The beginprescan.do call runs the prescan of the application.
The beginprescan call determines whether the auto-scan feature is on or off based on:
- The value of the auto_scan parameter.
- The auto_scan setting of the previous scan.
- If it is the first scan of an application, the auto_scan setting is based on the auto_scan feature switch value.
When auto_scan is true, the specified build automatically begins scanning after the prescan completes.
Resource URL
https://analysiscenter.veracode.com/api/5.0/beginprescan.do
Parameters
| Name | Type | Description |
|---|---|---|
| app_id Required |
Integer | Application ID. |
| auto_scan | Boolean | If you want to automatically submit a full scan, use this parameter. If this
parameter is not present, auto_scan is set based on the:
|
| sandbox_id | Integer | Target sandbox ID. |
| scan_all_nonfatal_top_level_modules | Boolean | If auto_scan is false, this parameter is ignored. The scan starts after prescan as long as the application has more than one module, and at least one of the top-level modules has no fatal errors. Default is false. |
HTTPie Example
Examples use the HTTPie command-line tool. See Using HTTPie with the Python Authentication Library.
http --auth-type=veracode_hmac "https://analysiscenter.veracode.com/api/5.0/beginprescan.do" "app_id==<app id>" "auto_scan==false"
HTTPie Results
<?xml version="1.0" encoding="UTF-8"?>
<buildinfo xmlns:xsi="http://www.w3.org/2001/
XMLSchema-instance"xmlns="https://analysiscenter.veracode.com/schema
/4.0/buildinfo"xsi:schemaLocation="https://
analysiscenter.veracode.com/schema/4.0/buildinfohttps://
analysiscenter.veracode.com/resource/4.0/
buildinfo.xsd"buildinfo_version="1.5" account_id="<account id>"
app_id="<app id>" build_id="<build id>">
<build version="v1" build_id="<build id>" submitter="<VeracodeUsername>" platform="Not Specified"
lifecycle_stage="Not Specified" results_ready="false" policy_name="Veracode Transitional Very High"
policy_version="1" policy_compliance_status="Not Assessed" rules_status="Not Assessed"
grace_period_expired="false" scan_overdue="false" legacy_scan_engine="false">
<analysis_unit analysis_type="Static" status="Prescan Submitted"/>
</build>
</buildinfo>
Java Example
java -jar vosp-api-wrappers-java-<version #>.jar -vid <VeracodeApiId> -vkey <VeracodeApiKey> -action beginprescan -appid <app id>
Java Results
The beginprescan.do call returns the buildinfo XML document, which references the buildinfo.xsd schema file. You can use the XSD schema file to validate the XML data. See the buildinfo.xsd schema documentation.
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<buildinfo xmlns="https://analysiscenter.veracode.com/schema/4.0/buildinfo"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
account_id=<account id> app_id=<app id> build_id=<build id> buildinfo_version="1.5"
xsi:schemaLocation="https://analysiscenter.veracode.com/schema/4.0/buildinfo
https://analysiscenter.veracode.com/resource/4.0/buildinfo.xsd">
<build build_id=<build id> grace_period_expired="false" legacy_scan_engine="false" lifecycle_stage="Not Specified"
platform="Not Specified" policy_compliance_status="Not Assessed" policy_name="Veracode Recommended Very High"
policy_version="1" results_ready="false" rules_status="Not Assessed" scan_overdue="false"
submitter=<VeracodeUsername> version="4 Dec 2018 Static">
<analysis_unit analysis_type="Static" status="Prescan Submitted"/>
</build>
</buildinfo>