google-cloud-container_analysis-v1 0.4.3 → 0.4.7

data/proto_docs/grafeas/v1/upgrade.rb

@@ -0,0 +1,148 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # An Upgrade Note represents a potential upgrade of a package to a given
+    # version. For each package version combination (i.e. bash 4.0, bash 4.1,
+    # bash 4.1.2), there will be an Upgrade Note. For Windows, windows_update field
+    # represents the information related to the update.
+    # @!attribute [rw] package
+    #   @return [::String]
+    #     Required for non-Windows OS. The package this Upgrade is for.
+    # @!attribute [rw] version
+    #   @return [::Grafeas::V1::Version]
+    #     Required for non-Windows OS. The version of the package in machine + human
+    #     readable form.
+    # @!attribute [rw] distributions
+    #   @return [::Array<::Grafeas::V1::UpgradeDistribution>]
+    #     Metadata about the upgrade for each specific operating system.
+    # @!attribute [rw] windows_update
+    #   @return [::Grafeas::V1::WindowsUpdate]
+    #     Required for Windows OS. Represents the metadata about the Windows update.
+    class UpgradeNote
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # The Upgrade Distribution represents metadata about the Upgrade for each
+    # operating system (CPE). Some distributions have additional metadata around
+    # updates, classifying them into various categories and severities.
+    # @!attribute [rw] cpe_uri
+    #   @return [::String]
+    #     Required - The specific operating system this metadata applies to. See
+    #     https://cpe.mitre.org/specification/.
+    # @!attribute [rw] classification
+    #   @return [::String]
+    #     The operating system classification of this Upgrade, as specified by the
+    #     upstream operating system upgrade feed. For Windows the classification is
+    #     one of the category_ids listed at
+    #     https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
+    # @!attribute [rw] severity
+    #   @return [::String]
+    #     The severity as specified by the upstream operating system.
+    # @!attribute [rw] cve
+    #   @return [::Array<::String>]
+    #     The cve tied to this Upgrade.
+    class UpgradeDistribution
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Windows Update represents the metadata about the update for the Windows
+    # operating system. The fields in this message come from the Windows Update API
+    # documented at
+    # https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdate.
+    # @!attribute [rw] identity
+    #   @return [::Grafeas::V1::WindowsUpdate::Identity]
+    #     Required - The unique identifier for the update.
+    # @!attribute [rw] title
+    #   @return [::String]
+    #     The localized title of the update.
+    # @!attribute [rw] description
+    #   @return [::String]
+    #     The localized description of the update.
+    # @!attribute [rw] categories
+    #   @return [::Array<::Grafeas::V1::WindowsUpdate::Category>]
+    #     The list of categories to which the update belongs.
+    # @!attribute [rw] kb_article_ids
+    #   @return [::Array<::String>]
+    #     The Microsoft Knowledge Base article IDs that are associated with the
+    #     update.
+    # @!attribute [rw] support_url
+    #   @return [::String]
+    #     The hyperlink to the support information for the update.
+    # @!attribute [rw] last_published_timestamp
+    #   @return [::Google::Protobuf::Timestamp]
+    #     The last published timestamp of the update.
+    class WindowsUpdate
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # The unique identifier of the update.
+      # @!attribute [rw] update_id
+      #   @return [::String]
+      #     The revision independent identifier of the update.
+      # @!attribute [rw] revision
+      #   @return [::Integer]
+      #     The revision number of the update.
+      class Identity
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # The category to which the update belongs.
+      # @!attribute [rw] category_id
+      #   @return [::String]
+      #     The identifier of the category.
+      # @!attribute [rw] name
+      #   @return [::String]
+      #     The localized name of the category.
+      class Category
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+
+    # An Upgrade Occurrence represents that a specific resource_url could install a
+    # specific upgrade. This presence is supplied via local sources (i.e. it is
+    # present in the mirror and the running system has noticed its availability).
+    # For Windows, both distribution and windows_update contain information for the
+    # Windows update.
+    # @!attribute [rw] package
+    #   @return [::String]
+    #     Required for non-Windows OS. The package this Upgrade is for.
+    # @!attribute [rw] parsed_version
+    #   @return [::Grafeas::V1::Version]
+    #     Required for non-Windows OS. The version of the package in a machine +
+    #     human readable form.
+    # @!attribute [rw] distribution
+    #   @return [::Grafeas::V1::UpgradeDistribution]
+    #     Metadata about the upgrade for available for the specific operating system
+    #     for the resource_url. This allows efficient filtering, as well as
+    #     making it easier to use the occurrence.
+    # @!attribute [rw] windows_update
+    #   @return [::Grafeas::V1::WindowsUpdate]
+    #     Required for Windows OS. Represents the metadata about the Windows update.
+    class UpgradeOccurrence
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/grafeas/v1/vulnerability.rb

@@ -109,6 +109,12 @@ module Grafeas
       #     The time this information was last changed at the source. This is an
       #     upstream timestamp from the underlying information source - e.g. Ubuntu
       #     security tracker.
+      # @!attribute [rw] source
+      #   @return [::String]
+      #     The source from which the information in this Detail was obtained.
+      # @!attribute [rw] vendor
+      #   @return [::String]
+      #     The name of the vendor of the product.
       class Detail
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -161,6 +167,9 @@ module Grafeas
     #     Output only. The CVSS score of this vulnerability. CVSS score is on a
     #     scale of 0 - 10 where 0 indicates low severity and 10 indicates high
     #     severity.
+    # @!attribute [rw] cvssv3
+    #   @return [::Grafeas::V1::CVSS]
+    #     The cvss v3 score for the vulnerability.
     # @!attribute [rw] package_issue
     #   @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
     #     Required. The set of affected locations and their fixes (if available)
@@ -178,6 +187,14 @@ module Grafeas
     #   @return [::Grafeas::V1::Severity]
     #     The distro assigned severity for this vulnerability when it is available,
     #     otherwise this is the note provider assigned severity.
+    #
+    #     When there are multiple PackageIssues for this vulnerability, they can have
+    #     different effective severities because some might be provided by the distro
+    #     while others are provided by the language ecosystem for a language pack.
+    #     For this reason, it is advised to use the effective severity on the
+    #     PackageIssue level. In the case where multiple PackageIssues have differing
+    #     effective severities, this field should be the highest severity for any of
+    #     the PackageIssues.
     # @!attribute [rw] fix_available
     #   @return [::Boolean]
     #     Output only. Whether at least one of the affected packages has a fix
@@ -215,31 +232,18 @@ module Grafeas
       # @!attribute [rw] fix_available
       #   @return [::Boolean]
       #     Output only. Whether a fix is available for this package.
+      # @!attribute [rw] package_type
+      #   @return [::String]
+      #     The type of package (e.g. OS, MAVEN, GO).
+      # @!attribute [r] effective_severity
+      #   @return [::Grafeas::V1::Severity]
+      #     The distro or language system assigned severity for this vulnerability
+      #     when that is available and note provider assigned severity when it is not
+      #     available.
       class PackageIssue
         include ::Google::Protobuf::MessageExts
         extend ::Google::Protobuf::MessageExts::ClassMethods
       end
     end
-
-    # Note provider assigned severity/impact ranking.
-    module Severity
-      # Unknown.
-      SEVERITY_UNSPECIFIED = 0
-
-      # Minimal severity.
-      MINIMAL = 1
-
-      # Low severity.
-      LOW = 2
-
-      # Medium severity.
-      MEDIUM = 3
-
-      # High severity.
-      HIGH = 4
-
-      # Critical severity.
-      CRITICAL = 5
-    end
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-container_analysis-v1
 version: !ruby/object:Gem::Version
-  version: 0.4.3
+  version: 0.4.7
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-08-11 00:00:00.000000000 Z
+date: 2022-02-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -48,16 +48,22 @@ dependencies:
   name: grafeas-v1
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.0'
+        version: '0.4'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 2.a
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.0'
+        version: '0.4'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: 2.a
 - !ruby/object:Gem::Dependency
   name: grpc-google-iam-v1
   requirement: !ruby/object:Gem::Requirement
@@ -221,11 +227,29 @@ files:
 - proto_docs/google/iam/v1/iam_policy.rb
 - proto_docs/google/iam/v1/options.rb
 - proto_docs/google/iam/v1/policy.rb
+- proto_docs/google/protobuf/any.rb
+- proto_docs/google/protobuf/empty.rb
+- proto_docs/google/protobuf/field_mask.rb
 - proto_docs/google/protobuf/timestamp.rb
+- proto_docs/google/rpc/status.rb
 - proto_docs/google/type/expr.rb
+- proto_docs/grafeas/v1/attestation.rb
+- proto_docs/grafeas/v1/build.rb
 - proto_docs/grafeas/v1/common.rb
+- proto_docs/grafeas/v1/compliance.rb
 - proto_docs/grafeas/v1/cvss.rb
+- proto_docs/grafeas/v1/deployment.rb
+- proto_docs/grafeas/v1/discovery.rb
+- proto_docs/grafeas/v1/dsse_attestation.rb
+- proto_docs/grafeas/v1/grafeas.rb
+- proto_docs/grafeas/v1/image.rb
+- proto_docs/grafeas/v1/intoto_provenance.rb
+- proto_docs/grafeas/v1/intoto_statement.rb
 - proto_docs/grafeas/v1/package.rb
+- proto_docs/grafeas/v1/provenance.rb
+- proto_docs/grafeas/v1/severity.rb
+- proto_docs/grafeas/v1/slsa_provenance.rb
+- proto_docs/grafeas/v1/upgrade.rb
 - proto_docs/grafeas/v1/vulnerability.rb
 homepage: https://github.com/googleapis/google-cloud-ruby
 licenses:
@@ -246,7 +270,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.17
+rubygems_version: 3.3.5
 signing_key: 
 specification_version: 4
 summary: API Client library for the Container Analysis V1 API