list_sca_repositories
View repositories analyzed for dependencies to identify security findings and manage software composition inventory.
Instructions
List repositories with their aggregated dependency inventory information. Shows which repositories have been analyzed for dependencies.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||
Implementation Reference
- Core implementation of the list_sca_repositories tool handler. Decorated with @mcp.tool() for automatic registration in the MCP server. Fetches SCA repository data from the ZeroPath API and formats it into a readable string listing repositories with dependency counts and vulnerability severity breakdowns.@mcp.tool() def list_sca_repositories() -> str: """ List repositories with their aggregated dependency inventory information. Shows which repositories have been analyzed for dependencies. """ response, error = make_api_request("sca/repositories/search") if error: return error if response.status_code == 200: result = response.json() repos = result.get("repositories", result if isinstance(result, list) else []) if not repos: return "No repositories with SCA data found." output = f"Found {len(repos)} repository(ies) with SCA data:\n\n" for i, repo in enumerate(repos, 1): output += f"Repository {i}:\n" output += f" ID: {repo.get('id', repo.get('repositoryId', 'N/A'))}\n" output += f" Name: {repo.get('name', repo.get('repositoryName', 'N/A'))}\n" output += f" Total Dependencies: {repo.get('totalDependencies', repo.get('dependencyCount', 'N/A'))}\n" output += f" Vulnerable Packages: {repo.get('vulnerablePackages', 'N/A')}\n" output += f" Critical: {repo.get('criticalCount', 'N/A')}\n" output += f" High: {repo.get('highCount', 'N/A')}\n" output += f" Medium: {repo.get('mediumCount', 'N/A')}\n" output += f" Low: {repo.get('lowCount', 'N/A')}\n" output += "\n" return output elif response.status_code == 401: return "Error: Unauthorized - check API credentials" elif response.status_code == 400: return f"Error: Bad request - {response.text}" else: return f"Error: API returned status {response.status_code}: {response.text}"
- Shared helper function used by the list_sca_repositories tool (and others) to perform authenticated POST requests to the ZeroPath API endpoints.def make_api_request(endpoint, payload=None, include_org=True): """Make authenticated API request to ZeroPath.""" if not token_id or not token_secret: return None, "Error: Zeropath API credentials not found in environment variables" headers = { "X-ZeroPath-API-Token-Id": token_id, "X-ZeroPath-API-Token-Secret": token_secret, "Content-Type": "application/json" } if payload is None: payload = {} if include_org and org_id: payload["organizationId"] = org_id try: response = requests.post( f"{API_BASE_URL}/{endpoint}", headers=headers, json=payload ) return response, None except Exception as e: return None, f"Error: {str(e)}"