google-cloud-container_analysis-v1 0.1.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,245 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2020 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Grafeas
21
+ module V1
22
+ # A security vulnerability that can be found in resources.
23
+ # @!attribute [rw] cvss_score
24
+ # @return [::Float]
25
+ # The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10
26
+ # where 0 indicates low severity and 10 indicates high severity.
27
+ # @!attribute [rw] severity
28
+ # @return [::Grafeas::V1::Severity]
29
+ # The note provider assigned severity of this vulnerability.
30
+ # @!attribute [rw] details
31
+ # @return [::Array<::Grafeas::V1::VulnerabilityNote::Detail>]
32
+ # Details of all known distros and packages affected by this vulnerability.
33
+ # @!attribute [rw] cvss_v3
34
+ # @return [::Grafeas::V1::CVSSv3]
35
+ # The full description of the CVSSv3 for this vulnerability.
36
+ # @!attribute [rw] windows_details
37
+ # @return [::Array<::Grafeas::V1::VulnerabilityNote::WindowsDetail>]
38
+ # Windows details get their own format because the information format and
39
+ # model don't match a normal detail. Specifically Windows updates are done as
40
+ # patches, thus Windows vulnerabilities really are a missing package, rather
41
+ # than a package being at an incorrect version.
42
+ # @!attribute [rw] source_update_time
43
+ # @return [::Google::Protobuf::Timestamp]
44
+ # The time this information was last changed at the source. This is an
45
+ # upstream timestamp from the underlying information source - e.g. Ubuntu
46
+ # security tracker.
47
+ class VulnerabilityNote
48
+ include ::Google::Protobuf::MessageExts
49
+ extend ::Google::Protobuf::MessageExts::ClassMethods
50
+
51
+ # A detail for a distro and package affected by this vulnerability and its
52
+ # associated fix (if one is available).
53
+ # @!attribute [rw] severity_name
54
+ # @return [::String]
55
+ # The distro assigned severity of this vulnerability.
56
+ # @!attribute [rw] description
57
+ # @return [::String]
58
+ # A vendor-specific description of this vulnerability.
59
+ # @!attribute [rw] package_type
60
+ # @return [::String]
61
+ # The type of package; whether native or non native (e.g., ruby gems,
62
+ # node.js packages, etc.).
63
+ # @!attribute [rw] affected_cpe_uri
64
+ # @return [::String]
65
+ # Required. The [CPE URI](https://cpe.mitre.org/specification/) this
66
+ # vulnerability affects.
67
+ # @!attribute [rw] affected_package
68
+ # @return [::String]
69
+ # Required. The package this vulnerability affects.
70
+ # @!attribute [rw] affected_version_start
71
+ # @return [::Grafeas::V1::Version]
72
+ # The version number at the start of an interval in which this
73
+ # vulnerability exists. A vulnerability can affect a package between
74
+ # version numbers that are disjoint sets of intervals (example:
75
+ # [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be
76
+ # represented in its own Detail. If a specific affected version is provided
77
+ # by a vulnerability database, affected_version_start and
78
+ # affected_version_end will be the same in that Detail.
79
+ # @!attribute [rw] affected_version_end
80
+ # @return [::Grafeas::V1::Version]
81
+ # The version number at the end of an interval in which this vulnerability
82
+ # exists. A vulnerability can affect a package between version numbers
83
+ # that are disjoint sets of intervals (example: [1.0.0-1.1.0],
84
+ # [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its
85
+ # own Detail. If a specific affected version is provided by a vulnerability
86
+ # database, affected_version_start and affected_version_end will be the
87
+ # same in that Detail.
88
+ # @!attribute [rw] fixed_cpe_uri
89
+ # @return [::String]
90
+ # The distro recommended [CPE URI](https://cpe.mitre.org/specification/)
91
+ # to update to that contains a fix for this vulnerability. It is possible
92
+ # for this to be different from the affected_cpe_uri.
93
+ # @!attribute [rw] fixed_package
94
+ # @return [::String]
95
+ # The distro recommended package to update to that contains a fix for this
96
+ # vulnerability. It is possible for this to be different from the
97
+ # affected_package.
98
+ # @!attribute [rw] fixed_version
99
+ # @return [::Grafeas::V1::Version]
100
+ # The distro recommended version to update to that contains a
101
+ # fix for this vulnerability. Setting this to VersionKind.MAXIMUM means no
102
+ # such version is yet available.
103
+ # @!attribute [rw] is_obsolete
104
+ # @return [::Boolean]
105
+ # Whether this detail is obsolete. Occurrences are expected not to point to
106
+ # obsolete details.
107
+ # @!attribute [rw] source_update_time
108
+ # @return [::Google::Protobuf::Timestamp]
109
+ # The time this information was last changed at the source. This is an
110
+ # upstream timestamp from the underlying information source - e.g. Ubuntu
111
+ # security tracker.
112
+ class Detail
113
+ include ::Google::Protobuf::MessageExts
114
+ extend ::Google::Protobuf::MessageExts::ClassMethods
115
+ end
116
+
117
+ # @!attribute [rw] cpe_uri
118
+ # @return [::String]
119
+ # Required. The [CPE URI](https://cpe.mitre.org/specification/) this
120
+ # vulnerability affects.
121
+ # @!attribute [rw] name
122
+ # @return [::String]
123
+ # Required. The name of this vulnerability.
124
+ # @!attribute [rw] description
125
+ # @return [::String]
126
+ # The description of this vulnerability.
127
+ # @!attribute [rw] fixing_kbs
128
+ # @return [::Array<::Grafeas::V1::VulnerabilityNote::WindowsDetail::KnowledgeBase>]
129
+ # Required. The names of the KBs which have hotfixes to mitigate this
130
+ # vulnerability. Note that there may be multiple hotfixes (and thus
131
+ # multiple KBs) that mitigate a given vulnerability. Currently any listed
132
+ # KBs presence is considered a fix.
133
+ class WindowsDetail
134
+ include ::Google::Protobuf::MessageExts
135
+ extend ::Google::Protobuf::MessageExts::ClassMethods
136
+
137
+ # @!attribute [rw] name
138
+ # @return [::String]
139
+ # The KB name (generally of the form KB[0-9]+ (e.g., KB123456)).
140
+ # @!attribute [rw] url
141
+ # @return [::String]
142
+ # A link to the KB in the [Windows update catalog]
143
+ # (https://www.catalog.update.microsoft.com/).
144
+ class KnowledgeBase
145
+ include ::Google::Protobuf::MessageExts
146
+ extend ::Google::Protobuf::MessageExts::ClassMethods
147
+ end
148
+ end
149
+ end
150
+
151
+ # An occurrence of a severity vulnerability on a resource.
152
+ # @!attribute [rw] type
153
+ # @return [::String]
154
+ # The type of package; whether native or non native (e.g., ruby gems, node.js
155
+ # packages, etc.).
156
+ # @!attribute [rw] severity
157
+ # @return [::Grafeas::V1::Severity]
158
+ # Output only. The note provider assigned severity of this vulnerability.
159
+ # @!attribute [rw] cvss_score
160
+ # @return [::Float]
161
+ # Output only. The CVSS score of this vulnerability. CVSS score is on a
162
+ # scale of 0 - 10 where 0 indicates low severity and 10 indicates high
163
+ # severity.
164
+ # @!attribute [rw] package_issue
165
+ # @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
166
+ # Required. The set of affected locations and their fixes (if available)
167
+ # within the associated resource.
168
+ # @!attribute [rw] short_description
169
+ # @return [::String]
170
+ # Output only. A one sentence description of this vulnerability.
171
+ # @!attribute [rw] long_description
172
+ # @return [::String]
173
+ # Output only. A detailed description of this vulnerability.
174
+ # @!attribute [rw] related_urls
175
+ # @return [::Array<::Grafeas::V1::RelatedUrl>]
176
+ # Output only. URLs related to this vulnerability.
177
+ # @!attribute [rw] effective_severity
178
+ # @return [::Grafeas::V1::Severity]
179
+ # The distro assigned severity for this vulnerability when it is available,
180
+ # otherwise this is the note provider assigned severity.
181
+ # @!attribute [rw] fix_available
182
+ # @return [::Boolean]
183
+ # Output only. Whether at least one of the affected packages has a fix
184
+ # available.
185
+ class VulnerabilityOccurrence
186
+ include ::Google::Protobuf::MessageExts
187
+ extend ::Google::Protobuf::MessageExts::ClassMethods
188
+
189
+ # A detail for a distro and package this vulnerability occurrence was found
190
+ # in and its associated fix (if one is available).
191
+ # @!attribute [rw] affected_cpe_uri
192
+ # @return [::String]
193
+ # Required. The [CPE URI](https://cpe.mitre.org/specification/) this
194
+ # vulnerability was found in.
195
+ # @!attribute [rw] affected_package
196
+ # @return [::String]
197
+ # Required. The package this vulnerability was found in.
198
+ # @!attribute [rw] affected_version
199
+ # @return [::Grafeas::V1::Version]
200
+ # Required. The version of the package that is installed on the resource
201
+ # affected by this vulnerability.
202
+ # @!attribute [rw] fixed_cpe_uri
203
+ # @return [::String]
204
+ # The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability
205
+ # was fixed in. It is possible for this to be different from the
206
+ # affected_cpe_uri.
207
+ # @!attribute [rw] fixed_package
208
+ # @return [::String]
209
+ # The package this vulnerability was fixed in. It is possible for this to
210
+ # be different from the affected_package.
211
+ # @!attribute [rw] fixed_version
212
+ # @return [::Grafeas::V1::Version]
213
+ # Required. The version of the package this vulnerability was fixed in.
214
+ # Setting this to VersionKind.MAXIMUM means no fix is yet available.
215
+ # @!attribute [rw] fix_available
216
+ # @return [::Boolean]
217
+ # Output only. Whether a fix is available for this package.
218
+ class PackageIssue
219
+ include ::Google::Protobuf::MessageExts
220
+ extend ::Google::Protobuf::MessageExts::ClassMethods
221
+ end
222
+ end
223
+
224
+ # Note provider assigned severity/impact ranking.
225
+ module Severity
226
+ # Unknown.
227
+ SEVERITY_UNSPECIFIED = 0
228
+
229
+ # Minimal severity.
230
+ MINIMAL = 1
231
+
232
+ # Low severity.
233
+ LOW = 2
234
+
235
+ # Medium severity.
236
+ MEDIUM = 3
237
+
238
+ # High severity.
239
+ HIGH = 4
240
+
241
+ # Critical severity.
242
+ CRITICAL = 5
243
+ end
244
+ end
245
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-cloud-container_analysis-v1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.1.0
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-06-03 00:00:00.000000000 Z
11
+ date: 2021-02-02 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gapic-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - "~>"
18
18
  - !ruby/object:Gem::Version
19
- version: '0.2'
19
+ version: '0.3'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - "~>"
25
25
  - !ruby/object:Gem::Version
26
- version: '0.2'
26
+ version: '0.3'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: google-cloud-errors
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -186,7 +186,9 @@ dependencies:
186
186
  version: '0.9'
187
187
  description: The Container Analysis API is an implementation of Grafeas. It stores,
188
188
  and enables querying and retrieval of, critical metadata about all of your software
189
- artifacts.
189
+ artifacts. Note that google-cloud-container_analysis-v1 is a version-specific client
190
+ library. For most uses, we recommend installing the main client library google-cloud-container_analysis
191
+ instead. See the readme for more details.
190
192
  email: googleapis-packages@google.com
191
193
  executables: []
192
194
  extensions: []
@@ -202,17 +204,23 @@ files:
202
204
  - lib/google/cloud/container_analysis/v1/container_analysis/client.rb
203
205
  - lib/google/cloud/container_analysis/v1/container_analysis/credentials.rb
204
206
  - lib/google/cloud/container_analysis/v1/container_analysis/helpers.rb
207
+ - lib/google/cloud/container_analysis/v1/container_analysis/paths.rb
205
208
  - lib/google/cloud/container_analysis/v1/version.rb
206
209
  - lib/google/devtools/containeranalysis/v1/containeranalysis_pb.rb
207
210
  - lib/google/devtools/containeranalysis/v1/containeranalysis_services_pb.rb
208
211
  - proto_docs/README.md
209
212
  - proto_docs/google/api/field_behavior.rb
210
213
  - proto_docs/google/api/resource.rb
214
+ - proto_docs/google/devtools/containeranalysis/v1/containeranalysis.rb
211
215
  - proto_docs/google/iam/v1/iam_policy.rb
212
216
  - proto_docs/google/iam/v1/options.rb
213
217
  - proto_docs/google/iam/v1/policy.rb
214
218
  - proto_docs/google/protobuf/timestamp.rb
215
219
  - proto_docs/google/type/expr.rb
220
+ - proto_docs/grafeas/v1/common.rb
221
+ - proto_docs/grafeas/v1/cvss.rb
222
+ - proto_docs/grafeas/v1/package.rb
223
+ - proto_docs/grafeas/v1/vulnerability.rb
216
224
  homepage: https://github.com/googleapis/google-cloud-ruby
217
225
  licenses:
218
226
  - Apache-2.0
@@ -232,7 +240,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
232
240
  - !ruby/object:Gem::Version
233
241
  version: '0'
234
242
  requirements: []
235
- rubygems_version: 3.1.3
243
+ rubygems_version: 3.2.6
236
244
  signing_key:
237
245
  specification_version: 4
238
246
  summary: API Client library for the Container Analysis V1 API