The bugs endpoints give you full programmatic access to Detail’s findings. You can list all pending bugs for a repository, fetch a single bug’s details, and update a bug’s review state — all without leaving your own tooling.
GET /public/v1/bugs Returns a paginated list of bugs for a repository, filtered by review status.
curl "https://api.detail.dev/public/v1/bugs?repo_id=repo_abc123&status=pending" \ -H "Authorization: Bearer dtl_live_YOUR_KEY"
Query parameters The repository ID to fetch bugs for. Repository IDs are prefixed with repo_ and can be retrieved from GET /public/v1/repos . Example: repo_abc123. Filter bugs by review state. One of:
pending — bugs that have not yet been reviewedresolved — bugs marked as fixeddismissed — bugs marked as not actionable Number of results to return. Between 1 and 100. Defaults to 50.
Number of results to skip for pagination. Defaults to 0.
Filter bugs to those surfaced by a specific scan. Workflow request IDs are prefixed with wr_ and are returned by GET /public/v1/scans . Response Array of bug objects matching the query. Unique bug identifier, prefixed with bug_.
Short title describing the finding.
Detailed description of the bug and its potential impact.
Path to the file where the bug was found, relative to the repository root.
The commit SHA at which this bug was identified.
Whether Detail has classified this finding as a security vulnerability.
ID of the repository this bug belongs to.
Unix timestamp (milliseconds) when the bug was first found.
Attribution data for the commit that introduced the bug. Date the commit was made, in YYYY-MM-DD format.
GitHub username or name of the commit author.
Pull request number that introduced the bug, if applicable.
The current review record for this bug. Present when the bug has been reviewed. One of pending, resolved, or dismissed.
Unix timestamp (milliseconds) when the review was created.
Reason for dismissal. One of not_a_bug, wont_fix, duplicate, or other. Only present when state is dismissed.
Free-text note left during review.
How the review was created. One of review, linear, jira, asana, github_issue, or bug_fix_check.
Issues in external trackers linked to this bug. One of linear, jira, github, slack, or asana.
The issue identifier in the external tracker.
Direct URL to the issue in the external tracker.
Total number of bugs matching the query, regardless of limit and offset.
Example response { "bugs" : [ { "id" : "bug_abc123" , "title" : "SQL injection in user search" , "summary" : "User-controlled input is passed directly to a raw SQL query without sanitization, enabling SQL injection attacks." , "filePath" : "src/db/users.ts" , "commitSha" : "abc1234567890abcdef" , "isSecurityVulnerability" : true , "repoId" : "repo_xyz789" , "createdAt" : 1736899200000 , "introducedIn" : { "sha" : "abc1234def5678" , "date" : "2024-12-10" , "author" : "alice" , "prNumber" : 42 }, "review" : null , "linkedIssues" : [] } ], "total" : 12 }
GET /public/v1/bugs/{bug_id} Returns a single bug by its ID. The response shape is identical to an individual item in the bugs array above.
curl https://api.detail.dev/public/v1/bugs/bug_abc123 \ -H "Authorization: Bearer dtl_live_YOUR_KEY"
Path parameters The bug ID to retrieve. Must match the pattern bug_*.
Example response { "id" : "bug_abc123" , "title" : "SQL injection in user search" , "summary" : "User-controlled input is passed directly to a raw SQL query without sanitization, enabling SQL injection attacks." , "filePath" : "src/db/users.ts" , "commitSha" : "abc1234567890abcdef" , "isSecurityVulnerability" : true , "repoId" : "repo_xyz789" , "createdAt" : 1736899200000 , "introducedIn" : { "sha" : "abc1234def5678" , "date" : "2024-12-10" , "author" : "alice" , "prNumber" : 42 }, "review" : null , "linkedIssues" : [ { "tracker" : "linear" , "issueId" : "ENG-101" , "url" : "https://linear.app/team/issue/ENG-101" } ] }
POST /public/v1/bugs/{bug_id}/review Creates or updates a review on a bug. Use this to resolve, dismiss, or reopen a finding programmatically.
curl -X POST https://api.detail.dev/public/v1/bugs/bug_abc123/review \ -H "Authorization: Bearer dtl_live_YOUR_KEY" \ -H "Content-Type: application/json" \ -d '{ "state": "dismissed", "dismissalReason": "not_a_bug", "notes": "Reviewed — this is expected behavior in the context of our auth middleware." }'
Path parameters The bug ID to review. Must match the pattern bug_*.
Request body The new review state for the bug. One of:
resolved — the bug has been fixeddismissed — the bug is not actionablepending — reopen a previously reviewed bug Required when state is dismissed. One of:
not_a_bug — the finding is a false positivewont_fix — the team has decided not to address thisduplicate — already tracked elsewhereother — any other reason Optional free-text note to record with the review. Useful for explaining triage decisions.
Response Returns the created or updated BugReview object.
The review state: pending, resolved, or dismissed.
Unix timestamp (milliseconds) when this review was recorded.
The dismissal reason, if state is dismissed.
The note recorded with the review, if provided.
How the review was created. For API-created reviews this is review.
Example response { "state" : "dismissed" , "createdAt" : 1736985600000 , "dismissalReason" : "not_a_bug" , "notes" : "Reviewed — this is expected behavior in the context of our auth middleware." , "source" : "review" }
Calling this endpoint on a bug that already has a review will overwrite the existing review with the new state.
