grafeas-v1 0.7.0 → 0.9.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 884fa0c5479da039df9323bdc5b1714e4f0e26da88c848b1542978527d8f5b5a
4
- data.tar.gz: a5861d6ccdd43050aba04e6053916879d31c47083403f3362879908319252227
3
+ metadata.gz: de858ed8e2692e2aab1ddabba338dcfcf7fd0d245f4a9dc7268dd28dbc48a1e5
4
+ data.tar.gz: 8ba74842862b74a9da43f0ec0110672b3f58377d34c1469c278f6264556c1ae0
5
5
  SHA512:
6
- metadata.gz: cd1f71ef3d8335ea5461522daaad312f148be61d8e86cd514aa0275161d427939554c00bca367e6631fe40de78b3bd5842811a3d909b4dca476cba24121841ae
7
- data.tar.gz: 4b64e68af4cfcc64d88242ec7ac9e14b35518d7bf1b1eae72ef84eeb84e311bfc10ff559adc3359cef50821a562ae9d1d61935de2f04ff7ac0680b0b8f01db1d
6
+ metadata.gz: 56e84efe07a852c6c919991831f309478ea1e88c31e6929e420ce52adfae9bea3b4a2907d053e0305c9fc361e22306f17bbc09d6e98dde2830805ccaef7e4e4a
7
+ data.tar.gz: e2d99c15dcef124b695e7b13e0fc6d8cf168996e9f6ef744fc093bda536c3cb281609b80f3b11e7adba269d932949f6a5b0797ae254539d46142744307ba869a
data/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # Ruby Client for the Grafeas V1 API
2
2
 
3
- API Client library for the Grafeas V1 API
3
+ An implementation of the Grafeas API, which stores, and enables querying and retrieval of critical metadata about all of your software artifacts.
4
4
 
5
5
  The Grafeas API stores, and enables querying and retrieval of, critical metadata about all of your software artifacts.
6
6
 
@@ -34,8 +34,8 @@ for class and method documentation.
34
34
  ## Enabling Logging
35
35
 
36
36
  To enable logging for this library, set the logger for the underlying [gRPC](https://github.com/grpc/grpc/tree/master/src/ruby) library.
37
- The logger that you set may be a Ruby stdlib [`Logger`](https://ruby-doc.org/stdlib/libdoc/logger/rdoc/Logger.html) as shown below,
38
- or a [`Google::Cloud::Logging::Logger`](https://googleapis.dev/ruby/google-cloud-logging/latest)
37
+ The logger that you set may be a Ruby stdlib [`Logger`](https://ruby-doc.org/current/stdlibs/logger/Logger.html) as shown below,
38
+ or a [`Google::Cloud::Logging::Logger`](https://cloud.google.com/ruby/docs/reference/google-cloud-logging/latest)
39
39
  that will write logs to [Cloud Logging](https://cloud.google.com/logging/). See [grpc/logconfig.rb](https://github.com/grpc/grpc/blob/master/src/ruby/lib/grpc/logconfig.rb)
40
40
  and the gRPC [spec_helper.rb](https://github.com/grpc/grpc/blob/master/src/ruby/spec/spec_helper.rb) for additional information.
41
41
 
@@ -45,6 +45,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
45
45
  value :UPGRADE, 8
46
46
  value :COMPLIANCE, 9
47
47
  value :DSSE_ATTESTATION, 10
48
+ value :VULNERABILITY_ASSESSMENT, 11
48
49
  end
49
50
  end
50
51
  end
@@ -333,13 +333,11 @@ module Grafeas
333
333
  # # Call the list_occurrences method.
334
334
  # result = client.list_occurrences request
335
335
  #
336
- # # The returned object is of type Gapic::PagedEnumerable. You can
337
- # # iterate over all elements by calling #each, and the enumerable
338
- # # will lazily make API calls to fetch subsequent pages. Other
339
- # # methods are also available for managing paging directly.
340
- # result.each do |response|
336
+ # # The returned object is of type Gapic::PagedEnumerable. You can iterate
337
+ # # over elements, and API calls will be issued to fetch pages as needed.
338
+ # result.each do |item|
341
339
  # # Each element is of type ::Grafeas::V1::Occurrence.
342
- # p response
340
+ # p item
343
341
  # end
344
342
  #
345
343
  def list_occurrences request, options = nil
@@ -960,13 +958,11 @@ module Grafeas
960
958
  # # Call the list_notes method.
961
959
  # result = client.list_notes request
962
960
  #
963
- # # The returned object is of type Gapic::PagedEnumerable. You can
964
- # # iterate over all elements by calling #each, and the enumerable
965
- # # will lazily make API calls to fetch subsequent pages. Other
966
- # # methods are also available for managing paging directly.
967
- # result.each do |response|
961
+ # # The returned object is of type Gapic::PagedEnumerable. You can iterate
962
+ # # over elements, and API calls will be issued to fetch pages as needed.
963
+ # result.each do |item|
968
964
  # # Each element is of type ::Grafeas::V1::Note.
969
- # p response
965
+ # p item
970
966
  # end
971
967
  #
972
968
  def list_notes request, options = nil
@@ -1415,13 +1411,11 @@ module Grafeas
1415
1411
  # # Call the list_note_occurrences method.
1416
1412
  # result = client.list_note_occurrences request
1417
1413
  #
1418
- # # The returned object is of type Gapic::PagedEnumerable. You can
1419
- # # iterate over all elements by calling #each, and the enumerable
1420
- # # will lazily make API calls to fetch subsequent pages. Other
1421
- # # methods are also available for managing paging directly.
1422
- # result.each do |response|
1414
+ # # The returned object is of type Gapic::PagedEnumerable. You can iterate
1415
+ # # over elements, and API calls will be issued to fetch pages as needed.
1416
+ # result.each do |item|
1423
1417
  # # Each element is of type ::Grafeas::V1::Occurrence.
1424
- # p response
1418
+ # p item
1425
1419
  # end
1426
1420
  #
1427
1421
  def list_note_occurrences request, options = nil
@@ -1504,9 +1498,9 @@ module Grafeas
1504
1498
  # * (`String`) The path to a service account key file in JSON format
1505
1499
  # * (`Hash`) A service account key as a Hash
1506
1500
  # * (`Google::Auth::Credentials`) A googleauth credentials object
1507
- # (see the [googleauth docs](https://googleapis.dev/ruby/googleauth/latest/index.html))
1501
+ # (see the [googleauth docs](https://rubydoc.info/gems/googleauth/Google/Auth/Credentials))
1508
1502
  # * (`Signet::OAuth2::Client`) A signet oauth2 client object
1509
- # (see the [signet docs](https://googleapis.dev/ruby/signet/latest/Signet/OAuth2/Client.html))
1503
+ # (see the [signet docs](https://rubydoc.info/gems/signet/Signet/OAuth2/Client))
1510
1504
  # * (`GRPC::Core::Channel`) a gRPC channel with included credentials
1511
1505
  # * (`GRPC::Core::ChannelCredentials`) a gRPC credentails object
1512
1506
  # * (`nil`) indicating no credentials
@@ -43,7 +43,7 @@ module Grafeas
43
43
  # there would be one note for the vulnerability and an occurrence for each
44
44
  # image with the vulnerability referring to that note.
45
45
  #
46
- # To load this service and instantiate a client:
46
+ # @example Load this service and instantiate a gRPC client
47
47
  #
48
48
  # require "grafeas/v1/grafeas"
49
49
  # client = ::Grafeas::V1::Grafeas::Client.new
@@ -20,6 +20,7 @@ require 'grafeas/v1/dsse_attestation_pb'
20
20
  require 'grafeas/v1/image_pb'
21
21
  require 'grafeas/v1/package_pb'
22
22
  require 'grafeas/v1/upgrade_pb'
23
+ require 'grafeas/v1/vex_pb'
23
24
  require 'grafeas/v1/vulnerability_pb'
24
25
 
25
26
  Google::Protobuf::DescriptorPool.generated_pool.build do
@@ -67,6 +68,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
67
68
  optional :upgrade, :message, 17, "grafeas.v1.UpgradeNote"
68
69
  optional :compliance, :message, 18, "grafeas.v1.ComplianceNote"
69
70
  optional :dsse_attestation, :message, 19, "grafeas.v1.DSSEAttestationNote"
71
+ optional :vulnerability_assessment, :message, 20, "grafeas.v1.VulnerabilityAssessmentNote"
70
72
  end
71
73
  end
72
74
  add_message "grafeas.v1.GetOccurrenceRequest" do
@@ -19,6 +19,6 @@
19
19
 
20
20
  module Grafeas
21
21
  module V1
22
- VERSION = "0.7.0"
22
+ VERSION = "0.9.0"
23
23
  end
24
24
  end
@@ -0,0 +1,88 @@
1
+ # Generated by the protocol buffer compiler. DO NOT EDIT!
2
+ # source: grafeas/v1/vex.proto
3
+
4
+ require 'google/protobuf'
5
+
6
+ require 'grafeas/v1/common_pb'
7
+
8
+ Google::Protobuf::DescriptorPool.generated_pool.build do
9
+ add_file("grafeas/v1/vex.proto", :syntax => :proto3) do
10
+ add_message "grafeas.v1.VulnerabilityAssessmentNote" do
11
+ optional :title, :string, 1
12
+ optional :short_description, :string, 2
13
+ optional :long_description, :string, 3
14
+ optional :language_code, :string, 4
15
+ optional :publisher, :message, 5, "grafeas.v1.VulnerabilityAssessmentNote.Publisher"
16
+ optional :product, :message, 6, "grafeas.v1.VulnerabilityAssessmentNote.Product"
17
+ optional :assessment, :message, 7, "grafeas.v1.VulnerabilityAssessmentNote.Assessment"
18
+ end
19
+ add_message "grafeas.v1.VulnerabilityAssessmentNote.Publisher" do
20
+ optional :name, :string, 1
21
+ optional :issuing_authority, :string, 2
22
+ optional :publisher_namespace, :string, 3
23
+ end
24
+ add_message "grafeas.v1.VulnerabilityAssessmentNote.Product" do
25
+ optional :name, :string, 1
26
+ optional :id, :string, 2
27
+ oneof :identifier do
28
+ optional :generic_uri, :string, 3
29
+ end
30
+ end
31
+ add_message "grafeas.v1.VulnerabilityAssessmentNote.Assessment" do
32
+ optional :cve, :string, 1
33
+ optional :short_description, :string, 2
34
+ optional :long_description, :string, 3
35
+ repeated :related_uris, :message, 4, "grafeas.v1.RelatedUrl"
36
+ optional :state, :enum, 5, "grafeas.v1.VulnerabilityAssessmentNote.Assessment.State"
37
+ repeated :impacts, :string, 6
38
+ optional :justification, :message, 7, "grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification"
39
+ repeated :remediations, :message, 8, "grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation"
40
+ end
41
+ add_message "grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification" do
42
+ optional :justification_type, :enum, 1, "grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType"
43
+ optional :details, :string, 2
44
+ end
45
+ add_enum "grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType" do
46
+ value :JUSTIFICATION_TYPE_UNSPECIFIED, 0
47
+ value :COMPONENT_NOT_PRESENT, 1
48
+ value :VULNERABLE_CODE_NOT_PRESENT, 2
49
+ value :VULNERABLE_CODE_NOT_IN_EXECUTE_PATH, 3
50
+ value :VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY, 4
51
+ value :INLINE_MITIGATIONS_ALREADY_EXIST, 5
52
+ end
53
+ add_message "grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation" do
54
+ optional :remediation_type, :enum, 1, "grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType"
55
+ optional :details, :string, 2
56
+ optional :remediation_uri, :message, 3, "grafeas.v1.RelatedUrl"
57
+ end
58
+ add_enum "grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType" do
59
+ value :REMEDIATION_TYPE_UNSPECIFIED, 0
60
+ value :MITIGATION, 1
61
+ value :NO_FIX_PLANNED, 2
62
+ value :NONE_AVAILABLE, 3
63
+ value :VENDOR_FIX, 4
64
+ value :WORKAROUND, 5
65
+ end
66
+ add_enum "grafeas.v1.VulnerabilityAssessmentNote.Assessment.State" do
67
+ value :STATE_UNSPECIFIED, 0
68
+ value :AFFECTED, 1
69
+ value :NOT_AFFECTED, 2
70
+ value :FIXED, 3
71
+ value :UNDER_INVESTIGATION, 4
72
+ end
73
+ end
74
+ end
75
+
76
+ module Grafeas
77
+ module V1
78
+ VulnerabilityAssessmentNote = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityAssessmentNote").msgclass
79
+ VulnerabilityAssessmentNote::Publisher = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityAssessmentNote.Publisher").msgclass
80
+ VulnerabilityAssessmentNote::Product = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityAssessmentNote.Product").msgclass
81
+ VulnerabilityAssessmentNote::Assessment = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityAssessmentNote.Assessment").msgclass
82
+ VulnerabilityAssessmentNote::Assessment::Justification = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification").msgclass
83
+ VulnerabilityAssessmentNote::Assessment::Justification::JustificationType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType").enummodule
84
+ VulnerabilityAssessmentNote::Assessment::Remediation = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation").msgclass
85
+ VulnerabilityAssessmentNote::Assessment::Remediation::RemediationType = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType").enummodule
86
+ VulnerabilityAssessmentNote::Assessment::State = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityAssessmentNote.Assessment.State").enummodule
87
+ end
88
+ end
@@ -9,6 +9,7 @@ require 'grafeas/v1/common_pb'
9
9
  require 'grafeas/v1/cvss_pb'
10
10
  require 'grafeas/v1/package_pb'
11
11
  require 'grafeas/v1/severity_pb'
12
+ require 'grafeas/v1/vex_pb'
12
13
 
13
14
  Google::Protobuf::DescriptorPool.generated_pool.build do
14
15
  add_file("grafeas/v1/vulnerability.proto", :syntax => :proto3) do
@@ -20,6 +21,7 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
20
21
  repeated :windows_details, :message, 5, "grafeas.v1.VulnerabilityNote.WindowsDetail"
21
22
  optional :source_update_time, :message, 6, "google.protobuf.Timestamp"
22
23
  optional :cvss_version, :enum, 7, "grafeas.v1.CVSSVersion"
24
+ optional :cvss_v2, :message, 8, "grafeas.v1.CVSS"
23
25
  end
24
26
  add_message "grafeas.v1.VulnerabilityNote.Detail" do
25
27
  optional :severity_name, :string, 1
@@ -59,6 +61,8 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
59
61
  optional :effective_severity, :enum, 8, "grafeas.v1.Severity"
60
62
  optional :fix_available, :bool, 9
61
63
  optional :cvss_version, :enum, 11, "grafeas.v1.CVSSVersion"
64
+ optional :cvss_v2, :message, 12, "grafeas.v1.CVSS"
65
+ optional :vex_assessment, :message, 13, "grafeas.v1.VulnerabilityOccurrence.VexAssessment"
62
66
  end
63
67
  add_message "grafeas.v1.VulnerabilityOccurrence.PackageIssue" do
64
68
  optional :affected_cpe_uri, :string, 1
@@ -72,6 +76,15 @@ Google::Protobuf::DescriptorPool.generated_pool.build do
72
76
  optional :effective_severity, :enum, 9, "grafeas.v1.Severity"
73
77
  repeated :file_location, :message, 10, "grafeas.v1.FileLocation"
74
78
  end
79
+ add_message "grafeas.v1.VulnerabilityOccurrence.VexAssessment" do
80
+ optional :cve, :string, 1
81
+ repeated :related_uris, :message, 2, "grafeas.v1.RelatedUrl"
82
+ optional :note_name, :string, 3
83
+ optional :state, :enum, 4, "grafeas.v1.VulnerabilityAssessmentNote.Assessment.State"
84
+ repeated :impacts, :string, 5
85
+ repeated :remediations, :message, 6, "grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation"
86
+ optional :justification, :message, 7, "grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification"
87
+ end
75
88
  end
76
89
  end
77
90
 
@@ -83,5 +96,6 @@ module Grafeas
83
96
  VulnerabilityNote::WindowsDetail::KnowledgeBase = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityNote.WindowsDetail.KnowledgeBase").msgclass
84
97
  VulnerabilityOccurrence = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityOccurrence").msgclass
85
98
  VulnerabilityOccurrence::PackageIssue = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityOccurrence.PackageIssue").msgclass
99
+ VulnerabilityOccurrence::VexAssessment = ::Google::Protobuf::DescriptorPool.generated_pool.lookup("grafeas.v1.VulnerabilityOccurrence.VexAssessment").msgclass
86
100
  end
87
101
  end
data/lib/grafeas/v1.rb CHANGED
@@ -21,9 +21,9 @@ require "grafeas/v1/version"
21
21
 
22
22
  module Grafeas
23
23
  ##
24
- # To load this package, including all its services, and instantiate a client:
24
+ # API client module.
25
25
  #
26
- # @example
26
+ # @example Load this package, including all its services, and instantiate a gRPC client
27
27
  #
28
28
  # require "grafeas/v1"
29
29
  # client = ::Grafeas::V1::Grafeas::Client.new
@@ -0,0 +1,318 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Api
22
+ # Required information for every language.
23
+ # @!attribute [rw] reference_docs_uri
24
+ # @return [::String]
25
+ # Link to automatically generated reference documentation. Example:
26
+ # https://cloud.google.com/nodejs/docs/reference/asset/latest
27
+ # @!attribute [rw] destinations
28
+ # @return [::Array<::Google::Api::ClientLibraryDestination>]
29
+ # The destination where API teams want this client library to be published.
30
+ class CommonLanguageSettings
31
+ include ::Google::Protobuf::MessageExts
32
+ extend ::Google::Protobuf::MessageExts::ClassMethods
33
+ end
34
+
35
+ # Details about how and where to publish client libraries.
36
+ # @!attribute [rw] version
37
+ # @return [::String]
38
+ # Version of the API to apply these settings to.
39
+ # @!attribute [rw] launch_stage
40
+ # @return [::Google::Api::LaunchStage]
41
+ # Launch stage of this version of the API.
42
+ # @!attribute [rw] rest_numeric_enums
43
+ # @return [::Boolean]
44
+ # When using transport=rest, the client request will encode enums as
45
+ # numbers rather than strings.
46
+ # @!attribute [rw] java_settings
47
+ # @return [::Google::Api::JavaSettings]
48
+ # Settings for legacy Java features, supported in the Service YAML.
49
+ # @!attribute [rw] cpp_settings
50
+ # @return [::Google::Api::CppSettings]
51
+ # Settings for C++ client libraries.
52
+ # @!attribute [rw] php_settings
53
+ # @return [::Google::Api::PhpSettings]
54
+ # Settings for PHP client libraries.
55
+ # @!attribute [rw] python_settings
56
+ # @return [::Google::Api::PythonSettings]
57
+ # Settings for Python client libraries.
58
+ # @!attribute [rw] node_settings
59
+ # @return [::Google::Api::NodeSettings]
60
+ # Settings for Node client libraries.
61
+ # @!attribute [rw] dotnet_settings
62
+ # @return [::Google::Api::DotnetSettings]
63
+ # Settings for .NET client libraries.
64
+ # @!attribute [rw] ruby_settings
65
+ # @return [::Google::Api::RubySettings]
66
+ # Settings for Ruby client libraries.
67
+ # @!attribute [rw] go_settings
68
+ # @return [::Google::Api::GoSettings]
69
+ # Settings for Go client libraries.
70
+ class ClientLibrarySettings
71
+ include ::Google::Protobuf::MessageExts
72
+ extend ::Google::Protobuf::MessageExts::ClassMethods
73
+ end
74
+
75
+ # This message configures the settings for publishing [Google Cloud Client
76
+ # libraries](https://cloud.google.com/apis/docs/cloud-client-libraries)
77
+ # generated from the service config.
78
+ # @!attribute [rw] method_settings
79
+ # @return [::Array<::Google::Api::MethodSettings>]
80
+ # A list of API method settings, e.g. the behavior for methods that use the
81
+ # long-running operation pattern.
82
+ # @!attribute [rw] new_issue_uri
83
+ # @return [::String]
84
+ # Link to a place that API users can report issues. Example:
85
+ # https://issuetracker.google.com/issues/new?component=190865&template=1161103
86
+ # @!attribute [rw] documentation_uri
87
+ # @return [::String]
88
+ # Link to product home page. Example:
89
+ # https://cloud.google.com/asset-inventory/docs/overview
90
+ # @!attribute [rw] api_short_name
91
+ # @return [::String]
92
+ # Used as a tracking tag when collecting data about the APIs developer
93
+ # relations artifacts like docs, packages delivered to package managers,
94
+ # etc. Example: "speech".
95
+ # @!attribute [rw] github_label
96
+ # @return [::String]
97
+ # GitHub label to apply to issues and pull requests opened for this API.
98
+ # @!attribute [rw] codeowner_github_teams
99
+ # @return [::Array<::String>]
100
+ # GitHub teams to be added to CODEOWNERS in the directory in GitHub
101
+ # containing source code for the client libraries for this API.
102
+ # @!attribute [rw] doc_tag_prefix
103
+ # @return [::String]
104
+ # A prefix used in sample code when demarking regions to be included in
105
+ # documentation.
106
+ # @!attribute [rw] organization
107
+ # @return [::Google::Api::ClientLibraryOrganization]
108
+ # For whom the client library is being published.
109
+ # @!attribute [rw] library_settings
110
+ # @return [::Array<::Google::Api::ClientLibrarySettings>]
111
+ # Client library settings. If the same version string appears multiple
112
+ # times in this list, then the last one wins. Settings from earlier
113
+ # settings with the same version string are discarded.
114
+ class Publishing
115
+ include ::Google::Protobuf::MessageExts
116
+ extend ::Google::Protobuf::MessageExts::ClassMethods
117
+ end
118
+
119
+ # Settings for Java client libraries.
120
+ # @!attribute [rw] library_package
121
+ # @return [::String]
122
+ # The package name to use in Java. Clobbers the java_package option
123
+ # set in the protobuf. This should be used **only** by APIs
124
+ # who have already set the language_settings.java.package_name" field
125
+ # in gapic.yaml. API teams should use the protobuf java_package option
126
+ # where possible.
127
+ #
128
+ # Example of a YAML configuration::
129
+ #
130
+ # publishing:
131
+ # java_settings:
132
+ # library_package: com.google.cloud.pubsub.v1
133
+ # @!attribute [rw] service_class_names
134
+ # @return [::Google::Protobuf::Map{::String => ::String}]
135
+ # Configure the Java class name to use instead of the service's for its
136
+ # corresponding generated GAPIC client. Keys are fully-qualified
137
+ # service names as they appear in the protobuf (including the full
138
+ # the language_settings.java.interface_names" field in gapic.yaml. API
139
+ # teams should otherwise use the service name as it appears in the
140
+ # protobuf.
141
+ #
142
+ # Example of a YAML configuration::
143
+ #
144
+ # publishing:
145
+ # java_settings:
146
+ # service_class_names:
147
+ # - google.pubsub.v1.Publisher: TopicAdmin
148
+ # - google.pubsub.v1.Subscriber: SubscriptionAdmin
149
+ # @!attribute [rw] common
150
+ # @return [::Google::Api::CommonLanguageSettings]
151
+ # Some settings.
152
+ class JavaSettings
153
+ include ::Google::Protobuf::MessageExts
154
+ extend ::Google::Protobuf::MessageExts::ClassMethods
155
+
156
+ # @!attribute [rw] key
157
+ # @return [::String]
158
+ # @!attribute [rw] value
159
+ # @return [::String]
160
+ class ServiceClassNamesEntry
161
+ include ::Google::Protobuf::MessageExts
162
+ extend ::Google::Protobuf::MessageExts::ClassMethods
163
+ end
164
+ end
165
+
166
+ # Settings for C++ client libraries.
167
+ # @!attribute [rw] common
168
+ # @return [::Google::Api::CommonLanguageSettings]
169
+ # Some settings.
170
+ class CppSettings
171
+ include ::Google::Protobuf::MessageExts
172
+ extend ::Google::Protobuf::MessageExts::ClassMethods
173
+ end
174
+
175
+ # Settings for Php client libraries.
176
+ # @!attribute [rw] common
177
+ # @return [::Google::Api::CommonLanguageSettings]
178
+ # Some settings.
179
+ class PhpSettings
180
+ include ::Google::Protobuf::MessageExts
181
+ extend ::Google::Protobuf::MessageExts::ClassMethods
182
+ end
183
+
184
+ # Settings for Python client libraries.
185
+ # @!attribute [rw] common
186
+ # @return [::Google::Api::CommonLanguageSettings]
187
+ # Some settings.
188
+ class PythonSettings
189
+ include ::Google::Protobuf::MessageExts
190
+ extend ::Google::Protobuf::MessageExts::ClassMethods
191
+ end
192
+
193
+ # Settings for Node client libraries.
194
+ # @!attribute [rw] common
195
+ # @return [::Google::Api::CommonLanguageSettings]
196
+ # Some settings.
197
+ class NodeSettings
198
+ include ::Google::Protobuf::MessageExts
199
+ extend ::Google::Protobuf::MessageExts::ClassMethods
200
+ end
201
+
202
+ # Settings for Dotnet client libraries.
203
+ # @!attribute [rw] common
204
+ # @return [::Google::Api::CommonLanguageSettings]
205
+ # Some settings.
206
+ class DotnetSettings
207
+ include ::Google::Protobuf::MessageExts
208
+ extend ::Google::Protobuf::MessageExts::ClassMethods
209
+ end
210
+
211
+ # Settings for Ruby client libraries.
212
+ # @!attribute [rw] common
213
+ # @return [::Google::Api::CommonLanguageSettings]
214
+ # Some settings.
215
+ class RubySettings
216
+ include ::Google::Protobuf::MessageExts
217
+ extend ::Google::Protobuf::MessageExts::ClassMethods
218
+ end
219
+
220
+ # Settings for Go client libraries.
221
+ # @!attribute [rw] common
222
+ # @return [::Google::Api::CommonLanguageSettings]
223
+ # Some settings.
224
+ class GoSettings
225
+ include ::Google::Protobuf::MessageExts
226
+ extend ::Google::Protobuf::MessageExts::ClassMethods
227
+ end
228
+
229
+ # Describes the generator configuration for a method.
230
+ # @!attribute [rw] selector
231
+ # @return [::String]
232
+ # The fully qualified name of the method, for which the options below apply.
233
+ # This is used to find the method to apply the options.
234
+ # @!attribute [rw] long_running
235
+ # @return [::Google::Api::MethodSettings::LongRunning]
236
+ # Describes settings to use for long-running operations when generating
237
+ # API methods for RPCs. Complements RPCs that use the annotations in
238
+ # google/longrunning/operations.proto.
239
+ #
240
+ # Example of a YAML configuration::
241
+ #
242
+ # publishing:
243
+ # method_behavior:
244
+ # - selector: CreateAdDomain
245
+ # long_running:
246
+ # initial_poll_delay:
247
+ # seconds: 60 # 1 minute
248
+ # poll_delay_multiplier: 1.5
249
+ # max_poll_delay:
250
+ # seconds: 360 # 6 minutes
251
+ # total_poll_timeout:
252
+ # seconds: 54000 # 90 minutes
253
+ class MethodSettings
254
+ include ::Google::Protobuf::MessageExts
255
+ extend ::Google::Protobuf::MessageExts::ClassMethods
256
+
257
+ # Describes settings to use when generating API methods that use the
258
+ # long-running operation pattern.
259
+ # All default values below are from those used in the client library
260
+ # generators (e.g.
261
+ # [Java](https://github.com/googleapis/gapic-generator-java/blob/04c2faa191a9b5a10b92392fe8482279c4404803/src/main/java/com/google/api/generator/gapic/composer/common/RetrySettingsComposer.java)).
262
+ # @!attribute [rw] initial_poll_delay
263
+ # @return [::Google::Protobuf::Duration]
264
+ # Initial delay after which the first poll request will be made.
265
+ # Default value: 5 seconds.
266
+ # @!attribute [rw] poll_delay_multiplier
267
+ # @return [::Float]
268
+ # Multiplier to gradually increase delay between subsequent polls until it
269
+ # reaches max_poll_delay.
270
+ # Default value: 1.5.
271
+ # @!attribute [rw] max_poll_delay
272
+ # @return [::Google::Protobuf::Duration]
273
+ # Maximum time between two subsequent poll requests.
274
+ # Default value: 45 seconds.
275
+ # @!attribute [rw] total_poll_timeout
276
+ # @return [::Google::Protobuf::Duration]
277
+ # Total polling timeout.
278
+ # Default value: 5 minutes.
279
+ class LongRunning
280
+ include ::Google::Protobuf::MessageExts
281
+ extend ::Google::Protobuf::MessageExts::ClassMethods
282
+ end
283
+ end
284
+
285
+ # The organization for which the client libraries are being published.
286
+ # Affects the url where generated docs are published, etc.
287
+ module ClientLibraryOrganization
288
+ # Not useful.
289
+ CLIENT_LIBRARY_ORGANIZATION_UNSPECIFIED = 0
290
+
291
+ # Google Cloud Platform Org.
292
+ CLOUD = 1
293
+
294
+ # Ads (Advertising) Org.
295
+ ADS = 2
296
+
297
+ # Photos Org.
298
+ PHOTOS = 3
299
+
300
+ # Street View Org.
301
+ STREET_VIEW = 4
302
+ end
303
+
304
+ # To where should client libraries be published?
305
+ module ClientLibraryDestination
306
+ # Client libraries will neither be generated nor published to package
307
+ # managers.
308
+ CLIENT_LIBRARY_DESTINATION_UNSPECIFIED = 0
309
+
310
+ # Generate the client library in a repo under github.com/googleapis,
311
+ # but don't publish it to package managers.
312
+ GITHUB = 10
313
+
314
+ # Publish the library to package managers like nuget.org and npmjs.com.
315
+ PACKAGE_MANAGER = 20
316
+ end
317
+ end
318
+ end
@@ -0,0 +1,71 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Api
22
+ # The launch stage as defined by [Google Cloud Platform
23
+ # Launch Stages](https://cloud.google.com/terms/launch-stages).
24
+ module LaunchStage
25
+ # Do not use this default value.
26
+ LAUNCH_STAGE_UNSPECIFIED = 0
27
+
28
+ # The feature is not yet implemented. Users can not use it.
29
+ UNIMPLEMENTED = 6
30
+
31
+ # Prelaunch features are hidden from users and are only visible internally.
32
+ PRELAUNCH = 7
33
+
34
+ # Early Access features are limited to a closed group of testers. To use
35
+ # these features, you must sign up in advance and sign a Trusted Tester
36
+ # agreement (which includes confidentiality provisions). These features may
37
+ # be unstable, changed in backward-incompatible ways, and are not
38
+ # guaranteed to be released.
39
+ EARLY_ACCESS = 1
40
+
41
+ # Alpha is a limited availability test for releases before they are cleared
42
+ # for widespread use. By Alpha, all significant design issues are resolved
43
+ # and we are in the process of verifying functionality. Alpha customers
44
+ # need to apply for access, agree to applicable terms, and have their
45
+ # projects allowlisted. Alpha releases don't have to be feature complete,
46
+ # no SLAs are provided, and there are no technical support obligations, but
47
+ # they will be far enough along that customers can actually use them in
48
+ # test environments or for limited-use tests -- just like they would in
49
+ # normal production cases.
50
+ ALPHA = 2
51
+
52
+ # Beta is the point at which we are ready to open a release for any
53
+ # customer to use. There are no SLA or technical support obligations in a
54
+ # Beta release. Products will be complete from a feature perspective, but
55
+ # may have some open outstanding issues. Beta releases are suitable for
56
+ # limited production use cases.
57
+ BETA = 3
58
+
59
+ # GA features are open to all developers and are considered stable and
60
+ # fully qualified for production use.
61
+ GA = 4
62
+
63
+ # Deprecated features are scheduled to be shut down and removed. For more
64
+ # information, see the "Deprecation Policy" section of our [Terms of
65
+ # Service](https://cloud.google.com/terms/)
66
+ # and the [Google Cloud Platform Subject to the Deprecation
67
+ # Policy](https://cloud.google.com/terms/deprecation) documentation.
68
+ DEPRECATED = 5
69
+ end
70
+ end
71
+ end
@@ -0,0 +1,98 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2022 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Google
21
+ module Protobuf
22
+ # A Duration represents a signed, fixed-length span of time represented
23
+ # as a count of seconds and fractions of seconds at nanosecond
24
+ # resolution. It is independent of any calendar and concepts like "day"
25
+ # or "month". It is related to Timestamp in that the difference between
26
+ # two Timestamp values is a Duration and it can be added or subtracted
27
+ # from a Timestamp. Range is approximately +-10,000 years.
28
+ #
29
+ # # Examples
30
+ #
31
+ # Example 1: Compute Duration from two Timestamps in pseudo code.
32
+ #
33
+ # Timestamp start = ...;
34
+ # Timestamp end = ...;
35
+ # Duration duration = ...;
36
+ #
37
+ # duration.seconds = end.seconds - start.seconds;
38
+ # duration.nanos = end.nanos - start.nanos;
39
+ #
40
+ # if (duration.seconds < 0 && duration.nanos > 0) {
41
+ # duration.seconds += 1;
42
+ # duration.nanos -= 1000000000;
43
+ # } else if (duration.seconds > 0 && duration.nanos < 0) {
44
+ # duration.seconds -= 1;
45
+ # duration.nanos += 1000000000;
46
+ # }
47
+ #
48
+ # Example 2: Compute Timestamp from Timestamp + Duration in pseudo code.
49
+ #
50
+ # Timestamp start = ...;
51
+ # Duration duration = ...;
52
+ # Timestamp end = ...;
53
+ #
54
+ # end.seconds = start.seconds + duration.seconds;
55
+ # end.nanos = start.nanos + duration.nanos;
56
+ #
57
+ # if (end.nanos < 0) {
58
+ # end.seconds -= 1;
59
+ # end.nanos += 1000000000;
60
+ # } else if (end.nanos >= 1000000000) {
61
+ # end.seconds += 1;
62
+ # end.nanos -= 1000000000;
63
+ # }
64
+ #
65
+ # Example 3: Compute Duration from datetime.timedelta in Python.
66
+ #
67
+ # td = datetime.timedelta(days=3, minutes=10)
68
+ # duration = Duration()
69
+ # duration.FromTimedelta(td)
70
+ #
71
+ # # JSON Mapping
72
+ #
73
+ # In JSON format, the Duration type is encoded as a string rather than an
74
+ # object, where the string ends in the suffix "s" (indicating seconds) and
75
+ # is preceded by the number of seconds, with nanoseconds expressed as
76
+ # fractional seconds. For example, 3 seconds with 0 nanoseconds should be
77
+ # encoded in JSON format as "3s", while 3 seconds and 1 nanosecond should
78
+ # be expressed in JSON format as "3.000000001s", and 3 seconds and 1
79
+ # microsecond should be expressed in JSON format as "3.000001s".
80
+ # @!attribute [rw] seconds
81
+ # @return [::Integer]
82
+ # Signed seconds of the span of time. Must be from -315,576,000,000
83
+ # to +315,576,000,000 inclusive. Note: these bounds are computed from:
84
+ # 60 sec/min * 60 min/hr * 24 hr/day * 365.25 days/year * 10000 years
85
+ # @!attribute [rw] nanos
86
+ # @return [::Integer]
87
+ # Signed fractions of a second at nanosecond resolution of the span
88
+ # of time. Durations less than one second are represented with a 0
89
+ # `seconds` field and a positive or negative `nanos` field. For durations
90
+ # of one second or more, a non-zero value for the `nanos` field must be
91
+ # of the same sign as the `seconds` field. Must be from -999,999,999
92
+ # to +999,999,999 inclusive.
93
+ class Duration
94
+ include ::Google::Protobuf::MessageExts
95
+ extend ::Google::Protobuf::MessageExts::ClassMethods
96
+ end
97
+ end
98
+ end
@@ -28,12 +28,14 @@ module Google
28
28
  # [API Design Guide](https://cloud.google.com/apis/design/errors).
29
29
  # @!attribute [rw] code
30
30
  # @return [::Integer]
31
- # The status code, which should be an enum value of [google.rpc.Code][google.rpc.Code].
31
+ # The status code, which should be an enum value of
32
+ # [google.rpc.Code][google.rpc.Code].
32
33
  # @!attribute [rw] message
33
34
  # @return [::String]
34
35
  # A developer-facing error message, which should be in English. Any
35
36
  # user-facing error message should be localized and sent in the
36
- # {::Google::Rpc::Status#details google.rpc.Status.details} field, or localized by the client.
37
+ # {::Google::Rpc::Status#details google.rpc.Status.details} field, or localized
38
+ # by the client.
37
39
  # @!attribute [rw] details
38
40
  # @return [::Array<::Google::Protobuf::Any>]
39
41
  # A list of messages that carry the error details. There is a common set of
@@ -180,6 +180,9 @@ module Grafeas
180
180
 
181
181
  # This represents a DSSE attestation Note
182
182
  DSSE_ATTESTATION = 10
183
+
184
+ # This represents a Vulnerability Assessment.
185
+ VULNERABILITY_ASSESSMENT = 11
183
186
  end
184
187
  end
185
188
  end
@@ -148,6 +148,9 @@ module Grafeas
148
148
  # @!attribute [rw] dsse_attestation
149
149
  # @return [::Grafeas::V1::DSSEAttestationNote]
150
150
  # A note describing a dsse attestation note.
151
+ # @!attribute [rw] vulnerability_assessment
152
+ # @return [::Grafeas::V1::VulnerabilityAssessmentNote]
153
+ # A note describing a vulnerability assessment.
151
154
  class Note
152
155
  include ::Google::Protobuf::MessageExts
153
156
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -0,0 +1,231 @@
1
+ # frozen_string_literal: true
2
+
3
+ # Copyright 2023 Google LLC
4
+ #
5
+ # Licensed under the Apache License, Version 2.0 (the "License");
6
+ # you may not use this file except in compliance with the License.
7
+ # You may obtain a copy of the License at
8
+ #
9
+ # https://www.apache.org/licenses/LICENSE-2.0
10
+ #
11
+ # Unless required by applicable law or agreed to in writing, software
12
+ # distributed under the License is distributed on an "AS IS" BASIS,
13
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14
+ # See the License for the specific language governing permissions and
15
+ # limitations under the License.
16
+
17
+ # Auto-generated by gapic-generator-ruby. DO NOT EDIT!
18
+
19
+
20
+ module Grafeas
21
+ module V1
22
+ # A single VulnerabilityAssessmentNote represents
23
+ # one particular product's vulnerability assessment for one CVE.
24
+ # @!attribute [rw] title
25
+ # @return [::String]
26
+ # The title of the note. E.g. `Vex-Debian-11.4`
27
+ # @!attribute [rw] short_description
28
+ # @return [::String]
29
+ # A one sentence description of this Vex.
30
+ # @!attribute [rw] long_description
31
+ # @return [::String]
32
+ # A detailed description of this Vex.
33
+ # @!attribute [rw] language_code
34
+ # @return [::String]
35
+ # Identifies the language used by this document,
36
+ # corresponding to IETF BCP 47 / RFC 5646.
37
+ # @!attribute [rw] publisher
38
+ # @return [::Grafeas::V1::VulnerabilityAssessmentNote::Publisher]
39
+ # Publisher details of this Note.
40
+ # @!attribute [rw] product
41
+ # @return [::Grafeas::V1::VulnerabilityAssessmentNote::Product]
42
+ # The product affected by this vex.
43
+ # @!attribute [rw] assessment
44
+ # @return [::Grafeas::V1::VulnerabilityAssessmentNote::Assessment]
45
+ # Represents a vulnerability assessment for the product.
46
+ class VulnerabilityAssessmentNote
47
+ include ::Google::Protobuf::MessageExts
48
+ extend ::Google::Protobuf::MessageExts::ClassMethods
49
+
50
+ # Publisher contains information about the publisher of
51
+ # this Note.
52
+ # (-- api-linter: core::0123::resource-annotation=disabled
53
+ # aip.dev/not-precedent: Publisher is not a separate resource. --)
54
+ # @!attribute [rw] name
55
+ # @return [::String]
56
+ # Name of the publisher.
57
+ # Examples: 'Google', 'Google Cloud Platform'.
58
+ # @!attribute [rw] issuing_authority
59
+ # @return [::String]
60
+ # Provides information about the authority of the issuing party to
61
+ # release the document, in particular, the party's constituency and
62
+ # responsibilities or other obligations.
63
+ # @!attribute [rw] publisher_namespace
64
+ # @return [::String]
65
+ # The context or namespace.
66
+ # Contains a URL which is under control of the issuing party and can
67
+ # be used as a globally unique identifier for that issuing party.
68
+ # Example: https://csaf.io
69
+ class Publisher
70
+ include ::Google::Protobuf::MessageExts
71
+ extend ::Google::Protobuf::MessageExts::ClassMethods
72
+ end
73
+
74
+ # Product contains information about a product and how to uniquely identify
75
+ # it.
76
+ # (-- api-linter: core::0123::resource-annotation=disabled
77
+ # aip.dev/not-precedent: Product is not a separate resource. --)
78
+ # @!attribute [rw] name
79
+ # @return [::String]
80
+ # Name of the product.
81
+ # @!attribute [rw] id
82
+ # @return [::String]
83
+ # Token that identifies a product so that it can be referred to from other
84
+ # parts in the document. There is no predefined format as long as it
85
+ # uniquely identifies a group in the context of the current document.
86
+ # @!attribute [rw] generic_uri
87
+ # @return [::String]
88
+ # Contains a URI which is vendor-specific.
89
+ # Example: The artifact repository URL of an image.
90
+ class Product
91
+ include ::Google::Protobuf::MessageExts
92
+ extend ::Google::Protobuf::MessageExts::ClassMethods
93
+ end
94
+
95
+ # Assessment provides all information that is related to a single
96
+ # vulnerability for this product.
97
+ # @!attribute [rw] cve
98
+ # @return [::String]
99
+ # Holds the MITRE standard Common Vulnerabilities and Exposures (CVE)
100
+ # tracking number for the vulnerability.
101
+ # @!attribute [rw] short_description
102
+ # @return [::String]
103
+ # A one sentence description of this Vex.
104
+ # @!attribute [rw] long_description
105
+ # @return [::String]
106
+ # A detailed description of this Vex.
107
+ # @!attribute [rw] related_uris
108
+ # @return [::Array<::Grafeas::V1::RelatedUrl>]
109
+ # Holds a list of references associated with this vulnerability item and
110
+ # assessment. These uris have additional information about the
111
+ # vulnerability and the assessment itself. E.g. Link to a document which
112
+ # details how this assessment concluded the state of this vulnerability.
113
+ # @!attribute [rw] state
114
+ # @return [::Grafeas::V1::VulnerabilityAssessmentNote::Assessment::State]
115
+ # Provides the state of this Vulnerability assessment.
116
+ # @!attribute [rw] impacts
117
+ # @return [::Array<::String>]
118
+ # Contains information about the impact of this vulnerability,
119
+ # this will change with time.
120
+ # @!attribute [rw] justification
121
+ # @return [::Grafeas::V1::VulnerabilityAssessmentNote::Assessment::Justification]
122
+ # Justification provides the justification when the state of the
123
+ # assessment if NOT_AFFECTED.
124
+ # @!attribute [rw] remediations
125
+ # @return [::Array<::Grafeas::V1::VulnerabilityAssessmentNote::Assessment::Remediation>]
126
+ # Specifies details on how to handle (and presumably, fix) a vulnerability.
127
+ class Assessment
128
+ include ::Google::Protobuf::MessageExts
129
+ extend ::Google::Protobuf::MessageExts::ClassMethods
130
+
131
+ # Justification provides the justification when the state of the
132
+ # assessment if NOT_AFFECTED.
133
+ # @!attribute [rw] justification_type
134
+ # @return [::Grafeas::V1::VulnerabilityAssessmentNote::Assessment::Justification::JustificationType]
135
+ # The justification type for this vulnerability.
136
+ # @!attribute [rw] details
137
+ # @return [::String]
138
+ # Additional details on why this justification was chosen.
139
+ class Justification
140
+ include ::Google::Protobuf::MessageExts
141
+ extend ::Google::Protobuf::MessageExts::ClassMethods
142
+
143
+ # Provides the type of justification.
144
+ module JustificationType
145
+ # JUSTIFICATION_TYPE_UNSPECIFIED.
146
+ JUSTIFICATION_TYPE_UNSPECIFIED = 0
147
+
148
+ # The vulnerable component is not present in the product.
149
+ COMPONENT_NOT_PRESENT = 1
150
+
151
+ # The vulnerable code is not present. Typically this case
152
+ # occurs when source code is configured or built in a way that excludes
153
+ # the vulnerable code.
154
+ VULNERABLE_CODE_NOT_PRESENT = 2
155
+
156
+ # The vulnerable code can not be executed.
157
+ # Typically this case occurs when the product includes the vulnerable
158
+ # code but does not call or use the vulnerable code.
159
+ VULNERABLE_CODE_NOT_IN_EXECUTE_PATH = 3
160
+
161
+ # The vulnerable code cannot be controlled by an attacker to exploit
162
+ # the vulnerability.
163
+ VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY = 4
164
+
165
+ # The product includes built-in protections or features that prevent
166
+ # exploitation of the vulnerability. These built-in protections cannot
167
+ # be subverted by the attacker and cannot be configured or disabled by
168
+ # the user. These mitigations completely prevent exploitation based on
169
+ # known attack vectors.
170
+ INLINE_MITIGATIONS_ALREADY_EXIST = 5
171
+ end
172
+ end
173
+
174
+ # Specifies details on how to handle (and presumably, fix) a vulnerability.
175
+ # @!attribute [rw] remediation_type
176
+ # @return [::Grafeas::V1::VulnerabilityAssessmentNote::Assessment::Remediation::RemediationType]
177
+ # The type of remediation that can be applied.
178
+ # @!attribute [rw] details
179
+ # @return [::String]
180
+ # Contains a comprehensive human-readable discussion of the remediation.
181
+ # @!attribute [rw] remediation_uri
182
+ # @return [::Grafeas::V1::RelatedUrl]
183
+ # Contains the URL where to obtain the remediation.
184
+ class Remediation
185
+ include ::Google::Protobuf::MessageExts
186
+ extend ::Google::Protobuf::MessageExts::ClassMethods
187
+
188
+ # The type of remediation that can be applied.
189
+ module RemediationType
190
+ # No remediation type specified.
191
+ REMEDIATION_TYPE_UNSPECIFIED = 0
192
+
193
+ # A MITIGATION is available.
194
+ MITIGATION = 1
195
+
196
+ # No fix is planned.
197
+ NO_FIX_PLANNED = 2
198
+
199
+ # Not available.
200
+ NONE_AVAILABLE = 3
201
+
202
+ # A vendor fix is available.
203
+ VENDOR_FIX = 4
204
+
205
+ # A workaround is available.
206
+ WORKAROUND = 5
207
+ end
208
+ end
209
+
210
+ # Provides the state of this Vulnerability assessment.
211
+ module State
212
+ # No state is specified.
213
+ STATE_UNSPECIFIED = 0
214
+
215
+ # This product is known to be affected by this vulnerability.
216
+ AFFECTED = 1
217
+
218
+ # This product is known to be not affected by this vulnerability.
219
+ NOT_AFFECTED = 2
220
+
221
+ # This product contains a fix for this vulnerability.
222
+ FIXED = 3
223
+
224
+ # It is not known yet whether these versions are or are not affected
225
+ # by the vulnerability. However, it is still under investigation.
226
+ UNDER_INVESTIGATION = 4
227
+ end
228
+ end
229
+ end
230
+ end
231
+ end
@@ -47,6 +47,9 @@ module Grafeas
47
47
  # @!attribute [rw] cvss_version
48
48
  # @return [::Grafeas::V1::CVSSVersion]
49
49
  # CVSS version used to populate cvss_score and severity.
50
+ # @!attribute [rw] cvss_v2
51
+ # @return [::Grafeas::V1::CVSS]
52
+ # The full description of the v2 CVSS for this vulnerability.
50
53
  class VulnerabilityNote
51
54
  include ::Google::Protobuf::MessageExts
52
55
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -205,6 +208,11 @@ module Grafeas
205
208
  # @!attribute [rw] cvss_version
206
209
  # @return [::Grafeas::V1::CVSSVersion]
207
210
  # Output only. CVSS version used to populate cvss_score and severity.
211
+ # @!attribute [rw] cvss_v2
212
+ # @return [::Grafeas::V1::CVSS]
213
+ # The cvss v2 score for the vulnerability.
214
+ # @!attribute [rw] vex_assessment
215
+ # @return [::Grafeas::V1::VulnerabilityOccurrence::VexAssessment]
208
216
  class VulnerabilityOccurrence
209
217
  include ::Google::Protobuf::MessageExts
210
218
  extend ::Google::Protobuf::MessageExts::ClassMethods
@@ -253,6 +261,42 @@ module Grafeas
253
261
  include ::Google::Protobuf::MessageExts
254
262
  extend ::Google::Protobuf::MessageExts::ClassMethods
255
263
  end
264
+
265
+ # VexAssessment provides all publisher provided Vex information that is
266
+ # related to this vulnerability.
267
+ # @!attribute [rw] cve
268
+ # @return [::String]
269
+ # Holds the MITRE standard Common Vulnerabilities and Exposures (CVE)
270
+ # tracking number for the vulnerability.
271
+ # @!attribute [rw] related_uris
272
+ # @return [::Array<::Grafeas::V1::RelatedUrl>]
273
+ # Holds a list of references associated with this vulnerability item and
274
+ # assessment.
275
+ # @!attribute [rw] note_name
276
+ # @return [::String]
277
+ # The VulnerabilityAssessment note from which this VexAssessment was
278
+ # generated.
279
+ # This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`.
280
+ # (-- api-linter: core::0122::name-suffix=disabled
281
+ # aip.dev/not-precedent: The suffix is kept for consistency. --)
282
+ # @!attribute [rw] state
283
+ # @return [::Grafeas::V1::VulnerabilityAssessmentNote::Assessment::State]
284
+ # Provides the state of this Vulnerability assessment.
285
+ # @!attribute [rw] impacts
286
+ # @return [::Array<::String>]
287
+ # Contains information about the impact of this vulnerability,
288
+ # this will change with time.
289
+ # @!attribute [rw] remediations
290
+ # @return [::Array<::Grafeas::V1::VulnerabilityAssessmentNote::Assessment::Remediation>]
291
+ # Specifies details on how to handle (and presumably, fix) a vulnerability.
292
+ # @!attribute [rw] justification
293
+ # @return [::Grafeas::V1::VulnerabilityAssessmentNote::Assessment::Justification]
294
+ # Justification provides the justification when the state of the
295
+ # assessment if NOT_AFFECTED.
296
+ class VexAssessment
297
+ include ::Google::Protobuf::MessageExts
298
+ extend ::Google::Protobuf::MessageExts::ClassMethods
299
+ end
256
300
  end
257
301
  end
258
302
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: grafeas-v1
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.0
4
+ version: 0.9.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Google LLC
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-10-03 00:00:00.000000000 Z
11
+ date: 2023-03-16 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: gapic-common
@@ -16,7 +16,7 @@ dependencies:
16
16
  requirements:
17
17
  - - ">="
18
18
  - !ruby/object:Gem::Version
19
- version: '0.12'
19
+ version: 0.18.0
20
20
  - - "<"
21
21
  - !ruby/object:Gem::Version
22
22
  version: 2.a
@@ -26,7 +26,7 @@ dependencies:
26
26
  requirements:
27
27
  - - ">="
28
28
  - !ruby/object:Gem::Version
29
- version: '0.12'
29
+ version: 0.18.0
30
30
  - - "<"
31
31
  - !ruby/object:Gem::Version
32
32
  version: 2.a
@@ -50,14 +50,14 @@ dependencies:
50
50
  requirements:
51
51
  - - "~>"
52
52
  - !ruby/object:Gem::Version
53
- version: 1.26.1
53
+ version: 1.26.3
54
54
  type: :development
55
55
  prerelease: false
56
56
  version_requirements: !ruby/object:Gem::Requirement
57
57
  requirements:
58
58
  - - "~>"
59
59
  - !ruby/object:Gem::Version
60
- version: 1.26.1
60
+ version: 1.26.3
61
61
  - !ruby/object:Gem::Dependency
62
62
  name: minitest
63
63
  requirement: !ruby/object:Gem::Requirement
@@ -193,11 +193,15 @@ files:
193
193
  - lib/grafeas/v1/slsa_provenance_zero_two_pb.rb
194
194
  - lib/grafeas/v1/upgrade_pb.rb
195
195
  - lib/grafeas/v1/version.rb
196
+ - lib/grafeas/v1/vex_pb.rb
196
197
  - lib/grafeas/v1/vulnerability_pb.rb
197
198
  - proto_docs/README.md
199
+ - proto_docs/google/api/client.rb
198
200
  - proto_docs/google/api/field_behavior.rb
201
+ - proto_docs/google/api/launch_stage.rb
199
202
  - proto_docs/google/api/resource.rb
200
203
  - proto_docs/google/protobuf/any.rb
204
+ - proto_docs/google/protobuf/duration.rb
201
205
  - proto_docs/google/protobuf/empty.rb
202
206
  - proto_docs/google/protobuf/field_mask.rb
203
207
  - proto_docs/google/protobuf/struct.rb
@@ -221,6 +225,7 @@ files:
221
225
  - proto_docs/grafeas/v1/slsa_provenance.rb
222
226
  - proto_docs/grafeas/v1/slsa_provenance_zero_two.rb
223
227
  - proto_docs/grafeas/v1/upgrade.rb
228
+ - proto_docs/grafeas/v1/vex.rb
224
229
  - proto_docs/grafeas/v1/vulnerability.rb
225
230
  homepage: https://github.com/googleapis/google-cloud-ruby
226
231
  licenses:
@@ -241,8 +246,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
241
246
  - !ruby/object:Gem::Version
242
247
  version: '0'
243
248
  requirements: []
244
- rubygems_version: 3.3.14
249
+ rubygems_version: 3.4.2
245
250
  signing_key:
246
251
  specification_version: 4
247
- summary: API Client library for the Grafeas V1 API
252
+ summary: An implementation of the Grafeas API, which stores, and enables querying
253
+ and retrieval of critical metadata about all of your software artifacts.
248
254
  test_files: []