@maxim_mazurok/gapi.client.containeranalysis-v1alpha1 0.2.20260313 → 0.2.20260529

package/index.d.ts

@@ -9,7 +9,7 @@
 // This file was generated by https://github.com/Maxim-Mazurok/google-api-typings-generator. Please do not edit it manually.
 // In case of any problems please post issue to https://github.com/Maxim-Mazurok/google-api-typings-generator
 // Generated from: https://containeranalysis.googleapis.com/$discovery/rest?version=v1alpha1
-// Revision: 20260313
+// Revision: 20260529
 
 /// <reference types="gapi.client" />
 
@@ -28,6 +28,15 @@ declare namespace gapi.client {
   ): void;
 
   namespace containeranalysis {
+    interface AISkillAnalysisNote {}
+    interface AISkillAnalysisOccurrence {
+      /** Optional. Findings produced by the analysis. */
+      findings?: Finding[];
+      /** Optional. Maximum severity found among findings. */
+      maxSeverity?: 'SEVERITY_UNSPECIFIED' | 'CRITICAL' | 'HIGH';
+      /** Optional. Name of the skill that produced this analysis. */
+      skillName?: string;
+    }
     interface AnalysisCompleted {
       /** type of analysis that were completed on a resource. */
       analysisType?: string[];
@@ -312,6 +321,8 @@ declare namespace gapi.client {
       url?: string;
     }
     interface ContaineranalysisGoogleDevtoolsCloudbuildV1Artifacts {
+      /** Optional. A list of generic artifacts to be uploaded to Artifact Registry upon successful completion of all build steps. If any artifacts fail to be pushed, the build is marked FAILURE. */
+      genericArtifacts?: ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsGenericArtifact[];
       /** Optional. A list of Go modules to be uploaded to Artifact Registry upon successful completion of all build steps. If any objects fail to be pushed, the build is marked FAILURE. */
       goModules?: ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsGoModule[];
       /** A list of images to be pushed upon the successful completion of all build steps. The images will be pushed using the builder service account's credentials. The digests of the pushed images will be stored in the Build resource's results field. If any of the images fail to be pushed, the build is marked FAILURE. */
@@ -335,6 +346,12 @@ declare namespace gapi.client {
       /** Output only. Stores timing information for pushing all artifact objects. */
       timing?: ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan;
     }
+    interface ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsGenericArtifact {
+      /** Required. Path to the generic artifact in the build's workspace to be uploaded to Artifact Registry. */
+      folder?: string;
+      /** Required. Registry path to upload the generic artifact to, in the form projects/$PROJECT/locations/$LOCATION/repositories/$REPO/packages/$PACKAGE/versions/$VERSION */
+      registryPath?: string;
+    }
     interface ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsGoModule {
       /** Optional. The Go module's "module path". e.g. example.com/foo/v2 */
       modulePath?: string;
@@ -569,6 +586,8 @@ declare namespace gapi.client {
       name?: string;
       /** Output only. Stores timing information for pulling this build step's builder image only. */
       pullTiming?: ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan;
+      /** Declaration of results for this build step. */
+      results?: ContaineranalysisGoogleDevtoolsCloudbuildV1StepResult[];
       /** A shell script to be executed in the step. When script is provided, the user cannot specify the entrypoint or args. */
       script?: string;
       /** A list of environment variables which are encrypted using a Cloud Key Management Service crypto key. These values must be specified in the build's `Secret`. */
@@ -594,6 +613,10 @@ declare namespace gapi.client {
       /** The ID(s) of the step(s) that this build step depends on. This build step will not start until all the build steps in `wait_for` have completed successfully. If `wait_for` is empty, this build step will start when all previous build steps in the `Build.Steps` list have completed successfully. */
       waitFor?: string[];
     }
+    interface ContaineranalysisGoogleDevtoolsCloudbuildV1BuildStepResults {
+      /** Results for a build step. */
+      results?: {[P in string]: string};
+    }
     interface ContaineranalysisGoogleDevtoolsCloudbuildV1BuildWarning {
       /** The priority for this warning. */
       priority?: 'PRIORITY_UNSPECIFIED' | 'INFO' | 'WARNING' | 'ALERT';
@@ -626,9 +649,17 @@ declare namespace gapi.client {
     interface ContaineranalysisGoogleDevtoolsCloudbuildV1Dependency {
       /** If set to true disable all dependency fetching (ignoring the default source as well). */
       empty?: boolean;
+      /** Represents a generic artifact as a build dependency. */
+      genericArtifact?: ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGenericArtifactDependency;
       /** Represents a git repository as a build dependency. */
       gitSource?: ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceDependency;
     }
+    interface ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGenericArtifactDependency {
+      /** Required. Where the artifact files should be placed on the worker. */
+      destPath?: string;
+      /** Required. The location to download the artifact files from. Ex: projects/p1/locations/us/repositories/r1/packages/p1/versions/v1 */
+      resource?: string;
+    }
     interface ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceDependency {
       /** Optional. How much history should be fetched for the build (default 1, -1 for all history). */
       depth?: string;
@@ -720,6 +751,12 @@ declare namespace gapi.client {
       buildStepImages?: string[];
       /** List of build step outputs, produced by builder images, in the order corresponding to build step indices. [Cloud Builders](https://cloud.google.com/cloud-build/docs/cloud-builders) can produce this output by writing to `$BUILDER_OUTPUT/output`. Only the first 50KB of data is stored. Note that the `$BUILDER_OUTPUT` variable is read-only and can't be substituted. */
       buildStepOutputs?: string[];
+      /** Results for build steps. step_id -> */
+      buildStepResults?: {
+        [P in string]: ContaineranalysisGoogleDevtoolsCloudbuildV1BuildStepResults;
+      };
+      /** Output only. Generic artifacts uploaded to Artifact Registry at the end of the build. */
+      genericArtifacts?: ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedGenericArtifact[];
       /** Optional. Go module artifacts uploaded to Artifact Registry at the end of the build. */
       goModules?: ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedGoModule[];
       /** Container images that were built as a part of the build. */
@@ -781,6 +818,14 @@ declare namespace gapi.client {
       /** A copy of the build's `source.storage_source_manifest`, if exists, with any revisions resolved. This feature is in Preview. */
       resolvedStorageSourceManifest?: ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest;
     }
+    interface ContaineranalysisGoogleDevtoolsCloudbuildV1StepResult {
+      /** Optional. The content of the attestation to be generated. */
+      attestationContent?: string;
+      /** Optional. The type of attestation to be generated. */
+      attestationType?: string;
+      /** Required. The name of the result. */
+      name?: string;
+    }
     interface ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource {
       /** Cloud Storage bucket containing the source (see [Bucket Name Requirements](https://cloud.google.com/storage/docs/bucket-naming#requirements)). */
       bucket?: string;
@@ -805,6 +850,20 @@ declare namespace gapi.client {
       /** Start of time span. */
       startTime?: string;
     }
+    interface ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedGenericArtifact {
+      /** Output only. The hash of the whole artifact. */
+      artifactFingerprint?: ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes;
+      /** Output only. Path to the artifact in Artifact Registry. */
+      artifactRegistryPackage?: string;
+      /** Output only. The file hashes that make up the generic artifact. */
+      fileHashes?: {
+        [P in string]: ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes;
+      };
+      /** Output only. Stores timing information for pushing the specified artifact. */
+      pushTiming?: ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan;
+      /** Output only. URI of the uploaded artifact. Ex: projects/p1/locations/us/repositories/r1/packages/p1/versions/v1 */
+      uri?: string;
+    }
     interface ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedGoModule {
       /** Output only. Path to the artifact in Artifact Registry. */
       artifactRegistryPackage?: string;
@@ -858,26 +917,31 @@ declare namespace gapi.client {
       operationId?: string;
     }
     interface CVSS {
-      /** Defined in CVSS v3, CVSS v2 */
+      /** Optional. Attack Complexity (AC). Defined in CVSS v2, v3, v4. */
       attackComplexity?:
         | 'ATTACK_COMPLEXITY_UNSPECIFIED'
         | 'ATTACK_COMPLEXITY_LOW'
         | 'ATTACK_COMPLEXITY_HIGH'
         | 'ATTACK_COMPLEXITY_MEDIUM';
-      /** Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments. Defined in CVSS v3, CVSS v2 */
+      /** Optional. Attack Requirements (AT). Defined in CVSS v4. */
+      attackRequirements?:
+        | 'ATTACK_REQUIREMENTS_UNSPECIFIED'
+        | 'ATTACK_REQUIREMENTS_NONE'
+        | 'ATTACK_REQUIREMENTS_PRESENT';
+      /** Optional. Attack Vector (AV). Defined in CVSS v2, v3, v4. */
       attackVector?:
         | 'ATTACK_VECTOR_UNSPECIFIED'
         | 'ATTACK_VECTOR_NETWORK'
         | 'ATTACK_VECTOR_ADJACENT'
         | 'ATTACK_VECTOR_LOCAL'
         | 'ATTACK_VECTOR_PHYSICAL';
-      /** Defined in CVSS v2 */
+      /** Optional. Authentication (Au). Defined in CVSS v2. */
       authentication?:
         | 'AUTHENTICATION_UNSPECIFIED'
         | 'AUTHENTICATION_MULTIPLE'
         | 'AUTHENTICATION_SINGLE'
         | 'AUTHENTICATION_NONE';
-      /** Defined in CVSS v3, CVSS v2 */
+      /** Optional. Availability Impact (A). Defined in CVSS v2, v3. */
       availabilityImpact?:
         | 'IMPACT_UNSPECIFIED'
         | 'IMPACT_HIGH'
@@ -885,9 +949,9 @@ declare namespace gapi.client {
         | 'IMPACT_NONE'
         | 'IMPACT_PARTIAL'
         | 'IMPACT_COMPLETE';
-      /** The base score is a function of the base metric scores. */
+      /** Optional. The base score is a function of the base metric scores. */
       baseScore?: number;
-      /** Defined in CVSS v3, CVSS v2 */
+      /** Optional. Confidentiality Impact (C). Defined in CVSS v2, v3. */
       confidentialityImpact?:
         | 'IMPACT_UNSPECIFIED'
         | 'IMPACT_HIGH'
@@ -897,7 +961,7 @@ declare namespace gapi.client {
         | 'IMPACT_COMPLETE';
       exploitabilityScore?: number;
       impactScore?: number;
-      /** Defined in CVSS v3, CVSS v2 */
+      /** Optional. Integrity Impact (I). Defined in CVSS v2, v3. */
       integrityImpact?:
         | 'IMPACT_UNSPECIFIED'
         | 'IMPACT_HIGH'
@@ -905,19 +969,69 @@ declare namespace gapi.client {
         | 'IMPACT_NONE'
         | 'IMPACT_PARTIAL'
         | 'IMPACT_COMPLETE';
-      /** Defined in CVSS v3 */
+      /** Optional. Privileges Required (PR). Defined in CVSS v3, v4. */
       privilegesRequired?:
         | 'PRIVILEGES_REQUIRED_UNSPECIFIED'
         | 'PRIVILEGES_REQUIRED_NONE'
         | 'PRIVILEGES_REQUIRED_LOW'
         | 'PRIVILEGES_REQUIRED_HIGH';
-      /** Defined in CVSS v3 */
+      /** Optional. Scope (S). Defined in CVSS v3. */
       scope?: 'SCOPE_UNSPECIFIED' | 'SCOPE_UNCHANGED' | 'SCOPE_CHANGED';
-      /** Defined in CVSS v3 */
+      /** Optional. Subsequent System Availability Impact (SA). Defined in CVSS v4. */
+      subsequentSystemAvailabilityImpact?:
+        | 'IMPACT_UNSPECIFIED'
+        | 'IMPACT_HIGH'
+        | 'IMPACT_LOW'
+        | 'IMPACT_NONE'
+        | 'IMPACT_PARTIAL'
+        | 'IMPACT_COMPLETE';
+      /** Optional. Subsequent System Confidentiality Impact (SC). Defined in CVSS v4. */
+      subsequentSystemConfidentialityImpact?:
+        | 'IMPACT_UNSPECIFIED'
+        | 'IMPACT_HIGH'
+        | 'IMPACT_LOW'
+        | 'IMPACT_NONE'
+        | 'IMPACT_PARTIAL'
+        | 'IMPACT_COMPLETE';
+      /** Optional. Subsequent System Integrity Impact (SI). Defined in CVSS v4. */
+      subsequentSystemIntegrityImpact?:
+        | 'IMPACT_UNSPECIFIED'
+        | 'IMPACT_HIGH'
+        | 'IMPACT_LOW'
+        | 'IMPACT_NONE'
+        | 'IMPACT_PARTIAL'
+        | 'IMPACT_COMPLETE';
+      /** Optional. User Interaction (UI). Defined in CVSS v3, v4. */
       userInteraction?:
         | 'USER_INTERACTION_UNSPECIFIED'
         | 'USER_INTERACTION_NONE'
-        | 'USER_INTERACTION_REQUIRED';
+        | 'USER_INTERACTION_REQUIRED'
+        | 'USER_INTERACTION_PASSIVE'
+        | 'USER_INTERACTION_ACTIVE';
+      /** Optional. Vulnerable System Availability Impact (VA). Defined in CVSS v4. */
+      vulnerableSystemAvailabilityImpact?:
+        | 'IMPACT_UNSPECIFIED'
+        | 'IMPACT_HIGH'
+        | 'IMPACT_LOW'
+        | 'IMPACT_NONE'
+        | 'IMPACT_PARTIAL'
+        | 'IMPACT_COMPLETE';
+      /** Optional. Vulnerable System Confidentiality Impact (VC). Defined in CVSS v4. */
+      vulnerableSystemConfidentialityImpact?:
+        | 'IMPACT_UNSPECIFIED'
+        | 'IMPACT_HIGH'
+        | 'IMPACT_LOW'
+        | 'IMPACT_NONE'
+        | 'IMPACT_PARTIAL'
+        | 'IMPACT_COMPLETE';
+      /** Optional. Vulnerable System Integrity Impact (VI). Defined in CVSS v4. */
+      vulnerableSystemIntegrityImpact?:
+        | 'IMPACT_UNSPECIFIED'
+        | 'IMPACT_HIGH'
+        | 'IMPACT_LOW'
+        | 'IMPACT_NONE'
+        | 'IMPACT_PARTIAL'
+        | 'IMPACT_COMPLETE';
     }
     interface Deployable {
       /** Resource URI for the artifact being deployed. */
@@ -1037,7 +1151,8 @@ declare namespace gapi.client {
         | 'DSSE_ATTESTATION'
         | 'VULNERABILITY_ASSESSMENT'
         | 'SBOM_REFERENCE'
-        | 'SECRET';
+        | 'SECRET'
+        | 'AI_SKILL_ANALYSIS';
     }
     interface Distribution {
       /** The CPU architecture for which packages in this distribution channel were built */
@@ -1194,6 +1309,24 @@ declare namespace gapi.client {
       /** This field provides a place for the SPDX file creator to record license notices or other such related notices found in the file */
       notice?: string;
     }
+    interface Finding {
+      /** Optional. Category of the finding. */
+      category?: string;
+      /** Optional. Description of the finding category. */
+      details?: string;
+      /** Optional. Location (path and line) where the finding was detected. */
+      location?: FindingLocation;
+      /** Optional. Scanner determines which engine (e.g. static, llm) emitted the finding. */
+      scanner?: 'SCANNER_UNSPECIFIED' | 'STATIC' | 'LLM';
+      /** Optional. Severity of the finding. */
+      severity?: 'SEVERITY_UNSPECIFIED' | 'CRITICAL' | 'HIGH';
+    }
+    interface FindingLocation {
+      /** Optional. Relative path of the file containing the finding. */
+      filePath?: string;
+      /** Optional. Line number (1-based), or 0 if whole File / unknown. */
+      lineNumber?: string;
+    }
     interface Fingerprint {
       /** The layer-id of the final layer in the Docker image's v1 representation. This field can be used as a filter in list requests. */
       v1Name?: string;
@@ -1489,6 +1622,8 @@ declare namespace gapi.client {
       reason?: string;
     }
     interface Note {
+      /** A note describing an AI skill analysis. */
+      aiSkillAnalysis?: any;
       /** A note describing an attestation role. */
       attestationAuthority?: AttestationAuthority;
       /** A note describing a base image. */
@@ -1526,7 +1661,8 @@ declare namespace gapi.client {
         | 'DSSE_ATTESTATION'
         | 'VULNERABILITY_ASSESSMENT'
         | 'SBOM_REFERENCE'
-        | 'SECRET';
+        | 'SECRET'
+        | 'AI_SKILL_ANALYSIS';
       /** A detailed description of this `Note`. */
       longDescription?: string;
       /** The name of the note in the form "projects/{provider_project_id}/notes/{NOTE_ID}" */
@@ -1559,6 +1695,8 @@ declare namespace gapi.client {
       vulnerabilityType?: VulnerabilityType;
     }
     interface Occurrence {
+      /** This represents an AI skill analysis occurrence */
+      aiSkillAnalysis?: AISkillAnalysisOccurrence;
       /** Describes an attestation of an artifact. */
       attestation?: Attestation;
       /** Build details for a verifiable build. */
@@ -1598,7 +1736,8 @@ declare namespace gapi.client {
         | 'DSSE_ATTESTATION'
         | 'VULNERABILITY_ASSESSMENT'
         | 'SBOM_REFERENCE'
-        | 'SECRET';
+        | 'SECRET'
+        | 'AI_SKILL_ANALYSIS';
       /** Output only. The name of the `Occurrence` in the form "projects/{project_id}/occurrences/{OCCURRENCE_ID}" */
       name?: string;
       /** An analysis note associated with this image, in the form "providers/{provider_id}/notes/{NOTE_ID}" This field can be used as a filter in list requests. */
@@ -1778,13 +1917,13 @@ declare namespace gapi.client {
     }
     interface Recipe {
       /** Collection of all external inputs that influenced the build on top of recipe.definedInMaterial and recipe.entryPoint. For example, if the recipe type were "make", then this might be the flags passed to make aside from the target, which is captured in recipe.entryPoint. */
-      arguments?: Array<{[P in string]: any}>;
+      arguments?: {[P in string]: any}[];
       /** Index in materials containing the recipe steps that are not implied by recipe.type. For example, if the recipe type were "make", then this would point to the source containing the Makefile, not the make program itself. Set to -1 if the recipe doesn't come from a material, as zero is default unset value for int64. */
       definedInMaterial?: string;
       /** String identifying the entry point into the build. This is often a path to a configuration file and/or a target label within that file. The syntax and meaning are defined by recipe.type. For example, if the recipe type were "make", then this would reference the directory in which to run make as well as which target to use. */
       entryPoint?: string;
       /** Any other builder-controlled inputs necessary for correctly evaluating the recipe. Usually only needed for reproducing the build but not evaluated as part of policy. */
-      environment?: Array<{[P in string]: any}>;
+      environment?: {[P in string]: any}[];
       /** URI indicating what type of recipe was performed. It determines the meaning of recipe.entryPoint, recipe.arguments, recipe.environment, and materials. */
       type?: string;
     }
@@ -2144,7 +2283,7 @@ declare namespace gapi.client {
       /** The status code, which should be an enum value of google.rpc.Code. */
       code?: number;
       /** A list of messages that carry the error details. There is a common set of message types for APIs to use. */
-      details?: Array<{[P in string]: any}>;
+      details?: {[P in string]: any}[];
       /** A developer-facing error message, which should be in English. Any user-facing error message should be localized and sent in the google.rpc.Status.details field, or localized by the client. */
       message?: string;
     }
@@ -2294,11 +2433,14 @@ declare namespace gapi.client {
       cvssV2?: CVSS;
       /** The CVSS v3 score of this vulnerability. */
       cvssV3?: CVSS;
+      /** Optional. The CVSS v4 score of this vulnerability. */
+      cvssV4?: CVSS;
       /** Output only. CVSS version used to populate cvss_score and severity. */
       cvssVersion?:
         | 'CVSS_VERSION_UNSPECIFIED'
         | 'CVSS_VERSION_2'
-        | 'CVSS_VERSION_3';
+        | 'CVSS_VERSION_3'
+        | 'CVSS_VERSION_4';
       /** The distro assigned severity for this vulnerability when that is available and note provider assigned severity when distro has not yet assigned a severity for this vulnerability. When there are multiple package issues for this vulnerability, they can have different effective severities because some might come from the distro and some might come from installed language packs (e.g. Maven JARs or Go binaries). For this reason, it is advised to use the effective severity on the PackageIssue level, as this field may eventually be deprecated. In the case where multiple PackageIssues have different effective severities, the one set here will be the highest severity of any of the PackageIssues. */
       effectiveSeverity?:
         | 'SEVERITY_UNSPECIFIED'
@@ -2343,11 +2485,14 @@ declare namespace gapi.client {
       cvssScore?: number;
       /** The full description of the CVSS for version 2. */
       cvssV2?: CVSS;
+      /** Optional. The full description of the CVSS for version 4. */
+      cvssV4?: CVSS;
       /** CVSS version used to populate cvss_score and severity. */
       cvssVersion?:
         | 'CVSS_VERSION_UNSPECIFIED'
         | 'CVSS_VERSION_2'
-        | 'CVSS_VERSION_3';
+        | 'CVSS_VERSION_3'
+        | 'CVSS_VERSION_4';
       /** A list of CWE for this vulnerability. For details, see: https://cwe.mitre.org/index.html */
       cwe?: string[];
       /** All information about the package to specifically identify this vulnerability. One entry per (version range and cpe_uri) the package vulnerability has manifested in. */
@@ -2944,7 +3089,8 @@ declare namespace gapi.client {
           | 'DSSE_ATTESTATION'
           | 'VULNERABILITY_ASSESSMENT'
           | 'SBOM_REFERENCE'
-          | 'SECRET';
+          | 'SECRET'
+          | 'AI_SKILL_ANALYSIS';
         /** The name field contains the project Id. For example: "projects/{project_id} @Deprecated */
         name?: string;
         /** OAuth 2.0 token for the current user. */

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@maxim_mazurok/gapi.client.containeranalysis-v1alpha1",
-  "version": "0.2.20260313",
+  "version": "0.2.20260529",
   "description": "TypeScript typings for Container Analysis API v1alpha1",
   "repository": {
     "type": "git",

package/readme.md

@@ -11,6 +11,23 @@ Install typings for Container Analysis API:
 npm install @types/gapi.client.containeranalysis-v1alpha1 --save-dev
 ```
 
+## TypeScript 6.0+
+
+TypeScript 6.0 changed `types` to default to `[]`. You must now explicitly list type packages in `tsconfig.json`:
+
+```json
+{
+  "compilerOptions": {
+    "types": [
+      "gapi",
+      "gapi.auth2",
+      "gapi.client",
+      "gapi.client.containeranalysis-v1alpha1"
+    ]
+  }
+}
+```
+
 ## Usage
 
 You need to initialize Google API client in your code: