Returning findings using the results command
After you have completed a scan, the results command allows you to retrieve the detected issues of your build in a machine processable format (JSON). The command is only available as part of an AppSweep Enterprise subscription.
After starting a scan either manually, or through our CLI, to retrieve the results of your scan, you can call:
guardsquare scan results --wait-for static $BUILD_ID
The command will write the results as JSON to stdout. The following snippet is an example finding:
{
"buildId": "$BUILD_ID",
"url":"https://appsweep.guardsquare.com/builds/$BUILD_ID",
"issueCounts": {
"high": 5,
"medium": 6,
"low": 7
}
"issues": [
{
"id": "$ISSUE_ID",
"url": "https://appsweep.guardsquare.com/builds/$BUILD_ID/issues/$ISSUE_ID",
"severity": "HIGH",
"type": "Debuggable flag set",
"description": "Android manifest attribute `android:debuggable=\"true\"` is set",
"findings": [
{
"hash": "$FINDING_HASH",
"totalFindings": 1,
"locations": [
{
"name": "AndroidManifest.xml",
"file": "AndroidManifest.xml",
"line": 14
}
]
}
]
},
],
}
The presentation of the detected issues in JSON is similar to that of the UI, excluding the code snippets. It groups similar findings under issues of the same category. Each issue has a URL to its details page in the UI.
Both issues and findings have stable identifiers across builds, respectively named $ISSUE_ID and $FINDING_HASH in this example. This means that unresolved issues/findings will remain present in the results in future builds. Suppressions in the UI are reflected in the results.
Each finding has a totalFindings field representing the number of detections of the finding. In case of a number greater than 1. This provided location is a sample of the findings.