You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/dyn/containeranalysis_v1.projects.notes.occurrences.html
+28Lines changed: 28 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -771,6 +771,34 @@ <h3>Method Details</h3>
771
771
"severity": "A String", # Output only. The note provider assigned severity of this vulnerability.
772
772
"shortDescription": "A String", # Output only. A one sentence description of this vulnerability.
773
773
"type": "A String", # The type of package; whether native or non native (e.g., ruby gems, node.js packages, etc.).
774
+
"vexAssessment": { # VexAssessment provides all publisher provided Vex information that is related to this vulnerability.
775
+
"cve": "A String", # Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) tracking number for the vulnerability.
776
+
"impacts": [ # Contains information about the impact of this vulnerability, this will change with time.
777
+
"A String",
778
+
],
779
+
"justification": { # Justification provides the justification when the state of the assessment if NOT_AFFECTED. # Justification provides the justification when the state of the assessment if NOT_AFFECTED.
780
+
"details": "A String", # Additional details on why this justification was chosen.
781
+
"justificationType": "A String", # The justification type for this vulnerability.
782
+
},
783
+
"noteName": "A String", # The VulnerabilityAssessment note from which this VexAssessment was generated. This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`.
784
+
"relatedUris": [ # Holds a list of references associated with this vulnerability item and assessment.
785
+
{ # Metadata for any related URL information.
786
+
"label": "A String", # Label to describe usage of the URL.
787
+
"url": "A String", # Specific URL associated with the resource.
788
+
},
789
+
],
790
+
"remediations": [ # Specifies details on how to handle (and presumably, fix) a vulnerability.
791
+
{ # Specifies details on how to handle (and presumably, fix) a vulnerability.
792
+
"details": "A String", # Contains a comprehensive human-readable discussion of the remediation.
793
+
"remediationType": "A String", # The type of remediation that can be applied.
794
+
"remediationUri": { # Metadata for any related URL information. # Contains the URL where to obtain the remediation.
795
+
"label": "A String", # Label to describe usage of the URL.
796
+
"url": "A String", # Specific URL associated with the resource.
797
+
},
798
+
},
799
+
],
800
+
"state": "A String", # Provides the state of this Vulnerability assessment.
<pre>Gets a summary of the packages within a given resource.
92
+
93
+
Args:
94
+
name: string, Required. The name of the resource to get a packages summary for in the form of `projects/[PROJECT_ID]/resources/[RESOURCE_URL]`. (required)
95
+
body: object, The request body.
96
+
The object takes the form of:
97
+
98
+
{ # GeneratePackagesSummaryRequest is the request body for the GeneratePackagesSummary API method. It just takes a single name argument, referring to the resource.
99
+
}
100
+
101
+
x__xgafv: string, V1 error format.
102
+
Allowed values
103
+
1 - v1 error format
104
+
2 - v2 error format
105
+
106
+
Returns:
107
+
An object of the form:
108
+
109
+
{ # A summary of the packages found within the given resource.
110
+
"licensesSummary": [ # A listing by license name of each of the licenses and their counts.
111
+
{ # Per license count
112
+
"count": "A String", # The number of fixable vulnerabilities associated with this resource.
113
+
"license": "A String", # The license of the package. Note that the format of this value is not guaranteed. It may be nil, an empty string, a boolean value (A | B), a differently formed boolean value (A OR B), etc...
114
+
},
115
+
],
116
+
"resourceUrl": "A String", # The unique URL of the image or the container for which this summary applies.
Copy file name to clipboardExpand all lines: docs/dyn/containeranalysis_v1alpha1.projects.notes.html
+24Lines changed: 24 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -237,6 +237,10 @@ <h3>Method Details</h3>
237
237
"dataLicence": "A String", # Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
238
238
"spdxVersion": "A String", # Provide a reference number that can be used to understand how to parse and interpret the rest of the file
239
239
},
240
+
"sbomReference": { # The note representing an SBOM reference. # A note describing a reference to an SBOM.
241
+
"format": "A String", # The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
242
+
"version": "A String", # The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.
243
+
},
240
244
"shortDescription": "A String", # A one sentence description of this `Note`.
241
245
"spdxFile": { # FileNote represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/ # A note describing an SPDX File.
242
246
"checksum": [ # Provide a unique identifier to match analysis information on each specific file in a package
@@ -537,6 +541,10 @@ <h3>Method Details</h3>
537
541
"dataLicence": "A String", # Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
538
542
"spdxVersion": "A String", # Provide a reference number that can be used to understand how to parse and interpret the rest of the file
539
543
},
544
+
"sbomReference": { # The note representing an SBOM reference. # A note describing a reference to an SBOM.
545
+
"format": "A String", # The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
546
+
"version": "A String", # The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.
547
+
},
540
548
"shortDescription": "A String", # A one sentence description of this `Note`.
541
549
"spdxFile": { # FileNote represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/ # A note describing an SPDX File.
542
550
"checksum": [ # Provide a unique identifier to match analysis information on each specific file in a package
@@ -860,6 +868,10 @@ <h3>Method Details</h3>
860
868
"dataLicence": "A String", # Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
861
869
"spdxVersion": "A String", # Provide a reference number that can be used to understand how to parse and interpret the rest of the file
862
870
},
871
+
"sbomReference": { # The note representing an SBOM reference. # A note describing a reference to an SBOM.
872
+
"format": "A String", # The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
873
+
"version": "A String", # The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.
874
+
},
863
875
"shortDescription": "A String", # A one sentence description of this `Note`.
864
876
"spdxFile": { # FileNote represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/ # A note describing an SPDX File.
865
877
"checksum": [ # Provide a unique identifier to match analysis information on each specific file in a package
@@ -1215,6 +1227,10 @@ <h3>Method Details</h3>
1215
1227
"dataLicence": "A String", # Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
1216
1228
"spdxVersion": "A String", # Provide a reference number that can be used to understand how to parse and interpret the rest of the file
1217
1229
},
1230
+
"sbomReference": { # The note representing an SBOM reference. # A note describing a reference to an SBOM.
1231
+
"format": "A String", # The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
1232
+
"version": "A String", # The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.
1233
+
},
1218
1234
"shortDescription": "A String", # A one sentence description of this `Note`.
1219
1235
"spdxFile": { # FileNote represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/ # A note describing an SPDX File.
1220
1236
"checksum": [ # Provide a unique identifier to match analysis information on each specific file in a package
@@ -1531,6 +1547,10 @@ <h3>Method Details</h3>
1531
1547
"dataLicence": "A String", # Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
1532
1548
"spdxVersion": "A String", # Provide a reference number that can be used to understand how to parse and interpret the rest of the file
1533
1549
},
1550
+
"sbomReference": { # The note representing an SBOM reference. # A note describing a reference to an SBOM.
1551
+
"format": "A String", # The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
1552
+
"version": "A String", # The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.
1553
+
},
1534
1554
"shortDescription": "A String", # A one sentence description of this `Note`.
1535
1555
"spdxFile": { # FileNote represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/ # A note describing an SPDX File.
1536
1556
"checksum": [ # Provide a unique identifier to match analysis information on each specific file in a package
@@ -1830,6 +1850,10 @@ <h3>Method Details</h3>
1830
1850
"dataLicence": "A String", # Compliance with the SPDX specification includes populating the SPDX fields therein with data related to such fields ("SPDX-Metadata")
1831
1851
"spdxVersion": "A String", # Provide a reference number that can be used to understand how to parse and interpret the rest of the file
1832
1852
},
1853
+
"sbomReference": { # The note representing an SBOM reference. # A note describing a reference to an SBOM.
1854
+
"format": "A String", # The format that SBOM takes. E.g. may be spdx, cyclonedx, etc...
1855
+
"version": "A String", # The version of the format that the SBOM takes. E.g. if the format is spdx, the version may be 2.3.
1856
+
},
1833
1857
"shortDescription": "A String", # A one sentence description of this `Note`.
1834
1858
"spdxFile": { # FileNote represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/ # A note describing an SPDX File.
1835
1859
"checksum": [ # Provide a unique identifier to match analysis information on each specific file in a package
Copy file name to clipboardExpand all lines: docs/dyn/containeranalysis_v1alpha1.projects.notes.occurrences.html
+29Lines changed: 29 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -707,6 +707,35 @@ <h3>Method Details</h3>
707
707
"namespace": "A String", # Provide an SPDX document specific namespace as a unique absolute Uniform Resource Identifier (URI) as specified in RFC-3986, with the exception of the ‘#’ delimiter
708
708
"title": "A String", # Identify name of this document as designated by creator
709
709
},
710
+
"sbomReference": { # The occurrence representing an SBOM reference as applied to a specific resource. The occurrence follows the DSSE specification. See https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for more details. # This represents an SBOM reference occurrence
711
+
"payload": { # The actual payload that contains the SBOM Reference data. The payload follows the intoto statement specification. See https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md for more details. # The actual payload that contains the SBOM reference data.
712
+
"_type": "A String", # Identifier for the schema of the Statement.
713
+
"predicate": { # A predicate which describes the SBOM being referenced. # Additional parameters of the Predicate. Includes the actual data about the SBOM.
714
+
"digest": { # A map of algorithm to digest of the contents of the SBOM.
715
+
"a_key": "A String",
716
+
},
717
+
"location": "A String", # The location of the SBOM.
718
+
"mimeType": "A String", # The mime type of the SBOM.
719
+
"referrerId": "A String", # The person or system referring this predicate to the consumer.
720
+
},
721
+
"predicateType": "A String", # URI identifying the type of the Predicate.
722
+
"subject": [ # Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
723
+
{ # Subject refers to the subject of the intoto statement
724
+
"digest": { # "": "" Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
725
+
"a_key": "A String",
726
+
},
727
+
"name": "A String", # name is the name of the Subject used here
728
+
},
729
+
],
730
+
},
731
+
"payloadType": "A String", # The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
732
+
"signatures": [ # The signatures over the payload.
733
+
{ # A DSSE signature
734
+
"keyid": "A String", # A reference id to the key being used for signing
735
+
"sig": "A String", # The signature itself
736
+
},
737
+
],
738
+
},
710
739
"spdxFile": { # FileOccurrence represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/ # Describes a specific SPDX File.
711
740
"attributions": [ # This field provides a place for the SPDX data creator to record, at the file level, acknowledgements that may be needed to be communicated in some contexts
0 commit comments