googleapis · dinagraves · Jan 7, 2022 · Jan 7, 2022 · Jan 7, 2022
diff --git a/protos/grafeas/v1/compliance.proto b/protos/grafeas/v1/compliance.proto
@@ -16,7 +16,7 @@ syntax = "proto3";
 
 package grafeas.v1;
 
-import "grafeas/v1/vulnerability.proto";
+import "grafeas/v1/severity.proto";
 
 option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas";
 option java_multiple_files = true;

diff --git a/protos/grafeas/v1/cvss.proto b/protos/grafeas/v1/cvss.proto
@@ -83,3 +83,78 @@ message CVSSv3 {
     IMPACT_NONE = 3;
   }
 }
+
+// Common Vulnerability Scoring System.
+// For details, see https://www.first.org/cvss/specification-document
+// This is a message we will try to use for storing multiple versions of
+// CVSS. The intention is that as new versions of CVSS scores get added, we
+// will be able to modify this message rather than adding new protos for each
+// new version of the score.
+message CVSS {
+  // The base score is a function of the base metric scores.
+  float base_score = 1;
+
+  float exploitability_score = 2;
+
+  float impact_score = 3;
+
+  // Base Metrics
+  // Represents the intrinsic characteristics of a vulnerability that are
+  // constant over time and across user environments.
+  AttackVector attack_vector = 4;
+  AttackComplexity attack_complexity = 5;
+  Authentication authentication = 6;
+  PrivilegesRequired privileges_required = 7;
+  UserInteraction user_interaction = 8;
+  Scope scope = 9;
+  Impact confidentiality_impact = 10;
+  Impact integrity_impact = 11;
+  Impact availability_impact = 12;
+
+  enum AttackVector {
+    ATTACK_VECTOR_UNSPECIFIED = 0;
+    ATTACK_VECTOR_NETWORK = 1;
+    ATTACK_VECTOR_ADJACENT = 2;
+    ATTACK_VECTOR_LOCAL = 3;
+    ATTACK_VECTOR_PHYSICAL = 4;
+  }
+
+  enum AttackComplexity {
+    ATTACK_COMPLEXITY_UNSPECIFIED = 0;
+    ATTACK_COMPLEXITY_LOW = 1;
+    ATTACK_COMPLEXITY_HIGH = 2;
+  }
+
+  enum Authentication {
+    AUTHENTICATION_UNSPECIFIED = 0;
+    AUTHENTICATION_MULTIPLE = 1;
+    AUTHENTICATION_SINGLE = 2;
+    AUTHENTICATION_NONE = 3;
+  }
+
+  enum PrivilegesRequired {
+    PRIVILEGES_REQUIRED_UNSPECIFIED = 0;
+    PRIVILEGES_REQUIRED_NONE = 1;
+    PRIVILEGES_REQUIRED_LOW = 2;
+    PRIVILEGES_REQUIRED_HIGH = 3;
+  }
+
+  enum UserInteraction {
+    USER_INTERACTION_UNSPECIFIED = 0;
+    USER_INTERACTION_NONE = 1;
+    USER_INTERACTION_REQUIRED = 2;
+  }
+
+  enum Scope {
+    SCOPE_UNSPECIFIED = 0;
+    SCOPE_UNCHANGED = 1;
+    SCOPE_CHANGED = 2;
+  }
+
+  enum Impact {
+    IMPACT_UNSPECIFIED = 0;
+    IMPACT_HIGH = 1;
+    IMPACT_LOW = 2;
+    IMPACT_NONE = 3;
+  }
+}
diff --git a/protos/grafeas/v1/discovery.proto b/protos/grafeas/v1/discovery.proto
@@ -16,6 +16,7 @@ syntax = "proto3";
 
 package grafeas.v1;
 
+import "google/api/field_behavior.proto";
 import "google/protobuf/timestamp.proto";
 import "google/rpc/status.proto";
 import "grafeas/v1/common.proto";
@@ -80,4 +81,8 @@ message DiscoveryOccurrence {
 
   // The last time this resource was scanned.
   google.protobuf.Timestamp last_scan_time = 5;
+
+  // The time occurrences related to this discovery occurrence were archived.
+  google.protobuf.Timestamp archive_time = 6
+      [(google.api.field_behavior) = OUTPUT_ONLY];
 }
diff --git a/protos/grafeas/v1/severity.proto b/protos/grafeas/v1/severity.proto
@@ -0,0 +1,38 @@
+// Copyright 2021 The Grafeas Authors. All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//    http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+syntax = "proto3";
+
+package grafeas.v1;
+
+option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas";
+option java_multiple_files = true;
+option java_package = "io.grafeas.v1";
+option objc_class_prefix = "GRA";
+
+// Note provider assigned severity/impact ranking.
+enum Severity {
+  // Unknown.
+  SEVERITY_UNSPECIFIED = 0;
+  // Minimal severity.
+  MINIMAL = 1;
+  // Low severity.
+  LOW = 2;
+  // Medium severity.
+  MEDIUM = 3;
+  // High severity.
+  HIGH = 4;
+  // Critical severity.
+  CRITICAL = 5;
+}
diff --git a/protos/grafeas/v1/vulnerability.proto b/protos/grafeas/v1/vulnerability.proto
@@ -21,36 +21,21 @@ import "google/protobuf/timestamp.proto";
 import "grafeas/v1/common.proto";
 import "grafeas/v1/cvss.proto";
 import "grafeas/v1/package.proto";
+import "grafeas/v1/severity.proto";
 
 option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas";
 option java_multiple_files = true;
 option java_package = "io.grafeas.v1";
 option objc_class_prefix = "GRA";
 
-// Note provider assigned severity/impact ranking.
-enum Severity {
-  // Unknown.
-  SEVERITY_UNSPECIFIED = 0;
-  // Minimal severity.
-  MINIMAL = 1;
-  // Low severity.
-  LOW = 2;
-  // Medium severity.
-  MEDIUM = 3;
-  // High severity.
-  HIGH = 4;
-  // Critical severity.
-  CRITICAL = 5;
-}
-
 // A security vulnerability that can be found in resources.
 message VulnerabilityNote {
   // The CVSS score of this vulnerability. CVSS score is on a scale of 0 - 10
   // where 0 indicates low severity and 10 indicates high severity.
   float cvss_score = 1;
 
   // The note provider assigned severity of this vulnerability.
-  Severity severity = 2;
+  grafeas.v1.Severity severity = 2;
 
   // Details of all known distros and packages affected by this vulnerability.
   repeated Detail details = 3;
@@ -172,24 +157,15 @@ message VulnerabilityOccurrence {
   string type = 1;
 
   // Output only. The note provider assigned severity of this vulnerability.
-  Severity severity = 2;
+  grafeas.v1.Severity severity = 2;
 
   // Output only. The CVSS score of this vulnerability. CVSS score is on a
   // scale of 0 - 10 where 0 indicates low severity and 10 indicates high
   // severity.
   float cvss_score = 3;
 
-  // The CVSS v3 score for this vulnerability.
-  message CVSSV3 {
-    // The base score for for this vulnerability according to cvss v3.
-    float base_score = 1;
-    // The severity rating assigned to this vulnerability by vulnerability
-    // provider.
-    Severity severity = 2;
-  }
-
   // The cvss v3 score for the vulnerability.
-  CVSSV3 cvssv3 = 10;
+  CVSS cvssv3 = 10;
 
   // Required. The set of affected locations and their fixes (if available)
   // within the associated resource.
@@ -231,7 +207,8 @@ message VulnerabilityOccurrence {
     // The distro or language system assigned severity for this vulnerability
     // when that is available and note provider assigned severity when it is not
     // available.
-    Severity effective_severity = 9 [(google.api.field_behavior) = OUTPUT_ONLY];
+    grafeas.v1.Severity effective_severity = 9
+        [(google.api.field_behavior) = OUTPUT_ONLY];
   }
 
   // Output only. A one sentence description of this vulnerability.
@@ -253,7 +230,7 @@ message VulnerabilityOccurrence {
   // PackageIssue level. In the case where multiple PackageIssues have differing
   // effective severities, this field should be the highest severity for any of
   // the PackageIssues.
-  Severity effective_severity = 8;
+  grafeas.v1.Severity effective_severity = 8;
 
   // Output only. Whether at least one of the affected packages has a fix
   // available.

diff --git a/protos/protos.d.ts b/protos/protos.d.ts
diff --git a/protos/protos.js b/protos/protos.js
diff --git a/samples/generated/v1/binauthz_management_service_v1.create_attestor.js b/samples/generated/v1/binauthz_management_service_v1.create_attestor.js
@@ -12,6 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+
 'use strict';
 
 function main(parent, attestorId, attestor) {
@@ -35,8 +36,7 @@ function main(parent, attestorId, attestor) {
   // const attestor = {}
 
   // Imports the Binaryauthorization library
-  const {BinauthzManagementServiceV1Client} =
-    require('@google-cloud/binary-authorization').v1;
+  const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1;
 
   // Instantiates a client
   const binaryauthorizationClient = new BinauthzManagementServiceV1Client();

diff --git a/samples/generated/v1/binauthz_management_service_v1.delete_attestor.js b/samples/generated/v1/binauthz_management_service_v1.delete_attestor.js
@@ -12,6 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+
 'use strict';
 
 function main(name) {
@@ -26,8 +27,7 @@ function main(name) {
   // const name = 'abc123'
 
   // Imports the Binaryauthorization library
-  const {BinauthzManagementServiceV1Client} =
-    require('@google-cloud/binary-authorization').v1;
+  const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1;
 
   // Instantiates a client
   const binaryauthorizationClient = new BinauthzManagementServiceV1Client();

diff --git a/samples/generated/v1/binauthz_management_service_v1.get_attestor.js b/samples/generated/v1/binauthz_management_service_v1.get_attestor.js
@@ -12,6 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+
 'use strict';
 
 function main(name) {
@@ -26,8 +27,7 @@ function main(name) {
   // const name = 'abc123'
 
   // Imports the Binaryauthorization library
-  const {BinauthzManagementServiceV1Client} =
-    require('@google-cloud/binary-authorization').v1;
+  const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1;
 
   // Instantiates a client
   const binaryauthorizationClient = new BinauthzManagementServiceV1Client();

diff --git a/samples/generated/v1/binauthz_management_service_v1.get_policy.js b/samples/generated/v1/binauthz_management_service_v1.get_policy.js
@@ -12,6 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+
 'use strict';
 
 function main(name) {
@@ -26,8 +27,7 @@ function main(name) {
   // const name = 'abc123'
 
   // Imports the Binaryauthorization library
-  const {BinauthzManagementServiceV1Client} =
-    require('@google-cloud/binary-authorization').v1;
+  const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1;
 
   // Instantiates a client
   const binaryauthorizationClient = new BinauthzManagementServiceV1Client();

diff --git a/samples/generated/v1/binauthz_management_service_v1.list_attestors.js b/samples/generated/v1/binauthz_management_service_v1.list_attestors.js
@@ -12,6 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+
 'use strict';
 
 function main(parent) {
@@ -37,8 +38,7 @@ function main(parent) {
   // const pageToken = 'abc123'
 
   // Imports the Binaryauthorization library
-  const {BinauthzManagementServiceV1Client} =
-    require('@google-cloud/binary-authorization').v1;
+  const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1;
 
   // Instantiates a client
   const binaryauthorizationClient = new BinauthzManagementServiceV1Client();
@@ -50,11 +50,9 @@ function main(parent) {
     };
 
     // Run request
-    const iterable = await binaryauthorizationClient.listAttestorsAsync(
-      request
-    );
+    const iterable = await binaryauthorizationClient.listAttestorsAsync(request);
     for await (const response of iterable) {
-      console.log(response);
+        console.log(response);
     }
   }
 

diff --git a/samples/generated/v1/binauthz_management_service_v1.update_attestor.js b/samples/generated/v1/binauthz_management_service_v1.update_attestor.js
@@ -12,6 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+
 'use strict';
 
 function main(attestor) {
@@ -27,8 +28,7 @@ function main(attestor) {
   // const attestor = {}
 
   // Imports the Binaryauthorization library
-  const {BinauthzManagementServiceV1Client} =
-    require('@google-cloud/binary-authorization').v1;
+  const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1;
 
   // Instantiates a client
   const binaryauthorizationClient = new BinauthzManagementServiceV1Client();

diff --git a/samples/generated/v1/binauthz_management_service_v1.update_policy.js b/samples/generated/v1/binauthz_management_service_v1.update_policy.js
@@ -12,6 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+
 'use strict';
 
 function main(policy) {
@@ -27,8 +28,7 @@ function main(policy) {
   // const policy = {}
 
   // Imports the Binaryauthorization library
-  const {BinauthzManagementServiceV1Client} =
-    require('@google-cloud/binary-authorization').v1;
+  const {BinauthzManagementServiceV1Client} = require('@google-cloud/binary-authorization').v1;
 
   // Instantiates a client
   const binaryauthorizationClient = new BinauthzManagementServiceV1Client();

diff --git a/samples/generated/v1/system_policy_v1.get_system_policy.js b/samples/generated/v1/system_policy_v1.get_system_policy.js
@@ -12,6 +12,7 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
+
 'use strict';
 
 function main(name) {
@@ -26,8 +27,7 @@ function main(name) {
   // const name = 'abc123'
 
   // Imports the Binaryauthorization library
-  const {SystemPolicyV1Client} =
-    require('@google-cloud/binary-authorization').v1;
+  const {SystemPolicyV1Client} = require('@google-cloud/binary-authorization').v1;
 
   // Instantiates a client
   const binaryauthorizationClient = new SystemPolicyV1Client();