npm - @harnessio/react-ssca-manager-client - Versions diffs - 0.84.24 → 0.84.25 - Mend

@harnessio/react-ssca-manager-client 0.84.24 → 0.84.25

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (82) hide show

package/dist/ssca-manager/src/services/schemas/AiWorkflowExecutionDetailResponse.d.ts CHANGED Viewed

@@ -2,23 +2,33 @@ import type { AffectedArtifactInfo } from '../schemas/AffectedArtifactInfo';
 import type { AiWorkflowTypeEnum } from '../schemas/AiWorkflowTypeEnum';
 import type { AlertContext } from '../schemas/AlertContext';
 import type { AiWorkflowExecutionStatusEnum } from '../schemas/AiWorkflowExecutionStatusEnum';
+import type { AiWorkflowStepExecution } from '../schemas/AiWorkflowStepExecution';
+/**
+ * Workflow-type-aware detail. VULN / ZERO_DAY populate component / cve / alert_context / affected_artifacts; FP_TRIAGE populates target / scan / originating_* / triggering_pipeline_* / agent_results / step_executions. Clients should branch on ai_workflow_type.
+ */
 export interface AiWorkflowExecutionDetailResponse {
     /**
-     * List of artifacts affected by this execution
+     * VULN / ZERO_DAY only — list of artifacts affected by this execution
      */
     affected_artifacts?: AffectedArtifactInfo[];
     /**
-     * Total number of affected artifacts
+     * VULN / ZERO_DAY only — total number of affected artifacts
      */
     affected_targets_count?: number;
+    /**
+     * Free-form result bag from the agent (FP_TRIAGE: targets_triaged, fps_identified)
+     */
+    agent_results?: {
+        [key: string]: any;
+    };
     ai_workflow_type?: AiWorkflowTypeEnum;
     alert_context?: AlertContext;
     /**
-     * Name of the vulnerable component
+     * VULN / ZERO_DAY only — name of the vulnerable component
      */
     component_name?: string;
     /**
-     * Vulnerable version
+     * VULN / ZERO_DAY only — vulnerable version
      */
     component_version?: string;
     /**
@@ -27,7 +37,7 @@ export interface AiWorkflowExecutionDetailResponse {
      */
     created_at?: number;
     /**
-     * CVE identifier
+     * VULN / ZERO_DAY only — CVE identifier
      */
     cve_id?: string;
     /**
@@ -35,41 +45,85 @@ export interface AiWorkflowExecutionDetailResponse {
      */
     duration?: number;
     /**
-     * Unique execution identifier
+     * Stable execution identifier (assigned at creation, never null)
      */
     execution_id?: string;
     /**
-     * Recommended fix version
+     * Short reason supplied when status transitioned to FAILED
+     */
+    failure_reason?: string;
+    /**
+     * VULN / ZERO_DAY only — recommended fix version
      */
     fixed_version?: string;
+    /**
+     * FP_TRIAGE only — number of false positives the agent identified
+     */
+    fps_identified_count?: number;
+    /**
+     * FP_TRIAGE only — org of the originating scan (executes in default/default)
+     */
+    originating_org_identifier?: string;
+    /**
+     * FP_TRIAGE only — project of the originating scan
+     */
+    originating_project_identifier?: string;
+    /**
+     * Harness Pipeline execution ID for deep-linking to PMS; null until PMS assigns
+     */
+    pipeline_execution_id?: string;
     /**
      * Sequential per-account run number
      */
     run_number?: number;
     /**
-     * Vulnerability severity
+     * FP_TRIAGE only — scan-completion source scan identifier (deep-link back to the scan)
+     */
+    scan_id?: string;
+    /**
+     * VULN / ZERO_DAY only — vulnerability severity
      */
     severity?: string;
     /**
-     * Container artifacts skipped (no source repository)
+     * VULN / ZERO_DAY only — container artifacts skipped (no source repository)
      */
     skipped_container_artifacts?: number;
     /**
-     * Artifacts skipped due to missing git metadata
+     * VULN / ZERO_DAY only — artifacts skipped due to missing git metadata
      */
     skipped_no_git_metadata?: number;
     status?: AiWorkflowExecutionStatusEnum;
     /**
-     * Number of distinct repositories affected
+     * Per-step lifecycle log inlined to avoid a second round-trip to GET /steps
+     */
+    step_executions?: AiWorkflowStepExecution[];
+    /**
+     * FP_TRIAGE only — scan target (artifact) identifier (UUID)
+     */
+    target_id?: string;
+    /**
+     * FP_TRIAGE only — human-readable artifact name
+     */
+    target_name?: string;
+    /**
+     * VULN / ZERO_DAY only — number of distinct repositories affected
      */
     total_repositories?: number;
     /**
-     * Manual for user-triggered, Zero-Day for batch-triggered
+     * Manual for user-triggered, Zero-Day for batch-triggered, Scan-Completion for scan-completion-triggered (e.g. FP Triage)
      */
-    trigger_type?: 'Manual' | 'Zero-Day';
+    trigger_type?: 'Manual' | 'Scan-Completion' | 'Zero-Day';
     /**
      * Epoch ms when the execution was triggered
      * @format int64
      */
     triggered_at?: number;
+    /**
+     * FP_TRIAGE only — pipeline execution id of the scan that produced this triage
+     */
+    triggering_pipeline_execution_id?: string;
+    /**
+     * FP_TRIAGE only — pipeline identifier of the scan that produced this triage
+     */
+    triggering_pipeline_id?: string;
 }

package/dist/ssca-manager/src/services/schemas/AiWorkflowExecutionSummary.d.ts CHANGED Viewed

@@ -1,17 +1,20 @@
 import type { AiWorkflowTypeEnum } from '../schemas/AiWorkflowTypeEnum';
 import type { AiWorkflowExecutionStatusEnum } from '../schemas/AiWorkflowExecutionStatusEnum';
+/**
+ * Workflow-type-aware row shape. VULN / ZERO_DAY populate component / cve fields; FP_TRIAGE populates target_id / target_name / fps_identified_count. Clients should branch on ai_workflow_type.
+ */
 export interface AiWorkflowExecutionSummary {
     /**
-     * Number of affected repositories/artifacts
+     * VULN / ZERO_DAY only — number of affected repositories / artifacts
      */
     affected_targets_count?: number;
     ai_workflow_type?: AiWorkflowTypeEnum;
     /**
-     * Human-readable component name
+     * VULN / ZERO_DAY only — human-readable component name
      */
     component_name?: string;
     /**
-     * Vulnerable version
+     * VULN / ZERO_DAY only — vulnerable version
      */
     component_version?: string;
     /**
@@ -20,7 +23,7 @@ export interface AiWorkflowExecutionSummary {
      */
     created_at?: number;
     /**
-     * CVE identifier
+     * VULN / ZERO_DAY only — CVE identifier
      */
     cve_id?: string;
     /**
@@ -28,29 +31,57 @@ export interface AiWorkflowExecutionSummary {
      */
     duration?: number;
     /**
-     * Unique execution identifier (for navigation to detail)
+     * Stable execution identifier (assigned at creation; navigation key to detail)
      */
     execution_id?: string;
     /**
-     * Recommended fix version
+     * VULN / ZERO_DAY only — recommended fix version
      */
     fixed_version?: string;
+    /**
+     * FP_TRIAGE only — number of false positives the agent identified (the "FP" column)
+     */
+    fps_identified_count?: number;
+    /**
+     * Originating scan scope org identifier. Used with the fields below to build the "Vuln Link" deep-link.
+     */
+    originating_org_identifier?: string;
+    /**
+     * Originating scan scope project identifier (part of the "Vuln Link" deep-link)
+     */
+    originating_project_identifier?: string;
     /**
      * Sequential per-account run number
      */
     run_number?: number;
     /**
-     * Vulnerability severity
+     * VULN / ZERO_DAY only — vulnerability severity
      */
     severity?: string;
     status?: AiWorkflowExecutionStatusEnum;
     /**
-     * Manual for user-triggered, Zero-Day for batch-triggered
+     * FP_TRIAGE only — scan target (artifact) identifier (UUID)
+     */
+    target_id?: string;
+    /**
+     * FP_TRIAGE only — human-readable artifact name shown in the "Target" column
+     */
+    target_name?: string;
+    /**
+     * Manual for user-triggered, Zero-Day for batch-triggered, Scan-Completion for scan-completion-triggered (e.g. FP Triage)
      */
-    trigger_type?: 'Manual' | 'Zero-Day';
+    trigger_type?: 'Manual' | 'Scan-Completion' | 'Zero-Day';
     /**
      * Epoch ms when the execution was triggered
      * @format int64
      */
     triggered_at?: number;
+    /**
+     * Pipeline execution identifier of the scan that triggered the workflow (part of the "Vuln Link" deep-link)
+     */
+    triggering_pipeline_execution_id?: string;
+    /**
+     * Pipeline identifier of the scan that triggered the workflow (part of the "Vuln Link" deep-link)
+     */
+    triggering_pipeline_id?: string;
 }

package/dist/ssca-manager/src/services/schemas/AiWorkflowInfrastructureConfig.d.ts ADDED Viewed

@@ -0,0 +1,23 @@
+export interface AiWorkflowInfrastructureConfig {
+    /**
+     * CPU architecture (Harness Cloud only)
+     */
+    arch?: 'Amd64';
+    /**
+     * Kubernetes connector reference (required when type is KUBERNETES_DIRECT)
+     */
+    connector_ref?: string;
+    /**
+     * Kubernetes namespace (required when type is KUBERNETES_DIRECT)
+     */
+    namespace?: string;
+    /**
+     * Operating system
+     * @default "Linux"
+     */
+    os?: string;
+    /**
+     * Infrastructure type for pipeline execution
+     */
+    type?: 'HARNESS_CLOUD' | 'KUBERNETES_DIRECT';
+}

package/dist/ssca-manager/src/services/schemas/AiWorkflowInfrastructureConfig.js ADDED Viewed

@@ -0,0 +1,4 @@
+/* eslint-disable */
+// This code is autogenerated using @harnessio/oats-cli.
+// Please do not modify this code directly.
+export {};

package/dist/ssca-manager/src/services/schemas/AppendAiWorkflowStepExecutionResponse.d.ts ADDED Viewed

@@ -0,0 +1,8 @@
+export interface AppendAiWorkflowStepExecutionResponse {
+    appended?: boolean;
+    executionId?: string;
+    /**
+     * Total step entries after this append
+     */
+    stepCount?: number;
+}

package/dist/ssca-manager/src/services/schemas/AppendAiWorkflowStepExecutionResponse.js ADDED Viewed

@@ -0,0 +1,4 @@
+/* eslint-disable */
+// This code is autogenerated using @harnessio/oats-cli.
+// Please do not modify this code directly.
+export {};

package/dist/ssca-manager/src/services/schemas/ArtifactListingPipelineResponse.d.ts CHANGED Viewed

@@ -1,9 +1,11 @@
+import type { AiBomModelPipeline } from '../schemas/AiBomModelPipeline';
 import type { ArtifactModelPipeline } from '../schemas/ArtifactModelPipeline';
 import type { EnforcementModelPipeline } from '../schemas/EnforcementModelPipeline';
 import type { OrchestrationModelPipeline } from '../schemas/OrchestrationModelPipeline';
 import type { SlsaModelPipeline } from '../schemas/SlsaModelPipeline';
 import type { IntegrityVerificationModelPipeline } from '../schemas/IntegrityVerificationModelPipeline';
 export interface ArtifactListingPipelineResponse {
+    aibom?: AiBomModelPipeline;
     artifact?: ArtifactModelPipeline;
     enforcement?: EnforcementModelPipeline;
     orchestration?: OrchestrationModelPipeline;

package/dist/ssca-manager/src/services/schemas/BatchAccountResult.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+export interface BatchAccountResult {
+    accountId?: string;
+    executionId?: string;
+    failureMessage?: string;
+    outcome?: 'FAILED' | 'SKIPPED_DEDUP' | 'SKIPPED_DISABLED' | 'SKIPPED_MISSING_APPROVER_GROUPS' | 'SKIPPED_RECENT_EXECUTION' | 'TRIGGERED';
+    pipelineExecutionId?: string;
+    /**
+     * @format int64
+     */
+    processedAt?: number;
+}

package/dist/ssca-manager/src/services/schemas/BatchAccountResult.js ADDED Viewed

@@ -0,0 +1,4 @@
+/* eslint-disable */
+// This code is autogenerated using @harnessio/oats-cli.
+// Please do not modify this code directly.
+export {};

package/dist/ssca-manager/src/services/schemas/BatchTriggerRequest.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+export interface BatchTriggerRequest {
+    component_purl: string;
+    component_version: string;
+    cve_id?: string;
+    severity?: string;
+    /**
+     * @default "EQUALS"
+     */
+    version_operator?: string;
+}

package/dist/ssca-manager/src/services/schemas/BatchTriggerRequest.js ADDED Viewed

@@ -0,0 +1,4 @@
+/* eslint-disable */
+// This code is autogenerated using @harnessio/oats-cli.
+// Please do not modify this code directly.
+export {};

package/dist/ssca-manager/src/services/schemas/BatchTriggerResponse.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export interface BatchTriggerResponse {
+    batchId?: string;
+    enumeratedAccountCount?: number;
+    status?: string;
+}

package/dist/ssca-manager/src/services/schemas/BatchTriggerResponse.js ADDED Viewed

@@ -0,0 +1,4 @@
+/* eslint-disable */
+// This code is autogenerated using @harnessio/oats-cli.
+// Please do not modify this code directly.
+export {};

package/dist/ssca-manager/src/services/schemas/ExecutionContextV2.d.ts CHANGED Viewed

@@ -2,5 +2,5 @@
  * Details of the Execution Context
  */
 export interface ExecutionContextV2 {
-    type: 'github' | 'harness';
+    type: 'github' | 'gitlab' | 'harness';
 }

package/dist/ssca-manager/src/services/schemas/ExecutionDetail.d.ts CHANGED Viewed

@@ -1,8 +1,10 @@
 import type { GithubExecutionDetail } from '../schemas/GithubExecutionDetail';
+import type { GitlabExecutionDetail } from '../schemas/GitlabExecutionDetail';
 import type { HarnessExecutionDetail } from '../schemas/HarnessExecutionDetail';
 import type { ExecutionType } from '../schemas/ExecutionType';
 export interface ExecutionDetail {
     github?: GithubExecutionDetail;
+    gitlab?: GitlabExecutionDetail;
     harness?: HarnessExecutionDetail;
     type: ExecutionType;
 }

package/dist/ssca-manager/src/services/schemas/ExecutionType.d.ts CHANGED Viewed

	@@ -1 +1 @@
1	- export type ExecutionType = 'github' \| 'harness';
1	+ export type ExecutionType = 'github' \| 'gitlab' \| 'harness';

package/dist/ssca-manager/src/services/schemas/GitlabExecutionContext.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+import type { RunnerDetail } from '../schemas/RunnerDetail';
+import type { ExecutionContextV2 } from '../schemas/ExecutionContextV2';
+export interface GitlabExecutionContext<T0 extends RunnerDetail = RunnerDetail> extends ExecutionContextV2 {
+    commit_sha?: string;
+    job_id?: string;
+    job_name?: string;
+    pipeline_id?: string;
+    pipeline_url?: string;
+    project_id?: string;
+    project_path?: string;
+    runner_detail?: T0;
+    /**
+     * This specifies the type of context
+     */
+    type: 'gitlab';
+}

package/dist/ssca-manager/src/services/schemas/GitlabExecutionContext.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/ssca-manager/src/services/schemas/GitlabExecutionDetail.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import type { GitlabRunner } from '../schemas/GitlabRunner';
+/**
+ * GitLab CI Pipeline Execution Details
+ */
+export interface GitlabExecutionDetail {
+    commit_sha?: string;
+    job_id?: string;
+    job_name?: string;
+    pipeline_id?: string;
+    pipeline_url?: string;
+    project_id?: string;
+    project_path?: string;
+    runner_detail?: GitlabRunner;
+    type: 'gitlab';
+}

package/dist/ssca-manager/src/services/schemas/GitlabExecutionDetail.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/ssca-manager/src/services/schemas/GitlabRunner.d.ts ADDED Viewed

@@ -0,0 +1,4 @@
+export interface GitlabRunner {
+    description?: string;
+    id?: string;
+}

package/dist/ssca-manager/src/services/schemas/GitlabRunner.js ADDED Viewed

@@ -0,0 +1,4 @@
+/* eslint-disable */
+// This code is autogenerated using @harnessio/oats-cli.
+// Please do not modify this code directly.
+export {};

package/dist/ssca-manager/src/services/schemas/GitlabRunnerDetail.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { RunnerDetail } from '../schemas/RunnerDetail';
+export interface GitlabRunnerDetail extends RunnerDetail {
+    description?: string;
+    id?: string;
+    /**
+     * This specifies the type of Runner
+     */
+    type?: 'gitlab';
+}

package/dist/ssca-manager/src/services/schemas/GitlabRunnerDetail.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/ssca-manager/src/services/schemas/InternalAffectedArtifact.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+export interface InternalAffectedArtifact {
+    artifact_id?: string;
+    artifact_name?: string;
+    artifact_version?: string;
+    base_branch?: string;
+    env_type?: string;
+    fix_version?: string;
+    non_prod_env_names?: string[];
+    package_name?: string;
+    package_version?: string;
+    prod_env_names?: string[];
+    purl?: string;
+    repo_name?: string;
+    repo_url?: string;
+}

package/dist/ssca-manager/src/services/schemas/InternalAffectedArtifact.js ADDED Viewed

@@ -0,0 +1,4 @@
+/* eslint-disable */
+// This code is autogenerated using @harnessio/oats-cli.
+// Please do not modify this code directly.
+export {};

package/dist/ssca-manager/src/services/schemas/InternalAlertContext.d.ts ADDED Viewed

@@ -0,0 +1,16 @@
+export interface InternalAlertContext {
+    attack_surface?: string;
+    component_name?: string;
+    component_type?: string;
+    component_version?: string;
+    dependents_count?: string;
+    description?: string;
+    ecosystems?: string[];
+    exposure_points?: string;
+    notable_consumers?: string;
+    popularity?: string;
+    repo_url?: string;
+    risk_factor?: string;
+    risk_pattern?: string;
+    use_cases?: string[];
+}

package/dist/ssca-manager/src/services/schemas/InternalAlertContext.js ADDED Viewed

@@ -0,0 +1,4 @@
+/* eslint-disable */
+// This code is autogenerated using @harnessio/oats-cli.
+// Please do not modify this code directly.
+export {};

package/dist/ssca-manager/src/services/schemas/InternalIdentificationResult.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { InternalAffectedArtifact } from '../schemas/InternalAffectedArtifact';
+export interface InternalIdentificationResult {
+    affected_artifacts?: InternalAffectedArtifact[];
+    outcome?: 'AFFECTED' | 'ZERO_AFFECTED';
+    skipped_artifact_not_found?: number;
+    skipped_container_artifacts?: number;
+    skipped_no_git_metadata?: number;
+    truncated?: boolean;
+}

package/dist/ssca-manager/src/services/schemas/InternalIdentificationResult.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/ssca-manager/src/services/schemas/InternalRecommendedVersion.d.ts ADDED Viewed

@@ -0,0 +1,24 @@
+/**
+ * Unreleased internal response schema. JSON field names use snake_case.
+ */
+export interface InternalRecommendedVersion {
+    available?: boolean;
+    filter_trace?: string;
+    purl?: string;
+    upgrade_candidates?: Array<{
+        version?: string;
+        vulnerabilities?: {
+            critical?: number;
+            high?: number;
+            low?: number;
+            medium?: number;
+        };
+    }>;
+    version?: string;
+    vulnerabilities?: {
+        critical?: number;
+        high?: number;
+        low?: number;
+        medium?: number;
+    };
+}

package/dist/ssca-manager/src/services/schemas/InternalRecommendedVersion.js ADDED Viewed

@@ -0,0 +1,4 @@
+/* eslint-disable */
+// This code is autogenerated using @harnessio/oats-cli.
+// Please do not modify this code directly.
+export {};

package/dist/ssca-manager/src/services/schemas/InternalStepExecution.d.ts ADDED Viewed

@@ -0,0 +1,5 @@
+export interface InternalStepExecution {
+    banner?: string;
+    details?: string;
+    summary?: string;
+}

package/dist/ssca-manager/src/services/schemas/InternalStepExecution.js ADDED Viewed

@@ -0,0 +1,4 @@
+/* eslint-disable */
+// This code is autogenerated using @harnessio/oats-cli.
+// Please do not modify this code directly.
+export {};

package/dist/ssca-manager/src/services/schemas/InternalStoreIdentificationResultRequest.d.ts ADDED Viewed

@@ -0,0 +1,9 @@
+import type { InternalAffectedArtifact } from '../schemas/InternalAffectedArtifact';
+export interface InternalStoreIdentificationResultRequest {
+    affectedArtifacts?: InternalAffectedArtifact[];
+    fixedVersion?: string;
+    outcome: string;
+    skippedContainerArtifacts?: number;
+    skippedNoGitMetadata?: number;
+    totalRepositories?: number;
+}

package/dist/ssca-manager/src/services/schemas/InternalStoreIdentificationResultRequest.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/ssca-manager/src/services/schemas/RemediationBatchDetail.d.ts ADDED Viewed

@@ -0,0 +1,20 @@
+import type { BatchAccountResult } from '../schemas/BatchAccountResult';
+export interface RemediationBatchDetail {
+    batchAccountResults?: BatchAccountResult[];
+    componentPurl?: string;
+    componentVersion?: string;
+    cveId?: string;
+    dedupKey?: string;
+    enumeratedAccountCount?: number;
+    enumeratedAccountIds?: string[];
+    id?: string;
+    severity?: string;
+    skippedAccountCount?: number;
+    status?: 'COMPLETED' | 'IN_PROGRESS' | 'STALLED';
+    /**
+     * @format int64
+     */
+    triggeredAt?: number;
+    triggeredByPrincipal?: string;
+    versionOperator?: string;
+}

package/dist/ssca-manager/src/services/schemas/RemediationBatchDetail.js ADDED Viewed

	@@ -0,0 +1 @@
1	+ export {};

package/dist/ssca-manager/src/services/schemas/RunnerDetail.d.ts CHANGED Viewed

@@ -1,3 +1,3 @@
 export interface RunnerDetail {
-    type?: 'github' | 'harness';
+    type?: 'github' | 'gitlab' | 'harness';
 }

package/dist/ssca-manager/src/services/schemas/SaveOrchestrationRequestV2.d.ts CHANGED Viewed

@@ -26,5 +26,9 @@ export interface SaveOrchestrationRequestV2 {
      * Required for "complete" mode. Must match the total component count received across all chunks.
      */
     expected_component_count?: number;
+    /**
+     * Set to true when this orchestration contains an AI-BOM SBOM. Controls whether latestAiBomSummary is populated on the artifact.
+     */
+    is_ai_bom?: boolean;
     sbom_metadata?: SbomMetadataV2;
 }

package/dist/ssca-manager/src/services/schemas/SbomComponentRequestDto.d.ts CHANGED Viewed

@@ -1,9 +1,42 @@
+import type { AiBomExternalReference } from '../schemas/AiBomExternalReference';
+import type { AiBomModelCard } from '../schemas/AiBomModelCard';
+import type { AiBomOccurrence } from '../schemas/AiBomOccurrence';
 import type { DependencyType } from '../schemas/DependencyType';
 import type { LayerType } from '../schemas/LayerType';
 /**
  * Normalized SBOM Component Details
  */
 export interface SbomComponentRequestDto {
+    /**
+     * AI component classification derived from bom-ref prefix (e.g. model, pkg, agent)
+     */
+    ai_component_type?: string;
+    /**
+     * Detection confidence score (0.0 to 1.0)
+     * @format float
+     */
+    ai_detection_confidence?: number;
+    /**
+     * Detection technique used (e.g. source-code-analysis)
+     */
+    ai_detection_technique?: string;
+    /**
+     * External references such as model card URLs
+     */
+    ai_external_references?: AiBomExternalReference[];
+    ai_model_card?: AiBomModelCard;
+    /**
+     * Canonical model name (e.g. gpt-4o, claude-3-5-sonnet-20240620)
+     */
+    ai_model_name?: string;
+    /**
+     * All source code locations where this component was detected
+     */
+    ai_occurrences?: AiBomOccurrence[];
+    /**
+     * AI/ML provider name (e.g. OpenAI, Anthropic, HuggingFace)
+     */
+    ai_provider?: string;
     dependency_type?: DependencyType;
     file_path?: string;
     filter_tags?: LayerType[];