Help Center/ CodeArts Check/ API Reference/ APIs/ Rule Management/ Querying Rules - Version 2

Updated on 2026-02-03 GMT+08:00

Online Debugging

CLI Examples

View PDF

Querying Rules - Version 2

Function

This API is used to query the rule list and return the rule details.

Calling Method

For details, see Calling APIs.

Authorization Information

Each account root user has all the permissions required to call all APIs, but IAM users must be assigned the following required identity policy-based permissions. For details about the required permissions, see Permissions Policies and Supported Actions.

Action	Access Level	Resource Type (*: required)	Condition Key	Alias	Dependencies
codeartscheck::listRules	List	-	-	-	-

URI

GET /v2/criterions

**Table 1** Query Parameters
Parameter	Mandatory	Type	Description
page_size	No	Integer	Definition: Page size. Constraints: N/A Value range: 1–200
page	No	Integer	Definition: Page number. Constraints: N/A Value range: 1–999
system_tag	No	String	Definition: Engine name. Constraints: N/A Range: sonarqube, wordstool, clangtidy, codemars, secbrella, cppcheck, apiengine, eslint, fixbotengine-java, fixbotengine-cxx, oat, pylint, SQLGuardian, cmetrics, codecheckrevive, clippy, detektout, cjlint, flake8, LuaGuardian, thirdpartycheck, FossScan, Infer_Java, and testengine. Default value: N/A
severitys	No	String	Definition: Issue severity. Constraints: N/A Value range: 0: critical 1: major 2: minor 3: suggestion Default value: 0,1,2,3. By default, issues of all severity levels are queried.
languages	No	String	Definition: Rule languages. Use commas (,) to separate multiple languages. Constraints: N/A Value range: ArkTS C# Cangjie C++ CSS Go HTML Java JavaScript Kotlin Lua PHP Python Rust Scala Shell SQL Terraform TypeScript Default value: N/A
search	No	String	Definition: Keyword for search. Constraints: N/A Value range: N/A Default value: N/A
set_id	No	String	Definition : Rule set ID. Obtain the ID by calling the API used to obtain the rule set list. Constraints: N/A Value range: 1 to 32 characters. Default value: N/A
status	No	String	Definition: Whether the rules in a rule set are enabled. Constraints: N/A Value range: enable: enabled. disable: disabled. Default value: enable.
inherit	No	String	Definition: Inheritance type. Constraints: N/A Value range: true: inherited rule. false: non-inherited rule. rewrite: edited rule. Default value: The default value is null, indicating that all inherited rules are queried.
onlines	No	String	Definition: Online or offline. Constraints: N/A Value range: 0: offline. 1: online. Default value: 1
show_tool_version	No	String	Definition: Display version. Constraints: N/A Value range: N/A Default value: N/A
tool_version	No	String	Definition: Tool version. Constraints: N/A Value range: N/A Default value: N/A
cwe_search	No	String	Definition: CWE search. Constraints: N/A Value range: N/A Default value: N/A
compile	No	String	Definition: Compilation rule or not. Constraints: N/A Value range: compile: compilation rule. noCompile: non-compilation rule. Default value: N/A
security	No	String	Definition: Security and quality classification. Constraints: N/A Value range: security: security check. security_enhance: enhanced security check. quality: quality check. Default value: N/A
industry_standards	No	String	Definition: Industry standards. Constraints: N/A Value range: N/A Default value: N/A
source_type	No	String	Definition: Rule creation type. Constraints: N/A Value range: 0: custom rule. 1: system rule. Default value: N/A
project_id	No	String	Definition : You can obtain the 32-character UUID by calling the API used to query the project list. Constraints: N/A Value range: 32-character project ID. Default value: N/A

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Definition : User token. Obtain one by calling the IAM API Obtaining a User Token. The value of X-Subject-Token in the response header is a token. Constraints: N/A Value range: 1–100,000 characters. Default value: N/A
operator	No	String	Definition: Operator username. Constraints: N/A Value range: 1 to 128 characters. Default value: N/A

Response Parameters

Status code: 200

**Table 3** Response body parameters
Parameter	Type	Description
httpStatus	String	Definition: HTTP response status. Value range: OK: The request has been successfully processed, and the server returns the requested resource or operation result. ACCEPTED: The request has been accepted by the server, but the processing is not complete (usually used for asynchronous operations). INTERNAL_SERVER_ERROR: internal API exception. BAD_REQUEST: abnormal parameter verification.
result	CriterionQueryInfo object	Definition: Rule list. Range: N/A
status	String	Definition: API response status. Value range: success: successful response. error: response failed.

**Table 4** CriterionQueryInfo
Parameter	Type	Description
criterionList	Array of CriterionInfoBody objects	Definition: Rule list. Range: N/A
setLanguage	String	Definition: Rule set language. Range: N/A
setName	String	Definition: Rule set name. Range: N/A
total	Integer	Definition: Total number of rules. Value range: ≥0

**Table 5** CriterionInfoBody
Parameter	Type	Description
id	String	Definition: Capability rule ID. Value range: N/A
name	String	Definition: Capability rule name in Chinese. Range: N/A
nameCn	String	Definition: Capability rule name in English. Range: N/A
isSupportVersion	String	Definition: Whether version-level check is supported for the rule in the rule set. Value range: enable: supported. disable: not supported.
isSupportPersonal	String	Definition: Whether gate-level check is supported for the rule in the rule set. Value range: enable: supported. disable: not supported.
isSupportIDE	String	Definition: Whether IDE-level check is supported for the rule in the rule set. Value range: enable: supported. disable: not supported.
supportVersion	String	Definition: Whether the rule supports version-level check. Value range: 1: supported. 0: not supported.
supportPersonal	String	Definition: Whether the rule supports IDE-level check. Value range: 1: supported. 0: not supported.
supportIDE	String	Definition: Whether the rule supports IDE-level check. Value range: 1: supported. 0: not supported.
comments	String	Definition: Description. Range: N/A
goodExample	String	Definition: Compliant example. Range: N/A
badExample	String	Definition: Noncompliant example. Range: N/A
recommend	String	Definition: Fix suggestions. Range: N/A
severity	String	Definition: Alarm severity. Value range: 0: critical 1: major 2: minor 3: suggestion
language	String	Definition: Rule language. Value range: ArkTS C# Cangjie C++ CSS Go HTML Java JavaScript Kotlin Lua PHP Python Rust Scala Shell SQL Terraform TypeScript
systemTag	String	Definition: Engine name. Range: codemars, secbrella, etc.
criterionSetId	String	Definition: Rule set ID. Value range: 32-character UUID. This field has a value when rules in a rule set are queried. This field is empty when rules are queried.
options	Array of CriterionOption objects	Definition: Configuration parameters associated with the rule. Range: N/A
criterionType	String	Definition: Service type. Value range: common: general. common_standard_recommend: general recommendation. common_standard_rule: general rule. security: security. security_standard_recommend: security recommendation. security_standard_rule: security rule.
userTag	String	Definition: User tag. Range: N/A
cwe	String	Definition: CWE IDs. Range: N/A
delayStartTime	String	Definition: Delay alarm start time (UTC). Format: yyyy-MM-ddTHH:mm:ssZ. For example, 2020-09-25T12:05:00Z. Value range: N/A
delayEndTime	String	Definition: Delay alarm end time (UTC). Format: yyyy-MM-ddTHH:mm:ssZ. Range: N/A
creator	String	Definition: Creator. Range: Creator of the custom rule. The creator is the same as the username.
sourceType	String	Definition: Rule type. Value range: 0: custom rule. 1: system rule.
toolVersion	String	Definition: Rule version. Range: N/A
uniqueId	String	Definition: Unique ID of a capability rule. Value range: 32-character UUID.
domainId	String	Definition: Tenant ID. Value range: system: system rule. 32-character UUID: ID of the tenant who creates the custom rule.
creatorId	String	Definition: Tenant ID. Value range: system: system rule. 32-character UUID: ID of the user who creates the custom rule.

**Table 6** CriterionOption
Parameter	Type	Description
ruleId	String	Definition: Tool rule ID. Value range: 32-character UUID.
ruleName	String	Definition: Tool rule name. Range: N/A
criterionId	String	Definition: Capability rule ID. Value range: 32-character UUID.
criterionSetId	String	Definition: Rule set ID. Value range: 32-character UUID.
optionKey	String	Definition: Key of a configuration parameter. Range: N/A
name	String	Definition: Option name. Range: N/A
optionValue	String	Definition: Value of the configuration parameter. The value is set by the user. If left blank, the default value will be used. Range: N/A
description	String	Definition: Description of the configuration parameter. Range: N/A
defaultValue	String	Definition: Default value. Range: N/A
valueType	String	Definition: Parameter value type. Value range: BOOLEAN: boolean FLOAT: floating point number INTEGER: integer STRING: string If not specified, STRING is used by default.
valueRange	String	Definition: Parameter value range. Range: N/A

Status code: 400

**Table 7** Response body parameters
Parameter	Type	Description
error_code	String	Definition: Error code. Value range: N/A
error_msg	String	Definition: Error message. Value range: N/A

Status code: 401

**Table 8** Response body parameters
Parameter	Type	Description
error_code	String	Definition: Error code. Value range: N/A
error_msg	String	Definition: Error message. Value range: N/A

Example Requests

GET https://{endpoint}/v2/criterions?system_tag=secbrella&languages=JAVA&onlines=1&tool_version=202507&severitys=0

Example Responses

Status code: 200

query criterions

{
  "httpStatus" : "OK",
  "result" : {
    "applicationScopeInfoList" : [ ],
    "categoryInfoList" : [ ],
    "criterionTypeList" : [ ],
    "dirTrees" : [ ],
    "fromRedis" : false,
    "inheritInfoList" : [ ],
    "issueTypeInfoList" : [ ],
    "onlineInfoList" : [ ],
    "severityInfoList" : [ ],
    "sourceList" : [ ]
  },
  "status" : "success"
}

Status code: 400

Bad Request

{
  "error_code" : "CC.xxxxxxxx.400",
  "error_msg" : "Verify request parameter failed. Check whether the request parameters are correct."
}

Status code: 401

Unauthorized

{
  "error_code" : "CC.00000003",
  "error_msg" : "Authentication information expired."
}

Status Codes

Status Code	Description
200	query criterions
400	Bad Request
401	Unauthorized

Error Codes

See Error Codes.

Parent Topic: Rule Management

Previous topic: Querying Rule Filters

Next topic: Modifying Enabled Rules in a Rule Set

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot