> ## Documentation Index
> Fetch the complete documentation index at: https://docs.semgrep.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Create Memory from Triage

> Create a new memory from a triage event.



## OpenAPI

````yaml /public_v2.openapi.yaml post /api/ai/deployments/{deploymentId}/memories/triage
openapi: 3.0.3
info:
  title: Semgrep API
  description: >-
    The API v2 is currently a work in progress as we expand and improve our
    platform capabilities. There are no current plans to deprecate the [v1
    API](/api/v1/docs) – we remain committed to supporting existing integrations
    and will ensure that all v1 use cases are fully supported in v2 before any
    deprecation occurs.

    ## API Maturity Levels


    Each endpoint in the v2 API is marked with a maturity badge to help you
    understand its current state:


    🚧 **Experimental** - Use at your own risk. This endpoint was not originally
    designed for third-party use or is under active development. Expect
    significant breaking changes.


    ⚠️ **Beta** - This endpoint is being refined. We will communicate breaking
    changes to Beta partners as we tweak the implementation.


    ✅ **Stable** - No breaking changes will be made to this API. You can
    confidently build production integrations against these endpoints.


    We recommend using Stable endpoints for production applications and treating
    Experimental/Beta endpoints as previews of upcoming functionality. This API
    is documented in the **OpenAPI format**.


    # Authentication


    The API supports authentication with an API token with the "Web API"
    permission, without limited scopes of access.


    You can provision an API token [from the Settings
    page](https://semgrep.dev/orgs/-/settings/tokens).


    # Terms of Use


    Please note, the materials made available herein are subject to the [Semgrep
    Terms of Use](https://semgrep.dev/resources/website-terms/), and your access
    or use of any of the same is your acknowledgment and acceptance of the such
    terms.


    <br>


    ___
  contact:
    email: support@semgrep.com
  version: v2.0.0.alpha
  x-logo:
    url: https://semgrep.dev/images/SemgrepLogoWithTextWithMargin.svg
    backgroundColor: '#fafafa'
    altText: Semgrep logo
servers: []
security: []
tags:
  - name: AiFixJobsService
    description: Manage AI fix jobs for automated security fixes
    x-displayName: AI Fix Jobs
    x-group: AI Fix Jobs
  - name: AiTasksService
    description: Manage AI tasks, such as triage, auto-triage, and issue tagging backfill
    x-displayName: Ai Tasks
    x-group: Ai Tasks
  - name: AutofixService
    description: Trigger automated fixes for SAST, AI SAST, and SCA issues.
    x-displayName: Autofix
    x-group: Autofix
  - name: AutomationsService
    description: >-
      Automations are a way to automatically take actions on findings based on
      certain conditions.
    x-displayName: Automations
    x-group: Automations
  - name: AutotriageFeedbackService
    description: Feedback for the quality of autotriage, guidance or autofix
    x-displayName: Autotriage Feedback
    x-group: Autotriage Feedback
  - name: ChecklistService
    description: Manage onboarding checklist
    x-displayName: Onboarding Checklist
    x-group: Onboarding Checklist
  - name: DeploymentProductsService
    description: Manage deployment product configurations.
    x-displayName: Deployment Products
    x-group: Deployment Products
  - name: DeploymentService
    description: Manage deployment and its resources.
    x-displayName: Deployment
    x-group: Deployment
  - name: DeploymentSsoProvidersService
    description: Manage Deployment SSO Providers
    x-displayName: Deployment SSO Providers
    x-group: Deployment SSO Providers
  - name: DeploymentTagService
    description: Assign tags to a deployment.
    x-displayName: Deployment Tags
    x-group: Deployment Tags
  - name: DeploymentsService
    description: >-
      Deployments encapsulate your organization's security organization, with
      multiple projects, policies, and integrations. As the root object of the
      organization, they're similarly the root object of the API.
    x-displayName: Deployments
    x-group: Deployments
  - name: EditorService
    description: Run Semgrep patterns against target code in the editor playground
    x-displayName: Editor
    x-group: Editor
  - name: ExternalTicketingService
    description: APIs that power the External Ticketing experience.
    x-displayName: External Ticketing
    x-group: External Ticketing
  - name: FeatureRolloutsService
    description: View feature flags rolled out to all deployments
    x-displayName: Feature Rollouts
    x-group: Feature Rollouts
  - name: IgnoresService
    description: >-
      API for managing global ignores. See
      https://semgrep.dev/docs/ignoring-files-folders-code
    x-displayName: Global Ignores
    x-group: Global Ignores
  - name: InfrastructureConfigurationsService
    description: Infrastructure configuration information.
    x-displayName: Infrastructure Configurations
    x-group: Infrastructure Configurations
  - name: IssuesService
    description: Manage findings found by Semgrep scans
    x-displayName: Issues
    x-group: Issues
  - name: ManagedScanSettingsService
    description: Settings that affect all of a deployment's managed scans
    x-displayName: Managed Scan Settings
    x-group: Managed Scan Settings
  - name: MemoriesService
    description: Memories help reduce noise from findings.
    x-displayName: Memories
    x-group: Memories
  - name: MiscService
    description: Miscellaneous endpoints
    x-displayName: Misc
    x-group: Misc
  - name: NotificationRulesService
    description: Setup rules to get notified about new findings
    x-displayName: Notification Rules
    x-group: Notification Rules
  - name: NotificationWebhooksService
    description: Manage webhook endpoints for deployment notifications.
    x-displayName: Notification Webhooks
    x-group: Notification Webhooks
  - name: NotificationsService
    description: Notifications show in-app toasts to users.
    x-displayName: Notifications
    x-group: Notifications
  - name: PoliciesService
    description: >-
      View and manage the Policies of your organization.


      Deployments on the Unified Policies model use the [Policies V2
      API](/api/v2/docs/#tag/PoliciesV2Service) instead; this service stops
      working after the migration.
    x-displayName: Policies
    x-group: Policies
  - name: PoliciesV2Service
    description: >-
      Declarative management of detection and remediation policies for
      deployments on the Unified Policies model. Designed for GitOps-style
      reconciliation: read the current bundle, edit it, preview the diff with a
      dry run, then apply it strictly with optimistic concurrency control.
    x-displayName: Policies V2
    x-group: Policies V2
  - name: ProjectManagedScanSettingsService
    description: Settings that affect a specific project's managed scans
    x-displayName: Projects – Managed Scan Settings
    x-group: Projects – Managed Scan Settings
  - name: ProjectsService
    description: >-
      Projects are groups of files that are scanned by Semgrep. These normally
      correspond to repositories.
    x-displayName: Projects
    x-group: Projects
  - name: ReportsService
    description: APIs for Reporting Dashboards
    x-displayName: Reporting
    x-group: Reporting
  - name: ReviewCommentProductContentService
    description: >-
      Review comment product content is a way to add additional per-product
      information to a review comment.
    x-displayName: Review Comment Product Content
    x-group: Review Comment Product Content
  - name: RuleboardService
    description: >-
      The [Policies API](/api/v2/docs/#tag/PoliciesService) is *strongly*
      recommended. It is also newer than this Ruleboard service. Deployments on
      the Unified Policies model use the [Policies V2
      API](/api/v2/docs/#tag/PoliciesV2Service) instead; this service stops
      working after the migration.


      Manage Ruleboards (sets of policies).
    x-displayName: Ruleboards
    x-group: Ruleboards
  - name: ScansService
    description: View details of scans associated with projects in your organization.
    x-displayName: Scans
    x-group: Scans
  - name: ScmAppsService
    description: >-
      Manage connections to source code management systems (Github, Gitlab,
      etc.)
    x-displayName: Source Code Management (SCM) App
    x-group: Source Code Management (SCM) App
  - name: ScmService
    description: >-
      Manage connections to source code management systems (Github, Gitlab,
      etc.)
    x-displayName: Source Code Management (SCM) Configs
    x-group: Source Code Management (SCM) Configs
  - name: ScmSubscriptionsService
    description: Manage SCM Webhook Subscriptions
    x-displayName: Source Code Management (SCM) Webhooks
    x-group: Source Code Management (SCM) Webhooks
  - name: SlackService
  - name: SmsPackageManagerConfigService
    description: >-
      Manage authentication configurations for package managers used in Supply
      Chain Analysis (SCA) scans.
    x-displayName: Supply Chain - SMS Package Manager Configurations
    x-group: Supply Chain - SMS Package Manager Configurations
  - name: SmsScaResolutionConfigService
    description: >-
      Retrieve custom dependency resolution configurations for lockfileless
      scans.
    x-displayName: Supply Chain - SMS SCA Resolution Configurations
    x-group: Supply Chain - SMS SCA Resolution Configurations
  - name: SupplyChain2Service
    description: >-
      The Supply Chain is all of the dependencies of code, rather than the code
      itself. This service gives information about the supply chain.
    x-displayName: Supply Chain
    x-group: Supply Chain
  - name: SupportService
    description: Create and List Support Cases
    x-displayName: Support Service
    x-group: Support Service
  - name: SurveysService
    description: Retrieve and submit company surveys
    x-displayName: Surveys
    x-group: Surveys
  - name: TasksService
    description: >-
      Many tasks are done asynchronously; this service deals with managing async
      tasks.
    x-displayName: Tasks
    x-group: Tasks
  - name: TeamsService
    description: >-
      Teams are used to manage access control for resources within a deployment.
      For more information visit https://semgrep.dev/docs/deployment/teams.
    x-displayName: Teams
    x-group: Teams
  - name: TokenService
    description: >-
      Tokens are used for programmatic access to the Semgrep Cloud Platform
      APIs.
    x-displayName: Tokens
    x-group: Tokens
  - name: UsersService
    description: Manage user accounts, settings, and organization memberships
    x-displayName: Users Auth Service
    x-group: Users Auth Service
  - name: VersionsService
    description: Semgrep version information
    x-displayName: Versions
    x-group: Versions
  - name: WizCredentialService
    description: Manage Wiz credentials
    x-displayName: Wiz Credentials
    x-group: Wiz Credentials
paths:
  /api/ai/deployments/{deploymentId}/memories/triage:
    post:
      tags:
        - MemoriesService
      summary: Create Memory from Triage
      description: Create a new memory from a triage event.
      operationId: MemoriesService_CreateMemoryFromTriage
      parameters:
        - name: deploymentId
          in: path
          required: true
          schema:
            type: string
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/protos.ai.v1.CreateMemoryFromTriageRequest'
        required: true
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/protos.ai.v1.CreateMemoryFromTriageResponse
      security:
        - SemgrepWebToken: []
        - SemgrepJWT: []
components:
  schemas:
    protos.ai.v1.CreateMemoryFromTriageRequest:
      type: object
      properties:
        deploymentId:
          type: string
        note:
          type: string
        filter:
          allOf:
            - $ref: '#/components/schemas/protos.issues.v1.IssuesFilter'
          description: Filter to select issues for memory creation.
        issueType:
          enum:
            - ISSUE_TYPE_SAST
            - ISSUE_TYPE_SCA
            - ISSUE_TYPE_SECRETS
            - ISSUE_TYPE_RESEARCH
            - ISSUE_TYPE_AI_SAST
          type: string
          description: |+
            Issue type to filter by.

            | value | description |
            |-------|---------------|
            | ISSUE_TYPE_SAST | Detected by Code rules |
            | ISSUE_TYPE_SCA | Detected by Supply Chain rules |
            | ISSUE_TYPE_SECRETS | Detected by Secrets rules |
            | ISSUE_TYPE_RESEARCH | Detected by research rules or scanners |
            | ISSUE_TYPE_AI_SAST | Detected by AI detection code scanning |

          format: enum
        identifierFilter:
          allOf:
            - $ref: '#/components/schemas/protos.ai.v1.NonExclusiveMemoryFilter'
          description: |-
            Identifier-based filters to combine with the base filter.
             If multiple identifiers are specified, they are OR'd before combining with base.
    protos.ai.v1.CreateMemoryFromTriageResponse:
      type: object
      properties:
        memory:
          $ref: '#/components/schemas/protos.ai.v1.Memory'
    protos.issues.v1.IssuesFilter:
      type: object
      properties:
        ids:
          type: array
          items:
            type: string
          description: >-
            Filters issues to those whose ids match any of the specified values.
            Applies to all issue types.
        since:
          type: string
          description: >-
            Filters issues relevant since the specified timestamp. Applies to
            all issue types.
          format: date-time
        until:
          type: string
          description: >-
            Filters issues created before the specified timestamp. Applies to
            all issue types.
          format: date-time
        repositoryNames:
          type: array
          items:
            type: string
          description: >-
            Filters issues which belong to a repo with one of the specified
            names. Applies to all issue types.
        repositoryIds:
          type: array
          items:
            type: string
          description: >-
            Filters issues which belong to a repo with one of the specified ids.
            Applies to all issue types.
        repositoryTags:
          type: array
          items:
            type: string
          description: >-
            Filters issues which belong to a repo with one of the specified
            tags. Applies to all issue types.
        refs:
          type: array
          items:
            type: string
          description: >-
            Filters issues which were found in a ref with one of the specified
            names. Applies to all issue types.
        repositoryRefIds:
          type: array
          items:
            type: string
          description: >-
            Filters issues which were found on the repo and ref associated with
            the repo ref id. Applies to all issue types.
        aiVerdicts:
          enum:
            - VERDICT_TRUE_POSITIVE
            - VERDICT_FALSE_POSITIVE
            - VERDICT_NO_VERDICT
          type: array
          items:
            enum:
              - VERDICT_UNSPECIFIED
              - VERDICT_TRUE_POSITIVE
              - VERDICT_FALSE_POSITIVE
              - VERDICT_NO_VERDICT
            type: string
            format: enum
          description: >+
            Filters issues whose autotriage verdict matches one of the specified
            values. Applies to all issue types.


            | value | description |

            |-------|---------------|

            | VERDICT_TRUE_POSITIVE |  |

            | VERDICT_FALSE_POSITIVE |  |

            | VERDICT_NO_VERDICT |  |

        aiSensitivities:
          type: array
          items:
            type: string
          description: >-
            Filters issues whose autotriage tag matches one of the specified
            values. Applies to all issue types.
        status:
          enum:
            - ISSUE_STATUS_FIXED
            - ISSUE_STATUS_MUTED
            - ISSUE_STATUS_REMOVED
            - ISSUE_STATUS_UNRESOLVED
          type: array
          items:
            enum:
              - ISSUE_STATUS_UNSPECIFIED
              - ISSUE_STATUS_FIXED
              - ISSUE_STATUS_MUTED
              - ISSUE_STATUS_REMOVED
              - ISSUE_STATUS_UNRESOLVED
            type: string
            format: enum
          description: >+
            Filters issues whose status matches one of the specified values.
            Applies to all issue types.
             Deprecated in favor of `aggregate_issue_states`, which is the forward-looking state filter.

            | value | description |

            |-------|---------------|

            | ISSUE_STATUS_FIXED |  |

            | ISSUE_STATUS_MUTED |  |

            | ISSUE_STATUS_REMOVED |  |

            | ISSUE_STATUS_UNRESOLVED |  |

        tab:
          enum:
            - ISSUE_TAB_OPEN
            - ISSUE_TAB_IGNORED
            - ISSUE_TAB_CLOSED
            - ISSUE_TAB_REVIEWING
            - ISSUE_TAB_FIXING
            - ISSUE_TAB_PROVISIONALLY_IGNORED
          type: string
          description: >+
            Filters issues whose general status (open, ignored, fixed) matches
            one of the specified values. Applies to all issue types.


            | value | description |

            |-------|---------------|

            | ISSUE_TAB_OPEN |  |

            | ISSUE_TAB_IGNORED |  |

            | ISSUE_TAB_CLOSED |  |

            | ISSUE_TAB_REVIEWING |  |

            | ISSUE_TAB_FIXING |  |

            | ISSUE_TAB_PROVISIONALLY_IGNORED |  |

          format: enum
        teamNames:
          type: array
          items:
            type: string
          description: >-
            Filter issues which belong to a repo assigned to one of the
            specified teams. Applies to all issue types.
        actions:
          enum:
            - MODE_MONITOR
            - MODE_COMMENT
            - MODE_BLOCK
            - MODE_DISABLED
          type: array
          items:
            enum:
              - MODE_UNSPECIFIED
              - MODE_MONITOR
              - MODE_COMMENT
              - MODE_BLOCK
              - MODE_DISABLED
            type: string
            format: enum
          description: >+
            Filters SAST issues whose action mode matches one of the specified
            values. Only applies when the provided issue_type is SAST.
             Deprecated: action mode is tied to the legacy policy model and has no effect for deployments on unified policies. This filter will be removed in a future release.

            | value | description |

            |-------|---------------|

            | MODE_MONITOR | Monitor mode, silently report findings |

            | MODE_COMMENT | Comment mode, leaves PR comments but does not block
            |

            | MODE_BLOCK | Block mode, leaves PR comments and blocks PR |

            | MODE_DISABLED | Disabled mode, not active |

        policySlugs:
          type: array
          items:
            type: string
          description: >-
            Filters SAST issues whose policy slug matches one of the specified
            values. Deprecated in favor of `action`. Only applies when the
            provided issue_type is SAST.
        rules:
          type: array
          items:
            type: string
          description: >-
            Filters SAST issues whose rule paths match one of the specified
            values. Only applies when the provided issue_type is SAST.
        ruleIds:
          type: array
          items:
            type: string
          description: >-
            Filters issues whose rule id matches one of the specified values.
            Applies to all issue types.
        rulesets:
          type: array
          items:
            type: string
          description: >-
            Filters SAST issues whose ruleset name matches one of the specified
            values. Only applies when the provided issue_type is SAST.
        categories:
          type: array
          items:
            type: string
          description: >-
            Filters SAST issues whose category matches one of the specified
            values. Only applies when the provided issue_type is SAST.
        confidences:
          enum:
            - CONFIDENCE_HIGH
            - CONFIDENCE_MEDIUM
            - CONFIDENCE_LOW
          type: array
          items:
            enum:
              - CONFIDENCE_UNSPECIFIED
              - CONFIDENCE_HIGH
              - CONFIDENCE_MEDIUM
              - CONFIDENCE_LOW
            type: string
            format: enum
          description: >+
            Filters SAST issues whose confidence rating matches one of the
            specified values. Only applies when the provided issue_type is SAST.


            | value | description |

            |-------|---------------|

            | CONFIDENCE_HIGH |  |

            | CONFIDENCE_MEDIUM |  |

            | CONFIDENCE_LOW |  |

        severities:
          enum:
            - SEVERITY_HIGH
            - SEVERITY_MEDIUM
            - SEVERITY_LOW
            - SEVERITY_CRITICAL
          type: array
          items:
            enum:
              - SEVERITY_UNSPECIFIED
              - SEVERITY_HIGH
              - SEVERITY_MEDIUM
              - SEVERITY_LOW
              - SEVERITY_CRITICAL
            type: string
            format: enum
          description: >+
            Filters SAST issues whose severity matches one of the specified
            values. Only applies when the provided issue_type is SAST.


            | value | description |

            |-------|---------------|

            | SEVERITY_HIGH |  |

            | SEVERITY_MEDIUM |  |

            | SEVERITY_LOW |  |

            | SEVERITY_CRITICAL |  |

        transitivities:
          enum:
            - UNKNOWN_TRANSITIVITY
            - TRANSITIVE
            - DIRECT
          type: array
          items:
            enum:
              - UNKNOWN_TRANSITIVITY
              - TRANSITIVE
              - DIRECT
            type: string
            format: enum
          description: >+
            Filters supply chain issues whose transitivity matches one of the
            specified values. Only applies when the provided issue_type is SCA.


            | value | description |

            |-------|---------------|

            | UNKNOWN_TRANSITIVITY |  |

            | TRANSITIVE |  |

            | DIRECT |  |

        exposures:
          enum:
            - UNKNOWN_EXPOSURE
            - UNREACHABLE
            - REACHABLE
          type: array
          items:
            enum:
              - UNKNOWN_EXPOSURE
              - UNREACHABLE
              - REACHABLE
            type: string
            format: enum
          description: >+
            Filters supply chain issues whose exposure (a.k.a. "reachability")
            matches one of the specified values. Only applies when the provided
            issue_type is SCA.


            | value | description |

            |-------|---------------|

            | UNKNOWN_EXPOSURE |  |

            | UNREACHABLE |  |

            | REACHABLE |  |

        dependencies:
          type: array
          items:
            type: string
          description: >-
            Filters supply chain issues found in a dependency whose name matches
            any of the specified values. Only applies when the provided
            issue_type is SCA.
        cves:
          type: array
          items:
            type: string
          description: >-
            Filters supply chain issues belonging to a CVE whose name matches
            the specified value. Only applies when the provided issue_type is
            SCA.
        source:
          enum:
            - SOURCE_PRO
            - SOURCE_COMMUNITY
            - SOURCE_CUSTOM
          type: array
          items:
            enum:
              - SOURCE_UNSPECIFIED
              - SOURCE_PRO
              - SOURCE_COMMUNITY
              - SOURCE_CUSTOM
            type: string
            format: enum
          description: >+
            Filters issues whose source matches one of the specified values.
            Applies to SAST now, and maybe Secrets in the future.


            | value | description |

            |-------|---------------|

            | SOURCE_PRO | From Pro rules |

            | SOURCE_COMMUNITY | From Semgrep Community rules |

            | SOURCE_CUSTOM | From Custom rules |

        reachabilities:
          enum:
            - REACHABILITY_CONDITIONALLY_REACHABLE
            - REACHABILITY_ALWAYS_REACHABLE
            - REACHABILITY_REACHABLE
            - REACHABILITY_UNREACHABLE
            - REACHABILITY_UNKNOWN
          type: array
          items:
            enum:
              - REACHABILITY_UNSPECIFIED
              - REACHABILITY_CONDITIONALLY_REACHABLE
              - REACHABILITY_ALWAYS_REACHABLE
              - REACHABILITY_REACHABLE
              - REACHABILITY_UNREACHABLE
              - REACHABILITY_UNKNOWN
            type: string
            format: enum
          description: >+
            Filters supply chain issues whose reachability matches one of the
            specified values. Only applies when the provided issue_type is SCA.


            | value | description |

            |-------|---------------|

            | REACHABILITY_CONDITIONALLY_REACHABLE |  |

            | REACHABILITY_ALWAYS_REACHABLE |  |

            | REACHABILITY_REACHABLE |  |

            | REACHABILITY_UNREACHABLE |  |

            | REACHABILITY_UNKNOWN |  |

        issueParentIds:
          type: array
          items:
            type: string
          description: >-
            Filters issues to those whose issue parent ids match any of the
            specified values. Applies to all types.
        validationStates:
          enum:
            - VALIDATION_STATE_CONFIRMED_VALID
            - VALIDATION_STATE_CONFIRMED_INVALID
            - VALIDATION_STATE_VALIDATION_ERROR
            - VALIDATION_STATE_NO_VALIDATOR
          type: array
          items:
            enum:
              - VALIDATION_STATE_UNSPECIFIED
              - VALIDATION_STATE_CONFIRMED_VALID
              - VALIDATION_STATE_CONFIRMED_INVALID
              - VALIDATION_STATE_VALIDATION_ERROR
              - VALIDATION_STATE_NO_VALIDATOR
            type: string
            format: enum
          description: >+
            Filters secrets issues whose validation state matches one of the
            specified values. Only applies when the provided issue_type is
            SECRETS.


            | value | description |

            |-------|---------------|

            | VALIDATION_STATE_CONFIRMED_VALID |  |

            | VALIDATION_STATE_CONFIRMED_INVALID |  |

            | VALIDATION_STATE_VALIDATION_ERROR |  |

            | VALIDATION_STATE_NO_VALIDATOR |  |

        secretTypes:
          type: array
          items:
            type: string
          description: >-
            Filters secrets issues whose secret type matches one of the
            specified values. Only applies when the provided issue_type is
            SECRETS.
        repoVisibilities:
          enum:
            - REPOSITORY_VISIBILITY_PUBLIC
            - REPOSITORY_VISIBILITY_PRIVATE
            - REPOSITORY_VISIBILITY_UNKNOWN
          type: array
          items:
            enum:
              - REPOSITORY_VISIBILITY_UNSPECIFIED
              - REPOSITORY_VISIBILITY_PUBLIC
              - REPOSITORY_VISIBILITY_PRIVATE
              - REPOSITORY_VISIBILITY_UNKNOWN
            type: string
            format: enum
          description: >+
            Filters secrets issues whose status matches one of the specified
            values. Only applies when the provided issue_type is SECRETS.


            | value | description |

            |-------|---------------|

            | REPOSITORY_VISIBILITY_PUBLIC |  |

            | REPOSITORY_VISIBILITY_PRIVATE |  |

            | REPOSITORY_VISIBILITY_UNKNOWN |  |

        excludeHistorical:
          type: boolean
          description: >-
            Filters out historical secrets issues if true. Only applies when the
            provided issue_type is SECRETS.
        onPrimaryBranch:
          type: boolean
          description: >-
            Filter down to only issues that are - or are not - found on the
            default branch of their project.
        epssProbabilities:
          enum:
            - EPSS_PROBABILITY_LOW
            - EPSS_PROBABILITY_MEDIUM
            - EPSS_PROBABILITY_HIGH
            - EPSS_PROBABILITY_NONE
          type: array
          items:
            enum:
              - EPSS_PROBABILITY_UNSPECIFIED
              - EPSS_PROBABILITY_LOW
              - EPSS_PROBABILITY_MEDIUM
              - EPSS_PROBABILITY_HIGH
              - EPSS_PROBABILITY_NONE
            type: string
            format: enum
          description: >+
            Filters supply chain issues whose corresponding EPSS scores fall in
            one of the specified buckets. Only applies when the provided
            issue_type is SCA.


            | value | description |

            |-------|---------------|

            | EPSS_PROBABILITY_LOW |  |

            | EPSS_PROBABILITY_MEDIUM |  |

            | EPSS_PROBABILITY_HIGH |  |

            | EPSS_PROBABILITY_NONE |  |

        triageReasons:
          enum:
            - FINDING_TRIAGE_REASON_FALSE_POSITIVE
            - FINDING_TRIAGE_REASON_NO_TIME
            - FINDING_TRIAGE_REASON_ACCEPTABLE_RISK
            - FINDING_TRIAGE_REASON_NO_TRIAGE_REASON
            - FINDING_TRIAGE_REASON_UNKNOWN
            - FINDING_TRIAGE_REASON_DUPLICATE
          type: array
          items:
            enum:
              - FINDING_TRIAGE_REASON_UNSPECIFIED
              - FINDING_TRIAGE_REASON_FALSE_POSITIVE
              - FINDING_TRIAGE_REASON_NO_TIME
              - FINDING_TRIAGE_REASON_ACCEPTABLE_RISK
              - FINDING_TRIAGE_REASON_NO_TRIAGE_REASON
              - FINDING_TRIAGE_REASON_UNKNOWN
              - FINDING_TRIAGE_REASON_DUPLICATE
            type: string
            format: enum
          description: >+
            Filters issues whose triage reason matches one of the specified
            values. Applies to all issue types.


            | value | description |

            |-------|---------------|

            | FINDING_TRIAGE_REASON_FALSE_POSITIVE |  |

            | FINDING_TRIAGE_REASON_NO_TIME |  |

            | FINDING_TRIAGE_REASON_ACCEPTABLE_RISK |  |

            | FINDING_TRIAGE_REASON_NO_TRIAGE_REASON |  |

            | FINDING_TRIAGE_REASON_UNKNOWN |  |

            | FINDING_TRIAGE_REASON_DUPLICATE |  |

        timeFilter:
          enum:
            - TIME_FILTER_RELEVANT_SINCE
            - TIME_FILTER_TRIAGED_AT
            - TIME_FILTER_FIXED_AT
          type: string
          description: >+
            Filters issues by date based on different attributes related to
            status changes or triaging


            | value | description |

            |-------|---------------|

            | TIME_FILTER_RELEVANT_SINCE |  |

            | TIME_FILTER_TRIAGED_AT |  |

            | TIME_FILTER_FIXED_AT |  |

          format: enum
        includeTicketed:
          type: boolean
          description: >-
            Filters issues based on if they have a nango_external_ticket
            associated with them
        backlogType:
          enum:
            - ISSUE_BACKLOG_TYPE_PROD
            - ISSUE_BACKLOG_TYPE_PREPROD
          type: string
          description: >+
            Filters issues to either all (prod), or only those with review
            comments (pre-prod). Only applies when the provided issue_type is
            SAST.
             TODO: once experiment is successful, prod should mean only issues in actual production (very similar to on_primary_branch)
             TODO: verify if review_comment is correct for SCA/SECRETS and enable this filter for those issue types too

            | value | description |

            |-------|---------------|

            | ISSUE_BACKLOG_TYPE_PROD |  |

            | ISSUE_BACKLOG_TYPE_PREPROD |  |

          format: enum
        scaRuleKind:
          enum:
            - SCA_RULE_KIND_REACHABLE
            - SCA_RULE_KIND_UPGRADE_ONLY
            - SCA_RULE_KIND_MALICIOUS_DEPENDENCY
            - SCA_RULE_KIND_LEGACY
          type: array
          items:
            enum:
              - SCA_RULE_KIND_UNSPECIFIED
              - SCA_RULE_KIND_REACHABLE
              - SCA_RULE_KIND_UPGRADE_ONLY
              - SCA_RULE_KIND_MALICIOUS_DEPENDENCY
              - SCA_RULE_KIND_LEGACY
            type: string
            format: enum
          description: >+
            Filters supply chain issues by its kind (malicious dependency,
            reachable, upgrade-only, legacy). Only applies when the provided
            issue_type is SCA.


            | value | description |

            |-------|---------------|

            | SCA_RULE_KIND_REACHABLE |  |

            | SCA_RULE_KIND_UPGRADE_ONLY |  |

            | SCA_RULE_KIND_MALICIOUS_DEPENDENCY |  |

            | SCA_RULE_KIND_LEGACY |  |

        aiMemoryWillFlipVerdict:
          type: string
          description: >-
            Filters issues where a given memory ID's preanalysi shows the AI
            verdict would change. Supports only one memory ID at a time.
        aiMemoryReferenced:
          type: string
          description: >-
            Filters issues to those which have an AI memory referenced. Applies
            to SAST issues only.
        includeAiMemoryRendered:
          type: boolean
          description: >-
            Filters for issues based on if they have any AI memory rendered.
            Applies to SAST issues only.
        aiMemoryRendered:
          type: string
          description: >-
            Filters issues to those which have a specific AI memory rendered.
            Applies to SAST issues only.
        memoryIdInScope:
          type: string
          description: >-
            Filters to issues that are in scope of the given memory. Applies to
            SAST issues only.
        relativeSince:
          enum:
            - RELATIVE_SINCE_ONE_DAY
            - RELATIVE_SINCE_ONE_WEEK
            - RELATIVE_SINCE_ONE_MONTH
            - RELATIVE_SINCE_THREE_MONTHS
            - RELATIVE_SINCE_SIX_MONTHS
            - RELATIVE_SINCE_ONE_YEAR
            - RELATIVE_SINCE_ALL_TIME
            - RELATIVE_SINCE_ONE_MINUTE
          type: string
          description: >+
            Filters issues relevant since the specified relative time. Applies
            to all issue types.


            | value | description |

            |-------|---------------|

            | RELATIVE_SINCE_ONE_DAY |  |

            | RELATIVE_SINCE_ONE_WEEK |  |

            | RELATIVE_SINCE_ONE_MONTH |  |

            | RELATIVE_SINCE_THREE_MONTHS |  |

            | RELATIVE_SINCE_SIX_MONTHS |  |

            | RELATIVE_SINCE_ONE_YEAR |  |

            | RELATIVE_SINCE_ALL_TIME |  |

            | RELATIVE_SINCE_ONE_MINUTE |  |

          format: enum
        repositoryDeploymentStatuses:
          enum:
            - DEPLOYMENT_STATUS_UNKNOWN
            - DEPLOYMENT_STATUS_DEPLOYED
            - DEPLOYMENT_STATUS_NOT_DEPLOYED
          type: array
          items:
            enum:
              - DEPLOYMENT_STATUS_UNSPECIFIED
              - DEPLOYMENT_STATUS_UNKNOWN
              - DEPLOYMENT_STATUS_DEPLOYED
              - DEPLOYMENT_STATUS_NOT_DEPLOYED
            type: string
            format: enum
          description: >+
            Filters issues to whose projects are deployed in an environment.
            Applies to all issue types.


            | value | description |

            |-------|---------------|

            | DEPLOYMENT_STATUS_UNKNOWN |  |

            | DEPLOYMENT_STATUS_DEPLOYED |  |

            | DEPLOYMENT_STATUS_NOT_DEPLOYED |  |

        upgradeGuidance:
          enum:
            - BREAKING_CHANGE_TYPE_PARAMETER_CHANGE
            - BREAKING_CHANGE_TYPE_FUNCTION_OR_CLASS_REMOVAL
            - BREAKING_CHANGE_TYPE_FUNCTION_RENAME
            - BREAKING_CHANGE_TYPE_LOGIC_CHANGE
            - BREAKING_CHANGE_TYPE_NOT_BREAKING
          type: array
          items:
            enum:
              - BREAKING_CHANGE_TYPE_UNSPECIFIED
              - BREAKING_CHANGE_TYPE_PARAMETER_CHANGE
              - BREAKING_CHANGE_TYPE_FUNCTION_OR_CLASS_REMOVAL
              - BREAKING_CHANGE_TYPE_FUNCTION_RENAME
              - BREAKING_CHANGE_TYPE_LOGIC_CHANGE
              - BREAKING_CHANGE_TYPE_NOT_BREAKING
            type: string
            format: enum
          description: >+
            Filters supply chain issues whose upgrade guidance matches one of
            the specified values. Only applies when the provided issue_type is
            SCA.
             Deprecated in favor of `upgrade_guidance_filters`.

            | value | description |

            |-------|---------------|

            | BREAKING_CHANGE_TYPE_PARAMETER_CHANGE | The symbol has a breaking
            change due to a change in the parameters of the function. This
            includes changes in the number of parameters, their names, their
            types, etc. |

            | BREAKING_CHANGE_TYPE_FUNCTION_OR_CLASS_REMOVAL | The symbol has a
            breaking change due to the removal of a function or class. This
            means that the function or class is no longer available in the
            target version. |

            | BREAKING_CHANGE_TYPE_FUNCTION_RENAME | The symbol has a breaking
            change due to a change in the name of the function or class. |

            | BREAKING_CHANGE_TYPE_LOGIC_CHANGE | The symbol has a breaking
            change due to a change in the logic of the function or class. This
            means that the function or class still exists, but its behavior has
            changed in a way that may affect the code that uses it. |

            | BREAKING_CHANGE_TYPE_NOT_BREAKING | The symbol does not have a
            breaking change, meaning it can be used in the target version
            without any issues. |

        repositoryPublicExposures:
          enum:
            - PUBLIC_EXPOSURE_UNKNOWN
            - PUBLIC_EXPOSURE_PUBLIC
            - PUBLIC_EXPOSURE_NOT_PUBLIC
          type: array
          items:
            enum:
              - PUBLIC_EXPOSURE_UNSPECIFIED
              - PUBLIC_EXPOSURE_UNKNOWN
              - PUBLIC_EXPOSURE_PUBLIC
              - PUBLIC_EXPOSURE_NOT_PUBLIC
            type: string
            format: enum
          description: >+
            Filters issues to those whose deployed services are publicly
            accessible. Applies to all issue types.


            | value | description |

            |-------|---------------|

            | PUBLIC_EXPOSURE_UNKNOWN |  |

            | PUBLIC_EXPOSURE_PUBLIC |  |

            | PUBLIC_EXPOSURE_NOT_PUBLIC |  |

        clickToFixPrStates:
          enum:
            - CLICK_TO_FIX_PR_STATE_OPEN
            - CLICK_TO_FIX_PR_STATE_MERGED
            - CLICK_TO_FIX_PR_STATE_NO_PR
          type: array
          items:
            enum:
              - CLICK_TO_FIX_PR_STATE_UNSPECIFIED
              - CLICK_TO_FIX_PR_STATE_OPEN
              - CLICK_TO_FIX_PR_STATE_MERGED
              - CLICK_TO_FIX_PR_STATE_NO_PR
            type: string
            format: enum
          description: >+
            Filters issues by their Click to Fix PR state. Only applies when the
            provided issue_type is SAST or SCA.


            | value | description |

            |-------|---------------|

            | CLICK_TO_FIX_PR_STATE_OPEN |  |

            | CLICK_TO_FIX_PR_STATE_MERGED |  |

            | CLICK_TO_FIX_PR_STATE_NO_PR |  |

        advisoryIds:
          type: array
          items:
            type: string
          description: >-
            Filters supply chain issues by advisory IDs (CVE, GHSA, MAL, etc.).
            Only applies when the provided issue_type is SCA.
        aggregateIssueStates:
          enum:
            - AGGREGATE_ISSUE_STATE_OPEN
            - AGGREGATE_ISSUE_STATE_FIXED
            - AGGREGATE_ISSUE_STATE_REMOVED
            - AGGREGATE_ISSUE_STATE_IGNORED_APP
            - AGGREGATE_ISSUE_STATE_IGNORED_CODE
            - AGGREGATE_ISSUE_STATE_UNKNOWN
            - AGGREGATE_ISSUE_STATE_REVIEWING
            - AGGREGATE_ISSUE_STATE_FIXING
            - AGGREGATE_ISSUE_STATE_PROVISIONALLY_IGNORED_APP
          type: array
          items:
            enum:
              - AGGREGATE_ISSUE_STATE_UNSPECIFIED
              - AGGREGATE_ISSUE_STATE_OPEN
              - AGGREGATE_ISSUE_STATE_FIXED
              - AGGREGATE_ISSUE_STATE_REMOVED
              - AGGREGATE_ISSUE_STATE_IGNORED_APP
              - AGGREGATE_ISSUE_STATE_IGNORED_CODE
              - AGGREGATE_ISSUE_STATE_UNKNOWN
              - AGGREGATE_ISSUE_STATE_REVIEWING
              - AGGREGATE_ISSUE_STATE_FIXING
              - AGGREGATE_ISSUE_STATE_PROVISIONALLY_IGNORED_APP
            type: string
            format: enum
          description: >+
            Filters issues whose aggregate state matches one of the specified
            values. Applies to all issue types.
             Only supported in the Duplo code path.

            | value | description |

            |-------|---------------|

            | AGGREGATE_ISSUE_STATE_OPEN |  |

            | AGGREGATE_ISSUE_STATE_FIXED |  |

            | AGGREGATE_ISSUE_STATE_REMOVED |  |

            | AGGREGATE_ISSUE_STATE_IGNORED_APP |  |

            | AGGREGATE_ISSUE_STATE_IGNORED_CODE |  |

            | AGGREGATE_ISSUE_STATE_UNKNOWN |  |

            | AGGREGATE_ISSUE_STATE_REVIEWING |  |

            | AGGREGATE_ISSUE_STATE_FIXING |  |

            | AGGREGATE_ISSUE_STATE_PROVISIONALLY_IGNORED_APP |  |

        upgradeGuidanceFilters:
          enum:
            - UPGRADE_GUIDANCE_SELECTION_SAFE
            - UPGRADE_GUIDANCE_SELECTION_BREAKING
          type: array
          items:
            enum:
              - UPGRADE_GUIDANCE_SELECTION_UNSPECIFIED
              - UPGRADE_GUIDANCE_SELECTION_SAFE
              - UPGRADE_GUIDANCE_SELECTION_BREAKING
            type: string
            format: enum
          description: >+
            Filters supply chain issues by generic upgrade guidance selections
            (safe or breaking). Only applies when the provided issue_type is
            SCA.


            | value | description |

            |-------|---------------|

            | UPGRADE_GUIDANCE_SELECTION_SAFE |  |

            | UPGRADE_GUIDANCE_SELECTION_BREAKING |  |

        filterIssueTypes:
          enum:
            - ISSUE_TYPE_SAST
            - ISSUE_TYPE_SCA
            - ISSUE_TYPE_SECRETS
            - ISSUE_TYPE_RESEARCH
            - ISSUE_TYPE_AI_SAST
          type: array
          items:
            enum:
              - ISSUE_TYPE_UNSPECIFIED
              - ISSUE_TYPE_SAST
              - ISSUE_TYPE_SCA
              - ISSUE_TYPE_SECRETS
              - ISSUE_TYPE_RESEARCH
              - ISSUE_TYPE_AI_SAST
            type: string
            format: enum
          description: >+
            Frontend-only: this field is included in IssuesFilter to leverage
            proto-generated TypeScript
             types for filter state management and URL serialization. When non-empty, restricts the duplo
             combined Code view to show only the specified issue types. The backend ignores this field.

            | value | description |

            |-------|---------------|

            | ISSUE_TYPE_SAST | Detected by Code rules |

            | ISSUE_TYPE_SCA | Detected by Supply Chain rules |

            | ISSUE_TYPE_SECRETS | Detected by Secrets rules |

            | ISSUE_TYPE_RESEARCH | Detected by research rules or scanners |

            | ISSUE_TYPE_AI_SAST | Detected by AI detection code scanning |

        filePaths:
          type: array
          items:
            type: string
          description: >-
            Fuzzy file path search. Filters issues whose file path matches one
            of the specified values using
             analyzed text search (splits on / . _ - etc. and supports typo tolerance). Only works when
             Duplo is enabled for the deployment — ignored otherwise. Accepts an array of strings but
             currently only the first value is used.
        includeArchived:
          type: boolean
          description: >-
            When true, include findings on archived projects in results. By
            default
             (unset/false), findings on archived projects are hidden from all product
             tabs and their counts — but only for deployments that have archived
             projects (gated by the `appex.has_archived_projects` config). Applies to
             all issue types. Archival is a separate dimension from aggregate state, so
             this is an independent toggle rather than an `aggregate_issue_states` value.
    protos.ai.v1.NonExclusiveMemoryFilter:
      type: object
      properties:
        ids:
          type: array
          items:
            type: string
        issueParentIds:
          type: array
          items:
            type: string
        ruleIds:
          type: array
          items:
            type: string
      description: |-
        Filter that matches issues using OR logic across all specified fields.
         An issue is included if it matches any field.
    protos.ai.v1.Memory:
      type: object
      properties:
        id:
          type: string
          description: The memories database id
        content:
          type: string
          description: The user-provided plain text memory message
        ruleId:
          type: string
          description: The rule id that the memory is associated with
        ruleName:
          type: string
          description: The name of the rule that the memory is associated with
        repositoryId:
          type: string
          description: The repository id that the memory is associated with
        repositoryName:
          type: string
          description: The name of the repository that the memory is associated with
        createdAt:
          type: string
          description: The timestamp when the memory was created
          format: date-time
        createdBy:
          type: string
          description: The user who created the memory
        context:
          type: array
          items:
            type: string
          description: |-
            Where the memory should apply, e.g. "TRIAGE" or "GUIDANCE"
             Defined in AiMemoryContext
        stage:
          enum:
            - AI_MEMORY_STAGE_LIVE
            - AI_MEMORY_STAGE_SUGGESTED
            - AI_MEMORY_STAGE_DELETED
          type: string
          description: |+
            The state of the memory

            | value | description |
            |-------|---------------|
            | AI_MEMORY_STAGE_LIVE |  |
            | AI_MEMORY_STAGE_SUGGESTED |  |
            | AI_MEMORY_STAGE_DELETED |  |

          format: enum
        pathPrefixes:
          type: array
          items:
            type: string
          description: The path prefixes that the memory should apply to
        suggestionSources:
          allOf:
            - $ref: '#/components/schemas/protos.ai.v1.AiMemorySuggestionSources'
          description: The sources of the memory. Only applies to suggested memories.
        preanalysisCounts:
          allOf:
            - $ref: '#/components/schemas/protos.ai.v1.MemoryPreanalysisCounts'
          description: >-
            How issue IDs flipped as a result of the memory, set if the memory
            is SUGGESTED and has been preanalyzed
        vulnerabilityClass:
          type: string
          description: The vulnerability class the memory applies to
        projectTagId:
          type: integer
          description: >-
            The project tag ID that the memory applies to (mutually exclusive
            with repository_id)
          format: int64
    protos.ai.v1.AiMemorySuggestionSources:
      type: object
      properties:
        sources:
          type: array
          items:
            $ref: '#/components/schemas/protos.ai.v1.AiMemorySource'
    protos.ai.v1.MemoryPreanalysisCounts:
      type: object
      properties:
        newlyTruePositive:
          type: string
        newlyFalsePositive:
          type: string
        remainsTruePositive:
          type: string
        remainsFalsePositive:
          type: string
    protos.ai.v1.AiMemorySource:
      type: object
      properties:
        note:
          type: string
          description: The reference note that the memory is associated with
        createdBy:
          type: string
          description: The user who created the memory
        createdAt:
          type: string
          description: The timestamp when the note was created
          format: date-time
        sampleIssueId:
          type: string
          description: A randomly chosen issue IDs that the note is associated with
        prCommentUrl:
          type: string
          description: >-
            URL to the PR/MR comment where this triage occurred (constructed
            dynamically on fetch)
        reviewCommentId:
          type: string
          description: >-
            The ID of the review comment that originated this memory (used to
            construct pr_comment_url)
  securitySchemes:
    SemgrepWebToken:
      type: http
      description: >-
        Get access to data with your API token. Example header:


        `Authorization: Bearer
        2991e2fb4b540fe75b8f90677b0b892b6314e4961cb001fe6eb452eee248a628`


        The token can be provisioned from the Tokens section in your Settings,
        and requires explicitly enabling `Web API` access.
      scheme: bearer
      bearerFormat: string
    SemgrepJWT:
      type: http
      description: Get access to data with your user's JSON Web Token.
      scheme: bearer
      bearerFormat: string

````