npm - oci-adm - Versions diffs - 2.109.0 → 2.110.0 - Mend

oci-adm 2.109.0 → 2.110.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/lib/model/application-dependency-recommendation-summary.d.ts CHANGED Viewed

@@ -21,7 +21,7 @@ export interface ApplicationDependencyRecommendationSummary {
      */
     "gav": string;
     /**
-     * Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0
+     * Package URL identifier, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0
      */
     "purl"?: string;
     /**
@@ -37,7 +37,7 @@ export interface ApplicationDependencyRecommendationSummary {
      */
     "recommendedGav"?: string;
     /**
-     * Recommended application dependency in PURL format, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.2.0
+     * Recommended application dependency in purl format, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.2.0
      */
     "recommendedPurl"?: string;
 }

package/lib/model/application-dependency-vulnerability-summary.d.ts CHANGED Viewed

@@ -25,7 +25,7 @@ export interface ApplicationDependencyVulnerabilitySummary {
      */
     "gav": string;
     /**
-     * Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0
+     * Package URL identifier, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0
      */
     "purl"?: string;
     /**
@@ -41,9 +41,24 @@ export interface ApplicationDependencyVulnerabilitySummary {
      */
     "vulnerabilities": Array<model.Vulnerability>;
     /**
-     * Indicates if the artifact is found in the knowledge base.
+     * Indicates if the artifact is found in the knowledge base, this field is deprecated and will be removed in the future.
      */
     "isFoundInKnowledgeBase": boolean;
+    /**
+     * Potential issues in the artifact identifiers (purls) provided by the user, that the user is alerted about. ADM supports the following warnings:
+     * - MISSING_VERSION: Missing version
+     * - INCORRECT_FORMAT_VERSION: Version can not be parsed according to the ecosystem
+     * - UNKNOWN_ECOSYSTEM: The purl's ecosystem is unknown to ADM
+     * - INCORRECT_FORMAT_EPOCH: Epoch qualifier can not be parsed according to the ecosystem
+     * - MISSING_DISTRO: The distro qualifier is required for the ecosystem, but was not provided in the purl
+     * - UNKNOWN_DISTRO: ADM does not have data for the provided distro value for the given ecosystem
+     * - MISSING_ARCH: The arch qualifier is required for the ecosystem and distro, but was not provided in the purl
+     * - UNKNOWN_ARCH: ADM does not have data for the provided arch value for the given ecosystem and distro
+     * - EPOCH_VALUE_MISMATCH: Epoch value in qualifier is not the same as the epoch value in version
+     * - INVALID_PURL: The provided PURL could not be parsed
+     *
+     */
+    "warnings"?: Array<string>;
 }
 export declare namespace ApplicationDependencyVulnerabilitySummary {
     function getJsonObj(obj: ApplicationDependencyVulnerabilitySummary): object;

package/lib/model/application-dependency-vulnerability-summary.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"application-dependency-vulnerability-summary.js","sourceRoot":"","sources":["../../../../../lib/adm/lib/model/application-dependency-vulnerability-summary.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;;;;;;;;;;;;;;;;;;;;AAEH,gDAAkC;~~AAsClC~~,IAAiB,yCAAyC,CA6BzD;AA7BD,WAAiB,yCAAyC;IACxD,SAAgB,UAAU,CAAC,GAA8C;QACvE,MAAM,OAAO,mCACR,GAAG,GACH;YACD,iBAAiB,EAAE,GAAG,CAAC,eAAe;gBACpC,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;oBAC7B,OAAO,KAAK,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;gBAC9C,CAAC,CAAC;gBACJ,CAAC,CAAC,SAAS;SACd,CACF,CAAC;QAEF,OAAO,OAAO,CAAC;IACjB,CAAC;IAbe,oDAAU,aAazB,CAAA;IACD,SAAgB,sBAAsB,CAAC,GAA8C;QACnF,MAAM,OAAO,mCACR,GAAG,GACH;YACD,iBAAiB,EAAE,GAAG,CAAC,eAAe;gBACpC,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;oBAC7B,OAAO,KAAK,CAAC,aAAa,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;gBAC1D,CAAC,CAAC;gBACJ,CAAC,CAAC,SAAS;SACd,CACF,CAAC;QAEF,OAAO,OAAO,CAAC;IACjB,CAAC;IAbe,gEAAsB,yBAarC,CAAA;AACH,CAAC,EA7BgB,yCAAyC,GAAzC,iDAAyC,KAAzC,iDAAyC,QA6BzD"}
1	+ {"version":3,"file":"application-dependency-vulnerability-summary.js","sourceRoot":"","sources":["../../../../../lib/adm/lib/model/application-dependency-vulnerability-summary.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;;;;;;;;;;;;;;;;;;;;AAEH,gDAAkC;AAqDlC,IAAiB,yCAAyC,CA6BzD;AA7BD,WAAiB,yCAAyC;IACxD,SAAgB,UAAU,CAAC,GAA8C;QACvE,MAAM,OAAO,mCACR,GAAG,GACH;YACD,iBAAiB,EAAE,GAAG,CAAC,eAAe;gBACpC,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;oBAC7B,OAAO,KAAK,CAAC,aAAa,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;gBAC9C,CAAC,CAAC;gBACJ,CAAC,CAAC,SAAS;SACd,CACF,CAAC;QAEF,OAAO,OAAO,CAAC;IACjB,CAAC;IAbe,oDAAU,aAazB,CAAA;IACD,SAAgB,sBAAsB,CAAC,GAA8C;QACnF,MAAM,OAAO,mCACR,GAAG,GACH;YACD,iBAAiB,EAAE,GAAG,CAAC,eAAe;gBACpC,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;oBAC7B,OAAO,KAAK,CAAC,aAAa,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;gBAC1D,CAAC,CAAC;gBACJ,CAAC,CAAC,SAAS;SACd,CACF,CAAC;QAEF,OAAO,OAAO,CAAC;IACjB,CAAC;IAbe,gEAAsB,yBAarC,CAAA;AACH,CAAC,EA7BgB,yCAAyC,GAAzC,iDAAyC,KAAzC,iDAAyC,QA6BzD"}

package/lib/model/application-dependency.d.ts CHANGED Viewed

@@ -11,7 +11,9 @@
  * This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license.
  */
 /**
- * An application dependency resource creates a vulnerability audit.
+ * An ApplicationDependency resource is used within the applicationDependencies of a CreateVulnerabilityAuditDetails resource to create a vulnerability audit.
+ * Each ApplicationDependency resource must provide either Package URL (purl) identifier or a Group Artifact Version (GAV) to identify the application dependency.
+ *
  */
 export interface ApplicationDependency {
     /**
@@ -21,7 +23,7 @@ export interface ApplicationDependency {
      */
     "gav"?: string;
     /**
-     * Package URL defined in https://github.com/package-url/purl-spec, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0
+     * Package URL identifier, e.g. pkg:maven/org.graalvm.nativeimage/svm@21.1.0
      */
     "purl"?: string;
     /**

package/lib/model/application-dependency.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"application-dependency.js","sourceRoot":"","sources":["../../../../../lib/adm/lib/model/application-dependency.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;~~AAsCH~~,IAAiB,qBAAqB,CAWrC;AAXD,WAAiB,qBAAqB;IACpC,SAAgB,UAAU,CAAC,GAA0B;QACnD,MAAM,OAAO,mCAAQ,GAAG,GAAK,EAAE,CAAE,CAAC;QAElC,OAAO,OAAO,CAAC;IACjB,CAAC;IAJe,gCAAU,aAIzB,CAAA;IACD,SAAgB,sBAAsB,CAAC,GAA0B;QAC/D,MAAM,OAAO,mCAAQ,GAAG,GAAK,EAAE,CAAE,CAAC;QAElC,OAAO,OAAO,CAAC;IACjB,CAAC;IAJe,4CAAsB,yBAIrC,CAAA;AACH,CAAC,EAXgB,qBAAqB,GAArB,6BAAqB,KAArB,6BAAqB,QAWrC"}
1	+ {"version":3,"file":"application-dependency.js","sourceRoot":"","sources":["../../../../../lib/adm/lib/model/application-dependency.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAwCH,IAAiB,qBAAqB,CAWrC;AAXD,WAAiB,qBAAqB;IACpC,SAAgB,UAAU,CAAC,GAA0B;QACnD,MAAM,OAAO,mCAAQ,GAAG,GAAK,EAAE,CAAE,CAAC;QAElC,OAAO,OAAO,CAAC;IACjB,CAAC;IAJe,gCAAU,aAIzB,CAAA;IACD,SAAgB,sBAAsB,CAAC,GAA0B;QAC/D,MAAM,OAAO,mCAAQ,GAAG,GAAK,EAAE,CAAE,CAAC;QAElC,OAAO,OAAO,CAAC;IACjB,CAAC;IAJe,4CAAsB,yBAIrC,CAAA;AACH,CAAC,EAXgB,qBAAqB,GAArB,6BAAqB,KAArB,6BAAqB,QAWrC"}

package/lib/model/detect-configuration.d.ts CHANGED Viewed

@@ -12,7 +12,7 @@
  */
 import * as model from "../model";
 /**
- * A configuration to define the constraints when detecting vulnerable dependencies.
+ * A configuration to define the constraints when detecting vulnerable dependencies and recommending remediations.
  *
  */
 export interface DetectConfiguration {
@@ -29,15 +29,15 @@ export interface DetectConfiguration {
      */
     "upgradePolicy"?: DetectConfiguration.UpgradePolicy;
     /**
-     * The maximum Common Vulnerability Scoring System Version 2 (CVSS V2) score. An artifact with a CVSS V2 score below this value is not considered for patching. Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
+     * The maximum Common Vulnerability Scoring System Version 2 (CVSS V2) score. A vulnerability with a CVSS V2 score below this value is not considered for remediation. Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
      */
     "maxPermissibleCvssV2Score"?: number;
     /**
-     * The maximum Common Vulnerability Scoring System Version 3 (CVSS V3) score. An artifact with a CVSS V3 score below this value is not considered for patching. Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
+     * The maximum Common Vulnerability Scoring System Version 3 (CVSS V3) score. A vulnerability with a CVSS V3 score below this value is not considered for patching. Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
      */
     "maxPermissibleCvssV3Score"?: number;
     /**
-     * The maximum ADM Severity. An artifact with an ADM Severity below this value is not considered for patching.
+     * The maximum ADM Severity. A vulnerability with an severity below this value is not considered for remediation.
      */
     "maxPermissibleSeverity"?: model.ConfigSeverity;
 }

package/lib/model/network-configuration.d.ts CHANGED Viewed

@@ -11,8 +11,7 @@
  * This software is dual-licensed to you under the Universal Permissive License (UPL) 1.0 as shown at https://oss.oracle.com/licenses/upl or Apache License 2.0 as shown at http://www.apache.org/licenses/LICENSE-2.0. You may choose either license.
  */
 /**
- * A network configuration defines the required network characteristics for an ADM remediation recipe.
- * A network configuration is required if the build service is one of: GitHub Actions, GitLab Pipeline, or Jenkins Pipeline.
+ * A network configuration defines the required network characteristics for the remediation run of the recipe to access the source repository and/or verify build services.
  *
  */
 export interface NetworkConfiguration {

package/lib/model/network-configuration.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"network-configuration.js","sourceRoot":"","sources":["../../../../../lib/adm/lib/model/network-configuration.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;~~AAqBH~~,IAAiB,oBAAoB,CAWpC;AAXD,WAAiB,oBAAoB;IACnC,SAAgB,UAAU,CAAC,GAAyB;QAClD,MAAM,OAAO,mCAAQ,GAAG,GAAK,EAAE,CAAE,CAAC;QAElC,OAAO,OAAO,CAAC;IACjB,CAAC;IAJe,+BAAU,aAIzB,CAAA;IACD,SAAgB,sBAAsB,CAAC,GAAyB;QAC9D,MAAM,OAAO,mCAAQ,GAAG,GAAK,EAAE,CAAE,CAAC;QAElC,OAAO,OAAO,CAAC;IACjB,CAAC;IAJe,2CAAsB,yBAIrC,CAAA;AACH,CAAC,EAXgB,oBAAoB,GAApB,4BAAoB,KAApB,4BAAoB,QAWpC"}
1	+ {"version":3,"file":"network-configuration.js","sourceRoot":"","sources":["../../../../../lib/adm/lib/model/network-configuration.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAoBH,IAAiB,oBAAoB,CAWpC;AAXD,WAAiB,oBAAoB;IACnC,SAAgB,UAAU,CAAC,GAAyB;QAClD,MAAM,OAAO,mCAAQ,GAAG,GAAK,EAAE,CAAE,CAAC;QAElC,OAAO,OAAO,CAAC;IACjB,CAAC;IAJe,+BAAU,aAIzB,CAAA;IACD,SAAgB,sBAAsB,CAAC,GAAyB;QAC9D,MAAM,OAAO,mCAAQ,GAAG,GAAK,EAAE,CAAE,CAAC;QAElC,OAAO,OAAO,CAAC;IACjB,CAAC;IAJe,2CAAsB,yBAIrC,CAAA;AACH,CAAC,EAXgB,oBAAoB,GAApB,4BAAoB,KAApB,4BAAoB,QAWpC"}

package/lib/model/vulnerability.d.ts CHANGED Viewed

@@ -26,11 +26,15 @@ export interface Vulnerability {
      */
     "source"?: string;
     /**
-     * Common Vulnerability Scoring System (CVSS) Version 2. Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
+     * Common Vulnerability Scoring System (CVSS) Version 2, calculated from the metrics provided in the CVSS vector provided from the vulnerability source.
+     * This field is deprecated and will be removed in the future. The cvssV2Score can be obtained from the metrics field of the listVulnerabilities endpoint.
+     *  Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
      */
     "cvssV2Score"?: number;
     /**
-     * Common Vulnerability Scoring System (CVSS) Version 3. Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
+     * Common Vulnerability Scoring System (CVSS) Version 3, calculated from the metrics provided in the CVSS vector provided from the vulnerability source.
+     * This field is deprecated and will be removed in the future. The cvssV3Score can be obtained from the metrics field of the listVulnerabilities endpoint.
+     *  Note: Numbers greater than Number.MAX_SAFE_INTEGER will result in rounding issues.
      */
     "cvssV3Score"?: number;
     /**

package/lib/model/vulnerability.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"vulnerability.js","sourceRoot":"","sources":["../../../../../lib/adm/lib/model/vulnerability.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;~~AAyCH~~,IAAiB,aAAa,CAW7B;AAXD,WAAiB,aAAa;IAC5B,SAAgB,UAAU,CAAC,GAAkB;QAC3C,MAAM,OAAO,mCAAQ,GAAG,GAAK,EAAE,CAAE,CAAC;QAElC,OAAO,OAAO,CAAC;IACjB,CAAC;IAJe,wBAAU,aAIzB,CAAA;IACD,SAAgB,sBAAsB,CAAC,GAAkB;QACvD,MAAM,OAAO,mCAAQ,GAAG,GAAK,EAAE,CAAE,CAAC;QAElC,OAAO,OAAO,CAAC;IACjB,CAAC;IAJe,oCAAsB,yBAIrC,CAAA;AACH,CAAC,EAXgB,aAAa,GAAb,qBAAa,KAAb,qBAAa,QAW7B"}
1	+ {"version":3,"file":"vulnerability.js","sourceRoot":"","sources":["../../../../../lib/adm/lib/model/vulnerability.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AA6CH,IAAiB,aAAa,CAW7B;AAXD,WAAiB,aAAa;IAC5B,SAAgB,UAAU,CAAC,GAAkB;QAC3C,MAAM,OAAO,mCAAQ,GAAG,GAAK,EAAE,CAAE,CAAC;QAElC,OAAO,OAAO,CAAC;IACjB,CAAC;IAJe,wBAAU,aAIzB,CAAA;IACD,SAAgB,sBAAsB,CAAC,GAAkB;QACvD,MAAM,OAAO,mCAAQ,GAAG,GAAK,EAAE,CAAE,CAAC;QAElC,OAAO,OAAO,CAAC;IACjB,CAAC;IAJe,oCAAsB,yBAIrC,CAAA;AACH,CAAC,EAXgB,aAAa,GAAb,qBAAa,KAAb,qBAAa,QAW7B"}

package/lib/request/list-application-dependency-recommendations-request.d.ts CHANGED Viewed

@@ -41,7 +41,7 @@ export interface ListApplicationDependencyRecommendationsRequest extends common.
      */
     "gav"?: string;
     /**
-     * A filter to return only resources that match the entire PURL given (https://github.com/package-url/purl-spec/).
+     * A filter to return only resources that match the entire purl given.
      */
     "purl"?: string;
     /**

package/lib/request/list-application-dependency-vulnerabilities-request.d.ts CHANGED Viewed

@@ -79,7 +79,7 @@ export interface ListApplicationDependencyVulnerabilitiesRequest extends common.
      */
     "gav"?: string;
     /**
-     * A filter to return only resources that match the entire PURL given (https://github.com/package-url/purl-spec/).
+     * A filter to return only resources that match the entire purl given.
      */
     "purl"?: string;
     /**

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "oci-adm",
-  "version": "2.109.0",
+  "version": "2.110.0",
   "description": "OCI NodeJS client for Adm Service",
   "repository": {
     "type": "git",
@@ -15,8 +15,8 @@
   },
   "license": "(UPL-1.0 OR Apache-2.0)",
   "dependencies": {
-    "oci-common": "2.109.0",
-    "oci-workrequests": "2.109.0"
+    "oci-common": "2.110.0",
+    "oci-workrequests": "2.110.0"
   },
   "publishConfig": {
     "registry": "https://registry.npmjs.org"