# Get Root Libraries Security Finding Get root libraries security findings for a given scan Endpoint: GET /api/v3.0/orgs/{orgUuid}/projects/{projectUuid}/scans/{scanUuid}/dependencies/findings/security/groupBy/rootLibrary Version: 3.0 Security: bearer-key ## Query parameters: - `limit` (string) Specifies the maximum number of items to be returned in the response. - `cursor` (String) Parameter indicates the starting point for retrieving results, the first call doesn't include a cursor parameter in the request, the API response includes the first set of results along with a cursor pointing to the last item retrieved. ## Path parameters: - `orgUuid` (string, required) org UUID (from the Mend App: Administration General > Organization UUID). - `projectUuid` (string, required) UUID of the project - `scanUuid` (string, required) Scan UUID ## Response 200 fields (application/json): - `additionalData` (object) + totalItems: The total count of data points returned in an API response. Example: {"totalItems":"422","next":"http://someUrl?cursor=3","cursor":3} - `supportToken` (string) Example: "1171c60d" - `response` (array) - `response.rootLibraryName` (string) Example: "com.google.guava:guava" - `response.rootLibraryUuid` (string) Example: "123e4567-e89b-12d3-a456-426655440000" - `response.project` (object) Project information - `response.project.uuid` (string) Example: "123e4567-e89b-12d3-a456-426655440000" - `response.project.name` (string) Example: "My Project" - `response.project.path` (string) Example: "My Application" - `response.project.applicationName` (string) Example: "My Application" - `response.project.applicationUuid` (string) Example: "123e4567-e89b-12d3-a456-426655440000" - `response.criticalNum` (integer) Example: 2 - `response.highNum` (integer) Example: 1 - `response.mediumNum` (integer) Example: 1 - `response.lowNum` (integer) Example: 1 - `response.total` (integer) Example: 5 - `response.violations` (integer) - `response.workflowUuids` (array) - `response.violatingFindings` (integer) - `response.language` (string) Example: "Java" - `response.lastScan` (string) - `response.introducedDate` (string) - `response.lastModifiedDate` (string) - `response.recommendedFix` (string) Example: "1.0.1" - `response.fixForMajorVersion` (string) - `response.rootLibraryVersion` (string) Example: "1.0.0" - `response.suggestedFixFailed` (boolean) - `response.groupId` (string) Example: "com.google.guava" - `response.artifactId` (string) Example: "guava" - `response.dependencyFile` (string) - `response.localPath` (string) - `response.fromResourceUsages` (boolean) - `response.severity` (string) Example: "CRITICAL" - `response.rootStatus` (string) Example: "OPEN" - `response.rootComment` (string) Example: "This is a comment" - `response.rootNodeId` (integer) Example: 1 - `response.rootInstancesCount` (integer) Example: 2 - `response.reachability` (string) Enum: "REACHABLE", "POTENTIALLY_REACHABLE", "UNREACHABLE", "REACHABILITY_UNAVAILABLE" - `response.maliciousPackage` (boolean) - `response.exploitable` (boolean) Example: true - `response.exploitCodeMaturity` (array) Enum: "UNPROVEN", "POC_CODE", "FUNCTIONAL", "HIGH", "NOT_DEFINED" - `response.numOfReachable` (integer) Example: 1 - `response.numOfPotentiallyReachable` (integer) Example: 1 - `response.numOfUnreachable` (integer) Example: 1 - `response.numOfMalicious` (integer) Example: 1 - `response.malicious` (boolean) Example: true - `response.linkedIssue` (object) - `response.linkedIssue.issueId` (string) - `response.linkedIssue.origin` (string) - `response.linkedIssue.issueKey` (string) - `response.linkedIssue.account` (object) - `response.linkedIssue.domain` (object) - `response.linkedIssue.application` (object) - `response.linkedIssue.project` (object) - `response.linkedIssue.status` (string) Enum: "PENDING", "IN_PROGRESS", "SUCCESS", "FAILED", "DELETED" - `response.linkedIssue.issueStatus` (string) - `response.linkedIssue.failureReason` (string) - `response.linkedIssue.errorMessage` (string) - `response.linkedIssue.publicLink` (string) - `response.linkedIssue.creationDate` (string) - `response.linkedIssue.updatedAt` (string) - `response.linkedIssue.createdBy` (object) - `response.linkedIssue.ticketType` (string) Enum: "SECURITY", "LEGAL" ## Response 400 fields (*/*): - `supportToken` (string) Example: "1171c60d" ## Response 403 fields (*/*): - `supportToken` (string) Example: "1171c60d"