Components in Quarantine REST API
The Components in Quarantine API is used to report on all repository components that are quarantined. The resulting list is intended to be used to detail the violations keeping the component in quarantine, in which the component can be released from quarantine with the Release from Quarantine REST API.
Requesting a list of components in quarantine
GET api/v2/reports/components/quarantined
A sample request to list the components in quarantine is done by issuing the following curl command:
curl -u admin:admin123 -X GET http://localhost:8070/api/v2/reports/components/quarantined
Response
Each repository containing quarantined components is listed along with the components and policy violations triggering quarantine. In the case where all policy violations causing quarantine have been waived but the component has not been released from quarantine, there will be no policy violations.
{
"componentsInQuarantine":[
{
"repository":{
"repositoryId":"579729e6b3134c0bb40de1ac077288be",
"publicId":"maven-central",
"format":"maven2"
},
"components":[
{
"component":{
"packageUrl":"pkg:maven/tomcat/tomcat-util@5.5.23?type=jar",
"hash":"1249e25aebb15358bedd",
"componentIdentifier":{
"format":"maven",
"coordinates":{
"artifactId":"tomcat-util",
"classifier":"",
"extension":"jar",
"groupId":"tomcat",
"version":"5.5.23"
},
"quarantineId":"21d7f6366c3c49eea03eaf416f37cd17",
"quarantineTime":"2019-10-16T20:52:27.659+0000"
}
},
"policyViolations":[
{
"policyId":"775a6e88799040c5bb2dd8f020124d07",
"policyName":"Security-High",
"policyViolationId":"12ba38f6d38b4f2585c5f3415f094af4",
"threatLevel":9,
"constraintViolations":[
{
"constraintId":"5244a1a9d0374a459144e8d93d192051",
"constraintName":"High risk CVSS score",
"reasons":[
{
"reason":"Found security vulnerability CVE-2017-5647 with severity 7.5."
},
{
"reason":"Found security vulnerability CVE-2017-5647 with severity 7.5."
}
]
}
]
}
]
}
]
}
]
}Item | Description |
|---|---|
componentsInQuarantine | List of repositories and their components that have been quarantined |
repository | Repository details |
components | List of components and their policy violations |
component | Component details. |
quarantineId | The ID to release the component from quarantine |
quarantineTime | The date/time when the component was quarantined |
policyViolations | List of policy violation details that currently cause the component to be in quarantine. |
Requesting a list of specified component(s) in quarantine
GET api/v2/reports/components/quarantined?purl={purl}A sample request to query specific components in quarantine is done by issuing the following curl command:
curl -u admin:admin123 -X GET http://localhost:8070/api/v2/reports/components/quarantined?purl=pkg:maven/org.codehaus.plexus/plexus-utils@1.1?type=jar
Response
{
"componentsInQuarantine": [
{
"repository": {
"repositoryId": "b31d2add06fc490598fb8d4b52b3e9de",
"publicId": "maven-central",
"format": "maven2"
},
"components": [
{
"component": {
"packageUrl": "pkg:maven/org.codehaus.plexus/plexus-utils@1.1?type=jar",
"hash": "fa632b7f1cb7c50963d0",
"componentIdentifier": {
"format": "maven",
"coordinates": {
"artifactId": "plexus-utils",
"classifier": "",
"extension": "jar",
"groupId": "org.codehaus.plexus",
"version": "1.1"
}
},
"displayName": "org.codehaus.plexus : plexus-utils : 1.1",
"quarantineId": "f6b58fb8755f461c9bb306ab7fe86632",
"quarantineTime": "2023-05-03T16:16:25.456+0000"
},
"policyViolations": [
{
"policyId": "fdafe5ad9dc34ae880af37345ceee6ae",
"policyName": "Security-Critical",
"policyViolationId": "0a42355ecbb24ee2a51262944db0a0de",
"threatLevel": 10,
"constraintViolations": [
{
"constraintId": "c48d22b8a5d7496394b9924fe7b622eb",
"constraintName": "Critical risk CVSS score",
"reasons": [
{
"reason": "Found security vulnerability CVE-2017-1000487 with severity >= 9 (severity = 9.8)",
"reference": {
"type": "SECURITY_VULNERABILITY_REFID",
"value": "CVE-2017-1000487"
}
}
]
}
]
}
]
}
]
}
]
}