grafeas-v1 0.2.1 → 0.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (39) hide show
  1. checksums.yaml +4 -4
  2. data/.yardopts +1 -1
  3. data/README.md +1 -1
  4. data/lib/grafeas/v1/attestation_pb.rb +6 -1
  5. data/lib/grafeas/v1/build_pb.rb +5 -1
  6. data/lib/grafeas/v1/common_pb.rb +13 -0
  7. data/lib/grafeas/v1/compliance_pb.rb +48 -0
  8. data/lib/grafeas/v1/cvss_pb.rb +62 -0
  9. data/lib/grafeas/v1/deployment_pb.rb +1 -1
  10. data/lib/grafeas/v1/discovery_pb.rb +4 -2
  11. data/lib/grafeas/v1/dsse_attestation_pb.rb +31 -0
  12. data/lib/grafeas/v1/grafeas/client.rb +375 -121
  13. data/lib/grafeas/v1/grafeas_pb.rb +9 -2
  14. data/lib/grafeas/v1/intoto_provenance_pb.rb +49 -0
  15. data/lib/grafeas/v1/intoto_statement_pb.rb +31 -0
  16. data/lib/grafeas/v1/package_pb.rb +1 -0
  17. data/lib/grafeas/v1/provenance_pb.rb +1 -1
  18. data/lib/grafeas/v1/severity_pb.rb +23 -0
  19. data/lib/grafeas/v1/slsa_provenance_pb.rb +54 -0
  20. data/lib/grafeas/v1/upgrade_pb.rb +2 -2
  21. data/lib/grafeas/v1/version.rb +1 -1
  22. data/lib/grafeas/v1/vulnerability_pb.rb +9 -11
  23. data/proto_docs/google/api/field_behavior.rb +7 -1
  24. data/proto_docs/google/api/resource.rb +10 -71
  25. data/proto_docs/grafeas/v1/attestation.rb +21 -0
  26. data/proto_docs/grafeas/v1/build.rb +11 -1
  27. data/proto_docs/grafeas/v1/common.rb +31 -2
  28. data/proto_docs/grafeas/v1/compliance.rb +98 -0
  29. data/proto_docs/grafeas/v1/cvss.rb +105 -0
  30. data/proto_docs/grafeas/v1/discovery.rb +3 -0
  31. data/proto_docs/grafeas/v1/dsse_attestation.rb +59 -0
  32. data/proto_docs/grafeas/v1/grafeas.rb +15 -0
  33. data/proto_docs/grafeas/v1/intoto_provenance.rb +134 -0
  34. data/proto_docs/grafeas/v1/intoto_statement.rb +65 -0
  35. data/proto_docs/grafeas/v1/package.rb +8 -0
  36. data/proto_docs/grafeas/v1/severity.rb +43 -0
  37. data/proto_docs/grafeas/v1/slsa_provenance.rb +152 -0
  38. data/proto_docs/grafeas/v1/vulnerability.rb +25 -21
  39. metadata +17 -5
@@ -109,6 +109,12 @@ module Grafeas
109
109
  # The time this information was last changed at the source. This is an
110
110
  # upstream timestamp from the underlying information source - e.g. Ubuntu
111
111
  # security tracker.
112
+ # @!attribute [rw] source
113
+ # @return [::String]
114
+ # The source from which the information in this Detail was obtained.
115
+ # @!attribute [rw] vendor
116
+ # @return [::String]
117
+ # The name of the vendor of the product.
112
118
  class Detail
113
119
  include ::Google::Protobuf::MessageExts
114
120
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -161,6 +167,9 @@ module Grafeas
161
167
  # Output only. The CVSS score of this vulnerability. CVSS score is on a
162
168
  # scale of 0 - 10 where 0 indicates low severity and 10 indicates high
163
169
  # severity.
170
+ # @!attribute [rw] cvssv3
171
+ # @return [::Grafeas::V1::CVSS]
172
+ # The cvss v3 score for the vulnerability.
164
173
  # @!attribute [rw] package_issue
165
174
  # @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
166
175
  # Required. The set of affected locations and their fixes (if available)
@@ -178,6 +187,14 @@ module Grafeas
178
187
  # @return [::Grafeas::V1::Severity]
179
188
  # The distro assigned severity for this vulnerability when it is available,
180
189
  # otherwise this is the note provider assigned severity.
190
+ #
191
+ # When there are multiple PackageIssues for this vulnerability, they can have
192
+ # different effective severities because some might be provided by the distro
193
+ # while others are provided by the language ecosystem for a language pack.
194
+ # For this reason, it is advised to use the effective severity on the
195
+ # PackageIssue level. In the case where multiple PackageIssues have differing
196
+ # effective severities, this field should be the highest severity for any of
197
+ # the PackageIssues.
181
198
  # @!attribute [rw] fix_available
182
199
  # @return [::Boolean]
183
200
  # Output only. Whether at least one of the affected packages has a fix
@@ -215,31 +232,18 @@ module Grafeas
215
232
  # @!attribute [rw] fix_available
216
233
  # @return [::Boolean]
217
234
  # Output only. Whether a fix is available for this package.
235
+ # @!attribute [rw] package_type
236
+ # @return [::String]
237
+ # The type of package (e.g. OS, MAVEN, GO).
238
+ # @!attribute [r] effective_severity
239
+ # @return [::Grafeas::V1::Severity]
240
+ # The distro or language system assigned severity for this vulnerability
241
+ # when that is available and note provider assigned severity when it is not
242
+ # available.
218
243
  class PackageIssue
219
244
  include ::Google::Protobuf::MessageExts
220
245
  extend ::Google::Protobuf::MessageExts::ClassMethods
221
246
  end
222
247
  end
223
-
224
- # Note provider assigned severity/impact ranking.
225
- module Severity
226
- # Unknown.
227
- SEVERITY_UNSPECIFIED = 0
228
-
229
- # Minimal severity.
230
- MINIMAL = 1
231
-
232
- # Low severity.
233
- LOW = 2
234
-
235
- # Medium severity.
236
- MEDIUM = 3
237
-
238
- # High severity.
239
- HIGH = 4
240
-
241
- # Critical severity.
242
- CRITICAL = 5
243
- end
244
248
  end
245
249
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: grafeas-v1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-06-17 00:00:00.000000000 Z
11
+ date: 2022-01-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: '0.5'
19
+ version: '0.7'
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
22
  version: 2.a
@@ -26,7 +26,7 @@ dependencies:
26
26
  requirements:
27
27
  - - ">="
28
28
  - !ruby/object:Gem::Version
29
- version: '0.5'
29
+ version: '0.7'
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
32
  version: 2.a
@@ -173,17 +173,23 @@ files:
173
173
  - lib/grafeas/v1/attestation_pb.rb
174
174
  - lib/grafeas/v1/build_pb.rb
175
175
  - lib/grafeas/v1/common_pb.rb
176
+ - lib/grafeas/v1/compliance_pb.rb
176
177
  - lib/grafeas/v1/cvss_pb.rb
177
178
  - lib/grafeas/v1/deployment_pb.rb
178
179
  - lib/grafeas/v1/discovery_pb.rb
180
+ - lib/grafeas/v1/dsse_attestation_pb.rb
179
181
  - lib/grafeas/v1/grafeas.rb
180
182
  - lib/grafeas/v1/grafeas/client.rb
181
183
  - lib/grafeas/v1/grafeas/paths.rb
182
184
  - lib/grafeas/v1/grafeas_pb.rb
183
185
  - lib/grafeas/v1/grafeas_services_pb.rb
184
186
  - lib/grafeas/v1/image_pb.rb
187
+ - lib/grafeas/v1/intoto_provenance_pb.rb
188
+ - lib/grafeas/v1/intoto_statement_pb.rb
185
189
  - lib/grafeas/v1/package_pb.rb
186
190
  - lib/grafeas/v1/provenance_pb.rb
191
+ - lib/grafeas/v1/severity_pb.rb
192
+ - lib/grafeas/v1/slsa_provenance_pb.rb
187
193
  - lib/grafeas/v1/upgrade_pb.rb
188
194
  - lib/grafeas/v1/version.rb
189
195
  - lib/grafeas/v1/vulnerability_pb.rb
@@ -198,13 +204,19 @@ files:
198
204
  - proto_docs/grafeas/v1/attestation.rb
199
205
  - proto_docs/grafeas/v1/build.rb
200
206
  - proto_docs/grafeas/v1/common.rb
207
+ - proto_docs/grafeas/v1/compliance.rb
201
208
  - proto_docs/grafeas/v1/cvss.rb
202
209
  - proto_docs/grafeas/v1/deployment.rb
203
210
  - proto_docs/grafeas/v1/discovery.rb
211
+ - proto_docs/grafeas/v1/dsse_attestation.rb
204
212
  - proto_docs/grafeas/v1/grafeas.rb
205
213
  - proto_docs/grafeas/v1/image.rb
214
+ - proto_docs/grafeas/v1/intoto_provenance.rb
215
+ - proto_docs/grafeas/v1/intoto_statement.rb
206
216
  - proto_docs/grafeas/v1/package.rb
207
217
  - proto_docs/grafeas/v1/provenance.rb
218
+ - proto_docs/grafeas/v1/severity.rb
219
+ - proto_docs/grafeas/v1/slsa_provenance.rb
208
220
  - proto_docs/grafeas/v1/upgrade.rb
209
221
  - proto_docs/grafeas/v1/vulnerability.rb
210
222
  homepage: https://github.com/googleapis/google-cloud-ruby
@@ -226,7 +238,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
226
238
  - !ruby/object:Gem::Version
227
239
  version: '0'
228
240
  requirements: []
229
- rubygems_version: 3.2.17
241
+ rubygems_version: 3.3.5
230
242
  signing_key:
231
243
  specification_version: 4
232
244
  summary: API Client library for the Grafeas V1 API