Exporting a Security Scan Report for External Use
For offline viewing and processing of security scan reports with Security for Bitbucket, you can export those reports to CSV file, which will have the following format:
You can export vulnerabilities using one of ways, described below.
Exporting from the repository Scan page
To do so, first go to the repository and report in question.
Then click the Export button in the top right corner of the report:
You will then download a file with the naming scheme: <projectKey>_<repositoryKey>_<branchName>.CSV
Exporting from Security Scan Report
You can export detected vulnerabilities from the global Security Scan Report page which you can access by clicking the lock icon in the top Bitbucket bar.
Click the action drop-down menu and select Export item as shown below:
You can do this on any view level - branch, repository or project. When exporting a project, the generated report will contained vulnerabilities found in all branches of all repositories which belong the selected project.
Exported file will have the following name:
for project:
<projectKey>.CSVfor repository:
<projectKey>_<repositoryKey>.CSVfor branch:
<projectKey>_<repositoryKey>_<branchName>.CSV
Note, that this menu item is displayed only when some vulnerabilities are present, if branch (repository, project) was not scanned or no vulnerabilities were detected during the scan, the Export menu item will not be shown.
Exporting vulnerabilities via a REST-call
If you need to export overall vulnerabilities list for all projects, repositories and branches into a single file, you can use a REST-call.