Vulnerability Management - Update ListVulnerabilities endpoint query params and response schema

.generator/schemas/v2/openapi.yaml

@@ -29996,6 +29996,13 @@ components:
     Library:
       description: Vulnerability library.
       properties:
+        additional_names:
+          description: Related library or package names (such as child packages or
+            affected binary paths).
+          items:
+            example: linux-tools-common
+            type: string
+          type: array
         name:
           description: Vulnerability library name.
           example: linux-aws-5.15
@@ -57371,6 +57378,12 @@ components:
           type: array
         risks:
           $ref: '#/components/schemas/VulnerabilityRisks'
+        running_kernel:
+          description: "True if the vulnerability affects a package in the host\u2019s
+            running kernel, false if it affects a non-running kernel, and omit if
+            it is not kernel-related."
+          example: true
+          type: boolean
         status:
           $ref: '#/components/schemas/VulnerabilityStatus'
         title:
@@ -57431,10 +57444,15 @@ components:
       - RubyGems
       - Go
       - Packagist
-      - Ddeb
+      - Deb
       - Rpm
       - Apk
       - Windows
+      - Generic
+      - MacOs
+      - Oci
+      - BottleRocket
+      - None
       type: string
       x-enum-varnames:
       - PYPI
@@ -57444,10 +57462,15 @@ components:
       - RUBY_GEMS
       - GO
       - PACKAGIST
-      - D_DEB
+      - DEB
       - RPM
       - APK
       - WINDOWS
+      - GENERIC
+      - MAC_OS
+      - OCI
+      - BOTTLE_ROCKET
+      - NONE
     VulnerabilityRelationships:
       description: Related entities object.
       properties:
@@ -57548,12 +57571,14 @@ components:
       - IAST
       - SCA
       - Infra
+      - SAST
       example: SCA
       type: string
       x-enum-varnames:
       - IAST
       - SCA
       - INFRA
+      - SAST
     VulnerabilityType:
       description: The vulnerability type.
       enum:
@@ -80311,6 +80336,10 @@ paths:
       summary: List assets SBOMs
       tags:
       - Security Monitoring
+      x-permission:
+        operator: OR
+        permissions:
+        - appsec_vm_read
       x-unstable: '**Note**: This endpoint is a private preview.
 
         If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).'
@@ -80382,6 +80411,10 @@ paths:
       summary: Get SBOM
       tags:
       - Security Monitoring
+      x-permission:
+        operator: OR
+        permissions:
+        - appsec_vm_read
       x-unstable: '**Note**: This endpoint is a private preview.
 
         If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).'
@@ -80496,6 +80529,10 @@ paths:
       summary: List scanned assets metadata
       tags:
       - Security Monitoring
+      x-permission:
+        operator: OR
+        permissions:
+        - appsec_vm_read
       x-unstable: '**Note**: This endpoint is a private preview.
 
         If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).'
@@ -80924,6 +80961,14 @@ paths:
         required: false
         schema:
           type: string
+      - description: Filter for whether the vulnerability affects a running kernel
+          (for vulnerabilities related to a `Host` asset).
+        example: true
+        in: query
+        name: filter[running_kernel]
+        required: false
+        schema:
+          type: boolean
       - description: Filter by asset name. This field supports the usage of wildcards
           (*).
         example: datadog-agent
@@ -81067,6 +81112,10 @@ paths:
       summary: List vulnerabilities
       tags:
       - Security Monitoring
+      x-permission:
+        operator: OR
+        permissions:
+        - appsec_vm_read
       x-unstable: '**Note**: This endpoint is a private preview.
 
         If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).'
@@ -81425,6 +81474,10 @@ paths:
       summary: List vulnerable assets
       tags:
       - Security Monitoring
+      x-permission:
+        operator: OR
+        permissions:
+        - appsec_vm_read
       x-unstable: '**Note**: This endpoint is a private preview.
 
         If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).'
@@ -84562,8 +84615,8 @@ paths:
       x-unstable: '**Note**: This endpoint may be subject to changes.'
   /api/v2/static-analysis/secrets/rules:
     get:
-      description: Returns list of Secrets rules with ID, Pattern, Description, Priority,
-        and SDS ID
+      description: Returns a list of Secrets rules with ID, Pattern, Description,
+        Priority, and SDS ID.
       operationId: GetSecretsRules
       responses:
         '200':
@@ -84579,7 +84632,7 @@ paths:
         appKeyAuth: []
       - AuthZ:
         - code_analysis_read
-      summary: Returns list of Secrets rules
+      summary: Returns a list of Secrets rules
       tags:
       - Security Monitoring
       x-unstable: '**Note**: This endpoint may be subject to changes.'

cassettes/v2/Security-Monitoring_1187227211/List-vulnerabilities-returns-Not-found-There-is-no-request-associated-with-the-provided-t_4208064063/frozen.json

@@ -1 +1 @@
-"2025-01-31T12:04:28.397Z"
+"2025-12-12T14:36:04.169Z"

cassettes/v2/Security-Monitoring_1187227211/List-vulnerabilities-returns-Not-found-There-is-no-request-associated-with-the-provided-t_4208064063/recording.har

@@ -36,11 +36,11 @@
           "url": "https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Btoken%5D=unknown&page%5Bnumber%5D=1"
         },
         "response": {
-          "bodySize": 131,
+          "bodySize": 65,
           "content": {
             "mimeType": "application/vnd.api+json",
-            "size": 131,
-            "text": "{\"errors\":[{\"title\":\"Generic Error\",\"detail\":\"rpc error: code = Internal desc = no cached result set found for queryID: unknown\"}]}"
+            "size": 65,
+            "text": "{\"errors\":[{\"status\":\"404\",\"title\":\"Unexpected internal error\"}]}"
           },
           "cookies": [],
           "headers": [
@@ -49,14 +49,14 @@
               "value": "application/vnd.api+json"
             }
           ],
-          "headersSize": 661,
+          "headersSize": 660,
           "httpVersion": "HTTP/1.1",
           "redirectURL": "",
           "status": 404,
           "statusText": "Not Found"
         },
-        "startedDateTime": "2025-01-31T12:04:28.406Z",
-        "time": 489
+        "startedDateTime": "2025-12-12T14:36:04.174Z",
+        "time": 518
       }
     ],
     "pages": [],

cassettes/v2/Security-Monitoring_1187227211/List-vulnerabilities-returns-OK-response_2451060917/frozen.json

@@ -1 +1 @@
-"2025-01-31T12:04:39.730Z"
+"2025-12-12T14:36:49.310Z"

cassettes/v2/Security-Monitoring_1187227211/List-vulnerabilities-returns-OK-response_2451060917/recording.har

@@ -21,7 +21,7 @@
               "value": "application/json"
             }
           ],
-          "headersSize": 612,
+          "headersSize": 614,
           "httpVersion": "HTTP/1.1",
           "method": "GET",
           "queryString": [
@@ -56,8 +56,8 @@
           "status": 200,
           "statusText": "OK"
         },
-        "startedDateTime": "2025-01-31T12:04:39.739Z",
-        "time": 1094
+        "startedDateTime": "2025-12-12T14:36:49.316Z",
+        "time": 984
       }
     ],
     "pages": [],

features/v2/security_monitoring.feature

@@ -781,7 +781,7 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 404 Not Found
 
-  @generated @skip @team:DataDog/asm-vm
+  @generated @skip @team:DataDog/k9-cloud-vm
   Scenario: Get SBOM returns "Bad request: The server cannot process the request due to invalid syntax in the request." response
     Given operation "GetSBOM" enabled
     And new "GetSBOM" request
@@ -790,7 +790,7 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request.
 
-  @team:DataDog/asm-vm
+  @team:DataDog/k9-cloud-vm
   Scenario: Get SBOM returns "Not found: asset not found" response
     Given operation "GetSBOM" enabled
     And new "GetSBOM" request
@@ -799,7 +799,7 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 404 Not found: asset not found
 
-  @skip @team:DataDog/asm-vm
+  @skip @team:DataDog/k9-cloud-vm
   Scenario: Get SBOM returns "OK" response
     Given operation "GetSBOM" enabled
     And new "GetSBOM" request
@@ -1182,14 +1182,14 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 200 The list of notification rules.
 
-  @generated @skip @team:DataDog/asm-vm
+  @generated @skip @team:DataDog/k9-cloud-vm
   Scenario: List assets SBOMs returns "Bad request: The server cannot process the request due to invalid syntax in the request." response
     Given operation "ListAssetsSBOMs" enabled
     And new "ListAssetsSBOMs" request
     When the request is sent
     Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request.
 
-  @team:DataDog/asm-vm
+  @team:DataDog/k9-cloud-vm
   Scenario: List assets SBOMs returns "Not found: There is no request associated with the provided token." response
     Given operation "ListAssetsSBOMs" enabled
     And new "ListAssetsSBOMs" request
@@ -1198,14 +1198,14 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 404 Not found: There is no request associated with the provided token.
 
-  @generated @skip @team:DataDog/asm-vm
+  @generated @skip @team:DataDog/k9-cloud-vm
   Scenario: List assets SBOMs returns "Not found: asset not found" response
     Given operation "ListAssetsSBOMs" enabled
     And new "ListAssetsSBOMs" request
     When the request is sent
     Then the response status is 404 Not found: asset not found
 
-  @team:DataDog/asm-vm
+  @team:DataDog/k9-cloud-vm
   Scenario: List assets SBOMs returns "OK" response
     Given operation "ListAssetsSBOMs" enabled
     And new "ListAssetsSBOMs" request
@@ -1317,14 +1317,14 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 200 OK
 
-  @skip @team:DataDog/asm-vm
+  @skip @team:DataDog/k9-cloud-vm
   Scenario: List scanned assets metadata returns "Bad request: The server cannot process the request due to invalid syntax in the request." response
     Given operation "ListScannedAssetsMetadata" enabled
     And new "ListScannedAssetsMetadata" request
     When the request is sent
     Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request.
 
-  @team:DataDog/asm-vm
+  @team:DataDog/k9-cloud-vm
   Scenario: List scanned assets metadata returns "Not found: asset not found" response
     Given operation "ListScannedAssetsMetadata" enabled
     And new "ListScannedAssetsMetadata" request
@@ -1333,7 +1333,7 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 404 Not found: asset not found
 
-  @team:DataDog/asm-vm
+  @team:DataDog/k9-cloud-vm
   Scenario: List scanned assets metadata returns "OK" response
     Given operation "ListScannedAssetsMetadata" enabled
     And new "ListScannedAssetsMetadata" request
@@ -1354,14 +1354,14 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 200 OK
 
-  @generated @skip @team:DataDog/asm-vm
+  @generated @skip @team:DataDog/k9-cloud-vm
   Scenario: List vulnerabilities returns "Bad request: The server cannot process the request due to invalid syntax in the request." response
     Given operation "ListVulnerabilities" enabled
     And new "ListVulnerabilities" request
     When the request is sent
     Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request.
 
-  @team:DataDog/asm-vm
+  @team:DataDog/k9-cloud-vm
   Scenario: List vulnerabilities returns "Not found: There is no request associated with the provided token." response
     Given operation "ListVulnerabilities" enabled
     And new "ListVulnerabilities" request
@@ -1370,7 +1370,7 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 404 Not found: There is no request associated with the provided token.
 
-  @team:DataDog/asm-vm
+  @team:DataDog/k9-cloud-vm
   Scenario: List vulnerabilities returns "OK" response
     Given operation "ListVulnerabilities" enabled
     And new "ListVulnerabilities" request
@@ -1380,14 +1380,14 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 200 OK
 
-  @generated @skip @team:DataDog/asm-vm
+  @generated @skip @team:DataDog/k9-cloud-vm
   Scenario: List vulnerable assets returns "Bad request: The server cannot process the request due to invalid syntax in the request." response
     Given operation "ListVulnerableAssets" enabled
     And new "ListVulnerableAssets" request
     When the request is sent
     Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request.
 
-  @team:DataDog/asm-vm
+  @team:DataDog/k9-cloud-vm
   Scenario: List vulnerable assets returns "Not found: There is no request associated with the provided token." response
     Given operation "ListVulnerableAssets" enabled
     And new "ListVulnerableAssets" request
@@ -1396,7 +1396,7 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 404 Not found: There is no request associated with the provided token.
 
-  @team:DataDog/asm-vm
+  @team:DataDog/k9-cloud-vm
   Scenario: List vulnerable assets returns "OK" response
     Given operation "ListVulnerableAssets" enabled
     And new "ListVulnerableAssets" request
@@ -1530,14 +1530,14 @@ Feature: Security Monitoring
     When the request is sent
     Then the response status is 422 The server cannot process the request because it contains invalid data.
 
-  @generated @skip @team:DataDog/asm-vm
-  Scenario: Returns list of Secrets rules returns "OK" response
+  @generated @skip @team:DataDog/k9-vm-ast
+  Scenario: Returns a list of Secrets rules returns "OK" response
     Given operation "GetSecretsRules" enabled
     And new "GetSecretsRules" request
     When the request is sent
     Then the response status is 200 OK
 
-  @generated @skip @team:DataDog/asm-vm
+  @generated @skip @team:DataDog/k9-vm-ast
   Scenario: Ruleset get multiple returns "OK" response
     Given operation "ListMultipleRulesets" enabled
     And new "ListMultipleRulesets" request

private/bdd_runner/src/support/scenarios_model_mapping.ts

@@ -4172,6 +4172,10 @@ export const ScenariosModelMappings: { [key: string]: OperationMapping } = {
       type: "string",
       format: "",
     },
+    filterRunningKernel: {
+      type: "boolean",
+      format: "",
+    },
     filterAssetName: {
       type: "string",
       format: "",