Namespaces
Members
(static, constant) NoteKind :number
Kind represents the kinds of notes supported.
Properties:
| Name | Type | Description |
|---|---|---|
NOTE_KIND_UNSPECIFIED |
number |
Unknown. |
VULNERABILITY |
number |
The note and occurrence represent a package vulnerability. |
BUILD |
number |
The note and occurrence assert build provenance. |
IMAGE |
number |
This represents an image basis relationship. |
PACKAGE |
number |
This represents a package installed via a package manager. |
DEPLOYMENT |
number |
The note and occurrence track deployment events. |
DISCOVERY |
number |
The note and occurrence track the initial discovery status of a resource. |
ATTESTATION |
number |
This represents a logical "role" that can attest to artifacts. |
Type Definitions
BatchCreateNotesRequest
Request to create notes in batch.
Properties:
| Name | Type | Description |
|---|---|---|
parent |
string |
The name of the project in the form of |
notes |
Object.<string, Object> |
The notes to create. |
- Source:
- See:
BatchCreateNotesResponse
Response for creating notes in batch.
Properties:
| Name | Type | Description |
|---|---|---|
notes |
Array.<Object> |
The notes that were created. This object should have the same structure as Note |
- Source:
- See:
BatchCreateOccurrencesRequest
Request to create occurrences in batch.
Properties:
| Name | Type | Description |
|---|---|---|
parent |
string |
The name of the project in the form of |
occurrences |
Array.<Object> |
The occurrences to create. This object should have the same structure as Occurrence |
- Source:
- See:
BatchCreateOccurrencesResponse
Response for creating occurrences in batch.
Properties:
| Name | Type | Description |
|---|---|---|
occurrences |
Array.<Object> |
The occurrences that were created. This object should have the same structure as Occurrence |
- Source:
- See:
CreateNoteRequest
Request to create a new note.
Properties:
| Name | Type | Description |
|---|---|---|
parent |
string |
The name of the project in the form of |
noteId |
string |
The ID to use for this note. |
note |
Object |
The note to create. This object should have the same structure as Note |
- Source:
- See:
CreateOccurrenceRequest
Request to create a new occurrence.
Properties:
| Name | Type | Description |
|---|---|---|
parent |
string |
The name of the project in the form of |
occurrence |
Object |
The occurrence to create. This object should have the same structure as Occurrence |
- Source:
- See:
DeleteNoteRequest
Request to delete a note.
Properties:
| Name | Type | Description |
|---|---|---|
name |
string |
The name of the note in the form of
|
- Source:
- See:
DeleteOccurrenceRequest
Request to delete a occurrence.
Properties:
| Name | Type | Description |
|---|---|---|
name |
string |
The name of the occurrence in the form of
|
- Source:
- See:
FixableTotalByDigest
Per resource and severity counts of fixable and total vulnerabilites.
Properties:
| Name | Type | Description |
|---|---|---|
resource |
Object |
The affected resource. This object should have the same structure as Resource |
severity |
number |
The severity for this count. SEVERITY_UNSPECIFIED indicates total across all severities. The number should be among the values of Severity |
fixableCount |
number |
The number of fixable vulnerabilities associated with this resource. |
totalCount |
number |
The total number of vulnerabilities associated with this resource. |
- Source:
- See:
GetNoteRequest
Request to get a note.
Properties:
| Name | Type | Description |
|---|---|---|
name |
string |
The name of the note in the form of
|
- Source:
- See:
GetOccurrenceNoteRequest
Request to get the note to which the specified occurrence is attached.
Properties:
| Name | Type | Description |
|---|---|---|
name |
string |
The name of the occurrence in the form of
|
- Source:
- See:
GetOccurrenceRequest
Request to get an occurrence.
Properties:
| Name | Type | Description |
|---|---|---|
name |
string |
The name of the occurrence in the form of
|
- Source:
- See:
GetVulnerabilityOccurrencesSummaryRequest
Request to get a vulnerability summary for some set of occurrences.
Properties:
| Name | Type | Description |
|---|---|---|
parent |
string |
The name of the project to get a vulnerability summary for in the form of
|
filter |
string |
The filter expression. |
- Source:
- See:
ListNoteOccurrencesRequest
Request to list occurrences for a note.
Properties:
| Name | Type | Description |
|---|---|---|
name |
string |
The name of the note to list occurrences for in the form of
|
filter |
string |
The filter expression. |
pageSize |
number |
Number of occurrences to return in the list. |
pageToken |
string |
Token to provide to skip to a particular spot in the list. |
- Source:
- See:
ListNoteOccurrencesResponse
Response for listing occurrences for a note.
Properties:
| Name | Type | Description |
|---|---|---|
occurrences |
Array.<Object> |
The occurrences attached to the specified note. This object should have the same structure as Occurrence |
nextPageToken |
string |
Token to provide to skip to a particular spot in the list. |
- Source:
- See:
ListNotesRequest
Request to list notes.
Properties:
| Name | Type | Description |
|---|---|---|
parent |
string |
The name of the project to list notes for in the form of
|
filter |
string |
The filter expression. |
pageSize |
number |
Number of notes to return in the list. |
pageToken |
string |
Token to provide to skip to a particular spot in the list. |
- Source:
- See:
ListNotesResponse
Response for listing notes.
Properties:
| Name | Type | Description |
|---|---|---|
notes |
Array.<Object> |
The notes requested. This object should have the same structure as Note |
nextPageToken |
string |
The next pagination token in the list response. It should be used as
|
- Source:
- See:
ListOccurrencesRequest
Request to list occurrences.
Properties:
| Name | Type | Description |
|---|---|---|
parent |
string |
The name of the project to list occurrences for in the form of
|
filter |
string |
The filter expression. |
pageSize |
number |
Number of occurrences to return in the list. |
pageToken |
string |
Token to provide to skip to a particular spot in the list. |
- Source:
- See:
ListOccurrencesResponse
Response for listing occurrences.
Properties:
| Name | Type | Description |
|---|---|---|
occurrences |
Array.<Object> |
The occurrences requested. This object should have the same structure as Occurrence |
nextPageToken |
string |
The next pagination token in the list response. It should be used as
|
- Source:
- See:
Note
A type of analysis that can be done for a resource.
Properties:
| Name | Type | Description |
|---|---|---|
name |
string |
Output only. The name of the note in the form of
|
shortDescription |
string |
A one sentence description of this note. |
longDescription |
string |
A detailed description of this note. |
kind |
number |
Output only. The type of analysis. This field can be used as a filter in list requests. The number should be among the values of NoteKind |
relatedUrl |
Array.<Object> |
URLs associated with this note. This object should have the same structure as RelatedUrl |
expirationTime |
Object |
Time of expiration for this note. Empty if note does not expire. This object should have the same structure as Timestamp |
createTime |
Object |
Output only. The time this note was created. This field can be used as a filter in list requests. This object should have the same structure as Timestamp |
updateTime |
Object |
Output only. The time this note was last updated. This field can be used as a filter in list requests. This object should have the same structure as Timestamp |
relatedNoteNames |
Array.<string> |
Other notes related to this note. |
vulnerability |
Object |
A note describing a package vulnerability. This object should have the same structure as Vulnerability |
build |
Object |
A note describing build provenance for a verifiable build. This object should have the same structure as Build |
baseImage |
Object |
A note describing a base image. This object should have the same structure as Basis |
package |
Object |
A note describing a package hosted by various package managers. This object should have the same structure as Package |
deployable |
Object |
A note describing something that can be deployed. This object should have the same structure as Deployable |
discovery |
Object |
A note describing the initial analysis of a resource. This object should have the same structure as Discovery |
attestationAuthority |
Object |
A note describing an attestation role. This object should have the same structure as Authority |
- Source:
- See:
Occurrence
An instance of an analysis type that has been found on a resource.
Properties:
| Name | Type | Description |
|---|---|---|
name |
string |
Output only. The name of the occurrence in the form of
|
resource |
Object |
Required. Immutable. The resource for which the occurrence applies. This object should have the same structure as Resource |
noteName |
string |
Required. Immutable. The analysis note associated with this occurrence, in
the form of |
kind |
number |
Output only. This explicitly denotes which of the occurrence details are specified. This field can be used as a filter in list requests. The number should be among the values of NoteKind |
remediation |
string |
A description of actions that can be taken to remedy the note. |
createTime |
Object |
Output only. The time this occurrence was created. This object should have the same structure as Timestamp |
updateTime |
Object |
Output only. The time this occurrence was last updated. This object should have the same structure as Timestamp |
vulnerability |
Object |
Describes a security vulnerability. This object should have the same structure as Details |
build |
Object |
Describes a verifiable build. This object should have the same structure as Details |
derivedImage |
Object |
Describes how this resource derives from the basis in the associated note. This object should have the same structure as Details |
installation |
Object |
Describes the installation of a package on the linked resource. This object should have the same structure as Details |
deployment |
Object |
Describes the deployment of an artifact on a runtime. This object should have the same structure as Details |
discovered |
Object |
Describes when a resource was discovered. This object should have the same structure as Details |
attestation |
Object |
Describes an attestation of an artifact. This object should have the same structure as Details |
- Source:
- See:
RelatedUrl
Metadata for any related URL information.
Properties:
| Name | Type | Description |
|---|---|---|
url |
string |
Specific URL associated with the resource. |
label |
string |
Label to describe usage of the URL. |
- Source:
- See:
Resource
An entity that can have metadata. For example, a Docker image.
Properties:
| Name | Type | Description |
|---|---|---|
name |
string |
The name of the resource. For example, the name of a Docker image - "Debian". |
uri |
string |
The unique URI of the resource. For example,
|
contentHash |
Object |
The hash of the resource content. For example, the Docker digest. This object should have the same structure as Hash |
- Source:
- See:
UpdateNoteRequest
Request to update a note.
Properties:
| Name | Type | Description |
|---|---|---|
name |
string |
The name of the note in the form of
|
note |
Object |
The updated note. This object should have the same structure as Note |
updateMask |
Object |
The fields to update. This object should have the same structure as FieldMask |
- Source:
- See:
UpdateOccurrenceRequest
Request to update an occurrence.
Properties:
| Name | Type | Description |
|---|---|---|
name |
string |
The name of the occurrence in the form of
|
occurrence |
Object |
The updated occurrence. This object should have the same structure as Occurrence |
updateMask |
Object |
The fields to update. This object should have the same structure as FieldMask |
- Source:
- See:
VulnerabilityOccurrencesSummary
A summary of how many vulnerability occurrences there are per resource and severity type.
Properties:
| Name | Type | Description |
|---|---|---|
counts |
Array.<Object> |
A listing by resource of the number of fixable and total vulnerabilities. This object should have the same structure as FixableTotalByDigest |