Scan Endpoints
POST
/api/scansAuth: JWT Bearer
Create a new scan for a GitHub repository.
Request body
| Field | Type | Required | Description |
|---|---|---|---|
github_url | string | Yes | Full GitHub URL: https://github.com/owner/repo |
Response
| Field | Type | Description |
|---|---|---|
id | uuid | Scan ID |
status | string | "queued" — scan runs asynchronously |
github_url | string | Repository URL |
created_at | timestamp | ISO 8601 |
Code example
bash
curl -X POST https://api.deptic.in/api/scans \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: application/json" \
-d '{"github_url": "https://github.com/spring-projects/spring-petclinic"}'Response example
json
{
"id": "e6caf740-993c-4ed6-8f09-48c2c3db1b99",
"status": "queued",
"github_url": "https://github.com/spring-projects/spring-petclinic",
"ecosystem": "",
"created_at": "2026-05-10T13:21:10Z"
}GET
/api/scans/:scanIDAuth: JWT Bearer
Get full scan results including stats, vulnerability summary, and compliance score.
Path parameters
| Parameter | Type | Description |
|---|---|---|
scanID | uuid | Scan ID from POST /api/scans response |
Response example
json
{
"id": "e6caf740-993c-4ed6-8f09-48c2c3db1b99",
"status": "done",
"github_url": "https://github.com/spring-projects/spring-petclinic",
"ecosystem": "maven",
"stats": {
"inventory_size": 63,
"direct_library": 15,
"transitive": 48,
"license_spread": 14,
"active_threats": 12
},
"vulnerability_summary": {
"critical": 0,
"high": 0,
"medium": 12,
"low": 0
},
"compliance": {
"ntia_score": 85,
"status": "PARTIALLY COMPLIANT",
"ntia_compliant": false,
"eu_cra_compliant": false
},
"ecosystem_breakdown": {
"maven": {
"count": 63,
"direct": 15,
"transitive": 48
}
},
"manifest_files": [
{ "path": "pom.xml", "ecosystem": "maven" }
],
"created_at": "2026-05-10T13:21:10Z",
"completed_at": "2026-05-10T13:21:52Z"
}POST
/api/scan-localAuth: API Key in request body
Scan a local project by uploading manifest file contents. Used by the deptic-scan CLI.
Request body example
json
{
"api_key": "depticio_your_key",
"project_name": "my-app",
"manifests": [
{
"filename": "package.json",
"path": "package.json",
"content": "{ \"dependencies\": { \"express\": \"4.16.0\" } }",
"ecosystem": "npm"
}
]
}Limits
| Limit | Value |
|---|---|
| Max manifests per request | 50 |
| Max file size per manifest | 5 MB |
| Request timeout | 10 minutes |
| Max scans per key | 1 (single-use) |