Advisory endpoints
List advisory scopes
GET /api/v1/advisories/scopes
Authorization: Bearer <jwt>
Returns the status of all advisory scopes known to the server, including sync status, advisory counts, and host usage.
Response (200)
[
{
"scope_key": "rocky:9",
"status": "synced",
"last_sync_at": "2025-01-15T06:00:00Z",
"last_success_at": "2025-01-15T06:00:00Z",
"advisory_count": 1247,
"sha256": "abc123...",
"size_bytes": 4567890,
"host_usage_count": 5,
"next_refresh_at": "2025-01-15T12:00:00Z"
}
]
Trigger manual sync
POST /api/v1/advisories/scopes/{scopeKey}/sync
Authorization: Bearer <jwt>
Queues an advisory database sync job for the specified scope. If a sync is already running or scheduled, the request is ignored (the job is deduplicated by arguments and state).
Advisory overview
GET /api/v1/advisories/overview
Authorization: Bearer <jwt>
Returns aggregate counts across all scopes.
Response (200)
{
"total_advisories": 5000,
"total_scopes": 4,
"synced_scopes": 3
}
Get advisory details
GET /api/v1/advisories/{id}
Authorization: Bearer <jwt>
Returns details for a single advisory, including references, affected package rules, and fixed packages.
Response (200)
{
"id": "RHSA-2024:1234",
"source_system": "rocky",
"vendor": "rocky",
"advisory_type": "security",
"severity": "important",
"summary": "Important: openssl security update",
"description": "...",
"published_at": "2024-06-15T00:00:00Z",
"updated_at": "2024-06-15T00:00:00Z",
"evidence_tier": "vendor",
"is_security": true
}