grafeas-v1 0.2.1 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.yardopts +1 -1
- data/README.md +1 -1
- data/lib/grafeas/v1/attestation_pb.rb +6 -1
- data/lib/grafeas/v1/build_pb.rb +5 -1
- data/lib/grafeas/v1/common_pb.rb +13 -0
- data/lib/grafeas/v1/compliance_pb.rb +48 -0
- data/lib/grafeas/v1/cvss_pb.rb +62 -0
- data/lib/grafeas/v1/deployment_pb.rb +1 -1
- data/lib/grafeas/v1/discovery_pb.rb +4 -2
- data/lib/grafeas/v1/dsse_attestation_pb.rb +31 -0
- data/lib/grafeas/v1/grafeas/client.rb +375 -121
- data/lib/grafeas/v1/grafeas_pb.rb +9 -2
- data/lib/grafeas/v1/intoto_provenance_pb.rb +49 -0
- data/lib/grafeas/v1/intoto_statement_pb.rb +31 -0
- data/lib/grafeas/v1/package_pb.rb +1 -0
- data/lib/grafeas/v1/provenance_pb.rb +1 -1
- data/lib/grafeas/v1/severity_pb.rb +23 -0
- data/lib/grafeas/v1/slsa_provenance_pb.rb +54 -0
- data/lib/grafeas/v1/upgrade_pb.rb +2 -2
- data/lib/grafeas/v1/version.rb +1 -1
- data/lib/grafeas/v1/vulnerability_pb.rb +9 -11
- data/proto_docs/google/api/field_behavior.rb +7 -1
- data/proto_docs/google/api/resource.rb +10 -71
- data/proto_docs/grafeas/v1/attestation.rb +21 -0
- data/proto_docs/grafeas/v1/build.rb +11 -1
- data/proto_docs/grafeas/v1/common.rb +31 -2
- data/proto_docs/grafeas/v1/compliance.rb +98 -0
- data/proto_docs/grafeas/v1/cvss.rb +105 -0
- data/proto_docs/grafeas/v1/discovery.rb +3 -0
- data/proto_docs/grafeas/v1/dsse_attestation.rb +59 -0
- data/proto_docs/grafeas/v1/grafeas.rb +15 -0
- data/proto_docs/grafeas/v1/intoto_provenance.rb +134 -0
- data/proto_docs/grafeas/v1/intoto_statement.rb +65 -0
- data/proto_docs/grafeas/v1/package.rb +8 -0
- data/proto_docs/grafeas/v1/severity.rb +43 -0
- data/proto_docs/grafeas/v1/slsa_provenance.rb +152 -0
- data/proto_docs/grafeas/v1/vulnerability.rb +25 -21
- metadata +17 -5
@@ -109,6 +109,12 @@ module Grafeas
|
|
109
109
|
# The time this information was last changed at the source. This is an
|
110
110
|
# upstream timestamp from the underlying information source - e.g. Ubuntu
|
111
111
|
# security tracker.
|
112
|
+
# @!attribute [rw] source
|
113
|
+
# @return [::String]
|
114
|
+
# The source from which the information in this Detail was obtained.
|
115
|
+
# @!attribute [rw] vendor
|
116
|
+
# @return [::String]
|
117
|
+
# The name of the vendor of the product.
|
112
118
|
class Detail
|
113
119
|
include ::Google::Protobuf::MessageExts
|
114
120
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
@@ -161,6 +167,9 @@ module Grafeas
|
|
161
167
|
# Output only. The CVSS score of this vulnerability. CVSS score is on a
|
162
168
|
# scale of 0 - 10 where 0 indicates low severity and 10 indicates high
|
163
169
|
# severity.
|
170
|
+
# @!attribute [rw] cvssv3
|
171
|
+
# @return [::Grafeas::V1::CVSS]
|
172
|
+
# The cvss v3 score for the vulnerability.
|
164
173
|
# @!attribute [rw] package_issue
|
165
174
|
# @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
|
166
175
|
# Required. The set of affected locations and their fixes (if available)
|
@@ -178,6 +187,14 @@ module Grafeas
|
|
178
187
|
# @return [::Grafeas::V1::Severity]
|
179
188
|
# The distro assigned severity for this vulnerability when it is available,
|
180
189
|
# otherwise this is the note provider assigned severity.
|
190
|
+
#
|
191
|
+
# When there are multiple PackageIssues for this vulnerability, they can have
|
192
|
+
# different effective severities because some might be provided by the distro
|
193
|
+
# while others are provided by the language ecosystem for a language pack.
|
194
|
+
# For this reason, it is advised to use the effective severity on the
|
195
|
+
# PackageIssue level. In the case where multiple PackageIssues have differing
|
196
|
+
# effective severities, this field should be the highest severity for any of
|
197
|
+
# the PackageIssues.
|
181
198
|
# @!attribute [rw] fix_available
|
182
199
|
# @return [::Boolean]
|
183
200
|
# Output only. Whether at least one of the affected packages has a fix
|
@@ -215,31 +232,18 @@ module Grafeas
|
|
215
232
|
# @!attribute [rw] fix_available
|
216
233
|
# @return [::Boolean]
|
217
234
|
# Output only. Whether a fix is available for this package.
|
235
|
+
# @!attribute [rw] package_type
|
236
|
+
# @return [::String]
|
237
|
+
# The type of package (e.g. OS, MAVEN, GO).
|
238
|
+
# @!attribute [r] effective_severity
|
239
|
+
# @return [::Grafeas::V1::Severity]
|
240
|
+
# The distro or language system assigned severity for this vulnerability
|
241
|
+
# when that is available and note provider assigned severity when it is not
|
242
|
+
# available.
|
218
243
|
class PackageIssue
|
219
244
|
include ::Google::Protobuf::MessageExts
|
220
245
|
extend ::Google::Protobuf::MessageExts::ClassMethods
|
221
246
|
end
|
222
247
|
end
|
223
|
-
|
224
|
-
# Note provider assigned severity/impact ranking.
|
225
|
-
module Severity
|
226
|
-
# Unknown.
|
227
|
-
SEVERITY_UNSPECIFIED = 0
|
228
|
-
|
229
|
-
# Minimal severity.
|
230
|
-
MINIMAL = 1
|
231
|
-
|
232
|
-
# Low severity.
|
233
|
-
LOW = 2
|
234
|
-
|
235
|
-
# Medium severity.
|
236
|
-
MEDIUM = 3
|
237
|
-
|
238
|
-
# High severity.
|
239
|
-
HIGH = 4
|
240
|
-
|
241
|
-
# Critical severity.
|
242
|
-
CRITICAL = 5
|
243
|
-
end
|
244
248
|
end
|
245
249
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: grafeas-v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.4.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Google LLC
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-01-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: gapic-common
|
@@ -16,7 +16,7 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - ">="
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: '0.
|
19
|
+
version: '0.7'
|
20
20
|
- - "<"
|
21
21
|
- !ruby/object:Gem::Version
|
22
22
|
version: 2.a
|
@@ -26,7 +26,7 @@ dependencies:
|
|
26
26
|
requirements:
|
27
27
|
- - ">="
|
28
28
|
- !ruby/object:Gem::Version
|
29
|
-
version: '0.
|
29
|
+
version: '0.7'
|
30
30
|
- - "<"
|
31
31
|
- !ruby/object:Gem::Version
|
32
32
|
version: 2.a
|
@@ -173,17 +173,23 @@ files:
|
|
173
173
|
- lib/grafeas/v1/attestation_pb.rb
|
174
174
|
- lib/grafeas/v1/build_pb.rb
|
175
175
|
- lib/grafeas/v1/common_pb.rb
|
176
|
+
- lib/grafeas/v1/compliance_pb.rb
|
176
177
|
- lib/grafeas/v1/cvss_pb.rb
|
177
178
|
- lib/grafeas/v1/deployment_pb.rb
|
178
179
|
- lib/grafeas/v1/discovery_pb.rb
|
180
|
+
- lib/grafeas/v1/dsse_attestation_pb.rb
|
179
181
|
- lib/grafeas/v1/grafeas.rb
|
180
182
|
- lib/grafeas/v1/grafeas/client.rb
|
181
183
|
- lib/grafeas/v1/grafeas/paths.rb
|
182
184
|
- lib/grafeas/v1/grafeas_pb.rb
|
183
185
|
- lib/grafeas/v1/grafeas_services_pb.rb
|
184
186
|
- lib/grafeas/v1/image_pb.rb
|
187
|
+
- lib/grafeas/v1/intoto_provenance_pb.rb
|
188
|
+
- lib/grafeas/v1/intoto_statement_pb.rb
|
185
189
|
- lib/grafeas/v1/package_pb.rb
|
186
190
|
- lib/grafeas/v1/provenance_pb.rb
|
191
|
+
- lib/grafeas/v1/severity_pb.rb
|
192
|
+
- lib/grafeas/v1/slsa_provenance_pb.rb
|
187
193
|
- lib/grafeas/v1/upgrade_pb.rb
|
188
194
|
- lib/grafeas/v1/version.rb
|
189
195
|
- lib/grafeas/v1/vulnerability_pb.rb
|
@@ -198,13 +204,19 @@ files:
|
|
198
204
|
- proto_docs/grafeas/v1/attestation.rb
|
199
205
|
- proto_docs/grafeas/v1/build.rb
|
200
206
|
- proto_docs/grafeas/v1/common.rb
|
207
|
+
- proto_docs/grafeas/v1/compliance.rb
|
201
208
|
- proto_docs/grafeas/v1/cvss.rb
|
202
209
|
- proto_docs/grafeas/v1/deployment.rb
|
203
210
|
- proto_docs/grafeas/v1/discovery.rb
|
211
|
+
- proto_docs/grafeas/v1/dsse_attestation.rb
|
204
212
|
- proto_docs/grafeas/v1/grafeas.rb
|
205
213
|
- proto_docs/grafeas/v1/image.rb
|
214
|
+
- proto_docs/grafeas/v1/intoto_provenance.rb
|
215
|
+
- proto_docs/grafeas/v1/intoto_statement.rb
|
206
216
|
- proto_docs/grafeas/v1/package.rb
|
207
217
|
- proto_docs/grafeas/v1/provenance.rb
|
218
|
+
- proto_docs/grafeas/v1/severity.rb
|
219
|
+
- proto_docs/grafeas/v1/slsa_provenance.rb
|
208
220
|
- proto_docs/grafeas/v1/upgrade.rb
|
209
221
|
- proto_docs/grafeas/v1/vulnerability.rb
|
210
222
|
homepage: https://github.com/googleapis/google-cloud-ruby
|
@@ -226,7 +238,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
226
238
|
- !ruby/object:Gem::Version
|
227
239
|
version: '0'
|
228
240
|
requirements: []
|
229
|
-
rubygems_version: 3.
|
241
|
+
rubygems_version: 3.3.5
|
230
242
|
signing_key:
|
231
243
|
specification_version: 4
|
232
244
|
summary: API Client library for the Grafeas V1 API
|