Hi there!!
I am using the JFrog JavaScript library to scan some images, but I noticed that the API call does not return the same response as the CLI command:
jf docker scan IMAGE_NAME --watches xray_sp_scan --format json --vuln
const result = await jfrogClient.xray().scan().graph(payload, progress, () => {
...
}, "", WATCHES);The API call returns:
{
"component_id": "docker://xxx",
"package_type": "Docker",
"scan_id": "xxx",
"status": "completed",
"top_vuln_severity": "Scanned - No Issues",
"progress_percentage": 100
}While the CLI response is much longer. I am using the same API token and the same image:
{
"component_id": "generic://sha256:your_component_id//your_image_tag/manifest.json",
"package_type": "Oci",
"status": "completed",
"scan_id": "your_scan_id",
"vulnerabilities": [
{
"cves": [
{
"cve": "your_cve_id",
"cvss_v3_score": "your_cvss_v3_score",
"cvss_v3_vector": "your_cvss_v3_vector"
}
],
"summary": "your_summary",
"severity": "your_severity",
"components": {
"your_component_id": {
"impact_paths": [
[
{
"component_id": "generic://sha256:your_component_id//your_image_tag/manifest.json"
},
{
"component_id": "generic://sha256:your_component_id/your_tar_file.tar",
"full_path": "your_tar_file.tar"
},
{
"component_id": "your_component_id",
"full_path": "your_full_path"
}
]
]
}
}
}
]
}Could you please take a look and let me know if I am missing anything?
Hi there!!
I am using the JFrog JavaScript library to scan some images, but I noticed that the API call does not return the same response as the CLI command:
The API call returns:
{ "component_id": "docker://xxx", "package_type": "Docker", "scan_id": "xxx", "status": "completed", "top_vuln_severity": "Scanned - No Issues", "progress_percentage": 100 }While the CLI response is much longer. I am using the same API token and the same image:
{ "component_id": "generic://sha256:your_component_id//your_image_tag/manifest.json", "package_type": "Oci", "status": "completed", "scan_id": "your_scan_id", "vulnerabilities": [ { "cves": [ { "cve": "your_cve_id", "cvss_v3_score": "your_cvss_v3_score", "cvss_v3_vector": "your_cvss_v3_vector" } ], "summary": "your_summary", "severity": "your_severity", "components": { "your_component_id": { "impact_paths": [ [ { "component_id": "generic://sha256:your_component_id//your_image_tag/manifest.json" }, { "component_id": "generic://sha256:your_component_id/your_tar_file.tar", "full_path": "your_tar_file.tar" }, { "component_id": "your_component_id", "full_path": "your_full_path" } ] ] } } } ] }Could you please take a look and let me know if I am missing anything?