Language

English Français 日本語 한국어 Español

Datadog Site

Site help
US1 US3 US5 EU AP1 AP2 US1-FED US2-FED

List codegen rulesets

Note: This endpoint is in preview and is subject to change. If you have any feedback, contact Datadog support.

GET https://api.ap1.datadoghq.com/api/v2/static-analysis/codegen/rulesetshttps://api.ap2.datadoghq.com/api/v2/static-analysis/codegen/rulesetshttps://api.datadoghq.eu/api/v2/static-analysis/codegen/rulesetshttps://api.ddog-gov.com/api/v2/static-analysis/codegen/rulesetshttps://api.us2.ddog-gov.com/api/v2/static-analysis/codegen/rulesetshttps://api.datadoghq.com/api/v2/static-analysis/codegen/rulesetshttps://api.us3.datadoghq.com/api/v2/static-analysis/codegen/rulesetshttps://api.us5.datadoghq.com/api/v2/static-analysis/codegen/rulesets

Overview

Get the rulesets relevant for code generation for the authenticated user.

OAuth apps require the code_analysis_read authorization scope to access this endpoint.

Response

OK

The response payload containing a list of SAST rulesets and their rules.

Expand All

Field

Type

Description

data [required]

[object]

The list of SAST rulesets returned in the response.

attributes [required]

object

The attributes of a SAST ruleset, including its name, description, and rules.

description [required]

string

A detailed description of the ruleset's purpose and the types of issues it targets.

name [required]

string

The unique name of the ruleset.

rules [required]

[object]

The list of static analysis rules included in this ruleset.

arguments

[object]

The list of configurable arguments accepted by this rule.

description

string

A human-readable explanation of the argument's purpose and accepted values.

name

string

The name of the rule argument.

category

string

The category classifying the type of issue this rule detects (e.g., security, style, performance).

checksum

string

A checksum of the rule definition used to detect changes.

code

string

The rule implementation code used by the static analysis engine.

created_at

date-time

The date and time when the rule was created.

created_by

string

The identifier of the user or system that created the rule.

cve

string

The CVE identifier associated with the vulnerability this rule detects, if applicable.

cwe

string

The CWE identifier associated with the weakness category this rule detects, if applicable.

data [required]

object

The resource identifier and type for a static analysis rule.

id

string

The unique identifier of the rule resource.

type [required]

enum

Rules resource type. Allowed enum values: rules

default: rules

description

string

A detailed explanation of what the rule detects and why it matters.

documentation_url

string

A URL pointing to additional documentation for this rule.

entity_checked

string

The code entity type (e.g., function, class, variable) that this rule inspects.

is_published

boolean

Indicates whether the rule is publicly published and available to all users.

is_testing

boolean

Indicates whether the rule is in testing mode and not yet promoted to production.

language

string

The programming language this rule applies to.

last_updated_at

date-time

The date and time when the rule was last modified.

last_updated_by

string

The identifier of the user or system that last updated the rule.

name

string

The unique name identifying this rule within its ruleset.

regex

string

A regular expression pattern used by the rule for pattern-based detection.

severity

string

The severity level of findings produced by this rule (e.g., ERROR, WARNING, NOTICE).

short_description

string

A brief summary of what the rule detects, suitable for display in listings.

should_use_ai_fix

boolean

Indicates whether an AI-generated fix suggestion should be offered for findings from this rule.

tests

[object]

The list of test cases used to validate the rule's behavior.

annotation_count

int64

The expected number of annotations (findings) the rule should produce when run against the test code.

code

string

The source code snippet used as input for the rule test.

filename

string

The filename associated with the test code snippet.

tree_sitter_query

string

The Tree-sitter query expression used by the rule to match code patterns in the AST.

type

string

The rule type indicating the detection mechanism used (e.g., tree_sitter, regex).

short_description [required]

string

A brief summary of the ruleset, suitable for display in listings.

id [required]

string

The unique identifier of the ruleset resource.

type [required]

enum

Rulesets resource type. Allowed enum values: rulesets

default: rulesets

{
  "data": [
    {
      "attributes": {
        "description": "A collection of Python best practice rules.",
        "name": "python-best-practices",
        "rules": [
          {
            "arguments": [
              {
                "description": "string",
                "name": "string"
              }
            ],
            "category": "string",
            "checksum": "string",
            "code": "string",
            "created_at": "2019-09-19T10:00:00.000Z",
            "created_by": "string",
            "cve": "string",
            "cwe": "string",
            "data": {
              "id": "string",
              "type": "rules"
            },
            "description": "string",
            "documentation_url": "string",
            "entity_checked": "string",
            "is_published": false,
            "is_testing": false,
            "language": "string",
            "last_updated_at": "2019-09-19T10:00:00.000Z",
            "last_updated_by": "string",
            "name": "string",
            "regex": "string",
            "severity": "string",
            "short_description": "string",
            "should_use_ai_fix": false,
            "tests": [
              {
                "annotation_count": "integer",
                "code": "string",
                "filename": "string"
              }
            ],
            "tree_sitter_query": "string",
            "type": "string"
          }
        ],
        "short_description": "Python best practices ruleset."
      },
      "id": "python-best-practices",
      "type": "rulesets"
    }
  ]
}

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Unauthorized

API error response.

Expand All

Field

Type

Description

errors [required]

[object]

A list of errors.

detail

string

A human-readable explanation specific to this occurrence of the error.

meta

object

Non-standard meta-information about the error

source

object

References to the source of the error.

header

string

A string indicating the name of a single request header which caused the error.

parameter

string

A string indicating which URI query parameter caused the error.

pointer

string

A JSON pointer to the value in the request document that caused the error.

status

string

Status code of the response.

title

string

Short human-readable summary of the error.

{
  "errors": [
    {
      "detail": "Missing required attribute in body",
      "meta": {},
      "source": {
        "header": "Authorization",
        "parameter": "limit",
        "pointer": "/data/attributes/title"
      },
      "status": "400",
      "title": "Bad Request"
    }
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  # Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/static-analysis/codegen/rulesets" \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}"