google-cloud-container_analysis-v1 0.4.7 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,148 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # Copyright 2022 Google LLC
4
- #
5
- # Licensed under the Apache License, Version 2.0 (the "License");
6
- # you may not use this file except in compliance with the License.
7
- # You may obtain a copy of the License at
8
- #
9
- # https://www.apache.org/licenses/LICENSE-2.0
10
- #
11
- # Unless required by applicable law or agreed to in writing, software
12
- # distributed under the License is distributed on an "AS IS" BASIS,
13
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
- # See the License for the specific language governing permissions and
15
- # limitations under the License.
16
-
17
- # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
-
19
-
20
- module Grafeas
21
- module V1
22
- # An Upgrade Note represents a potential upgrade of a package to a given
23
- # version. For each package version combination (i.e. bash 4.0, bash 4.1,
24
- # bash 4.1.2), there will be an Upgrade Note. For Windows, windows_update field
25
- # represents the information related to the update.
26
- # @!attribute [rw] package
27
- # @return [::String]
28
- # Required for non-Windows OS. The package this Upgrade is for.
29
- # @!attribute [rw] version
30
- # @return [::Grafeas::V1::Version]
31
- # Required for non-Windows OS. The version of the package in machine + human
32
- # readable form.
33
- # @!attribute [rw] distributions
34
- # @return [::Array<::Grafeas::V1::UpgradeDistribution>]
35
- # Metadata about the upgrade for each specific operating system.
36
- # @!attribute [rw] windows_update
37
- # @return [::Grafeas::V1::WindowsUpdate]
38
- # Required for Windows OS. Represents the metadata about the Windows update.
39
- class UpgradeNote
40
- include ::Google::Protobuf::MessageExts
41
- extend ::Google::Protobuf::MessageExts::ClassMethods
42
- end
43
-
44
- # The Upgrade Distribution represents metadata about the Upgrade for each
45
- # operating system (CPE). Some distributions have additional metadata around
46
- # updates, classifying them into various categories and severities.
47
- # @!attribute [rw] cpe_uri
48
- # @return [::String]
49
- # Required - The specific operating system this metadata applies to. See
50
- # https://cpe.mitre.org/specification/.
51
- # @!attribute [rw] classification
52
- # @return [::String]
53
- # The operating system classification of this Upgrade, as specified by the
54
- # upstream operating system upgrade feed. For Windows the classification is
55
- # one of the category_ids listed at
56
- # https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ff357803(v=vs.85)
57
- # @!attribute [rw] severity
58
- # @return [::String]
59
- # The severity as specified by the upstream operating system.
60
- # @!attribute [rw] cve
61
- # @return [::Array<::String>]
62
- # The cve tied to this Upgrade.
63
- class UpgradeDistribution
64
- include ::Google::Protobuf::MessageExts
65
- extend ::Google::Protobuf::MessageExts::ClassMethods
66
- end
67
-
68
- # Windows Update represents the metadata about the update for the Windows
69
- # operating system. The fields in this message come from the Windows Update API
70
- # documented at
71
- # https://docs.microsoft.com/en-us/windows/win32/api/wuapi/nn-wuapi-iupdate.
72
- # @!attribute [rw] identity
73
- # @return [::Grafeas::V1::WindowsUpdate::Identity]
74
- # Required - The unique identifier for the update.
75
- # @!attribute [rw] title
76
- # @return [::String]
77
- # The localized title of the update.
78
- # @!attribute [rw] description
79
- # @return [::String]
80
- # The localized description of the update.
81
- # @!attribute [rw] categories
82
- # @return [::Array<::Grafeas::V1::WindowsUpdate::Category>]
83
- # The list of categories to which the update belongs.
84
- # @!attribute [rw] kb_article_ids
85
- # @return [::Array<::String>]
86
- # The Microsoft Knowledge Base article IDs that are associated with the
87
- # update.
88
- # @!attribute [rw] support_url
89
- # @return [::String]
90
- # The hyperlink to the support information for the update.
91
- # @!attribute [rw] last_published_timestamp
92
- # @return [::Google::Protobuf::Timestamp]
93
- # The last published timestamp of the update.
94
- class WindowsUpdate
95
- include ::Google::Protobuf::MessageExts
96
- extend ::Google::Protobuf::MessageExts::ClassMethods
97
-
98
- # The unique identifier of the update.
99
- # @!attribute [rw] update_id
100
- # @return [::String]
101
- # The revision independent identifier of the update.
102
- # @!attribute [rw] revision
103
- # @return [::Integer]
104
- # The revision number of the update.
105
- class Identity
106
- include ::Google::Protobuf::MessageExts
107
- extend ::Google::Protobuf::MessageExts::ClassMethods
108
- end
109
-
110
- # The category to which the update belongs.
111
- # @!attribute [rw] category_id
112
- # @return [::String]
113
- # The identifier of the category.
114
- # @!attribute [rw] name
115
- # @return [::String]
116
- # The localized name of the category.
117
- class Category
118
- include ::Google::Protobuf::MessageExts
119
- extend ::Google::Protobuf::MessageExts::ClassMethods
120
- end
121
- end
122
-
123
- # An Upgrade Occurrence represents that a specific resource_url could install a
124
- # specific upgrade. This presence is supplied via local sources (i.e. it is
125
- # present in the mirror and the running system has noticed its availability).
126
- # For Windows, both distribution and windows_update contain information for the
127
- # Windows update.
128
- # @!attribute [rw] package
129
- # @return [::String]
130
- # Required for non-Windows OS. The package this Upgrade is for.
131
- # @!attribute [rw] parsed_version
132
- # @return [::Grafeas::V1::Version]
133
- # Required for non-Windows OS. The version of the package in a machine +
134
- # human readable form.
135
- # @!attribute [rw] distribution
136
- # @return [::Grafeas::V1::UpgradeDistribution]
137
- # Metadata about the upgrade for available for the specific operating system
138
- # for the resource_url. This allows efficient filtering, as well as
139
- # making it easier to use the occurrence.
140
- # @!attribute [rw] windows_update
141
- # @return [::Grafeas::V1::WindowsUpdate]
142
- # Required for Windows OS. Represents the metadata about the Windows update.
143
- class UpgradeOccurrence
144
- include ::Google::Protobuf::MessageExts
145
- extend ::Google::Protobuf::MessageExts::ClassMethods
146
- end
147
- end
148
- end
@@ -1,249 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- # Copyright 2020 Google LLC
4
- #
5
- # Licensed under the Apache License, Version 2.0 (the "License");
6
- # you may not use this file except in compliance with the License.
7
- # You may obtain a copy of the License at
8
- #
9
- # https://www.apache.org/licenses/LICENSE-2.0
10
- #
11
- # Unless required by applicable law or agreed to in writing, software
12
- # distributed under the License is distributed on an "AS IS" BASIS,
13
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
- # See the License for the specific language governing permissions and
15
- # limitations under the License.
16
-
17
- # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
-
19
-
20
- module Grafeas
21
- module V1
22
- # A security vulnerability that can be found in resources.
23
- # @!attribute [rw] cvss_score
24
- # @return [::Float]
25
- # The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10
26
- # where 0 indicates low severity and 10 indicates high severity.
27
- # @!attribute [rw] severity
28
- # @return [::Grafeas::V1::Severity]
29
- # The note provider assigned severity of this vulnerability.
30
- # @!attribute [rw] details
31
- # @return [::Array<::Grafeas::V1::VulnerabilityNote::Detail>]
32
- # Details of all known distros and packages affected by this vulnerability.
33
- # @!attribute [rw] cvss_v3
34
- # @return [::Grafeas::V1::CVSSv3]
35
- # The full description of the CVSSv3 for this vulnerability.
36
- # @!attribute [rw] windows_details
37
- # @return [::Array<::Grafeas::V1::VulnerabilityNote::WindowsDetail>]
38
- # Windows details get their own format because the information format and
39
- # model don't match a normal detail. Specifically Windows updates are done as
40
- # patches, thus Windows vulnerabilities really are a missing package, rather
41
- # than a package being at an incorrect version.
42
- # @!attribute [rw] source_update_time
43
- # @return [::Google::Protobuf::Timestamp]
44
- # The time this information was last changed at the source. This is an
45
- # upstream timestamp from the underlying information source - e.g. Ubuntu
46
- # security tracker.
47
- class VulnerabilityNote
48
- include ::Google::Protobuf::MessageExts
49
- extend ::Google::Protobuf::MessageExts::ClassMethods
50
-
51
- # A detail for a distro and package affected by this vulnerability and its
52
- # associated fix (if one is available).
53
- # @!attribute [rw] severity_name
54
- # @return [::String]
55
- # The distro assigned severity of this vulnerability.
56
- # @!attribute [rw] description
57
- # @return [::String]
58
- # A vendor-specific description of this vulnerability.
59
- # @!attribute [rw] package_type
60
- # @return [::String]
61
- # The type of package; whether native or non native (e.g., ruby gems,
62
- # node.js packages, etc.).
63
- # @!attribute [rw] affected_cpe_uri
64
- # @return [::String]
65
- # Required. The [CPE URI](https://cpe.mitre.org/specification/) this
66
- # vulnerability affects.
67
- # @!attribute [rw] affected_package
68
- # @return [::String]
69
- # Required. The package this vulnerability affects.
70
- # @!attribute [rw] affected_version_start
71
- # @return [::Grafeas::V1::Version]
72
- # The version number at the start of an interval in which this
73
- # vulnerability exists. A vulnerability can affect a package between
74
- # version numbers that are disjoint sets of intervals (example:
75
- # [1.0.0-1.1.0], [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be
76
- # represented in its own Detail. If a specific affected version is provided
77
- # by a vulnerability database, affected_version_start and
78
- # affected_version_end will be the same in that Detail.
79
- # @!attribute [rw] affected_version_end
80
- # @return [::Grafeas::V1::Version]
81
- # The version number at the end of an interval in which this vulnerability
82
- # exists. A vulnerability can affect a package between version numbers
83
- # that are disjoint sets of intervals (example: [1.0.0-1.1.0],
84
- # [2.4.6-2.4.8] and [4.5.6-4.6.8]) each of which will be represented in its
85
- # own Detail. If a specific affected version is provided by a vulnerability
86
- # database, affected_version_start and affected_version_end will be the
87
- # same in that Detail.
88
- # @!attribute [rw] fixed_cpe_uri
89
- # @return [::String]
90
- # The distro recommended [CPE URI](https://cpe.mitre.org/specification/)
91
- # to update to that contains a fix for this vulnerability. It is possible
92
- # for this to be different from the affected_cpe_uri.
93
- # @!attribute [rw] fixed_package
94
- # @return [::String]
95
- # The distro recommended package to update to that contains a fix for this
96
- # vulnerability. It is possible for this to be different from the
97
- # affected_package.
98
- # @!attribute [rw] fixed_version
99
- # @return [::Grafeas::V1::Version]
100
- # The distro recommended version to update to that contains a
101
- # fix for this vulnerability. Setting this to VersionKind.MAXIMUM means no
102
- # such version is yet available.
103
- # @!attribute [rw] is_obsolete
104
- # @return [::Boolean]
105
- # Whether this detail is obsolete. Occurrences are expected not to point to
106
- # obsolete details.
107
- # @!attribute [rw] source_update_time
108
- # @return [::Google::Protobuf::Timestamp]
109
- # The time this information was last changed at the source. This is an
110
- # upstream timestamp from the underlying information source - e.g. Ubuntu
111
- # security tracker.
112
- # @!attribute [rw] source
113
- # @return [::String]
114
- # The source from which the information in this Detail was obtained.
115
- # @!attribute [rw] vendor
116
- # @return [::String]
117
- # The name of the vendor of the product.
118
- class Detail
119
- include ::Google::Protobuf::MessageExts
120
- extend ::Google::Protobuf::MessageExts::ClassMethods
121
- end
122
-
123
- # @!attribute [rw] cpe_uri
124
- # @return [::String]
125
- # Required. The [CPE URI](https://cpe.mitre.org/specification/) this
126
- # vulnerability affects.
127
- # @!attribute [rw] name
128
- # @return [::String]
129
- # Required. The name of this vulnerability.
130
- # @!attribute [rw] description
131
- # @return [::String]
132
- # The description of this vulnerability.
133
- # @!attribute [rw] fixing_kbs
134
- # @return [::Array<::Grafeas::V1::VulnerabilityNote::WindowsDetail::KnowledgeBase>]
135
- # Required. The names of the KBs which have hotfixes to mitigate this
136
- # vulnerability. Note that there may be multiple hotfixes (and thus
137
- # multiple KBs) that mitigate a given vulnerability. Currently any listed
138
- # KBs presence is considered a fix.
139
- class WindowsDetail
140
- include ::Google::Protobuf::MessageExts
141
- extend ::Google::Protobuf::MessageExts::ClassMethods
142
-
143
- # @!attribute [rw] name
144
- # @return [::String]
145
- # The KB name (generally of the form KB[0-9]+ (e.g., KB123456)).
146
- # @!attribute [rw] url
147
- # @return [::String]
148
- # A link to the KB in the [Windows update catalog]
149
- # (https://www.catalog.update.microsoft.com/).
150
- class KnowledgeBase
151
- include ::Google::Protobuf::MessageExts
152
- extend ::Google::Protobuf::MessageExts::ClassMethods
153
- end
154
- end
155
- end
156
-
157
- # An occurrence of a severity vulnerability on a resource.
158
- # @!attribute [rw] type
159
- # @return [::String]
160
- # The type of package; whether native or non native (e.g., ruby gems, node.js
161
- # packages, etc.).
162
- # @!attribute [rw] severity
163
- # @return [::Grafeas::V1::Severity]
164
- # Output only. The note provider assigned severity of this vulnerability.
165
- # @!attribute [rw] cvss_score
166
- # @return [::Float]
167
- # Output only. The CVSS score of this vulnerability. CVSS score is on a
168
- # scale of 0 - 10 where 0 indicates low severity and 10 indicates high
169
- # severity.
170
- # @!attribute [rw] cvssv3
171
- # @return [::Grafeas::V1::CVSS]
172
- # The cvss v3 score for the vulnerability.
173
- # @!attribute [rw] package_issue
174
- # @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
175
- # Required. The set of affected locations and their fixes (if available)
176
- # within the associated resource.
177
- # @!attribute [rw] short_description
178
- # @return [::String]
179
- # Output only. A one sentence description of this vulnerability.
180
- # @!attribute [rw] long_description
181
- # @return [::String]
182
- # Output only. A detailed description of this vulnerability.
183
- # @!attribute [rw] related_urls
184
- # @return [::Array<::Grafeas::V1::RelatedUrl>]
185
- # Output only. URLs related to this vulnerability.
186
- # @!attribute [rw] effective_severity
187
- # @return [::Grafeas::V1::Severity]
188
- # The distro assigned severity for this vulnerability when it is available,
189
- # otherwise this is the note provider assigned severity.
190
- #
191
- # When there are multiple PackageIssues for this vulnerability, they can have
192
- # different effective severities because some might be provided by the distro
193
- # while others are provided by the language ecosystem for a language pack.
194
- # For this reason, it is advised to use the effective severity on the
195
- # PackageIssue level. In the case where multiple PackageIssues have differing
196
- # effective severities, this field should be the highest severity for any of
197
- # the PackageIssues.
198
- # @!attribute [rw] fix_available
199
- # @return [::Boolean]
200
- # Output only. Whether at least one of the affected packages has a fix
201
- # available.
202
- class VulnerabilityOccurrence
203
- include ::Google::Protobuf::MessageExts
204
- extend ::Google::Protobuf::MessageExts::ClassMethods
205
-
206
- # A detail for a distro and package this vulnerability occurrence was found
207
- # in and its associated fix (if one is available).
208
- # @!attribute [rw] affected_cpe_uri
209
- # @return [::String]
210
- # Required. The [CPE URI](https://cpe.mitre.org/specification/) this
211
- # vulnerability was found in.
212
- # @!attribute [rw] affected_package
213
- # @return [::String]
214
- # Required. The package this vulnerability was found in.
215
- # @!attribute [rw] affected_version
216
- # @return [::Grafeas::V1::Version]
217
- # Required. The version of the package that is installed on the resource
218
- # affected by this vulnerability.
219
- # @!attribute [rw] fixed_cpe_uri
220
- # @return [::String]
221
- # The [CPE URI](https://cpe.mitre.org/specification/) this vulnerability
222
- # was fixed in. It is possible for this to be different from the
223
- # affected_cpe_uri.
224
- # @!attribute [rw] fixed_package
225
- # @return [::String]
226
- # The package this vulnerability was fixed in. It is possible for this to
227
- # be different from the affected_package.
228
- # @!attribute [rw] fixed_version
229
- # @return [::Grafeas::V1::Version]
230
- # Required. The version of the package this vulnerability was fixed in.
231
- # Setting this to VersionKind.MAXIMUM means no fix is yet available.
232
- # @!attribute [rw] fix_available
233
- # @return [::Boolean]
234
- # Output only. Whether a fix is available for this package.
235
- # @!attribute [rw] package_type
236
- # @return [::String]
237
- # The type of package (e.g. OS, MAVEN, GO).
238
- # @!attribute [r] effective_severity
239
- # @return [::Grafeas::V1::Severity]
240
- # The distro or language system assigned severity for this vulnerability
241
- # when that is available and note provider assigned severity when it is not
242
- # available.
243
- class PackageIssue
244
- include ::Google::Protobuf::MessageExts
245
- extend ::Google::Protobuf::MessageExts::ClassMethods
246
- end
247
- end
248
- end
249
- end