grafeas-v1 0.2.1 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (39) hide show
  1. checksums.yaml +4 -4
  2. data/.yardopts +1 -1
  3. data/README.md +1 -1
  4. data/lib/grafeas/v1/attestation_pb.rb +6 -1
  5. data/lib/grafeas/v1/build_pb.rb +5 -1
  6. data/lib/grafeas/v1/common_pb.rb +13 -0
  7. data/lib/grafeas/v1/compliance_pb.rb +48 -0
  8. data/lib/grafeas/v1/cvss_pb.rb +62 -0
  9. data/lib/grafeas/v1/deployment_pb.rb +1 -1
  10. data/lib/grafeas/v1/discovery_pb.rb +4 -2
  11. data/lib/grafeas/v1/dsse_attestation_pb.rb +31 -0
  12. data/lib/grafeas/v1/grafeas/client.rb +375 -121
  13. data/lib/grafeas/v1/grafeas_pb.rb +9 -2
  14. data/lib/grafeas/v1/intoto_provenance_pb.rb +49 -0
  15. data/lib/grafeas/v1/intoto_statement_pb.rb +31 -0
  16. data/lib/grafeas/v1/package_pb.rb +1 -0
  17. data/lib/grafeas/v1/provenance_pb.rb +1 -1
  18. data/lib/grafeas/v1/severity_pb.rb +23 -0
  19. data/lib/grafeas/v1/slsa_provenance_pb.rb +54 -0
  20. data/lib/grafeas/v1/upgrade_pb.rb +2 -2
  21. data/lib/grafeas/v1/version.rb +1 -1
  22. data/lib/grafeas/v1/vulnerability_pb.rb +9 -11
  23. data/proto_docs/google/api/field_behavior.rb +7 -1
  24. data/proto_docs/google/api/resource.rb +10 -71
  25. data/proto_docs/grafeas/v1/attestation.rb +21 -0
  26. data/proto_docs/grafeas/v1/build.rb +11 -1
  27. data/proto_docs/grafeas/v1/common.rb +31 -2
  28. data/proto_docs/grafeas/v1/compliance.rb +98 -0
  29. data/proto_docs/grafeas/v1/cvss.rb +105 -0
  30. data/proto_docs/grafeas/v1/discovery.rb +3 -0
  31. data/proto_docs/grafeas/v1/dsse_attestation.rb +59 -0
  32. data/proto_docs/grafeas/v1/grafeas.rb +15 -0
  33. data/proto_docs/grafeas/v1/intoto_provenance.rb +134 -0
  34. data/proto_docs/grafeas/v1/intoto_statement.rb +65 -0
  35. data/proto_docs/grafeas/v1/package.rb +8 -0
  36. data/proto_docs/grafeas/v1/severity.rb +43 -0
  37. data/proto_docs/grafeas/v1/slsa_provenance.rb +152 -0
  38. data/proto_docs/grafeas/v1/vulnerability.rb +25 -21
  39. metadata +17 -5
@@ -109,6 +109,12 @@ module Grafeas
109
109
  # The time this information was last changed at the source. This is an
110
110
  # upstream timestamp from the underlying information source - e.g. Ubuntu
111
111
  # security tracker.
112
+ # @!attribute [rw] source
113
+ # @return [::String]
114
+ # The source from which the information in this Detail was obtained.
115
+ # @!attribute [rw] vendor
116
+ # @return [::String]
117
+ # The name of the vendor of the product.
112
118
  class Detail
113
119
  include ::Google::Protobuf::MessageExts
114
120
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -161,6 +167,9 @@ module Grafeas
161
167
  # Output only. The CVSS score of this vulnerability. CVSS score is on a
162
168
  # scale of 0 - 10 where 0 indicates low severity and 10 indicates high
163
169
  # severity.
170
+ # @!attribute [rw] cvssv3
171
+ # @return [::Grafeas::V1::CVSS]
172
+ # The cvss v3 score for the vulnerability.
164
173
  # @!attribute [rw] package_issue
165
174
  # @return [::Array<::Grafeas::V1::VulnerabilityOccurrence::PackageIssue>]
166
175
  # Required. The set of affected locations and their fixes (if available)
@@ -178,6 +187,14 @@ module Grafeas
178
187
  # @return [::Grafeas::V1::Severity]
179
188
  # The distro assigned severity for this vulnerability when it is available,
180
189
  # otherwise this is the note provider assigned severity.
190
+ #
191
+ # When there are multiple PackageIssues for this vulnerability, they can have
192
+ # different effective severities because some might be provided by the distro
193
+ # while others are provided by the language ecosystem for a language pack.
194
+ # For this reason, it is advised to use the effective severity on the
195
+ # PackageIssue level. In the case where multiple PackageIssues have differing
196
+ # effective severities, this field should be the highest severity for any of
197
+ # the PackageIssues.
181
198
  # @!attribute [rw] fix_available
182
199
  # @return [::Boolean]
183
200
  # Output only. Whether at least one of the affected packages has a fix
@@ -215,31 +232,18 @@ module Grafeas
215
232
  # @!attribute [rw] fix_available
216
233
  # @return [::Boolean]
217
234
  # Output only. Whether a fix is available for this package.
235
+ # @!attribute [rw] package_type
236
+ # @return [::String]
237
+ # The type of package (e.g. OS, MAVEN, GO).
238
+ # @!attribute [r] effective_severity
239
+ # @return [::Grafeas::V1::Severity]
240
+ # The distro or language system assigned severity for this vulnerability
241
+ # when that is available and note provider assigned severity when it is not
242
+ # available.
218
243
  class PackageIssue
219
244
  include ::Google::Protobuf::MessageExts
220
245
  extend ::Google::Protobuf::MessageExts::ClassMethods
221
246
  end
222
247
  end
223
-
224
- # Note provider assigned severity/impact ranking.
225
- module Severity
226
- # Unknown.
227
- SEVERITY_UNSPECIFIED = 0
228
-
229
- # Minimal severity.
230
- MINIMAL = 1
231
-
232
- # Low severity.
233
- LOW = 2
234
-
235
- # Medium severity.
236
- MEDIUM = 3
237
-
238
- # High severity.
239
- HIGH = 4
240
-
241
- # Critical severity.
242
- CRITICAL = 5
243
- end
244
248
  end
245
249
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: grafeas-v1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.1
4
+ version: 0.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-06-17 00:00:00.000000000 Z
11
+ date: 2022-01-13 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: '0.5'
19
+ version: '0.7'
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
22
  version: 2.a
@@ -26,7 +26,7 @@ dependencies:
26
26
  requirements:
27
27
  - - ">="
28
28
  - !ruby/object:Gem::Version
29
- version: '0.5'
29
+ version: '0.7'
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
32
  version: 2.a
@@ -173,17 +173,23 @@ files:
173
173
  - lib/grafeas/v1/attestation_pb.rb
174
174
  - lib/grafeas/v1/build_pb.rb
175
175
  - lib/grafeas/v1/common_pb.rb
176
+ - lib/grafeas/v1/compliance_pb.rb
176
177
  - lib/grafeas/v1/cvss_pb.rb
177
178
  - lib/grafeas/v1/deployment_pb.rb
178
179
  - lib/grafeas/v1/discovery_pb.rb
180
+ - lib/grafeas/v1/dsse_attestation_pb.rb
179
181
  - lib/grafeas/v1/grafeas.rb
180
182
  - lib/grafeas/v1/grafeas/client.rb
181
183
  - lib/grafeas/v1/grafeas/paths.rb
182
184
  - lib/grafeas/v1/grafeas_pb.rb
183
185
  - lib/grafeas/v1/grafeas_services_pb.rb
184
186
  - lib/grafeas/v1/image_pb.rb
187
+ - lib/grafeas/v1/intoto_provenance_pb.rb
188
+ - lib/grafeas/v1/intoto_statement_pb.rb
185
189
  - lib/grafeas/v1/package_pb.rb
186
190
  - lib/grafeas/v1/provenance_pb.rb
191
+ - lib/grafeas/v1/severity_pb.rb
192
+ - lib/grafeas/v1/slsa_provenance_pb.rb
187
193
  - lib/grafeas/v1/upgrade_pb.rb
188
194
  - lib/grafeas/v1/version.rb
189
195
  - lib/grafeas/v1/vulnerability_pb.rb
@@ -198,13 +204,19 @@ files:
198
204
  - proto_docs/grafeas/v1/attestation.rb
199
205
  - proto_docs/grafeas/v1/build.rb
200
206
  - proto_docs/grafeas/v1/common.rb
207
+ - proto_docs/grafeas/v1/compliance.rb
201
208
  - proto_docs/grafeas/v1/cvss.rb
202
209
  - proto_docs/grafeas/v1/deployment.rb
203
210
  - proto_docs/grafeas/v1/discovery.rb
211
+ - proto_docs/grafeas/v1/dsse_attestation.rb
204
212
  - proto_docs/grafeas/v1/grafeas.rb
205
213
  - proto_docs/grafeas/v1/image.rb
214
+ - proto_docs/grafeas/v1/intoto_provenance.rb
215
+ - proto_docs/grafeas/v1/intoto_statement.rb
206
216
  - proto_docs/grafeas/v1/package.rb
207
217
  - proto_docs/grafeas/v1/provenance.rb
218
+ - proto_docs/grafeas/v1/severity.rb
219
+ - proto_docs/grafeas/v1/slsa_provenance.rb
208
220
  - proto_docs/grafeas/v1/upgrade.rb
209
221
  - proto_docs/grafeas/v1/vulnerability.rb
210
222
  homepage: https://github.com/googleapis/google-cloud-ruby
@@ -226,7 +238,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
226
238
  - !ruby/object:Gem::Version
227
239
  version: '0'
228
240
  requirements: []
229
- rubygems_version: 3.2.17
241
+ rubygems_version: 3.3.5
230
242
  signing_key:
231
243
  specification_version: 4
232
244
  summary: API Client library for the Grafeas V1 API