google-cloud-container_analysis-v1 0.4.3 → 0.4.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (33) hide show
  1. checksums.yaml +4 -4
  2. data/.yardopts +1 -1
  3. data/AUTHENTICATION.md +7 -25
  4. data/README.md +1 -1
  5. data/lib/google/cloud/container_analysis/v1/container_analysis/client.rb +81 -13
  6. data/lib/google/cloud/container_analysis/v1/version.rb +1 -1
  7. data/lib/google/devtools/containeranalysis/v1/containeranalysis_pb.rb +5 -3
  8. data/lib/google/devtools/containeranalysis/v1/containeranalysis_services_pb.rb +1 -1
  9. data/proto_docs/google/api/resource.rb +10 -71
  10. data/proto_docs/google/devtools/containeranalysis/v1/containeranalysis.rb +1 -1
  11. data/proto_docs/google/protobuf/any.rb +141 -0
  12. data/proto_docs/google/protobuf/empty.rb +36 -0
  13. data/proto_docs/google/protobuf/field_mask.rb +229 -0
  14. data/proto_docs/google/rpc/status.rb +46 -0
  15. data/proto_docs/grafeas/v1/attestation.rb +98 -0
  16. data/proto_docs/grafeas/v1/build.rb +64 -0
  17. data/proto_docs/grafeas/v1/common.rb +31 -2
  18. data/proto_docs/grafeas/v1/compliance.rb +98 -0
  19. data/proto_docs/grafeas/v1/cvss.rb +105 -0
  20. data/proto_docs/grafeas/v1/deployment.rb +74 -0
  21. data/proto_docs/grafeas/v1/discovery.rb +95 -0
  22. data/proto_docs/grafeas/v1/dsse_attestation.rb +59 -0
  23. data/proto_docs/grafeas/v1/grafeas.rb +419 -0
  24. data/proto_docs/grafeas/v1/image.rb +95 -0
  25. data/proto_docs/grafeas/v1/intoto_provenance.rb +134 -0
  26. data/proto_docs/grafeas/v1/intoto_statement.rb +65 -0
  27. data/proto_docs/grafeas/v1/package.rb +8 -0
  28. data/proto_docs/grafeas/v1/provenance.rb +318 -0
  29. data/proto_docs/grafeas/v1/severity.rb +43 -0
  30. data/proto_docs/grafeas/v1/slsa_provenance.rb +152 -0
  31. data/proto_docs/grafeas/v1/upgrade.rb +148 -0
  32. data/proto_docs/grafeas/v1/vulnerability.rb +25 -21
  33. metadata +31 -7
@@ -0,0 +1,148 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Grafeas
21
+ module V1
22
+ # An Upgrade Note represents a potential upgrade of a package to a given
23
+ # version. For each package version combination (i.e. bash 4.0, bash 4.1,
24
+ # bash 4.1.2), there will be an Upgrade Note. For Windows, windows_update field
25
+ # represents the information related to the update.
26
+ # @!attribute [rw] package
27
+ # @return [::String]
28
+ # Required for non-Windows OS. The package this Upgrade is for.
29
+ # @!attribute [rw] version
30
+ # @return [::Grafeas::V1::Version]
31
+ # Required for non-Windows OS. The version of the package in machine + human
32
+ # readable form.
33
+ # @!attribute [rw] distributions
34
+ # @return [::Array<::Grafeas::V1::UpgradeDistribution>]
35
+ # Metadata about the upgrade for each specific operating system.
36
+ # @!attribute [rw] windows_update
37
+ # @return [::Grafeas::V1::WindowsUpdate]
38
+ # Required for Windows OS. Represents the metadata about the Windows update.
39
+ class UpgradeNote
40
+ include ::Google::Protobuf::MessageExts
41
+ extend ::Google::Protobuf::MessageExts::ClassMethods
42
+ end
43
+
44
+ # The Upgrade Distribution represents metadata about the Upgrade for each
45
+ # operating system (CPE). Some distributions have additional metadata around
46
+ # updates, classifying them into various categories and severities.
47
+ # @!attribute [rw] cpe_uri
48
+ # @return [::String]
49
+ # Required - The specific operating system this metadata applies to. See
50
+ # https://cpe.mitre.org/specification/.
51
+ # @!attribute [rw] classification
52
+ # @return [::String]
53
+ # The operating system classification of this Upgrade, as specified by the
54
+ # upstream operating system upgrade feed. For Windows the classification is
55
+ # one of the category_ids listed at
56
+ # https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
57
+ # @!attribute [rw] severity
58
+ # @return [::String]
59
+ # The severity as specified by the upstream operating system.
60
+ # @!attribute [rw] cve
61
+ # @return [::Array<::String>]
62
+ # The cve tied to this Upgrade.
63
+ class UpgradeDistribution
64
+ include ::Google::Protobuf::MessageExts
65
+ extend ::Google::Protobuf::MessageExts::ClassMethods
66
+ end
67
+
68
+ # Windows Update represents the metadata about the update for the Windows
69
+ # operating system. The fields in this message come from the Windows Update API
70
+ # documented at
71
+ # https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdate.
72
+ # @!attribute [rw] identity
73
+ # @return [::Grafeas::V1::WindowsUpdate::Identity]
74
+ # Required - The unique identifier for the update.
75
+ # @!attribute [rw] title
76
+ # @return [::String]
77
+ # The localized title of the update.
78
+ # @!attribute [rw] description
79
+ # @return [::String]
80
+ # The localized description of the update.
81
+ # @!attribute [rw] categories
82
+ # @return [::Array<::Grafeas::V1::WindowsUpdate::Category>]
83
+ # The list of categories to which the update belongs.
84
+ # @!attribute [rw] kb_article_ids
85
+ # @return [::Array<::String>]
86
+ # The Microsoft Knowledge Base article IDs that are associated with the
87
+ # update.
88
+ # @!attribute [rw] support_url
89
+ # @return [::String]
90
+ # The hyperlink to the support information for the update.
91
+ # @!attribute [rw] last_published_timestamp
92
+ # @return [::Google::Protobuf::Timestamp]
93
+ # The last published timestamp of the update.
94
+ class WindowsUpdate
95
+ include ::Google::Protobuf::MessageExts
96
+ extend ::Google::Protobuf::MessageExts::ClassMethods
97
+
98
+ # The unique identifier of the update.
99
+ # @!attribute [rw] update_id
100
+ # @return [::String]
101
+ # The revision independent identifier of the update.
102
+ # @!attribute [rw] revision
103
+ # @return [::Integer]
104
+ # The revision number of the update.
105
+ class Identity
106
+ include ::Google::Protobuf::MessageExts
107
+ extend ::Google::Protobuf::MessageExts::ClassMethods
108
+ end
109
+
110
+ # The category to which the update belongs.
111
+ # @!attribute [rw] category_id
112
+ # @return [::String]
113
+ # The identifier of the category.
114
+ # @!attribute [rw] name
115
+ # @return [::String]
116
+ # The localized name of the category.
117
+ class Category
118
+ include ::Google::Protobuf::MessageExts
119
+ extend ::Google::Protobuf::MessageExts::ClassMethods
120
+ end
121
+ end
122
+
123
+ # An Upgrade Occurrence represents that a specific resource_url could install a
124
+ # specific upgrade. This presence is supplied via local sources (i.e. it is
125
+ # present in the mirror and the running system has noticed its availability).
126
+ # For Windows, both distribution and windows_update contain information for the
127
+ # Windows update.
128
+ # @!attribute [rw] package
129
+ # @return [::String]
130
+ # Required for non-Windows OS. The package this Upgrade is for.
131
+ # @!attribute [rw] parsed_version
132
+ # @return [::Grafeas::V1::Version]
133
+ # Required for non-Windows OS. The version of the package in a machine +
134
+ # human readable form.
135
+ # @!attribute [rw] distribution
136
+ # @return [::Grafeas::V1::UpgradeDistribution]
137
+ # Metadata about the upgrade for available for the specific operating system
138
+ # for the resource_url. This allows efficient filtering, as well as
139
+ # making it easier to use the occurrence.
140
+ # @!attribute [rw] windows_update
141
+ # @return [::Grafeas::V1::WindowsUpdate]
142
+ # Required for Windows OS. Represents the metadata about the Windows update.
143
+ class UpgradeOccurrence
144
+ include ::Google::Protobuf::MessageExts
145
+ extend ::Google::Protobuf::MessageExts::ClassMethods
146
+ end
147
+ end
148
+ end
@@ -109,6 +109,12 @@ module Grafeas
109
109
  # The time this information was last changed at the source. This is an
110
110
  # upstream timestamp from the underlying information source - e.g. Ubuntu
111
111
  # security tracker.
112
+ # @!attribute [rw] source
113
+ # @return [::String]
114
+ # The source from which the information in this Detail was obtained.
115
+ # @!attribute [rw] vendor
116
+ # @return [::String]
117
+ # The name of the vendor of the product.
112
118
  class Detail
113
119
  include ::Google::Protobuf::MessageExts
114
120
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -161,6 +167,9 @@ module Grafeas
161
167
  # Output only. The CVSS score of this vulnerability. CVSS score is on a
162
168
  # scale of 0 - 10 where 0 indicates low severity and 10 indicates high
163
169
  # severity.
170
+ # @!attribute [rw] cvssv3
171
+ # @return [::Grafeas::V1::CVSS]
172
+ # The cvss v3 score for the vulnerability.
164
173
  # @!attribute [rw] package_issue
165
174
  # @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
166
175
  # Required. The set of affected locations and their fixes (if available)
@@ -178,6 +187,14 @@ module Grafeas
178
187
  # @return [::Grafeas::V1::Severity]
179
188
  # The distro assigned severity for this vulnerability when it is available,
180
189
  # otherwise this is the note provider assigned severity.
190
+ #
191
+ # When there are multiple PackageIssues for this vulnerability, they can have
192
+ # different effective severities because some might be provided by the distro
193
+ # while others are provided by the language ecosystem for a language pack.
194
+ # For this reason, it is advised to use the effective severity on the
195
+ # PackageIssue level. In the case where multiple PackageIssues have differing
196
+ # effective severities, this field should be the highest severity for any of
197
+ # the PackageIssues.
181
198
  # @!attribute [rw] fix_available
182
199
  # @return [::Boolean]
183
200
  # Output only. Whether at least one of the affected packages has a fix
@@ -215,31 +232,18 @@ module Grafeas
215
232
  # @!attribute [rw] fix_available
216
233
  # @return [::Boolean]
217
234
  # Output only. Whether a fix is available for this package.
235
+ # @!attribute [rw] package_type
236
+ # @return [::String]
237
+ # The type of package (e.g. OS, MAVEN, GO).
238
+ # @!attribute [r] effective_severity
239
+ # @return [::Grafeas::V1::Severity]
240
+ # The distro or language system assigned severity for this vulnerability
241
+ # when that is available and note provider assigned severity when it is not
242
+ # available.
218
243
  class PackageIssue
219
244
  include ::Google::Protobuf::MessageExts
220
245
  extend ::Google::Protobuf::MessageExts::ClassMethods
221
246
  end
222
247
  end
223
-
224
- # Note provider assigned severity/impact ranking.
225
- module Severity
226
- # Unknown.
227
- SEVERITY_UNSPECIFIED = 0
228
-
229
- # Minimal severity.
230
- MINIMAL = 1
231
-
232
- # Low severity.
233
- LOW = 2
234
-
235
- # Medium severity.
236
- MEDIUM = 3
237
-
238
- # High severity.
239
- HIGH = 4
240
-
241
- # Critical severity.
242
- CRITICAL = 5
243
- end
244
248
  end
245
249
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: google-cloud-container_analysis-v1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.4.3
4
+ version: 0.4.7
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-08-11 00:00:00.000000000 Z
11
+ date: 2022-02-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gapic-common
@@ -48,16 +48,22 @@ dependencies:
48
48
  name: grafeas-v1
49
49
  requirement: !ruby/object:Gem::Requirement
50
50
  requirements:
51
- - - "~>"
51
+ - - ">="
52
52
  - !ruby/object:Gem::Version
53
- version: '0.0'
53
+ version: '0.4'
54
+ - - "<"
55
+ - !ruby/object:Gem::Version
56
+ version: 2.a
54
57
  type: :runtime
55
58
  prerelease: false
56
59
  version_requirements: !ruby/object:Gem::Requirement
57
60
  requirements:
58
- - - "~>"
61
+ - - ">="
59
62
  - !ruby/object:Gem::Version
60
- version: '0.0'
63
+ version: '0.4'
64
+ - - "<"
65
+ - !ruby/object:Gem::Version
66
+ version: 2.a
61
67
  - !ruby/object:Gem::Dependency
62
68
  name: grpc-google-iam-v1
63
69
  requirement: !ruby/object:Gem::Requirement
@@ -221,11 +227,29 @@ files:
221
227
  - proto_docs/google/iam/v1/iam_policy.rb
222
228
  - proto_docs/google/iam/v1/options.rb
223
229
  - proto_docs/google/iam/v1/policy.rb
230
+ - proto_docs/google/protobuf/any.rb
231
+ - proto_docs/google/protobuf/empty.rb
232
+ - proto_docs/google/protobuf/field_mask.rb
224
233
  - proto_docs/google/protobuf/timestamp.rb
234
+ - proto_docs/google/rpc/status.rb
225
235
  - proto_docs/google/type/expr.rb
236
+ - proto_docs/grafeas/v1/attestation.rb
237
+ - proto_docs/grafeas/v1/build.rb
226
238
  - proto_docs/grafeas/v1/common.rb
239
+ - proto_docs/grafeas/v1/compliance.rb
227
240
  - proto_docs/grafeas/v1/cvss.rb
241
+ - proto_docs/grafeas/v1/deployment.rb
242
+ - proto_docs/grafeas/v1/discovery.rb
243
+ - proto_docs/grafeas/v1/dsse_attestation.rb
244
+ - proto_docs/grafeas/v1/grafeas.rb
245
+ - proto_docs/grafeas/v1/image.rb
246
+ - proto_docs/grafeas/v1/intoto_provenance.rb
247
+ - proto_docs/grafeas/v1/intoto_statement.rb
228
248
  - proto_docs/grafeas/v1/package.rb
249
+ - proto_docs/grafeas/v1/provenance.rb
250
+ - proto_docs/grafeas/v1/severity.rb
251
+ - proto_docs/grafeas/v1/slsa_provenance.rb
252
+ - proto_docs/grafeas/v1/upgrade.rb
229
253
  - proto_docs/grafeas/v1/vulnerability.rb
230
254
  homepage: https://github.com/googleapis/google-cloud-ruby
231
255
  licenses:
@@ -246,7 +270,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
246
270
  - !ruby/object:Gem::Version
247
271
  version: '0'
248
272
  requirements: []
249
- rubygems_version: 3.2.17
273
+ rubygems_version: 3.3.5
250
274
  signing_key:
251
275
  specification_version: 4
252
276
  summary: API Client library for the Container Analysis V1 API