Supply Chain Security API (TCA-0701) — Spectra Intelligence
The Supply Chain Security API provides programmatic access to the Spectra Assure Community platform. Use this API to search for software packages and retrieve detailed analysis reports for packages and their versions.
Search for Packages
The Search for Packages API allows you to search the Spectra Assure Community catalogue for information on one or more software packages. You can search by providing either a purl (package URL) or a package hash (SHA1 or SHA256).
The response contains a list of all software packages that match the search criteria, including package metadata, version information, quality assessments, and analysis results.
View OpenAPI SpecificationShow Details About a Package
The Show Package Details API allows you to retrieve detailed information about a software package specified in the request. By default, the response includes relevant package metadata and information about the latest published version of the software package.
The response includes package identity, owner verification status, publication history, download statistics, quality assessments, risk indicators, incident reports, vulnerabilities, and available artifacts.
View OpenAPI SpecificationShow Report for a Package Version
The Show Package Version Report API allows you to retrieve detailed information about a software package version specified in the request. The response contains the Spectra Assure Community analysis report for the requested package version.
The analysis report includes file details, analysis engine information, statistics on components and dependencies, license classifications, vulnerability details, quality metrics, policy violations, detection results, threat classifications, risk assessments, and behavioral indicators.
View OpenAPI Specification