> ## Documentation Index > Fetch the complete documentation index at: https://docs.scanoss.com/llms.txt > Use this file to discover all available pages before exploring further. # Get potential security issues associated with multiple components This is the current method that accepts ComponentsRequest for enhanced component identification Replaces the deprecated GetIssues method ## OpenAPI ````yaml /api-reference/semgrep-openapi.json post /v2/semgrep/issues/components openapi: 3.0.0 info: title: SCANOSS Semgrep Service version: '2.0' contact: name: scanoss-semgrep url: https://github.com/scanoss/semgrep email: support@scanoss.com servers: [] security: [] tags: - name: Semgrep paths: /v2/semgrep/issues/components: post: tags: - Semgrep summary: >- Get potential security issues associated with multiple components This is the current method that accepts ComponentsRequest for enhanced component identification Replaces the deprecated GetIssues method operationId: Semgrep_GetComponentsIssues requestBody: content: application/json: schema: $ref: '#/components/schemas/v2ComponentsRequest' description: >- Represents a list of software component to be analyzed by SCANOSS API services. Allows analysis of multiple software components in a single API call, improving performance over individual requests. required: true responses: '200': description: A successful response. content: application/json: schema: $ref: '#/components/schemas/v2ComponentsIssueResponse' '404': description: Returned when the resource does not exist. content: application/json: schema: type: string format: string default: description: An unexpected error response. content: application/json: schema: $ref: '#/components/schemas/rpcStatus' components: schemas: v2ComponentsRequest: type: object example: components: - purl: pkg:github/scanoss/engine@1.0.0 - purl: pkg:github/scanoss/scanoss.py@v1.30.0 properties: components: type: array items: $ref: '#/components/schemas/v2ComponentRequest' title: Array of component requests to analyze description: >- Represents a list of software component to be analyzed by SCANOSS API services. Allows analysis of multiple software components in a single API call, improving performance over individual requests. required: - components v2ComponentsIssueResponse: type: object example: components: - purl: pkg:maven/org.apache.commons/commons-lang3 version: 3.12.0 requirement: 3.12.0 files: - fileMD5: a1b2c3d4e5f6 path: src/main/java/org/apache/commons/lang3/StringUtils.java issues: - ruleID: java.lang.security.audit.crypto.weak-hash from: '156' to: '159' severity: WARNING - ruleID: java.lang.security.audit.sql-injection.sql-injection from: '284' to: '286' severity: ERROR - fileMD5: b2c3d4e5f6a1 path: src/main/java/org/apache/commons/lang3/Validate.java issues: - ruleID: java.lang.security.audit.hardcoded-secret from: '95' to: '95' severity: ERROR status: status: SUCCESS message: Security analysis completed successfully properties: components: type: array items: $ref: '#/components/schemas/v2ComponentIssueInfo' title: Security analysis details for each requested component status: $ref: '#/components/schemas/v2StatusResponse' description: >- * Components issue response data (JSON payload) Contains security issues detected by Semgrep analysis for multiple components. This is the current response format that replaces the deprecated SemgrepResponse. rpcStatus: type: object properties: code: type: integer format: int32 message: type: string details: type: array items: $ref: '#/components/schemas/protobufAny' v2ComponentRequest: type: object example: purl: pkg:github/scanoss/engine@1.0.0 properties: purl: type: string description: Package URL identifying the component to analyze. requirement: type: string description: >- Version constraint for component resolution when PURL lacks explicit version. description: >- Represents a software component to be analyzed by SCANOSS API services. Combines a Package URL for component identification with optional version constraints for resolution. required: - purl v2ComponentIssueInfo: type: object properties: purl: type: string title: The Package URL string identifying the component version: type: string title: Version of the component being analyzed requirement: type: string title: Version requirement specification (e.g., ">=1.0.0", "~2.1.0") files: type: array items: $ref: '#/components/schemas/v2File' title: List of files containing security issues in this component title: Information about a component and its security issues v2StatusResponse: type: object properties: status: $ref: '#/components/schemas/v2StatusCode' message: type: string title: Status message db: $ref: '#/components/schemas/StatusResponseDB' server: $ref: '#/components/schemas/StatusResponseServer' description: Detailed response details. protobufAny: type: object properties: '@type': type: string additionalProperties: {} v2File: type: object properties: fileMD5: type: string title: MD5 hash of the file content for integrity verification path: type: string title: Relative path of the file within the component issues: type: array items: $ref: '#/components/schemas/v2Issue' title: List of security issues found in this file title: File containing security issues detected by Semgrep v2StatusCode: type: string enum: - UNSPECIFIED - SUCCESS - SUCCEEDED_WITH_WARNINGS - WARNING - FAILED default: UNSPECIFIED description: Status code Enum. StatusResponseDB: type: object properties: schema_version: type: string title: Semantic schema version (e.g., 'v1.0.0') created_at: type: string title: When this DB was built (ISO 8601 format) description: Database version information. StatusResponseServer: type: object properties: version: type: string title: Semantic version (e.g., 'v1.0.0') description: Server information. v2Issue: type: object properties: ruleID: type: string title: Unique identifier for the Semgrep rule that detected this issue from: type: string title: Starting line number where the issue was detected to: type: string title: Ending line number where the issue was detected severity: type: string title: >- Severity level of the security issue (e.g., "ERROR", "WARNING", "INFO") title: Security issue information detected by Semgrep analysis ````