The beginprescan.do call runs the prescan of the application.
The beginprescan call determines whether the auto-scan feature is on or off based on:
- The value of the auto_scan parameter.
- The auto_scan setting of the previous scan.
- If it is the first scan of an application, the auto_scan setting is based on the auto_scan feature switch value.
When auto_scan is true, the specified build automatically begins scanning after the prescan completes.
Resource URL
https://analysiscenter.veracode.com/api/5.0/beginprescan.do
Parameters
| Name | Type | Description |
|---|---|---|
| app_id Required |
Integer | Application ID. |
| auto_scan | Boolean | If you want to automatically submit a full scan, use this parameter. If this
parameter is not present, auto_scan is set based on the:
|
| sandbox_id | Integer | Target sandbox ID. |
| scan_all_nonfatal_top_level_modules | Boolean | If auto_scan is false, this parameter is ignored. The scan starts after prescan as long as the application has more than one module, and at least one of the top-level modules has no fatal errors. Default is false. |
HTTPie Example
Examples use the HTTPie command-line tool. See Using HTTPie with the Python Authentication Library.
http --auth-type=veracode_hmac "https://analysiscenter.veracode.com/api/5.0/beginprescan.do" "app_id==<app id>" "auto_scan==false"
HTTPie Results
<?xml version="1.0" encoding="UTF-8"?>
<buildinfo xmlns:xsi="http://www.w3.org/2001/
XMLSchema-instance"xmlns="https://analysiscenter.veracode.com/schema
/4.0/buildinfo"xsi:schemaLocation="https://
analysiscenter.veracode.com/schema/4.0/buildinfohttps://
analysiscenter.veracode.com/resource/4.0/
buildinfo.xsd"buildinfo_version="1.5" account_id="<account id>"
app_id="<app id>" build_id="<build id>">
<build version="v1" build_id="<build id>" submitter="<VeracodeUsername>" platform="Not Specified"
lifecycle_stage="Not Specified" results_ready="false" policy_name="Veracode Transitional Very High"
policy_version="1" policy_compliance_status="Not Assessed" rules_status="Not Assessed"
grace_period_expired="false" scan_overdue="false" legacy_scan_engine="false">
<analysis_unit analysis_type="Static" status="Prescan Submitted"/>
</build>
</buildinfo>
Java Example
java -jar vosp-api-wrappers-java-<version #>.jar -vid <VeracodeApiId> -vkey <VeracodeApiKey> -action beginprescan -appid <app id>
Java Results
The beginprescan.do call returns the buildinfo XML document, which references the buildinfo.xsd schema file. You can use the XSD schema file to validate the XML data.
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<buildinfo xmlns="https://analysiscenter.veracode.com/schema/4.0/buildinfo"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
account_id=<account id> app_id=<app id> build_id=<build id> buildinfo_version="1.5"
xsi:schemaLocation="https://analysiscenter.veracode.com/schema/4.0/buildinfo
https://analysiscenter.veracode.com/resource/4.0/buildinfo.xsd">
<build build_id=<build id> grace_period_expired="false" legacy_scan_engine="false" lifecycle_stage="Not Specified"
platform="Not Specified" policy_compliance_status="Not Assessed" policy_name="Veracode Recommended Very High"
policy_version="1" results_ready="false" rules_status="Not Assessed" scan_overdue="false"
submitter=<VeracodeUsername> version="4 Dec 2018 Static">
<analysis_unit analysis_type="Static" status="Prescan Submitted"/>
</build>
</buildinfo>