You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/dyn/ondemandscanning_v1.projects.locations.scans.html
+5-1Lines changed: 5 additions & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -100,7 +100,7 @@ <h3>Method Details</h3>
100
100
"packages": [ # The packages to analyze.
101
101
{
102
102
"architecture": "A String", # The architecture of the package.
103
-
"binary": { # The binary package. This is significant when the source is different than the binary itself. Historically if they've differed, we've stored the name of the source and its version in the package/version fields, but we should also store the binary package info, as that's what's actually installed. See b/175908657#comment15.
103
+
"binaryVersion": { # The binary package. This is significant when the source is different than the binary itself. Historically if they've differed, we've stored the name of the source and its version in the package/version fields, but we should also store the binary package info, as that's what's actually installed. See b/175908657#comment15.
104
104
"name": "A String",
105
105
"version": "A String",
106
106
},
@@ -128,6 +128,10 @@ <h3>Method Details</h3>
128
128
"patchedCve": [ # CVEs that this package is no longer vulnerable to go/drydock-dd-custom-binary-scanning
129
129
"A String",
130
130
],
131
+
"sourceVersion": { # The source package. Similar to the above, this is significant when the source is different than the binary itself. Since the top-level package/version fields are based on an if/else, we need a separate field for both binary and source if we want to know definitively where the data is coming from.
132
+
"name": "A String",
133
+
"version": "A String",
134
+
},
131
135
"unused": "A String",
132
136
"version": "A String", # The version of the package being analysed
Copy file name to clipboardExpand all lines: docs/dyn/ondemandscanning_v1.projects.locations.scans.vulnerabilities.html
+29Lines changed: 29 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -656,6 +656,35 @@ <h3>Method Details</h3>
656
656
},
657
657
"remediation": "A String", # A description of actions that can be taken to remedy the note.
658
658
"resourceUri": "A String", # Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, `https://gcr.io/project/image@sha256:123abc` for a Docker image.
659
+
"sbomReference": { # The occurrence representing an SBOM reference as applied to a specific resource. The occurrence follows the DSSE specification. See https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for more details. # Describes a specific SBOM reference occurrences.
660
+
"payload": { # The actual payload that contains the SBOM Reference data. The payload follows the intoto statement specification. See https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md for more details. # The actual payload that contains the SBOM reference data.
661
+
"_type": "A String", # Identifier for the schema of the Statement.
662
+
"predicate": { # A predicate which describes the SBOM being referenced. # Additional parameters of the Predicate. Includes the actual data about the SBOM.
663
+
"digest": { # A map of algorithm to digest of the contents of the SBOM.
664
+
"a_key": "A String",
665
+
},
666
+
"location": "A String", # The location of the SBOM.
667
+
"mimeType": "A String", # The mime type of the SBOM.
668
+
"referrerId": "A String", # The person or system referring this predicate to the consumer.
669
+
},
670
+
"predicateType": "A String", # URI identifying the type of the Predicate.
671
+
"subject": [ # Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
672
+
{
673
+
"digest": { # `"": ""` Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
674
+
"a_key": "A String",
675
+
},
676
+
"name": "A String",
677
+
},
678
+
],
679
+
},
680
+
"payloadType": "A String", # The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
681
+
"signatures": [ # The signatures over the payload.
682
+
{
683
+
"keyid": "A String",
684
+
"sig": "A String",
685
+
},
686
+
],
687
+
},
659
688
"updateTime": "A String", # Output only. The time this occurrence was last updated.
660
689
"upgrade": { # An Upgrade Occurrence represents that a specific resource_url could install a specific upgrade. This presence is supplied via local sources (i.e. it is present in the mirror and the running system has noticed its availability). For Windows, both distribution and windows_update contain information for the Windows update. # Describes an available package upgrade on the linked resource.
661
690
"distribution": { # The Upgrade Distribution represents metadata about the Upgrade for each operating system (CPE). Some distributions have additional metadata around updates, classifying them into various categories and severities. # Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
Copy file name to clipboardExpand all lines: docs/dyn/ondemandscanning_v1beta1.projects.locations.scans.html
+5-1Lines changed: 5 additions & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -99,7 +99,7 @@ <h3>Method Details</h3>
99
99
"packages": [ # The packages to analyze.
100
100
{
101
101
"architecture": "A String", # The architecture of the package.
102
-
"binary": { # The binary package. This is significant when the source is different than the binary itself. Historically if they've differed, we've stored the name of the source and its version in the package/version fields, but we should also store the binary package info, as that's what's actually installed. See b/175908657#comment15.
102
+
"binaryVersion": { # The binary package. This is significant when the source is different than the binary itself. Historically if they've differed, we've stored the name of the source and its version in the package/version fields, but we should also store the binary package info, as that's what's actually installed. See b/175908657#comment15.
103
103
"name": "A String",
104
104
"version": "A String",
105
105
},
@@ -127,6 +127,10 @@ <h3>Method Details</h3>
127
127
"patchedCve": [ # CVEs that this package is no longer vulnerable to go/drydock-dd-custom-binary-scanning
128
128
"A String",
129
129
],
130
+
"sourceVersion": { # The source package. Similar to the above, this is significant when the source is different than the binary itself. Since the top-level package/version fields are based on an if/else, we need a separate field for both binary and source if we want to know definitively where the data is coming from.
131
+
"name": "A String",
132
+
"version": "A String",
133
+
},
130
134
"unused": "A String",
131
135
"version": "A String", # The version of the package being analysed
Copy file name to clipboardExpand all lines: docs/dyn/ondemandscanning_v1beta1.projects.locations.scans.vulnerabilities.html
+29Lines changed: 29 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -656,6 +656,35 @@ <h3>Method Details</h3>
656
656
},
657
657
"remediation": "A String", # A description of actions that can be taken to remedy the note.
658
658
"resourceUri": "A String", # Required. Immutable. A URI that represents the resource for which the occurrence applies. For example, `https://gcr.io/project/image@sha256:123abc` for a Docker image.
659
+
"sbomReference": { # The occurrence representing an SBOM reference as applied to a specific resource. The occurrence follows the DSSE specification. See https://github.com/secure-systems-lab/dsse/blob/master/envelope.md for more details. # Describes a specific SBOM reference occurrences.
660
+
"payload": { # The actual payload that contains the SBOM Reference data. The payload follows the intoto statement specification. See https://github.com/in-toto/attestation/blob/main/spec/v1.0/statement.md for more details. # The actual payload that contains the SBOM reference data.
661
+
"_type": "A String", # Identifier for the schema of the Statement.
662
+
"predicate": { # A predicate which describes the SBOM being referenced. # Additional parameters of the Predicate. Includes the actual data about the SBOM.
663
+
"digest": { # A map of algorithm to digest of the contents of the SBOM.
664
+
"a_key": "A String",
665
+
},
666
+
"location": "A String", # The location of the SBOM.
667
+
"mimeType": "A String", # The mime type of the SBOM.
668
+
"referrerId": "A String", # The person or system referring this predicate to the consumer.
669
+
},
670
+
"predicateType": "A String", # URI identifying the type of the Predicate.
671
+
"subject": [ # Set of software artifacts that the attestation applies to. Each element represents a single software artifact.
672
+
{
673
+
"digest": { # `"": ""` Algorithms can be e.g. sha256, sha512 See https://github.com/in-toto/attestation/blob/main/spec/field_types.md#DigestSet
674
+
"a_key": "A String",
675
+
},
676
+
"name": "A String",
677
+
},
678
+
],
679
+
},
680
+
"payloadType": "A String", # The kind of payload that SbomReferenceIntotoPayload takes. Since it's in the intoto format, this value is expected to be 'application/vnd.in-toto+json'.
681
+
"signatures": [ # The signatures over the payload.
682
+
{
683
+
"keyid": "A String",
684
+
"sig": "A String",
685
+
},
686
+
],
687
+
},
659
688
"updateTime": "A String", # Output only. The time this occurrence was last updated.
660
689
"upgrade": { # An Upgrade Occurrence represents that a specific resource_url could install a specific upgrade. This presence is supplied via local sources (i.e. it is present in the mirror and the running system has noticed its availability). For Windows, both distribution and windows_update contain information for the Windows update. # Describes an available package upgrade on the linked resource.
661
690
"distribution": { # The Upgrade Distribution represents metadata about the Upgrade for each operating system (CPE). Some distributions have additional metadata around updates, classifying them into various categories and severities. # Metadata about the upgrade for available for the specific operating system for the resource_url. This allows efficient filtering, as well as making it easier to use the occurrence.
0 commit comments