google-apis-ondemandscanning_v1beta1 0.34.0 → 0.36.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5ad60c0aca33c85bbcd51c60bb7b998ad0adab35da9cdc993462e2d34adc685e
-  data.tar.gz: 141b2a9473f028f94293d826722ae4e9616bcb4b0e3c6f18a052b12586c02d62
+  metadata.gz: df0fa2b60ab13954c212860f98da9152661c1b1270d7362a95c228da11641df4
+  data.tar.gz: a94cd525eb7b86571e0a92a25ee7516492fb71280cf050c466597917874d3e0b
 SHA512:
-  metadata.gz: ec2ad9f495d475ba8206ef485d2e639414b68ca73917ffff2a7ae275bd1fdec0e09b280c1296190349e2feaaaf8626756c9825dd4f0dbb0c33863d8fba611b4f
-  data.tar.gz: 450888b46881ce1a86e09a8af61bd99d27c5aa28d8e740bed9d95a38a8068442df45caedaba88d1fe8b69a4d3438731a9eeaca0bb67b59b09fb1099aa194bfd7
+  metadata.gz: 023e03a5ab277d15525c5e88233ae38cd529a56390140e90ed87826bf8599d33e53cfb198d5372cc4f9565ee99193a4db090b941d1c1dd2d33f0baa46f6115dd
+  data.tar.gz: 3ee60f7dffa5c41ebcc41066d9956d00550d3e55720c15dcd408569162c73256015c4c27df310a5949da6343b74794deb4ecb9a452d43f1f0149ebebc4053774

data/CHANGELOG.md

@@ -1,5 +1,13 @@
 # Release history for google-apis-ondemandscanning_v1beta1
 
+### v0.36.0 (2023-05-07)
+
+* Regenerated from discovery document revision 20230501
+
+### v0.35.0 (2023-04-16)
+
+* Regenerated from discovery document revision 20230403
+
 ### v0.34.0 (2023-03-26)
 
 * Regenerated from discovery document revision 20230313

data/lib/google/apis/ondemandscanning_v1beta1/classes.rb

@@ -1891,6 +1891,13 @@ module Google
         # @return [String]
         attr_accessor :resource_uri
       
+        # The occurrence representing an SBOM reference as applied to a specific
+        # resource. The occurrence follows the DSSE specification. See https://github.
+        # com/secure-systems-lab/dsse/blob/master/envelope.md for more details.
+        # Corresponds to the JSON property `sbomReference`
+        # @return [Google::Apis::OndemandscanningV1beta1::SbomReferenceOccurrence]
+        attr_accessor :sbom_reference
+      
         # Output only. The time this occurrence was last updated.
         # Corresponds to the JSON property `updateTime`
         # @return [String]
@@ -1931,6 +1938,7 @@ module Google
           @package = args[:package] if args.key?(:package)
           @remediation = args[:remediation] if args.key?(:remediation)
           @resource_uri = args[:resource_uri] if args.key?(:resource_uri)
+          @sbom_reference = args[:sbom_reference] if args.key?(:sbom_reference)
           @update_time = args[:update_time] if args.key?(:update_time)
           @upgrade = args[:upgrade] if args.key?(:upgrade)
           @vulnerability = args[:vulnerability] if args.key?(:vulnerability)
@@ -2008,6 +2016,15 @@ module Google
         # @return [String]
         attr_accessor :architecture
       
+        # The binary package. This is significant when the source is different than the
+        # binary itself. Historically if they've differed, we've stored the name of the
+        # source and its version in the package/version fields, but we should also store
+        # the binary package info, as that's what's actually installed. See b/175908657#
+        # comment15.
+        # Corresponds to the JSON property `binaryVersion`
+        # @return [Google::Apis::OndemandscanningV1beta1::PackageVersion]
+        attr_accessor :binary_version
+      
         # The cpe_uri in [cpe format] (https://cpe.mitre.org/specification/) in which
         # the vulnerability may manifest. Examples include distro or storage location
         # for vulnerable jar.
@@ -2065,6 +2082,14 @@ module Google
         # @return [Array<String>]
         attr_accessor :patched_cve
       
+        # The source package. Similar to the above, this is significant when the source
+        # is different than the binary itself. Since the top-level package/version
+        # fields are based on an if/else, we need a separate field for both binary and
+        # source if we want to know definitively where the data is coming from.
+        # Corresponds to the JSON property `sourceVersion`
+        # @return [Google::Apis::OndemandscanningV1beta1::PackageVersion]
+        attr_accessor :source_version
+      
         # 
         # Corresponds to the JSON property `unused`
         # @return [String]
@@ -2082,6 +2107,7 @@ module Google
         # Update properties of this object
         def update!(**args)
           @architecture = args[:architecture] if args.key?(:architecture)
+          @binary_version = args[:binary_version] if args.key?(:binary_version)
           @cpe_uri = args[:cpe_uri] if args.key?(:cpe_uri)
           @dependency_chain = args[:dependency_chain] if args.key?(:dependency_chain)
           @file_location = args[:file_location] if args.key?(:file_location)
@@ -2092,6 +2118,7 @@ module Google
           @package = args[:package] if args.key?(:package)
           @package_type = args[:package_type] if args.key?(:package_type)
           @patched_cve = args[:patched_cve] if args.key?(:patched_cve)
+          @source_version = args[:source_version] if args.key?(:source_version)
           @unused = args[:unused] if args.key?(:unused)
           @version = args[:version] if args.key?(:version)
         end
@@ -2237,6 +2264,31 @@ module Google
         end
       end
       
+      # 
+      class PackageVersion
+        include Google::Apis::Core::Hashable
+      
+        # 
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # 
+        # Corresponds to the JSON property `version`
+        # @return [String]
+        attr_accessor :version
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @name = args[:name] if args.key?(:name)
+          @version = args[:version] if args.key?(:version)
+        end
+      end
+      
       # Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31)
       # and a repo name within that project.
       class ProjectRepoId
@@ -2406,6 +2458,119 @@ module Google
         end
       end
       
+      # The occurrence representing an SBOM reference as applied to a specific
+      # resource. The occurrence follows the DSSE specification. See https://github.
+      # com/secure-systems-lab/dsse/blob/master/envelope.md for more details.
+      class SbomReferenceOccurrence
+        include Google::Apis::Core::Hashable
+      
+        # The actual payload that contains the SBOM Reference data. The payload follows
+        # the intoto statement specification. See https://github.com/in-toto/attestation/
+        # blob/main/spec/v1.0/statement.md for more details.
+        # Corresponds to the JSON property `payload`
+        # @return [Google::Apis::OndemandscanningV1beta1::SbomReferenceIntotoPayload]
+        attr_accessor :payload
+      
+        # The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the
+        # intoto format, this value is expected to be 'application/vnd.in-toto+json'.
+        # Corresponds to the JSON property `payloadType`
+        # @return [String]
+        attr_accessor :payload_type
+      
+        # The signatures over the payload.
+        # Corresponds to the JSON property `signatures`
+        # @return [Array<Google::Apis::OndemandscanningV1beta1::EnvelopeSignature>]
+        attr_accessor :signatures
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @payload = args[:payload] if args.key?(:payload)
+          @payload_type = args[:payload_type] if args.key?(:payload_type)
+          @signatures = args[:signatures] if args.key?(:signatures)
+        end
+      end
+      
+      # The actual payload that contains the SBOM Reference data. The payload follows
+      # the intoto statement specification. See https://github.com/in-toto/attestation/
+      # blob/main/spec/v1.0/statement.md for more details.
+      class SbomReferenceIntotoPayload
+        include Google::Apis::Core::Hashable
+      
+        # Identifier for the schema of the Statement.
+        # Corresponds to the JSON property `_type`
+        # @return [String]
+        attr_accessor :_type
+      
+        # A predicate which describes the SBOM being referenced.
+        # Corresponds to the JSON property `predicate`
+        # @return [Google::Apis::OndemandscanningV1beta1::SbomReferenceIntotoPredicate]
+        attr_accessor :predicate
+      
+        # URI identifying the type of the Predicate.
+        # Corresponds to the JSON property `predicateType`
+        # @return [String]
+        attr_accessor :predicate_type
+      
+        # Set of software artifacts that the attestation applies to. Each element
+        # represents a single software artifact.
+        # Corresponds to the JSON property `subject`
+        # @return [Array<Google::Apis::OndemandscanningV1beta1::Subject>]
+        attr_accessor :subject
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @_type = args[:_type] if args.key?(:_type)
+          @predicate = args[:predicate] if args.key?(:predicate)
+          @predicate_type = args[:predicate_type] if args.key?(:predicate_type)
+          @subject = args[:subject] if args.key?(:subject)
+        end
+      end
+      
+      # A predicate which describes the SBOM being referenced.
+      class SbomReferenceIntotoPredicate
+        include Google::Apis::Core::Hashable
+      
+        # A map of algorithm to digest of the contents of the SBOM.
+        # Corresponds to the JSON property `digest`
+        # @return [Hash<String,String>]
+        attr_accessor :digest
+      
+        # The location of the SBOM.
+        # Corresponds to the JSON property `location`
+        # @return [String]
+        attr_accessor :location
+      
+        # The mime type of the SBOM.
+        # Corresponds to the JSON property `mimeType`
+        # @return [String]
+        attr_accessor :mime_type
+      
+        # The person or system referring this predicate to the consumer.
+        # Corresponds to the JSON property `referrerId`
+        # @return [String]
+        attr_accessor :referrer_id
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @digest = args[:digest] if args.key?(:digest)
+          @location = args[:location] if args.key?(:location)
+          @mime_type = args[:mime_type] if args.key?(:mime_type)
+          @referrer_id = args[:referrer_id] if args.key?(:referrer_id)
+        end
+      end
+      
       # Verifiers (e.g. Kritis implementations) MUST verify signatures with respect to
       # the trust anchors defined in policy (e.g. a Kritis policy). Typically this
       # means that the verifier has been configured with a map from `public_key_id` to

data/lib/google/apis/ondemandscanning_v1beta1/gem_version.rb

@@ -16,13 +16,13 @@ module Google
   module Apis
     module OndemandscanningV1beta1
       # Version of the google-apis-ondemandscanning_v1beta1 gem
-      GEM_VERSION = "0.34.0"
+      GEM_VERSION = "0.36.0"
 
       # Version of the code generator used to generate this client
       GENERATOR_VERSION = "0.12.0"
 
       # Revision of the discovery document this client was generated from
-      REVISION = "20230313"
+      REVISION = "20230501"
     end
   end
 end

data/lib/google/apis/ondemandscanning_v1beta1/representations.rb

@@ -370,6 +370,12 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class PackageVersion
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class ProjectRepoId
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -400,6 +406,24 @@ module Google
         include Google::Apis::Core::JsonObjectSupport
       end
       
+      class SbomReferenceOccurrence
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class SbomReferenceIntotoPayload
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
+      class SbomReferenceIntotoPredicate
+        class Representation < Google::Apis::Core::JsonRepresentation; end
+      
+        include Google::Apis::Core::JsonObjectSupport
+      end
+      
       class Signature
         class Representation < Google::Apis::Core::JsonRepresentation; end
       
@@ -1042,6 +1066,8 @@ module Google
       
           property :remediation, as: 'remediation'
           property :resource_uri, as: 'resourceUri'
+          property :sbom_reference, as: 'sbomReference', class: Google::Apis::OndemandscanningV1beta1::SbomReferenceOccurrence, decorator: Google::Apis::OndemandscanningV1beta1::SbomReferenceOccurrence::Representation
+      
           property :update_time, as: 'updateTime'
           property :upgrade, as: 'upgrade', class: Google::Apis::OndemandscanningV1beta1::UpgradeOccurrence, decorator: Google::Apis::OndemandscanningV1beta1::UpgradeOccurrence::Representation
       
@@ -1066,6 +1092,8 @@ module Google
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
           property :architecture, as: 'architecture'
+          property :binary_version, as: 'binaryVersion', class: Google::Apis::OndemandscanningV1beta1::PackageVersion, decorator: Google::Apis::OndemandscanningV1beta1::PackageVersion::Representation
+      
           property :cpe_uri, as: 'cpeUri'
           collection :dependency_chain, as: 'dependencyChain', class: Google::Apis::OndemandscanningV1beta1::LanguagePackageDependency, decorator: Google::Apis::OndemandscanningV1beta1::LanguagePackageDependency::Representation
       
@@ -1079,6 +1107,8 @@ module Google
           property :package, as: 'package'
           property :package_type, as: 'packageType'
           collection :patched_cve, as: 'patchedCve'
+          property :source_version, as: 'sourceVersion', class: Google::Apis::OndemandscanningV1beta1::PackageVersion, decorator: Google::Apis::OndemandscanningV1beta1::PackageVersion::Representation
+      
           property :unused, as: 'unused'
           property :version, as: 'version'
         end
@@ -1119,6 +1149,14 @@ module Google
         end
       end
       
+      class PackageVersion
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :name, as: 'name'
+          property :version, as: 'version'
+        end
+      end
+      
       class ProjectRepoId
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation
@@ -1165,6 +1203,39 @@ module Google
         end
       end
       
+      class SbomReferenceOccurrence
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :payload, as: 'payload', class: Google::Apis::OndemandscanningV1beta1::SbomReferenceIntotoPayload, decorator: Google::Apis::OndemandscanningV1beta1::SbomReferenceIntotoPayload::Representation
+      
+          property :payload_type, as: 'payloadType'
+          collection :signatures, as: 'signatures', class: Google::Apis::OndemandscanningV1beta1::EnvelopeSignature, decorator: Google::Apis::OndemandscanningV1beta1::EnvelopeSignature::Representation
+      
+        end
+      end
+      
+      class SbomReferenceIntotoPayload
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          property :_type, as: '_type'
+          property :predicate, as: 'predicate', class: Google::Apis::OndemandscanningV1beta1::SbomReferenceIntotoPredicate, decorator: Google::Apis::OndemandscanningV1beta1::SbomReferenceIntotoPredicate::Representation
+      
+          property :predicate_type, as: 'predicateType'
+          collection :subject, as: 'subject', class: Google::Apis::OndemandscanningV1beta1::Subject, decorator: Google::Apis::OndemandscanningV1beta1::Subject::Representation
+      
+        end
+      end
+      
+      class SbomReferenceIntotoPredicate
+        # @private
+        class Representation < Google::Apis::Core::JsonRepresentation
+          hash :digest, as: 'digest'
+          property :location, as: 'location'
+          property :mime_type, as: 'mimeType'
+          property :referrer_id, as: 'referrerId'
+        end
+      end
+      
       class Signature
         # @private
         class Representation < Google::Apis::Core::JsonRepresentation

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-apis-ondemandscanning_v1beta1
 version: !ruby/object:Gem::Version
-  version: 0.34.0
+  version: 0.36.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-03-26 00:00:00.000000000 Z
+date: 2023-05-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: google-apis-core
@@ -58,7 +58,7 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/googleapis/google-api-ruby-client/issues
   changelog_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-ondemandscanning_v1beta1/CHANGELOG.md
-  documentation_uri: https://googleapis.dev/ruby/google-apis-ondemandscanning_v1beta1/v0.34.0
+  documentation_uri: https://googleapis.dev/ruby/google-apis-ondemandscanning_v1beta1/v0.36.0
   source_code_uri: https://github.com/googleapis/google-api-ruby-client/tree/main/generated/google-apis-ondemandscanning_v1beta1
 post_install_message: 
 rdoc_options: []