### Include Steps Here Source: https://docs.scanoss.com/docs-templates/README_TEMPLATE Placeholder for the main steps or commands to get started with the project. ```bash # Include Steps Here... ``` -------------------------------- ### Install Project Command Source: https://docs.scanoss.com/docs-templates/README_TEMPLATE The command to install the project itself. This is typically run after setting up prerequisites. ```bash [INSTALL_COMMAND] ``` -------------------------------- ### Command Line Arguments Example Source: https://docs.scanoss.com/docs-templates/README_TEMPLATE Example of how to use command-line arguments to configure the application. Options and their descriptions are listed below. ```bash [COMMAND] --[option] [value] --[option] [value] ``` -------------------------------- ### Install Tool Command Source: https://docs.scanoss.com/docs-templates/README_TEMPLATE Command to install a prerequisite tool or runtime. Ensure the specified version is met. ```bash [COMMAND_TO_INSTALL_TOOL] ``` -------------------------------- ### Settings Configuration Example Source: https://docs.scanoss.com/docs-templates/README_TEMPLATE Example of the application's settings configuration, typically in JSON format. Replace [language] with 'json'. ```plaintext [SETTINGS_EXAMPLE] ``` -------------------------------- ### Common Use Case Example Source: https://docs.scanoss.com/docs-templates/README_TEMPLATE An example demonstrating a common use case for the project. Replace [language] with the appropriate language. ```plaintext [CODE_EXAMPLE] ``` -------------------------------- ### Get Cryptographic Hints Source: https://docs.scanoss.com/api-reference/cryptography/get-cryptographic-hints-for-multiple-components-in-a-single-request Submit a list of components (using Package URLs) to get cryptographic hints for each. This is useful for batch analysis of your project's dependencies. ```APIDOC ## POST /v2/hints/cryptographic ### Description Retrieves cryptographic hints for a list of software components. ### Method POST ### Endpoint /v2/hints/cryptographic ### Request Body - **components** (array[v2ComponentRequest]) - Required - A list of components for which to retrieve cryptographic hints. ### Request Example { "components": [ { "purl": "pkg:github/scanoss/engine@1.0.0" }, { "purl": "pkg:npm/lodash@4.17.21" } ] } ### Response #### Success Response (200) - **hints** (array[v2Hint]) - A list of cryptographic hints for the requested components. - **unresolved** (array[string]) - A list of PURLs that could not be resolved or analyzed. #### Response Example { "hints": [ { "id": "crypto-hint-123", "name": "OpenSSL", "description": "Uses OpenSSL for TLS encryption.", "category": "library", "url": "https://www.openssl.org/", "purl": "pkg:generic/OpenSSL@1.1.1k" } ], "unresolved": [ "pkg:github/scanoss/engine@1.0.0" ] } ``` -------------------------------- ### OpenAPI Component Request Example Source: https://docs.scanoss.com/api-reference/cryptography/get-cryptographic-algorithms-used-by-multiple-components-across-specified-version-ranges Example of a v2ComponentRequest object used to identify a software component for analysis. ```yaml purl: pkg:github/scanoss/engine@1.0.0 ``` -------------------------------- ### Pack and unpack a message in Go Source: https://docs.scanoss.com/api-reference/cryptography/get-cryptographic-algorithms-used-by-a-component-across-specified-version-ranges Provides an example of packing and unpacking a message using the Any type in Go. ```go foo := &pb.Foo{...} any, err := anypb.New(foo) if err != nil { ... } ... foo := &pb.Foo{} if err := any.UnmarshalTo(foo); err != nil { ... } ``` -------------------------------- ### Get License Information for Multiple Components Source: https://docs.scanoss.com/api-reference/license/get-license-information-for-multiple-software-components-in-a-single-request Submit a POST request with a list of component package URLs to get their associated license information, including SPDX identifiers and URLs. ```APIDOC ## POST /v2/licenses/components ### Description Retrieves license information for multiple software components in a single request. This endpoint examines source code, license files, and package metadata to determine applicable licenses for each component, returning both individual SPDX licenses and SPDX expressions when determinable. ### Method POST ### Endpoint /v2/licenses/components ### Parameters #### Request Body - **components** (array) - Required - An array of component requests to analyze. - **purl** (string) - Required - Package URL identifying the component to analyze. - **requirement** (string) - Optional - Specifies the requirement for the component. ### Request Example ```json { "components": [ { "purl": "pkg:github/scanoss/engine@1.0.0" }, { "purl": "pkg:github/scanoss/scanoss.py@v1.30.0" } ] } ``` ### Response #### Success Response (200) - **components** (array) - License information for each component in the batch. - **purl** (string) - The Package URL of the component. - **requirement** (string) - The requirement for the component. - **version** (string) - The version of the component. - **statement** (string) - The license statement for the component. - **licenses** (array) - A list of identified licenses. - **id** (string) - The SPDX identifier of the license. - **full_name** (string) - The full name of the license. - **is_spdx_approved** (boolean) - Indicates if the license is SPDX approved. - **url** (string) - The URL to the license details. - **url** (string) - The URL of the component's repository. - **info_message** (string) - Information message regarding the component analysis. - **info_code** (string) - Code indicating the status of component analysis. - **status** (object) - The overall status of the request. - **status** (string) - The status of the operation (e.g., SUCCESS). - **message** (string) - A message describing the status. #### Response Example ```json { "components": [ { "purl": "pkg:github/scanoss/engine@1.0.0", "requirement": "", "version": "1.0.0", "statement": "GPL-2.0", "licenses": [ { "id": "GPL-2.0", "full_name": "GNU General Public License v2.0 only", "is_spdx_approved": true, "url": "https://spdx.org/licenses/GPL-2.0-only.html" } ], "url": "https://github.com/scanoss/engine" }, { "purl": "pkg:github/scanoss/scanoss.py@v1.30.0", "requirement": "", "version": "v1.30.0", "statement": "MIT", "licenses": [ { "id": "MIT", "full_name": "MIT License", "is_spdx_approved": true, "url": "https://spdx.org/licenses/MIT.html" } ], "url": "https://github.com/scanoss/scanoss.py" } ], "status": { "status": "SUCCESS", "message": "Licenses Successfully retrieved" } } ``` #### Error Response (default) - **code** (integer) - The error code. - **message** (string) - The error message. - **details** (array) - An array of error details. ``` -------------------------------- ### Get Cryptographic Hints Source: https://docs.scanoss.com/api-reference/cryptography/get-cryptographic-hints-for-a-single-component Fetches cryptographic hints for a given component version using its PURL. ```APIDOC ## GET /components/{purl}/cryptographic-hints ### Description Retrieves cryptographic hint information for a specific component identified by PURL and version. Contains comprehensive cryptographic hints about protocols, libraries, SDKs and frameworks used by the component, providing insights into cryptographic dependencies and usage patterns. ### Endpoint `/components/{purl}/cryptographic-hints` ### Parameters #### Path Parameters - **purl** (string) - Required - The Package URL (PURL) of the component. ### Response #### Success Response (200) - **status** (v2StatusCode) - The status code of the operation. - **message** (string) - A status message. - **db** (StatusResponseDB) - Database-related information. - **server** (StatusResponseServer) - Server-related information. #### Error Response (404) - **status** (string) - Indicates 'VERSION_NOT_FOUND' if the component version could not be found. - **message** (string) - A message detailing the error. ``` -------------------------------- ### Get all version information for a specific component Source: https://docs.scanoss.com/llms.txt Retrieves all version information for a specified software component. ```APIDOC ## GET /components/{component_id}/versions ### Description Retrieves all version information for a specific component. ### Method GET ### Endpoint /components/{component_id}/versions ### Parameters #### Path Parameters - **component_id** (string) - Required - The unique identifier of the component. ``` -------------------------------- ### Get License Details by SPDX Identifier Source: https://docs.scanoss.com/api-reference/license/get-detailed-metadata-for-a-specific-license-by-spdx-identifier Fetches detailed metadata for a license using its SPDX identifier. ```APIDOC ## GET /v2/licenses/details ### Description Provides comprehensive license information including SPDX registry data, OSADL compliance metadata, license type classification, and official references. ### Method GET ### Endpoint /v2/licenses/details ### Parameters #### Query Parameters - **id** (string) - Optional - SPDX identifier or licenseRef (e.g., "MIT", "licenseRef-GitLab-Enterprise") ### Response #### Success Response (200) - **license** (object) - Detailed license metadata. - **status** (object) - Response status details. #### Response Example ```json { "license": { "full_name": "MIT License", "type": "PERMISSIVE", "spdx": { "id": "MIT", "full_name": "MIT License", "details_url": "https://spdx.org/licenses/MIT.html" }, "osadl": { "compliance": "approved" } }, "status": { "status": "OK", "message": "License details retrieved successfully." } } ``` ``` -------------------------------- ### Get cryptographic hints for a single component Source: https://docs.scanoss.com/llms.txt Returns hints about cryptographic protocols, libraries, SDKs, and frameworks used by a component, providing insights into cryptographic dependencies. ```APIDOC ## GET /cryptography/hints/component/{component_id} ### Description Gets cryptographic hints for a single component. ### Method GET ### Endpoint /cryptography/hints/component/{component_id} ### Parameters #### Path Parameters - **component_id** (string) - Required - The unique identifier of the component. ``` -------------------------------- ### Get status information for a specific purl via a GET request Source: https://docs.scanoss.com/llms.txt Fetches the status information for a given Package URL (purl). ```APIDOC ## GET /components/status/{purl} ### Description Gets status information for a specific purl via a GET request. ### Method GET ### Endpoint /components/status/{purl} ### Parameters #### Path Parameters - **purl** (string) - Required - The Package URL to check the status for. ``` -------------------------------- ### Pack and Unpack Any Message in Python Source: https://docs.scanoss.com/api-reference/cryptography/returns-the-same-message-that-was-sent-used-for-health-checks-and-connectivity-testing Demonstrates packing a Foo message into an Any type and then unpacking it. Use Any.Is() for type checking before unpacking. ```python foo = Foo(...) an y = Any() any.Pack(foo) ... if any.Is(Foo.DESCRIPTOR): any.Unpack(foo) ... ``` -------------------------------- ### Pack and unpack a message in Java Source: https://docs.scanoss.com/api-reference/cryptography/get-cryptographic-algorithms-used-by-a-component-across-specified-version-ranges Illustrates packing and unpacking a message using the Any type in Java. ```java Foo foo = ...; Any any = Any.pack(foo); ... if (any.is(Foo.class)) { foo = any.unpack(Foo.class); } // or ... if (any.isSameTypeAs(Foo.getDefaultInstance())) { foo = any.unpack(Foo.getDefaultInstance()); } ``` -------------------------------- ### Get Component Status by PURLs Source: https://docs.scanoss.com/api-reference/components/get-the-status-for-a-list-of-purls-posted-in-the-body Submit a list of PURLs in the request body to get their corresponding status information. This endpoint is useful for batch analysis of component statuses. ```APIDOC ## POST /v2/components/status/components ### Description Retrieves the status for a list of PURL components provided in the request body. This operation is designed for batch processing, allowing multiple component statuses to be fetched in a single API call. ### Method POST ### Endpoint /v2/components/status/components ### Request Body - **components** (array) - Required - An array of component objects, where each object contains a 'purl' field. - **purl** (string) - Required - The Package URL (PURL) of the component. ### Request Example ```json { "components": [ { "purl": "pkg:github/scanoss/engine@1.0.0" }, { "purl": "pkg:github/scanoss/scanoss.py@v1.30.0" } ] } ``` ### Response #### Success Response (200) - **components** (array) - An array of component status objects. - **purl** (string) - The PURL of the component. - **name** (string) - The name of the component. - **requirement** (string) - The requirement for the component. - **version_status** (object) - Status details for a specific version. - **version** (string) - The version of the component. - **status** (string) - The status of the version (e.g., 'deleted'). - **indexed_date** (string) - The date the version was indexed. - **check_date** (string) - The date the version was checked. - **component_status** (object) - Overall status of the component. - **status** (string) - The status of the component (e.g., 'active'). - **first_indexed_date** (string) - The date the component was first indexed. - **last_indexed_date** (string) - The date the component was last indexed. - **status** (object) - Overall status of the response. #### Response Example ```json { "components": [ { "purl": "pkg:npm/strive-molu-axios", "name": "strive-molu-axios", "requirement": "^0.0.1", "version_status": { "version": "0.0.1-beta.1", "status": "deleted", "indexed_date": "2024-06-21", "check_date": "2026-02-01" }, "component_status": { "status": "active", "first_indexed_date": "2022-03-01", "last_indexed_date": "2026-02-15" } } ], "status": { "status": "OK" } } ``` #### Error Response (404) - Description: Returned when the resource does not exist. - Content: application/json (string) #### Error Response (default) - Description: An unexpected error response. - Content: application/json (schema: rpcStatus) ``` -------------------------------- ### Batch Scan Project Directory with SCANOSS Python SDK Source: https://docs.scanoss.com/docs-templates/scanoss-template This Python code demonstrates how to scan an entire project directory using the SCANOSS SDK. It's ideal for comprehensive open-source inventory analysis. Ensure you have the SCANOSS Python SDK installed and provide valid URL and API key. ```python from scanoss.scanner import Scanner def main(): scanner = Scanner(url='new-url', api_key='key') scanner.scan_folder( '.' ) if __name__ == "__main__": main() ``` -------------------------------- ### Get Cryptographic Hints for Multiple Components Source: https://docs.scanoss.com/api-reference/cryptography/get-cryptographic-hints-for-multiple-components-in-a-single-request Submit a list of components to analyze their cryptographic dependencies. The service returns hints about detected cryptographic protocols, libraries, SDKs, and frameworks. ```APIDOC ## POST /v2/cryptography/hints/components ### Description Returns hints about cryptographic protocols, libraries, SDKs and frameworks used by multiple components, providing insights into cryptographic dependencies. See: https://github.com/scanoss/papi/blob/main/protobuf/scanoss/api/cryptography/v2/README.md#componentshintsinrange ### Method POST ### Endpoint /v2/cryptography/hints/components ### Request Body - **components** (array) - Required - Array of component requests to analyze. - **purl** (string) - Required - Package URL (PURL) uniquely identifying the component. ### Request Example { "components": [ { "purl": "pkg:github/scanoss/engine@1.0.0" }, { "purl": "pkg:github/scanoss/scanoss.py@v1.30.0" } ] } ### Response #### Success Response (200) - **components** (array) - Cryptographic hint information for each component in the batch. - **purl** (string) - Package URL (PURL) uniquely identifying the component. - **requirement** (string) - The version requirement for the component. - **version** (string) - The detected version of the component. - **hints** (array) - A list of detected cryptographic hints. - **id** (string) - Unique identifier for the hint. - **name** (string) - Name of the cryptographic element (e.g., OpenSSL, TLS 1.3). - **description** (string) - Description of the cryptographic element. - **category** (string) - Category of the hint (e.g., library, protocol). - **url** (string) - URL for more information about the hint. - **purl** (string) - PURL of the cryptographic element, if available. - **status** (object) - Overall status of the request. - **status** (string) - Status code (e.g., SUCCESS, ERROR). - **message** (string) - A message describing the status. #### Response Example { "components": [ { "purl": "pkg:github/scanoss/engine", "requirement": ">=5.0.0", "version": "5.0.0", "hints": [ { "id": "openssl-hint-001", "name": "OpenSSL", "description": "Industry standard cryptographic library", "category": "library", "url": "https://www.openssl.org/", "purl": "pkg:generic/openssl@3.0.0" } ] }, { "purl": "pkg:github/scanoss/scanoss.py", "requirement": "~1.30.0", "version": "v1.30.0", "hints": [ { "id": "tls-protocol-001", "name": "TLS 1.3", "description": "Transport Layer Security protocol", "category": "protocol", "url": "https://tools.ietf.org/html/rfc8446", "purl": "" } ] } ], "status": { "status": "SUCCESS", "message": "Cryptographic hints Successfully retrieved" } } #### Error Response (404) - **description**: Returned when the resource does not exist. - **content**: application/json - schema: string #### Error Response (default) - **description**: An unexpected error response. - **content**: application/json - schema: #/components/schemas/rpcStatus ``` -------------------------------- ### Get Status for Multiple Components Source: https://docs.scanoss.com/api-reference/components/get-the-status-for-a-list-of-purls-posted-in-the-body Submit a list of components using their Package URLs (PURLs) to get their development status. The response includes detailed status for each component and its versions. ```APIDOC ## POST /components/status ### Description Retrieves the development status for a list of software components. ### Method POST ### Endpoint /components/status ### Request Body - **components** (array[v2ComponentRequest]) - Required - A list of components to check the status for. ### Request Example ```json { "components": [ { "purl": "pkg:github/scanoss/engine@1.0.0" }, { "purl": "pkg:npm/lodash@4.17.21" } ] } ``` ### Response #### Success Response (200) - **schema_version** (string) - Semantic schema version (e.g., 'v1.0.0'). - **created_at** (string) - When this DB was built (ISO 8601 format). - **server** (StatusResponseServer) - Server information. - **database** (StatusResponseDB) - Database version information. - **components** (array[ComponentStatusResponse]) - A list of status responses for each requested component. #### Response Example ```json { "schema_version": "v1.0.0", "created_at": "2023-10-27T10:00:00Z", "server": { "version": "v2.1.0" }, "database": { "schema_version": "v1.0.0", "created_at": "2023-10-26T08:00:00Z" }, "components": [ { "purl": "pkg:github/scanoss/engine@1.0.0", "status": "ACTIVE", "repository_status": "HEALTHY", "first_indexed_date": "2023-01-15T09:00:00Z", "last_indexed_date": "2023-10-20T14:30:00Z", "status_change_date": "2023-10-20T14:30:00Z", "info_message": "Component found and status is active.", "info_code": "SUCCESS", "versions": [ { "version": "1.0.0", "status": "ACTIVE", "repository_status": "HEALTHY", "indexed_date": "2023-01-15T09:00:00Z", "status_change_date": "2023-01-15T09:00:00Z" } ] }, { "purl": "pkg:npm/lodash@4.17.21", "status": "DEPRECATED", "repository_status": "DEPRECATED", "first_indexed_date": "2022-05-10T11:00:00Z", "last_indexed_date": "2023-09-01T16:00:00Z", "status_change_date": "2023-09-01T16:00:00Z", "info_message": "Component is deprecated.", "info_code": "NO_INFO", "versions": [ { "version": "4.17.21", "status": "DEPRECATED", "repository_status": "DEPRECATED", "indexed_date": "2022-05-10T11:00:00Z", "status_change_date": "2023-09-01T16:00:00Z" } ] } ] } ``` ``` -------------------------------- ### Get Vulnerability Information for Multiple Components Source: https://docs.scanoss.com/api-reference/vulnerabilities/get-vulnerability-information-for-multiple-software-components-in-a-single-request Submit a list of components using their Package URLs (PURLs) to get their associated vulnerability information. This endpoint is designed to optimize performance by handling multiple component analyses in one call. ```APIDOC ## POST /v2/components/vulnerabilities ### Description Retrieves vulnerability information for a list of software components specified by their Package URLs (PURLs). ### Method POST ### Endpoint /v2/components/vulnerabilities ### Request Body - **components** (array[v2ComponentRequest]) - Required - An array of component requests, where each request includes a PURL and an optional version constraint. ### Request Example ```json { "components": [ { "purl": "pkg:github/scanoss/engine@1.0.0" }, { "purl": "pkg:github/scanoss/scanoss.py@v1.30.0" } ] } ``` ### Response #### Success Response (200) - **status** (v2StatusCode) - The status of the operation. - **message** (string) - A message describing the outcome of the request. - **db** (StatusResponseDB) - Information about the vulnerability database used. - **server** (StatusResponseServer) - Information about the server that processed the request. - **components** (array[v2ComponentVulnerabilityInfo]) - A list of vulnerability information for each requested component. #### Response Example ```json { "status": "OK", "message": "Successfully retrieved vulnerability information for 2 components.", "db": { "name": "NVD", "version": "2023-10-27" }, "server": { "version": "1.2.0" }, "components": [ { "purl": "pkg:github/scanoss/engine@1.0.0", "version": "1.0.0", "requirement": "", "vulnerabilities": [ { "id": "SCANOSS-12345", "cve": "CVE-2023-12345", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-12345", "summary": "A sample vulnerability description.", "severity": "High", "published": "2023-10-26T10:00:00Z", "modified": "2023-10-26T11:00:00Z", "source": "NVD" } ], "info_message": "Vulnerability information found.", "info_code": "SUCCESS" }, { "purl": "pkg:github/scanoss/scanoss.py@v1.30.0", "version": "v1.30.0", "requirement": "", "vulnerabilities": [], "info_message": "No vulnerability information available for this component.", "info_code": "NO_INFO" } ] } ``` ``` -------------------------------- ### Pack and unpack a message in Python Source: https://docs.scanoss.com/api-reference/cryptography/get-cryptographic-algorithms-used-by-a-component-across-specified-version-ranges Shows how to pack and unpack a message using the Any type in Python. ```python foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DESCRIPTOR): any.Unpack(foo) ... ``` -------------------------------- ### Get transitive dependency details. Source: https://docs.scanoss.com/llms.txt Retrieves detailed information about the transitive dependencies of a software component. ```APIDOC ## GET /dependencies/transitive ### Description Fetches detailed information regarding the transitive dependencies of a specified software component. ### Method GET ### Endpoint /dependencies/transitive ### Parameters #### Query Parameters - **componentName** (string) - Required - The name of the component for which to retrieve transitive dependencies. - **version** (string) - Required - The version of the component. ### Response #### Success Response (200) - **dependencies** (array[object]) - A list of transitive dependencies. - **name** (string) - The name of the dependency. - **version** (string) - The version of the dependency. - **licenses** (array[string]) - A list of licenses associated with the dependency. ### Response Example ```json { "dependencies": [ { "name": "transitive-lib", "version": "0.5.0", "licenses": ["MIT"] } ] } ``` ``` -------------------------------- ### Pack and unpack a message in C++ Source: https://docs.scanoss.com/api-reference/cryptography/get-cryptographic-algorithms-used-by-a-component-across-specified-version-ranges Demonstrates packing and unpacking a message using the Any type in C++. ```cpp Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(&foo)) { ... } ``` -------------------------------- ### Get the statistics for the specified components Source: https://docs.scanoss.com/llms.txt Retrieves statistical data for one or more specified software components. ```APIDOC ## GET /components/statistics ### Description Gets the statistics for the specified components. ### Method GET ### Endpoint /components/statistics ### Parameters #### Query Parameters - **component_ids** (array of strings) - Required - A list of component identifiers for which to retrieve statistics. ``` -------------------------------- ### Standard echo Source: https://docs.scanoss.com/llms.txt A simple endpoint to test API connectivity and responsiveness. ```APIDOC ## GET /echo ### Description Performs a standard echo operation to test API responsiveness. ### Method GET ### Endpoint /echo ``` -------------------------------- ### Get license information for a single software component. Source: https://docs.scanoss.com/llms.txt Examines source code, license files, and package metadata to determine applicable licenses for a component. Returns license data in both individual SPDX license and SPDX expressions when determinable. ```APIDOC ## GET /license/component ### Description Determines and retrieves the license information for a single software component by analyzing its source code, associated license files, and package metadata. The results are provided in both individual SPDX license identifiers and, where possible, as SPDX license expressions. ### Method GET ### Endpoint /license/component ### Parameters #### Query Parameters - **componentName** (string) - Required - The name of the software component. - **version** (string) - Required - The version of the software component. ### Response #### Success Response (200) - **licenseInfo** (object) - Information about the component's licenses. - **spdxLicenses** (array[string]) - A list of individual SPDX license identifiers found. - **spdxExpression** (string) - An SPDX license expression representing the combined licenses, if determinable. ### Response Example ```json { "licenseInfo": { "spdxLicenses": ["MIT", "Apache-2.0"], "spdxExpression": "(MIT AND Apache-2.0)" } } ``` ``` -------------------------------- ### Get License Information Source: https://docs.scanoss.com/api-reference/license/get-license-information-for-a-single-software-component Fetches license details for a given software component. The response includes the license ID, full name, SPDX approval status, and a URL to the license information. ```APIDOC ## GET /v2/component/license/{purl}/{version} ### Description Retrieves license information for a specific software component identified by its Package URL (PURL) and version. ### Method GET ### Endpoint /v2/component/license/{purl}/{version} ### Parameters #### Path Parameters - **purl** (string) - Required - The Package URL of the component. - **version** (string) - Required - The version of the component. ### Response #### Success Response (200) - **status** (v2StatusCode) - The status code of the operation. - **message** (string) - A status message providing details about the operation. - **db** (StatusResponseDB) - Database version information. - **server** (StatusResponseServer) - Server version information. - **data** (v2LicenseInfo) - Detailed license information for the component. ### Response Example ```json { "status": "SUCCESS", "message": "License information retrieved successfully.", "db": { "schema_version": "v1.0.0", "created_at": "2023-10-27T10:00:00Z" }, "server": { "version": "v1.0.0" }, "data": { "id": "MIT", "full_name": "MIT License", "is_spdx_approved": true, "url": "https://spdx.org/licenses/MIT.html" } } ``` #### Error Responses - **404 Not Found**: Component or version not found. - **400 Bad Request**: Invalid PURL or version format. ### Error Codes - **INVALID_SEMVER**: The provided semantic version (SemVer) is invalid or malformed. - **VERSION_NOT_FOUND**: The specific component version could not be found. - **NO_INFO**: No license information is available for the requested component. ``` -------------------------------- ### Get License Obligations Source: https://docs.scanoss.com/api-reference/license/get-compliance-obligations-and-usage-requirements-for-a-specific-license Retrieves compliance obligations and usage requirements for a specific license using its SPDX identifier or licenseRef. ```APIDOC ## Get License Obligations ### Description Returns structured OSADL compliance data including use cases, obligations, compatibility information, and patent hints for the specified license. ### Method GET ### Endpoint /v2/licenses/obligations ### Parameters #### Query Parameters - **id** (string) - Optional - SPDX identifier or licenseRef (e.g., "MIT", "licenseRef-GitLab-Enterprise") ### Response #### Success Response (200) - **obligations** (v2ObligationsResponse) - Structured compliance obligations and usage requirements from OSADL database. - **status** (v2StatusResponse) - Detailed response status. #### Response Example { "obligations": { "copyleft_clause": true, "patent_hints": false, "compatibility": [ "Apache-2.0" ], "depending_compatibility": [ "GPL-2.0-only" ], "incompatibility": [ "AGPL-3.0-only" ], "use_cases": [ { "name": "Binary delivery", "obligation_text": "You must provide the source code of any modifications or additions to the licensed software.", "obligation_json": "{\"Language\": \"en\", \"Action\": \"Provide\", \"Term\": \"SourceCode\"}" } ] }, "status": { "status": "SUCCESS", "message": "License obligations retrieved successfully.", "db": {}, "server": {} } } ``` -------------------------------- ### Get the status for a list of purls posted in the body Source: https://docs.scanoss.com/llms.txt Fetches the status information for a list of Package URLs (purls) provided in the request body. ```APIDOC ## POST /components/status/batch ### Description Gets the status for a list of purls posted in the body. ### Method POST ### Endpoint /components/status/batch ### Parameters #### Request Body - **purls** (array of strings) - Required - A list of Package URLs to check the status for. ```