Webhooks

SourceClear Software Composition Analysis

Webhooks are a feature for SourceClear customers with Enterprise subscription plans, if you want to get a quote for an upgrade to Enterprise, please email sales@sourceclear.com

Webhooks

A webhook allows SourceClear to notify you when certain events occur in your project. When the event is triggered, we will send an HTTP POST request with a payload to your configured URL.

Adding a webhook to a project

Navigate to your project. Click the Settings action to open the Project Settings screen. Click on Notifications in the left navigation, as seen below. Click the Actions button > Create to enter your payload URL and the events that you want to subscribe to.

Events

Depending on the plan your organization is on, you will see some of the events below.

Event Description
Scan When a project has been scanned successfully.
Vulnerability issues discovered in project library after a scan (Enterprise organization only) When a SourceClear researcher has released a new vulnerability that affects your project
Vulnerability issues changed in project library after a scan (Enterprise organization only) When a SourceClear researcher has updated a vulnerability that affects your project
Note: Webhooks are available to organizations on the Business, Professional, and Enterprise plans. Events triggered by changes to vulnerability issues are only accessible to Enterprise organizations. To find out more about upgrading to Enterprise, please email sales@sourceclear.com.

Payload

Each event will trigger a particular type of payload with the relevant information. The following are examples of the payloads that you can expect from each event.

  • Event: scan success
    {
      "event": "SCAN_SUCCESS",
      "organization": {
        "id": 310,
        "name": "Veracode",
        "planType": "ENTERPRISE"
      },
      "workspace": {
        "id": 4788,
        "name": "Webhooks"
      },
      "user": {
        "id": 2910,
        "name": "John Smith"
      },
      "scan": {
        "id": 1099430,
        "commit": "2bedd63b8e3019121c89108bfccb2421b08e28e9",
        "branch": "New_demo_branch",
        "tag": null,
        "reportLink": "<LINK TO REPORT>",
        "vulnIssuesCount": 31,
        "outofDateIssuesCount": 9,
        "licenseIssuesCount": 0
      },
      "project": {
        "id": 20757,
        "name": "example-javascript"
      }
    }
  • Event: vulnerability issues discovered
    {
      "event": "VULN_ISSUES_DISCOVERED_AFTER_SCAN",
      "organization": {
        "id": 310,
        "name": "Veracode",
        "planType": "ENTERPRISE"
      },
      "workspace": {
        "id": 4788,
        "name": "Webhooks"
      },
      "user": null,
      "issues": [
        {
          "id": 111967,
          "status": "NEW",
          "issueUrl": "<LINK TO ISSUE>",
          "vuln": {
            "id": 16462,
            "title": “Title of vulnerability",
            "cvssScore": 4.3,
            "cvss3Score": 5.9,
            "cve": null,
            "cveStatus": "NA",
            "stage": "RELEASED",
            "disclosureDate": null,
            "hasExploits": false,
            "vulnerabilityTypes": [],
            "overview": null
          }
        }
      ],
      "project": {
        "id": 20757,
        "name": "example-javascript"
      }
    }
  • Event: vulnerability issues changed
    {
      "event": "VULN_ISSUES_CHANGED_AFTER_SCAN",
      "organization": {
        "id": 310,
        "name": "Veracode",
        "planType": "ENTERPRISE"
      },
      "workspace": {
        "id": 4788,
        "name": "Webhooks"
      },
      "user": null,
      "issues": [
        {
          "id": 111967,
          "status": "RESOLVED",
          "issueUrl": “<LINK TO ISSUE>”,
          "vuln": {
            "id": 16462,
            "title": "Title of vulnerability",
            "cvssScore": 7.8,
            "cvss3Score": 5.9,
            "cve": null,
            "cveStatus": "NA",
            "stage": "RELEASED",
            "disclosureDate": null,
            "hasExploits": false,
            "vulnerabilityTypes": [],
            "overview": null
          }
        }
      ],
      "project": {
        "id": 20757,
        "name": "example-javascript"
      }
      }