatternFixRequest(обязательный)- Responses:
200: Successful Response;application/json->PatternFixResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/patterns/generate¶
- Summary: LLM-generate a YAML rule
- Description: Use an LLM to generate and validate a structural pattern YAML rule.
- Operation ID:
pattern_generate_api_v1_patterns_generate_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->PatternGenerateRequest(обязательный)- Responses:
200: Successful Response;application/json->PatternGenerateResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/patterns/rules¶
- Summary: List loaded pattern rules
- Description: List all pattern rules from cpg_pattern_rules table.
- Operation ID:
pattern_rules_api_v1_patterns_rules_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->PatternRulesListResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/patterns/search¶
- Summary: Ad-hoc structural pattern search
- Description: Search for structural code patterns using AST-based matching via GoCPG.
- Operation ID:
pattern_search_api_v1_patterns_search_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->PatternSearchRequest(обязательный)- Responses:
200: Successful Response;application/json->PatternSearchResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/patterns/stats¶
- Summary: Pattern matching statistics
- Description: Aggregated counts by severity, category, and rule.
- Operation ID:
pattern_stats_api_v1_patterns_stats_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->PatternStatsResponse422: Validation Error;application/json->HTTPValidationError
Тег: Project Groups¶
GET /api/v1/groups¶
- Summary: List Groups
- Description: List project groups accessible by the current user. Admin users see all groups, regular users see only their groups.
- Operation ID:
list_groups_api_v1_groups_get - Parameters:
limitinquery(integer, необязательный)offsetinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->GroupListResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/groups¶
- Summary: Create Group
- Description: Create a new project group. Only admin users can create groups.
- Operation ID:
create_group_api_v1_groups_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->GroupCreate(обязательный)- Responses:
201: Successful Response;application/json->GroupResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/groups/{group_id}¶
- Summary: Get Group
- Description: Get project group by ID.
- Operation ID:
get_group_api_v1_groups__group_id__get - Parameters:
group_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->GroupResponse422: Validation Error;application/json->HTTPValidationError
PUT /api/v1/groups/{group_id}¶
- Summary: Update Group
- Description: Update project group. Requires admin access to the group.
- Operation ID:
update_group_api_v1_groups__group_id__put - Parameters:
group_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->GroupUpdate(обязательный)- Responses:
200: Successful Response;application/json->GroupResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/groups/{group_id}¶
- Summary: Delete Group
- Description: Delete a project group. Only admin users can delete groups.
- Operation ID:
delete_group_api_v1_groups__group_id__delete - Parameters:
group_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
GET /api/v1/groups/{group_id}/users¶
- Summary: List Group Users
- Description: List users with access to a group.
- Operation ID:
list_group_users_api_v1_groups__group_id__users_get - Parameters:
group_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->UserAccessListResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/groups/{group_id}/users¶
- Summary: Add Group User
- Description: Add user access to a group. Requires admin access to the group.
- Operation ID:
add_group_user_api_v1_groups__group_id__users_post - Parameters:
group_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->UserAccessCreate(обязательный)- Responses:
201: Successful Response;application/json->UserAccessResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/groups/{group_id}/users/{user_id}¶
- Summary: Remove Group User
- Description: Remove user access from a group. Requires admin access to the group.
- Operation ID:
remove_group_user_api_v1_groups__group_id__users__user_id__delete - Parameters:
group_idinpath(string, обязательный)user_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
Тег: Project Import¶
DELETE /api/v1/import/cancel/{job_id}¶
- Summary: Cancel import job
- Description: Cancel a running import job.
- Operation ID:
cancel_import_api_v1_import_cancel__job_id__delete - Parameters:
job_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/import/jobs¶
- Summary: List import jobs
- Description: List all import jobs.
- Operation ID:
list_import_jobs_api_v1_import_jobs_get - Parameters:
status_filterinquery(object, необязательный)limitinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/import/languages¶
- Summary: List supported languages
- Description: Get list of supported programming languages for import.
- Operation ID:
get_supported_languages_api_v1_import_languages_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->SupportedLanguagesResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/import/start¶
- Summary: Start project import
- Description: Start asynchronous import of a new codebase.
- Operation ID:
start_import_api_v1_import_start_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ImportProjectRequestAPI(обязательный)- Responses:
200: Successful Response;application/json->ImportJobResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/import/status/{job_id}¶
- Summary: Get import status
- Description: Get current status of an import job.
- Operation ID:
get_import_status_api_v1_import_status__job_id__get - Parameters:
job_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProjectImportStatus422: Validation Error;application/json->HTTPValidationError
POST /api/v1/import/step¶
- Summary: Run single import step
- Description: Run a single step of the import pipeline.
- Operation ID:
run_single_step_api_v1_import_step_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ImportStepRequest(обязательный)- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
Тег: Projects¶
GET /api/v1/projects¶
- Summary: List Projects
- Description: List projects accessible by the current user. If group_id is specified, list projects in that group only. Otherwise, list all projects from accessible groups.
- Operation ID:
list_projects_api_v1_projects_get - Parameters:
group_idinquery(object, необязательный)limitinquery(integer, необязательный)offsetinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProjectListResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/projects¶
- Summary: Create Project
- Description: Create a new project in a group. Requires editor or admin access to the group.
- Operation ID:
create_project_api_v1_projects_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ProjectCreate(обязательный)- Responses:
201: Successful Response;application/json->ProjectResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/projects/active/current¶
- Summary: Get Active Project
- Description: Get the active project for the current user. Returns the first active project found across all accessible groups.
- Operation ID:
get_active_project_api_v1_projects_active_current_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/projects/{project_id}¶
- Summary: Get Project
- Description: Get project by ID.
- Operation ID:
get_project_api_v1_projects__project_id__get - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProjectResponse422: Validation Error;application/json->HTTPValidationError
PUT /api/v1/projects/{project_id}¶
- Summary: Update Project
- Description: Update a project. Requires editor or admin access to the group.
- Operation ID:
update_project_api_v1_projects__project_id__put - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ProjectUpdate(обязательный)- Responses:
200: Successful Response;application/json->ProjectResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/projects/{project_id}¶
- Summary: Delete Project
- Description: Delete a project. Requires admin access to the group. Args: delete_collections: Also delete ChromaDB vector collections.
- Operation ID:
delete_project_api_v1_projects__project_id__delete - Parameters:
project_idinpath(string, обязательный)delete_collectionsinquery(boolean, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
POST /api/v1/projects/{project_id}/activate¶
- Summary: Activate Project
- Description: Set a project as active in its group. This deactivates other projects in the same group.
- Operation ID:
activate_project_api_v1_projects__project_id__activate_post - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ProjectResponse422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/projects/{project_id}/collections¶
- Summary: Delete Collections
- Description: Delete all vector collections for a project.
- Operation ID:
delete_collections_api_v1_projects__project_id__collections_delete - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/projects/{project_id}/reindex¶
- Summary: Reindex Project
- Description: Reindex vector collections for a project. Runs indexing in background. Returns immediately with status=”started”.
- Operation ID:
reindex_project_api_v1_projects__project_id__reindex_post - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->ReindexRequest(обязательный)- Responses:
200: Successful Response;application/json->ReindexReportResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/projects/{project_id}/reindex/status¶
- Summary: Get Reindex Status
- Description: Get vector collection status for a project.
- Operation ID:
get_reindex_status_api_v1_projects__project_id__reindex_status_get - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ReindexStatusResponse422: Validation Error;application/json->HTTPValidationError
Тег: Qualification¶
GET /api/v1/qualification/{project_id}/real-programs¶
- Summary: List real programs for qualification testing
- Description: Return the list of real programs from the qualification manifest (GOST 10.2v).
- Operation ID:
list_real_programs_api_v1_qualification__project_id__real_programs_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)size_bucketinquery(object, необязательный) - Filter by size bucket: small, medium, large, xlargeauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
Тег: Query¶
POST /api/v1/query/execute¶
- Summary: Execute SQL query
- Description: Execute a SQL query against the Code Property Graph database.
- Operation ID:
execute_query_api_v1_query_execute_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->QueryExecuteRequest(обязательный)- Responses:
200: Successful Response;application/json->QueryExecuteResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/query/validate¶
- Summary: Validate SQL query
- Description: Validate a SQL query syntax without executing it.
- Operation ID:
validate_query_api_v1_query_validate_post - Parameters:
queryinquery(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->QueryValidationResult422: Validation Error;application/json->HTTPValidationError
Тег: Release Gate¶
POST /api/v1/release/check¶
- Summary: Run Gate Check
- Description: Run release gate checks for the active project.
- Operation ID:
run_gate_check_api_v1_release_check_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ReleaseCheckRequest(обязательный)- Responses:
200: Successful Response;application/json->GateDecisionResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/release/history¶
- Summary: Get History
- Description: Get gate decision history for the active project.
- Operation ID:
get_history_api_v1_release_history_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
limitinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/release/profiles¶
- Summary: List Profiles
- Description: List available gate profiles.
- Operation ID:
list_profiles_api_v1_release_profiles_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v1/release/suppress¶
- Summary: Create Suppression
- Description: Create a finding suppression (accept risk).
- Operation ID:
create_suppression_api_v1_release_suppress_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SuppressionRequest(обязательный)- Responses:
200: Successful Response;application/json->SuppressionResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/release/suppressions¶
- Summary: List Suppressions
- Description: List active suppressions for the active project.
- Operation ID:
list_suppressions_api_v1_release_suppressions_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/release/suppressions/{finding_id}¶
- Summary: Delete Suppression
- Description: Remove a finding suppression.
- Operation ID:
delete_suppression_api_v1_release_suppressions__finding_id__delete - Security:
HTTPBearer,APIKeyHeader - Parameters:
finding_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
Тег: Risk Indicators¶
GET /api/v1/risk/{project_id}/alerts¶
- Summary: Get Risk Alerts
- Description: Get recent risk alerts.
- Operation ID:
get_risk_alerts_api_v1_risk__project_id__alerts_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)lastinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v1/risk/{project_id}/assess¶
- Summary: Trigger Risk Assessment
- Description: Trigger a full risk assessment calculation.
- Operation ID:
trigger_risk_assessment_api_v1_risk__project_id__assess_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->RiskAssessmentReportResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/risk/{project_id}/assessment¶
- Summary: Get Risk Assessment
- Description: Get full risk assessment report (SVR x STP).
- Operation ID:
get_risk_assessment_api_v1_risk__project_id__assessment_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->RiskAssessmentReportResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/risk/{project_id}/assessment/matrix¶
- Summary: Get Risk Assessment Matrix
- Description: Get risk matrix (5x5 SVR x STP).
- Operation ID:
get_risk_assessment_matrix_api_v1_risk__project_id__assessment_matrix_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/risk/{project_id}/assessment/register¶
- Summary: Get Risk Assessment Register
- Description: Get risk register sorted by risk score.
- Operation ID:
get_risk_assessment_register_api_v1_risk__project_id__assessment_register_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)topinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/risk/{project_id}/assessment/{finding_id}¶
- Summary: Get Risk Assessment Detail
- Description: Get risk detail for a specific finding.
- Operation ID:
get_risk_assessment_detail_api_v1_risk__project_id__assessment__finding_id__get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)finding_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->RiskEntryResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/risk/{project_id}/calculate¶
- Summary: Trigger Risk Calculation
- Description: Trigger a full risk recalculation.
- Operation ID:
trigger_risk_calculation_api_v1_risk__project_id__calculate_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->RiskDashboardResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/risk/{project_id}/checklist¶
- Summary: Get Checklist
- Description: Get self-assessment checklist.
- Operation ID:
get_checklist_api_v1_risk__project_id__checklist_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)levelinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/risk/{project_id}/dashboard¶
- Summary: Get Risk Dashboard
- Description: Get full risk dashboard: KIR + KPUR + alerts.
- Operation ID:
get_risk_dashboard_api_v1_risk__project_id__dashboard_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->RiskDashboardResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/risk/{project_id}/events¶
- Summary: Get Risk Events
- Description: Get classified risk events.
- Operation ID:
get_risk_events_api_v1_risk__project_id__events_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)limitinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/risk/{project_id}/events/classify¶
- Summary: Classify Events
- Description: Batch classify all findings into risk events.
- Operation ID:
classify_events_api_v1_risk__project_id__events_classify_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/risk/{project_id}/events/summary¶
- Summary: Get Events Summary
- Description: Get risk events summary by 4 dimensions.
- Operation ID:
get_events_summary_api_v1_risk__project_id__events_summary_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/risk/{project_id}/kir¶
- Summary: Get Kir Values
- Description: Calculate and return current KIR values.
- Operation ID:
get_kir_values_api_v1_risk__project_id__kir_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/risk/{project_id}/kir/{kir_id}/trend¶
- Summary: Get Kir Trend
- Description: Get KIR value history (trend).
- Operation ID:
get_kir_trend_api_v1_risk__project_id__kir__kir_id__trend_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)kir_idinpath(string, обязательный)lastinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/risk/{project_id}/kpur¶
- Summary: Get Kpur Results
- Description: Calculate and return KPUR results by 3 groups.
- Operation ID:
get_kpur_results_api_v1_risk__project_id__kpur_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/risk/{project_id}/threat-model-57580¶
- Summary: Get Threat Model 57580
- Description: Generate GOST R 57580.3 threat model.
- Operation ID:
get_threat_model_57580_api_v1_risk__project_id__threat_model_57580_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
project_idinpath(string, обязательный)formatinquery(string, необязательный)languageinquery(string, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
Тег: Scenarios¶
GET /api/v1/scenarios¶
- Summary: List scenarios
- Description: Get list of all available analysis scenarios.
- Operation ID:
list_scenarios_api_v1_scenarios_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/scenarios/{scenario_id}¶
- Summary: Get scenario
- Description: Get information about a specific scenario.
- Operation ID:
get_scenario_api_v1_scenarios__scenario_id__get - Parameters:
scenario_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ScenarioInfo422: Validation Error;application/json->HTTPValidationError
POST /api/v1/scenarios/{scenario_id}/query¶
- Summary: Query scenario
- Description: Send a query to a specific scenario.
- Operation ID:
query_scenario_api_v1_scenarios__scenario_id__query_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
scenario_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ScenarioQueryRequest(обязательный)- Responses:
200: Successful Response;application/json->ScenarioQueryResponse422: Validation Error;application/json->HTTPValidationError
Тег: Security¶
POST /api/v1/security/autofix¶
- Summary: Generate security autofix suggestions
- Description: Generates automated fix suggestions for security vulnerabilities found via taint analysis. Returns diffs without applying them (read-only).
- Operation ID:
generate_autofix_api_v1_security_autofix_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->AutofixRequest(обязательный)- Responses:
200: Successful Response;application/json->AutofixResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/classify¶
- Summary: Classify finding as TP/FP
- Description: Use CPG context and taint verification to classify a security finding.
- Operation ID:
classify_finding_api_v1_security_classify_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->FPClassifyRequest(обязательный)- Responses:
200: Successful Response;application/json->FPClassifyResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/scan-diff¶
- Summary: Scan diff for security issues
- Description: Scan a raw diff for security vulnerabilities without git subprocess.
- Operation ID:
scan_diff_api_v1_security_scan_diff_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ScanDiffRequest(обязательный)- Responses:
200: Successful Response;application/json->ScanDiffResponse422: Validation Error;application/json->HTTPValidationError
Тег: Sessions¶
GET /api/v1/sessions¶
- Summary: List sessions
- Description: Get paginated list of user’s chat sessions.
- Operation ID:
list_sessions_api_v1_sessions_get - Parameters:
pageinquery(integer, необязательный)page_sizeinquery(integer, необязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->SessionListResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/sessions¶
- Summary: Create session
- Description: Create a new chat session.
- Operation ID:
create_session_api_v1_sessions_post - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->SessionCreate(обязательный)- Responses:
201: Successful Response;application/json->SessionInfo422: Validation Error;application/json->HTTPValidationError
GET /api/v1/sessions/{session_id}¶
- Summary: Get session
- Description: Get detailed session information including dialogue history.
- Operation ID:
get_session_api_v1_sessions__session_id__get - Parameters:
session_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->SessionDetail422: Validation Error;application/json->HTTPValidationError
PATCH /api/v1/sessions/{session_id}¶
- Summary: Update session
- Description: Update session metadata or scenario.
- Operation ID:
update_session_api_v1_sessions__session_id__patch - Parameters:
session_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
application/json->SessionUpdate(обязательный)- Responses:
200: Successful Response;application/json->SessionInfo422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/sessions/{session_id}¶
- Summary: Delete session
- Description: Delete a chat session and its history.
- Operation ID:
delete_session_api_v1_sessions__session_id__delete - Parameters:
session_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
204: Successful Response422: Validation Error;application/json->HTTPValidationError
Тег: Standards¶
POST /api/v1/standards/analyze¶
- Summary: Analyze code
- Description: Analyze code against standards rules.
- Operation ID:
analyze_code_api_v1_standards_analyze_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->StandardsAnalyzeRequest(обязательный)- Responses:
200: Successful Response;application/json->StandardsAnalyzeResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/standards/documents¶
- Summary: List documents
- Description: List all imported standards documents.
- Operation ID:
list_documents_api_v1_standards_documents_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
active_onlyinquery(boolean, необязательный) - Only show active documentsauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
DELETE /api/v1/standards/documents/{document_id}¶
- Summary: Remove document
- Description: Remove a standards document.
- Operation ID:
remove_document_api_v1_standards_documents__document_id__delete - Security:
HTTPBearer,APIKeyHeader - Parameters:
document_idinpath(string, обязательный)authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/standards/import¶
- Summary: Import standards document
- Description: Import a YAML standards document.
- Operation ID:
import_document_api_v1_standards_import_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ImportDocumentRequest(обязательный)- Responses:
200: Successful Response;application/json->DocumentResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/standards/import/upload¶
- Summary: Upload standards document
- Description: Upload a YAML standards document.
- Operation ID:
upload_document_api_v1_standards_import_upload_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
multipart/form-data->UploadDocumentBody(обязательный)- Responses:
200: Successful Response;application/json->DocumentResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/standards/report¶
- Summary: Generate report
- Description: Generate a standards compliance report.
- Operation ID:
generate_report_api_v1_standards_report_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ReportRequest(обязательный)- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/standards/rules¶
- Summary: List rules
- Description: List all rules from imported documents.
- Operation ID:
list_rules_api_v1_standards_rules_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
categoryinquery(object, необязательный) - Filter by categoryseverityinquery(object, необязательный) - Filter by severitylanguageinquery(object, необязательный) - Filter by languageauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/standards/template¶
- Summary: Get document template
- Description: Get a template for creating standards documents.
- Operation ID:
get_template_api_v1_standards_template_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/standards/violations¶
- Summary: Get violations
- Description: Get detected violations.
- Operation ID:
get_violations_api_v1_standards_violations_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
file_pathinquery(object, необязательный) - Filter by filerule_idinquery(object, необязательный) - Filter by ruleseverityinquery(object, необязательный) - Filter by severityauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
Тег: Statistics¶
GET /api/v1/stats¶
- Summary: Get system statistics
- Description: Get system-wide statistics and metrics.
- Operation ID:
get_stats_api_v1_stats_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->MetricsResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/stats/performance¶
- Summary: Get performance statistics
- Description: Get system performance metrics.
- Operation ID:
get_performance_stats_api_v1_stats_performance_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->PerformanceStats422: Validation Error;application/json->HTTPValidationError
GET /api/v1/stats/scenarios¶
- Summary: Get scenario statistics
- Description: Get usage statistics per scenario.
- Operation ID:
get_scenario_stats_api_v1_stats_scenarios_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->ScenarioStats422: Validation Error;application/json->HTTPValidationError
GET /api/v1/stats/users¶
- Summary: Get user statistics
- Description: Get user activity statistics (admin only).
- Operation ID:
get_user_stats_api_v1_stats_users_get - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->UserStats422: Validation Error;application/json->HTTPValidationError
Тег: Supply Chain¶
GET /api/v1/supply-chain/findings¶
- Summary: Get Findings
- Description: Get supply chain findings for the active project.
- Operation ID:
get_findings_api_v1_supply_chain_findings_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
severityinquery(object, необязательный) - Filter by severityauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
GET /api/v1/supply-chain/gost-report¶
- Summary: Get Gost Report
- Description: Generate GOST 5.17.3 report.
- Operation ID:
get_gost_report_api_v1_supply_chain_gost_report_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
languageinquery(string, необязательный) - Report language: ru or enauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->GostReportResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/supply-chain/registry¶
- Summary: Get Registry
- Description: Get component registry for the active project.
- Operation ID:
get_registry_api_v1_supply_chain_registry_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
POST /api/v1/supply-chain/scan¶
- Summary: Scan Supply Chain
- Description: Run full supply chain security scan for the active project.
- Operation ID:
scan_supply_chain_api_v1_supply_chain_scan_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->SupplyChainScanRequest(обязательный)- Responses:
200: Successful Response;application/json->SupplyChainScanResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/supply-chain/trust¶
- Summary: Get Trust Scores
- Description: Get trust scores for all components.
- Operation ID:
get_trust_scores_api_v1_supply_chain_trust_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
min_scoreinquery(number, необязательный) - Show only components below this scoreauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->array422: Validation Error;application/json->HTTPValidationError
Тег: Threat Model¶
GET /api/v1/security/threat-model/dfd¶
- Summary: Generate Data Flow Diagram
- Description: Extract DFD from CPG and return as Mermaid or JSON.
- Operation ID:
get_dfd_api_v1_security_threat_model_dfd_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
formatinquery(string, необязательный) - Output format: mermaid|jsonauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->DFDResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/threat-model/export¶
- Summary: Export threat model in specified format
- Description: Generate and export threat model as Markdown, GOST, SARIF, or JSON string.
- Operation ID:
export_threat_model_api_v1_security_threat_model_export_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ThreatModelGenerateRequest(обязательный)- Responses:
200: Successful Response;application/json->ThreatModelExportResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/threat-model/generate¶
- Summary: Generate STRIDE threat model
- Description: Generates a complete STRIDE threat model from the project CPG. Includes DFD extraction, trust boundary detection, threat classification, and mitigation recommendations.
- Operation ID:
generate_threat_model_api_v1_security_threat_model_generate_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->ThreatModelGenerateRequest(обязательный)- Responses:
200: Successful Response;application/json->ThreatModelResponse422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/threat-model/mitigations¶
- Summary: List STRIDE mitigation recommendations
- Description: Returns standard mitigations for each STRIDE category and CWE-specific recommendations.
- Operation ID:
list_mitigations_api_v1_security_threat_model_mitigations_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
categoryinquery(object, необязательный) - STRIDE category filterauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/threat-model/stride-mapping¶
- Summary: CWE to STRIDE category mapping
- Description: Returns the mapping of CWE IDs to STRIDE threat categories.
- Operation ID:
get_stride_mapping_api_v1_security_threat_model_stride_mapping_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
GET /api/v1/security/threat-model/threats¶
- Summary: List threats
- Description: List threats from the generated threat model with optional filters.
- Operation ID:
list_threats_api_v1_security_threat_model_threats_get - Security:
HTTPBearer,APIKeyHeader - Parameters:
severityinquery(object, необязательный) - Filter by severitycategoryinquery(object, необязательный) - Filter by STRIDE categorylanguageinquery(string, необязательный) - Output languageauthorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->object422: Validation Error;application/json->HTTPValidationError
POST /api/v1/security/threat-model/update¶
- Summary: Incremental threat model update
- Description: Compare new threat model against a previous version and compute delta.
- Operation ID:
update_threat_model_api_v1_security_threat_model_update_post - Security:
HTTPBearer,APIKeyHeader - Parameters:
authorizationinheader(object, необязательный)X-API-Keyinheader(object, необязательный)X-Project-Idinheader(object, необязательный)- Request Body:
application/json->IncrementalUpdateRequest(обязательный)- Responses:
200: Successful Response;application/json->src__api__routers__threat_model__DeltaResponse422: Validation Error;application/json->HTTPValidationError
Тег: Webhooks¶
POST /api/v1/webhooks/github¶
- Summary: GitHub webhook receiver
- Description: Receives push and PR events from GitHub.
- Operation ID:
receive_github_webhook_api_v1_webhooks_github_post - Parameters:
- None
- Request Body:
- None
- Responses:
202: Successful Response;application/json->WebhookResponse
POST /api/v1/webhooks/gitlab¶
- Summary: GitLab webhook receiver
- Description: Receives push and MR events from GitLab.
- Operation ID:
receive_gitlab_webhook_api_v1_webhooks_gitlab_post - Parameters:
- None
- Request Body:
- None
- Responses:
202: Successful Response;application/json->WebhookResponse
POST /api/v1/webhooks/gitverse¶
- Summary: GitVerse webhook receiver
- Description: Receives push and PR events from GitVerse (GitHub-compatible format).
- Operation ID:
receive_gitverse_webhook_api_v1_webhooks_gitverse_post - Parameters:
- None
- Request Body:
- None
- Responses:
202: Successful Response;application/json->WebhookResponse
POST /api/v1/webhooks/local¶
- Summary: Local incremental CPG update
- Description: Triggered by IDE plugins (OpenCode) after git commit for incremental CPG update.
- Operation ID:
receive_local_webhook_api_v1_webhooks_local_post - Parameters:
- None
- Request Body:
application/json->LocalWebhookRequest(обязательный)- Responses:
202: Successful Response;application/json->WebhookResponse422: Validation Error;application/json->HTTPValidationError
POST /api/v1/webhooks/sourcecraft¶
- Summary: SourceCraft webhook receiver
- Description: Receives push and MR events from SourceCraft.
- Operation ID:
receive_sourcecraft_webhook_api_v1_webhooks_sourcecraft_post - Parameters:
- None
- Request Body:
- None
- Responses:
202: Successful Response;application/json->WebhookResponse
GET /api/v1/webhooks/status/{project_id}¶
- Summary: Get CPG update status
- Description: Returns the latest CPG update pipeline status for a project.
- Operation ID:
get_webhook_status_api_v1_webhooks_status__project_id__get - Parameters:
project_idinpath(string, обязательный)- Request Body:
- None
- Responses:
200: Successful Response;application/json->UpdateStatusResponse422: Validation Error;application/json->HTTPValidationError