List source revisions for an assessment
GET/api/v1/assessments/:assessment_id/revisions
Return the append-only CodeRevision series for an assessment.
Ordered by revision_number ascending — the genesis revision is
always position 1, then each subsequent attach (fix re-upload,
incremental base, PR head) is appended. The series is keyed by
series_assessment_id so a future re-audit child sharing the
same logical source lineage still walks one series; for series-
root assessments (every assessment in production today) the
series_assessment_id equals the assessment_id.
- Scope required:
assessments:read. - Rate-limit tier: read (default).
- Returns an empty list (NOT 404) when the assessment has no
revisions yet — pre-FND-1 backfill targets exist in this state
momentarily; see :mod:
app.scripts.migrate_code_revisions_genesis. - Capped at
_REVISIONS_RESPONSE_CAProws; that ceiling protects the response when a long-lived assessment accumulates many PR-head revisions.
Request
Responses
- 200
- 400
- 401
- 403
- 404
- 409
- 422
- 429
- 500
Successful Response
Bad request — malformed input or failed validation.
Missing, expired, or invalid credentials.
Authenticated but not authorized for this resource. Note: cross-organization reads return 404, not 403.
Resource not found, or hidden for tenant-enumeration safety (the caller lacks permission to know whether the resource exists).
Conflict — the current resource state does not allow this operation (e.g. assessment already started, email already in use).
Semantic validation failure — request shape was valid but contents were not.
Too many requests — rate limited. Retry after the window resets.
Internal server error — unexpected failure.