New vulnerabilities

[agomez22]

Hi,

I need to know which vulnerability is NEW. I'm using the API request, but I don't know if there is some request to do it or how to know if the vulnerability is new or not.
I saw the plugin and I can find the option to stop the pipeline when the project has new vulnerabilities:
New Findings: Sets the threshold for the number of new critical, high, medium, or low severity findings allowed. If the number of new findings equals or is greater than the previous builds finding for any one of the severities, the job status will be changed to UNSTABLE or FAILURE.
But I don't know if I can do it with the API.
Could someone help me?
Thanks

[stevespringett]

There isn't a specific API request for this. The question of "new" becomes "since when"?

Build plugins like the Jenkins plugin calculate new as of the last build, so Jenkins keeps track of it, not DT.

If you want more real-time indication of new findings, the webhooks notifications are the best solution.

Since DT 4, attribution timestamp is now a feature, so it would be relatively easy to add an api that would provide new findings since a specific timestamp. If that's a feature you'd like, I'd encourage you to create an enhancement request and ideally a pull request.