mcp4openapi 0.2.8 → 0.3.0

package/profiles/semgrep/openapi.yaml

@@ -0,0 +1,4706 @@
+components:
+  schemas:
+    protos.ai.v1.Autotriage:
+      properties:
+        feedback:
+          $ref: '#/components/schemas/protos.ai.v1.AutotriageFeedback'
+        id:
+          type: string
+        issueId:
+          type: string
+        matchBasedId:
+          type: string
+        memoryIdsReferenced:
+          items:
+            type: string
+          type: array
+        memoryIdsRendered:
+          items:
+            type: string
+          type: array
+        reason:
+          description: The reasoning for a false positive verdict, explaining why
+            you might want to ignore the finding. Empty string if verdict is true
+            positive.
+          type: string
+        verdict:
+          description: '
+
+            | value | description |
+
+            |-------|---------------|
+
+            | VERDICT_TRUE_POSITIVE |  |
+
+            | VERDICT_FALSE_POSITIVE |  |
+
+            | VERDICT_NO_VERDICT |  |
+
+
+            '
+          enum:
+          - VERDICT_TRUE_POSITIVE
+          - VERDICT_FALSE_POSITIVE
+          - VERDICT_NO_VERDICT
+          format: enum
+          type: string
+      type: object
+    protos.ai.v1.AutotriageFeedback:
+      properties:
+        autotriageId:
+          type: string
+        rating:
+          description: '
+
+            | value | description |
+
+            |-------|---------------|
+
+            | RATING_GOOD | Autotriage rated positively by a user. |
+
+            | RATING_BAD | Autotriage rated negatively by a user. |
+
+
+            '
+          enum:
+          - RATING_GOOD
+          - RATING_BAD
+          format: enum
+          type: string
+      type: object
+    protos.common.v1.FloatRange:
+      properties:
+        max:
+          description: End of the range
+          format: float
+          type: number
+        min:
+          description: Start of the range
+          format: float
+          type: number
+      title: Float Range
+      type: object
+    protos.common.v1.Policy:
+      properties:
+        id:
+          description: ID of the Policy.
+          example: '1'
+          format: uint64
+          type: string
+        isDefault:
+          description: When True, the Policy applies to all repositories.
+          example: true
+          type: boolean
+        name:
+          description: Name of the Policy.
+          example: Global Policy
+          type: string
+        productType:
+          description: 'Product type the Policy applies to.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | PRODUCT_TYPE_SAST | The product type for Code rules. |
+
+            | PRODUCT_TYPE_SECRETS | The product type for Secrets rules. |
+
+
+            '
+          enum:
+          - PRODUCT_TYPE_SAST
+          - PRODUCT_TYPE_SECRETS
+          example: PRODUCT_TYPE_SAST
+          format: enum
+          type: string
+        slug:
+          description: Sanitized machine-readable name of the Policy.
+          example: global_policy
+          type: string
+      title: Policy
+      type: object
+    protos.common.v1.ReviewComment:
+      properties:
+        externalDiscussionId:
+          description: External ID of the review comment or discussion thread.
+          type: string
+        externalNoteId:
+          description: External ID of the specific note in the review comment discussion
+            thread. Only applicable for GitLab.com, GitLab Self-Managed and Azure
+            DevOps.
+          type: string
+      type: object
+    protos.common.v1.Rule:
+      properties:
+        category:
+          description: Category the Rule is associated with.
+          example: security
+          type: string
+        confidence:
+          description: 'Confidence based on the Rule''s false-positive rate.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | CONFIDENCE_HIGH |  |
+
+            | CONFIDENCE_MEDIUM |  |
+
+            | CONFIDENCE_LOW |  |
+
+
+            '
+          enum:
+          - CONFIDENCE_HIGH
+          - CONFIDENCE_MEDIUM
+          - CONFIDENCE_LOW
+          example: CONFIDENCE_HIGH
+          format: enum
+          type: string
+        cweCategories:
+          description: The CWE associated with the Rule.
+          example:
+          - 'CWE-918: Server-Side Request Forgery (SSRF)'
+          items:
+            type: string
+          type: array
+        hasValidators:
+          description: When True, the secrets rule has validators.
+          type: boolean
+        id:
+          description: ID of the Rule.
+          format: uint64
+          type: string
+        languages:
+          description: Languages the Rule applies to.
+          example:
+          - python
+          items:
+            type: string
+          type: array
+        lastChangeAt:
+          description: Timestamp of when the Rule was last changed.
+          example: 2024-07-29 22:33:37.380293+00:00
+          format: date-time
+          type: string
+        lastChangeBy:
+          description: Username of who last changed the Rule.
+          type: string
+        owaspCategories:
+          description: Owasp categories the Rule is associated with.
+          example:
+          - 'A07: Cross-Site Scripting (XSS)'
+          items:
+            type: string
+          type: array
+        path:
+          description: Full path of the Rule.
+          example: python.rule.1
+          type: string
+        policyMode:
+          description: 'Mode behavior: Monitor / Comment / Block / Disabled
+            | value | description |
+            |-------|-------------|
+            | MODE_MONITOR | Monitor mode, silently report findings |
+            | MODE_COMMENT | Comment mode, leaves PR comments but does not block |
+            | MODE_BLOCK | Block mode, leaves PR comments and blocks PR |
+            | MODE_DISABLED | Disabled mode, not active |
+            '
+          enum:
+          - MODE_MONITOR
+          - MODE_COMMENT
+          - MODE_BLOCK
+          - MODE_DISABLED
+          example: MODE_BLOCK
+          format: enum
+          type: string
+        registryMaintainer:
+          description: The Registry maintainer associated with the Rule (if applicable).
+          example: semgrep
+          type: string
+        rulesets:
+          description: Rulesets to which the Rule belongs (if applicable).
+          example: []
+          items:
+            type: string
+          type: array
+        secretType:
+          description: The secret type (if applicable).
+          type: string
+        severity:
+          description: 'Severity level ("seriousness" of the finding)
+            | value | description |
+            |-------|-------------|
+            | SEVERITY_HIGH |  |
+            | SEVERITY_MEDIUM |  |
+            | SEVERITY_LOW |  |
+            | SEVERITY_CRITICAL |  |
+            '
+          enum:
+          - SEVERITY_HIGH
+          - SEVERITY_MEDIUM
+          - SEVERITY_LOW
+          - SEVERITY_CRITICAL
+          example: SEVERITY_HIGH
+          format: enum
+          type: string
+        source:
+          description: 'Source of the Rule
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | SOURCE_PRO | From Pro rules |
+
+            | SOURCE_COMMUNITY | From Semgrep Community rules |
+
+            | SOURCE_CUSTOM | From Custom rules |
+
+
+            '
+          enum:
+          - SOURCE_PRO
+          - SOURCE_COMMUNITY
+          - SOURCE_CUSTOM
+          example: SOURCE_COMMUNITY
+          format: enum
+          type: string
+        technologies:
+          description: Technologies the Rule is associated with.
+          example:
+          - django
+          - flask
+          items:
+            type: string
+          type: array
+        url:
+          description: The URL of the Rule.
+          type: string
+        vulnerabilityClass:
+          description: Vulnerability classes the Rule is associated with.
+          example: Improper Authentication
+          items:
+            type: string
+          type: array
+      title: Rule
+      type: object
+    protos.openapi.v1.AddProjectTagsResponse:
+      description: Successfully added tags to project.
+      properties:
+        project:
+          $ref: '#/components/schemas/protos.openapi.v1.Project'
+      required:
+      - projects
+      title: Add Project Tags Response
+      type: object
+    protos.openapi.v1.Assistant_Autofix:
+      description: Fix data generated by Semgrep Assistant
+      properties:
+        explanation:
+          description: 'DEPRECATED: This field is deprecated and will always be an
+            empty string. Find a description of how this fix works under `assistant.guidance`'
+          example: null
+          type: string
+        fix_code:
+          description: Source code that replaces all matched lines to fix this finding.
+            AI generated content, review carefully
+          example: cookie.setHttpOnly(true);\nresponse.addCookie(cookie);
+          type: string
+      title: Autofix
+      type: object
+    protos.openapi.v1.Assistant_Autotriage:
+      description: Triage recommendation generated by Semgrep Assistant
+      properties:
+        reason:
+          description: The reasoning for a `false_positive` verdict; this explains
+            why you might want to ignore the finding. Empty string if verdict is `true_positive`
+          example: The matched code is used for a non-security related feature.
+          type: string
+        verdict:
+          description: The verdict is `true_positive` if Assistant recommends fixing,
+            `false_positive` if Assistant recommends ignoring this finding. AI generated
+            decision, review carefully
+          enum:
+          - false_positive
+          - true_positive
+          example: false_positive
+          type: string
+      title: Autotriage
+      type: object
+    protos.openapi.v1.Assistant_Component:
+      description: Semgrep Assistant's guess as for what the matched source code's
+        purpose is
+      properties:
+        risk:
+          description: Component risk level
+          enum:
+          - high
+          - low
+          - neutral
+          example: high
+          type: string
+        tag:
+          description: Component tag
+          example: user data
+          type: string
+      title: Component
+      type: object
+    protos.openapi.v1.Assistant_Guidance:
+      description: Remediation guidance generated by Semgrep Assistant
+      properties:
+        instructions:
+          description: Step-by-step instructions explaining to a developer how to
+            fix the finding. AI generated content, review carefully
+          example: null
+          type: string
+        summary:
+          description: Short title explaining to a developer how to fix the finding.
+            AI generated content, review carefully
+          example: Use a template rendering engine such as EJS instead of string concatenation.
+          type: string
+      title: Guidance
+      type: object
+    protos.openapi.v1.BulkTriageRequest:
+      properties:
+        autotriage_verdict:
+          description: The autotriage verdict to filter by
+          enum:
+          - true_positive
+          - false_positive
+          example: true_positive
+          type: string
+        categories:
+          description: List of categories to filter by
+          example:
+          - security
+          - performance
+          items:
+            type: string
+          type: array
+        component_tags:
+          description: List of component tags to filter by
+          example:
+          - user authentication
+          - user data
+          items:
+            type: string
+          type: array
+        confidence:
+          description: List of confidence levels to filter by
+          enum:
+          - low
+          - medium
+          - high
+          example: high
+          type: string
+        dependencies:
+          description: Filter by dependency name. Only applies for sca findings.
+          example:
+          - lodash
+          - express
+          items:
+            type: string
+          type: array
+        deploymentSlug:
+          description: Deployment slug. Can be found at /deployments, or in your Settings
+            in the web UI.
+          type: string
+        epss_probability:
+          description: Filter by EPSS probability (likelihood of exploit). Only applies
+            for sca findings.
+          enum:
+          - low
+          - medium
+          - high
+          - none
+          example:
+          - high
+          - medium
+          items:
+            type: string
+          type: array
+        exposures:
+          description: Filter by exposure (reachability type). Only applies for sca
+            findings. Reachability is the ability of an attacker to access a vulnerability
+            in a system.
+          enum:
+          - reachable
+          - always_reachable
+          - conditionally_reachable
+          - unreachable
+          - unknown
+          example:
+          - reachable
+          - always_reachable
+          items:
+            type: string
+          type: array
+        include_historical:
+          description: Whether to include historical findings. Only applies for secrets
+            findings. Defaults to true.
+          example: true
+          type: boolean
+        issue_ids:
+          description: An array of issue IDs to act on. If this is not provided, an
+            issue filter should be provided.
+          example:
+          - 123
+          - 456
+          items:
+            format: uint32
+            type: integer
+          type: array
+        issue_type:
+          description: Type of findings to bulk triage.
+          enum:
+          - sast
+          - sca
+          - secrets
+          example: sca
+          type: string
+        limit:
+          default: 3000.0
+          description: Max number of issues to triage. Must be an integer between
+            1 and 3000. Defaults to 3000. When selecting findings to triage, Semgrep
+            will also triage findings with the same fingerprint on other branches.
+            As a result, the list of triaged issue_ids returned in the response may
+            be higher than the specified limit.
+          example: 100
+          format: uint32
+          type: integer
+        new_note:
+          description: The note to attach to the bulk triaged findings.
+          example: some note here
+          type: string
+        new_triage_reason:
+          description: The reason for triaging to a given triage state.
+          enum:
+          - acceptable_risk
+          - false_positive
+          - no_time
+          - no_triage_reason
+          example: acceptable_risk
+          type: string
+        new_triage_state:
+          description: The triage state you would like to bulk triage your findings
+            to.
+          enum:
+          - ignored
+          - reviewing
+          - fixing
+          - reopened
+          example: reopened
+          type: string
+        policies:
+          description: List of policy modes to filter by
+          example:
+          - rule-board-block
+          - rule-board-pr-comments
+          - rule-board-audit
+          items:
+            type: string
+          type: array
+        policy_mode:
+          description: List of policy modes to filter by
+          enum:
+          - monitor
+          - comment
+          - block
+          example:
+          - monitor
+          - block
+          items:
+            type: string
+          type: array
+        pro_only:
+          description: Filter by whether a finding is only available with Semgrep
+            Pro features. Only applies for sast findings.
+          example: true
+          type: boolean
+        project_tags:
+          description: List of project tags to filter by
+          example:
+          - my_project_tag_1
+          - my_project_tag_2
+          items:
+            type: string
+          type: array
+        ref:
+          description: Branch reference to filter by
+          example: refs/pull/1234/merge
+          type: string
+        repos:
+          description: List of repository names to filter by
+          example:
+          - myorg/repo1
+          - myorg/repo2
+          items:
+            type: string
+          type: array
+        repository_visibility:
+          description: Filter by repository visibility. Only applies for secrets findings.
+          enum:
+          - public
+          - private
+          - unknown
+          example:
+          - public
+          - private
+          items:
+            type: string
+          type: array
+        rules:
+          description: List of rule names to filter by
+          example:
+          - typescript.react.security.audit.react-no-refs.react-no-refs
+          - ajinabraham.njsscan.hardcoded_secrets.node_username
+          items:
+            type: string
+          type: array
+        ruleset:
+          description: List of Semgrep Registry rulesets to filter by
+          example:
+          - owasp-top-ten
+          - default
+          items:
+            type: string
+          type: array
+        secret_types:
+          description: Filter by type of secret (typically provider-related). Only
+            applies for secrets findings.
+          example:
+          - Github
+          - Heroku
+          - AWS
+          items:
+            type: string
+          type: array
+        severities:
+          description: List of severities to filter by
+          enum:
+          - low
+          - medium
+          - high
+          - critical
+          example:
+          - low
+          - high
+          items:
+            type: string
+          type: array
+        since:
+          description: 'Epoch timestamp in seconds. Filters using the relevant_since
+            field: the timestamp when this finding was detected by Semgrep (the first
+            time, or when reintroduced).'
+          example: 1717334400
+          type: string
+        status:
+          description: The status to filter by
+          enum:
+          - open
+          - fixed
+          - ignored
+          - reviewing
+          - fixing
+          example: open
+          type: string
+        transitivities:
+          description: Filter by transitivity of a dependency. Only applies for sca
+            findings.
+          enum:
+          - direct
+          - transitive
+          - unknown
+          example:
+          - transitive
+          - direct
+          items:
+            type: string
+          type: array
+        triage_reasons:
+          description: List of triage reasons to filter by
+          enum:
+          - acceptable_risk
+          - false_positive
+          - no_time
+          - no_triage_reason
+          example:
+          - acceptable_risk
+          - false_positive
+          items:
+            type: string
+          type: array
+        validation_state:
+          description: Filter by whether a secret could be validated. Only applies
+            for secrets findings.
+          enum:
+          - confirmed_valid
+          - confirmed_invalid
+          - validation_error
+          - no_validator
+          example:
+          - valid
+          - invalid
+          items:
+            type: string
+          type: array
+      required:
+      - deploymentSlug
+      - issue_type
+      title: Bulk Triage Request
+      type: object
+    protos.openapi.v1.BulkTriageResponse:
+      properties:
+        num_triaged:
+          description: Number of items updated
+          format: uint32
+          type: integer
+        triaged_issues:
+          description: List of triaged issue IDs
+          items:
+            format: uint32
+            type: integer
+          type: array
+      required:
+      - num_triaged
+      - triaged_issues
+      title: Bulk Triage Response
+      type: object
+    protos.openapi.v1.CreateSbomExportRequest:
+      properties:
+        deploymentId:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          example: 123
+          format: uint64
+          type: string
+        formatVersion:
+          $ref: '#/components/schemas/protos.sca.v1.SbomFormatVersion'
+        metadataComponentType:
+          default: SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_APPLICATION
+          description: 'Metadata component type for the SBOM export.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_APPLICATION |  |
+
+            | SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_FRAMEWORK |  |
+
+            | SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_LIBRARY |  |
+
+            | SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_CONTAINER |  |
+
+            | SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_PLATFORM |  |
+
+            | SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_OPERATING_SYSTEM |  |
+
+            | SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_DEVICE |  |
+
+            | SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_DEVICE_DRIVER |  |
+
+            | SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_FIRMWARE |  |
+
+            | SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_FILE |  |
+
+            | SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_MACHINE_LEARNING_MODEL |  |
+
+            | SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_DATA |  |
+
+
+            '
+          enum:
+          - SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_APPLICATION
+          - SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_FRAMEWORK
+          - SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_LIBRARY
+          - SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_CONTAINER
+          - SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_PLATFORM
+          - SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_OPERATING_SYSTEM
+          - SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_DEVICE
+          - SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_DEVICE_DRIVER
+          - SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_FIRMWARE
+          - SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_FILE
+          - SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_MACHINE_LEARNING_MODEL
+          - SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_DATA
+          example: SBOM_METADATA_COMPONENT_TYPE_CYCLONE_DX_V15_APPLICATION
+          format: enum
+          type: string
+        metadataSupplier:
+          $ref: '#/components/schemas/protos.sca.v1.SbomMetadataSupplier'
+        ref:
+          description: Branch to export SBOM for (Ex. ref=`refs/pull/1234/merge`).
+          example: refs/pull/1234/merge
+          type: string
+        repositoryId:
+          description: Repository ID to export SBOM for.
+          example: 123
+          format: uint64
+          type: string
+        sbomOutputFormat:
+          description: 'SBOM output format for the SBOM export.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | SBOM_OUTPUT_FORMAT_JSON |  |
+
+
+            '
+          enum:
+          - SBOM_OUTPUT_FORMAT_JSON
+          - SBOM_OUTPUT_FORMAT_CYCLONEDX
+          example: SBOM_OUTPUT_FORMAT_JSON
+          format: enum
+          type: string
+      required:
+      - deployment_id
+      title: Create Sbom Export Request
+      type: object
+    protos.openapi.v1.CreateSbomExportResponse:
+      properties:
+        taskToken:
+          description: Task token for the SBOM export job.
+          type: string
+      required:
+      - task_token
+      title: Create Sbom Export Response
+      type: object
+    protos.openapi.v1.CreateTicketRequest:
+      description: Create ticket request
+      properties:
+        autotriage_verdict:
+          description: The autotriage verdict to filter by
+          enum:
+          - true_positive
+          - false_positive
+          example: true_positive
+          type: string
+        categories:
+          description: List of categories to filter by
+          example:
+          - security
+          - performance
+          items:
+            type: string
+          type: array
+        component_tags:
+          description: List of component tags to filter by
+          example:
+          - user authentication
+          - user data
+          items:
+            type: string
+          type: array
+        confidence:
+          description: List of confidence levels to filter by
+          enum:
+          - low
+          - medium
+          - high
+          example: high
+          type: string
+        dependencies:
+          description: Filter by dependency name. Only applies for sca findings.
+          example:
+          - lodash
+          - express
+          items:
+            type: string
+          type: array
+        deploymentSlug:
+          description: Deployment slug. Can be found at `/deployments`, or in your
+            Settings in the web UI.
+          type: string
+        epss_probability:
+          description: Filter by EPSS probability (likelihood of exploit). Only applies
+            for sca findings.
+          enum:
+          - low
+          - medium
+          - high
+          - none
+          example:
+          - high
+          - medium
+          items:
+            type: string
+          type: array
+        exposures:
+          description: Filter by exposure (reachability type). Only applies for sca
+            findings. Reachability is the ability of an attacker to access a vulnerability
+            in a system.
+          enum:
+          - reachable
+          - always_reachable
+          - conditionally_reachable
+          - unreachable
+          - unknown
+          example:
+          - reachable
+          - always_reachable
+          items:
+            type: string
+          type: array
+        group_issues:
+          default: 'true'
+          description: Whether or not to group findings from the same rule and repository
+            into a single ticket. Defaults to true.
+          example: true
+          type: boolean
+        include_historical:
+          description: Whether to include historical findings. Only applies for secrets
+            findings. Defaults to true.
+          example: true
+          type: boolean
+        issue_ids:
+          description: An array of issue IDs to act on. If this is not provided, an
+            issue filter should be provided.
+          example:
+          - 123
+          - 456
+          items:
+            type: string
+          type: array
+        issue_type:
+          description: Type of findings to create tickets for.
+          enum:
+          - sast
+          - sca
+          - secrets
+          example: sca
+          type: string
+        jira_project_id:
+          description: Optional numeric Jira project ID to associate with the created
+            tickets. If not specified, defaults to the project configured in your
+            integration settings. You can fetch this ID using the Jira API.
+          example: 12345
+          type: string
+        limit:
+          default: 20.0
+          description: Max number of tickets to create. Must be an integer between
+            1 and 20. Defaults to 20
+          example: 20
+          format: uint32
+          type: integer
+        policies:
+          description: List of policy modes to filter by
+          example:
+          - rule-board-block
+          - rule-board-pr-comments
+          - rule-board-audit
+          items:
+            type: string
+          type: array
+        policy_mode:
+          description: List of policy modes to filter by
+          enum:
+          - monitor
+          - comment
+          - block
+          example:
+          - monitor
+          - block
+          items:
+            type: string
+          type: array
+        pro_only:
+          description: Filter by whether a finding is only available with Semgrep
+            Pro features. Only applies for sast findings.
+          example: true
+          type: boolean
+        project_tags:
+          description: List of project tags to filter by
+          example:
+          - my_project_tag_1
+          - my_project_tag_2
+          items:
+            type: string
+          type: array
+        ref:
+          description: Branch reference to filter by
+          example: refs/pull/1234/merge
+          type: string
+        repos:
+          description: List of repository names to filter by
+          example:
+          - myorg/repo1
+          - myorg/repo2
+          items:
+            type: string
+          type: array
+        repository_visibility:
+          description: Filter by repository visibility. Only applies for secrets findings.
+          enum:
+          - public
+          - private
+          - unknown
+          example:
+          - public
+          - private
+          items:
+            type: string
+          type: array
+        rules:
+          description: List of rule names to filter by
+          example:
+          - typescript.react.security.audit.react-no-refs.react-no-refs
+          - ajinabraham.njsscan.hardcoded_secrets.node_username
+          items:
+            type: string
+          type: array
+        ruleset:
+          description: List of Semgrep Registry rulesets to filter by
+          example:
+          - owasp-top-ten
+          - default
+          items:
+            type: string
+          type: array
+        secret_types:
+          description: Filter by type of secret (typically provider-related). Only
+            applies for secrets findings.
+          example:
+          - Github
+          - Heroku
+          - AWS
+          items:
+            type: string
+          type: array
+        severities:
+          description: List of severities to filter by
+          enum:
+          - low
+          - medium
+          - high
+          - critical
+          example:
+          - low
+          - high
+          items:
+            type: string
+          type: array
+        since:
+          description: 'Epoch timestamp in seconds. Filters using the relevant_since
+            field: the timestamp when this finding was detected by Semgrep (the first
+            time, or when reintroduced).'
+          example: 1717334400
+          type: string
+        status:
+          description: The status to filter by
+          enum:
+          - open
+          - fixed
+          - ignored
+          - reviewing
+          - fixing
+          example: open
+          type: string
+        transitivities:
+          description: Filter by transitivity of a dependency. Only applies for sca
+            findings.
+          enum:
+          - direct
+          - transitive
+          - unknown
+          example:
+          - transitive
+          - direct
+          items:
+            type: string
+          type: array
+        triage_reasons:
+          description: List of triage reasons to filter by
+          enum:
+          - acceptable_risk
+          - false_positive
+          - no_time
+          - no_triage_reason
+          example:
+          - acceptable_risk
+          - false_positive
+          items:
+            type: string
+          type: array
+        validation_state:
+          description: Filter by whether a secret could be validated. Only applies
+            for secrets findings.
+          enum:
+          - confirmed_valid
+          - confirmed_invalid
+          - validation_error
+          - no_validator
+          example:
+          - valid
+          - invalid
+          items:
+            type: string
+          type: array
+      required:
+      - deployment_slug
+      - issue_type
+      title: Create Ticket Request
+      type: object
+    protos.openapi.v1.CreateTicketResponse:
+      properties:
+        failed:
+          description: List of issues where ticket creation failed. This list may
+            include issues that were skipped because they exceed the specified limit.
+          items:
+            $ref: '#/components/schemas/protos.openapi.v1.CreateTicketResponse_TicketCreationFailed'
+          type: array
+        skipped:
+          description: List of issues that were skipped
+          items:
+            $ref: '#/components/schemas/protos.openapi.v1.CreateTicketResponse_TicketCreationSkipped'
+          type: array
+        succeeded:
+          description: List of successfully created tickets
+          items:
+            $ref: '#/components/schemas/protos.openapi.v1.CreateTicketResponse_TicketCreationSuccess'
+          type: array
+      type: object
+    protos.openapi.v1.CreateTicketResponse_TicketCreationFailed:
+      properties:
+        error:
+          description: The error message for the failure
+          type: string
+        issue_ids:
+          description: List of issue IDs
+          items:
+            format: uint32
+            type: integer
+          type: array
+      type: object
+    protos.openapi.v1.CreateTicketResponse_TicketCreationSkipped:
+      properties:
+        issue_ids:
+          description: List of issue IDs
+          items:
+            format: uint32
+            type: integer
+          type: array
+        reason:
+          description: The reason why the issue was skipped
+          type: string
+      type: object
+    protos.openapi.v1.CreateTicketResponse_TicketCreationSuccess:
+      properties:
+        external_slug:
+          description: The external slug identifier for the ticket
+          type: string
+        issue_ids:
+          description: List of issue IDs
+          items:
+            format: uint32
+            type: integer
+          type: array
+        ticket_id:
+          description: The ID of the created ticket
+          format: uint32
+          type: integer
+        ticket_url:
+          description: The URL of the created ticket
+          type: string
+      type: object
+    protos.openapi.v1.DeleteProjectResponse:
+      description: Successfully deleted the project.
+      properties:
+        project_name:
+          description: The name of the deleted project.
+          example: organization/project
+          type: string
+      required:
+      - projects
+      title: Delete Project Response
+      type: object
+    protos.openapi.v1.DeleteProjectTagsResponse:
+      description: Successfully removed tags from project.
+      properties:
+        project:
+          $ref: '#/components/schemas/protos.openapi.v1.Project'
+      required:
+      - projects
+      title: Delete Project Tags Response
+      type: object
+    protos.openapi.v1.DeleteTicketResponse:
+      properties:
+        issueIds:
+          description: List of issue IDs unlinked from ticket
+          example:
+          - '18759'
+          - '18760'
+          items:
+            type: string
+          type: array
+      type: object
+    protos.openapi.v1.Deployment:
+      description: Deployment record, with relevant meta-data and further accesses.
+      properties:
+        findings:
+          $ref: '#/components/schemas/protos.openapi.v1.EndpointReference'
+        id:
+          description: Unique numerical identifier of the deployment.
+          example: 120
+          format: uint32
+          type: number
+        name:
+          description: Human readable name.
+          example: Your Deployment
+          type: string
+        slug:
+          description: Sanitized machine-readable name. Used as primary identifier
+            through the web API.
+          example: your-deployment
+          type: string
+      required:
+      - slug
+      - id
+      - name
+      title: Deployment
+      type: object
+    protos.openapi.v1.DiffScan:
+      properties:
+        enabled:
+          description: When true, diff-aware scans are enabled for the project.
+          type: boolean
+      type: object
+    protos.openapi.v1.EndpointReference:
+      properties:
+        url:
+          description: URL that the reference is pointing to.
+          example: https://semgrep.dev/api/v1/deployments/123/findings
+          type: string
+      required:
+      - url
+      title: Endpoint Reference
+      type: object
+    protos.openapi.v1.ExternalTicket:
+      description: External ticket associated with finding
+      properties:
+        externalSlug:
+          description: Identifier of the external ticket
+          example: OPS-158
+          type: string
+        id:
+          description: External ticket id
+          format: uint32
+          type: integer
+        linkedIssueIds:
+          description: Semgrep issue ids that are linked to this external ticket
+          items:
+            format: uint32
+            type: integer
+          type: array
+        url:
+          description: URL of the external ticket
+          type: string
+      title: External Ticket
+      type: object
+    protos.openapi.v1.FindingLocation:
+      description: Location of the record in a file, as reported by Semgrep. If null,
+        then the information does not exist or lacks integrity (older or broken scans)
+      properties:
+        column:
+          description: Column at which the target starts
+          example: 8
+          format: uint32
+          type: integer
+        endColumn:
+          description: Column at which the target ends
+          example: 16
+          format: uint32
+          type: integer
+        endLine:
+          description: Line at which the target ends
+          example: 124
+          format: uint32
+          type: integer
+        filePath:
+          description: File path of the relevant line and column numbers
+          example: frontend/src/corpComponents/Code.tsx
+          type: string
+        line:
+          description: Line at which the target starts
+          example: 120
+          format: uint32
+          type: integer
+      title: Finding Location
+      type: object
+    protos.openapi.v1.FindingRepository:
+      description: Which repository this finding was identified in
+      properties:
+        name:
+          description: The repository or named project that the finding is associated
+            with
+          example: semgrep
+          type: string
+        url:
+          description: The source URL from which this repository last scanned
+          example: https://github.com/semgrep/semgrep
+          type: string
+      title: Finding Repository
+      type: object
+    protos.openapi.v1.FindingRule:
+      description: Rule that applies to this finding
+      properties:
+        category:
+          description: Category the rule is associated with
+          example: security
+          type: string
+        confidence:
+          description: Confidence level of the rule
+          enum:
+          - low
+          - medium
+          - high
+          example: high
+          type: string
+        cweNames:
+          description: CWE names associated with the rule
+          example:
+          - 'CWE-319: Cleartext Transmission of Sensitive Information'
+          items:
+            type: string
+          type: array
+        message:
+          description: Rule message
+          example: This link points to a plaintext HTTP URL. Prefer an encrypted HTTPS
+            URL if possible.
+          type: string
+        name:
+          description: Name of the rule
+          example: html.security.plaintext-http-link.plaintext-http-link
+          type: string
+        owaspNames:
+          description: OWASP names associated with the rule
+          example:
+          - A03:2017 - Sensitive Data Exposure
+          - A02:2021 - Cryptographic Failures
+          items:
+            type: string
+          type: array
+        subcategories:
+          description: Subcategories of the rule
+          example:
+          - vuln
+          items:
+            type: string
+          type: array
+        vulnerabilityClasses:
+          description: Vulnerability classes the rule is associated with
+          example:
+          - Mishandled Sensitive Information
+          items:
+            type: string
+          type: array
+      title: Finding Rule
+      type: object
+    protos.openapi.v1.FullScan:
+      properties:
+        enabled:
+          description: When true, weekly full scans are enabled.
+          type: boolean
+      type: object
+    protos.openapi.v1.GetBootstrapSmsVpcResponse:
+      properties:
+        AWSTemplateFormatVersion:
+          description: The AWSTemplateFormatVersion that the template conforms to
+          type: string
+        Description:
+          description: Template description
+          type: string
+        Metadata:
+          description: Template metadata including version and last updated date
+          type: object
+        Outputs:
+          description: Output values of the stack
+          type: object
+        Parameters:
+          description: Template parameters
+          type: object
+        Resources:
+          description: Declaration of AWS resources
+          type: object
+      type: object
+    protos.openapi.v1.GetProjectResponse:
+      description: Successfully retrieved details for the project.
+      properties:
+        project:
+          $ref: '#/components/schemas/protos.openapi.v1.Project'
+      required:
+      - projects
+      title: Get Project Response
+      type: object
+    protos.openapi.v1.GetSbomExportResponse:
+      properties:
+        downloadUrl:
+          description: URL to download the SBOM when status is COMPLETED.
+          type: string
+        errorMessage:
+          description: Error message when status is FAILED.
+          type: string
+        status:
+          description: 'Status of the SBOM export job.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | SBOM_EXPORT_STATUS_IN_PROGRESS | The SBOM export job is in progress.
+            |
+
+            | SBOM_EXPORT_STATUS_COMPLETED | The SBOM export job has completed. |
+
+            | SBOM_EXPORT_STATUS_FAILED | The SBOM export job has failed. |
+
+
+            '
+          enum:
+          - SBOM_EXPORT_STATUS_IN_PROGRESS
+          - SBOM_EXPORT_STATUS_COMPLETED
+          - SBOM_EXPORT_STATUS_FAILED
+          format: enum
+          type: string
+      required:
+      - status
+      title: Get Sbom Export Response
+      type: object
+    protos.openapi.v1.GetScanResponse:
+      properties:
+        completed_at:
+          description: imestamp of when the scan started.
+          example: 2023-11-18 23:28:12.391807+00:00
+          type: string
+        deployment_id:
+          description: The unique ID of the deployment associated with the scanned
+            repository.
+          example: 120
+          format: uint32
+          type: integer
+        enabled_products:
+          description: The products used when running the scan.
+          example:
+          - secrets
+          items:
+            type: string
+          type: array
+        exit_code:
+          format: uint32
+          type: integer
+        has_logs:
+          type: boolean
+        id:
+          description: The unique ID representing this scan.
+          example: 123
+          format: uint32
+          type: integer
+        meta:
+          $ref: '#/components/schemas/protos.openapi.v1.GetScanResponse_ScanMeta'
+        repository_id:
+          description: The unique ID of the repository that was scanned.
+          example: 1234567
+          format: uint32
+          type: integer
+        started_at:
+          description: when the scan was started
+          example: 2023-11-18 23:28:12.391807+00:00
+          type: string
+        stats:
+          description: Miscellaneous statistics about the scan, like number of findings
+            found and scan duration.
+          example:
+            findings: 5
+            total_time: 100
+          type: object
+      type: object
+    protos.openapi.v1.GetScanResponse_ScanMeta:
+      properties:
+        true:
+          description: What triggered this scan, if applicable.
+          example: pull_request
+          type: string
+        branch:
+          description: The branch that was scanned, if applicable.
+          example: refs/heads/main
+          type: string
+        commit:
+          description: The commit SHA associated with the scan, if applicable.
+          example: 94c5be1312a9da03b7c4bfcc1c50b4379c83412
+          type: string
+        config:
+          description: The path of the configuration file used for this scan, if applicable.
+          example: r/python
+          type: string
+        repo_url:
+          description: The URL of the scanned repository, if applicable.
+          example: https://github.com/semgrep/semgrep
+          type: string
+        ci_job_url:
+          description: The URL of the CI job that ran the scan, if applicable.
+          example: https://github.com/semgrep/semgrep/actions/runs/12345
+          type: string
+        repository:
+          description: The name and organization of the scanned repository, if applicable.
+          example: semgrep/semgrep
+          type: string
+        commit_title:
+          description: The commit message associated with the scan, if applicable.
+          example:
+            fix(feature): Added XYZ component
+          type: string
+        pull_request_id:
+          description: The ID of the pull request associated with the scan, if applicable.
+          example: 12345
+          type: string
+        pull_request_title:
+          description: The title of the pull request associated with the scan if applicable.
+          example:
+            fix(feature): Added XYZ component
+          type: string
+        commit_author_name:
+          description: The name of the author of the commit associated with the scan,
+            if applicable.
+          example: Sven Greppe
+          type: string
+        commit_author_image_url:
+          description: The avatar image url of the author of the commit associated
+            with the scan, if applicable.
+          example: https://github.com/link/to/avatar.png
+          type: string
+        commit_author_email:
+          description: The email of the author of the commit associated with the scan,
+            if applicable.
+          example: sven.greppe@semgrep.com
+          type: string
+        commit_author_username:
+          description: The username of the author of the commit associated with the
+            scan, if applicable.
+          example: SvenGreppe
+          type: string
+        pull_request_author_username:
+          description: The username of the author of the pull request associated with
+            the scan, if applicable.
+          example: SvenGreppe
+          type: string
+        pull_request_author_image_url:
+          description: The avatar image url of the author of the pull request associated
+            with the scan, if applicable.
+          example: https://github.com/link/to/avatar.png
+          type: string
+      type: object
+    protos.openapi.v1.ListDependenciesRequest:
+      properties:
+        cursor:
+          description: Cursor to paginate through the dependencies. Provide a cursor
+            value from the response to retrieve the next page.
+          format: uint64
+          type: string
+        dependencyFilter:
+          $ref: '#/components/schemas/protos.sca.v1.DependencyFilter'
+        deploymentId:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          example: 123
+          format: uint64
+          type: string
+        pageSize:
+          description: 'Number of dependencies per page. Default: 1000, min: 1, max:
+            10000.'
+          example: 1000
+          format: int64
+          maximum: 10000.0
+          minimum: 1.0
+          type: integer
+      required:
+      - deployment_id
+      title: List Dependencies Request
+      type: object
+    protos.openapi.v1.ListDependenciesResponse:
+      properties:
+        cursor:
+          description: Pass to next request to get next page of results.
+          format: uint64
+          type: string
+        dependencies:
+          description: List of dependencies.
+          example:
+          - id: '1'
+            name: dependency1
+            version: 1.0.0
+          - id: '2'
+            name: dependency2
+            version: 2.0.0
+          items:
+            $ref: '#/components/schemas/protos.sca.v1.FoundDependency'
+          type: array
+        hasMore:
+          description: True if there are more dependencies to get.
+          type: boolean
+      required:
+      - dependencies
+      - has_more
+      title: List Dependencies Response
+      type: object
+    protos.openapi.v1.ListDeploymentsResponse:
+      properties:
+        deployments:
+          description: Return the deployment the supplied token can access.
+          items:
+            $ref: '#/components/schemas/protos.openapi.v1.Deployment'
+          type: array
+      type: object
+    protos.openapi.v1.ListFindingsResponse:
+      description: Response containing a paginated list of findings (either Code or
+        Supply Chain findings) with optional filtering applied
+      properties:
+        sastFindings:
+          $ref: '#/components/schemas/protos.openapi.v1.ListFindingsResponse_SastFindings'
+        scaFindings:
+          $ref: '#/components/schemas/protos.openapi.v1.ListFindingsResponse_ScaFindings'
+      title: List Findings Response
+      type: object
+    protos.openapi.v1.ListFindingsResponse_SastFindings:
+      description: A list of Code findings that Semgrep has identified in your organization
+      properties:
+        findings:
+          description: A list of Code findings.
+          items:
+            $ref: '#/components/schemas/protos.openapi.v1.SastFinding'
+          type: array
+      title: Sast Findings
+      type: object
+    protos.openapi.v1.ListFindingsResponse_ScaFindings:
+      description: A list of Supply Chain findings that Semgrep has identified in
+        your organization
+      properties:
+        findings:
+          description: A list of Supply Chain findings.
+          items:
+            $ref: '#/components/schemas/protos.openapi.v1.ScaFinding'
+          type: array
+      title: Sca Findings
+      type: object
+    protos.openapi.v1.ListLockfilesForDependenciesRequest:
+      properties:
+        cursor:
+          description: Use cursor in response to get next page of results.
+          type: string
+        dependencyFilter:
+          $ref: '#/components/schemas/protos.sca.v1.DependencyFilter'
+        deploymentId:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          format: uint64
+          type: string
+        pageSize:
+          default: 5.0
+          description: 'Number of repositories per page. Default: 5, min: 1, max:
+            100.'
+          example: 100
+          format: uint32
+          maximum: 100.0
+          minimum: 1.0
+          type: integer
+        repositoryId:
+          description: Repository ID to filter by. Use Projects endpoints to retrieve
+            repository IDs.
+          format: uint64
+          type: string
+      required:
+      - deployment_id
+      - repository_id
+      title: List Lockfiles For Dependencies Request
+      type: object
+    protos.openapi.v1.ListLockfilesForDependenciesResponse:
+      properties:
+        cursor:
+          description: Pass to next request to get next page of results.
+          type: string
+        hasMore:
+          description: True if there are more lockfiles to get.
+          type: boolean
+        lockfileSummaries:
+          description: List of lockfiles.
+          items:
+            $ref: '#/components/schemas/protos.sca.v1.LockfileDependencySummary'
+          type: array
+      required:
+      - has_more
+      - lockfile_summaries
+      title: List Lockfiles For Dependencies Response
+      type: object
+    protos.openapi.v1.ListPoliciesResponse:
+      properties:
+        policies:
+          description: List of Policies associated with the given Deployment.
+          example:
+          - id: '1'
+            isDefault: true
+            name: Global Policy
+            productType: PRODUCT_TYPE_SAST
+            slug: global_policy
+          - id: '2'
+            isDefault: false
+            name: Semgrep test
+            productType: PRODUCT_TYPE_SAST
+            slug: semgrep_test
+          - id: '3'
+            isDefault: true
+            name: Global Secrets Policy
+            productType: PRODUCT_TYPE_SECRETS
+            slug: global_secrets_policy
+          items:
+            $ref: '#/components/schemas/protos.common.v1.Policy'
+          type: array
+      type: object
+    protos.openapi.v1.ListPolicyRulesResponse:
+      properties:
+        cursor:
+          description: Cursor to paginate through the rules.
+          example: Pm0ROjIwMjQtMDItMDYgMjA6MDQ6NDguMEDzNzk2fmk6NYTM2zUxOTI
+          type: string
+        policy:
+          $ref: '#/components/schemas/protos.common.v1.Policy'
+        rules:
+          description: List of Rules for the given Policy.
+          example:
+          - category: security
+            confidence: CONFIDENCE_HIGH
+            cweCategories:
+            - 'CWE-918: Server-Side Request Forgery (SSRF)'
+            id: '1'
+            languages:
+            - python
+            lastChangeAt: '2024-07-29T22:33:37.380293Z'
+            owaspCategories:
+            - 'A07: Cross-Site Scripting (XSS)'
+            path: python.rule.1
+            policyMode: MODE_MONITOR
+            registryMaintainer: semgrep
+            rulesets: []
+            severity: SEVERITY_HIGH
+            source: SOURCE_COMMUNITY
+            technologies:
+            - django
+            - flask
+            url: https://semgrep.com/r/123/python.rule.1
+            vulnerabilityClass:
+            - Improper Authentication
+          - category: security
+            confidence: CONFIDENCE_HIGH
+            cweCategories:
+            - 'CWE-918: Server-Side Request Forgery (SSRF)'
+            id: '2'
+            languages:
+            - python
+            lastChangeAt: '2024-07-29T22:33:37.380293Z'
+            owaspCategories:
+            - A01:2021 - Broken Access Control
+            - 'A07: Cross-Site Scripting (XSS)'
+            path: python.rule.shared
+            policyMode: MODE_COMMENT
+            registryMaintainer: semgrep
+            rulesets:
+            - comment
+            - default
+            severity: SEVERITY_MEDIUM
+            source: SOURCE_PRO
+            technologies:
+            - django
+            - flask
+            url: https://semgrep.com/r/123/python.rule.shared
+            vulnerabilityClass:
+            - Improper Authentication
+          - category: best-practice
+            confidence: CONFIDENCE_HIGH
+            cweCategories: []
+            id: '3'
+            languages:
+            - python
+            lastChangeAt: '2024-07-29T22:33:37.380293Z'
+            lastChangeBy: example-user
+            owaspCategories: []
+            path: python.rule.custom_rule
+            policyMode: MODE_BLOCK
+            registryMaintainer: semgrep
+            rulesets: []
+            severity: SEVERITY_MEDIUM
+            source: SOURCE_CUSTOM
+            technologies:
+            - django
+            - flask
+            url: https://semgrep.com/r/123/python.rule.custom_rule
+            vulnerabilityClass:
+            - Improper Authentication
+          items:
+            $ref: '#/components/schemas/protos.common.v1.Rule'
+          type: array
+      type: object
+    protos.openapi.v1.ListProjectsResponse:
+      description: Return the list of projects in an organization.
+      properties:
+        projects:
+          items:
+            $ref: '#/components/schemas/protos.openapi.v1.Project'
+          type: array
+      required:
+      - projects
+      title: List Projects Response
+      type: object
+    protos.openapi.v1.ListRepositoriesForDependenciesRequest:
+      properties:
+        cursor:
+          description: Use cursor in response to get next page of results.
+          format: uint32
+          type: number
+        dependencyFilter:
+          $ref: '#/components/schemas/protos.sca.v1.DependencyFilter'
+        deploymentId:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          format: uint64
+          type: string
+        pageSize:
+          default: 5.0
+          description: 'Number of repositories per page. Default: 5, min: 1, max:
+            100.'
+          example: 100
+          format: uint32
+          maximum: 100.0
+          minimum: 1.0
+          type: number
+      required:
+      - deployment_id
+      title: List Repositories For Dependencies Request
+      type: object
+    protos.openapi.v1.ListRepositoriesForDependenciesResponse:
+      properties:
+        cursor:
+          description: Pass to next request to get next page of results.
+          format: uint32
+          type: number
+        hasMore:
+          description: True if there are more repositories to get.
+          type: boolean
+        repositorySummaries:
+          description: List of repositories.
+          items:
+            $ref: '#/components/schemas/protos.sca.v1.RepositoryDependencySummary'
+          type: array
+      required:
+      - has_more
+      - repository_summaries
+      title: List Repositories For Dependencies Response
+      type: object
+    protos.openapi.v1.ListSecretsPathResponse:
+      properties:
+        cursor:
+          description: Cursor to paginate through the results.
+          type: string
+        findings:
+          description: List of Secrets associated with the given Deployment.
+          example:
+            cursor: Pm0ROjIwMjQtMDItMDYgMjA6MDQ6NDguMEDzNzk2fmk6NYTM2zUxOTI=
+            findings:
+            - confidence: CONFIDENCE_HIGH
+              createdAt: '2024-06-17T17:23:01.901204Z'
+              findingPath: src/ai.py:232
+              findingPathUrl: https://github.com/foo/bar/blob/6ad16b240d4b6ae5bd6e326dd71053c21344e311/src/ai.py#L232
+              id: '691234'
+              mode: MODE_MONITOR
+              ref: refs/pull/148/merge
+              refUrl: https://github.com/foo/bar/pull/148
+              repository:
+                name: foo/bar
+                scmType: SCM_TYPE_GITHUB
+                url: https://github.com/foo/bar
+                visibility: REPOSITORY_VISIBILITY_PRIVATE
+              reviewComments:
+              - externalDiscussionId: af0433345acfb74c8f9
+                externalNoteId: '5678'
+              ruleHashId: lBU41LA
+              severity: SEVERITY_HIGH
+              status: FINDING_STATUS_FIXED
+              type: OpenAI
+              updatedAt: '2024-06-20T17:33:00.669343Z'
+              validationState: VALIDATION_STATE_CONFIRMED_VALID
+            - confidence: CONFIDENCE_MEDIUM
+              createdAt: '2024-06-08T11:01:23.380293Z'
+              findingPath: config.yaml:801
+              findingPathUrl: https://github.com/foo/baz/blob/e2b6d5ca75d830e10f5f617481a66a981bd093c0/config.yaml#L801
+              id: '6881234'
+              mode: MODE_COMMENT
+              ref: develop
+              refUrl: https://github.com/foo/baz/tree/develop
+              repository:
+                name: foo/baz
+                scmType: SCM_TYPE_GITHUB
+                url: https://github.com/foo/baz
+                visibility: REPOSITORY_VISIBILITY_PRIVATE
+              reviewComments:
+              - externalDiscussionId: af0476223423b74c8f9
+                externalNoteId: '6789'
+              ruleHashId: pKUYdA
+              severity: SEVERITY_HIGH
+              status: FINDING_STATUS_IGNORED
+              type: Heroku
+              updatedAt: '2024-06-22T11:07:02.384500Z'
+              validationState: VALIDATION_STATE_CONFIRMED_INVALID
+          items:
+            $ref: '#/components/schemas/protos.secrets.v1.SecretsFinding'
+          type: array
+        previous:
+          description: Cursor to paginate backwards through the results.
+          type: string
+      type: object
+    protos.openapi.v1.ManagedScanConfig:
+      description: '[Beta] Configuration of Semgrep Managed Scans for the project,
+        if relevant.'
+      properties:
+        diff_scan:
+          $ref: '#/components/schemas/protos.openapi.v1.DiffScan'
+        full_scan:
+          $ref: '#/components/schemas/protos.openapi.v1.FullScan'
+      title: Managed Scan Config
+      type: object
+    protos.openapi.v1.PingResponse:
+      description: OK
+      properties: {}
+      title: Ping Response
+      type: object
+    protos.openapi.v1.Project:
+      description: A project in your organization that uses Semgrep.
+      properties:
+        created_at:
+          description: Time when this project was created.
+          example: 2020-11-18 23:28:12.391807+00:00
+          type: string
+        default_branch:
+          description: The default branch in the SCM.
+          example: refs/heads/main
+          type: string
+        id:
+          description: Unique ID of this project.
+          example: 1234567
+          format: uint32
+          type: number
+        latest_scan_at:
+          description: Time of latest scan, if there is one.
+          example: 2023-01-13 20:51:51.449081+00:00
+          type: string
+        managed_scan_config:
+          $ref: '#/components/schemas/protos.openapi.v1.ManagedScanConfig'
+        name:
+          description: Name of the project.
+          example: returntocorp/semgrep
+          type: string
+        primary_branch:
+          description: The primary branch of the project, if known.
+          example: refs/heads/custom-main
+          type: string
+        tags:
+          description: Tags associated to this project.
+          example:
+          - tag
+          items:
+            type: string
+          type: string
+        url:
+          description: URL of the project, if there is one.
+          example: https://github.com/returntocorp/semgrep
+          type: string
+      required:
+      - id
+      - name
+      - tags
+      title: Project
+      type: object
+    protos.openapi.v1.ReviewComment:
+      description: External review comment information associated with a finding
+      properties:
+        externalDiscussionId:
+          description: External ID of the review comment or discussion thread
+          example: af04762b69acfb74c8f9
+          type: string
+        externalNoteId:
+          description: External ID of the specific note in the review comment discussion
+            thread. Only applicable for GitLab.com, GitLab Self-Managed and Azure
+            DevOps
+          example: 123523
+          type: string
+      title: Review Comment
+      type: object
+    protos.openapi.v1.SastFinding:
+      description: A Code finding that Semgrep has identified in your organization
+      properties:
+        assistant:
+          $ref: '#/components/schemas/protos.openapi.v1.SastFinding_Assistant'
+        categories:
+          description: The categories of the finding as classified by the associated
+            rule metadata
+          example:
+          - security
+          items:
+            type: string
+          type: array
+        confidence:
+          description: Confidence of the finding, derived from the rule that triggered
+            it
+          enum:
+          - low
+          - medium
+          - high
+          example: medium
+          type: string
+        created_at:
+          description: The timestamp when this finding was created
+          example: 2020-11-18 23:28:12.391807+00:00
+          type: string
+        external_ticket:
+          $ref: '#/components/schemas/protos.openapi.v1.ExternalTicket'
+        first_seen_scan_id:
+          description: Unique ID of the Semgrep scan that first identified this finding
+          example: 1234
+          format: uint32
+          type: integer
+        id:
+          description: Unique ID of this finding
+          example: 1234567
+          format: uint32
+          type: integer
+        line_of_code_url:
+          description: The source URL including file and line number
+          example: https://github.com/semgrep/semgrep/blob/39f95450a7d4d70e54c9edbd109bed8210a36889/src/core_cli/Core_CLI.ml#L1
+          type: string
+        location:
+          $ref: '#/components/schemas/protos.openapi.v1.FindingLocation'
+        match_based_id:
+          description: ID calculated based on a finding's file path, rule identifier
+            and pattern, and index
+          example: 0f8c79a6f7e0ff2f908ff5bc366ae1548465069bae8892088051e1c3b4b12c6b8df37d5bcbb181eb868aa79f81f239d14bf2336d552786ab8ccdc7279adf07a6_1
+          type: string
+        ref:
+          description: External reference to the source of this finding (e.g. PR)
+          example: refs/pull/1234/merge
+          type: string
+        relevant_since:
+          description: The timestamp when this finding was detected by Semgrep (the
+            first time, or when reintroduced)
+          example: 2020-11-18 23:28:12.391807+00:00
+          type: string
+        repository:
+          $ref: '#/components/schemas/protos.openapi.v1.FindingRepository'
+        review_comments:
+          description: List of external review comment information associated with
+            a finding
+          items:
+            $ref: '#/components/schemas/protos.openapi.v1.ReviewComment'
+          type: array
+        rule:
+          $ref: '#/components/schemas/protos.openapi.v1.FindingRule'
+        rule_message:
+          description: Deprecated in favor of rule.message. Rule message at the time
+            of finding identification. Older findings may not have a value for this
+            field
+          example: null
+          type: string
+        rule_name:
+          description: Deprecated in favor of rule.name
+          example: typescript.react.security.audit.react-no-refs.react-no-refs
+          type: string
+        severity:
+          description: Severity of the finding, derived from the rule that triggered
+            it. Low is equivalent to INFO, Medium to WARNING, and High to ERROR
+          enum:
+          - low
+          - medium
+          - high
+          - critical
+          example: medium
+          type: string
+        sourcing_policy:
+          $ref: '#/components/schemas/protos.openapi.v1.SastFinding_PolicyReference'
+        state:
+          description: The finding's resolution state. Managed only by changes detected
+            at scan time, the `state` is combined with `triage_state` to ultimately
+            determine a final `status` which is exposed in the UI and API
+          enum:
+          - fixed
+          - muted
+          - removed
+          - unresolved
+          example: unresolved
+          type: string
+        state_updated_at:
+          description: When this issue's `state` (resolution state) was last updated,
+            as distinct from when the issue was triaged (`triaged_at`)
+          example: 2020-11-19 23:28:12.391807+00:00
+          type: string
+        status:
+          description: The finding's status as exposed in the UI. Status is a derived
+            property combining information from the finding `state` and `triage_state`.
+            The `triage_state` can be used to override the scan state if the finding
+            is still detected
+          enum:
+          - open
+          - fixed
+          - ignored
+          - reviewing
+          - fixing
+          - provisionally_ignored
+          example: open
+          type: string
+        syntactic_id:
+          description: ID calculated based on a finding's file path, rule identifier
+            and matched code, and index. Prefer `match_based_id`
+          example: 440eeface888e78afceac3dc7d4cc2cf
+          type: string
+        triage_comment:
+          description: The detailed comment provided during triage
+          example: This finding is from the test repo
+          type: string
+        triage_reason:
+          description: Reason provided when this issue was triaged
+          enum:
+          - acceptable_risk
+          - false_positive
+          - no_time
+          example: acceptable_risk
+          type: string
+        triage_state:
+          description: 'The finding''s triage state. Note: "reviewing" and "fixing"
+            are only in private beta. Set by the user and used along with state to
+            generate the final "status" viewable in the UI'
+          enum:
+          - untriaged
+          - ignored
+          - reopened
+          - reviewing
+          - fixing
+          - provisionally_ignored
+          example: untriaged
+          type: string
+        triaged_at:
+          description: When the finding was triaged
+          example: 2020-11-19 23:28:12.391807+00:00
+          type: string
+      title: Sast Finding
+      type: object
+    protos.openapi.v1.SastFinding_Assistant:
+      description: Semgrep Assistant data. Only present if Assistant is enabled
+      properties:
+        autofix:
+          $ref: '#/components/schemas/protos.openapi.v1.Assistant_Autofix'
+        autotriage:
+          $ref: '#/components/schemas/protos.openapi.v1.Assistant_Autotriage'
+        component:
+          $ref: '#/components/schemas/protos.openapi.v1.Assistant_Component'
+        guidance:
+          $ref: '#/components/schemas/protos.openapi.v1.Assistant_Guidance'
+      title: Assistant
+      type: object
+    protos.openapi.v1.SastFinding_PolicyReference:
+      description: Reference to a policy, with some basic information. If null, then
+        the information does not exist or lacks integrity (older or broken scans)
+      properties:
+        id:
+          description: Unique numerical identifier of the policy
+          example: 120
+          format: uint32
+          type: integer
+        name:
+          description: Human readable name
+          example: Default Policy
+          type: string
+        slug:
+          description: Sanitized machine-readable name
+          example: default-policy
+          type: string
+      title: Policy Reference
+      type: object
+    protos.openapi.v1.ScaFinding:
+      description: A Supply Chain finding that Semgrep has identified in your organization
+      properties:
+        categories:
+          description: The categories of the finding as classified by the associated
+            rule metadata
+          example:
+          - security
+          items:
+            type: string
+          type: array
+        confidence:
+          description: Confidence of the finding, derived from the rule that triggered
+            it
+          enum:
+          - low
+          - medium
+          - high
+          example: medium
+          type: string
+        created_at:
+          description: The timestamp when this finding was created
+          example: 2020-11-18 23:28:12.391807+00:00
+          type: string
+        epss_score:
+          $ref: '#/components/schemas/protos.openapi.v1.ScaFinding_EpssScore'
+        external_ticket:
+          $ref: '#/components/schemas/protos.openapi.v1.ExternalTicket'
+        first_seen_scan_id:
+          description: Unique ID of the Semgrep scan that first identified this finding
+          example: 1234
+          format: uint32
+          type: integer
+        fix_recommendations:
+          description: Recommendations for fixing the vulnerability
+          items:
+            $ref: '#/components/schemas/protos.openapi.v1.ScaFinding_FixRecommendation'
+          type: array
+        found_dependency:
+          $ref: '#/components/schemas/protos.openapi.v1.ScaFinding_FoundDependency'
+        id:
+          description: Unique ID of this finding
+          example: 1234567
+          format: uint32
+          type: integer
+        is_malicious:
+          description: True if the finding is from a malicious dependency
+          example: true
+          type: bool
+        line_of_code_url:
+          description: The source URL including file and line number
+          example: https://github.com/semgrep/semgrep/blob/39f95450a7d4d70e54c9edbd109bed8210a36889/src/core_cli/Core_CLI.ml#L1
+          type: string
+        location:
+          $ref: '#/components/schemas/protos.openapi.v1.FindingLocation'
+        match_based_id:
+          description: ID calculated based on a finding's file path, rule identifier
+            and pattern, and index
+          example: 0f8c79a6f7e0ff2f908ff5bc366ae1548465069bae8892088051e1c3b4b12c6b8df37d5bcbb181eb868aa79f81f239d14bf2336d552786ab8ccdc7279adf07a6_1
+          type: string
+        reachability:
+          description: Indicates whether the vulnerable code is reachable
+          enum:
+          - no reachability analysis
+          - reachable
+          - always reachable
+          - conditionally reachable
+          - unreachable
+          example: reachable
+          type: string
+        reachable_condition:
+          description: Description of the condition under which the vulnerability
+            becomes reachable. Applies to conditionally reachable findings
+          example: you use the package on a host running Linux or MacOS
+          type: string
+        ref:
+          description: External reference to the source of this finding (e.g. PR)
+          example: refs/pull/1234/merge
+          type: string
+        relevant_since:
+          description: The timestamp when this finding was detected by Semgrep (the
+            first time, or when reintroduced)
+          example: 2020-11-18 23:28:12.391807+00:00
+          type: string
+        repository:
+          $ref: '#/components/schemas/protos.openapi.v1.FindingRepository'
+        review_comments:
+          description: List of external review comment information associated with
+            a finding
+          items:
+            $ref: '#/components/schemas/protos.openapi.v1.ReviewComment'
+          type: array
+        rule:
+          $ref: '#/components/schemas/protos.openapi.v1.FindingRule'
+        rule_message:
+          description: Deprecated in favor of rule.message. Rule message at the time
+            of finding identification. Older findings may not have a value for this
+            field
+          example: null
+          type: string
+        rule_name:
+          description: Deprecated in favor of rule.name
+          example: typescript.react.security.audit.react-no-refs.react-no-refs
+          type: string
+        severity:
+          description: Severity of the finding, derived from the rule that triggered
+            it. Low is equivalent to INFO, Medium to WARNING, and High to ERROR
+          enum:
+          - low
+          - medium
+          - high
+          - critical
+          example: medium
+          type: string
+        state:
+          description: The finding's resolution state. Managed only by changes detected
+            at scan time, the `state` is combined with `triage_state` to ultimately
+            determine a final `status` which is exposed in the UI and API
+          enum:
+          - fixed
+          - muted
+          - removed
+          - unresolved
+          example: unresolved
+          type: string
+        state_updated_at:
+          description: When this issue's `state` (resolution state) was last updated,
+            as distinct from when the issue was triaged (`triaged_at`)
+          example: 2020-11-19 23:28:12.391807+00:00
+          type: string
+        status:
+          description: The finding's status as exposed in the UI. Status is a derived
+            property combining information from the finding `state` and `triage_state`.
+            The `triage_state` can be used to override the scan state if the finding
+            is still detected
+          enum:
+          - open
+          - fixed
+          - ignored
+          - reviewing
+          - fixing
+          - provisionally_ignored
+          example: open
+          type: string
+        syntactic_id:
+          description: ID calculated based on a finding's file path, rule identifier
+            and matched code, and index. Prefer `match_based_id`
+          example: 440eeface888e78afceac3dc7d4cc2cf
+          type: string
+        triage_comment:
+          description: The detailed comment provided during triage
+          example: This finding is from the test repo
+          type: string
+        triage_reason:
+          description: Reason provided when this issue was triaged
+          enum:
+          - acceptable_risk
+          - false_positive
+          - no_time
+          example: acceptable_risk
+          type: string
+        triage_state:
+          description: 'The finding''s triage state. Note: "reviewing" and "fixing"
+            are only in private beta. Set by the user and used along with state to
+            generate the final "status" viewable in the UI'
+          enum:
+          - untriaged
+          - ignored
+          - reopened
+          - reviewing
+          - fixing
+          - provisionally_ignored
+          example: untriaged
+          type: string
+        triaged_at:
+          description: When the finding was triaged
+          example: 2020-11-19 23:28:12.391807+00:00
+          type: string
+        usage:
+          $ref: '#/components/schemas/protos.openapi.v1.ScaFinding_Usage'
+        vulnerability_identifier:
+          description: Identifier of the vulnerability in the vulnerability database
+          example: CVE-2021-24112
+          type: string
+      title: Sca Finding
+      type: object
+    protos.openapi.v1.ScaFinding_EpssScore:
+      description: The score assigned by FIRST.org's Exploitation Probability Scoring
+        System
+      properties:
+        percentile:
+          description: This EPSS score's percentile among all EPSS scores, from 0
+            to 1
+          example: 0.994
+          format: float
+          type: number
+        score:
+          description: The explotation probability, from 0 to 1
+          example: 0.97
+          format: float
+          type: number
+      title: Epss Score
+      type: object
+    protos.openapi.v1.ScaFinding_FixRecommendation:
+      description: Recommendation for fixing the vulnerability
+      properties:
+        package:
+          description: The package for which a fix is recommended
+          example: System.Drawing.Common
+          type: string
+        version:
+          description: The recommended version of the package
+          example: 5.0.3
+          type: string
+      title: Fix Recommendation
+      type: object
+    protos.openapi.v1.ScaFinding_FoundDependency:
+      description: Information about the vulnerable package that was found in the
+        codebase
+      properties:
+        ecosystem:
+          default: no_package_manager
+          description: Ecosystem of the package
+          enum:
+          - no_package_manager
+          - npm
+          - pypi
+          - gomod
+          - cargo
+          - maven
+          - gem
+          - composer
+          - nuget
+          - pub
+          - swiftpm
+          - hex
+          example: npm
+          type: string
+        lockfile_line_url:
+          description: URL to the specific line in the lockfile where the dependency
+            is listed
+          example: https://github.com/yourorg/yourrepo/blob/main/package-lock.json#L25
+          type: string
+        package:
+          description: Name of the package that contains the vulnerability
+          example: System.Drawing.Common
+          type: string
+        transitivity:
+          description: Indicates whether the dependency is direct or transitive
+          enum:
+          - direct
+          - transitive
+          - unknown
+          example: direct
+          type: string
+        version:
+          description: Version of the package that was found to be vulnerable
+          example: 5.0.0
+          type: string
+      title: Found Dependency
+      type: object
+    protos.openapi.v1.ScaFinding_Usage:
+      description: Usage of the vulnerable package in the codebase. Applies to reachable
+        findings
+      properties:
+        external_ticket:
+          $ref: '#/components/schemas/protos.openapi.v1.ExternalTicket'
+        location:
+          $ref: '#/components/schemas/protos.openapi.v1.FindingLocation'
+      title: Usage
+      type: object
+    protos.openapi.v1.SearchScansRequest:
+      properties:
+        branch:
+          description: Only get scans from the specified branch
+          type: string
+        cursor:
+          description: Cursor to paginate through the results
+          type: string
+        deploymentId:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          example: 123
+          format: uint64
+          type: string
+        is_full_scan:
+          description: Only get scans that are full scans (if false, only get diff
+            scans)
+          type: integer
+        limit:
+          description: Page size to paginate through the results (default is 100,
+            max is 500)
+          type: integer
+        products:
+          description: 'Only get scans that have these enabled products
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | PRODUCT_SAST |  |
+
+            | PRODUCT_SCA |  |
+
+            | PRODUCT_SECRETS |  |
+
+            | PRODUCT_AI_SAST |  |
+
+
+            '
+          enum:
+          - PRODUCT_SAST
+          - PRODUCT_SCA
+          - PRODUCT_SECRETS
+          - PRODUCT_AI_SAST
+          items:
+            enum:
+            - PRODUCT_UNSPECIFIED
+            - PRODUCT_SAST
+            - PRODUCT_SCA
+            - PRODUCT_SECRETS
+            - PRODUCT_AI_SAST
+            format: enum
+            type: string
+          type: array
+        repository_id:
+          description: Only get scans for this repo
+          type: integer
+        since:
+          description: Only get scans created after this time. Provide time in ISO
+            8601 format.
+          format: date-time
+          type: string
+        statuses:
+          description: 'Only get scans that have one of these statuses
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | SCAN_STATUS_RUNNING | The scan is currently running |
+
+            | SCAN_STATUS_COMPLETED | The scan has completed successfully (0 or 1
+            exit code) |
+
+            | SCAN_STATUS_ERROR | The scan has exited with a failure (exit code not
+            0 or 1) |
+
+            | SCAN_STATUS_NEVER_FINISHED | The scan did not report an error or success
+            after over an hour |
+
+
+            '
+          enum:
+          - SCAN_STATUS_RUNNING
+          - SCAN_STATUS_COMPLETED
+          - SCAN_STATUS_ERROR
+          - SCAN_STATUS_NEVER_FINISHED
+          items:
+            enum:
+            - SCAN_STATUS_UNSPECIFIED
+            - SCAN_STATUS_RUNNING
+            - SCAN_STATUS_COMPLETED
+            - SCAN_STATUS_ERROR
+            - SCAN_STATUS_NEVER_FINISHED
+            format: enum
+            type: string
+          type: integer
+        total_time:
+          $ref: '#/components/schemas/protos.common.v1.FloatRange'
+      required:
+      - deployment_id
+      title: Search Scans Request
+      type: object
+    protos.openapi.v1.SearchScansResponse:
+      properties:
+        cursor:
+          description: Cursor to retrieve the next page of results.
+          type: string
+        scans:
+          description: List of scans.
+          items:
+            $ref: '#/components/schemas/protos.scan.v1.ScanPublic'
+          type: array
+      type: object
+    protos.openapi.v1.ToggleProjectManagedScanResponse:
+      description: Successfully updated managed scan settings for project.
+      properties:
+        project:
+          $ref: '#/components/schemas/protos.openapi.v1.Project'
+      required:
+      - projects
+      title: Toggle Project Managed Scan Response
+      type: object
+    protos.openapi.v1.UpdatePolicyResponse:
+      properties:
+        policyId:
+          description: 'Policy ID (numeric). Example: `456`. Can be found at `/deployments/{deploymentId}/policies`.'
+          example: '1'
+          format: uint64
+          type: string
+        updatedRule:
+          $ref: '#/components/schemas/protos.common.v1.Rule'
+      type: object
+    protos.openapi.v1.UpdateProjectResponse:
+      description: Successfully updated details for the project.
+      properties:
+        project:
+          $ref: '#/components/schemas/protos.openapi.v1.Project'
+      required:
+      - projects
+      title: Update Project Response
+      type: object
+    protos.sca.v1.CodeLocation:
+      description: Specific location in a file.
+      properties:
+        committedAt:
+          description: Timestamp when code file was last modified, if available.
+          format: date-time
+          type: string
+        endCol:
+          description: Ending column number (1 indexed).
+          type: string
+        endLine:
+          description: Ending line number (1 indexed).
+          type: string
+        path:
+          description: Path to a file.
+          type: string
+        startCol:
+          description: Starting column number (1 indexed).
+          type: string
+        startLine:
+          description: Starting line number (1 indexed).
+          type: string
+        url:
+          description: URL to code location if available, otherwise empty.
+          type: string
+      type: object
+    protos.sca.v1.Dependency:
+      description: A specific dependency.
+      properties:
+        name:
+          description: String identifier of dependency
+          type: string
+        versionSpecifier:
+          description: Version specifier of dependency.
+          type: string
+      type: object
+    protos.sca.v1.DependencyFilter:
+      description: Object to provide dependency details to filter by.
+      properties:
+        ecosystem:
+          description: 'Filter by ecosystem (e.g. npm, pypi, etc).
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | no_package_manager |  |
+
+            | npm |  |
+
+            | pypi |  |
+
+            | gomod |  |
+
+            | cargo |  |
+
+            | maven |  |
+
+            | gem |  |
+
+            | composer |  |
+
+            | nuget |  |
+
+            | pub |  |
+
+            | swiftpm |  |
+
+            | hex |  |
+
+
+            '
+          enum:
+          - no_package_manager
+          - npm
+          - pypi
+          - gomod
+          - cargo
+          - maven
+          - gem
+          - composer
+          - nuget
+          - pub
+          - swiftpm
+          - hex
+          items:
+            enum:
+            - no_package_manager
+            - npm
+            - pypi
+            - gomod
+            - cargo
+            - maven
+            - gem
+            - composer
+            - nuget
+            - pub
+            - swiftpm
+            - hex
+            format: enum
+            type: string
+          type: array
+        license:
+          description: Filter by license (e.g. MIT).
+          items:
+            type: string
+          type: array
+        licensePolicySetting:
+          description: 'Filter by license policy setting outcome. DEPRECATED -- use
+            license_policy_settings instead.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | LICENSE_POLICY_SETTING_ALLOW |  |
+
+            | LICENSE_POLICY_SETTING_COMMENT |  |
+
+            | LICENSE_POLICY_SETTING_BLOCK |  |
+
+
+            '
+          enum:
+          - LICENSE_POLICY_SETTING_ALLOW
+          - LICENSE_POLICY_SETTING_COMMENT
+          - LICENSE_POLICY_SETTING_BLOCK
+          format: enum
+          type: string
+        licensePolicySettings:
+          description: 'Filter by license policy setting outcome.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | LICENSE_POLICY_SETTING_ALLOW |  |
+
+            | LICENSE_POLICY_SETTING_COMMENT |  |
+
+            | LICENSE_POLICY_SETTING_BLOCK |  |
+
+
+            '
+          enum:
+          - LICENSE_POLICY_SETTING_ALLOW
+          - LICENSE_POLICY_SETTING_COMMENT
+          - LICENSE_POLICY_SETTING_BLOCK
+          items:
+            enum:
+            - LICENSE_POLICY_SETTING_UNSPECIFIED
+            - LICENSE_POLICY_SETTING_ALLOW
+            - LICENSE_POLICY_SETTING_COMMENT
+            - LICENSE_POLICY_SETTING_BLOCK
+            format: enum
+            type: string
+          type: array
+        lockfilePath:
+          description: Filter by path to the lockfile (e.g. `foo/bar/package-lock.json`).
+          type: string
+        name:
+          description: Filter by dependency name (e.g. lodash).
+          type: string
+        repositoryId:
+          description: "Repository IDs (numeric) to filter by. Omit if the endpoint
+            has Repository ID as a path parameter.\n Use Projects endpoints to retrieve
+            Repository IDs."
+          items:
+            format: uint32
+            type: integer
+          type: array
+        transitivity:
+          description: 'Filter by transitivity.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | UNKNOWN_TRANSITIVITY |  |
+
+            | TRANSITIVE |  |
+
+            | DIRECT |  |
+
+
+            '
+          enum:
+          - UNKNOWN_TRANSITIVITY
+          - TRANSITIVE
+          - DIRECT
+          items:
+            enum:
+            - UNKNOWN_TRANSITIVITY
+            - TRANSITIVE
+            - DIRECT
+            format: enum
+            type: string
+          type: array
+        version:
+          description: Filter by dependency version (e.g. 1.0.1).
+          type: string
+      type: object
+    protos.sca.v1.FoundDependency:
+      properties:
+        definedAt:
+          allOf:
+          - $ref: '#/components/schemas/protos.sca.v1.CodeLocation'
+          description: Path and line number dependency is declared in.
+        ecosystem:
+          description: 'The ecosystem the dependency is in (e.g. pypi, npm, etc).
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | no_package_manager |  |
+
+            | npm |  |
+
+            | pypi |  |
+
+            | gomod |  |
+
+            | cargo |  |
+
+            | maven |  |
+
+            | gem |  |
+
+            | composer |  |
+
+            | nuget |  |
+
+            | pub |  |
+
+            | swiftpm |  |
+
+            | hex |  |
+
+
+            '
+          enum:
+          - no_package_manager
+          - npm
+          - pypi
+          - gomod
+          - cargo
+          - maven
+          - gem
+          - composer
+          - nuget
+          - pub
+          - swiftpm
+          - hex
+          format: enum
+          type: string
+        licenses:
+          description: Licenses the dependency is using.
+          items:
+            type: string
+          type: array
+        manifestDefinition:
+          allOf:
+          - $ref: '#/components/schemas/protos.sca.v1.CodeLocation'
+          description: Path to the manifest file that defines the subproject containing
+            this dependency
+        package:
+          allOf:
+          - $ref: '#/components/schemas/protos.sca.v1.Dependency'
+          description: What the dependency is.
+        repositoryId:
+          description: ID of repository dependency is found in.
+          type: string
+        resolvedUrl:
+          description: The resolved URL of the dependency. Could point to a compressed
+            source code directory (e.g. tarball), source code repository, or a package
+            manager cache directory. May be empty if the package manager doesn't supply
+            a URL.
+          type: string
+        transitivity:
+          description: 'Whether dependency is direct or transitive.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | UNKNOWN_TRANSITIVITY |  |
+
+            | TRANSITIVE |  |
+
+            | DIRECT |  |
+
+
+            '
+          enum:
+          - UNKNOWN_TRANSITIVITY
+          - TRANSITIVE
+          - DIRECT
+          format: enum
+          type: string
+      type: object
+    protos.sca.v1.LockfileDependencySummary:
+      properties:
+        lockfilePath:
+          description: Path to lockfile (e.g. foo/bar/package-lock.json).
+          type: string
+        numDependencies:
+          description: Total number of dependencies in the lockfile.
+          format: uint32
+          type: integer
+      type: object
+    protos.sca.v1.RepositoryDependencySummary:
+      properties:
+        hasDependencyPathScan:
+          description: "True if the repository has been scanned with the `hasPathToTransitivityInScans`
+            feature flag\n which means it will have dependency graph data in DGraph
+            available to query"
+          type: boolean
+        id:
+          description: ID of repository.
+          format: uint32
+          type: integer
+        name:
+          description: Name of repository.
+          type: string
+        numDependencies:
+          description: Total number of dependencies in the repository.
+          format: uint32
+          type: integer
+      type: object
+    protos.sca.v1.SbomFormatVersion:
+      properties:
+        format:
+          default: SBOM_FORMAT_CYCLONEDX
+          description: 'Format for the SBOM export.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | SBOM_FORMAT_CYCLONEDX |  |
+
+
+            '
+          enum:
+          - SBOM_FORMAT_CYCLONEDX
+          format: enum
+          type: string
+        version:
+          default: '1.5'
+          description: Version of the SBOM format.
+          type: string
+      type: object
+    protos.sca.v1.SbomMetadataContact:
+      properties:
+        email:
+          type: string
+        name:
+          type: string
+        phone:
+          type: string
+      type: object
+    protos.sca.v1.SbomMetadataSupplier:
+      properties:
+        contact:
+          $ref: '#/components/schemas/protos.sca.v1.SbomMetadataContact'
+        name:
+          type: string
+        url:
+          type: string
+      type: object
+    protos.scan.v1.ScanFindingsCounts:
+      properties:
+        code:
+          description: Total number of Code findings in the scan
+          example: 2
+          format: uint64
+          type: string
+        secrets:
+          description: Total number of Secrets findings in the scan
+          example: 1
+          format: uint64
+          type: string
+        supply_chain:
+          description: Total number of Supply Chain findings in the scan
+          example: 1
+          format: uint64
+          type: string
+        total:
+          description: Total number of findings in the scan
+          example: 4
+          format: uint64
+          type: string
+      type: object
+    protos.scan.v1.ScanPublic:
+      properties:
+        branch:
+          description: The scanned branch
+          example: main
+          type: string
+        commit:
+          description: The commit hash that was scanned
+          example: 6d3de02545f820febf2af9820568fa5f697d4087
+          type: string
+        completed_at:
+          description: The timestamp when this scan completed (if it has completed).
+          example: 2020-11-18 23:30:10.216670+00:00
+          format: date-time
+          type: string
+        deployment_id:
+          description: Unique identifier for the deployment of the scan.
+          format: uint64
+          type: string
+        enabled_products:
+          description: The products used when running the scan.
+          example:
+          - secrets
+          items:
+            type: string
+          type: array
+        exit_code:
+          description: The exit_code of the scan (see https://semgrep.dev/docs/cli-reference#exit-codes)
+          example: 0
+          format: int64
+          type: string
+        findings_counts:
+          $ref: '#/components/schemas/protos.scan.v1.ScanFindingsCounts'
+        id:
+          description: ID of the scan.
+          format: uint64
+          type: string
+        is_full_scan:
+          description: Whether the scan was a full scan (true) or a diff scan (false)
+          example: true
+          type: boolean
+        repository_id:
+          description: Unique identifier for the repository of the scan.
+          format: uint64
+          type: string
+        started_at:
+          description: The timestamp when this scan started.
+          example: 2020-11-18 23:28:12.391807+00:00
+          format: date-time
+          type: string
+        status:
+          description: 'The current status of the scan
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | SCAN_STATUS_RUNNING | The scan is currently running |
+
+            | SCAN_STATUS_COMPLETED | The scan has completed successfully (0 or 1
+            exit code) |
+
+            | SCAN_STATUS_ERROR | The scan has exited with a failure (exit code not
+            0 or 1) |
+
+            | SCAN_STATUS_NEVER_FINISHED | The scan did not report an error or success
+            after over an hour |
+
+
+            '
+          enum:
+          - SCAN_STATUS_RUNNING
+          - SCAN_STATUS_COMPLETED
+          - SCAN_STATUS_ERROR
+          - SCAN_STATUS_NEVER_FINISHED
+          example: SCAN_STATUS_RUNNING
+          format: enum
+          type: string
+        total_time:
+          description: Duration of scan, in seconds
+          example: 17.32
+          format: float
+          type: number
+      type: object
+    protos.secrets.v1.HistoricalInfo:
+      properties:
+        gitBlob:
+          description: "Git blob at which the finding is present. Sent in addition
+            to the commit\n since some SCMs have permalinks which use the blob sha,
+            so this information\n is useful when generating links back to the SCM."
+          type: string
+        gitCommit:
+          description: "Git commit at which the finding is present. Used by \"historical\"
+            scans,\n which scan non-HEAD commits in the git history. Relevant for
+            finding, e.g.,\n secrets which are buried in the git history which we
+            wouldn't find at HEAD"
+          type: string
+        gitCommitTimestamp:
+          format: date-time
+          type: string
+      type: object
+    protos.secrets.v1.SecretsFinding:
+      description: A Finding represents a single secret finding.
+      properties:
+        autotriage:
+          allOf:
+          - $ref: '#/components/schemas/protos.ai.v1.Autotriage'
+          description: "* Autotriage info for the finding.\n This is used for the
+            Generic Secrets Detection project, for\n autotriaging secrets findings
+            with LLMs"
+        confidence:
+          description: 'Confidence of the finding.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | CONFIDENCE_HIGH |  |
+
+            | CONFIDENCE_MEDIUM |  |
+
+            | CONFIDENCE_LOW |  |
+
+
+            '
+          enum:
+          - CONFIDENCE_HIGH
+          - CONFIDENCE_MEDIUM
+          - CONFIDENCE_LOW
+          format: enum
+          type: string
+        createdAt:
+          description: Creation timestamp.
+          format: date-time
+          type: string
+        externalTicket:
+          allOf:
+          - $ref: '#/components/schemas/protos.ticketing.v1.ExternalTicket'
+          description: The external ticket reference
+        findingPath:
+          description: File path where the finding was detected.
+          type: string
+        findingPathUrl:
+          description: URL to the file where the finding was detected.
+          type: string
+        historicalInfo:
+          allOf:
+          - $ref: '#/components/schemas/protos.secrets.v1.HistoricalInfo'
+          description: Historical scanning info for the finding.
+        id:
+          description: ID of the finding.
+          type: string
+        mode:
+          description: 'The behavior of the finding reporting: Monitor / Comment /
+            Block.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | MODE_MONITOR | Monitor mode, silently report findings |
+
+            | MODE_COMMENT | Comment mode, leaves PR comments but does not block |
+
+            | MODE_BLOCK | Block mode, leaves PR comments and blocks PR |
+
+            | MODE_DISABLED | Disabled mode, not active |
+
+
+            '
+          enum:
+          - MODE_MONITOR
+          - MODE_COMMENT
+          - MODE_BLOCK
+          - MODE_DISABLED
+          format: enum
+          type: string
+        ref:
+          description: Branch where the finding was detected.
+          type: string
+        refUrl:
+          description: URL to the branch where the finding was detected.
+          type: string
+        repository:
+          allOf:
+          - $ref: '#/components/schemas/protos.secrets.v1.SecretsFinding_Repository'
+          description: Repository where the finding was detected.
+        reviewComments:
+          description: List of external review comment information associated with
+            a finding
+          items:
+            $ref: '#/components/schemas/protos.common.v1.ReviewComment'
+          type: array
+        ruleHashId:
+          description: ID of the rule that triggered the finding.
+          type: string
+        severity:
+          description: 'Severity of the finding.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | SEVERITY_HIGH |  |
+
+            | SEVERITY_MEDIUM |  |
+
+            | SEVERITY_LOW |  |
+
+            | SEVERITY_CRITICAL |  |
+
+
+            '
+          enum:
+          - SEVERITY_HIGH
+          - SEVERITY_MEDIUM
+          - SEVERITY_LOW
+          - SEVERITY_CRITICAL
+          format: enum
+          type: string
+        status:
+          description: 'Status of the finding.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | FINDING_STATUS_OPEN |  |
+
+            | FINDING_STATUS_IGNORED |  |
+
+            | FINDING_STATUS_FIXED |  |
+
+            | FINDING_STATUS_REMOVED |  |
+
+            | FINDING_STATUS_UNKNOWN |  |
+
+            | FINDING_STATUS_PROVISIONALLY_IGNORED |  |
+
+
+            '
+          enum:
+          - FINDING_STATUS_OPEN
+          - FINDING_STATUS_IGNORED
+          - FINDING_STATUS_FIXED
+          - FINDING_STATUS_REMOVED
+          - FINDING_STATUS_UNKNOWN
+          - FINDING_STATUS_PROVISIONALLY_IGNORED
+          format: enum
+          type: string
+        type:
+          description: Service type for the secrets finding (e.g. AWS, GitHub, GitLab,
+            etc).
+          type: string
+        updatedAt:
+          description: Update timestamp.
+          format: date-time
+          type: string
+        validationState:
+          description: 'Whether the finding was validated or not.
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | VALIDATION_STATE_CONFIRMED_VALID |  |
+
+            | VALIDATION_STATE_CONFIRMED_INVALID |  |
+
+            | VALIDATION_STATE_VALIDATION_ERROR |  |
+
+            | VALIDATION_STATE_NO_VALIDATOR |  |
+
+
+            '
+          enum:
+          - VALIDATION_STATE_CONFIRMED_VALID
+          - VALIDATION_STATE_CONFIRMED_INVALID
+          - VALIDATION_STATE_VALIDATION_ERROR
+          - VALIDATION_STATE_NO_VALIDATOR
+          format: enum
+          type: string
+      type: object
+    protos.secrets.v1.SecretsFinding_Repository:
+      description: Repository where the finding was detected.
+      properties:
+        name:
+          description: Repository name
+          type: string
+        scmType:
+          description: 'Provider for the finding (e.g. GitHub, GitLab, GHE, etc).
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | SCM_TYPE_GITHUB |  |
+
+            | SCM_TYPE_GITLAB |  |
+
+            | SCM_TYPE_GITHUB_ENTERPRISE |  |
+
+            | SCM_TYPE_GITLAB_SELFMANAGED |  |
+
+            | SCM_TYPE_BITBUCKET |  |
+
+            | SCM_TYPE_AZURE_DEVOPS |  |
+
+            | SCM_TYPE_UNKNOWN |  |
+
+            | SCM_TYPE_BITBUCKET_DATACENTER |  |
+
+
+            '
+          enum:
+          - SCM_TYPE_GITHUB
+          - SCM_TYPE_GITLAB
+          - SCM_TYPE_GITHUB_ENTERPRISE
+          - SCM_TYPE_GITLAB_SELFMANAGED
+          - SCM_TYPE_BITBUCKET
+          - SCM_TYPE_AZURE_DEVOPS
+          - SCM_TYPE_UNKNOWN
+          - SCM_TYPE_BITBUCKET_DATACENTER
+          format: enum
+          type: string
+        url:
+          description: URL to the repository where the finding was detected.
+          type: string
+        visibility:
+          description: 'Repository visbility (e.g. public, private, unknown).
+
+
+            | value | description |
+
+            |-------|---------------|
+
+            | REPOSITORY_VISIBILITY_PUBLIC |  |
+
+            | REPOSITORY_VISIBILITY_PRIVATE |  |
+
+            | REPOSITORY_VISIBILITY_UNKNOWN |  |
+
+
+            '
+          enum:
+          - REPOSITORY_VISIBILITY_PUBLIC
+          - REPOSITORY_VISIBILITY_PRIVATE
+          - REPOSITORY_VISIBILITY_UNKNOWN
+          format: enum
+          type: string
+      type: object
+    protos.ticketing.v1.ExternalTicket:
+      properties:
+        externalSlug:
+          description: Identifier of the external ticket (e.g. for Jira, something
+            like OPS-158).
+          type: string
+        id:
+          description: Nango ticket id
+          type: string
+        linkedIssueIds:
+          description: Semgrep issue ids that are linked to this external ticket
+          items:
+            type: string
+          type: array
+        url:
+          description: URL of the external ticket.
+          type: string
+      type: object
+  securitySchemes:
+    SemgrepAdminJWT:
+      bearerFormat: string
+      description: Get access to data with a Semgrep Admin JSON Web Token.
+      scheme: bearer
+      type: http
+    SemgrepJWT:
+      bearerFormat: string
+      description: Get access to data with your user's JSON Web Token.
+      scheme: bearer
+      type: http
+    SemgrepWebToken:
+      bearerFormat: string
+      description: 'Get access to data with your API token. Example header:
+
+
+        `Authorization: Bearer 2991e2fb4b540fe75b8f90677b0b892b6314e4961cb001fe6eb452eee248a628`
+
+
+        The token can be provisioned from the Tokens section in your Settings, and
+        requires explicitly enabling `Web API` access.'
+      scheme: bearer
+      type: http
+info:
+  description: '
+
+    Welcome to Semgrep''s portal for the Semgrep AppSec Platform web API.
+
+
+    # Introduction
+
+    Semgrep is a fast, open-source, static analysis tool for finding bugs and enforcing
+    code standards at editor,
+
+    commit, and CI time. [Get started.](https://semgrep.dev/docs/getting-started/)
+
+
+    Semgrep analyzes code locally on your computer or in your build environment: **code
+    is never uploaded.**
+
+
+    This API is documented in the **OpenAPI format**.
+
+
+    # Terms of Use
+
+
+    Please note, the materials made available herein are subject to the
+
+    [Semgrep Terms of Use](https://semgrep.dev/resources/website-terms/), and your
+
+    access or use of any of the same is your acknowledgment and acceptance of the
+
+    such terms.
+
+    <br>
+
+
+    # Authentication
+
+    The API supports authentication with an API token with the "Web API" permission,
+    without limited
+
+    scopes of access.
+
+
+    You can provision an API token [from the Settings page](https://semgrep.dev/orgs/-/settings/tokens).
+
+
+    <br>
+
+    '
+  title: Semgrep Web App
+  version: 1.0.0
+openapi: 3.0.3
+paths:
+  /api/v1/bootstrap-sms-vpc:
+    get:
+      description: 'VPC support for Managed Scans is in private beta.
+
+
+        Returns the Managed Scans VPC Bootstrap CloudFormation template in JSON format
+        for setting up cross-account infrastructure.
+
+
+        This template creates IAM roles and policies needed for Semgrep Managed Scanning
+        (SMS) VPC infrastructure automation,
+
+        including the semgrep-sms-vpc-automation role and EC2 Image Builder distribution
+        roles for gVisor container runtime.
+
+
+        See the original AWS cloudformation template format at https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-formats.html
+
+        '
+      operationId: MiscService_GetBootstrapSmsVpc
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.GetBootstrapSmsVpcResponse'
+          description: OK
+      summary: '[Beta] Get SMS VPC Bootstrap CloudFormation Template'
+      tags:
+      - MiscService
+      x-badges: []
+  /api/v1/deployments:
+    get:
+      description: 'Request the deployments your auth can access.
+
+
+        Currently available auth scope does not extend over more than one deployment.
+        This endpoint returns the single deployment your token can access. The endpoint
+        additionally returns links to related resources available on this API.'
+      operationId: DeploymentsService_ListDeployments
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.ListDeploymentsResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: List deployments
+      tags:
+      - DeploymentsService
+      x-badges: []
+  /api/v1/deployments/{deploymentId}/dependencies:
+    post:
+      operationId: SupplyChainService_ListDependencies
+      parameters:
+      - in: path
+        name: deploymentId
+        required: true
+        schema:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          example: 123
+          format: uint64
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/protos.openapi.v1.ListDependenciesRequest'
+        required: true
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.ListDependenciesResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: List dependencies
+      tags:
+      - SupplyChainService
+      x-badges: []
+  /api/v1/deployments/{deploymentId}/dependencies/repositories:
+    post:
+      operationId: SupplyChainService_ListRepositoriesForDependencies
+      parameters:
+      - in: path
+        name: deploymentId
+        required: true
+        schema:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          format: uint64
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/protos.openapi.v1.ListRepositoriesForDependenciesRequest'
+        required: true
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.ListRepositoriesForDependenciesResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: List repositories with dependencies
+      tags:
+      - SupplyChainService
+      x-badges: []
+  /api/v1/deployments/{deploymentId}/dependencies/repositories/{repositoryId}/lockfiles:
+    post:
+      operationId: SupplyChainService_ListLockfilesForDependencies
+      parameters:
+      - in: path
+        name: deploymentId
+        required: true
+        schema:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          format: uint64
+          type: string
+      - in: path
+        name: repositoryId
+        required: true
+        schema:
+          description: Repository ID to filter by. Use Projects endpoints to retrieve
+            repository IDs.
+          format: uint64
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/protos.openapi.v1.ListLockfilesForDependenciesRequest'
+        required: true
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.ListLockfilesForDependenciesResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: List lockfiles in a given repository with dependencies
+      tags:
+      - SupplyChainService
+      x-badges: []
+  /api/v1/deployments/{deploymentId}/policies:
+    get:
+      operationId: PoliciesService_ListPolicies
+      parameters:
+      - in: path
+        name: deploymentId
+        required: true
+        schema:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          example: 123
+          format: uint64
+          type: string
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.ListPoliciesResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: List policies
+      tags:
+      - PoliciesService
+      x-badges: []
+  /api/v1/deployments/{deploymentId}/policies/{policyId}:
+    get:
+      operationId: PoliciesService_ListPolicyRules
+      parameters:
+      - in: path
+        name: deploymentId
+        required: true
+        schema:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          example: 123
+          format: uint64
+          type: string
+      - in: path
+        name: policyId
+        required: true
+        schema:
+          description: 'Policy ID (numeric). Example: `456`. Can be found at `/deployments/{deploymentId}/policies`.'
+          example: 456
+          format: uint64
+          type: string
+      - in: query
+        name: cursor
+        schema:
+          description: Cursor to paginate through the rules. Provide a cursor value
+            from the response to retrieve the next page.
+          type: string
+      - in: query
+        name: limit
+        schema:
+          description: Page size to paginate through the rules. The default page size
+            is `500` and the maximum allowed page size is `2000`.
+          format: uint32
+          type: integer
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.ListPolicyRulesResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: List policy rules
+      tags:
+      - PoliciesService
+      x-badges: []
+    put:
+      operationId: PoliciesService_UpdatePolicy
+      parameters:
+      - in: path
+        name: deploymentId
+        required: true
+        schema:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          example: 123
+          format: uint64
+          type: string
+      - in: path
+        name: policyId
+        required: true
+        schema:
+          description: 'Policy ID (numeric). Example: `456`. Can be found at `/deployments/{deploymentId}/policies`.'
+          example: 456
+          format: uint64
+          type: string
+      - in: query
+        name: rulePath
+        schema:
+          description: Full path of the Rule.
+          type: string
+      - in: query
+        name: policyMode
+        schema:
+          description: "New policy mode to set for the Rule.\n\n - MODE_MONITOR: Monitor
+            mode, silently report findings\n - MODE_COMMENT: Comment mode, leaves
+            PR comments but does not block\n - MODE_BLOCK: Block mode, leaves PR comments
+            and blocks PR\n - MODE_DISABLED: Disabled mode, not active"
+          enum:
+          - MODE_UNSPECIFIED
+          - MODE_MONITOR
+          - MODE_COMMENT
+          - MODE_BLOCK
+          - MODE_DISABLED
+          format: enum
+          type: string
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.UpdatePolicyResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Update policy
+      tags:
+      - PoliciesService
+      x-badges: []
+  /api/v1/deployments/{deploymentId}/sbom/export:
+    post:
+      operationId: SupplyChainService_CreateSbomExport
+      parameters:
+      - in: path
+        name: deploymentId
+        required: true
+        schema:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          example: 123
+          format: uint64
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/protos.openapi.v1.CreateSbomExportRequest'
+        required: true
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.CreateSbomExportResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Create a new SBOM export job
+      tags:
+      - SupplyChainService
+      x-badges: []
+  /api/v1/deployments/{deploymentId}/sbom/export/{taskToken}:
+    get:
+      operationId: SupplyChainService_GetSbomExport
+      parameters:
+      - in: path
+        name: deploymentId
+        required: true
+        schema:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          example: 123
+          format: int64
+          type: string
+      - in: path
+        name: taskToken
+        required: true
+        schema:
+          description: Task token for the SBOM export job.
+          type: string
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.GetSbomExportResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Get the status of a SBOM export job
+      tags:
+      - SupplyChainService
+      x-badges: []
+  /api/v1/deployments/{deploymentId}/scan/{scanId}:
+    get:
+      description: Request the details of a scan including the associated deployment,
+        repository, and commit information.
+      operationId: ScansService_GetScan
+      parameters:
+      - in: path
+        name: deploymentId
+        required: true
+        schema:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          example: 123
+          format: uint64
+          type: string
+      - in: path
+        name: scanId
+        required: true
+        schema:
+          description: 'Scan ID (numeric). Example: `456`. Can be found at `/deployments/{deploymentId}/scans/search`.'
+          example: 456
+          format: uint64
+          type: string
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.GetScanResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Get scan details
+      tags:
+      - ScansService
+      x-badges: []
+  /api/v1/deployments/{deploymentId}/scans/search:
+    post:
+      description: List the scans associated with a particular repository over the
+        past 30 days.
+      operationId: ScansService_SearchScans
+      parameters:
+      - in: path
+        name: deploymentId
+        required: true
+        schema:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          example: 123
+          format: uint64
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/protos.openapi.v1.SearchScansRequest'
+        required: true
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.SearchScansResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: List scans (beta)
+      tags:
+      - ScansService
+      x-badges: []
+  /api/v1/deployments/{deploymentId}/secrets:
+    get:
+      operationId: SecretsService_ListSecretsPath
+      parameters:
+      - in: path
+        name: deploymentId
+        required: true
+        schema:
+          description: 'Deployment ID (numeric). Example: `123`. Can be found at `/deployments`,
+            or in your Settings in the web UI.'
+          example: 123
+          format: uint64
+          type: string
+      - in: query
+        name: cursor
+        schema:
+          description: Cursor to paginate through the rules. Provide a cursor value
+            from the response to retrieve the next page.
+          type: string
+      - in: query
+        name: limit
+        schema:
+          description: Page size to paginate through the results.
+          format: uint32
+          type: integer
+      - in: query
+        name: since
+        schema:
+          format: date-time
+          type: string
+      - in: query
+        name: validationState
+        schema:
+          description: "Whether the finding was validated or not.\n\n - VALIDATION_STATE_UNSPECIFIED:
+            Return results for all validation states (can also omit this parameter).\n-
+            VALIDATION_STATE_CONFIRMED_VALID: Secret has been tested and is confirmed
+            valid.\n - VALIDATION_STATE_CONFIRMED_INVALID: Secret has been tested
+            and is confirmed invalid.\n - VALIDATION_STATE_VALIDATION_ERROR: Secret
+            test was attempted and there was an error.\n - VALIDATION_STATE_NO_VALIDATOR:
+            There is no validator for this secret."
+          format: string
+          items:
+            enum:
+            - VALIDATION_STATE_UNSPECIFIED
+            - VALIDATION_STATE_CONFIRMED_VALID
+            - VALIDATION_STATE_CONFIRMED_INVALID
+            - VALIDATION_STATE_VALIDATION_ERROR
+            - VALIDATION_STATE_NO_VALIDATOR
+            format: enum
+            type: string
+          type: array
+      - in: query
+        name: status
+        schema:
+          default: FINDING_STATUS_UNSPECIFIED
+          description: "Status of the finding.\n\n - FINDING_STATUS_UNSPECIFIED: Return
+            results for all finding statuses (if used as a parameter).\n - FINDING_STATUS_OPEN:
+            Finding is open and needs to be triaged\n - FINDING_STATUS_IGNORED: Finding
+            has been triaged and is being ignored\n - FINDING_STATUS_FIXED: Finding
+            has been fixed\n - FINDING_STATUS_REMOVED: Finding has been removed\n
+            - FINDING_STATUS_UNKNOWN: Finding status is unknown"
+          enum:
+          - FINDING_STATUS_UNSPECIFIED
+          - FINDING_STATUS_OPEN
+          - FINDING_STATUS_IGNORED
+          - FINDING_STATUS_FIXED
+          - FINDING_STATUS_REMOVED
+          - FINDING_STATUS_UNKNOWN
+          - FINDING_STATUS_PROVISIONALLY_IGNORED
+          format: enum
+          type: string
+      - in: query
+        name: severity
+        schema:
+          description: "Severity of the finding.\n\n - SEVERITY_UNSPECIFIED: Return
+            results for all severities (if used as a parameter)."
+          format: string
+          items:
+            enum:
+            - SEVERITY_UNSPECIFIED
+            - SEVERITY_HIGH
+            - SEVERITY_MEDIUM
+            - SEVERITY_LOW
+            - SEVERITY_CRITICAL
+            format: enum
+            type: string
+          type: array
+      - in: query
+        name: repo
+        schema:
+          description: Repositories to view results for. If not specified, returns
+            all.
+          format: string
+          items:
+            type: string
+          type: array
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.ListSecretsPathResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: List secrets
+      tags:
+      - SecretsService
+      x-badges: []
+  /api/v1/deployments/{deploymentId}/ticketing/v2/tickets/{externalTicketId}:
+    delete:
+      description: Unlink a Jira ticket by its ID
+      operationId: TicketingService_DeleteTicket
+      parameters:
+      - in: path
+        name: deploymentId
+        required: true
+        schema:
+          description: Deployment ID. Can be found at /deployments, or in your Settings
+            in the web UI.
+          example: 123
+          type: string
+      - in: path
+        name: externalTicketId
+        required: true
+        schema:
+          description: The ID of the external ticket
+          example: 456
+          format: uint32
+          type: integer
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.DeleteTicketResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Unlink a Jira ticket
+      tags:
+      - TicketingService
+      x-badges: []
+  /api/v1/deployments/{deploymentSlug}/findings:
+    get:
+      description: 'Request the list of code or supply chain findings in an organization,
+        paginated in pages of 100 entries and limited by the `since` timestamp. Findings
+        are returned by `relevant_since` descending (see `since` in the Query Parameters
+        list). Examples: List SAST findings with pagination, List SCA findings since
+        timestamp, List findings with filters.'
+      operationId: FindingsService_ListFindings
+      parameters:
+      - in: path
+        name: deploymentSlug
+        required: true
+        schema:
+          description: Slug of the deployment name. Can be found at `/deployments`,
+            or in your Settings in the web UI.
+          example: your-deployment
+          type: string
+      - in: query
+        name: issue_type
+        schema:
+          default: sast
+          description: 'Type of findings to return. If not specified, returns `sast`
+            (Code) findings. Can either be `sast` (Code) or `sca` (Supply Chain).
+            Valid values: sast, sca'
+          enum:
+          - sast
+          - sca
+          example: sca
+          type: string
+      - in: query
+        name: since
+        schema:
+          description: 'What timestamp should the results start at? If not specified,
+            returns results from all timestamps. Provide epoch timestamp in seconds.
+            Filters using the `relevant_since` field: the timestamp when this finding
+            was detected by Semgrep (the first time, or when reintroduced).'
+          example: 1636942398.45
+          format: double
+          type: number
+      - in: query
+        name: page
+        schema:
+          default: '0'
+          description: Which page of the results do you require? If not specified,
+            returns first page. Pages are numbered from zero (0).
+          example: 1
+          format: uint32
+          type: integer
+      - in: query
+        name: dedup
+        schema:
+          default: false
+          description: Deduplicates findings across all your refs/branches if true.
+            If not specified, returns all findings across all refs/branches without
+            deduplicating them. Set this to `true` if you are not filtering for a
+            particular set of refs/branches in order to match the counts listed in
+            the Semgrep UI.
+          example: true
+          type: boolean
+      - in: query
+        name: page_size
+        schema:
+          default: '100'
+          description: 'Maximum number of records per returned page. If not specified,
+            defaults to 100 records. Minimum: 100, Maximum: 3000'
+          example: 100
+          format: uint32
+          maximum: 3000.0
+          minimum: 100.0
+          type: integer
+      - in: query
+        name: repos
+        schema:
+          description: Which repositories (by name) do you want to include? If not
+            specified, includes all.
+          example:
+          - myorg/repo1
+          - myorg/repo2
+          items:
+            type: string
+          type: array
+      - in: query
+        name: repository_ids
+        schema:
+          description: Which repositories (by ID) do you want to include? If not specified,
+            includes all.
+          example:
+          - 1
+          - 2
+          - 3
+          items:
+            format: uint32
+            type: integer
+          type: array
+      - in: query
+        name: status
+        schema:
+          description: 'Which status do you want to include? If not specified, includes
+            all. Valid values: open, fixed, ignored, reviewing, fixing'
+          enum:
+          - open
+          - fixed
+          - ignored
+          - reviewing
+          - fixing
+          example: open
+          type: string
+      - in: query
+        name: triage_reasons
+        schema:
+          description: 'Which triage reasons do you want to include? If not specified,
+            includes all. This filter is applicable when `status` is `ignored`. Valid
+            values: acceptable_risk, false_positive, no_time, no_triage_reason'
+          enum:
+          - acceptable_risk
+          - false_positive
+          - no_time
+          - no_triage_reason
+          example:
+          - acceptable_risk
+          - false_positive
+          items:
+            type: string
+          type: array
+      - in: query
+        name: severities
+        schema:
+          description: 'What severities of issues do you want to include? If not specified,
+            returns all. Valid values: low, medium, high, critical'
+          enum:
+          - low
+          - medium
+          - high
+          - critical
+          example:
+          - low
+          - high
+          items:
+            type: string
+          type: array
+      - in: query
+        name: ref
+        schema:
+          description: Which ref (branch) do you want to filter for?
+          example: refs/pull/1234/merge
+          type: string
+      - in: query
+        name: policies
+        schema:
+          description: 'Which policy modes do you want to include? If not specified,
+            includes all. Monitor: `rule-board-audit`, Comment: `rule-board-pr-comments`,
+            Block: `rule-board-block`. This filter is applicable when `issue_type`
+            is `sast` or unspecified.'
+          example:
+          - rule-board-block
+          - rule-board-pr-comments
+          - rule-board-audit
+          items:
+            type: string
+          type: array
+      - in: query
+        name: rules
+        schema:
+          description: Which rule names do you want to include? If not specified,
+            includes all. This filter is applicable when `issue_type` is `sast` or
+            unspecified.
+          example:
+          - typescript.react.security.audit.react-no-refs.react-no-refs
+          - ajinabraham.njsscan.hardcoded_secrets.node_username
+          items:
+            type: string
+          type: array
+      - in: query
+        name: categories
+        schema:
+          description: Which categories of findings do you want to include? If not
+            specified, includes all. This filter is applicable when `issue_type` is
+            `sast` or unspecified.
+          example:
+          - security
+          - correctness
+          - caching
+          items:
+            type: string
+          type: array
+      - in: query
+        name: confidence
+        schema:
+          description: 'Which rule confidence level do you want to include? If not
+            specified, includes all. This filter is applicable when `issue_type` is
+            `sast` or unspecified. Valid values: low, medium, high'
+          enum:
+          - low
+          - medium
+          - high
+          example: high
+          type: string
+      - in: query
+        name: autotriage_verdict
+        schema:
+          description: 'Which autotriage verdict do you want to include? If not specified,
+            includes all. This filter is applicable when `issue_type` is `sast` or
+            unspecified. Valid values: true_positive, false_positive'
+          enum:
+          - true_positive
+          - false_positive
+          example: true_positive
+          type: string
+      - in: query
+        name: component_tags
+        schema:
+          description: Which component tags do you want to include? If not specified,
+            includes all.
+          example:
+          - user authentication
+          - user data
+          items:
+            type: string
+          type: array
+      - in: query
+        name: exposures
+        schema:
+          description: 'List of exposures or reachability types to filter by. If not
+            specified, returns findings across all exposures. This filter is applicable
+            when `issue_type=sca` is specified. Valid values: reachable, always_reachable,
+            conditionally_reachable, unreachable, unknown'
+          enum:
+          - reachable
+          - always_reachable
+          - conditionally_reachable
+          - unreachable
+          - unknown
+          example:
+          - reachable
+          - always_reachable
+          items:
+            type: string
+          type: array
+      - in: query
+        name: transitivities
+        schema:
+          description: 'List of transitivities to filter by. If not specified, returns
+            all transitivities. This filter is applicable when `issue_type=sca` is
+            specified. Valid values: direct, transitive, unknown'
+          enum:
+          - direct
+          - transitive
+          - unknown
+          example:
+          - transitive
+          items:
+            type: string
+          type: array
+      - in: query
+        name: is_malicious
+        schema:
+          description: 'Filter SCA findings by whether they are from malicious dependencies.
+            If not specified, returns all SCA findings. This filter is only applicable
+            when `issue_type=sca` is specified.
+
+            - true: Returns only findings from malicious dependencies
+
+            - false: Returns only findings from all other reachabilities (reachable
+            in code, always reachable, conditionally reachable, etc.)'
+          example: true
+          type: bool
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.ListFindingsResponse'
+          description: OK
+        default:
+          content:
+            application/json:
+              schema:
+                properties:
+                  findings:
+                    items:
+                      oneOf:
+                      - $ref: '#/components/schemas/protos.openapi.v1.SastFinding'
+                        summary: Sast Finding
+                      - $ref: '#/components/schemas/protos.openapi.v1.ScaFinding'
+                        summary: Sca Finding
+                    type: array
+                type: object
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: List code or supply chain findings
+      tags:
+      - FindingsService
+      x-badges: []
+  /api/v1/deployments/{deploymentSlug}/projects:
+    get:
+      description: Request the list of projects that have been scanned or onboarded
+        to Managed Scans. Does not return archived repositories. Returns 100 projects
+        per page by default.
+      operationId: ProjectsService_ListProjects
+      parameters:
+      - in: path
+        name: deploymentSlug
+        required: true
+        schema:
+          description: Slug of the deployment name. Can be found at `/deployments`,
+            or in your Settings in the web UI.
+          example: your-deployment
+          type: string
+      - in: query
+        name: page
+        schema:
+          description: Which page of the results do you require? If not specified,
+            returns first page. Pages are numbered from zero (0).
+          example: 1
+          format: uint32
+          type: number
+      - in: query
+        name: page_size
+        schema:
+          default: 100.0
+          description: Maximum number of records per returned page. If not specified,
+            defaults to 100 records.
+          example: 100
+          format: uint32
+          type: number
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.ListProjectsResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: List all projects
+      tags:
+      - ProjectsService
+      x-badges: []
+  /api/v1/deployments/{deploymentSlug}/projects/{projectName}:
+    delete:
+      description: Delete a project for a deployment you have access to. This will
+        also delete all of the associated findings.
+      operationId: ProjectsService_DeleteProject
+      parameters:
+      - in: path
+        name: deploymentSlug
+        required: true
+        schema:
+          description: Slug of the deployment name. Can be found at `/deployments`,
+            or in your Settings in the web UI.
+          example: your-deployment
+          type: string
+      - in: path
+        name: projectName
+        required: true
+        schema:
+          description: Name of the project, typically the repository formatted as
+            a path.
+          example: organization/project
+          type: string
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.DeleteProjectResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Delete project
+      tags:
+      - ProjectsService
+      x-badges: []
+    get:
+      description: Retrieve details for a single project associated with a deployment
+        that you have access to.
+      operationId: ProjectsService_GetProject
+      parameters:
+      - in: path
+        name: deploymentSlug
+        required: true
+        schema:
+          description: Slug of the deployment name. Can be found at `/deployments`,
+            or in your Settings in the web UI.
+          example: your-deployment
+          type: string
+      - in: path
+        name: projectName
+        required: true
+        schema:
+          description: Name of the project, typically the repository formatted as
+            a path.
+          example: organization/project
+          type: string
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.GetProjectResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Get project details
+      tags:
+      - ProjectsService
+      x-badges: []
+    patch:
+      description: 'Update attributes for the project using the value passed in to
+        the request body.
+
+
+        Note: The only attribute that is supported as of January 2023 is `tags`.'
+      operationId: ProjectsService_UpdateProject
+      parameters:
+      - in: path
+        name: deploymentSlug
+        required: true
+        schema:
+          description: Slug of the deployment name. Can be found at `/deployments`,
+            or in your Settings in the web UI.
+          example: your-deployment
+          type: string
+      - in: path
+        name: projectName
+        required: true
+        schema:
+          description: Name of the project, typically the repository formatted as
+            a path.
+          example: organization/project
+          type: string
+      - in: query
+        name: tags
+        schema:
+          description: Tags associated to this project.
+          example:
+          - tag
+          items:
+            type: string
+          type: string
+      - in: query
+        name: primary_branch
+        schema:
+          description: The full name of the branch you would like to set as primary.
+            Use "None" if default_branch is known and you wish to set primary to always
+            be the default branch.
+          example: refs/heads/develop
+          type: string
+      - in: query
+        name: managed_scan_config.diff_scan.enabled
+        schema:
+          description: When true, diff-aware scans are enabled for the project.
+          type: boolean
+      - in: query
+        name: managed_scan_config.full_scan.enabled
+        schema:
+          description: When true, weekly full scans are enabled.
+          type: boolean
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.UpdateProjectResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Update project details
+      tags:
+      - ProjectsService
+      x-badges: []
+  /api/v1/deployments/{deploymentSlug}/projects/{projectName}/managed-scan:
+    patch:
+      description: 'Enable or disable
+
+        [Semgrep Managed Scans](/docs/deployment/managed-scanning/overview)
+
+        for a project.'
+      operationId: ProjectsService_ToggleProjectManagedScan
+      parameters:
+      - in: path
+        name: deploymentSlug
+        required: true
+        schema:
+          description: Slug of the deployment name. Can be found at `/deployments`,
+            or in your Settings in the web UI.
+          example: your-deployment
+          type: string
+      - in: path
+        name: projectName
+        required: true
+        schema:
+          description: Name of the project, typically the repository formatted as
+            a path.
+          example: organization/project
+          type: string
+      - in: query
+        name: diff_scan.enabled
+        schema:
+          description: When true, diff-aware scans are enabled for the project.
+          type: boolean
+      - in: query
+        name: full_scan.enabled
+        schema:
+          description: When true, weekly full scans are enabled.
+          type: boolean
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.ToggleProjectManagedScanResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Toggle Managed Scans for a project
+      tags:
+      - ProjectsService
+      x-badges: []
+  /api/v1/deployments/{deploymentSlug}/projects/{projectName}/tags:
+    delete:
+      description: 'Remove tags from a project for a deployment you have access to.
+
+
+        This request will not delete project tags from the deployment and will only
+        remove
+
+        them from the requested project. Any other projects associated with the requested
+
+        tag will remain unaffected.'
+      operationId: ProjectsService_DeleteProjectTags
+      parameters:
+      - in: path
+        name: deploymentSlug
+        required: true
+        schema:
+          description: Slug of the deployment name. Can be found at `/deployments`,
+            or in your Settings in the web UI.
+          example: your-deployment
+          type: string
+      - in: path
+        name: projectName
+        required: true
+        schema:
+          description: Name of the project, typically the repository formatted as
+            a path.
+          example: organization/project
+          type: string
+      - in: query
+        name: tags
+        schema:
+          example:
+          - tag
+          items:
+            type: string
+          type: array
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.DeleteProjectTagsResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Remove tags from project
+      tags:
+      - ProjectsService
+      x-badges: []
+    put:
+      description: 'Add tags to a project for a deployment you have access to.
+
+
+        Any project tags that do not already exist for the deployment will be created
+        automatically and associated with the project.'
+      operationId: ProjectsService_AddProjectTags
+      parameters:
+      - in: path
+        name: deploymentSlug
+        required: true
+        schema:
+          description: Slug of the deployment name. Can be found at `/deployments`,
+            or in your Settings in the web UI.
+          example: your-deployment
+          type: string
+      - in: path
+        name: projectName
+        required: true
+        schema:
+          description: Name of the project, typically the repository formatted as
+            a path.
+          example: organization/project
+          type: string
+      - in: query
+        name: tags
+        schema:
+          example:
+          - tag
+          items:
+            type: string
+          type: array
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.AddProjectTagsResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Add tags to project
+      tags:
+      - ProjectsService
+      x-badges: []
+  /api/v1/deployments/{deploymentSlug}/tickets:
+    post:
+      description: Create Jira tickets for your findings. You can create tickets by
+        passing in a list of issue_ids or by passing in filter query parameters to
+        dynamically select findings. If passing in filters, Semgrep will skip already
+        ticketed findings. This endpoint is synchronous, so it may take some time
+        for your request to resolve. Unlike creating tickets in-app, if ticket creation
+        fails we won't automatically retry. This endpoint accepts a limit parameter
+        (defaulting to 20) to limit the number of tickets created per request. If
+        you specify a list of issue_ids greater than this limit, or your selected
+        filters match on a number of issues greater than this limit, issues that were
+        not ticketed are included in the Failed part of the response object. You can
+        send another request to create tickets for these skipped issues. By default,
+        findings belonging to the same repository and the same rule will be grouped
+        together into a single Jira ticket. You can override this using the group_issues
+        query parameter. Up to 50 issues can be grouped into a single ticket. You
+        can optionally override the Jira project you create tickets in by passing
+        in a Jira project ID as jira_project_id (the numeric ID rather than the project
+        key). You can fetch this ID using the Jira API.
+      operationId: TicketingService_CreateTicket
+      parameters:
+      - in: path
+        name: deploymentSlug
+        required: true
+        schema:
+          description: Deployment slug. Can be found at `/deployments`, or in your
+            Settings in the web UI.
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/protos.openapi.v1.CreateTicketRequest'
+        required: true
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.CreateTicketResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Create Jira tickets
+      tags:
+      - TicketingService
+      x-badges: []
+  /api/v1/deployments/{deploymentSlug}/triage:
+    post:
+      description: Bulk triage your findings. You can select the findings to triage
+        by passing in a list of finding IDs as issue_ids, or by passing in filter
+        query parameters. You must specify the issue_type of the findings you want
+        to bulk triage. One of new_triage_state or new_note is required. If specifying
+        a new_triage_reason, you must also use new_triage_state=ignored. Some filters
+        only apply for findings associated with a given product.
+      operationId: TriageService_BulkTriage
+      parameters:
+      - in: path
+        name: deploymentSlug
+        required: true
+        schema:
+          description: Deployment slug. Can be found at /deployments, or in your Settings
+            in the web UI.
+          type: string
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/protos.openapi.v1.BulkTriageRequest'
+        required: true
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.BulkTriageResponse'
+          description: OK
+      security:
+      - SemgrepWebToken: []
+      summary: Bulk triage
+      tags:
+      - TriageService
+      x-badges: []
+  /api/v1/ping:
+    get:
+      description: Use to ping the server and assert liveness.
+      operationId: MiscService_Ping
+      responses:
+        '200':
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/protos.openapi.v1.PingResponse'
+          description: OK
+      summary: Ping
+      tags:
+      - MiscService
+      x-badges: []
+tags:
+- description: Deployments encapsulate your organization's security organization,
+    with multiple projects, policies, and integrations. As the root object of the
+    organization, they're similarly the root object of the API.
+  name: DeploymentsService
+  x-displayName: Deployment
+- description: Manage and retrieve code and supply chain security findings from Semgrep
+    scans
+  name: FindingsService
+  x-displayName: Code and Supply Chain
+- description: Utility endpoints.
+  name: MiscService
+  x-displayName: Other
+- description: View and manage the Policies of your organization.
+  name: PoliciesService
+  x-displayName: Policies
+- name: ProjectsService
+  x-displayName: Projects
+- description: View details of scans associated with projects in your organization.
+  name: ScansService
+  x-displayName: Scans
+- description: View and manage the Secrets of your organization.
+  name: SecretsService
+  x-displayName: Secrets
+- description: 'Manage the Supply Chain findings and dependencies of your organization.
+
+
+    A request body is required, but may be an empty object.'
+  name: SupplyChainService
+  x-displayName: Supply Chain
+- description: Create and manage external tickets
+  name: TicketingService
+  x-displayName: Ticketing
+- description: View and manage the triage of your organization.
+  name: TriageService
+  x-displayName: Triage