grafeas-v1 0.2.1 → 0.4.0

data/proto_docs/grafeas/v1/cvss.rb

@@ -107,5 +107,110 @@ module Grafeas
         IMPACT_NONE = 3
       end
     end
+
+    # Common Vulnerability Scoring System.
+    # For details, see https://www.first.org/cvss/specification-document
+    # This is a message we will try to use for storing multiple versions of
+    # CVSS. The intention is that as new versions of CVSS scores get added, we
+    # will be able to modify this message rather than adding new protos for each
+    # new version of the score.
+    # @!attribute [rw] base_score
+    #   @return [::Float]
+    #     The base score is a function of the base metric scores.
+    # @!attribute [rw] exploitability_score
+    #   @return [::Float]
+    # @!attribute [rw] impact_score
+    #   @return [::Float]
+    # @!attribute [rw] attack_vector
+    #   @return [::Grafeas::V1::CVSS::AttackVector]
+    #     Base Metrics
+    #     Represents the intrinsic characteristics of a vulnerability that are
+    #     constant over time and across user environments.
+    # @!attribute [rw] attack_complexity
+    #   @return [::Grafeas::V1::CVSS::AttackComplexity]
+    # @!attribute [rw] authentication
+    #   @return [::Grafeas::V1::CVSS::Authentication]
+    # @!attribute [rw] privileges_required
+    #   @return [::Grafeas::V1::CVSS::PrivilegesRequired]
+    # @!attribute [rw] user_interaction
+    #   @return [::Grafeas::V1::CVSS::UserInteraction]
+    # @!attribute [rw] scope
+    #   @return [::Grafeas::V1::CVSS::Scope]
+    # @!attribute [rw] confidentiality_impact
+    #   @return [::Grafeas::V1::CVSS::Impact]
+    # @!attribute [rw] integrity_impact
+    #   @return [::Grafeas::V1::CVSS::Impact]
+    # @!attribute [rw] availability_impact
+    #   @return [::Grafeas::V1::CVSS::Impact]
+    class CVSS
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      module AttackVector
+        ATTACK_VECTOR_UNSPECIFIED = 0
+
+        ATTACK_VECTOR_NETWORK = 1
+
+        ATTACK_VECTOR_ADJACENT = 2
+
+        ATTACK_VECTOR_LOCAL = 3
+
+        ATTACK_VECTOR_PHYSICAL = 4
+      end
+
+      module AttackComplexity
+        ATTACK_COMPLEXITY_UNSPECIFIED = 0
+
+        ATTACK_COMPLEXITY_LOW = 1
+
+        ATTACK_COMPLEXITY_HIGH = 2
+      end
+
+      module Authentication
+        AUTHENTICATION_UNSPECIFIED = 0
+
+        AUTHENTICATION_MULTIPLE = 1
+
+        AUTHENTICATION_SINGLE = 2
+
+        AUTHENTICATION_NONE = 3
+      end
+
+      module PrivilegesRequired
+        PRIVILEGES_REQUIRED_UNSPECIFIED = 0
+
+        PRIVILEGES_REQUIRED_NONE = 1
+
+        PRIVILEGES_REQUIRED_LOW = 2
+
+        PRIVILEGES_REQUIRED_HIGH = 3
+      end
+
+      module UserInteraction
+        USER_INTERACTION_UNSPECIFIED = 0
+
+        USER_INTERACTION_NONE = 1
+
+        USER_INTERACTION_REQUIRED = 2
+      end
+
+      module Scope
+        SCOPE_UNSPECIFIED = 0
+
+        SCOPE_UNCHANGED = 1
+
+        SCOPE_CHANGED = 2
+      end
+
+      module Impact
+        IMPACT_UNSPECIFIED = 0
+
+        IMPACT_HIGH = 1
+
+        IMPACT_LOW = 2
+
+        IMPACT_NONE = 3
+      end
+    end
   end
 end

data/proto_docs/grafeas/v1/discovery.rb

@@ -49,6 +49,9 @@ module Grafeas
     # @!attribute [rw] last_scan_time
     #   @return [::Google::Protobuf::Timestamp]
     #     The last time this resource was scanned.
+    # @!attribute [r] archive_time
+    #   @return [::Google::Protobuf::Timestamp]
+    #     The time occurrences related to this discovery occurrence were archived.
     class DiscoveryOccurrence
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/grafeas/v1/dsse_attestation.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # @!attribute [rw] hint
+    #   @return [::Grafeas::V1::DSSEAttestationNote::DSSEHint]
+    #     DSSEHint hints at the purpose of the attestation authority.
+    class DSSEAttestationNote
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # This submessage provides human-readable hints about the purpose of the
+      # authority. Because the name of a note acts as its resource reference, it is
+      # important to disambiguate the canonical name of the Note (which might be a
+      # UUID for security purposes) from "readable" names more suitable for debug
+      # output. Note that these hints should not be used to look up authorities in
+      # security sensitive contexts, such as when looking up attestations to
+      # verify.
+      # @!attribute [rw] human_readable_name
+      #   @return [::String]
+      #     Required. The human readable name of this attestation authority, for
+      #     example "cloudbuild-prod".
+      class DSSEHint
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+
+    # Deprecated. Prefer to use a regular Occurrence, and populate the
+    # Envelope at the top level of the Occurrence.
+    # @!attribute [rw] envelope
+    #   @return [::Grafeas::V1::Envelope]
+    #     If doing something security critical, make sure to verify the signatures in
+    #     this metadata.
+    # @!attribute [rw] statement
+    #   @return [::Grafeas::V1::InTotoStatement]
+    class DSSEAttestationOccurrence
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/grafeas/v1/grafeas.rb

@@ -72,6 +72,15 @@ module Grafeas
     # @!attribute [rw] upgrade
     #   @return [::Grafeas::V1::UpgradeOccurrence]
     #     Describes an available package upgrade on the linked resource.
+    # @!attribute [rw] compliance
+    #   @return [::Grafeas::V1::ComplianceOccurrence]
+    #     Describes a compliance violation on a linked resource.
+    # @!attribute [rw] dsse_attestation
+    #   @return [::Grafeas::V1::DSSEAttestationOccurrence]
+    #     Describes an attestation of an artifact using dsse.
+    # @!attribute [rw] envelope
+    #   @return [::Grafeas::V1::Envelope]
+    #     https://github.com/secure-systems-lab/dsse
     class Occurrence
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -133,6 +142,12 @@ module Grafeas
     # @!attribute [rw] upgrade
     #   @return [::Grafeas::V1::UpgradeNote]
     #     A note describing available package upgrades.
+    # @!attribute [rw] compliance
+    #   @return [::Grafeas::V1::ComplianceNote]
+    #     A note describing a compliance check.
+    # @!attribute [rw] dsse_attestation
+    #   @return [::Grafeas::V1::DSSEAttestationNote]
+    #     A note describing a dsse attestation note.
     class Note
       include ::Google::Protobuf::MessageExts
       extend ::Google::Protobuf::MessageExts::ClassMethods

data/proto_docs/grafeas/v1/intoto_provenance.rb

@@ -0,0 +1,134 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # Steps taken to build the artifact.
+    # For a TaskRun, typically each container corresponds to one step in the
+    # recipe.
+    # @!attribute [rw] type
+    #   @return [::String]
+    #     URI indicating what type of recipe was performed. It determines the meaning
+    #     of recipe.entryPoint, recipe.arguments, recipe.environment, and materials.
+    # @!attribute [rw] defined_in_material
+    #   @return [::Integer]
+    #     Index in materials containing the recipe steps that are not implied by
+    #     recipe.type. For example, if the recipe type were "make", then this would
+    #     point to the source containing the Makefile, not the make program itself.
+    #     Set to -1 if the recipe doesn't come from a material, as zero is default
+    #     unset value for int64.
+    # @!attribute [rw] entry_point
+    #   @return [::String]
+    #     String identifying the entry point into the build.
+    #     This is often a path to a configuration file and/or a target label within
+    #     that file. The syntax and meaning are defined by recipe.type. For example,
+    #     if the recipe type were "make", then this would reference the directory in
+    #     which to run make as well as which target to use.
+    # @!attribute [rw] arguments
+    #   @return [::Array<::Google::Protobuf::Any>]
+    #     Collection of all external inputs that influenced the build on top of
+    #     recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe
+    #     type were "make", then this might be the flags passed to make aside from
+    #     the target, which is captured in recipe.entryPoint. Since the arguments
+    #     field can greatly vary in structure, depending on the builder and recipe
+    #     type, this is of form "Any".
+    # @!attribute [rw] environment
+    #   @return [::Array<::Google::Protobuf::Any>]
+    #     Any other builder-controlled inputs necessary for correctly evaluating the
+    #     recipe. Usually only needed for reproducing the build but not evaluated as
+    #     part of policy. Since the environment field can greatly vary in structure,
+    #     depending on the builder and recipe type, this is of form "Any".
+    class Recipe
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Indicates that the builder claims certain fields in this message to be
+    # complete.
+    # @!attribute [rw] arguments
+    #   @return [::Boolean]
+    #     If true, the builder claims that recipe.arguments is complete, meaning that
+    #     all external inputs are properly captured in the recipe.
+    # @!attribute [rw] environment
+    #   @return [::Boolean]
+    #     If true, the builder claims that recipe.environment is claimed to be
+    #     complete.
+    # @!attribute [rw] materials
+    #   @return [::Boolean]
+    #     If true, the builder claims that materials are complete, usually through
+    #     some controls to prevent network access. Sometimes called "hermetic".
+    class Completeness
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # Other properties of the build.
+    # @!attribute [rw] build_invocation_id
+    #   @return [::String]
+    #     Identifies the particular build invocation, which can be useful for finding
+    #     associated logs or other ad-hoc analysis. The value SHOULD be globally
+    #     unique, per in-toto Provenance spec.
+    # @!attribute [rw] build_started_on
+    #   @return [::Google::Protobuf::Timestamp]
+    #     The timestamp of when the build started.
+    # @!attribute [rw] build_finished_on
+    #   @return [::Google::Protobuf::Timestamp]
+    #     The timestamp of when the build completed.
+    # @!attribute [rw] completeness
+    #   @return [::Grafeas::V1::Completeness]
+    #     Indicates that the builder claims certain fields in this message to be
+    #     complete.
+    # @!attribute [rw] reproducible
+    #   @return [::Boolean]
+    #     If true, the builder claims that running the recipe on materials will
+    #     produce bit-for-bit identical output.
+    class Metadata
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # @!attribute [rw] id
+    #   @return [::String]
+    class BuilderConfig
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # @!attribute [rw] builder_config
+    #   @return [::Grafeas::V1::BuilderConfig]
+    # @!attribute [rw] recipe
+    #   @return [::Grafeas::V1::Recipe]
+    #     Identifies the configuration used for the build.
+    #     When combined with materials, this SHOULD fully describe the build,
+    #     such that re-running this recipe results in bit-for-bit identical output
+    #     (if the build is reproducible).
+    # @!attribute [rw] metadata
+    #   @return [::Grafeas::V1::Metadata]
+    # @!attribute [rw] materials
+    #   @return [::Array<::String>]
+    #     The collection of artifacts that influenced the build including sources,
+    #     dependencies, build tools, base images, and so on. This is considered to be
+    #     incomplete unless metadata.completeness.materials is true. Unset or null is
+    #     equivalent to empty.
+    class InTotoProvenance
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+  end
+end

data/proto_docs/grafeas/v1/intoto_statement.rb

@@ -0,0 +1,65 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # Spec defined at
+    # https://github.com/in-toto/attestation/tree/main/spec#statement The
+    # serialized InTotoStatement will be stored as Envelope.payload.
+    # Envelope.payloadType is always "application/vnd.in-toto+json".
+    # @!attribute [rw] type
+    #   @return [::String]
+    #     Always `https://in-toto.io/Statement/v0.1`.
+    # @!attribute [rw] subject
+    #   @return [::Array<::Grafeas::V1::Subject>]
+    # @!attribute [rw] predicate_type
+    #   @return [::String]
+    #     `https://slsa.dev/provenance/v0.1` for SlsaProvenance.
+    # @!attribute [rw] provenance
+    #   @return [::Grafeas::V1::InTotoProvenance]
+    # @!attribute [rw] slsa_provenance
+    #   @return [::Grafeas::V1::SlsaProvenance]
+    class InTotoStatement
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+    end
+
+    # @!attribute [rw] name
+    #   @return [::String]
+    # @!attribute [rw] digest
+    #   @return [::Google::Protobuf::Map{::String => ::String}]
+    #     `"<ALGORITHM>": "<HEX_VALUE>"`
+    #     Algorithms can be e.g. sha256, sha512
+    #     See
+    #     https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
+    class Subject
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # @!attribute [rw] key
+      #   @return [::String]
+      # @!attribute [rw] value
+      #   @return [::String]
+      class DigestEntry
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+    end
+  end
+end

data/proto_docs/grafeas/v1/package.rb

@@ -101,6 +101,14 @@ module Grafeas
     # @!attribute [rw] revision
     #   @return [::String]
     #     The iteration of the package build from the above version.
+    # @!attribute [rw] inclusive
+    #   @return [::Boolean]
+    #     Whether this version is specifying part of an inclusive range. Grafeas
+    #     does not have the capability to specify version ranges; instead we have
+    #     fields that specify start version and end versions. At times this is
+    #     insufficient - we also need to specify whether the version is included in
+    #     the range or is excluded from the range. This boolean is expected to be set
+    #     to true when the version is included in a range.
     # @!attribute [rw] kind
     #   @return [::Grafeas::V1::Version::VersionKind]
     #     Required. Distinguishes between sentinel MIN/MAX versions and normal

data/proto_docs/grafeas/v1/severity.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+# Copyright 2022 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # Note provider assigned severity/impact ranking.
+    module Severity
+      # Unknown.
+      SEVERITY_UNSPECIFIED = 0
+
+      # Minimal severity.
+      MINIMAL = 1
+
+      # Low severity.
+      LOW = 2
+
+      # Medium severity.
+      MEDIUM = 3
+
+      # High severity.
+      HIGH = 4
+
+      # Critical severity.
+      CRITICAL = 5
+    end
+  end
+end

data/proto_docs/grafeas/v1/slsa_provenance.rb

@@ -0,0 +1,152 @@
+# frozen_string_literal: true
+
+# Copyright 2021 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# Auto-generated by gapic-generator-ruby. DO NOT EDIT!
+
+
+module Grafeas
+  module V1
+    # @!attribute [rw] builder
+    #   @return [::Grafeas::V1::SlsaProvenance::SlsaBuilder]
+    # @!attribute [rw] recipe
+    #   @return [::Grafeas::V1::SlsaProvenance::SlsaRecipe]
+    #     Identifies the configuration used for the build.
+    #     When combined with materials, this SHOULD fully describe the build,
+    #     such that re-running this recipe results in bit-for-bit identical output
+    #     (if the build is reproducible).
+    # @!attribute [rw] metadata
+    #   @return [::Grafeas::V1::SlsaProvenance::SlsaMetadata]
+    # @!attribute [rw] materials
+    #   @return [::Array<::Grafeas::V1::SlsaProvenance::Material>]
+    #     The collection of artifacts that influenced the build including sources,
+    #     dependencies, build tools, base images, and so on. This is considered to be
+    #     incomplete unless metadata.completeness.materials is true. Unset or null is
+    #     equivalent to empty.
+    class SlsaProvenance
+      include ::Google::Protobuf::MessageExts
+      extend ::Google::Protobuf::MessageExts::ClassMethods
+
+      # Steps taken to build the artifact.
+      # For a TaskRun, typically each container corresponds to one step in the
+      # recipe.
+      # @!attribute [rw] type
+      #   @return [::String]
+      #     URI indicating what type of recipe was performed. It determines the
+      #     meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and
+      #     materials.
+      # @!attribute [rw] defined_in_material
+      #   @return [::Integer]
+      #     Index in materials containing the recipe steps that are not implied by
+      #     recipe.type. For example, if the recipe type were "make", then this would
+      #     point to the source containing the Makefile, not the make program itself.
+      #     Set to -1 if the recipe doesn't come from a material, as zero is default
+      #     unset value for int64.
+      # @!attribute [rw] entry_point
+      #   @return [::String]
+      #     String identifying the entry point into the build.
+      #     This is often a path to a configuration file and/or a target label within
+      #     that file. The syntax and meaning are defined by recipe.type. For
+      #     example, if the recipe type were "make", then this would reference the
+      #     directory in which to run make as well as which target to use.
+      # @!attribute [rw] arguments
+      #   @return [::Google::Protobuf::Any]
+      #     Collection of all external inputs that influenced the build on top of
+      #     recipe.definedInMaterial and recipe.entryPoint. For example, if the
+      #     recipe type were "make", then this might be the flags passed to make
+      #     aside from the target, which is captured in recipe.entryPoint. Depending
+      #     on the recipe Type, the structure may be different.
+      # @!attribute [rw] environment
+      #   @return [::Google::Protobuf::Any]
+      #     Any other builder-controlled inputs necessary for correctly evaluating
+      #     the recipe. Usually only needed for reproducing the build but not
+      #     evaluated as part of policy. Depending on the recipe Type, the structure
+      #     may be different.
+      class SlsaRecipe
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Indicates that the builder claims certain fields in this message to be
+      # complete.
+      # @!attribute [rw] arguments
+      #   @return [::Boolean]
+      #     If true, the builder claims that recipe.arguments is complete, meaning
+      #     that all external inputs are properly captured in the recipe.
+      # @!attribute [rw] environment
+      #   @return [::Boolean]
+      #     If true, the builder claims that recipe.environment is claimed to be
+      #     complete.
+      # @!attribute [rw] materials
+      #   @return [::Boolean]
+      #     If true, the builder claims that materials are complete, usually through
+      #     some controls to prevent network access. Sometimes called "hermetic".
+      class SlsaCompleteness
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # Other properties of the build.
+      # @!attribute [rw] build_invocation_id
+      #   @return [::String]
+      #     Identifies the particular build invocation, which can be useful for
+      #     finding associated logs or other ad-hoc analysis. The value SHOULD be
+      #     globally unique, per in-toto Provenance spec.
+      # @!attribute [rw] build_started_on
+      #   @return [::Google::Protobuf::Timestamp]
+      #     The timestamp of when the build started.
+      # @!attribute [rw] build_finished_on
+      #   @return [::Google::Protobuf::Timestamp]
+      #     The timestamp of when the build completed.
+      # @!attribute [rw] completeness
+      #   @return [::Grafeas::V1::SlsaProvenance::SlsaCompleteness]
+      #     Indicates that the builder claims certain fields in this message to be
+      #     complete.
+      # @!attribute [rw] reproducible
+      #   @return [::Boolean]
+      #     If true, the builder claims that running the recipe on materials will
+      #     produce bit-for-bit identical output.
+      class SlsaMetadata
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # @!attribute [rw] id
+      #   @return [::String]
+      class SlsaBuilder
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+      end
+
+      # @!attribute [rw] uri
+      #   @return [::String]
+      # @!attribute [rw] digest
+      #   @return [::Google::Protobuf::Map{::String => ::String}]
+      class Material
+        include ::Google::Protobuf::MessageExts
+        extend ::Google::Protobuf::MessageExts::ClassMethods
+
+        # @!attribute [rw] key
+        #   @return [::String]
+        # @!attribute [rw] value
+        #   @return [::String]
+        class DigestEntry
+          include ::Google::Protobuf::MessageExts
+          extend ::Google::Protobuf::MessageExts::ClassMethods
+        end
+      end
+    end
+  end
+end