Skip to main content

Sending a POST Request for Supply Chain Threats

Method

POST

URL

https://api.dusti.co/v1/packages

Network Requirements

Make sure that your firewall allows access to the following URL and port for making REST API calls over HTTPS.

  • Host: https://api.dusti.co/v1/packages

  • Port: 443

Authentication

Authentication is done using an access token. You can obtain the required token from your support agent.

Rate Limit

  • Maximum 1000 items in a single request

  • Maximum 100 concurrent requests in a window of one minute

Request Parameters

The POST method must be submitted with an authentication header and with the following body parameters.

Parameter

Mandatory

Type

Enum

Description

name

yes

string

N/A

The name of the package.

Tip

For Java packages, the package name is formed by combining the "group Id" and the "artifact Id", see example below.

type

yes

string

  • rubygems

  • mvn

  • npm

  • pypi

  • pub

  • go

  • packagist

  • nuget

  • swift

The type of package, see enum.

version

yes

string

N/A

The version of the package.

Tip

You can submit "latest" for the most recent version.

Body Parameters Sample

[
  {
    "name": "package-name-1",
    "type": "npm",
    "version": "1.0.0"
  }
]

cURL Sample

curl --location 'https://api.dusti.co/v1/packages' \--header 'Authorization: token <Your_Token> \--header 'Content-Type: text/plain' \--data '[{"name": "ambar","type": "npm","version": "11.1.0"}]'TBD

Success Response

The success response returns an array with the following info for each package that you submitted. For packages with no know issues, the Risks section is empty. For packages for which risks were identified, info about the risk is given.

Parameter

Type

Description

name

string

The name of the package.

type

string

The type of package. See enum in request parameters table.

version

string

The version of the package.

ioc

array

Returns a list of "indicators of compromise" (optional, array of strings).

status

The status of our research team's analysis of the package. Possible statuses are:

  • PENDING - package is being analyzed and manually vetted by our research team

  • SCANNED - package analysis has been completed

  • NOT_FOUND - package was not found in our database

risks[]

array

For packages with an identified SCS risk, this field contains details about the risk, as described below. For packages for which no risks have been identified this field is empty.

risks/id

string

A unique identifier assigned by Checkmarx to this risk.

risks/title

string

The title of the risk.

risks/description

string

A detailed description of the risk.

risks/score

integer

A score indicating the severity of the risk, from 0 (low) to 10 (high).

Response Example

[
  {
    "name": "@scope/name1",
    "type": "npm",
    "version": "1.0.0",
    "status": "SCANNED",
    "risks": []
  },
  {
    "name": "name2",
    "type": "npm",
    "version": "latest",
    "status": "SCANNED",
    "ioc": ["hxxps://low-abaft-wax[.]glitch[.]me", "vilao[.]xyz"],
    "risks": [
      {
        "id": "a8fb294e352ce2bd9b5d3bc7abac9cce850166e4",
        "title": "Malicious Package",
        "description": "This package was analyzed by a researcher and marked as a malicious package",
        "score": 10.0
      },
      {
        "id": "a8fb294e352ce2bd9b5d3bc7abac9cce850166e2",
        "title": "Data Leakage",
        "description": "ssh keys and environment variables are sent when running this package",
        "score": 10.0
      },
      {
        "id": "94e352ce2bd9b6e47abac9cce855d3b18f02bca6",
        "title": "StarJacking",
        "description": "There is a weak link between the package and the git repo \"https://github.com/zeldaret/oot\"",
        "score": 6.0
      }
    ]
  }
]