google-cloud-container_analysis-v1 0.4.3 → 0.4.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.yardopts +1 -1
- data/AUTHENTICATION.md +7 -25
- data/README.md +1 -1
- data/lib/google/cloud/container_analysis/v1/container_analysis/client.rb +81 -13
- data/lib/google/cloud/container_analysis/v1/version.rb +1 -1
- data/lib/google/devtools/containeranalysis/v1/containeranalysis_pb.rb +5 -3
- data/lib/google/devtools/containeranalysis/v1/containeranalysis_services_pb.rb +1 -1
- data/proto_docs/google/api/resource.rb +10 -71
- data/proto_docs/google/devtools/containeranalysis/v1/containeranalysis.rb +1 -1
- data/proto_docs/google/protobuf/any.rb +141 -0
- data/proto_docs/google/protobuf/empty.rb +36 -0
- data/proto_docs/google/protobuf/field_mask.rb +229 -0
- data/proto_docs/google/rpc/status.rb +46 -0
- data/proto_docs/grafeas/v1/attestation.rb +98 -0
- data/proto_docs/grafeas/v1/build.rb +64 -0
- data/proto_docs/grafeas/v1/common.rb +31 -2
- data/proto_docs/grafeas/v1/compliance.rb +98 -0
- data/proto_docs/grafeas/v1/cvss.rb +105 -0
- data/proto_docs/grafeas/v1/deployment.rb +74 -0
- data/proto_docs/grafeas/v1/discovery.rb +95 -0
- data/proto_docs/grafeas/v1/dsse_attestation.rb +59 -0
- data/proto_docs/grafeas/v1/grafeas.rb +419 -0
- data/proto_docs/grafeas/v1/image.rb +95 -0
- data/proto_docs/grafeas/v1/intoto_provenance.rb +134 -0
- data/proto_docs/grafeas/v1/intoto_statement.rb +65 -0
- data/proto_docs/grafeas/v1/package.rb +8 -0
- data/proto_docs/grafeas/v1/provenance.rb +318 -0
- data/proto_docs/grafeas/v1/severity.rb +43 -0
- data/proto_docs/grafeas/v1/slsa_provenance.rb +152 -0
- data/proto_docs/grafeas/v1/upgrade.rb +148 -0
- data/proto_docs/grafeas/v1/vulnerability.rb +25 -21
- metadata +31 -7
@@ -0,0 +1,148 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# Copyright 2022 Google LLC
|
4
|
+
#
|
5
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
6
|
+
# you may not use this file except in compliance with the License.
|
7
|
+
# You may obtain a copy of the License at
|
8
|
+
#
|
9
|
+
# https://www.apache.org/licenses/LICENSE-2.0
|
10
|
+
#
|
11
|
+
# Unless required by applicable law or agreed to in writing, software
|
12
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
13
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
14
|
+
# See the License for the specific language governing permissions and
|
15
|
+
# limitations under the License.
|
16
|
+
|
17
|
+
# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
|
18
|
+
|
19
|
+
|
20
|
+
module Grafeas
|
21
|
+
module V1
|
22
|
+
# An Upgrade Note represents a potential upgrade of a package to a given
|
23
|
+
# version. For each package version combination (i.e. bash 4.0, bash 4.1,
|
24
|
+
# bash 4.1.2), there will be an Upgrade Note. For Windows, windows_update field
|
25
|
+
# represents the information related to the update.
|
26
|
+
# @!attribute [rw] package
|
27
|
+
# @return [::String]
|
28
|
+
# Required for non-Windows OS. The package this Upgrade is for.
|
29
|
+
# @!attribute [rw] version
|
30
|
+
# @return [::Grafeas::V1::Version]
|
31
|
+
# Required for non-Windows OS. The version of the package in machine + human
|
32
|
+
# readable form.
|
33
|
+
# @!attribute [rw] distributions
|
34
|
+
# @return [::Array<::Grafeas::V1::UpgradeDistribution>]
|
35
|
+
# Metadata about the upgrade for each specific operating system.
|
36
|
+
# @!attribute [rw] windows_update
|
37
|
+
# @return [::Grafeas::V1::WindowsUpdate]
|
38
|
+
# Required for Windows OS. Represents the metadata about the Windows update.
|
39
|
+
class UpgradeNote
|
40
|
+
include ::Google::Protobuf::MessageExts
|
41
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
42
|
+
end
|
43
|
+
|
44
|
+
# The Upgrade Distribution represents metadata about the Upgrade for each
|
45
|
+
# operating system (CPE). Some distributions have additional metadata around
|
46
|
+
# updates, classifying them into various categories and severities.
|
47
|
+
# @!attribute [rw] cpe_uri
|
48
|
+
# @return [::String]
|
49
|
+
# Required - The specific operating system this metadata applies to. See
|
50
|
+
# https://cpe.mitre.org/specification/.
|
51
|
+
# @!attribute [rw] classification
|
52
|
+
# @return [::String]
|
53
|
+
# The operating system classification of this Upgrade, as specified by the
|
54
|
+
# upstream operating system upgrade feed. For Windows the classification is
|
55
|
+
# one of the category_ids listed at
|
56
|
+
# https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
|
57
|
+
# @!attribute [rw] severity
|
58
|
+
# @return [::String]
|
59
|
+
# The severity as specified by the upstream operating system.
|
60
|
+
# @!attribute [rw] cve
|
61
|
+
# @return [::Array<::String>]
|
62
|
+
# The cve tied to this Upgrade.
|
63
|
+
class UpgradeDistribution
|
64
|
+
include ::Google::Protobuf::MessageExts
|
65
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
66
|
+
end
|
67
|
+
|
68
|
+
# Windows Update represents the metadata about the update for the Windows
|
69
|
+
# operating system. The fields in this message come from the Windows Update API
|
70
|
+
# documented at
|
71
|
+
# https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdate.
|
72
|
+
# @!attribute [rw] identity
|
73
|
+
# @return [::Grafeas::V1::WindowsUpdate::Identity]
|
74
|
+
# Required - The unique identifier for the update.
|
75
|
+
# @!attribute [rw] title
|
76
|
+
# @return [::String]
|
77
|
+
# The localized title of the update.
|
78
|
+
# @!attribute [rw] description
|
79
|
+
# @return [::String]
|
80
|
+
# The localized description of the update.
|
81
|
+
# @!attribute [rw] categories
|
82
|
+
# @return [::Array<::Grafeas::V1::WindowsUpdate::Category>]
|
83
|
+
# The list of categories to which the update belongs.
|
84
|
+
# @!attribute [rw] kb_article_ids
|
85
|
+
# @return [::Array<::String>]
|
86
|
+
# The Microsoft Knowledge Base article IDs that are associated with the
|
87
|
+
# update.
|
88
|
+
# @!attribute [rw] support_url
|
89
|
+
# @return [::String]
|
90
|
+
# The hyperlink to the support information for the update.
|
91
|
+
# @!attribute [rw] last_published_timestamp
|
92
|
+
# @return [::Google::Protobuf::Timestamp]
|
93
|
+
# The last published timestamp of the update.
|
94
|
+
class WindowsUpdate
|
95
|
+
include ::Google::Protobuf::MessageExts
|
96
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
97
|
+
|
98
|
+
# The unique identifier of the update.
|
99
|
+
# @!attribute [rw] update_id
|
100
|
+
# @return [::String]
|
101
|
+
# The revision independent identifier of the update.
|
102
|
+
# @!attribute [rw] revision
|
103
|
+
# @return [::Integer]
|
104
|
+
# The revision number of the update.
|
105
|
+
class Identity
|
106
|
+
include ::Google::Protobuf::MessageExts
|
107
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
108
|
+
end
|
109
|
+
|
110
|
+
# The category to which the update belongs.
|
111
|
+
# @!attribute [rw] category_id
|
112
|
+
# @return [::String]
|
113
|
+
# The identifier of the category.
|
114
|
+
# @!attribute [rw] name
|
115
|
+
# @return [::String]
|
116
|
+
# The localized name of the category.
|
117
|
+
class Category
|
118
|
+
include ::Google::Protobuf::MessageExts
|
119
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
120
|
+
end
|
121
|
+
end
|
122
|
+
|
123
|
+
# An Upgrade Occurrence represents that a specific resource_url could install a
|
124
|
+
# specific upgrade. This presence is supplied via local sources (i.e. it is
|
125
|
+
# present in the mirror and the running system has noticed its availability).
|
126
|
+
# For Windows, both distribution and windows_update contain information for the
|
127
|
+
# Windows update.
|
128
|
+
# @!attribute [rw] package
|
129
|
+
# @return [::String]
|
130
|
+
# Required for non-Windows OS. The package this Upgrade is for.
|
131
|
+
# @!attribute [rw] parsed_version
|
132
|
+
# @return [::Grafeas::V1::Version]
|
133
|
+
# Required for non-Windows OS. The version of the package in a machine +
|
134
|
+
# human readable form.
|
135
|
+
# @!attribute [rw] distribution
|
136
|
+
# @return [::Grafeas::V1::UpgradeDistribution]
|
137
|
+
# Metadata about the upgrade for available for the specific operating system
|
138
|
+
# for the resource_url. This allows efficient filtering, as well as
|
139
|
+
# making it easier to use the occurrence.
|
140
|
+
# @!attribute [rw] windows_update
|
141
|
+
# @return [::Grafeas::V1::WindowsUpdate]
|
142
|
+
# Required for Windows OS. Represents the metadata about the Windows update.
|
143
|
+
class UpgradeOccurrence
|
144
|
+
include ::Google::Protobuf::MessageExts
|
145
|
+
extend ::Google::Protobuf::MessageExts::ClassMethods
|
146
|
+
end
|
147
|
+
end
|
148
|
+
end
|
@@ -109,6 +109,12 @@ module Grafeas
|
|
109
109
|
# The time this information was last changed at the source. This is an
|
110
110
|
# upstream timestamp from the underlying information source - e.g. Ubuntu
|
111
111
|
# security tracker.
|
112
|
+
# @!attribute [rw] source
|
113
|
+
# @return [::String]
|
114
|
+
# The source from which the information in this Detail was obtained.
|
115
|
+
# @!attribute [rw] vendor
|
116
|
+
# @return [::String]
|
117
|
+
# The name of the vendor of the product.
|
112
118
|
class Detail
|
113
119
|
include ::Google::Protobuf::MessageExts
|
114
120
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -161,6 +167,9 @@ module Grafeas
|
|
161
167
|
# Output only. The CVSS score of this vulnerability. CVSS score is on a
|
162
168
|
# scale of 0 - 10 where 0 indicates low severity and 10 indicates high
|
163
169
|
# severity.
|
170
|
+
# @!attribute [rw] cvssv3
|
171
|
+
# @return [::Grafeas::V1::CVSS]
|
172
|
+
# The cvss v3 score for the vulnerability.
|
164
173
|
# @!attribute [rw] package_issue
|
165
174
|
# @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
|
166
175
|
# Required. The set of affected locations and their fixes (if available)
|
@@ -178,6 +187,14 @@ module Grafeas
|
|
178
187
|
# @return [::Grafeas::V1::Severity]
|
179
188
|
# The distro assigned severity for this vulnerability when it is available,
|
180
189
|
# otherwise this is the note provider assigned severity.
|
190
|
+
#
|
191
|
+
# When there are multiple PackageIssues for this vulnerability, they can have
|
192
|
+
# different effective severities because some might be provided by the distro
|
193
|
+
# while others are provided by the language ecosystem for a language pack.
|
194
|
+
# For this reason, it is advised to use the effective severity on the
|
195
|
+
# PackageIssue level. In the case where multiple PackageIssues have differing
|
196
|
+
# effective severities, this field should be the highest severity for any of
|
197
|
+
# the PackageIssues.
|
181
198
|
# @!attribute [rw] fix_available
|
182
199
|
# @return [::Boolean]
|
183
200
|
# Output only. Whether at least one of the affected packages has a fix
|
@@ -215,31 +232,18 @@ module Grafeas
|
|
215
232
|
# @!attribute [rw] fix_available
|
216
233
|
# @return [::Boolean]
|
217
234
|
# Output only. Whether a fix is available for this package.
|
235
|
+
# @!attribute [rw] package_type
|
236
|
+
# @return [::String]
|
237
|
+
# The type of package (e.g. OS, MAVEN, GO).
|
238
|
+
# @!attribute [r] effective_severity
|
239
|
+
# @return [::Grafeas::V1::Severity]
|
240
|
+
# The distro or language system assigned severity for this vulnerability
|
241
|
+
# when that is available and note provider assigned severity when it is not
|
242
|
+
# available.
|
218
243
|
class PackageIssue
|
219
244
|
include ::Google::Protobuf::MessageExts
|
220
245
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
221
246
|
end
|
222
247
|
end
|
223
|
-
|
224
|
-
# Note provider assigned severity/impact ranking.
|
225
|
-
module Severity
|
226
|
-
# Unknown.
|
227
|
-
SEVERITY_UNSPECIFIED = 0
|
228
|
-
|
229
|
-
# Minimal severity.
|
230
|
-
MINIMAL = 1
|
231
|
-
|
232
|
-
# Low severity.
|
233
|
-
LOW = 2
|
234
|
-
|
235
|
-
# Medium severity.
|
236
|
-
MEDIUM = 3
|
237
|
-
|
238
|
-
# High severity.
|
239
|
-
HIGH = 4
|
240
|
-
|
241
|
-
# Critical severity.
|
242
|
-
CRITICAL = 5
|
243
|
-
end
|
244
248
|
end
|
245
249
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: google-cloud-container_analysis-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.4.
|
4
|
+
version: 0.4.7
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-02-16 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -48,16 +48,22 @@ dependencies:
|
|
48
48
|
name: grafeas-v1
|
49
49
|
requirement: !ruby/object:Gem::Requirement
|
50
50
|
requirements:
|
51
|
-
- - "
|
51
|
+
- - ">="
|
52
52
|
- !ruby/object:Gem::Version
|
53
|
-
version: '0.
|
53
|
+
version: '0.4'
|
54
|
+
- - "<"
|
55
|
+
- !ruby/object:Gem::Version
|
56
|
+
version: 2.a
|
54
57
|
type: :runtime
|
55
58
|
prerelease: false
|
56
59
|
version_requirements: !ruby/object:Gem::Requirement
|
57
60
|
requirements:
|
58
|
-
- - "
|
61
|
+
- - ">="
|
59
62
|
- !ruby/object:Gem::Version
|
60
|
-
version: '0.
|
63
|
+
version: '0.4'
|
64
|
+
- - "<"
|
65
|
+
- !ruby/object:Gem::Version
|
66
|
+
version: 2.a
|
61
67
|
- !ruby/object:Gem::Dependency
|
62
68
|
name: grpc-google-iam-v1
|
63
69
|
requirement: !ruby/object:Gem::Requirement
|
@@ -221,11 +227,29 @@ files:
|
|
221
227
|
- proto_docs/google/iam/v1/iam_policy.rb
|
222
228
|
- proto_docs/google/iam/v1/options.rb
|
223
229
|
- proto_docs/google/iam/v1/policy.rb
|
230
|
+
- proto_docs/google/protobuf/any.rb
|
231
|
+
- proto_docs/google/protobuf/empty.rb
|
232
|
+
- proto_docs/google/protobuf/field_mask.rb
|
224
233
|
- proto_docs/google/protobuf/timestamp.rb
|
234
|
+
- proto_docs/google/rpc/status.rb
|
225
235
|
- proto_docs/google/type/expr.rb
|
236
|
+
- proto_docs/grafeas/v1/attestation.rb
|
237
|
+
- proto_docs/grafeas/v1/build.rb
|
226
238
|
- proto_docs/grafeas/v1/common.rb
|
239
|
+
- proto_docs/grafeas/v1/compliance.rb
|
227
240
|
- proto_docs/grafeas/v1/cvss.rb
|
241
|
+
- proto_docs/grafeas/v1/deployment.rb
|
242
|
+
- proto_docs/grafeas/v1/discovery.rb
|
243
|
+
- proto_docs/grafeas/v1/dsse_attestation.rb
|
244
|
+
- proto_docs/grafeas/v1/grafeas.rb
|
245
|
+
- proto_docs/grafeas/v1/image.rb
|
246
|
+
- proto_docs/grafeas/v1/intoto_provenance.rb
|
247
|
+
- proto_docs/grafeas/v1/intoto_statement.rb
|
228
248
|
- proto_docs/grafeas/v1/package.rb
|
249
|
+
- proto_docs/grafeas/v1/provenance.rb
|
250
|
+
- proto_docs/grafeas/v1/severity.rb
|
251
|
+
- proto_docs/grafeas/v1/slsa_provenance.rb
|
252
|
+
- proto_docs/grafeas/v1/upgrade.rb
|
229
253
|
- proto_docs/grafeas/v1/vulnerability.rb
|
230
254
|
homepage: https://github.com/googleapis/google-cloud-ruby
|
231
255
|
licenses:
|
@@ -246,7 +270,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
246
270
|
- !ruby/object:Gem::Version
|
247
271
|
version: '0'
|
248
272
|
requirements: []
|
249
|
-
rubygems_version: 3.
|
273
|
+
rubygems_version: 3.3.5
|
250
274
|
signing_key:
|
251
275
|
specification_version: 4
|
252
276
|
summary: API Client library for the Container Analysis V1 API
|