grafeas-v1 0.14.2 → 0.16.0

data/proto_docs/grafeas/v1/sbom.rb

@@ -0,0 +1,105 @@
+# frozen_string_literal: true
+
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # The note representing an SBOM reference.
+    # @!attribute [rw] format
+    #   @return [::String]
+    #     The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
+    # @!attribute [rw] version
+    #   @return [::String]
+    #     The version of the format that the SBOM takes. E.g. if the format
+    #     is spdx, the version may be 2.3.
+    class SBOMReferenceNote
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # The occurrence representing an SBOM reference as applied to a specific
+    # resource. The occurrence follows the DSSE specification. See
+    # https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for more
+    # details.
+    # @!attribute [rw] payload
+    #   @return [::Grafeas::V1::SbomReferenceIntotoPayload]
+    #     The actual payload that contains the SBOM reference data.
+    # @!attribute [rw] payload_type
+    #   @return [::String]
+    #     The kind of payload that SbomReferenceIntotoPayload takes. Since it's in
+    #     the intoto format, this value is expected to be
+    #     'application/vnd.in-toto+json'.
+    # @!attribute [rw] signatures
+    #   @return [::Array<::Grafeas::V1::EnvelopeSignature>]
+    #     The signatures over the payload.
+    class SBOMReferenceOccurrence
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # The actual payload that contains the SBOM Reference data.
+    # The payload follows the intoto statement specification. See
+    # https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md
+    # for more details.
+    # @!attribute [rw] type
+    #   @return [::String]
+    #     Identifier for the schema of the Statement.
+    # @!attribute [rw] predicate_type
+    #   @return [::String]
+    #     URI identifying the type of the Predicate.
+    # @!attribute [rw] subject
+    #   @return [::Array<::Grafeas::V1::Subject>]
+    #     Set of software artifacts that the attestation applies to. Each element
+    #     represents a single software artifact.
+    # @!attribute [rw] predicate
+    #   @return [::Grafeas::V1::SbomReferenceIntotoPredicate]
+    #     Additional parameters of the Predicate. Includes the actual data about the
+    #     SBOM.
+    class SbomReferenceIntotoPayload
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # A predicate which describes the SBOM being referenced.
+    # @!attribute [rw] referrer_id
+    #   @return [::String]
+    #     The person or system referring this predicate to the consumer.
+    # @!attribute [rw] location
+    #   @return [::String]
+    #     The location of the SBOM.
+    # @!attribute [rw] mime_type
+    #   @return [::String]
+    #     The mime type of the SBOM.
+    # @!attribute [rw] digest
+    #   @return [::Google::Protobuf::Map{::String => ::String}]
+    #     A map of algorithm to digest of the contents of the SBOM.
+    class SbomReferenceIntotoPredicate
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # @!attribute [rw] key
+      #   @return [::String]
+      # @!attribute [rw] value
+      #   @return [::String]
+      class DigestEntry
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+  end
+end

data/proto_docs/grafeas/v1/vex.rb

@@ -95,9 +95,15 @@ module Grafeas
       # Assessment provides all information that is related to a single
       # vulnerability for this product.
       # @!attribute [rw] cve
+      #   @deprecated This field is deprecated and may be removed in the next major version update.
       #   @return [::String]
       #     Holds the MITRE standard Common Vulnerabilities and Exposures (CVE)
       #     tracking number for the vulnerability.
+      #     Deprecated: Use vulnerability_id instead to denote CVEs.
+      # @!attribute [rw] vulnerability_id
+      #   @return [::String]
+      #     The vulnerability identifier for this Assessment. Will hold one of
+      #     common identifiers e.g. CVE, GHSA etc.
       # @!attribute [rw] short_description
       #   @return [::String]
       #     A one sentence description of this Vex.

data/proto_docs/grafeas/v1/vulnerability.rb

@@ -213,6 +213,9 @@ module Grafeas
     #     The cvss v2 score for the vulnerability.
     # @!attribute [rw] vex_assessment
     #   @return [::Grafeas::V1::VulnerabilityOccurrence::VexAssessment]
+    # @!attribute [rw] extra_details
+    #   @return [::String]
+    #     Occurrence-specific extra details about the vulnerability.
     class VulnerabilityOccurrence
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -265,9 +268,15 @@ module Grafeas
       # VexAssessment provides all publisher provided Vex information that is
       # related to this vulnerability.
       # @!attribute [rw] cve
+      #   @deprecated This field is deprecated and may be removed in the next major version update.
       #   @return [::String]
       #     Holds the MITRE standard Common Vulnerabilities and Exposures (CVE)
       #     tracking number for the vulnerability.
+      #     Deprecated: Use vulnerability_id instead to denote CVEs.
+      # @!attribute [rw] vulnerability_id
+      #   @return [::String]
+      #     The vulnerability identifier for this Assessment. Will hold one of
+      #     common identifiers e.g. CVE, GHSA etc.
       # @!attribute [rw] related_uris
       #   @return [::Array<::Grafeas::V1::RelatedUrl>]
       #     Holds a list of references associated with this vulnerability item and

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: grafeas-v1
 version: !ruby/object:Gem::Version
-  version: 0.14.2
+  version: 0.16.0
 platform: ruby
 authors:
 - Google LLC
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-02-01 00:00:00.000000000 Z
+date: 2024-03-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: gapic-common
@@ -44,118 +44,6 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: google-style
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.26.3
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.26.3
-- !ruby/object:Gem::Dependency
-  name: minitest
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.16'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.16'
-- !ruby/object:Gem::Dependency
-  name: minitest-focus
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.1'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.1'
-- !ruby/object:Gem::Dependency
-  name: minitest-rg
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.2'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '5.2'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '13.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '13.0'
-- !ruby/object:Gem::Dependency
-  name: redcarpet
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.0'
-- !ruby/object:Gem::Dependency
-  name: simplecov
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.18'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.18'
-- !ruby/object:Gem::Dependency
-  name: yard
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.9'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.9'
 description: The Grafeas API stores, and enables querying and retrieval of, critical
   metadata about all of your software artifacts. Note that grafeas-v1 is a version-specific
   client library. For most uses, we recommend installing the main client library grafeas
@@ -181,6 +69,9 @@ files:
 - lib/grafeas/v1/grafeas.rb
 - lib/grafeas/v1/grafeas/client.rb
 - lib/grafeas/v1/grafeas/paths.rb
+- lib/grafeas/v1/grafeas/rest.rb
+- lib/grafeas/v1/grafeas/rest/client.rb
+- lib/grafeas/v1/grafeas/rest/service_stub.rb
 - lib/grafeas/v1/grafeas_pb.rb
 - lib/grafeas/v1/grafeas_services_pb.rb
 - lib/grafeas/v1/image_pb.rb
@@ -188,6 +79,8 @@ files:
 - lib/grafeas/v1/intoto_statement_pb.rb
 - lib/grafeas/v1/package_pb.rb
 - lib/grafeas/v1/provenance_pb.rb
+- lib/grafeas/v1/rest.rb
+- lib/grafeas/v1/sbom_pb.rb
 - lib/grafeas/v1/severity_pb.rb
 - lib/grafeas/v1/slsa_provenance_pb.rb
 - lib/grafeas/v1/slsa_provenance_zero_two_pb.rb
@@ -221,6 +114,7 @@ files:
 - proto_docs/grafeas/v1/intoto_statement.rb
 - proto_docs/grafeas/v1/package.rb
 - proto_docs/grafeas/v1/provenance.rb
+- proto_docs/grafeas/v1/sbom.rb
 - proto_docs/grafeas/v1/severity.rb
 - proto_docs/grafeas/v1/slsa_provenance.rb
 - proto_docs/grafeas/v1/slsa_provenance_zero_two.rb
@@ -239,14 +133,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.6'
+      version: '2.7'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.5.3
+rubygems_version: 3.5.6
 signing_key: 
 specification_version: 4
 summary: An implementation of the Grafeas API, which stores, and enables querying