Code insights provides reports, annotations, and metrics to help you and your team improve code quality in pull requests throughout the code review process. Some of the available code insights are static analysis reports, security scan results, artifact links, unit tests, and build status.
Returns a paginated list of Reports linked to this commit.
repositoryread:repository:bitbucketstring
Requiredstring
Requiredstring
RequiredOK
A paginated list of reports.
1
2
3
4
curl --request GET \
--url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repo_slug}/commit/{commit}/reports' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
{
"page": 102,
"values": [
{
"type": "<string>",
"uuid": "<string>",
"title": "<string>",
"details": "<string>",
"external_id": "<string>",
"reporter": "<string>",
"link": "<string>",
"remote_link_enabled": true,
"logo_url": "<string>",
"report_type": "SECURITY",
"result": "PASSED",
"data": [
{}
],
"created_on": "<string>",
"updated_on": "<string>"
}
],
"size": 142,
"pagelen": 159,
"next": "<string>",
"previous": "<string>"
}Returns a single Report matching the provided ID.
repositoryread:repository:bitbucketstring
Requiredstring
Requiredstring
Requiredstring
RequiredOK
allOf [object, Commit Report]
Base type for most resource objects. It defines the common type element that identifies an object's type. It also identifies the element as Swagger's discriminator.
A report for a commit.
1
2
3
4
curl --request GET \
--url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repo_slug}/commit/{commit}/reports/{reportId}' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
{
"type": "<string>",
"uuid": "<string>",
"title": "<string>",
"details": "<string>",
"external_id": "<string>",
"reporter": "<string>",
"link": "<string>",
"remote_link_enabled": true,
"logo_url": "<string>",
"report_type": "SECURITY",
"result": "PASSED",
"data": [
{
"type": "BOOLEAN",
"title": "<string>",
"value": {}
}
],
"created_on": "<string>",
"updated_on": "<string>"
}Creates or updates a report for the specified commit. To upload a report, make sure to generate an ID that is unique across all reports for that commit. If you want to use an existing id from your own system, we recommend prefixing it with your system's name to avoid collisions, for example, mySystem-001.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22curl --request PUT 'https://api.bitbucket.org/2.0/repositories/<username>/<reposity-name>/commit/<commit-hash>/reports/mysystem-001' \ --header 'Content-Type: application/json' \ --data-raw '{ "title": "Security scan report", "details": "This pull request introduces 10 new dependency vulnerabilities.", "report_type": "SECURITY", "reporter": "mySystem", "link": "http://www.mysystem.com/reports/001", "result": "FAILED", "data": [ { "title": "Duration (seconds)", "type": "DURATION", "value": 14 }, { "title": "Safe to merge?", "type": "BOOLEAN", "value": false } ] }'
report_type: SECURITY, COVERAGE, TEST, BUG result: PASSED, FAILED, PENDING data.type: BOOLEAN, DATE, DURATION, LINK, NUMBER, PERCENTAGE, TEXT
| Type Field | Value Field Type | Value Field Display |
|---|---|---|
| None/ Omitted | Number, String or Boolean (not an array or object) | Plain text |
| BOOLEAN | Boolean | The value will be read as a JSON boolean and displayed as 'Yes' or 'No'. |
| DATE | Number | The value will be read as a JSON number in the form of a Unix timestamp (milliseconds) and will be displayed as a relative date if the date is less than one week ago, otherwise it will be displayed as an absolute date. |
| DURATION | Number | The value will be read as a JSON number in milliseconds and will be displayed in a human readable duration format. |
| LINK | Object: {"text": "Link text here", "href": "https://link.to.annotation/in/external/tool"} | The value will be read as a JSON object containing the fields "text" and "href" and will be displayed as a clickable link on the report. |
| NUMBER | Number | The value will be read as a JSON number and large numbers will be displayed in a human readable format (e.g. 14.3k). |
| PERCENTAGE | Number (between 0 and 100) | The value will be read as a JSON number between 0 and 100 and will be displayed with a percentage sign. |
| TEXT | String | The value will be read as a JSON string and will be displayed as-is |
Please refer to the Code Insights documentation for more information.
repositoryread:repository:bitbucketstring
Requiredstring
Requiredstring
Requiredstring
RequiredThe report to create or update
allOf [object, Commit Report]
Base type for most resource objects. It defines the common type element that identifies an object's type. It also identifies the element as Swagger's discriminator.
A report for a commit.
OK
allOf [object, Commit Report]
Base type for most resource objects. It defines the common type element that identifies an object's type. It also identifies the element as Swagger's discriminator.
A report for a commit.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
curl --request PUT \
--url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repo_slug}/commit/{commit}/reports/{reportId}' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"type": "<string>",
"uuid": "<string>",
"title": "<string>",
"details": "<string>",
"external_id": "<string>",
"reporter": "<string>",
"link": "<string>",
"remote_link_enabled": true,
"logo_url": "<string>",
"report_type": "SECURITY",
"result": "PASSED",
"data": [
{
"type": "BOOLEAN",
"title": "<string>",
"value": {}
}
],
"created_on": "<string>",
"updated_on": "<string>"
}'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
{
"type": "<string>",
"uuid": "<string>",
"title": "<string>",
"details": "<string>",
"external_id": "<string>",
"reporter": "<string>",
"link": "<string>",
"remote_link_enabled": true,
"logo_url": "<string>",
"report_type": "SECURITY",
"result": "PASSED",
"data": [
{
"type": "BOOLEAN",
"title": "<string>",
"value": {}
}
],
"created_on": "<string>",
"updated_on": "<string>"
}Deletes a single Report matching the provided ID.
repositoryread:repository:bitbucketstring
Requiredstring
Requiredstring
Requiredstring
RequiredNo content
1
2
3
curl --request DELETE \
--url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repo_slug}/commit/{commit}/reports/{reportId}' \
--header 'Authorization: Bearer <access_token>'Returns a paginated list of Annotations for a specified report.
repositoryread:repository:bitbucketstring
Requiredstring
Requiredstring
Requiredstring
RequiredOK
A paginated list of annotations.
1
2
3
4
curl --request GET \
--url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repo_slug}/commit/{commit}/reports/{reportId}/annotations' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
{
"page": 102,
"values": [
{
"type": "<string>",
"external_id": "<string>",
"uuid": "<string>",
"annotation_type": "VULNERABILITY",
"path": "<string>",
"line": 199,
"summary": "<string>",
"details": "<string>",
"result": "PASSED",
"severity": "CRITICAL",
"link": "<string>",
"created_on": "<string>",
"updated_on": "<string>"
}
],
"size": 142,
"pagelen": 159,
"next": "<string>",
"previous": "<string>"
}Bulk upload of annotations. Annotations are individual findings that have been identified as part of a report, for example, a line of code that represents a vulnerability. These annotations can be attached to a specific file and even a specific line in that file, however, that is optional. Annotations are not mandatory and a report can contain up to 1000 annotations.
Add the annotations you want to upload as objects in a JSON array and make sure each annotation has the external_id field set to a unique value. If you want to use an existing id from your own system, we recommend prefixing it with your system's name to avoid collisions, for example, mySystem-annotation001. The external id can later be used to identify the report as an alternative to the generated UUID. You can upload up to 100 annotations per POST request.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23curl --location 'https://api.bitbucket.org/2.0/repositories/<username>/<reposity-name>/commit/<commit-hash>/reports/mysystem-001/annotations' \ --header 'Content-Type: application/json' \ --data-raw '[ { "external_id": "mysystem-annotation001", "title": "Security scan report", "annotation_type": "VULNERABILITY", "summary": "This line represents a security threat.", "severity": "HIGH", "path": "my-service/src/main/java/com/myCompany/mysystem/logic/Main.java", "line": 42 }, { "external_id": "mySystem-annotation002", "title": "Bug report", "annotation_type": "BUG", "result": "FAILED", "summary": "This line might introduce a bug.", "severity": "MEDIUM", "path": "my-service/src/main/java/com/myCompany/mysystem/logic/Helper.java", "line": 13 } ]'
annotation_type: VULNERABILITY, CODE_SMELL, BUG result: PASSED, FAILED, IGNORED, SKIPPED severity: HIGH, MEDIUM, LOW, CRITICAL
Please refer to the Code Insights documentation for more information.
repositoryread:repository:bitbucketstring
Requiredstring
Requiredstring
Requiredstring
RequiredThe annotations to create or update
array<allOf [object, Report Annotation]>
1Max items: 100OK
array<allOf [object, Report Annotation]>
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
curl --request POST \
--url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repo_slug}/commit/{commit}/reports/{reportId}/annotations' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '[
{
"type": "<string>",
"external_id": "<string>",
"uuid": "<string>",
"annotation_type": "VULNERABILITY",
"path": "<string>",
"line": 199,
"summary": "<string>",
"details": "<string>",
"result": "PASSED",
"severity": "CRITICAL",
"link": "<string>",
"created_on": "<string>",
"updated_on": "<string>"
}
]'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[
{
"type": "<string>",
"external_id": "<string>",
"uuid": "<string>",
"annotation_type": "VULNERABILITY",
"path": "<string>",
"line": 199,
"summary": "<string>",
"details": "<string>",
"result": "PASSED",
"severity": "CRITICAL",
"link": "<string>",
"created_on": "<string>",
"updated_on": "<string>"
}
]Returns a single Annotation matching the provided ID.
repositoryread:repository:bitbucketstring
Requiredstring
Requiredstring
Requiredstring
Requiredstring
RequiredOK
allOf [object, Report Annotation]
Base type for most resource objects. It defines the common type element that identifies an object's type. It also identifies the element as Swagger's discriminator.
A report for a commit.
1
2
3
4
curl --request GET \
--url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repo_slug}/commit/{commit}/reports/{reportId}/annotations/{annotationId}' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
{
"type": "<string>",
"external_id": "<string>",
"uuid": "<string>",
"annotation_type": "VULNERABILITY",
"path": "<string>",
"line": 199,
"summary": "<string>",
"details": "<string>",
"result": "PASSED",
"severity": "CRITICAL",
"link": "<string>",
"created_on": "<string>",
"updated_on": "<string>"
}Creates or updates an individual annotation for the specified report. Annotations are individual findings that have been identified as part of a report, for example, a line of code that represents a vulnerability. These annotations can be attached to a specific file and even a specific line in that file, however, that is optional. Annotations are not mandatory and a report can contain up to 1000 annotations.
Just as reports, annotation needs to be uploaded with a unique ID that can later be used to identify the report as an alternative to the generated UUID. If you want to use an existing id from your own system, we recommend prefixing it with your system's name to avoid collisions, for example, mySystem-annotation001.
1 2 3 4 5 6 7 8 9 10curl --request PUT 'https://api.bitbucket.org/2.0/repositories/<username>/<reposity-name>/commit/<commit-hash>/reports/mySystem-001/annotations/mysystem-annotation001' \ --header 'Content-Type: application/json' \ --data-raw '{ "title": "Security scan report", "annotation_type": "VULNERABILITY", "summary": "This line represents a security thread.", "severity": "HIGH", "path": "my-service/src/main/java/com/myCompany/mysystem/logic/Main.java", "line": 42 }'
annotation_type: VULNERABILITY, CODE_SMELL, BUG result: PASSED, FAILED, IGNORED, SKIPPED severity: HIGH, MEDIUM, LOW, CRITICAL
Please refer to the Code Insights documentation for more information.
repositoryread:repository:bitbucketstring
Requiredstring
Requiredstring
Requiredstring
Requiredstring
RequiredThe annotation to create or update
allOf [object, Report Annotation]
Base type for most resource objects. It defines the common type element that identifies an object's type. It also identifies the element as Swagger's discriminator.
A report for a commit.
OK
allOf [object, Report Annotation]
Base type for most resource objects. It defines the common type element that identifies an object's type. It also identifies the element as Swagger's discriminator.
A report for a commit.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
curl --request PUT \
--url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repo_slug}/commit/{commit}/reports/{reportId}/annotations/{annotationId}' \
--header 'Authorization: Bearer <access_token>' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"type": "<string>",
"external_id": "<string>",
"uuid": "<string>",
"annotation_type": "VULNERABILITY",
"path": "<string>",
"line": 199,
"summary": "<string>",
"details": "<string>",
"result": "PASSED",
"severity": "CRITICAL",
"link": "<string>",
"created_on": "<string>",
"updated_on": "<string>"
}'1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
{
"type": "<string>",
"external_id": "<string>",
"uuid": "<string>",
"annotation_type": "VULNERABILITY",
"path": "<string>",
"line": 199,
"summary": "<string>",
"details": "<string>",
"result": "PASSED",
"severity": "CRITICAL",
"link": "<string>",
"created_on": "<string>",
"updated_on": "<string>"
}Deletes a single Annotation matching the provided ID.
repositoryread:repository:bitbucketstring
Requiredstring
Requiredstring
Requiredstring
Requiredstring
RequiredNo content
1
2
3
curl --request DELETE \
--url 'https://api.bitbucket.org/2.0/repositories/{workspace}/{repo_slug}/commit/{commit}/reports/{reportId}/annotations/{annotationId}' \
--header 'Authorization: Bearer <access_token>'Rate this page: