getSingleApplicationInfo

The getSingleApplicationInfo API retrieves detailed information for a single application.

Type

Query

Query Example

query GetSingleApplicationInfo($getSingleApplicationInput: SingleApplicationInput) {
  getSingleApplicationInfo(getSingleApplicationInput: $getSingleApplicationInput) {
    id
    appId
    repoName
    appName
    branch
    branchesCount
    branchesToScan
    businessPriority
    codeChanges
    commitCount
    createdAt
    creator
    daysSinceLastCodeChange
    daysSinceRepoCreation
    deployedProd
    filesCount
    forksCount
    hasDownloads
    headSha
    irrelevantReasons
    irrelevantComment
    languages {
      language
      languagePercentage
    }
    lastCodeChange
    new
    overrideRelevance
    overridePriority
    originalBusinessPriority
    publicVisibility
    pullCount
    pushCount
    relevant
    risk
    scanId
    scannedAt
    secInfrastructure {
      label
      clientCoverage
      oxCoverage
      noCoverage
      notApplicable
    }
    securityPosture
    size
    tagsCount
    type
    updated
    userCount
    version
    violationCount
    watchersCount
    yamlsCount
    scoreHistory {
      appId
      appName
      score
      date
      new
      updated
      scanId
    }
    applicationFlows {
      artifacts {
        type
        name
        hashType
        system
        subType
        hash
        size
        date
        location {
          runBy
          foundBy
          foundIn
          link
        }
        linkName
        k8sType
        cluster
        region
      }
      cloudDeployments {
        type
        subType
        name
        hash
        hashType
        link
        k8sType
        imageName
        date
        cluster
        region
      }
      cicdInfo {
        type
        system
        latestDate
        lastMonthJobCount
        location {
          runBy
          foundBy
          foundIn
          link
        }
      }
      orchestrators {
        type
        name
        hashType
        system
        hash
        size
        date
      }
      kubernetes {
        type
        name
        hashType
        system
        hash
        subType
        size
        date
      }
      repository {
        type
        system
        date
      }
    }
    isSbomPresent
    appOwners {
      name
      email
      roles
    }
    offset
    improvement
    fakeApp
    link
    branchLink
    issues
    categories {
      categoryName
      categoryId
      catId
      severities {
        info
        low
        medium
        high
        critical
        appox
      }
      score
      severityScore
      total
      isNa
      reason
    }
    toolsCoverage {
      toolName
      oxDelivered
      coverage
      type
      sources {
        match
        type
      }
    }
    pipeline {
      jobId
      jobTriggeredAt
      scanResult
      issuesCount
      jobTriggeredBy
      jobUrl
    }
    isPipelineConfigured
    organization
    repoRealName
    repoId
    pipelineScans
    issuesBySeverity {
      info
      low
      medium
      high
      critical
      appox
    }
    pkgManagers
    sbomCount
    isMonoRepoChild
    monoRepoParent
    monorepoChildrenCount
    monorepoChildrenAppIds
    tags {
      tagId
      name
      email
      displayName
      tagType
      createdBy
      purpose
      deploymentModel
    }
    dockerfiles {
      path
    }
    severityChangedReason {
      tagId
      changeNumber
      shouldBeSeverityFactor
      requiredHits
      reason
      shortName
      changeCategory
      changePlusReasonFacet
      extraInfo {
        key
        link
        snippet {
          detectionType
          fileName
          snippetLineNumber
          language
          text
        }
      }
    }
    apiInventoriesTotal
    credentialsId
    oxInPipeline
    oxInPipelineDescription
    primaryAppReason
    primaryApp
  }
}

Parameters

Param Name

Description

Type

getSingleApplicationInput

Input parameter for retrieving a single application.

SingleApplicationInput

Input variables

Field

Type

Description

applicationId

String!

Unique identifier for the application.

dateRange

DateRange

Time range for filtering results. Default: {"from":0,"to":4294967295}

limit

Int

Maximum number of records to return.

offset

Int = 0

Offset for pagination, default value is 0.

`dateRange` object variables

Field

Type

Description

Value

from

Float

Start timestamp for the date range filter.

0

to

Float

End timestamp for the date range filter.

4294967295

Response objects

Field

Type

Description

apiInventoriesTotal

Int

Total number of API inventories.

appId

String

Application ID.

appName

String

Full name of the application.

appOwners

[OwnerInfo]

applicationFlows

ApplicationFlow

branch

String

Default branch for development.

branchLink

String

URL linking to the repository branch.

branchesCount

Int

Total number of branches in the repository.

branchesToScan

[String]

List of branches selected for scanning.

businessPriority

Int

Business priority score assigned to the application.

categories

[AppCategories]

codeChanges

Int

Number of code changes detected.

commitCount

Int

Number of commits in the repository.

createdAt

String

Timestamp when the application was created.

creator

String

User or entity that created the application.

credentialsId

String

ID of the credentials associated with the application.

daysSinceLastCodeChange

Int

Days elapsed since the last code change.

daysSinceRepoCreation

Int

Days elapsed since the repository was created.

deployedProd

Boolean

Indicates if the application is deployed in production.

dockerfiles

[Dockerfile]

List of Dockerfiles associated with the application.

fakeApp

Boolean

Indicates if the application is a test or fake application.

filesCount

Int

Total number of files in the repository.

forksCount

Int

Number of times the repository has been forked.

hasDownloads

Boolean

Indicates if the repository contains downloadable artifacts.

headSha

String

SHA of the latest commit in the branch.

id

String

Unique identifier for the application.

improvement

Float

Score indicating improvement in security posture.

irrelevantComment

String

Comment explaining why the application is marked as irrelevant.

irrelevantReasons

[String]

List of reasons for marking the application as irrelevant.

isMonoRepoChild

Boolean

Indicates whether the application is part of a monorepo.

isPipelineConfigured

String

Indicates if a CI/CD pipeline is configured.

isSbomPresent

Boolean

Indicates if the Software Bill of Materials (SBOM) is available.

issues

Int

Total number of issues detected in the application.

issuesBySeverity

IssuesSeverity

Aggregation of issues by severity level.

languages

[Language]

lastCodeChange

String

Timestamp of the last code change.

link

String

URL linking to the application.

monoRepoParent

String

Identifier of the parent repository in a monorepo structure.

monorepoChildrenAppIds

[String]

List of child application IDs in a monorepo.

monorepoChildrenCount

Int

Number of child applications in the monorepo.

new

Boolean

Indicates if the application is newly added.

offset

Int

Offset for pagination when retrieving application data.

organization

String

Organization to which the application belongs.

originalBusinessPriority

Float

Initial business priority score before adjustments.

overridePriority

Int

Override value for the business priority.

overrideRelevance

String

Reason for overriding application relevance.

oxInPipeline

String

Status of security analysis integration in the CI/CD pipeline.

oxInPipelineDescription

String

Description of security scanning behavior in the pipeline.

pipeline

Pipeline

CI/CD pipeline information related to the application.

pipelineScans

Int

Number of scans performed in the pipeline.

pkgManagers

[String]

List of package managers used in the application.

primaryApp

Boolean

Indicates if the application is marked as primary.

primaryAppReason

String

Reason why the application is marked as primary.

publicVisibility

Boolean

Indicates if the application repository is public.

pullCount

Int

Number of pull requests associated with the application.

pushCount

Int

Number of push events recorded in the repository.

relevant

Boolean

Indicates if the application is relevant based on security criteria.

repoId

String

Unique identifier of the repository.

repoName

String

Name of the application's repository.

repoRealName

String

Actual name of the repository, including full path.

risk

Float

Risk score associated with the application.

sbomCount

Int

Number of SBOMs associated with the application.

scanId

String

Unique identifier of the security scan.

scannedAt

Float

Timestamp of the last security scan.

scoreHistory

[ScoreHistoryItem]

secInfrastructure

[ServerSecurityInfraItem]

Security infrastructure details.

securityPosture

Float

Security posture score of the application.

severityChangedReason

[ApplicationSeverityChangedReason]

size

Float

Size of the repository in megabytes.

tags

[AppTag]

List of tags assigned to the application.

tagsCount

Int

Number of tags associated with the application.

toolsCoverage

[AppToolCoverage]

type

String

Type of the application (e.g., microservice, monolith).

updated

Boolean

Indicates if the application details were recently updated.

userCount

Int

Number of users contributing to the application.

version

String

Version of the application.

violationCount

Int

Number of policy violations detected.

watchersCount

Int

Number of watchers subscribed to repository updates.

yamlsCount

Int

Number of YAML configuration files detected.

`appOwners` object variables

Object Variable

Type

Description

email

String

Email address of the application owner. Email of a user-assigned tag or app owner.

name

String

Name of the application owner.

roles

[String]

List of roles assigned to the application owner. Values: Dev, Business, Security, Watcher

`applicationFlows` object variables

Object Variable

Type

Description

artifacts

String

cicdInfo

[CicdInfo]

cloudDeployments

String

kubernetes

String

orchestrators

String

repository

String

artifacts object variables

Object Variable

Type

Description

cluster

String

Name of the Kubernetes cluster.

hash

String

Unique hash identifier for the item.

hashType

String

Type of hash algorithm used, e.g., SHA-256, MD5, SHA-1.

k8sType

String

Type of Kubernetes workload.

linkName

String

Name of the associated link.

location

[AppFlowItemLocation]

name

String

Name of the entity.

region

String

Cloud or physical region where the resource is deployed.

size

Int

The size of the images. The size of the repository for a specific branch.

subType

String

Cloud asset subtype.

system

String

System-related identifier or categorization.

type

String

General type of the resource.

Artifacts location object variables

Object Variable

Type

Description

foundBy

String

The location where it was found, e.g., ECR folder name.

foundIn

String

The location or context where the issue or item was found.

link

String

A URL or reference link associated with the finding.

runBy

String

The user or system that executed the process leading to the discovery.

cicdInfo object variables

Object Variable

Type

Description

lastMonthJobCount

String

The number of CI/CD jobs executed in the last month.

latestDate

String

The most recent date of the pipeline ran.

location

[AppFlowItemLocation]

system

String

The system associated with the CI/CD job.

type

String

The type of CI/CD job or system.

CI/CD information location object variables

Object Variable

Type

Description

foundBy

String

The entity or tool that identified the CI/CD location.

foundIn

String

The specific location within the CI/CD process where the item was found, for example, ECR folder name.

link

String

A reference link associated with the CI/CD location.

runBy

String

The user or system responsible for executing the CI/CD process.

cloudDeployments object variables

Object Variable

Type

Description

cluster

String

Name of the Kubernetes cluster.

date

String

Timestamp related to the event or deployment.

hash

String

Unique hash identifier for the item.

hashType

String

Type of hash algorithm used, for example, sha256, md5, sha-1.

imageName

String

Name of the container image used in the deployment.

k8sType

String

Type of Kubernetes workload.

link

String

Reference link associated with the Kubernetes entity.

location

[AppFlowItemLocation]

name

String

Name of the Kubernetes resource.

region

String

Cloud or physical region where the resource is deployed.

subType

String

Cloud asset subtype.

type

String

General type of the resource.

Cloud deployment application flow location object variables

Object Variable

Type

Description

foundBy

String

The entity or tool that identified the application flow location.

foundIn

String

The specific location within the application flow where the item was found, for example, ecr folder name.

link

String

A reference link associated with the application flow location.

runBy

String

The user or system responsible for running the application flow process.

kubernetes object variables

Object Variable

Type

Description

date

String

Timestamp related to the Kubernetes event or deployment.

hash

String

Unique hash identifier for the Kubernetes resource.

hashType

String

The types of hash, for example, sha256, md5, sha-1.

location

[AppFlowItemLocation]

name

String

Name of the Kubernetes resource.

size

String

Size of the resource, if applicable.

subType

String

Cloud asset subtype.

system

String

System-related identifier or categorization.

type

String

Cloud asset type.

Kubernetes application flow location object variables

Object Variable

Type

Description

foundBy

String

The entity or tool that identified the Kubernetes location.

foundIn

String

The specific location within the Kubernetes environment where the item was found, for example, ECR folder name.

link

String

A reference link associated with the Kubernetes location.

runBy

String

The user or system responsible for executing the Kubernetes process.

orchestrators object variales

Object Variable

Type

Description

date

String

The date associated with the record.

hash

String

Unique identifier hash of the item.

hashType

String

The types of hash, for example, sha256, md5, sha-1.

location

[AppFlowItemLocation]

name

String

The name of the item.

size

String

The size of the item.

system

String

The system where the item is located.

type

String

Cloud asset type.

Orchestrators application flow location object variables

Object Variable

Type

Description

foundBy

String

The entity or tool that identified the orchestrator.

foundIn

String

The location or context where it was found, for example, ECR folder name.

link

String

A URL or reference link associated with the orchestrator.

runBy

String

The user or system that executed the process involving the orchestrator.

repository object variables

Object Variable

Type

Description

date

String

The date associated with the record.

location

[AppFlowItemLocation]

system

String

The system where the item is located.

type

String

The type or classification of the item.

Repository application flow location object variables

Object Variable

Type

Description

foundBy

String

The entity or tool that identified the repository.

foundIn

String

The location or context where it was found, for example, ECR folder name.

link

String

A URL or reference link associated with the repository.

runBy

String

The user or system that executed the process involving the repository.

`categories` object variables

Object Variable

Type

Description

catId

Int

Unique identifier for the application category.

categoryName

String

Name of the category.

isNa

Boolean

Indicates if the category is not applicable.

reason

[String]

List of reasons associated with the category.

score

Float

The score for the application category.

severities

AppSeverities

Issue count for each category by severity breakdown.

total

Int

Total number of issues for this category.

`languages` object variables

Field

Type

Description

language

String

Programming language used.

languagePercentage

Float

Percentage of the language used for this repository.

`scoreHistory` object variables

Field

Type

Description

standard

String

The compliance framework or standard this control belongs to (e.g., ISO 27001, SOC 2, NIST 800-53).

standardLink

String

A URL linking to the official documentation or reference for the compliance standard.

control

String

The specific compliance control identifier within the standard (e.g., "AC-2" for NIST 800-53).

category

String

The category or domain under which the control falls (e.g., "Access Control", "Data Protection").

description

String

A brief explanation of the compliance control and its intent.

categoryLink

String

A URL linking to documentation about the category or domain of the compliance standard.

controlLink

String

A URL linking to detailed documentation about this specific compliance control.

`severityChangedReason` object variables

Object Variable

Type

Description

changeNumber

Float

The number impacting the severity calculation.

extraInfo

[ApplicationExtraInfo]

Evidence for the severity factor.

reason

String

The name of the severity factor.

tagId

String

Identifier for the associated tag.

extraInfo object variables

Object Variable

Type

Description

key

String

A unique identifier or key for the extra information. The name of the evidence, for example, file name.

link

String

A URL or reference link related to the extra information.

snippet

ExtraInfoSnippet

snippet object variable

Object Variable

Type

Description

fileName

String

Evidence file name.

language

String

Programming language of the detected file.

snippetLineNumber

Int

Evidence file line number.

text

String

The actual evidence.

`toolsCoverage` object variable

Object Variable

Type

Description

coverage

Boolean

Indicates the tool's coverage effectiveness.

oxDelivered

Boolean

Specifies if the tool is part of OX (not an external or third-party tool with credentials).

sources

[ToolCoverageSources]

Source of tool discovery.

toolName

String

Name of the tool providing security coverage.

type

String

Type of coverage provided (e.g., static analysis, dynamic analysis).

Input example

{
  "getSingleApplicationInput": {
  "applicationId": "33942389"
}
}

Response example

  {
  "data": {
    "getSingleApplicationInfo": {
      "id": null,
      "appId": "33942389",
      "repoName": "cloner-service",
      "appName": "app / cloner-service",
      "branch": "development",
      "branchesCount": 17,
      "branchesToScan": [],
      "businessPriority": 85,
      "codeChanges": 323,
      "commitCount": 896,
      "createdAt": "1645524768370",
      "creator": "Yury Imbro",
      "daysSinceLastCodeChange": 0,
      "daysSinceRepoCreation": 1077,
      "deployedProd": false,
      "filesCount": 161,
      "forksCount": 0,
      "hasDownloads": false,
      "headSha": "fc6beb67f4b8ef9d4450364ae32b1795ed7a5ba8",
      "irrelevantReasons": [],
      "irrelevantComment": null,
      "languages": [
        {
          "language": "GitLab CI/CD",
          "languagePercentage": 0.6
        },
        {
          "language": "Dockerfile",
          "languagePercentage": 1.2
        },
        {
          "language": "Markdown",
          "languagePercentage": 0.6
        },
        {
          "language": "TypeScript",
          "languagePercentage": 81.1
        },
        {
          "language": "JSON",
          "languagePercentage": 3.2
        },
        {
          "language": "Drone CI",
          "languagePercentage": 0.6
        },
        {
          "language": "USB Flashing Format",
          "languagePercentage": 0.6
        },
        {
          "language": "Windows App Manifest",
          "languagePercentage": 0.6
        },
        {
          "language": "Apache Server",
          "languagePercentage": 0.6
        },
        {
          "language": "Codecov",
          "languagePercentage": 0.6
        },
        {
          "language": "Filebeat",
          "languagePercentage": 0.6
        },
        {
          "language": "iOS Property List",
          "languagePercentage": 0.6
        },
        {
          "language": "Kubernetes",
          "languagePercentage": 1.2
        },
        {
          "language": "Browser Extension Manifest",
          "languagePercentage": 1.2
        },
        {
          "language": "NGINX",
          "languagePercentage": 0.6
        },
        {
          "language": "OpenAPI",
          "languagePercentage": 0.6
        },
        {
          "language": "OpenOCD",
          "languagePercentage": 0.6
        },
        {
          "language": "Redis",
          "languagePercentage": 0.6
        },
        {
          "language": "Device Tree Source Include",
          "languagePercentage": 0.6
        },
        {
          "language": "Device Tree Blob",
          "languagePercentage": 0.6
        },
        {
          "language": "Device Tree Source",
          "languagePercentage": 0.6
        },
        {
          "language": "Swagger",
          "languagePercentage": 0.6
        },
        {
          "language": "Terraform-Plan",
          "languagePercentage": 0.6
        }
      ],
      "lastCodeChange": "1738517415936",
      "new": false,
      "overrideRelevance": "default",
      "overridePriority": -1,
      "originalBusinessPriority": 85,
      "publicVisibility": false,
      "pullCount": 117,
      "pushCount": 206,
      "relevant": true,
      "risk": 0,
      "scanId": "b9827edc-d2a7-4a98-a650-24de3b180d91",
      "scannedAt": 1738594380611,
      "secInfrastructure": null,
      "securityPosture": 0,
      "size": 3076341,
      "tagsCount": 0,
      "type": "GitLab",
      "updated": true,
      "userCount": 25,
      "version": "GitLab",
      "violationCount": 0,
      "watchersCount": 0,
      "yamlsCount": 6,
      "scoreHistory": null,
      "applicationFlows": {
        "artifacts": [],
        "cloudDeployments": [],
        "cicdInfo": [
          {
            "type": "cicd",
            "system": "GitLab CI/CD",
            "latestDate": "N/A (GitLab CI/CD Not connected)",
            "lastMonthJobCount": "0",
            "location": [
              {
                "runBy": "",
                "foundBy": "File",
                "foundIn": "Deployment File - .gitlab-ci.yml",
                "link": "https://gitlab.com/oxsecurity/app/cloner-service/-/blob/development/.gitlab-ci.yml"
              }
            ]
          },
          {
            "type": "cicd",
            "system": "Drone CI",
            "latestDate": "N/A (Drone CI Not connected)",
            "lastMonthJobCount": "0",
            "location": [
              {
                "runBy": "",
                "foundBy": "File",
                "foundIn": "Deployment File - .drone.yaml",
                "link": "https://gitlab.com/oxsecurity/app/cloner-service/-/blob/development/tests/repo-info/mocks/.drone.yaml"
              }
            ]
          }
        ],
        "orchestrators": [],
        "kubernetes": [],
        "repository": [
          {
            "type": "repository",
            "system": "GitLab",
            "date": null
          }
        ]
      },
      "isSbomPresent": null,
      "appOwners": [
        {
          "name": "test2",
          "email": "[email protected]",
          "roles": [
            "Dev",
            "Business"
          ]
        }
      ],
      "offset": 0,
      "improvement": null,
      "fakeApp": false,
      "link": "https://gitlab.com/oxsecurity/app/cloner-service",
      "branchLink": null,
      "issues": 46,
      "categories": [
        {
          "categoryName": "Git Posture",
          "categoryId": null,
          "catId": 3,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 2,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 10,
          "severityScore": null,
          "total": 2,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Code Security",
          "categoryId": null,
          "catId": 4,
          "severities": {
            "info": 2,
            "low": 1,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 1,
          "severityScore": null,
          "total": 3,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Secret/PII Scan",
          "categoryId": null,
          "catId": 5,
          "severities": {
            "info": 2,
            "low": 2,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 2,
          "severityScore": null,
          "total": 4,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Open Source Security",
          "categoryId": null,
          "catId": 6,
          "severities": {
            "info": 1,
            "low": 6,
            "medium": 1,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 11,
          "severityScore": null,
          "total": 8,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "SBOM",
          "categoryId": null,
          "catId": 7,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 1,
            "high": 24,
            "critical": 0,
            "appox": 0
          },
          "score": 605,
          "severityScore": null,
          "total": 25,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Infrastructure as Code Scan",
          "categoryId": null,
          "catId": 8,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "CI/CD Posture",
          "categoryId": null,
          "catId": 25,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Security Tool Coverage",
          "categoryId": null,
          "catId": 10,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Container Security",
          "categoryId": null,
          "catId": 12,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Dynamic App Security",
          "categoryId": null,
          "catId": 31,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "API Security",
          "categoryId": null,
          "catId": 28,
          "severities": {
            "info": 4,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 4,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Artifact Integrity",
          "categoryId": null,
          "catId": 14,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Cloud Context",
          "categoryId": null,
          "catId": 15,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": true,
          "reason": [
            "There are no cloud providers connected to run policies in this category"
          ]
        }
      ],
      "toolsCoverage": [
        {
          "toolName": "OX Code Security",
          "oxDelivered": true,
          "coverage": true,
          "type": "sast",
          "sources": [
            {
              "match": "",
              "type": "Security Alert"
            },
            {
              "match": "",
              "type": "OX Enabled"
            }
          ]
        },
        {
          "toolName": "OX Open Source Security",
          "oxDelivered": true,
          "coverage": true,
          "type": "sca",
          "sources": [
            {
              "match": "",
              "type": "Security Alert"
            },
            {
              "match": "",
              "type": "OX Enabled"
            }
          ]
        },
        {
          "toolName": "OX Secret/PII Scan",
          "oxDelivered": true,
          "coverage": true,
          "type": "secrets",
          "sources": [
            {
              "match": "",
              "type": "Security Alert"
            },
            {
              "match": "",
              "type": "OX Enabled"
            }
          ]
        },
        {
          "toolName": "OX Container Security",
          "oxDelivered": true,
          "coverage": true,
          "type": "secrets",
          "sources": [
            {
              "match": "",
              "type": "OX Enabled"
            }
          ]
        },
        {
          "toolName": "OX Infrastructure as Code Scan",
          "oxDelivered": true,
          "coverage": true,
          "type": "iac",
          "sources": [
            {
              "match": "",
              "type": "OX Enabled"
            }
          ]
        },
        {
          "toolName": "OX Cloud Security",
          "oxDelivered": true,
          "coverage": true,
          "type": "cspm",
          "sources": [
            {
              "match": "",
              "type": "OX Enabled"
            }
          ]
        }
      ],
      "pipeline": null,
      "isPipelineConfigured": null,
      "organization": "oxsecurity",
      "repoRealName": "cloner-service",
      "repoId": "33942389",
      "pipelineScans": null,
      "issuesBySeverity": {
        "info": 9,
        "low": 9,
        "medium": 4,
        "high": 24,
        "critical": 0,
        "appox": 0
      },
      "pkgManagers": [
        "npm"
      ],
      "sbomCount": 788,
      "isMonoRepoChild": false,
      "monoRepoParent": "",
      "monorepoChildrenCount": 0,
      "monorepoChildrenAppIds": [],
      "tags": [
        {
          "tagId": "ox_tag_154",
          "name": "Private repo",
          "email": null,
          "displayName": "Private repo",
          "tagType": "ox",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        },
        {
          "tagId": "ox_tag_98",
          "name": "Terraform",
          "email": null,
          "displayName": "Terraform",
          "tagType": "ox",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        },
        {
          "tagId": "ox_tag_153",
          "name": "Dockerfile",
          "email": null,
          "displayName": "Dockerfile",
          "tagType": "ox",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        },
        {
          "tagId": "ox_tag_178",
          "name": "Mobile Application",
          "email": null,
          "displayName": "Mobile Application",
          "tagType": "ox",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        },
        {
          "tagId": "oxsecurity",
          "name": "oxsecurity",
          "email": null,
          "displayName": "oxsecurity",
          "tagType": "gitlabGroup",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        },
        {
          "tagId": "app",
          "name": "app",
          "email": null,
          "displayName": "app",
          "tagType": "gitlabGroup",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        },
        {
          "tagId": "ox_tag_1",
          "name": "PII",
          "email": null,
          "displayName": "PII",
          "tagType": "ox",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        }
      ],
      "dockerfiles": [
        {
          "path": "dockerfile"
        },
        {
          "path": "pipeline/dockerfile-aws-pipeline"
        }
      ],
      "severityChangedReason": [
        {
          "tagId": "ox_tag_98",
          "changeNumber": 0,
          "shouldBeSeverityFactor": false,
          "requiredHits": 0,
          "reason": "terraform",
          "shortName": "terraform",
          "changeCategory": "DevopsTool",
          "changePlusReasonFacet": "0|terraform",
          "extraInfo": []
        },
        {
          "tagId": "ox_tag_153",
          "changeNumber": 0,
          "shouldBeSeverityFactor": false,
          "requiredHits": 0,
          "reason": "dockerfile",
          "shortName": "dockerfile",
          "changeCategory": "DevopsTool",
          "changePlusReasonFacet": "0|dockerfile",
          "extraInfo": []
        },
        {
          "tagId": "ox_tag_178",
          "changeNumber": 0.1,
          "shouldBeSeverityFactor": false,
          "requiredHits": 0,
          "reason": "Mobile Application",
          "shortName": "Mobile Application",
          "changeCategory": "DeploymentType",
          "changePlusReasonFacet": "0.1|Mobile Application",
          "extraInfo": []
        }
      ],
      "apiInventoriesTotal": 0,
      "credentialsId": "88603401-b554-4377-a482-ea5a42bd4001-IdentityProvider",
      "oxInPipeline": "Disabled",
      "oxInPipelineDescription": "OX is not configured to scan code changes in your pipeline",
      "primaryAppReason": null,
      "primaryApp": null
    }
  }
}

getSingleApplicationInfo

The getSingleApplicationInfo API retrieves detailed information for a single application.

Type

Query

Query Example

query GetSingleApplicationInfo($getSingleApplicationInput: SingleApplicationInput) {
  getSingleApplicationInfo(getSingleApplicationInput: $getSingleApplicationInput) {
    id
    appId
    repoName
    appName
    branch
    branchesCount
    branchesToScan
    businessPriority
    codeChanges
    commitCount
    createdAt
    creator
    daysSinceLastCodeChange
    daysSinceRepoCreation
    deployedProd
    filesCount
    forksCount
    hasDownloads
    headSha
    irrelevantReasons
    irrelevantComment
    languages {
      language
      languagePercentage
    }
    lastCodeChange
    new
    overrideRelevance
    overridePriority
    originalBusinessPriority
    publicVisibility
    pullCount
    pushCount
    relevant
    risk
    scanId
    scannedAt
    secInfrastructure {
      label
      clientCoverage
      oxCoverage
      noCoverage
      notApplicable
    }
    securityPosture
    size
    tagsCount
    type
    updated
    userCount
    version
    violationCount
    watchersCount
    yamlsCount
    scoreHistory {
      appId
      appName
      score
      date
      new
      updated
      scanId
    }
    applicationFlows {
      artifacts {
        type
        name
        hashType
        system
        subType
        hash
        size
        date
        location {
          runBy
          foundBy
          foundIn
          link
        }
        linkName
        k8sType
        cluster
        region
      }
      cloudDeployments {
        type
        subType
        name
        hash
        hashType
        link
        k8sType
        imageName
        date
        cluster
        region
      }
      cicdInfo {
        type
        system
        latestDate
        lastMonthJobCount
        location {
          runBy
          foundBy
          foundIn
          link
        }
      }
      orchestrators {
        type
        name
        hashType
        system
        hash
        size
        date
      }
      kubernetes {
        type
        name
        hashType
        system
        hash
        subType
        size
        date
      }
      repository {
        type
        system
        date
      }
    }
    isSbomPresent
    appOwners {
      name
      email
      roles
    }
    offset
    improvement
    fakeApp
    link
    branchLink
    issues
    categories {
      categoryName
      categoryId
      catId
      severities {
        info
        low
        medium
        high
        critical
        appox
      }
      score
      severityScore
      total
      isNa
      reason
    }
    toolsCoverage {
      toolName
      oxDelivered
      coverage
      type
      sources {
        match
        type
      }
    }
    pipeline {
      jobId
      jobTriggeredAt
      scanResult
      issuesCount
      jobTriggeredBy
      jobUrl
    }
    isPipelineConfigured
    organization
    repoRealName
    repoId
    pipelineScans
    issuesBySeverity {
      info
      low
      medium
      high
      critical
      appox
    }
    pkgManagers
    sbomCount
    isMonoRepoChild
    monoRepoParent
    monorepoChildrenCount
    monorepoChildrenAppIds
    tags {
      tagId
      name
      email
      displayName
      tagType
      createdBy
      purpose
      deploymentModel
    }
    dockerfiles {
      path
    }
    severityChangedReason {
      tagId
      changeNumber
      shouldBeSeverityFactor
      requiredHits
      reason
      shortName
      changeCategory
      changePlusReasonFacet
      extraInfo {
        key
        link
        snippet {
          detectionType
          fileName
          snippetLineNumber
          language
          text
        }
      }
    }
    apiInventoriesTotal
    credentialsId
    oxInPipeline
    oxInPipelineDescription
    primaryAppReason
    primaryApp
  }
}

Parameters

Param Name

Description

Type

getSingleApplicationInput

Input parameter for retrieving a single application.

SingleApplicationInput

Input variables

Field

Type

Description

applicationId

String!

Unique identifier for the application.

dateRange

DateRange

Time range for filtering results. Default: {"from":0,"to":4294967295}

limit

Int

Maximum number of records to return.

offset

Int = 0

Offset for pagination, default value is 0.

`dateRange` object variables

Field

Type

Description

Value

from

Float

Start timestamp for the date range filter.

0

to

Float

End timestamp for the date range filter.

4294967295

Response objects

Field

Type

Description

apiInventoriesTotal

Int

Total number of API inventories.

appId

String

Application ID.

appName

String

Full name of the application.

appOwners

[OwnerInfo]

Information about the application's owners.

applicationFlows

ApplicationFlow

Application flow information, including dependencies.

branch

String

Default branch for development.

branchLink

String

URL linking to the repository branch.

branchesCount

Int

Total number of branches in the repository.

branchesToScan

[String]

List of branches selected for scanning.

businessPriority

Int

Business priority score assigned to the application.

categories

[AppCategories]

Categories associated with the application.

codeChanges

Int

Number of code changes detected.

commitCount

Int

Number of commits in the repository.

createdAt

String

Timestamp when the application was created.

creator

String

User or entity that created the application.

credentialsId

String

ID of the credentials associated with the application.

daysSinceLastCodeChange

Int

Days elapsed since the last code change.

daysSinceRepoCreation

Int

Days elapsed since the repository was created.

deployedProd

Boolean

Indicates if the application is deployed in production.

dockerfiles

[Dockerfile]

List of Dockerfiles associated with the application.

fakeApp

Boolean

Indicates if the application is a test or fake application.

filesCount

Int

Total number of files in the repository.

forksCount

Int

Number of times the repository has been forked.

hasDownloads

Boolean

Indicates if the repository contains downloadable artifacts.

headSha

String

SHA of the latest commit in the branch.

id

String

Unique identifier for the application.

improvement

Float

Score indicating improvement in security posture.

irrelevantComment

String

Comment explaining why the application is marked as irrelevant.

irrelevantReasons

[String]

List of reasons for marking the application as irrelevant.

isMonoRepoChild

Boolean

Indicates whether the application is part of a monorepo.

isPipelineConfigured

String

Indicates if a CI/CD pipeline is configured.

isSbomPresent

Boolean

Indicates if the Software Bill of Materials (SBOM) is available.

issues

Int

Total number of issues detected in the application.

issuesBySeverity

IssuesSeverity

Aggregation of issues by severity level.

languages

[Language]

Programming languages used in the application.

lastCodeChange

String

Timestamp of the last code change.

link

String

URL linking to the application.

monoRepoParent

String

Identifier of the parent repository in a monorepo structure.

monorepoChildrenAppIds

[String]

List of child application IDs in a monorepo.

monorepoChildrenCount

Int

Number of child applications in the monorepo.

new

Boolean

Indicates if the application is newly added.

offset

Int

Offset for pagination when retrieving application data.

organization

String

Organization to which the application belongs.

originalBusinessPriority

Float

Initial business priority score before adjustments.

overridePriority

Int

Override value for the business priority.

overrideRelevance

String

Reason for overriding application relevance.

oxInPipeline

String

Status of security analysis integration in the CI/CD pipeline.

oxInPipelineDescription

String

Description of security scanning behavior in the pipeline.

pipeline

Pipeline

CI/CD pipeline information related to the application.

pipelineScans

Int

Number of scans performed in the pipeline.

pkgManagers

[String]

List of package managers used in the application.

primaryApp

Boolean

Indicates if the application is marked as primary.

primaryAppReason

String

Reason why the application is marked as primary.

publicVisibility

Boolean

Indicates if the application repository is public.

pullCount

Int

Number of pull requests associated with the application.

pushCount

Int

Number of push events recorded in the repository.

relevant

Boolean

Indicates if the application is relevant based on security criteria.

repoId

String

Unique identifier of the repository.

repoName

String

Name of the application's repository.

repoRealName

String

Actual name of the repository, including full path.

risk

Float

Risk score associated with the application.

sbomCount

Int

Number of SBOMs associated with the application.

scanId

String

Unique identifier of the security scan.

scannedAt

Float

Timestamp of the last security scan.

scoreHistory

[ScoreHistoryItem]

History of security scores for the application.

secInfrastructure

[ServerSecurityInfraItem]

Security infrastructure details.

securityPosture

Float

Security posture score of the application.

severityChangedReason

[ApplicationSeverityChangedReason]

Reasons for changes in severity of security issues.

size

Float

Size of the repository in megabytes.

tags

[AppTag]

List of tags assigned to the application.

tagsCount

Int

Number of tags associated with the application.

toolsCoverage

[AppToolCoverage]

List of security tools used to analyze the application.

type

String

Type of the application (e.g., microservice, monolith).

updated

Boolean

Indicates if the application details were recently updated.

userCount

Int

Number of users contributing to the application.

version

String

Version of the application.

violationCount

Int

Number of policy violations detected.

watchersCount

Int

Number of watchers subscribed to repository updates.

yamlsCount

Int

Number of YAML configuration files detected.

`appOwners` object variables

Object Variable

Type

Description

email

String

Email address of the application owner. Email of a user-assigned tag or app owner.

name

String

Name of the application owner.

roles

[String]

List of roles assigned to the application owner. Values: Dev, Business, Security, Watcher

`applicationFlows` object variables

Object Variable

Type

Description

artifacts

String

List of artifact items associated with the application.

cicdInfo

[CicdInfo]

Application flow from code to cloud for CI/CD.

cloudDeployments

String

List of cloud deployment items.

kubernetes

String

Kubernetes-related deployment.

orchestrators

String

Application flow from code to cloud for the orchestrator..

repository

String

Application flow from code to cloud for the repository.

artifacts object variables

Object Variable

Type

Description

cluster

String

Name of the Kubernetes cluster.

hash

String

Unique hash identifier for the item.

hashType

String

Type of hash algorithm used, e.g., SHA-256, MD5, SHA-1.

k8sType

String

Type of Kubernetes workload.

linkName

String

Name of the associated link.

location

[AppFlowItemLocation]

Location details of the application flow item.

name

String

Name of the entity.

region

String

Cloud or physical region where the resource is deployed.

size

Int

The size of the images. The size of the repository for a specific branch.

subType

String

Cloud asset subtype.

system

String

System-related identifier or categorization.

type

String

General type of the resource.

Artifacts location object variables

Object Variable

Type

Description

foundBy

String

The location where it was found, e.g., ECR folder name.

foundIn

String

The location or context where the issue or item was found.

link

String

A URL or reference link associated with the finding.

runBy

String

The user or system that executed the process leading to the discovery.

cicdInfo object variables

Object Variable

Type

Description

lastMonthJobCount

String

The number of CI/CD jobs executed in the last month.

latestDate

String

The most recent date of the pipeline ran.

location

[AppFlowItemLocation]

Location where the image was found.

system

String

The system associated with the CI/CD job.

type

String

The type of CI/CD job or system.

CI/CD information location object variables

Object Variable

Type

Description

foundBy

String

The entity or tool that identified the CI/CD location.

foundIn

String

The specific location within the CI/CD process where the item was found, for example, ECR folder name.

link

String

A reference link associated with the CI/CD location.

runBy

String

The user or system responsible for executing the CI/CD process.

cloudDeployments object variables

Object Variable

Type

Description

cluster

String

Name of the Kubernetes cluster.

date

String

Timestamp related to the event or deployment.

hash

String

Unique hash identifier for the item.

hashType

String

Type of hash algorithm used, for example, sha256, md5, sha-1.

imageName

String

Name of the container image used in the deployment.

k8sType

String

Type of Kubernetes workload.

link

String

Reference link associated with the Kubernetes entity.

location

[AppFlowItemLocation]

Location details of the application flow item.

name

String

Name of the Kubernetes resource.

region

String

Cloud or physical region where the resource is deployed.

subType

String

Cloud asset subtype.

type

String

General type of the resource.

Cloud deployment application flow location object variables

Object Variable

Type

Description

foundBy

String

The entity or tool that identified the application flow location.

foundIn

String

The specific location within the application flow where the item was found, for example, ecr folder name.

link

String

A reference link associated with the application flow location.

runBy

String

The user or system responsible for running the application flow process.

kubernetes object variables

Object Variable

Type

Description

date

String

Timestamp related to the Kubernetes event or deployment.

hash

String

Unique hash identifier for the Kubernetes resource.

hashType

String

The types of hash, for example, sha256, md5, sha-1.

location

[AppFlowItemLocation]

Location details of the Kubernetes item within the application flow.

name

String

Name of the Kubernetes resource.

size

String

Size of the resource, if applicable.

subType

String

Cloud asset subtype.

system

String

System-related identifier or categorization.

type

String

Cloud asset type.

Kubernetes application flow location object variables

Object Variable

Type

Description

foundBy

String

The entity or tool that identified the Kubernetes location.

foundIn

String

The specific location within the Kubernetes environment where the item was found, for example, ECR folder name.

link

String

A reference link associated with the Kubernetes location.

runBy

String

The user or system responsible for executing the Kubernetes process.

orchestrators object variales

Object Variable

Type

Description

date

String

The date associated with the record.

hash

String

Unique identifier hash of the item.

hashType

String

The types of hash, for example, sha256, md5, sha-1.

location

[AppFlowItemLocation]

The location details related to the item.

name

String

The name of the item.

size

String

The size of the item.

system

String

The system where the item is located.

type

String

Cloud asset type.

Orchestrators application flow location object variables

Object Variable

Type

Description

foundBy

String

The entity or tool that identified the orchestrator.

foundIn

String

The location or context where it was found, for example, ECR folder name.

link

String

A URL or reference link associated with the orchestrator.

runBy

String

The user or system that executed the process involving the orchestrator.

repository object variables

Object Variable

Type

Description

date

String

The date associated with the record.

location

[AppFlowItemLocation]

The location details related to the item.

system

String

The system where the item is located.

type

String

The type or classification of the item.

Repository application flow location object variables

Object Variable

Type

Description

foundBy

String

The entity or tool that identified the repository.

foundIn

String

The location or context where it was found, for example, ECR folder name.

link

String

A URL or reference link associated with the repository.

runBy

String

The user or system that executed the process involving the repository.

`categories` object variables

Object Variable

Type

Description

catId

Int

Unique identifier for the application category.

categoryName

String

Name of the category.

isNa

Boolean

Indicates if the category is not applicable.

reason

[String]

List of reasons associated with the category.

score

Float

The score for the application category.

severities

AppSeverities

Issue count for each category by severity breakdown.

total

Int

Total number of issues for this category.

`languages` object variables

Field

Type

Description

language

String

Programming language used.

languagePercentage

Float

Percentage of the language used for this repository.

`scoreHistory` object variables

Field

Type

Description

standard

String

The compliance framework or standard this control belongs to (e.g., ISO 27001, SOC 2, NIST 800-53).

standardLink

String

A URL linking to the official documentation or reference for the compliance standard.

control

String

The specific compliance control identifier within the standard (e.g., "AC-2" for NIST 800-53).

category

String

The category or domain under which the control falls (e.g., "Access Control", "Data Protection").

description

String

A brief explanation of the compliance control and its intent.

categoryLink

String

A URL linking to documentation about the category or domain of the compliance standard.

controlLink

String

A URL linking to detailed documentation about this specific compliance control.

`severityChangedReason` object variables

Object Variable

Type

Description

changeNumber

Float

The number impacting the severity calculation.

extraInfo

[ApplicationExtraInfo]

Evidence for the severity factor.

reason

String

The name of the severity factor.

tagId

String

Identifier for the associated tag.

extraInfo object variables

Object Variable

Type

Description

key

String

A unique identifier or key for the extra information. The name of the evidence, for example, file name.

link

String

A URL or reference link related to the extra information.

snippet

ExtraInfoSnippet

A snippet of information when hovering over the evidence.

snippet object variable

Object Variable

Type

Description

fileName

String

Evidence file name.

language

String

Programming language of the detected file.

snippetLineNumber

Int

Evidence file line number.

text

String

The actual evidence.

`toolsCoverage` object variable

Object Variable

Type

Description

coverage

Boolean

Indicates the tool's coverage effectiveness.

oxDelivered

Boolean

Specifies if the tool is part of OX (not an external or third-party tool with credentials).

sources

[ToolCoverageSources]

Source of tool discovery.

toolName

String

Name of the tool providing security coverage.

type

String

Type of coverage provided (e.g., static analysis, dynamic analysis).

Input example

{
  "getSingleApplicationInput": {
  "applicationId": "33942389"
}
}

Response example

  {
  "data": {
    "getSingleApplicationInfo": {
      "id": null,
      "appId": "33942389",
      "repoName": "cloner-service",
      "appName": "app / cloner-service",
      "branch": "development",
      "branchesCount": 17,
      "branchesToScan": [],
      "businessPriority": 85,
      "codeChanges": 323,
      "commitCount": 896,
      "createdAt": "1645524768370",
      "creator": "Yury Imbro",
      "daysSinceLastCodeChange": 0,
      "daysSinceRepoCreation": 1077,
      "deployedProd": false,
      "filesCount": 161,
      "forksCount": 0,
      "hasDownloads": false,
      "headSha": "fc6beb67f4b8ef9d4450364ae32b1795ed7a5ba8",
      "irrelevantReasons": [],
      "irrelevantComment": null,
      "languages": [
        {
          "language": "GitLab CI/CD",
          "languagePercentage": 0.6
        },
        {
          "language": "Dockerfile",
          "languagePercentage": 1.2
        },
        {
          "language": "Markdown",
          "languagePercentage": 0.6
        },
        {
          "language": "TypeScript",
          "languagePercentage": 81.1
        },
        {
          "language": "JSON",
          "languagePercentage": 3.2
        },
        {
          "language": "Drone CI",
          "languagePercentage": 0.6
        },
        {
          "language": "USB Flashing Format",
          "languagePercentage": 0.6
        },
        {
          "language": "Windows App Manifest",
          "languagePercentage": 0.6
        },
        {
          "language": "Apache Server",
          "languagePercentage": 0.6
        },
        {
          "language": "Codecov",
          "languagePercentage": 0.6
        },
        {
          "language": "Filebeat",
          "languagePercentage": 0.6
        },
        {
          "language": "iOS Property List",
          "languagePercentage": 0.6
        },
        {
          "language": "Kubernetes",
          "languagePercentage": 1.2
        },
        {
          "language": "Browser Extension Manifest",
          "languagePercentage": 1.2
        },
        {
          "language": "NGINX",
          "languagePercentage": 0.6
        },
        {
          "language": "OpenAPI",
          "languagePercentage": 0.6
        },
        {
          "language": "OpenOCD",
          "languagePercentage": 0.6
        },
        {
          "language": "Redis",
          "languagePercentage": 0.6
        },
        {
          "language": "Device Tree Source Include",
          "languagePercentage": 0.6
        },
        {
          "language": "Device Tree Blob",
          "languagePercentage": 0.6
        },
        {
          "language": "Device Tree Source",
          "languagePercentage": 0.6
        },
        {
          "language": "Swagger",
          "languagePercentage": 0.6
        },
        {
          "language": "Terraform-Plan",
          "languagePercentage": 0.6
        }
      ],
      "lastCodeChange": "1738517415936",
      "new": false,
      "overrideRelevance": "default",
      "overridePriority": -1,
      "originalBusinessPriority": 85,
      "publicVisibility": false,
      "pullCount": 117,
      "pushCount": 206,
      "relevant": true,
      "risk": 0,
      "scanId": "b9827edc-d2a7-4a98-a650-24de3b180d91",
      "scannedAt": 1738594380611,
      "secInfrastructure": null,
      "securityPosture": 0,
      "size": 3076341,
      "tagsCount": 0,
      "type": "GitLab",
      "updated": true,
      "userCount": 25,
      "version": "GitLab",
      "violationCount": 0,
      "watchersCount": 0,
      "yamlsCount": 6,
      "scoreHistory": null,
      "applicationFlows": {
        "artifacts": [],
        "cloudDeployments": [],
        "cicdInfo": [
          {
            "type": "cicd",
            "system": "GitLab CI/CD",
            "latestDate": "N/A (GitLab CI/CD Not connected)",
            "lastMonthJobCount": "0",
            "location": [
              {
                "runBy": "",
                "foundBy": "File",
                "foundIn": "Deployment File - .gitlab-ci.yml",
                "link": "https://gitlab.com/oxsecurity/app/cloner-service/-/blob/development/.gitlab-ci.yml"
              }
            ]
          },
          {
            "type": "cicd",
            "system": "Drone CI",
            "latestDate": "N/A (Drone CI Not connected)",
            "lastMonthJobCount": "0",
            "location": [
              {
                "runBy": "",
                "foundBy": "File",
                "foundIn": "Deployment File - .drone.yaml",
                "link": "https://gitlab.com/oxsecurity/app/cloner-service/-/blob/development/tests/repo-info/mocks/.drone.yaml"
              }
            ]
          }
        ],
        "orchestrators": [],
        "kubernetes": [],
        "repository": [
          {
            "type": "repository",
            "system": "GitLab",
            "date": null
          }
        ]
      },
      "isSbomPresent": null,
      "appOwners": [
        {
          "name": "test2",
          "email": "[email protected]",
          "roles": [
            "Dev",
            "Business"
          ]
        }
      ],
      "offset": 0,
      "improvement": null,
      "fakeApp": false,
      "link": "https://gitlab.com/oxsecurity/app/cloner-service",
      "branchLink": null,
      "issues": 46,
      "categories": [
        {
          "categoryName": "Git Posture",
          "categoryId": null,
          "catId": 3,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 2,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 10,
          "severityScore": null,
          "total": 2,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Code Security",
          "categoryId": null,
          "catId": 4,
          "severities": {
            "info": 2,
            "low": 1,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 1,
          "severityScore": null,
          "total": 3,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Secret/PII Scan",
          "categoryId": null,
          "catId": 5,
          "severities": {
            "info": 2,
            "low": 2,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 2,
          "severityScore": null,
          "total": 4,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Open Source Security",
          "categoryId": null,
          "catId": 6,
          "severities": {
            "info": 1,
            "low": 6,
            "medium": 1,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 11,
          "severityScore": null,
          "total": 8,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "SBOM",
          "categoryId": null,
          "catId": 7,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 1,
            "high": 24,
            "critical": 0,
            "appox": 0
          },
          "score": 605,
          "severityScore": null,
          "total": 25,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Infrastructure as Code Scan",
          "categoryId": null,
          "catId": 8,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "CI/CD Posture",
          "categoryId": null,
          "catId": 25,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Security Tool Coverage",
          "categoryId": null,
          "catId": 10,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Container Security",
          "categoryId": null,
          "catId": 12,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Dynamic App Security",
          "categoryId": null,
          "catId": 31,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "API Security",
          "categoryId": null,
          "catId": 28,
          "severities": {
            "info": 4,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 4,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Artifact Integrity",
          "categoryId": null,
          "catId": 14,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": false,
          "reason": []
        },
        {
          "categoryName": "Cloud Context",
          "categoryId": null,
          "catId": 15,
          "severities": {
            "info": 0,
            "low": 0,
            "medium": 0,
            "high": 0,
            "critical": 0,
            "appox": 0
          },
          "score": 0,
          "severityScore": null,
          "total": 0,
          "isNa": true,
          "reason": [
            "There are no cloud providers connected to run policies in this category"
          ]
        }
      ],
      "toolsCoverage": [
        {
          "toolName": "OX Code Security",
          "oxDelivered": true,
          "coverage": true,
          "type": "sast",
          "sources": [
            {
              "match": "",
              "type": "Security Alert"
            },
            {
              "match": "",
              "type": "OX Enabled"
            }
          ]
        },
        {
          "toolName": "OX Open Source Security",
          "oxDelivered": true,
          "coverage": true,
          "type": "sca",
          "sources": [
            {
              "match": "",
              "type": "Security Alert"
            },
            {
              "match": "",
              "type": "OX Enabled"
            }
          ]
        },
        {
          "toolName": "OX Secret/PII Scan",
          "oxDelivered": true,
          "coverage": true,
          "type": "secrets",
          "sources": [
            {
              "match": "",
              "type": "Security Alert"
            },
            {
              "match": "",
              "type": "OX Enabled"
            }
          ]
        },
        {
          "toolName": "OX Container Security",
          "oxDelivered": true,
          "coverage": true,
          "type": "secrets",
          "sources": [
            {
              "match": "",
              "type": "OX Enabled"
            }
          ]
        },
        {
          "toolName": "OX Infrastructure as Code Scan",
          "oxDelivered": true,
          "coverage": true,
          "type": "iac",
          "sources": [
            {
              "match": "",
              "type": "OX Enabled"
            }
          ]
        },
        {
          "toolName": "OX Cloud Security",
          "oxDelivered": true,
          "coverage": true,
          "type": "cspm",
          "sources": [
            {
              "match": "",
              "type": "OX Enabled"
            }
          ]
        }
      ],
      "pipeline": null,
      "isPipelineConfigured": null,
      "organization": "oxsecurity",
      "repoRealName": "cloner-service",
      "repoId": "33942389",
      "pipelineScans": null,
      "issuesBySeverity": {
        "info": 9,
        "low": 9,
        "medium": 4,
        "high": 24,
        "critical": 0,
        "appox": 0
      },
      "pkgManagers": [
        "npm"
      ],
      "sbomCount": 788,
      "isMonoRepoChild": false,
      "monoRepoParent": "",
      "monorepoChildrenCount": 0,
      "monorepoChildrenAppIds": [],
      "tags": [
        {
          "tagId": "ox_tag_154",
          "name": "Private repo",
          "email": null,
          "displayName": "Private repo",
          "tagType": "ox",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        },
        {
          "tagId": "ox_tag_98",
          "name": "Terraform",
          "email": null,
          "displayName": "Terraform",
          "tagType": "ox",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        },
        {
          "tagId": "ox_tag_153",
          "name": "Dockerfile",
          "email": null,
          "displayName": "Dockerfile",
          "tagType": "ox",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        },
        {
          "tagId": "ox_tag_178",
          "name": "Mobile Application",
          "email": null,
          "displayName": "Mobile Application",
          "tagType": "ox",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        },
        {
          "tagId": "oxsecurity",
          "name": "oxsecurity",
          "email": null,
          "displayName": "oxsecurity",
          "tagType": "gitlabGroup",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        },
        {
          "tagId": "app",
          "name": "app",
          "email": null,
          "displayName": "app",
          "tagType": "gitlabGroup",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        },
        {
          "tagId": "ox_tag_1",
          "name": "PII",
          "email": null,
          "displayName": "PII",
          "tagType": "ox",
          "createdBy": "[email protected]",
          "purpose": null,
          "deploymentModel": null
        }
      ],
      "dockerfiles": [
        {
          "path": "dockerfile"
        },
        {
          "path": "pipeline/dockerfile-aws-pipeline"
        }
      ],
      "severityChangedReason": [
        {
          "tagId": "ox_tag_98",
          "changeNumber": 0,
          "shouldBeSeverityFactor": false,
          "requiredHits": 0,
          "reason": "terraform",
          "shortName": "terraform",
          "changeCategory": "DevopsTool",
          "changePlusReasonFacet": "0|terraform",
          "extraInfo": []
        },
        {
          "tagId": "ox_tag_153",
          "changeNumber": 0,
          "shouldBeSeverityFactor": false,
          "requiredHits": 0,
          "reason": "dockerfile",
          "shortName": "dockerfile",
          "changeCategory": "DevopsTool",
          "changePlusReasonFacet": "0|dockerfile",
          "extraInfo": []
        },
        {
          "tagId": "ox_tag_178",
          "changeNumber": 0.1,
          "shouldBeSeverityFactor": false,
          "requiredHits": 0,
          "reason": "Mobile Application",
          "shortName": "Mobile Application",
          "changeCategory": "DeploymentType",
          "changePlusReasonFacet": "0.1|Mobile Application",
          "extraInfo": []
        }
      ],
      "apiInventoriesTotal": 0,
      "credentialsId": "88603401-b554-4377-a482-ea5a42bd4001-IdentityProvider",
      "oxInPipeline": "Disabled",
      "oxInPipelineDescription": "OX is not configured to scan code changes in your pipeline",
      "primaryAppReason": null,
      "primaryApp": null
    }
  }
}

Type

Query Example

Parameters

Input variables

dateRange object variables

Response objects

appOwners object variables

applicationFlows object variables

categories object variables

languages object variables

scoreHistory object variables

severityChangedReason object variables

toolsCoverage object variable

Input example

Response example

Type

Query Example

Parameters

Input variables

dateRange object variables

Response objects

appOwners object variables

applicationFlows object variables

categories object variables

languages object variables

scoreHistory object variables

severityChangedReason object variables

toolsCoverage object variable

Input example

Response example

`dateRange` object variables

`appOwners` object variables

`applicationFlows` object variables

`categories` object variables

`languages` object variables

`scoreHistory` object variables

`severityChangedReason` object variables

`toolsCoverage` object variable

`dateRange` object variables

`appOwners` object variables

`applicationFlows` object variables

`categories` object variables

`languages` object variables

`scoreHistory` object variables

`severityChangedReason` object variables

`toolsCoverage` object variable