Synopsis

fcli fod issue list [--delim=<delimiter>] [--filters-param=<filtersParam>] --rel=id|app[:ms]:rel [--embed=<embedSuppliers>[, <embedSuppliers>…​]]…​ [-i=<status>[,<status>…​]]…​ [[-h] [--env-prefix=<prefix>] [--log-file=<logFile>] [--log-level=<logLevel>] [--log-mask=<level>] [--debug]] [[--fod-session=<sessionName>]] [[-o=<type+args>] [--style*=<style>,…​]…​ ] [--to-file=<outputFile>_]] [-q=<SpEL expression>]

Description

This command allows for listing FoD vulnerability data for a given release. By default, only visible issues will be returned; the --include option can be used to (also) include suppressed or fixed issues. If any such issues are included, the default table output will show (S) and/or (F) for respectively suppressed and fixed issues.

Optionally, additional details may be included in the output using the --embed option, but please note that this may have a significant impact on performance as this will result in additional HTTP requests to FoD for every individual issue, and FoD rate limits may apply to those requests.

In general, performance of this command is largely dependent on the number of issues being retrieved from FoD. The default table output collects all data in memory until all issues have been processed, so it may take a long time before you see any output, and there’s a small risk of running out of memory. Most other output formats (like json, yaml, or csv) output data immediately after each page of issues has been loaded from FoD, resulting in more immediate output.

Options

--delim=<delimiter>

Change the default delimiter character when using options that accept "application[:microservice]:release" as an argument or parameter.

--embed=<embedSuppliers>[,<embedSuppliers>…​]

Embed extra issue data. Due to FoD rate limits, this may significantly affect performance. Allowed values: allData, summary, details, recommendations, history, requestResponse, headers, parameters, traces. Using the --output option, this extra data can be included in the output. Using the --query option, this extra data can be queried upon. To get an understanding of the structure and contents of the embedded data, use the --output json or --output yaml options.

--filters-param=<filtersParam>

Server-side queries are automatically generated from the -q / --query option if possible; generated queries can be viewed in the debug log. The --q-param option can be used to override the automatically generated query, for example to further optimize the request. See the Fortify on Demand REST API documentation for information on supported formats.

-i, --include=<status>[,<status>…​]

By default, only visible issues will be returned. This option accepts a comma-separated list to allow (also) fixed and/or suppressed issues to be returned, for example --include visible,fixed (to return both visible and fixed issues) or --include fixed (to return only fixed issues). Allowed values: visible, fixed, suppressed.

-q, --query=<SpEL expression>

Only display records for which the given Spring Expression Language (SpEL) expression returns true.

--rel, --release=id|app[:ms]:rel

Release id or <application>[:<microservice>]:<release> name.

FoD session name options

--fod-session=<sessionName>

Name of the FoD session to use for executing this command. Default value: default.

Output options (also see documentation link below)

-o, --output=<type+args>

Select output type (csv, table, expr, json, xml, yaml) and optional type arguments.

--store=<var>[:<prop>]

Store JSON results in an fcli variable for later reference.

*--style*=<style>,…​

Select output style: header, no-header, pretty, no-pretty, flat, no-flat, array, single, border, no-border, md-border.

--to-file=<outputFile>

Write output to the specified file.

Generic fcli options (also see documentation link below)

--debug

Enable collection of debug logs.

--env-prefix=<prefix>

Prefix for resolving default option values. Default value: FCLI_DEFAULT.

-h, --help

Use 'fcli [command] -h' to display help for fcli (sub-)commands.

--log-file=<logFile>

Write log output to file. Default: ./fcli.log if logging is enabled.

--log-level=<logLevel>

Set logging level: TRACE, DEBUG, INFO, WARN, ERROR, NONE.

--log-mask=<level>

Log mask level: high, medium, low, none. Default: medium. Masking is done on a best-effort basis; no guarantee that all sensitive data will be masked.