# GLOSI API Documentation

<div align="left"><figure><img src="/files/R32LyNJsV4D1UtjiIc7t" alt="" width="375"><figcaption></figcaption></figure></div>

*© 2026 Lineaje, Inc. All rights reserved. Proprietary and Confidential.*

## Introduction

This reference describes the GLOSI REST API and Lineaje Query Language (LQL), enabling you to query component, vulnerability, and supply chain data programmatically.

GLOSI data is accessible via a REST endpoint. Lineaje exposes LQL on this endpoint to simplify queries and support advanced analytical use cases. LQL is a flexible query language designed to search and analyze GLOSI data. It provides an intuitive syntax for filtering, aggregating, and visualizing data related to components and vulnerabilities.

### Deployment Models

GLOSI supports two deployment models:

* **Local deployment** — GLOSI is deployed within the customer's own infrastructure. The API endpoint is local to the customer environment.
* **Cloud API** — Lineaje hosts the GLOSI endpoint. No local deployment is required.

## API Endpoint

### Endpoint URLs

Use the endpoint that matches your deployment model:

| Deployment Model       | Endpoint URL                                                                                                                                       |
| ---------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- |
| **Local deployment**   | GLOSI endpoint will be local to the customer                                                                                                       |
| Lineaje GLOSI endpoint | [`https://data-service-v2-apigw.v2.prod.veedna.com/api/v2/lql/components`](https://data-service-v2-apigw.v2.prod.veedna.com/api/v2/lql/components) |

```bash
curl --location 'http://<GLOSI service_endpoint>:8000/api/v2/lql/components' \
--header 'accept: application/json, text/plain, */*' \
--header 'content-type: application/json' \
--header 'company-id: <company_id>' \
--header 'product-id: 1' \
--data '{
"lql": "your LQL query here",
"limit": 10, // Total items in the response
"page_no": 1 // Page No
"is_opensource":true
"include_raw_data": false
}'
```

## LQL Syntax

An LQL query consists of up to four components, evaluated left to right and separated by the pipe character (|):

`search_term | function parameters | command(parameters) | clause parameters`

LQL queries can contain:

* Only one search term
* one or more functions
* one or more commands
* one or more clause

{% stepper %}
{% step %}

#### Search Terms

Search Terms are the foundation of any LQL query, allowing you to filter data based on specific criteria. They work like a database WHERE clause, defining which records should be included in your results. Search terms return raw data that matches your specified conditions.

Search terms support exact matching, wildcards, ranges, and logical operators, giving you precise control over your data filtering:

* `package.name=log4j` # Exact match
* `vulnerability.severity=critical` # Field equals specific value
* `project.created>=2025-06-21` # Greater than or equal comparison
* `vulnerability.name=CVE-2021-*` # Wildcard matching
* `field1=value1 $OR field2=value2` # Logical grouping

When you submit a search term without any other components, LQL returns the raw matching documents, making it easy to explore your data before applying more complex operations.
{% endstep %}

{% step %}

#### Functions

Functions perform calculations or transformations on your data, generating aggregate results rather than returning individual records. They're powerful tools for data analysis and visualization.

Functions typically operate on fields and can be combined with clauses for grouping:

* `| stats count(package.name)` # Count total number of package names
* `| stats unique_count(package.name)` # Count distinct number of package names (uses cardinality aggregation)
* `| stats avg(irl.irl_score)` # Calculate average IRL score
* `| chart table(field1, field2)` # Format results as a table with specified columns

Functions like stats and chart transform raw data into meaningful summaries, helping you extract insights from large datasets efficiently.
{% endstep %}

{% step %}

#### Commands

Commands are actions that modify how your search results are processed or presented. They transform the result set without changing which records are included.

Commands in LQL are inspired by Splunk's SPL and are applied using the pipe (`|`) symbol:

* `| sort(field:asc)` # Sort results by field in ascending order
* `| collapse(field)` # Group results by field, showing only top document per group
* `| collapse_latest(field)` # Group by field, showing latest document per group
* `| boost(field1:3.0, field2:1.5)` # Increase relevance of matches in specific fields

Commands are processed left to right, each operating on the output of the previous one, allowing you to build complex data processing pipelines.
{% endstep %}

{% step %}

#### Clauses

Clauses modify how functions operate by specifying grouping, filtering, or naming operations. They extend function capabilities by defining how results should be organized or filtered.

The most common clause is the **by** clause, which groups function results:

* `| stats unique_count(project.name) by vulnerability.severity` # Get distinct project counts by vulnerability severity
* `| chart table(field1, field2) by group_field` # Create table grouped by a field

Clauses support nested aggregations, allowing for hierarchical grouping with multiple fields:

* `| stats count(project.name) by (package.name, project.organisation)` # Creates nested grouping structure

This hierarchical structure is implemented through nested OpenSearch aggregations, with each level corresponding to one of the specified fields.
{% endstep %}
{% endstepper %}

## How to Use LQL

If you are looking for:

* packages(components): start your LQL with `package.<something>=<value>` eg:
  * `package.name=log4j*` # All names starting from log4j
  * `package.category=tp $OR oss` # All packages whose category is either third party or OSS
* vulnerabilities: start your LQL with `vulnerability.<something>=<value>` eg:
  * `vulnerability.name=CVE-1234*` # All names starting from CVE-1234
  * `vulnerability.severity=*` # All severities
* code\_quality issues: start your LQL with `code_quality.<something>=<value>` eg:
  * `code_quality.name=EOL`
  * `code_quality.severity=*`
* security\_posture: start your LQL with `security_posture.<something>=<value>` eg:
  * `security_posture.name=EOL`
  * `security_posture.severity=*`
* commits: start your LQL with `commits.<something>=<value>` eg:
  * `commits.country_code=*` # Commits from all countries
  * `commits.contributor_commit_count > 10` # Commits data where contributors made more than 10 commits

### Search Examples with All Fields (Raw Data)

The following examples use search term only and query the data. The data returned is the raw data and includes all fields.

#### Search for a Package by Name

Returns all log4j packages with their full field set.

```bash
curl -X POST http://<GLOSI service-endpoint or IP-address>:8000/api/v2/lql/components \
-H "Content-Type: application/json" \
-H "company_id: vdna_994mgmr65tculnfy" \
-d '{
"lql": "package.name=log4j*",
"limit": 1
}'
```

Response (abbreviated):

```json
{
  "package.name=log4j*": [
    {
      "package": {
        "id": "SPDX-PACKAGE-73c8c5b8-ecd9-5f9d-ad77-ed65811ed455",
        "name": "log4j:log4j:1.2.17",
        "version": "1.2.17",
        "file_name": "log4j:log4j:1.2.17.jar",
        "friendly_name": "log4j:1.2.17",
        "desc": "Apache log4j1",
        "pkg_manager": "maven",
        "last_modified": "2012-05-26T09:43:00.000Z",
        "purl": "pkg:maven/log4j/log4j@1.2.17",
        "cpes": [
          "cpe:2.3:a:apache:log4j:1.2.17:*:*:*:*:*:*:*"
        ],
        "checksum": {
          "md5": "04a41f0a068986f0f73485cf507c0f40",
          "sha1": "5af35056b4d257e4b64b9e8069c0746e8b08629f",
          "sha256": "1d31696445697720527091754369082a6651bd49781b6005deb94e56753406f9",
          "sha512": null
        },
        "supplier": "The Apache Software Foundation",
        "supplier_info": {
          "name": "The Apache Software Foundation",
          "org": "The Apache Software Foundation",
          "home_page": "http://logging.apache.org/log4j/1.2",
          "is_verified": true
        },
        "total_vulnerability_count": 5,
        "total_fixed_vulnerability_count": 0,
        "vuln_fixed_info": null,
        "license": [
          {
            "url": "https://www.apache.org/licenses/LICENSE-2.0",
            "full_name": "Apache License 2.0",
            "short_id": "Apache-2.0",
            "is_opensource": true
          }
        ]
      },
      "sbom": {
        "...."
      },
      "source_code": {
        "name": "logging-log4j1",
        "repo_type": "github",
        "languages": [
          "java",
          "other",
          "html",
          "c++",
          "monkey c",
          "batch",
          "roff",
          "perl",
          "batchfile",
          "css"
        ],
        "loc": "https://github.com/apache/logging-log4j1",
        "version": "log4j-1.2.17",
        "...."
      },
      "attestation_level": 3
    }
  ],
  "total_hits": 14126,
  "total_docs": 14126,
  "current_page": 1,
  "total_pages": 14126
}
```

#### Search for a Specific Vulnerability

Returns all packages affected by CVE-2021-23406.

```bash
curl -X POST http://<GLOSI service-endpoint or IP-address>:8000/api/v2/lql/components \
-H "Content-Type: application/json" \
-H "company_id: vdna_994mgmr65tculnfy" \
-d '{
"lql": "vulnerability.name=CVE-2021-23406",
"limit": 1
}'
```

Response (abbreviated):

```json
{
  "vulnerability.name=CVE-2021-23406": [
    {
      "package": {
        "name": "npm:pac-resolver:4.2.0",
        "version": "4.2.0"
      },
      "{...}"
      "vulnerability": [
        {
          "base_score": 9.8,
          "vuln_created": "2021-09-02T17:10:06.000Z",
          "name_space": "github:language:javascript",
          "origin": "osv",
          "impact_score": 9.8,
          "doc_type": "vulnerability",
          "collector": "lineaje",
          "static_functions_scanned_number": null,
          "vuln_modified": "2025-01-14T09:12:24.000Z",
          "fix_state": "fixed",
          "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "id": null,
          "severity": "High",
          "doc_created": "2025-07-01T07:13:03.000Z",
          "company_id": "vdna_994mgmr65tculnfy",
          "is_exploited": false,
          "data_source": "https://github.com/advisories/GHSA-9j49-mfvp-vmhm",
          "target": "pkg:npm/pac-resolver@4.2.0",
          "cvs_version": 3.1,
          "name": "CVE-2021-23406",
          "exploitability_score": 9.8
        }
      ]
    }
  ]
}
```

### Search Examples with specific fields

Use the chart table() function to specify exactly which fields to return, for cases where only certain fields are required in the response.

#### Search for All Versions of log4j

To display all versions of log4j

```bash
curl -X POST http://<GLOSI service-endpoint or IP-address>:8000/api/v2/lql/components \
-H 'accept: application/json, text/plain, */*' \
-H 'content-type: application/json' \
-H 'company-id: <company_id>' \
-H 'product-id: 1' \
-d '{
"lql": "package.name=log4j* | chart table(package.id, package.name, package.version)",
"page_no": 1,
"limit": 3,
"is_opensource": true,
"include_raw_data": false
}'
```

Response:

```json
{
  "package.name=log4j*": [], # EMPTY because include_raw_data=false
  "function: chart table(package.id, package.name, package.version)": [
    {
      "package.id": "SPDX-PACKAGE-1aafdcd8-49f2-573c-a9d8-f3d55f4cc3c1",
      "package.name": "log4j:log4j:1.2.17",
      "package.version": "1.2.17"
    },
    {
      "package.id": "SPDX-PACKAGE-850670c3-b6f8-5982-9f7b-4a7c459fab44",
      "package.name": "log4j:log4j:1.2.17",
      "package.version": "1.2.17"
    }
    . . .
  ],
  "total_docs": 3,
  "total_hits": 36,
  "current_page": 1,
  "total_pages": 12,
  "all_columns": [
    "package.id",
    "package.name",
    "package.version",
    . . .
  ],
  "default_columns": [
    "package.id",
    "package.name",
    "package.version"
  ]
}
```

#### Search for All Versions of log4j With Vulnerabilities

```bash
curl -X POST http://<GLOSI service-endpoint or IP-address>:8000/api/v2/lql/components \
-H 'accept: application/json, text/plain, */*' \
-H 'content-type: application/json' \
-H 'company-id: <company_id>' \
-H 'product-id: 1' \
-d '{
"lql": "package.name=log4j* $AND vulnerability.severity=* | chart table(vulnerability.name, vulnerability.severity, package.id, package.name, package.version)",
"page_no": 1,
"limit": 3,
"is_opensource": true,
"include_raw_data": false
}'
```

Response:

```json
{
  "package.name=log4j* $AND vulnerability.severity=*": [],
  "total_hits": 45, # Total Matching Results Available to Query
  "total_docs": 3, # Total Results on This Page
  "current_page": 1, # This Page Number
  "total_pages": 15, # Total Pages Available to Query
  "chart table(vulnerability.name, vulnerability.severity, package.id, package.name, package.version)": [
    {
      "vulnerability.name": "CVE-2019-17571",
      "vulnerability.severity": "Critical",
      "package.id": "SPDX-PACKAGE-1aafdcd8-49f2-573c-a9d8-f3d55f4cc3c1",
      "package.name": "log4j:log4j:1.2.17",
      "package.version": "1.2.17"
    },
    . . .
  ]
}
```

#### Search For Critical Vulnerabilities in a Date Range

Returns log4j packages with critical vulnerabilities created between 1 June 2025 01:00 and 30 June 2025 14:00, sorted by package name.

```bash
curl -X POST http://<GLOSI service-endpoint or IP-address>:8000/api/v2/lql/components \
-H 'accept: application/json, text/plain, */*' \
-H 'content-type: application/json' \
-H 'company-id: <company_id>' \
-H 'product-id: 1' \
-d '{
"lql": "package.name=log4j* $AND vulnerability.severity=critical $AND package.created>=2025-06-01 01:00:00 $AND <=2025-06-01 14:00:00 | chart table(vulnerability.name, vulnerability.severity, package.id, package.name, package.version) | sort(package.name:asc)",
"page_no": 1,
"limit": 3,
"is_opensource": true,
"include_raw_data": false
}'
```

Response:

```json
{
  "package.name=log4j* $AND vulnerability.severity=* $AND package.created>=2023-06-01 01:00:00 $AND <= 2025-06-01 14:00:00": [],
  "total_hits": 30,
  "total_docs": 3,
  "current_page": 1,
  "total_pages": 10,
  "chart table(vulnerability.name, vulnerability.severity, package.id, package.name, package.version)": [
    {
      "vulnerability.name": "CVE-2022-23307",
      "vulnerability.severity": "Critical",
      "package.id": "SPDX-PACKAGE-96763ab6-23cf-5f09-a37d-9141ea0fc461",
      "package.name": "log4j:log4j:1.2.12",
      "package.version": "1.2.12"
    },
    . . .
  ]
}
```

#### Critical Vulnerabilities from a Verified Supplier (Last 120 Days)

Returns log4j packages with critical vulnerabilities, created within the last 120 days, from a verified supplier, sorted by vulnerability name.

```bash
curl -X POST http://<GLOSI service-endpoint or IP-address>:8000/api/v2/lql/components \
-H 'accept: application/json, text/plain, */*' \
-H 'content-type: application/json' \
-H 'company-id: <company_id>' \
-H 'product-id: 1' \
-d '{
"lql": "package.name=log4j* $AND vulnerability.severity=critical $AND package.created<=120 days $AND supplier.is_verified=true | chart table(vulnerability.name, vulnerability.severity, package.id, package.name, package.version) | sort(vulnerability.name:asc)",
"page_no": 1,
"limit": 3,
"is_opensource": true,
"include_raw_data": false
}'
```

Response:

```json
{
  "package.name=log4j* $AND vulnerability.severity=critical $AND package.created<=120 days $AND supplier.is_verified=true": [],
  "total_hits": 6,
  "total_docs": 3,
  "current_page": 1,
  "total_pages": 2,
  "chart table(vulnerability.name, vulnerability.severity, package.id, package.name, package.version)": [
    {
      "vulnerability.name": "CVE-2019-17571",
      "vulnerability.severity": "Critical",
      "package.id": "SPDX-PACKAGE-1aafdcd8-49f2-573c-a9d8-f3d55f4cc3c1",
      "package.name": "log4j:log4j:1.2.17",
      "package.version": "1.2.17"
    },
    . . .
  ]
}
```

## LQL Query Quick Reference

#### Search Term Operators

* `field=value` # Exact match eg. `vulnerability.severity=critical`
* `field=value with spaces` # Exact match with spaces eg. `project.name=Apache Software Foundation`
* `field=*` # Any value (exists) eg. `vulnerability.severity=*`
* `field=value*` # Starts with eg. `vulnerability.name=CVE-28*`
* `field=*value*` # Contains eg. `vulnerability.name=*VE-28*`
* `field!=value` # Not equal eg. `vulnerability.exploited!=true`
* `field>value` # Greater than eg. `project.created > 2025-06-24 $OR risk_level.score > 9`
* `field>=value` # Greater than or equal eg. `project.created >= 2025-06-24 $OR risk_level.score >= 9`
* `field<value` # Less than eg. `project.created < 2025-06-24 $OR risk_level.score < 9`
* `field<=value` # Less than or equal eg. `project.created <= 2025-06-24 $OR risk_level.score <= 9`

#### **Logical Operators**

* `field1=value1 $AND field2=value2` # Both conditions must be true
* `field1=value1 $OR field2=value2` # Either condition must be true
* `field=value1 $AND value2` # Field equals value1 AND value2
* `field=value1 $OR value2` # Field equals either value1 OR value2

#### Functions

* `| stats avg(field1, field2, ...)` # Average values of field
* `| stats count(field1, field2, ...)` # Count occurrences of field
* `| stats max(field1, field2, ...)` # Maximum value of field
* `| stats min(field1, field2, ...)` # Minimum value of field
* `| stats sum(field1, field2, ...)` # Sum values of field
* `| stats unique(field1, field2, ...)` # Get unique values of field
* `| stats unique_values(field1, field2, ...)` # Get unique values of field
* `| stats unique_count(field1, field2, ...)` # Count unique values of field
* `| stats top_hits(10)` # Get top 10 hits for the search term results
* `| chart table(field1, field2, ...)` # Format as table with specified fields
* `| chart table_fold(field1, field2, ...)` # Format as folded table
* `| chart histogram(field1, field2, ...)` # Create histogram of field values

#### Commands

* `| sort(field:asc)` # Sort results ascending eg. `| sort(project.name:asc)`
* `| sort(field:desc)` # Sort results descending eg. `| sort(project.name:desc)`
* `| sort(field1:asc, field2:desc)` # Sort by multiple fields eg. `| sort(project.name:asc, package.name:asc)`
* `| collapse(field)` # Group results by field, returning top document per group eg. `| collapse(package.purl)`
* `| collapse_latest(field)` # Group results by field, returning latest document per group eg. `| collapse_latest(package.purl)`
* `| boost(field1:2.0, field2:1.5)` # Boost relevance of specific fields in search results
* `| histogram_interval(field1:day, field2:month, field3:100)` # Set histogram interval for date fields

#### Clauses

* `| stats avg(field1, field2, ...) by (field4, ...)` # Average values of fields grouped by field4 or more
* `| stats count(field1, field2, ...) by (field4, ...)` # Count occurrences of fields grouped by field4 or more
* `| stats max(field1, field2, ...) by (field4, ...)` # Maximum value of fields grouped by field4 or more
* `| stats min(field1, field2, ...) by (field4, ...)` # Minimum value of fields grouped by field4 or more
* `| stats sum(field1, field2, ...) by (field4, ...)` # Sum values of fields grouped by field4 or more
* `| stats unique(field1, field2, ...) by (field4, ...)` # Get unique values of fields grouped by field4 or more
* `| stats unique_count(field1, field2, ...) by (field4, ...)` # Count unique values of fields grouped by field4 or more
* `| stats unique_values(field1, field2, ...) by (field4, ...)` # Get unique values of fields grouped by field4 or more
* `| chart table(field1, field2, ...) by (field4, ...)` # Format as table with specified fields grouped by field4 or more
* `| chart table_fold(field1, field2, ...) by (field4, ...)` # Format as folded table grouped by field4 or more
* `| chart histogram(field1, field2, ...) by (field4, ...)` # Create histogram of fields values grouped by field4 or more

## Evaluation order of LQL

LQL queries are evaluated strictly from left to right, which means the order of your search terms matters. Think of it like building a filter for your results one step at a time:

**How It Works**

1. **Start with the first term**: This creates your initial set of results
2. **Add each next term**: Each new term either narrows down your results (with $AND) or adds more results (with $OR)

**Operators Work at Two Levels**

1. **Between different fields**: Connect complete search conditions (e.g., `field1=value $AND field2=value`)
2. **Within the same field**: Connect multiple values for one field (e.g., `field=value1 $OR value2`)

**Visual Guide to Operators**

```
package.gos_type=gold $OR premium ┐ ├─ $AND ─┐ These packages must match BOTH conditions package.name=abc $AND def ┘ │ (either gold OR premium) AND (contains both abc AND def)
```

## Best Practices

1. Be as specific as possible with search terms to improve performance
2. For complex aggregations, consider using multiple queries
3. When searching for exact matches, avoid wildcards
4. For time-based queries, use ISO date format (YYYY-MM-DD) for precision
5. Use the `chart table` command with a limited set of fields to improve readability

## LQL field glossary

### Package

* `package.purl` - package purl imp
* `package.name` - package name imp
* `package.version` - package version imp
* `package.pkg_manager` - package pkg manager imp
* `package.download_loc` - package download location
* `package.checksum.md5` - package checksum md5 imp
* `package.checksum.sha1` - package checksum sha1
* `package.checksum.sha256` - package checksum sha256
* `package.checksum.sha512` - package checksum sha512
* `package.description` - package description
* `package.last_modified` - package last modified
* `package.license.url` - package license url imp
* `package.license.version` - package license version
* `package.license` - package license imp
* `package.supplier_info.name` - package supplier info name imp
* `package.supplier_info.org` - package supplier info org
* `package.total_fixed_vulnerability_count` - package total fixed vulnerability count
* `package.total_vulnerability_count` - package total vulnerability count imp
* `package.category` - package category
* `package.classification` - package classification
* `package.cpes` - package cpes
* `package.desc` - package desc
* `package.file_name` - package file name
* `package.files_analysed` - package files analysed
* `package.friendly_name` - package friendly name
* `package.id` - package id
* `package.license_category` - package license category
* `package.license_name` - package license name
* `package.license.category` - package license category
* `package.license.doc_created` - package license doc created
* `package.license.extn` - package license extn
* `package.license.full_name` - package license full name
* `package.license.fullname` - package license fullname
* `package.license.id_contributing_properties` - package license id contributing properties
* `package.license.is_gridfs` - package license is gridfs
* `package.license.is_opensource` - package license is opensource
* `package.license.short_id` - package license short id
* `package.license.spdx_id_suffix` - package license SPDX ID suffix
* `package.license.url` - package license url
* `package.license.version` - package license version
* `package.license` - package license
* `package.scope` - package scope
* `package.src_info` - package src info
* `package.supplier_info.home_page` - package supplier info home page
* `package.supplier_info.is_verified` - package supplier info is verified
* `package.supplier` - package supplier
* `package.vuln_fixed_info.major.count` - package vuln fixed info major count
* `package.vuln_fixed_info.major.version` - package vuln fixed info major version
* `package.vuln_fixed_info.major.vuln_ids` - package vuln fixed info major vuln ids
* `package.vuln_fixed_info.minor.count` - package vuln fixed info minor count
* `package.vuln_fixed_info.minor.version` - package vuln fixed info minor version
* `package.vuln_fixed_info.minor.vuln_ids` - package vuln fixed info minor vuln ids
* `package.vuln_fixed_info.patch.count` - package vuln fixed info patch count
* `package.vuln_fixed_info.patch.version` - package vuln fixed info patch version
* `package.vuln_fixed_info.patch.vuln_ids` - package vuln fixed info patch vuln ids
* `package.vuln_fixed_info.upgrade.count` - package vuln fixed info upgrade count
* `package.vuln_fixed_info.upgrade.version` - package vuln fixed info upgrade version
* `package.vuln_fixed_info.upgrade.vuln_ids` - package vuln fixed info upgrade vuln ids

### Image

* `image.name` - image name
* `image.version` - image version imp
* `image.os` - image os
* `image.tags` - image tags imp
* `image.manifest` - image manifest
* `image.owner` - image owner
* `image.size` - image size imp
* `image.architecture` - image architecture imp
* `image.repo_checksum` - image repo checksum imp
* `image.layer.checksum.sha256` - image layer checksum sha256
* `image.layer.size` - image layer size
* `image.download_loc` - image download loc imp
* `image.config` - image config
* `image.desc` - image desc
* `image.docker_version` - image docker version
* `image.file_name` - image file name
* `image.image_created` - image image created
* `image.layer.doc_created` - image layer doc created
* `image.layer.extn` - image layer extn
* `image.layer.id_contributing_properties` - image layer id contributing properties
* `image.layer.is_gridfs` - image layer is gridfs
* `image.layer.spdx_id_suffix` - image layer spdx id suffix

### Vulnerability

* `vulnerability.name` - vulnerability name, contains the CVE name like CVE-2025-1234, GHSA-aaa, etc
* `vulnerability.score` - vulnerability score
* `vulnerability.severity` - vulnerability severity, can be Critical, High, Medium, Low, Unknown
* `vulnerability.base_score` - vulnerability base score
* `vulnerability.name_space` - vulnerability name space like NVD, Ubuntu etc
* `vulnerability.description` - vulnerability description
* `vulnerability.vector` - vulnerability vector
* `vulnerability.vuln_created` - vulnerability detection time in the world
* `vulnerability.vuln_modified` - vulnerability last modified time in the world
* `vulnerability.vuln_withdrawn` - vulnerability withdrawal time in the world
* `vulnerability.fix_state` - vulnerability fix state
* `vulnerability.fix_versions` - vulnerability fix versions
* `vulnerability.impact_score` - vulnerability impact score
* `vulnerability.is_exploited` - vulnerability is exploited
* `vulnerability.affected_versions` - vulnerability affected versions
* `vulnerability.category` - vulnerability category
* `vulnerability.collector` - vulnerability collector
* `vulnerability.count` - vulnerability count
* `vulnerability.created` - vulnerability detection time at Lineaje Inc
* `vulnerability.cvs_version` - vulnerability cvs version
* `vulnerability.data_source` - vulnerability data source
* `vulnerability.dep_tree` - vulnerability dep tree
* `vulnerability.desc` - vulnerability description
* `vulnerability.doc_created` - vulnerability doc created
* `vulnerability.exploitability_score` - vulnerability exploitability score
* `vulnerability.exploitable` - vulnerability exploitable
* `vulnerability.id` - vulnerability id
* `vulnerability.last_modified` - vulnerability last modified
* `vulnerability.last_updated` - vulnerability last updated
* `vulnerability.mitigated.status` - vulnerability mitigated status
* `vulnerability.modified` - vulnerability modified
* `vulnerability.origin` - vulnerability origin
* `vulnerability.package_purl` - vulnerability package purl
* `vulnerability.package.name` - vulnerability package name
* `vulnerability.package.pkg_manager` - vulnerability package pkg manager
* `vulnerability.package.version` - vulnerability package version
* `vulnerability.purl` - vulnerability purl
* `vulnerability.target` - vulnerability target
* `vulnerability.updated` - vulnerability updated
* `vulnerability.vuln_id` - vulnerability vuln id

### Attestation

* `attestation_level.lcal` - Attestation level score \[INTEGER], can be LCAL-0 to LCAL-4 \[0, 4]

### Risk Score

* `risk_level.score` - Risk Level Score \[FLOAT], can be one of IRLC, IRLH, IRLM, IRLL, ZIRL \[0.0, 10.0]
* `risk_level.severity` - Risk Level Severity

### Security Posture

* `security_posture.name` - security posture name, can be one of Branch-Protection,Pinned-Dependencies,Dangerous-Workflow, SAST, Dependency-Update-Tool, Security-Policy, Fuzzing, Token-Permissions, Packaging, Webhooks, Embedded Secrets
* `security_posture.score` - security posture score
* `security_posture.severity` - security posture severity
* `security_posture.reason` - security posture reason
* `security_posture.desc` - security posture desc
* `security_posture.entropy` - security posture entropy
* `security_posture.author` - security posture author
* `security_posture.check_metadata` - security posture check metadata
* `security_posture.checksum.md5` - security posture checksum md5
* `security_posture.checksum.sha1` - security posture checksum sha1
* `security_posture.checksum.sha256` - security posture checksum sha256
* `security_posture.checksum.sha512` - security posture checksum sha512
* `security_posture.chk_metadata` - security posture chk metadata
* `security_posture.chksum.md5` - security posture chksum md5
* `security_posture.chksum.sha1` - security posture chksum sha1
* `security_posture.chksum.sha256` - security posture chksum sha256
* `security_posture.chksum.sha512` - security posture chksum sha512
* `security_posture.collector` - security posture collector
* `security_posture.commit` - security posture commit
* `security_posture.complexity` - security posture complexity
* `security_posture.created` - security posture created
* `security_posture.date` - security posture date
* `security_posture.description` - security posture description
* `security_posture.documentation_desc` - security posture documentation desc
* `security_posture.documentation_description` - security posture documentation description
* `security_posture.documentation_short` - security posture documentation short
* `security_posture.documentation_url` - security posture documentation url
* `security_posture.email` - security posture email
* `security_posture.fingerprint` - security posture fingerprint
* `security_posture.lang` - security posture lang
* `security_posture.language` - security posture language
* `security_posture.loc` - security posture location
* `security_posture.message` - security posture message
* `security_posture.msg` - security posture msg
* `security_posture.origin` - security posture origin
* `security_posture.rule_id` - security posture rule id
* `security_posture.secret` - security posture secret
* `security_posture.sloc` - security posture sloc
* `security_posture.source_code_name` - security posture source code name
* `security_posture.source_code_version` - security posture source code version
* `security_posture.source_code.name` - security posture source code name
* `security_posture.source_code.version` - security posture source code version
* `security_posture.source_link` - security posture source link
* `security_posture.src_link` - security posture src link

### Code Quality

* `code_quality.name` - Code quality check name, can be one of Embedded Secrets, Binary-Artifacts, CII-Best-Practices,Fuzzing, Gitleaks, CI-Tests, Code-Review, Maintained
* `code_quality.score` - Code quality check score
* `code_quality.severity` - Code quality check severity
* `code_quality.reason` - Code quality check reason
* `code_quality.desc` - Code quality check description
* `code_quality.author` - Code quality check author
* `code_quality.checksum.md5` - Code quality check md5 checksum
* `code_quality.checksum.sha1` - Code quality check sha1 checksum
* `code_quality.checksum.sha256` - Code quality check sha256 checksum
* `code_quality.checksum.sha512` - Code quality check sha512 checksum
* `code_quality.chk_metadata` - Code quality check metadata
* `code_quality.chksum.md5` - Code quality check md5 checksum
* `code_quality.chksum.sha1` - Code quality check sha1 checksum
* `code_quality.chksum.sha256` - Code quality check sha256 checksum
* `code_quality.chksum.sha512` - Code quality check sha512 checksum
* `code_quality.collector` - Code quality check collector
* `code_quality.commit` - Code quality check commit name
* `code_quality.complexity` - Code quality check complexity
* `code_quality.created` - Code quality check created date
* `code_quality.date` - Code quality check date
* `code_quality.description` - Code quality check description
* `code_quality.documentation_desc` - Code quality check documentation description
* `code_quality.documentation_description` - Code quality check documentation description
* `code_quality.documentation_short` - Code quality check documentation short
* `code_quality.documentation_url` - Code quality check documentation url
* `code_quality.email` - Code quality check email
* `code_quality.entropy` - Code quality check entropy
* `code_quality.fingerprint` - Code quality check fingerprint
* `code_quality.lang` - Code quality check language
* `code_quality.language` - Code quality check language
* `code_quality.loc` - Code quality check location
* `code_quality.message` - Code quality check message
* `code_quality.msg` - Code quality check message
* `code_quality.origin` - Code quality check origin
* `code_quality.rule_id` - Code quality check rule id
* `code_quality.secret` - Code quality check secret
* `code_quality.sloc` - Code quality check source code location
* `code_quality.source_code_name` - Code quality check source code name
* `code_quality.source_code_version` - Code quality check source code version
* `code_quality.source_code.name` - Code quality check source code name
* `code_quality.source_code.version` - Code quality check source code version
* `code_quality.source_link` - Code quality check source link
* `code_quality.src_link` - Code quality check source link

### Source Code

* `source_code.loc` - source code location (like <https://github.com//>)
* `source_code.version` - source code version
* `source_code.tag` - source code tag (tag or branch)
* `source_code.code_quality_score` - source code code quality score
* `source_code.contributors_count` - source code contributors count
* `source_code.total_commits` - source code total commits
* `source_code.first_commit` - source code first commit
* `source_code.last_commit` - source code last commit
* `source_code.is_opensource` - source code is opensource
* `source_code.direct_dep_count` - source code direct dep count
* `source_code.friendly_name` - source code friendly name
* `source_code.id` - source code id
* `source_code.is_opensource` - source code is opensource
* `source_code.is_suspicious_activity` - source code is suspicious activity
* `source_code.languages` - source code languages
* `source_code.latest_version_date` - source code latest version date
* `source_code.latest_version` - source code latest version
* `source_code.name` - source code name
* `source_code.score` - source code score
* `source_code.security_posture_score` - source code security posture score
* `source_code.src_code_created` - source code src code created
* `source_code.transitive_dep_count` - source code transitive dep count
* `source_code.url` - source code url

### Provenance

* `provenance.country.code` - provenance country code
* `provenance.timezone` - provenance timezone
* `provenance.contributor_commit_count` - provenance contributor commit count
* `provenance.contributor_link` - provenance contributor link
* `provenance.contributor.commit_count` - provenance contributor commit count
* `provenance.contributor.commits` - provenance contributor commits
* `provenance.contributor.email` - provenance contributor email
* `provenance.contributor.is_suspicious` - provenance contributor is suspicious
* `provenance.contributor.link` - provenance contributor link
* `provenance.contributor.name` - provenance contributor name
* `provenance.count` - provenance count
* `provenance.country_code` - provenance country code
* `provenance.internal.country.code` - provenance internal country code

### Contributor

* `contributor.name` - contributor name
* `contributor.email` - contributor email
* `contributor.id` - contributor id
* `contributor.commits` - contributor commits
* `contributor.is_suspicious` - contributor is suspicious
* `contributor.link` - contributor link
* `commit.contributor.commit_count` - contributor commit count
* `commit.contributor_email` - contributor email
* `commit.contributor_link` - contributor link
* `commit.contributor.country.code` - contributor country code
* `commit.contributor.email` - contributor email
* `commit.contributor.is_suspicious` - contributor is suspicious
* `commit.contributor.link` - contributor link
* `commit.contributor.name` - contributor name
* `commits.commit` - Commit name
* `commits.contributor_commit_count` - contributor commit count
* `commits.contributor_email` - contributor email
* `commits.contributor_link` - contributor link
* `commits.contributor.country.code` - contributor country code
* `commits.contributor.email` - contributor email
* `commits.contributor.is_suspicious` - contributor is suspicious
* `commits.contributor.link` - contributor link
* `commits.contributor.name` - contributor name
* `commits.count` - contributor commit count
* `commits.country_code` - commits country code
* `commits.country.code` - commits country code
* `commits.timezone` - commits timezone

### License

* `license.url` - license url
* `license.category` - license category
* `license.fullname` - license fullname
* `license.is_deprecated` - license is deprecated
* `license.is_opensource` - license is opensource
* `license.is_osi_approved` - license is osi approved
* `license.license_id` - license license id
* `license.name` - license name
* `license.full_name` - license full name
* `license.short_id` - license short id
* `license.component_category` - license component category
* `license.details_url` - license details url
* `license.is_deprecated_license_id` - license is deprecated license id
* `license.is_fsf_libre` - license is fsf libre
* `license.reference_number` - license reference number
* `license.references` - license references
* `license.tenant_id` - license tenant id
* `license.version` - license version

### Supplier

* `supplier.name` - supplier name
* `supplier_info.name` - supplier info name
* `supplier.is_verified` - supplier is verified
* `supplier.organisation` - supplier organisation
* `supplier.verified` - supplier verified


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.veedna.com/gold-open-source-gos/glosi-api-documentation.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.