Application Version Operations - Anchore API

Users can perform queries against specific versions of an application.

SBOM for a specific Application Version

Using the application API to generate a combined software bill of materials (SBOM) for all artifacts within an application version. This lets you easily archive the components, or provide them to others for verification process compliance requirements. The data structure metadata for the application and application version, along with the SBOMs for each artifact associated with the application version.

Download a Combined SBOM

To download a combined SBOM, GET the application version SBOM from http://<host:port>/v2/applications/<application_id>/versions/<application_version_id>/sboms/native-json.

To filter the results by artifact type, add the artifact_types=<source,image> query parameter.

Vulnerabilities for a specific Application Version

Using the application API, a user can generate a combined list of vulnerabilities found among all artifacts within an application version. This allows easier vulnerability management for any Application Version.

Get a Combined Vulnerabilities List

http://<host:port>/v2/applications/<application_id>/versions/<application_version_id>/vulnerabilities.

Optional query parameter of will_not_fix=<true | false> is provided. When true, the results will include any vulnerabilities that the vendor of an image distribution either disagrees with or does not intend to prioritize for remediation

Last modified October 27, 2023