From ec484a6f369d2df6dc73a798501c8937caf5634b Mon Sep 17 00:00:00 2001 From: "gcf-owl-bot[bot]" <78513119+gcf-owl-bot[bot]@users.noreply.github.com> Date: Tue, 14 Mar 2023 17:44:12 +0000 Subject: [PATCH] feat: [containeranalysis] Add VULNERABILITY_ASSESSMENT Note type to grafeas v1 API, adds Vex_Assessment derived from the Note to resources' occurrences, VEX notes now be written to add CVE assessments (#4070) - [ ] Regenerate this pull request now. PiperOrigin-RevId: 515727862 Source-Link: https://togithub.com/googleapis/googleapis/commit/a4e62056b0a8b2464e5b0b8f593b798d99c7817e Source-Link: https://togithub.com/googleapis/googleapis-gen/commit/3bc42dca2900815c165cf7d3419ff70df05dfb90 Copy-Tag: eyJwIjoicGFja2FnZXMvZ29vZ2xlLWRldnRvb2xzLWNvbnRhaW5lcmFuYWx5c2lzLy5Pd2xCb3QueWFtbCIsImgiOiIzYmM0MmRjYTI5MDA4MTVjMTY1Y2Y3ZDM0MTlmZjcwZGYwNWRmYjkwIn0= --- .../protos/grafeas/v1/common.proto | 2 + .../protos/grafeas/v1/grafeas.proto | 3 + .../protos/grafeas/v1/vex.proto | 203 ++ .../protos/grafeas/v1/vulnerability.proto | 42 +- .../protos/protos.d.ts | 1378 ++++++-- .../protos/protos.js | 2903 +++++++++++++++-- .../protos/protos.json | 224 +- .../src/v1/container_analysis_proto_list.json | 1 + .../src/v1/grafeas_proto_list.json | 1 + 9 files changed, 4302 insertions(+), 455 deletions(-) create mode 100644 packages/google-devtools-containeranalysis/protos/grafeas/v1/vex.proto diff --git a/packages/google-devtools-containeranalysis/protos/grafeas/v1/common.proto b/packages/google-devtools-containeranalysis/protos/grafeas/v1/common.proto index 80bd7869968..1464ecc9be2 100644 --- a/packages/google-devtools-containeranalysis/protos/grafeas/v1/common.proto +++ b/packages/google-devtools-containeranalysis/protos/grafeas/v1/common.proto @@ -45,6 +45,8 @@ enum NoteKind { COMPLIANCE = 9; // This represents a DSSE attestation Note DSSE_ATTESTATION = 10; + // This represents a Vulnerability Assessment. + VULNERABILITY_ASSESSMENT = 11; } // Metadata for any related URL information. diff --git a/packages/google-devtools-containeranalysis/protos/grafeas/v1/grafeas.proto b/packages/google-devtools-containeranalysis/protos/grafeas/v1/grafeas.proto index 5665fe3623e..5ec930e6ef3 100644 --- a/packages/google-devtools-containeranalysis/protos/grafeas/v1/grafeas.proto +++ b/packages/google-devtools-containeranalysis/protos/grafeas/v1/grafeas.proto @@ -33,6 +33,7 @@ import "grafeas/v1/dsse_attestation.proto"; import "grafeas/v1/image.proto"; import "grafeas/v1/package.proto"; import "grafeas/v1/upgrade.proto"; +import "grafeas/v1/vex.proto"; import "grafeas/v1/vulnerability.proto"; option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; @@ -314,6 +315,8 @@ message Note { grafeas.v1.ComplianceNote compliance = 18; // A note describing a dsse attestation note. grafeas.v1.DSSEAttestationNote dsse_attestation = 19; + // A note describing a vulnerability assessment. + grafeas.v1.VulnerabilityAssessmentNote vulnerability_assessment = 20; } } diff --git a/packages/google-devtools-containeranalysis/protos/grafeas/v1/vex.proto b/packages/google-devtools-containeranalysis/protos/grafeas/v1/vex.proto new file mode 100644 index 00000000000..ba53a8438ff --- /dev/null +++ b/packages/google-devtools-containeranalysis/protos/grafeas/v1/vex.proto @@ -0,0 +1,203 @@ +// Copyright 2023 The Grafeas Authors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +syntax = "proto3"; + +package grafeas.v1; + +import "grafeas/v1/common.proto"; + +option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; +option java_multiple_files = true; +option java_package = "io.grafeas.v1"; +option objc_class_prefix = "GRA"; + +// A single VulnerabilityAssessmentNote represents +// one particular product's vulnerability assessment for one CVE. +message VulnerabilityAssessmentNote { + // The title of the note. E.g. `Vex-Debian-11.4` + string title = 1; + + // A one sentence description of this Vex. + string short_description = 2; + + // A detailed description of this Vex. + string long_description = 3; + + // Identifies the language used by this document, + // corresponding to IETF BCP 47 / RFC 5646. + string language_code = 4; + + // Publisher contains information about the publisher of + // this Note. + // (-- api-linter: core::0123::resource-annotation=disabled + // aip.dev/not-precedent: Publisher is not a separate resource. --) + message Publisher { + // Name of the publisher. + // Examples: 'Google', 'Google Cloud Platform'. + string name = 1; + + // Provides information about the authority of the issuing party to + // release the document, in particular, the party's constituency and + // responsibilities or other obligations. + string issuing_authority = 2; + + // The context or namespace. + // Contains a URL which is under control of the issuing party and can + // be used as a globally unique identifier for that issuing party. + // Example: https://csaf.io + string publisher_namespace = 3; + } + + // Publisher details of this Note. + Publisher publisher = 5; + + // Product contains information about a product and how to uniquely identify + // it. + // (-- api-linter: core::0123::resource-annotation=disabled + // aip.dev/not-precedent: Product is not a separate resource. --) + message Product { + // Name of the product. + string name = 1; + + // Token that identifies a product so that it can be referred to from other + // parts in the document. There is no predefined format as long as it + // uniquely identifies a group in the context of the current document. + string id = 2; + + oneof identifier { + // Contains a URI which is vendor-specific. + // Example: The artifact repository URL of an image. + string generic_uri = 3; + } + } + + // The product affected by this vex. + Product product = 6; + + // Assessment provides all information that is related to a single + // vulnerability for this product. + message Assessment { + // Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) + // tracking number for the vulnerability. + string cve = 1; + + // A one sentence description of this Vex. + string short_description = 2; + + // A detailed description of this Vex. + string long_description = 3; + + // Holds a list of references associated with this vulnerability item and + // assessment. These uris have additional information about the + // vulnerability and the assessment itself. E.g. Link to a document which + // details how this assessment concluded the state of this vulnerability. + repeated grafeas.v1.RelatedUrl related_uris = 4; + + // Provides the state of this Vulnerability assessment. + enum State { + // No state is specified. + STATE_UNSPECIFIED = 0; + // This product is known to be affected by this vulnerability. + AFFECTED = 1; + // This product is known to be not affected by this vulnerability. + NOT_AFFECTED = 2; + // This product contains a fix for this vulnerability. + FIXED = 3; + // It is not known yet whether these versions are or are not affected + // by the vulnerability. However, it is still under investigation. + UNDER_INVESTIGATION = 4; + } + + // Provides the state of this Vulnerability assessment. + State state = 5; + + // Contains information about the impact of this vulnerability, + // this will change with time. + repeated string impacts = 6; + + // Justification provides the justification when the state of the + // assessment if NOT_AFFECTED. + message Justification { + // Provides the type of justification. + enum JustificationType { + // JUSTIFICATION_TYPE_UNSPECIFIED. + JUSTIFICATION_TYPE_UNSPECIFIED = 0; + // The vulnerable component is not present in the product. + COMPONENT_NOT_PRESENT = 1; + // The vulnerable code is not present. Typically this case + // occurs when source code is configured or built in a way that excludes + // the vulnerable code. + VULNERABLE_CODE_NOT_PRESENT = 2; + // The vulnerable code can not be executed. + // Typically this case occurs when the product includes the vulnerable + // code but does not call or use the vulnerable code. + VULNERABLE_CODE_NOT_IN_EXECUTE_PATH = 3; + // The vulnerable code cannot be controlled by an attacker to exploit + // the vulnerability. + VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY = 4; + // The product includes built-in protections or features that prevent + // exploitation of the vulnerability. These built-in protections cannot + // be subverted by the attacker and cannot be configured or disabled by + // the user. These mitigations completely prevent exploitation based on + // known attack vectors. + INLINE_MITIGATIONS_ALREADY_EXIST = 5; + } + + // The justification type for this vulnerability. + JustificationType justification_type = 1; + + // Additional details on why this justification was chosen. + string details = 2; + } + + // Justification provides the justification when the state of the + // assessment if NOT_AFFECTED. + Justification justification = 7; + + // Specifies details on how to handle (and presumably, fix) a vulnerability. + message Remediation { + // The type of remediation that can be applied. + enum RemediationType { + // No remediation type specified. + REMEDIATION_TYPE_UNSPECIFIED = 0; + // A MITIGATION is available. + MITIGATION = 1; + // No fix is planned. + NO_FIX_PLANNED = 2; + // Not available. + NONE_AVAILABLE = 3; + // A vendor fix is available. + VENDOR_FIX = 4; + // A workaround is available. + WORKAROUND = 5; + } + + // The type of remediation that can be applied. + RemediationType remediation_type = 1; + + // Contains a comprehensive human-readable discussion of the remediation. + string details = 2; + + // Contains the URL where to obtain the remediation. + grafeas.v1.RelatedUrl remediation_uri = 3; + } + + // Specifies details on how to handle (and presumably, fix) a vulnerability. + repeated Remediation remediations = 8; + } + + // Represents a vulnerability assessment for the product. + Assessment assessment = 7; +} diff --git a/packages/google-devtools-containeranalysis/protos/grafeas/v1/vulnerability.proto b/packages/google-devtools-containeranalysis/protos/grafeas/v1/vulnerability.proto index 99abf3be7a2..3b316eb8dd3 100644 --- a/packages/google-devtools-containeranalysis/protos/grafeas/v1/vulnerability.proto +++ b/packages/google-devtools-containeranalysis/protos/grafeas/v1/vulnerability.proto @@ -22,6 +22,7 @@ import "grafeas/v1/common.proto"; import "grafeas/v1/cvss.proto"; import "grafeas/v1/package.proto"; import "grafeas/v1/severity.proto"; +import "grafeas/v1/vex.proto"; option go_package = "google.golang.org/genproto/googleapis/grafeas/v1;grafeas"; option java_multiple_files = true; @@ -253,5 +254,44 @@ message VulnerabilityOccurrence { // The cvss v2 score for the vulnerability. CVSS cvss_v2 = 12; - // Next free ID is 13. + // VexAssessment provides all publisher provided Vex information that is + // related to this vulnerability. + message VexAssessment { + // Holds the MITRE standard Common Vulnerabilities and Exposures (CVE) + // tracking number for the vulnerability. + string cve = 1; + + // Holds a list of references associated with this vulnerability item and + // assessment. + repeated grafeas.v1.RelatedUrl related_uris = 2; + + // The VulnerabilityAssessment note from which this VexAssessment was + // generated. + // This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`. + // (-- api-linter: core::0122::name-suffix=disabled + // aip.dev/not-precedent: The suffix is kept for consistency. --) + string note_name = 3; + + // Provides the state of this Vulnerability assessment. + grafeas.v1.VulnerabilityAssessmentNote.Assessment.State state = 4; + + // Contains information about the impact of this vulnerability, + // this will change with time. + repeated string impacts = 5; + + // Specifies details on how to handle (and presumably, fix) a vulnerability. + repeated grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + remediations = 6; + + // Justification provides the justification when the state of the + // assessment if NOT_AFFECTED. + grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + justification = 7; + + // Next ID: 8 + } + + VexAssessment vex_assessment = 13; + + // Next free ID is 14. } diff --git a/packages/google-devtools-containeranalysis/protos/protos.d.ts b/packages/google-devtools-containeranalysis/protos/protos.d.ts index 8b3d8b57e77..2d1e53c2819 100644 --- a/packages/google-devtools-containeranalysis/protos/protos.d.ts +++ b/packages/google-devtools-containeranalysis/protos/protos.d.ts @@ -445,7 +445,8 @@ export namespace grafeas { ATTESTATION = 7, UPGRADE = 8, COMPLIANCE = 9, - DSSE_ATTESTATION = 10 + DSSE_ATTESTATION = 10, + VULNERABILITY_ASSESSMENT = 11 } /** Properties of a RelatedUrl. */ @@ -7591,6 +7592,9 @@ export namespace grafeas { /** Note dsseAttestation */ dsseAttestation?: (grafeas.v1.IDSSEAttestationNote|null); + + /** Note vulnerabilityAssessment */ + vulnerabilityAssessment?: (grafeas.v1.IVulnerabilityAssessmentNote|null); } /** Represents a Note. */ @@ -7659,8 +7663,11 @@ export namespace grafeas { /** Note dsseAttestation. */ public dsseAttestation?: (grafeas.v1.IDSSEAttestationNote|null); + /** Note vulnerabilityAssessment. */ + public vulnerabilityAssessment?: (grafeas.v1.IVulnerabilityAssessmentNote|null); + /** Note type. */ - public type?: ("vulnerability"|"build"|"image"|"package"|"deployment"|"discovery"|"attestation"|"upgrade"|"compliance"|"dsseAttestation"); + public type?: ("vulnerability"|"build"|"image"|"package"|"deployment"|"discovery"|"attestation"|"upgrade"|"compliance"|"dsseAttestation"|"vulnerabilityAssessment"); /** * Creates a new Note instance using the specified properties. @@ -11497,467 +11504,1213 @@ export namespace grafeas { public static getTypeUrl(typeUrlPrefix?: string): string; } - /** Properties of a VulnerabilityNote. */ - interface IVulnerabilityNote { - - /** VulnerabilityNote cvssScore */ - cvssScore?: (number|null); + /** Properties of a VulnerabilityAssessmentNote. */ + interface IVulnerabilityAssessmentNote { - /** VulnerabilityNote severity */ - severity?: (grafeas.v1.Severity|keyof typeof grafeas.v1.Severity|null); + /** VulnerabilityAssessmentNote title */ + title?: (string|null); - /** VulnerabilityNote details */ - details?: (grafeas.v1.VulnerabilityNote.IDetail[]|null); + /** VulnerabilityAssessmentNote shortDescription */ + shortDescription?: (string|null); - /** VulnerabilityNote cvssV3 */ - cvssV3?: (grafeas.v1.ICVSSv3|null); + /** VulnerabilityAssessmentNote longDescription */ + longDescription?: (string|null); - /** VulnerabilityNote windowsDetails */ - windowsDetails?: (grafeas.v1.VulnerabilityNote.IWindowsDetail[]|null); + /** VulnerabilityAssessmentNote languageCode */ + languageCode?: (string|null); - /** VulnerabilityNote sourceUpdateTime */ - sourceUpdateTime?: (google.protobuf.ITimestamp|null); + /** VulnerabilityAssessmentNote publisher */ + publisher?: (grafeas.v1.VulnerabilityAssessmentNote.IPublisher|null); - /** VulnerabilityNote cvssVersion */ - cvssVersion?: (grafeas.v1.CVSSVersion|keyof typeof grafeas.v1.CVSSVersion|null); + /** VulnerabilityAssessmentNote product */ + product?: (grafeas.v1.VulnerabilityAssessmentNote.IProduct|null); - /** VulnerabilityNote cvssV2 */ - cvssV2?: (grafeas.v1.ICVSS|null); + /** VulnerabilityAssessmentNote assessment */ + assessment?: (grafeas.v1.VulnerabilityAssessmentNote.IAssessment|null); } - /** Represents a VulnerabilityNote. */ - class VulnerabilityNote implements IVulnerabilityNote { + /** Represents a VulnerabilityAssessmentNote. */ + class VulnerabilityAssessmentNote implements IVulnerabilityAssessmentNote { /** - * Constructs a new VulnerabilityNote. + * Constructs a new VulnerabilityAssessmentNote. * @param [properties] Properties to set */ - constructor(properties?: grafeas.v1.IVulnerabilityNote); + constructor(properties?: grafeas.v1.IVulnerabilityAssessmentNote); - /** VulnerabilityNote cvssScore. */ - public cvssScore: number; - - /** VulnerabilityNote severity. */ - public severity: (grafeas.v1.Severity|keyof typeof grafeas.v1.Severity); + /** VulnerabilityAssessmentNote title. */ + public title: string; - /** VulnerabilityNote details. */ - public details: grafeas.v1.VulnerabilityNote.IDetail[]; + /** VulnerabilityAssessmentNote shortDescription. */ + public shortDescription: string; - /** VulnerabilityNote cvssV3. */ - public cvssV3?: (grafeas.v1.ICVSSv3|null); + /** VulnerabilityAssessmentNote longDescription. */ + public longDescription: string; - /** VulnerabilityNote windowsDetails. */ - public windowsDetails: grafeas.v1.VulnerabilityNote.IWindowsDetail[]; + /** VulnerabilityAssessmentNote languageCode. */ + public languageCode: string; - /** VulnerabilityNote sourceUpdateTime. */ - public sourceUpdateTime?: (google.protobuf.ITimestamp|null); + /** VulnerabilityAssessmentNote publisher. */ + public publisher?: (grafeas.v1.VulnerabilityAssessmentNote.IPublisher|null); - /** VulnerabilityNote cvssVersion. */ - public cvssVersion: (grafeas.v1.CVSSVersion|keyof typeof grafeas.v1.CVSSVersion); + /** VulnerabilityAssessmentNote product. */ + public product?: (grafeas.v1.VulnerabilityAssessmentNote.IProduct|null); - /** VulnerabilityNote cvssV2. */ - public cvssV2?: (grafeas.v1.ICVSS|null); + /** VulnerabilityAssessmentNote assessment. */ + public assessment?: (grafeas.v1.VulnerabilityAssessmentNote.IAssessment|null); /** - * Creates a new VulnerabilityNote instance using the specified properties. + * Creates a new VulnerabilityAssessmentNote instance using the specified properties. * @param [properties] Properties to set - * @returns VulnerabilityNote instance + * @returns VulnerabilityAssessmentNote instance */ - public static create(properties?: grafeas.v1.IVulnerabilityNote): grafeas.v1.VulnerabilityNote; + public static create(properties?: grafeas.v1.IVulnerabilityAssessmentNote): grafeas.v1.VulnerabilityAssessmentNote; /** - * Encodes the specified VulnerabilityNote message. Does not implicitly {@link grafeas.v1.VulnerabilityNote.verify|verify} messages. - * @param message VulnerabilityNote message or plain object to encode + * Encodes the specified VulnerabilityAssessmentNote message. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.verify|verify} messages. + * @param message VulnerabilityAssessmentNote message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encode(message: grafeas.v1.IVulnerabilityNote, writer?: $protobuf.Writer): $protobuf.Writer; + public static encode(message: grafeas.v1.IVulnerabilityAssessmentNote, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Encodes the specified VulnerabilityNote message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityNote.verify|verify} messages. - * @param message VulnerabilityNote message or plain object to encode + * Encodes the specified VulnerabilityAssessmentNote message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.verify|verify} messages. + * @param message VulnerabilityAssessmentNote message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encodeDelimited(message: grafeas.v1.IVulnerabilityNote, writer?: $protobuf.Writer): $protobuf.Writer; + public static encodeDelimited(message: grafeas.v1.IVulnerabilityAssessmentNote, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Decodes a VulnerabilityNote message from the specified reader or buffer. + * Decodes a VulnerabilityAssessmentNote message from the specified reader or buffer. * @param reader Reader or buffer to decode from * @param [length] Message length if known beforehand - * @returns VulnerabilityNote + * @returns VulnerabilityAssessmentNote * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityNote; + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityAssessmentNote; /** - * Decodes a VulnerabilityNote message from the specified reader or buffer, length delimited. + * Decodes a VulnerabilityAssessmentNote message from the specified reader or buffer, length delimited. * @param reader Reader or buffer to decode from - * @returns VulnerabilityNote + * @returns VulnerabilityAssessmentNote * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityNote; + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityAssessmentNote; /** - * Verifies a VulnerabilityNote message. + * Verifies a VulnerabilityAssessmentNote message. * @param message Plain object to verify * @returns `null` if valid, otherwise the reason why it is not */ public static verify(message: { [k: string]: any }): (string|null); /** - * Creates a VulnerabilityNote message from a plain object. Also converts values to their respective internal types. + * Creates a VulnerabilityAssessmentNote message from a plain object. Also converts values to their respective internal types. * @param object Plain object - * @returns VulnerabilityNote + * @returns VulnerabilityAssessmentNote */ - public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityNote; + public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityAssessmentNote; /** - * Creates a plain object from a VulnerabilityNote message. Also converts values to other types if specified. - * @param message VulnerabilityNote + * Creates a plain object from a VulnerabilityAssessmentNote message. Also converts values to other types if specified. + * @param message VulnerabilityAssessmentNote * @param [options] Conversion options * @returns Plain object */ - public static toObject(message: grafeas.v1.VulnerabilityNote, options?: $protobuf.IConversionOptions): { [k: string]: any }; + public static toObject(message: grafeas.v1.VulnerabilityAssessmentNote, options?: $protobuf.IConversionOptions): { [k: string]: any }; /** - * Converts this VulnerabilityNote to JSON. + * Converts this VulnerabilityAssessmentNote to JSON. * @returns JSON object */ public toJSON(): { [k: string]: any }; /** - * Gets the default type url for VulnerabilityNote + * Gets the default type url for VulnerabilityAssessmentNote * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") * @returns The default type url */ public static getTypeUrl(typeUrlPrefix?: string): string; } - namespace VulnerabilityNote { - - /** Properties of a Detail. */ - interface IDetail { - - /** Detail severityName */ - severityName?: (string|null); - - /** Detail description */ - description?: (string|null); - - /** Detail packageType */ - packageType?: (string|null); - - /** Detail affectedCpeUri */ - affectedCpeUri?: (string|null); - - /** Detail affectedPackage */ - affectedPackage?: (string|null); - - /** Detail affectedVersionStart */ - affectedVersionStart?: (grafeas.v1.IVersion|null); - - /** Detail affectedVersionEnd */ - affectedVersionEnd?: (grafeas.v1.IVersion|null); - - /** Detail fixedCpeUri */ - fixedCpeUri?: (string|null); - - /** Detail fixedPackage */ - fixedPackage?: (string|null); - - /** Detail fixedVersion */ - fixedVersion?: (grafeas.v1.IVersion|null); + namespace VulnerabilityAssessmentNote { - /** Detail isObsolete */ - isObsolete?: (boolean|null); + /** Properties of a Publisher. */ + interface IPublisher { - /** Detail sourceUpdateTime */ - sourceUpdateTime?: (google.protobuf.ITimestamp|null); + /** Publisher name */ + name?: (string|null); - /** Detail source */ - source?: (string|null); + /** Publisher issuingAuthority */ + issuingAuthority?: (string|null); - /** Detail vendor */ - vendor?: (string|null); + /** Publisher publisherNamespace */ + publisherNamespace?: (string|null); } - /** Represents a Detail. */ - class Detail implements IDetail { + /** Represents a Publisher. */ + class Publisher implements IPublisher { /** - * Constructs a new Detail. + * Constructs a new Publisher. * @param [properties] Properties to set */ - constructor(properties?: grafeas.v1.VulnerabilityNote.IDetail); - - /** Detail severityName. */ - public severityName: string; - - /** Detail description. */ - public description: string; - - /** Detail packageType. */ - public packageType: string; + constructor(properties?: grafeas.v1.VulnerabilityAssessmentNote.IPublisher); - /** Detail affectedCpeUri. */ - public affectedCpeUri: string; - - /** Detail affectedPackage. */ - public affectedPackage: string; - - /** Detail affectedVersionStart. */ - public affectedVersionStart?: (grafeas.v1.IVersion|null); - - /** Detail affectedVersionEnd. */ - public affectedVersionEnd?: (grafeas.v1.IVersion|null); - - /** Detail fixedCpeUri. */ - public fixedCpeUri: string; - - /** Detail fixedPackage. */ - public fixedPackage: string; - - /** Detail fixedVersion. */ - public fixedVersion?: (grafeas.v1.IVersion|null); - - /** Detail isObsolete. */ - public isObsolete: boolean; - - /** Detail sourceUpdateTime. */ - public sourceUpdateTime?: (google.protobuf.ITimestamp|null); + /** Publisher name. */ + public name: string; - /** Detail source. */ - public source: string; + /** Publisher issuingAuthority. */ + public issuingAuthority: string; - /** Detail vendor. */ - public vendor: string; + /** Publisher publisherNamespace. */ + public publisherNamespace: string; /** - * Creates a new Detail instance using the specified properties. + * Creates a new Publisher instance using the specified properties. * @param [properties] Properties to set - * @returns Detail instance + * @returns Publisher instance */ - public static create(properties?: grafeas.v1.VulnerabilityNote.IDetail): grafeas.v1.VulnerabilityNote.Detail; + public static create(properties?: grafeas.v1.VulnerabilityAssessmentNote.IPublisher): grafeas.v1.VulnerabilityAssessmentNote.Publisher; /** - * Encodes the specified Detail message. Does not implicitly {@link grafeas.v1.VulnerabilityNote.Detail.verify|verify} messages. - * @param message Detail message or plain object to encode + * Encodes the specified Publisher message. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Publisher.verify|verify} messages. + * @param message Publisher message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encode(message: grafeas.v1.VulnerabilityNote.IDetail, writer?: $protobuf.Writer): $protobuf.Writer; + public static encode(message: grafeas.v1.VulnerabilityAssessmentNote.IPublisher, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Encodes the specified Detail message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityNote.Detail.verify|verify} messages. - * @param message Detail message or plain object to encode + * Encodes the specified Publisher message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Publisher.verify|verify} messages. + * @param message Publisher message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encodeDelimited(message: grafeas.v1.VulnerabilityNote.IDetail, writer?: $protobuf.Writer): $protobuf.Writer; + public static encodeDelimited(message: grafeas.v1.VulnerabilityAssessmentNote.IPublisher, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Decodes a Detail message from the specified reader or buffer. + * Decodes a Publisher message from the specified reader or buffer. * @param reader Reader or buffer to decode from * @param [length] Message length if known beforehand - * @returns Detail + * @returns Publisher * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityNote.Detail; + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityAssessmentNote.Publisher; /** - * Decodes a Detail message from the specified reader or buffer, length delimited. + * Decodes a Publisher message from the specified reader or buffer, length delimited. * @param reader Reader or buffer to decode from - * @returns Detail + * @returns Publisher * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityNote.Detail; + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityAssessmentNote.Publisher; /** - * Verifies a Detail message. + * Verifies a Publisher message. * @param message Plain object to verify * @returns `null` if valid, otherwise the reason why it is not */ public static verify(message: { [k: string]: any }): (string|null); /** - * Creates a Detail message from a plain object. Also converts values to their respective internal types. + * Creates a Publisher message from a plain object. Also converts values to their respective internal types. * @param object Plain object - * @returns Detail + * @returns Publisher */ - public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityNote.Detail; + public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityAssessmentNote.Publisher; /** - * Creates a plain object from a Detail message. Also converts values to other types if specified. - * @param message Detail + * Creates a plain object from a Publisher message. Also converts values to other types if specified. + * @param message Publisher * @param [options] Conversion options * @returns Plain object */ - public static toObject(message: grafeas.v1.VulnerabilityNote.Detail, options?: $protobuf.IConversionOptions): { [k: string]: any }; + public static toObject(message: grafeas.v1.VulnerabilityAssessmentNote.Publisher, options?: $protobuf.IConversionOptions): { [k: string]: any }; /** - * Converts this Detail to JSON. + * Converts this Publisher to JSON. * @returns JSON object */ public toJSON(): { [k: string]: any }; /** - * Gets the default type url for Detail + * Gets the default type url for Publisher * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") * @returns The default type url */ public static getTypeUrl(typeUrlPrefix?: string): string; } - /** Properties of a WindowsDetail. */ - interface IWindowsDetail { - - /** WindowsDetail cpeUri */ - cpeUri?: (string|null); + /** Properties of a Product. */ + interface IProduct { - /** WindowsDetail name */ + /** Product name */ name?: (string|null); - /** WindowsDetail description */ - description?: (string|null); + /** Product id */ + id?: (string|null); - /** WindowsDetail fixingKbs */ - fixingKbs?: (grafeas.v1.VulnerabilityNote.WindowsDetail.IKnowledgeBase[]|null); + /** Product genericUri */ + genericUri?: (string|null); } - /** Represents a WindowsDetail. */ - class WindowsDetail implements IWindowsDetail { + /** Represents a Product. */ + class Product implements IProduct { /** - * Constructs a new WindowsDetail. + * Constructs a new Product. * @param [properties] Properties to set */ - constructor(properties?: grafeas.v1.VulnerabilityNote.IWindowsDetail); - - /** WindowsDetail cpeUri. */ - public cpeUri: string; + constructor(properties?: grafeas.v1.VulnerabilityAssessmentNote.IProduct); - /** WindowsDetail name. */ + /** Product name. */ public name: string; - /** WindowsDetail description. */ - public description: string; + /** Product id. */ + public id: string; - /** WindowsDetail fixingKbs. */ - public fixingKbs: grafeas.v1.VulnerabilityNote.WindowsDetail.IKnowledgeBase[]; + /** Product genericUri. */ + public genericUri?: (string|null); + + /** Product identifier. */ + public identifier?: "genericUri"; /** - * Creates a new WindowsDetail instance using the specified properties. + * Creates a new Product instance using the specified properties. * @param [properties] Properties to set - * @returns WindowsDetail instance + * @returns Product instance */ - public static create(properties?: grafeas.v1.VulnerabilityNote.IWindowsDetail): grafeas.v1.VulnerabilityNote.WindowsDetail; + public static create(properties?: grafeas.v1.VulnerabilityAssessmentNote.IProduct): grafeas.v1.VulnerabilityAssessmentNote.Product; /** - * Encodes the specified WindowsDetail message. Does not implicitly {@link grafeas.v1.VulnerabilityNote.WindowsDetail.verify|verify} messages. - * @param message WindowsDetail message or plain object to encode + * Encodes the specified Product message. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Product.verify|verify} messages. + * @param message Product message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encode(message: grafeas.v1.VulnerabilityNote.IWindowsDetail, writer?: $protobuf.Writer): $protobuf.Writer; + public static encode(message: grafeas.v1.VulnerabilityAssessmentNote.IProduct, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Encodes the specified WindowsDetail message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityNote.WindowsDetail.verify|verify} messages. - * @param message WindowsDetail message or plain object to encode + * Encodes the specified Product message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Product.verify|verify} messages. + * @param message Product message or plain object to encode * @param [writer] Writer to encode to * @returns Writer */ - public static encodeDelimited(message: grafeas.v1.VulnerabilityNote.IWindowsDetail, writer?: $protobuf.Writer): $protobuf.Writer; + public static encodeDelimited(message: grafeas.v1.VulnerabilityAssessmentNote.IProduct, writer?: $protobuf.Writer): $protobuf.Writer; /** - * Decodes a WindowsDetail message from the specified reader or buffer. + * Decodes a Product message from the specified reader or buffer. * @param reader Reader or buffer to decode from * @param [length] Message length if known beforehand - * @returns WindowsDetail + * @returns Product * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityNote.WindowsDetail; + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityAssessmentNote.Product; /** - * Decodes a WindowsDetail message from the specified reader or buffer, length delimited. + * Decodes a Product message from the specified reader or buffer, length delimited. * @param reader Reader or buffer to decode from - * @returns WindowsDetail + * @returns Product * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityNote.WindowsDetail; + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityAssessmentNote.Product; /** - * Verifies a WindowsDetail message. + * Verifies a Product message. * @param message Plain object to verify * @returns `null` if valid, otherwise the reason why it is not */ public static verify(message: { [k: string]: any }): (string|null); /** - * Creates a WindowsDetail message from a plain object. Also converts values to their respective internal types. + * Creates a Product message from a plain object. Also converts values to their respective internal types. * @param object Plain object - * @returns WindowsDetail + * @returns Product */ - public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityNote.WindowsDetail; + public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityAssessmentNote.Product; /** - * Creates a plain object from a WindowsDetail message. Also converts values to other types if specified. - * @param message WindowsDetail + * Creates a plain object from a Product message. Also converts values to other types if specified. + * @param message Product * @param [options] Conversion options * @returns Plain object */ - public static toObject(message: grafeas.v1.VulnerabilityNote.WindowsDetail, options?: $protobuf.IConversionOptions): { [k: string]: any }; + public static toObject(message: grafeas.v1.VulnerabilityAssessmentNote.Product, options?: $protobuf.IConversionOptions): { [k: string]: any }; /** - * Converts this WindowsDetail to JSON. + * Converts this Product to JSON. * @returns JSON object */ public toJSON(): { [k: string]: any }; /** - * Gets the default type url for WindowsDetail + * Gets the default type url for Product * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") * @returns The default type url */ public static getTypeUrl(typeUrlPrefix?: string): string; } - namespace WindowsDetail { + /** Properties of an Assessment. */ + interface IAssessment { - /** Properties of a KnowledgeBase. */ - interface IKnowledgeBase { + /** Assessment cve */ + cve?: (string|null); - /** KnowledgeBase name */ - name?: (string|null); + /** Assessment shortDescription */ + shortDescription?: (string|null); - /** KnowledgeBase url */ - url?: (string|null); - } + /** Assessment longDescription */ + longDescription?: (string|null); - /** Represents a KnowledgeBase. */ - class KnowledgeBase implements IKnowledgeBase { + /** Assessment relatedUris */ + relatedUris?: (grafeas.v1.IRelatedUrl[]|null); - /** - * Constructs a new KnowledgeBase. - * @param [properties] Properties to set - */ - constructor(properties?: grafeas.v1.VulnerabilityNote.WindowsDetail.IKnowledgeBase); + /** Assessment state */ + state?: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.State|keyof typeof grafeas.v1.VulnerabilityAssessmentNote.Assessment.State|null); - /** KnowledgeBase name. */ - public name: string; + /** Assessment impacts */ + impacts?: (string[]|null); - /** KnowledgeBase url. */ - public url: string; + /** Assessment justification */ + justification?: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification|null); - /** - * Creates a new KnowledgeBase instance using the specified properties. - * @param [properties] Properties to set + /** Assessment remediations */ + remediations?: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.IRemediation[]|null); + } + + /** Represents an Assessment. */ + class Assessment implements IAssessment { + + /** + * Constructs a new Assessment. + * @param [properties] Properties to set + */ + constructor(properties?: grafeas.v1.VulnerabilityAssessmentNote.IAssessment); + + /** Assessment cve. */ + public cve: string; + + /** Assessment shortDescription. */ + public shortDescription: string; + + /** Assessment longDescription. */ + public longDescription: string; + + /** Assessment relatedUris. */ + public relatedUris: grafeas.v1.IRelatedUrl[]; + + /** Assessment state. */ + public state: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.State|keyof typeof grafeas.v1.VulnerabilityAssessmentNote.Assessment.State); + + /** Assessment impacts. */ + public impacts: string[]; + + /** Assessment justification. */ + public justification?: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification|null); + + /** Assessment remediations. */ + public remediations: grafeas.v1.VulnerabilityAssessmentNote.Assessment.IRemediation[]; + + /** + * Creates a new Assessment instance using the specified properties. + * @param [properties] Properties to set + * @returns Assessment instance + */ + public static create(properties?: grafeas.v1.VulnerabilityAssessmentNote.IAssessment): grafeas.v1.VulnerabilityAssessmentNote.Assessment; + + /** + * Encodes the specified Assessment message. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Assessment.verify|verify} messages. + * @param message Assessment message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: grafeas.v1.VulnerabilityAssessmentNote.IAssessment, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Assessment message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Assessment.verify|verify} messages. + * @param message Assessment message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: grafeas.v1.VulnerabilityAssessmentNote.IAssessment, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes an Assessment message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Assessment + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityAssessmentNote.Assessment; + + /** + * Decodes an Assessment message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Assessment + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityAssessmentNote.Assessment; + + /** + * Verifies an Assessment message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates an Assessment message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Assessment + */ + public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityAssessmentNote.Assessment; + + /** + * Creates a plain object from an Assessment message. Also converts values to other types if specified. + * @param message Assessment + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: grafeas.v1.VulnerabilityAssessmentNote.Assessment, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Assessment to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + + /** + * Gets the default type url for Assessment + * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns The default type url + */ + public static getTypeUrl(typeUrlPrefix?: string): string; + } + + namespace Assessment { + + /** State enum. */ + enum State { + STATE_UNSPECIFIED = 0, + AFFECTED = 1, + NOT_AFFECTED = 2, + FIXED = 3, + UNDER_INVESTIGATION = 4 + } + + /** Properties of a Justification. */ + interface IJustification { + + /** Justification justificationType */ + justificationType?: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType|keyof typeof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType|null); + + /** Justification details */ + details?: (string|null); + } + + /** Represents a Justification. */ + class Justification implements IJustification { + + /** + * Constructs a new Justification. + * @param [properties] Properties to set + */ + constructor(properties?: grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification); + + /** Justification justificationType. */ + public justificationType: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType|keyof typeof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType); + + /** Justification details. */ + public details: string; + + /** + * Creates a new Justification instance using the specified properties. + * @param [properties] Properties to set + * @returns Justification instance + */ + public static create(properties?: grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification): grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification; + + /** + * Encodes the specified Justification message. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.verify|verify} messages. + * @param message Justification message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Justification message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.verify|verify} messages. + * @param message Justification message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a Justification message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Justification + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification; + + /** + * Decodes a Justification message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Justification + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification; + + /** + * Verifies a Justification message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a Justification message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Justification + */ + public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification; + + /** + * Creates a plain object from a Justification message. Also converts values to other types if specified. + * @param message Justification + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Justification to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + + /** + * Gets the default type url for Justification + * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns The default type url + */ + public static getTypeUrl(typeUrlPrefix?: string): string; + } + + namespace Justification { + + /** JustificationType enum. */ + enum JustificationType { + JUSTIFICATION_TYPE_UNSPECIFIED = 0, + COMPONENT_NOT_PRESENT = 1, + VULNERABLE_CODE_NOT_PRESENT = 2, + VULNERABLE_CODE_NOT_IN_EXECUTE_PATH = 3, + VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY = 4, + INLINE_MITIGATIONS_ALREADY_EXIST = 5 + } + } + + /** Properties of a Remediation. */ + interface IRemediation { + + /** Remediation remediationType */ + remediationType?: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType|keyof typeof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType|null); + + /** Remediation details */ + details?: (string|null); + + /** Remediation remediationUri */ + remediationUri?: (grafeas.v1.IRelatedUrl|null); + } + + /** Represents a Remediation. */ + class Remediation implements IRemediation { + + /** + * Constructs a new Remediation. + * @param [properties] Properties to set + */ + constructor(properties?: grafeas.v1.VulnerabilityAssessmentNote.Assessment.IRemediation); + + /** Remediation remediationType. */ + public remediationType: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType|keyof typeof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType); + + /** Remediation details. */ + public details: string; + + /** Remediation remediationUri. */ + public remediationUri?: (grafeas.v1.IRelatedUrl|null); + + /** + * Creates a new Remediation instance using the specified properties. + * @param [properties] Properties to set + * @returns Remediation instance + */ + public static create(properties?: grafeas.v1.VulnerabilityAssessmentNote.Assessment.IRemediation): grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation; + + /** + * Encodes the specified Remediation message. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.verify|verify} messages. + * @param message Remediation message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: grafeas.v1.VulnerabilityAssessmentNote.Assessment.IRemediation, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Remediation message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.verify|verify} messages. + * @param message Remediation message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: grafeas.v1.VulnerabilityAssessmentNote.Assessment.IRemediation, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a Remediation message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Remediation + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation; + + /** + * Decodes a Remediation message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Remediation + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation; + + /** + * Verifies a Remediation message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a Remediation message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Remediation + */ + public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation; + + /** + * Creates a plain object from a Remediation message. Also converts values to other types if specified. + * @param message Remediation + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Remediation to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + + /** + * Gets the default type url for Remediation + * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns The default type url + */ + public static getTypeUrl(typeUrlPrefix?: string): string; + } + + namespace Remediation { + + /** RemediationType enum. */ + enum RemediationType { + REMEDIATION_TYPE_UNSPECIFIED = 0, + MITIGATION = 1, + NO_FIX_PLANNED = 2, + NONE_AVAILABLE = 3, + VENDOR_FIX = 4, + WORKAROUND = 5 + } + } + } + } + + /** Properties of a VulnerabilityNote. */ + interface IVulnerabilityNote { + + /** VulnerabilityNote cvssScore */ + cvssScore?: (number|null); + + /** VulnerabilityNote severity */ + severity?: (grafeas.v1.Severity|keyof typeof grafeas.v1.Severity|null); + + /** VulnerabilityNote details */ + details?: (grafeas.v1.VulnerabilityNote.IDetail[]|null); + + /** VulnerabilityNote cvssV3 */ + cvssV3?: (grafeas.v1.ICVSSv3|null); + + /** VulnerabilityNote windowsDetails */ + windowsDetails?: (grafeas.v1.VulnerabilityNote.IWindowsDetail[]|null); + + /** VulnerabilityNote sourceUpdateTime */ + sourceUpdateTime?: (google.protobuf.ITimestamp|null); + + /** VulnerabilityNote cvssVersion */ + cvssVersion?: (grafeas.v1.CVSSVersion|keyof typeof grafeas.v1.CVSSVersion|null); + + /** VulnerabilityNote cvssV2 */ + cvssV2?: (grafeas.v1.ICVSS|null); + } + + /** Represents a VulnerabilityNote. */ + class VulnerabilityNote implements IVulnerabilityNote { + + /** + * Constructs a new VulnerabilityNote. + * @param [properties] Properties to set + */ + constructor(properties?: grafeas.v1.IVulnerabilityNote); + + /** VulnerabilityNote cvssScore. */ + public cvssScore: number; + + /** VulnerabilityNote severity. */ + public severity: (grafeas.v1.Severity|keyof typeof grafeas.v1.Severity); + + /** VulnerabilityNote details. */ + public details: grafeas.v1.VulnerabilityNote.IDetail[]; + + /** VulnerabilityNote cvssV3. */ + public cvssV3?: (grafeas.v1.ICVSSv3|null); + + /** VulnerabilityNote windowsDetails. */ + public windowsDetails: grafeas.v1.VulnerabilityNote.IWindowsDetail[]; + + /** VulnerabilityNote sourceUpdateTime. */ + public sourceUpdateTime?: (google.protobuf.ITimestamp|null); + + /** VulnerabilityNote cvssVersion. */ + public cvssVersion: (grafeas.v1.CVSSVersion|keyof typeof grafeas.v1.CVSSVersion); + + /** VulnerabilityNote cvssV2. */ + public cvssV2?: (grafeas.v1.ICVSS|null); + + /** + * Creates a new VulnerabilityNote instance using the specified properties. + * @param [properties] Properties to set + * @returns VulnerabilityNote instance + */ + public static create(properties?: grafeas.v1.IVulnerabilityNote): grafeas.v1.VulnerabilityNote; + + /** + * Encodes the specified VulnerabilityNote message. Does not implicitly {@link grafeas.v1.VulnerabilityNote.verify|verify} messages. + * @param message VulnerabilityNote message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: grafeas.v1.IVulnerabilityNote, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified VulnerabilityNote message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityNote.verify|verify} messages. + * @param message VulnerabilityNote message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: grafeas.v1.IVulnerabilityNote, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a VulnerabilityNote message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns VulnerabilityNote + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityNote; + + /** + * Decodes a VulnerabilityNote message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns VulnerabilityNote + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityNote; + + /** + * Verifies a VulnerabilityNote message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a VulnerabilityNote message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns VulnerabilityNote + */ + public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityNote; + + /** + * Creates a plain object from a VulnerabilityNote message. Also converts values to other types if specified. + * @param message VulnerabilityNote + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: grafeas.v1.VulnerabilityNote, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this VulnerabilityNote to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + + /** + * Gets the default type url for VulnerabilityNote + * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns The default type url + */ + public static getTypeUrl(typeUrlPrefix?: string): string; + } + + namespace VulnerabilityNote { + + /** Properties of a Detail. */ + interface IDetail { + + /** Detail severityName */ + severityName?: (string|null); + + /** Detail description */ + description?: (string|null); + + /** Detail packageType */ + packageType?: (string|null); + + /** Detail affectedCpeUri */ + affectedCpeUri?: (string|null); + + /** Detail affectedPackage */ + affectedPackage?: (string|null); + + /** Detail affectedVersionStart */ + affectedVersionStart?: (grafeas.v1.IVersion|null); + + /** Detail affectedVersionEnd */ + affectedVersionEnd?: (grafeas.v1.IVersion|null); + + /** Detail fixedCpeUri */ + fixedCpeUri?: (string|null); + + /** Detail fixedPackage */ + fixedPackage?: (string|null); + + /** Detail fixedVersion */ + fixedVersion?: (grafeas.v1.IVersion|null); + + /** Detail isObsolete */ + isObsolete?: (boolean|null); + + /** Detail sourceUpdateTime */ + sourceUpdateTime?: (google.protobuf.ITimestamp|null); + + /** Detail source */ + source?: (string|null); + + /** Detail vendor */ + vendor?: (string|null); + } + + /** Represents a Detail. */ + class Detail implements IDetail { + + /** + * Constructs a new Detail. + * @param [properties] Properties to set + */ + constructor(properties?: grafeas.v1.VulnerabilityNote.IDetail); + + /** Detail severityName. */ + public severityName: string; + + /** Detail description. */ + public description: string; + + /** Detail packageType. */ + public packageType: string; + + /** Detail affectedCpeUri. */ + public affectedCpeUri: string; + + /** Detail affectedPackage. */ + public affectedPackage: string; + + /** Detail affectedVersionStart. */ + public affectedVersionStart?: (grafeas.v1.IVersion|null); + + /** Detail affectedVersionEnd. */ + public affectedVersionEnd?: (grafeas.v1.IVersion|null); + + /** Detail fixedCpeUri. */ + public fixedCpeUri: string; + + /** Detail fixedPackage. */ + public fixedPackage: string; + + /** Detail fixedVersion. */ + public fixedVersion?: (grafeas.v1.IVersion|null); + + /** Detail isObsolete. */ + public isObsolete: boolean; + + /** Detail sourceUpdateTime. */ + public sourceUpdateTime?: (google.protobuf.ITimestamp|null); + + /** Detail source. */ + public source: string; + + /** Detail vendor. */ + public vendor: string; + + /** + * Creates a new Detail instance using the specified properties. + * @param [properties] Properties to set + * @returns Detail instance + */ + public static create(properties?: grafeas.v1.VulnerabilityNote.IDetail): grafeas.v1.VulnerabilityNote.Detail; + + /** + * Encodes the specified Detail message. Does not implicitly {@link grafeas.v1.VulnerabilityNote.Detail.verify|verify} messages. + * @param message Detail message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: grafeas.v1.VulnerabilityNote.IDetail, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified Detail message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityNote.Detail.verify|verify} messages. + * @param message Detail message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: grafeas.v1.VulnerabilityNote.IDetail, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a Detail message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns Detail + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityNote.Detail; + + /** + * Decodes a Detail message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns Detail + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityNote.Detail; + + /** + * Verifies a Detail message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a Detail message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns Detail + */ + public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityNote.Detail; + + /** + * Creates a plain object from a Detail message. Also converts values to other types if specified. + * @param message Detail + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: grafeas.v1.VulnerabilityNote.Detail, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this Detail to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + + /** + * Gets the default type url for Detail + * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns The default type url + */ + public static getTypeUrl(typeUrlPrefix?: string): string; + } + + /** Properties of a WindowsDetail. */ + interface IWindowsDetail { + + /** WindowsDetail cpeUri */ + cpeUri?: (string|null); + + /** WindowsDetail name */ + name?: (string|null); + + /** WindowsDetail description */ + description?: (string|null); + + /** WindowsDetail fixingKbs */ + fixingKbs?: (grafeas.v1.VulnerabilityNote.WindowsDetail.IKnowledgeBase[]|null); + } + + /** Represents a WindowsDetail. */ + class WindowsDetail implements IWindowsDetail { + + /** + * Constructs a new WindowsDetail. + * @param [properties] Properties to set + */ + constructor(properties?: grafeas.v1.VulnerabilityNote.IWindowsDetail); + + /** WindowsDetail cpeUri. */ + public cpeUri: string; + + /** WindowsDetail name. */ + public name: string; + + /** WindowsDetail description. */ + public description: string; + + /** WindowsDetail fixingKbs. */ + public fixingKbs: grafeas.v1.VulnerabilityNote.WindowsDetail.IKnowledgeBase[]; + + /** + * Creates a new WindowsDetail instance using the specified properties. + * @param [properties] Properties to set + * @returns WindowsDetail instance + */ + public static create(properties?: grafeas.v1.VulnerabilityNote.IWindowsDetail): grafeas.v1.VulnerabilityNote.WindowsDetail; + + /** + * Encodes the specified WindowsDetail message. Does not implicitly {@link grafeas.v1.VulnerabilityNote.WindowsDetail.verify|verify} messages. + * @param message WindowsDetail message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: grafeas.v1.VulnerabilityNote.IWindowsDetail, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified WindowsDetail message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityNote.WindowsDetail.verify|verify} messages. + * @param message WindowsDetail message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: grafeas.v1.VulnerabilityNote.IWindowsDetail, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a WindowsDetail message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns WindowsDetail + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityNote.WindowsDetail; + + /** + * Decodes a WindowsDetail message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns WindowsDetail + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityNote.WindowsDetail; + + /** + * Verifies a WindowsDetail message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a WindowsDetail message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns WindowsDetail + */ + public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityNote.WindowsDetail; + + /** + * Creates a plain object from a WindowsDetail message. Also converts values to other types if specified. + * @param message WindowsDetail + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: grafeas.v1.VulnerabilityNote.WindowsDetail, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this WindowsDetail to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + + /** + * Gets the default type url for WindowsDetail + * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns The default type url + */ + public static getTypeUrl(typeUrlPrefix?: string): string; + } + + namespace WindowsDetail { + + /** Properties of a KnowledgeBase. */ + interface IKnowledgeBase { + + /** KnowledgeBase name */ + name?: (string|null); + + /** KnowledgeBase url */ + url?: (string|null); + } + + /** Represents a KnowledgeBase. */ + class KnowledgeBase implements IKnowledgeBase { + + /** + * Constructs a new KnowledgeBase. + * @param [properties] Properties to set + */ + constructor(properties?: grafeas.v1.VulnerabilityNote.WindowsDetail.IKnowledgeBase); + + /** KnowledgeBase name. */ + public name: string; + + /** KnowledgeBase url. */ + public url: string; + + /** + * Creates a new KnowledgeBase instance using the specified properties. + * @param [properties] Properties to set * @returns KnowledgeBase instance */ public static create(properties?: grafeas.v1.VulnerabilityNote.WindowsDetail.IKnowledgeBase): grafeas.v1.VulnerabilityNote.WindowsDetail.KnowledgeBase; @@ -12073,6 +12826,9 @@ export namespace grafeas { /** VulnerabilityOccurrence cvssV2 */ cvssV2?: (grafeas.v1.ICVSS|null); + + /** VulnerabilityOccurrence vexAssessment */ + vexAssessment?: (grafeas.v1.VulnerabilityOccurrence.IVexAssessment|null); } /** Represents a VulnerabilityOccurrence. */ @@ -12120,6 +12876,9 @@ export namespace grafeas { /** VulnerabilityOccurrence cvssV2. */ public cvssV2?: (grafeas.v1.ICVSS|null); + /** VulnerabilityOccurrence vexAssessment. */ + public vexAssessment?: (grafeas.v1.VulnerabilityOccurrence.IVexAssessment|null); + /** * Creates a new VulnerabilityOccurrence instance using the specified properties. * @param [properties] Properties to set @@ -12350,6 +13109,139 @@ export namespace grafeas { */ public static getTypeUrl(typeUrlPrefix?: string): string; } + + /** Properties of a VexAssessment. */ + interface IVexAssessment { + + /** VexAssessment cve */ + cve?: (string|null); + + /** VexAssessment relatedUris */ + relatedUris?: (grafeas.v1.IRelatedUrl[]|null); + + /** VexAssessment noteName */ + noteName?: (string|null); + + /** VexAssessment state */ + state?: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.State|keyof typeof grafeas.v1.VulnerabilityAssessmentNote.Assessment.State|null); + + /** VexAssessment impacts */ + impacts?: (string[]|null); + + /** VexAssessment remediations */ + remediations?: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.IRemediation[]|null); + + /** VexAssessment justification */ + justification?: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification|null); + } + + /** Represents a VexAssessment. */ + class VexAssessment implements IVexAssessment { + + /** + * Constructs a new VexAssessment. + * @param [properties] Properties to set + */ + constructor(properties?: grafeas.v1.VulnerabilityOccurrence.IVexAssessment); + + /** VexAssessment cve. */ + public cve: string; + + /** VexAssessment relatedUris. */ + public relatedUris: grafeas.v1.IRelatedUrl[]; + + /** VexAssessment noteName. */ + public noteName: string; + + /** VexAssessment state. */ + public state: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.State|keyof typeof grafeas.v1.VulnerabilityAssessmentNote.Assessment.State); + + /** VexAssessment impacts. */ + public impacts: string[]; + + /** VexAssessment remediations. */ + public remediations: grafeas.v1.VulnerabilityAssessmentNote.Assessment.IRemediation[]; + + /** VexAssessment justification. */ + public justification?: (grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification|null); + + /** + * Creates a new VexAssessment instance using the specified properties. + * @param [properties] Properties to set + * @returns VexAssessment instance + */ + public static create(properties?: grafeas.v1.VulnerabilityOccurrence.IVexAssessment): grafeas.v1.VulnerabilityOccurrence.VexAssessment; + + /** + * Encodes the specified VexAssessment message. Does not implicitly {@link grafeas.v1.VulnerabilityOccurrence.VexAssessment.verify|verify} messages. + * @param message VexAssessment message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encode(message: grafeas.v1.VulnerabilityOccurrence.IVexAssessment, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Encodes the specified VexAssessment message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityOccurrence.VexAssessment.verify|verify} messages. + * @param message VexAssessment message or plain object to encode + * @param [writer] Writer to encode to + * @returns Writer + */ + public static encodeDelimited(message: grafeas.v1.VulnerabilityOccurrence.IVexAssessment, writer?: $protobuf.Writer): $protobuf.Writer; + + /** + * Decodes a VexAssessment message from the specified reader or buffer. + * @param reader Reader or buffer to decode from + * @param [length] Message length if known beforehand + * @returns VexAssessment + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decode(reader: ($protobuf.Reader|Uint8Array), length?: number): grafeas.v1.VulnerabilityOccurrence.VexAssessment; + + /** + * Decodes a VexAssessment message from the specified reader or buffer, length delimited. + * @param reader Reader or buffer to decode from + * @returns VexAssessment + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + public static decodeDelimited(reader: ($protobuf.Reader|Uint8Array)): grafeas.v1.VulnerabilityOccurrence.VexAssessment; + + /** + * Verifies a VexAssessment message. + * @param message Plain object to verify + * @returns `null` if valid, otherwise the reason why it is not + */ + public static verify(message: { [k: string]: any }): (string|null); + + /** + * Creates a VexAssessment message from a plain object. Also converts values to their respective internal types. + * @param object Plain object + * @returns VexAssessment + */ + public static fromObject(object: { [k: string]: any }): grafeas.v1.VulnerabilityOccurrence.VexAssessment; + + /** + * Creates a plain object from a VexAssessment message. Also converts values to other types if specified. + * @param message VexAssessment + * @param [options] Conversion options + * @returns Plain object + */ + public static toObject(message: grafeas.v1.VulnerabilityOccurrence.VexAssessment, options?: $protobuf.IConversionOptions): { [k: string]: any }; + + /** + * Converts this VexAssessment to JSON. + * @returns JSON object + */ + public toJSON(): { [k: string]: any }; + + /** + * Gets the default type url for VexAssessment + * @param [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns The default type url + */ + public static getTypeUrl(typeUrlPrefix?: string): string; + } } } diff --git a/packages/google-devtools-containeranalysis/protos/protos.js b/packages/google-devtools-containeranalysis/protos/protos.js index 44b4d60f4af..9e69fb4571f 100644 --- a/packages/google-devtools-containeranalysis/protos/protos.js +++ b/packages/google-devtools-containeranalysis/protos/protos.js @@ -1001,6 +1001,7 @@ * @property {number} UPGRADE=8 UPGRADE value * @property {number} COMPLIANCE=9 COMPLIANCE value * @property {number} DSSE_ATTESTATION=10 DSSE_ATTESTATION value + * @property {number} VULNERABILITY_ASSESSMENT=11 VULNERABILITY_ASSESSMENT value */ v1.NoteKind = (function() { var valuesById = {}, values = Object.create(valuesById); @@ -1015,6 +1016,7 @@ values[valuesById[8] = "UPGRADE"] = 8; values[valuesById[9] = "COMPLIANCE"] = 9; values[valuesById[10] = "DSSE_ATTESTATION"] = 10; + values[valuesById[11] = "VULNERABILITY_ASSESSMENT"] = 11; return values; })(); @@ -16571,6 +16573,7 @@ case 8: case 9: case 10: + case 11: break; } return null; @@ -16639,6 +16642,10 @@ case 10: message.analysisKind = 10; break; + case "VULNERABILITY_ASSESSMENT": + case 11: + message.analysisKind = 11; + break; } return message; }; @@ -19015,6 +19022,7 @@ case 8: case 9: case 10: + case 11: break; } if (message.remediation != null && message.hasOwnProperty("remediation")) @@ -19205,6 +19213,10 @@ case 10: message.kind = 10; break; + case "VULNERABILITY_ASSESSMENT": + case 11: + message.kind = 11; + break; } if (object.remediation != null) message.remediation = String(object.remediation); @@ -19422,6 +19434,7 @@ * @property {grafeas.v1.IUpgradeNote|null} [upgrade] Note upgrade * @property {grafeas.v1.IComplianceNote|null} [compliance] Note compliance * @property {grafeas.v1.IDSSEAttestationNote|null} [dsseAttestation] Note dsseAttestation + * @property {grafeas.v1.IVulnerabilityAssessmentNote|null} [vulnerabilityAssessment] Note vulnerabilityAssessment */ /** @@ -19593,17 +19606,25 @@ */ Note.prototype.dsseAttestation = null; + /** + * Note vulnerabilityAssessment. + * @member {grafeas.v1.IVulnerabilityAssessmentNote|null|undefined} vulnerabilityAssessment + * @memberof grafeas.v1.Note + * @instance + */ + Note.prototype.vulnerabilityAssessment = null; + // OneOf field names bound to virtual getters and setters var $oneOfFields; /** * Note type. - * @member {"vulnerability"|"build"|"image"|"package"|"deployment"|"discovery"|"attestation"|"upgrade"|"compliance"|"dsseAttestation"|undefined} type + * @member {"vulnerability"|"build"|"image"|"package"|"deployment"|"discovery"|"attestation"|"upgrade"|"compliance"|"dsseAttestation"|"vulnerabilityAssessment"|undefined} type * @memberof grafeas.v1.Note * @instance */ Object.defineProperty(Note.prototype, "type", { - get: $util.oneOfGetter($oneOfFields = ["vulnerability", "build", "image", "package", "deployment", "discovery", "attestation", "upgrade", "compliance", "dsseAttestation"]), + get: $util.oneOfGetter($oneOfFields = ["vulnerability", "build", "image", "package", "deployment", "discovery", "attestation", "upgrade", "compliance", "dsseAttestation", "vulnerabilityAssessment"]), set: $util.oneOfSetter($oneOfFields) }); @@ -19671,6 +19692,8 @@ $root.grafeas.v1.ComplianceNote.encode(message.compliance, writer.uint32(/* id 18, wireType 2 =*/146).fork()).ldelim(); if (message.dsseAttestation != null && Object.hasOwnProperty.call(message, "dsseAttestation")) $root.grafeas.v1.DSSEAttestationNote.encode(message.dsseAttestation, writer.uint32(/* id 19, wireType 2 =*/154).fork()).ldelim(); + if (message.vulnerabilityAssessment != null && Object.hasOwnProperty.call(message, "vulnerabilityAssessment")) + $root.grafeas.v1.VulnerabilityAssessmentNote.encode(message.vulnerabilityAssessment, writer.uint32(/* id 20, wireType 2 =*/162).fork()).ldelim(); return writer; }; @@ -19785,6 +19808,10 @@ message.dsseAttestation = $root.grafeas.v1.DSSEAttestationNote.decode(reader, reader.uint32()); break; } + case 20: { + message.vulnerabilityAssessment = $root.grafeas.v1.VulnerabilityAssessmentNote.decode(reader, reader.uint32()); + break; + } default: reader.skipType(tag & 7); break; @@ -19845,6 +19872,7 @@ case 8: case 9: case 10: + case 11: break; } if (message.relatedUrl != null && message.hasOwnProperty("relatedUrl")) { @@ -19976,6 +20004,16 @@ return "dsseAttestation." + error; } } + if (message.vulnerabilityAssessment != null && message.hasOwnProperty("vulnerabilityAssessment")) { + if (properties.type === 1) + return "type: multiple values"; + properties.type = 1; + { + var error = $root.grafeas.v1.VulnerabilityAssessmentNote.verify(message.vulnerabilityAssessment); + if (error) + return "vulnerabilityAssessment." + error; + } + } return null; }; @@ -20048,6 +20086,10 @@ case 10: message.kind = 10; break; + case "VULNERABILITY_ASSESSMENT": + case 11: + message.kind = 11; + break; } if (object.relatedUrl) { if (!Array.isArray(object.relatedUrl)) @@ -20131,6 +20173,11 @@ throw TypeError(".grafeas.v1.Note.dsseAttestation: object expected"); message.dsseAttestation = $root.grafeas.v1.DSSEAttestationNote.fromObject(object.dsseAttestation); } + if (object.vulnerabilityAssessment != null) { + if (typeof object.vulnerabilityAssessment !== "object") + throw TypeError(".grafeas.v1.Note.vulnerabilityAssessment: object expected"); + message.vulnerabilityAssessment = $root.grafeas.v1.VulnerabilityAssessmentNote.fromObject(object.vulnerabilityAssessment); + } return message; }; @@ -20234,6 +20281,11 @@ if (options.oneofs) object.type = "dsseAttestation"; } + if (message.vulnerabilityAssessment != null && message.hasOwnProperty("vulnerabilityAssessment")) { + object.vulnerabilityAssessment = $root.grafeas.v1.VulnerabilityAssessmentNote.toObject(message.vulnerabilityAssessment, options); + if (options.oneofs) + object.type = "vulnerabilityAssessment"; + } return object; }; @@ -29465,33 +29517,30 @@ return UpgradeOccurrence; })(); - v1.VulnerabilityNote = (function() { + v1.VulnerabilityAssessmentNote = (function() { /** - * Properties of a VulnerabilityNote. + * Properties of a VulnerabilityAssessmentNote. * @memberof grafeas.v1 - * @interface IVulnerabilityNote - * @property {number|null} [cvssScore] VulnerabilityNote cvssScore - * @property {grafeas.v1.Severity|null} [severity] VulnerabilityNote severity - * @property {Array.|null} [details] VulnerabilityNote details - * @property {grafeas.v1.ICVSSv3|null} [cvssV3] VulnerabilityNote cvssV3 - * @property {Array.|null} [windowsDetails] VulnerabilityNote windowsDetails - * @property {google.protobuf.ITimestamp|null} [sourceUpdateTime] VulnerabilityNote sourceUpdateTime - * @property {grafeas.v1.CVSSVersion|null} [cvssVersion] VulnerabilityNote cvssVersion - * @property {grafeas.v1.ICVSS|null} [cvssV2] VulnerabilityNote cvssV2 + * @interface IVulnerabilityAssessmentNote + * @property {string|null} [title] VulnerabilityAssessmentNote title + * @property {string|null} [shortDescription] VulnerabilityAssessmentNote shortDescription + * @property {string|null} [longDescription] VulnerabilityAssessmentNote longDescription + * @property {string|null} [languageCode] VulnerabilityAssessmentNote languageCode + * @property {grafeas.v1.VulnerabilityAssessmentNote.IPublisher|null} [publisher] VulnerabilityAssessmentNote publisher + * @property {grafeas.v1.VulnerabilityAssessmentNote.IProduct|null} [product] VulnerabilityAssessmentNote product + * @property {grafeas.v1.VulnerabilityAssessmentNote.IAssessment|null} [assessment] VulnerabilityAssessmentNote assessment */ /** - * Constructs a new VulnerabilityNote. + * Constructs a new VulnerabilityAssessmentNote. * @memberof grafeas.v1 - * @classdesc Represents a VulnerabilityNote. - * @implements IVulnerabilityNote + * @classdesc Represents a VulnerabilityAssessmentNote. + * @implements IVulnerabilityAssessmentNote * @constructor - * @param {grafeas.v1.IVulnerabilityNote=} [properties] Properties to set + * @param {grafeas.v1.IVulnerabilityAssessmentNote=} [properties] Properties to set */ - function VulnerabilityNote(properties) { - this.details = []; - this.windowsDetails = []; + function VulnerabilityAssessmentNote(properties) { if (properties) for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) if (properties[keys[i]] != null) @@ -29499,179 +29548,159 @@ } /** - * VulnerabilityNote cvssScore. - * @member {number} cvssScore - * @memberof grafeas.v1.VulnerabilityNote - * @instance - */ - VulnerabilityNote.prototype.cvssScore = 0; - - /** - * VulnerabilityNote severity. - * @member {grafeas.v1.Severity} severity - * @memberof grafeas.v1.VulnerabilityNote + * VulnerabilityAssessmentNote title. + * @member {string} title + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @instance */ - VulnerabilityNote.prototype.severity = 0; + VulnerabilityAssessmentNote.prototype.title = ""; /** - * VulnerabilityNote details. - * @member {Array.} details - * @memberof grafeas.v1.VulnerabilityNote + * VulnerabilityAssessmentNote shortDescription. + * @member {string} shortDescription + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @instance */ - VulnerabilityNote.prototype.details = $util.emptyArray; + VulnerabilityAssessmentNote.prototype.shortDescription = ""; /** - * VulnerabilityNote cvssV3. - * @member {grafeas.v1.ICVSSv3|null|undefined} cvssV3 - * @memberof grafeas.v1.VulnerabilityNote + * VulnerabilityAssessmentNote longDescription. + * @member {string} longDescription + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @instance */ - VulnerabilityNote.prototype.cvssV3 = null; + VulnerabilityAssessmentNote.prototype.longDescription = ""; /** - * VulnerabilityNote windowsDetails. - * @member {Array.} windowsDetails - * @memberof grafeas.v1.VulnerabilityNote + * VulnerabilityAssessmentNote languageCode. + * @member {string} languageCode + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @instance */ - VulnerabilityNote.prototype.windowsDetails = $util.emptyArray; + VulnerabilityAssessmentNote.prototype.languageCode = ""; /** - * VulnerabilityNote sourceUpdateTime. - * @member {google.protobuf.ITimestamp|null|undefined} sourceUpdateTime - * @memberof grafeas.v1.VulnerabilityNote + * VulnerabilityAssessmentNote publisher. + * @member {grafeas.v1.VulnerabilityAssessmentNote.IPublisher|null|undefined} publisher + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @instance */ - VulnerabilityNote.prototype.sourceUpdateTime = null; + VulnerabilityAssessmentNote.prototype.publisher = null; /** - * VulnerabilityNote cvssVersion. - * @member {grafeas.v1.CVSSVersion} cvssVersion - * @memberof grafeas.v1.VulnerabilityNote + * VulnerabilityAssessmentNote product. + * @member {grafeas.v1.VulnerabilityAssessmentNote.IProduct|null|undefined} product + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @instance */ - VulnerabilityNote.prototype.cvssVersion = 0; + VulnerabilityAssessmentNote.prototype.product = null; /** - * VulnerabilityNote cvssV2. - * @member {grafeas.v1.ICVSS|null|undefined} cvssV2 - * @memberof grafeas.v1.VulnerabilityNote + * VulnerabilityAssessmentNote assessment. + * @member {grafeas.v1.VulnerabilityAssessmentNote.IAssessment|null|undefined} assessment + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @instance */ - VulnerabilityNote.prototype.cvssV2 = null; + VulnerabilityAssessmentNote.prototype.assessment = null; /** - * Creates a new VulnerabilityNote instance using the specified properties. + * Creates a new VulnerabilityAssessmentNote instance using the specified properties. * @function create - * @memberof grafeas.v1.VulnerabilityNote + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @static - * @param {grafeas.v1.IVulnerabilityNote=} [properties] Properties to set - * @returns {grafeas.v1.VulnerabilityNote} VulnerabilityNote instance + * @param {grafeas.v1.IVulnerabilityAssessmentNote=} [properties] Properties to set + * @returns {grafeas.v1.VulnerabilityAssessmentNote} VulnerabilityAssessmentNote instance */ - VulnerabilityNote.create = function create(properties) { - return new VulnerabilityNote(properties); + VulnerabilityAssessmentNote.create = function create(properties) { + return new VulnerabilityAssessmentNote(properties); }; /** - * Encodes the specified VulnerabilityNote message. Does not implicitly {@link grafeas.v1.VulnerabilityNote.verify|verify} messages. + * Encodes the specified VulnerabilityAssessmentNote message. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.verify|verify} messages. * @function encode - * @memberof grafeas.v1.VulnerabilityNote + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @static - * @param {grafeas.v1.IVulnerabilityNote} message VulnerabilityNote message or plain object to encode + * @param {grafeas.v1.IVulnerabilityAssessmentNote} message VulnerabilityAssessmentNote message or plain object to encode * @param {$protobuf.Writer} [writer] Writer to encode to * @returns {$protobuf.Writer} Writer */ - VulnerabilityNote.encode = function encode(message, writer) { + VulnerabilityAssessmentNote.encode = function encode(message, writer) { if (!writer) writer = $Writer.create(); - if (message.cvssScore != null && Object.hasOwnProperty.call(message, "cvssScore")) - writer.uint32(/* id 1, wireType 5 =*/13).float(message.cvssScore); - if (message.severity != null && Object.hasOwnProperty.call(message, "severity")) - writer.uint32(/* id 2, wireType 0 =*/16).int32(message.severity); - if (message.details != null && message.details.length) - for (var i = 0; i < message.details.length; ++i) - $root.grafeas.v1.VulnerabilityNote.Detail.encode(message.details[i], writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); - if (message.cvssV3 != null && Object.hasOwnProperty.call(message, "cvssV3")) - $root.grafeas.v1.CVSSv3.encode(message.cvssV3, writer.uint32(/* id 4, wireType 2 =*/34).fork()).ldelim(); - if (message.windowsDetails != null && message.windowsDetails.length) - for (var i = 0; i < message.windowsDetails.length; ++i) - $root.grafeas.v1.VulnerabilityNote.WindowsDetail.encode(message.windowsDetails[i], writer.uint32(/* id 5, wireType 2 =*/42).fork()).ldelim(); - if (message.sourceUpdateTime != null && Object.hasOwnProperty.call(message, "sourceUpdateTime")) - $root.google.protobuf.Timestamp.encode(message.sourceUpdateTime, writer.uint32(/* id 6, wireType 2 =*/50).fork()).ldelim(); - if (message.cvssVersion != null && Object.hasOwnProperty.call(message, "cvssVersion")) - writer.uint32(/* id 7, wireType 0 =*/56).int32(message.cvssVersion); - if (message.cvssV2 != null && Object.hasOwnProperty.call(message, "cvssV2")) - $root.grafeas.v1.CVSS.encode(message.cvssV2, writer.uint32(/* id 8, wireType 2 =*/66).fork()).ldelim(); + if (message.title != null && Object.hasOwnProperty.call(message, "title")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.title); + if (message.shortDescription != null && Object.hasOwnProperty.call(message, "shortDescription")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.shortDescription); + if (message.longDescription != null && Object.hasOwnProperty.call(message, "longDescription")) + writer.uint32(/* id 3, wireType 2 =*/26).string(message.longDescription); + if (message.languageCode != null && Object.hasOwnProperty.call(message, "languageCode")) + writer.uint32(/* id 4, wireType 2 =*/34).string(message.languageCode); + if (message.publisher != null && Object.hasOwnProperty.call(message, "publisher")) + $root.grafeas.v1.VulnerabilityAssessmentNote.Publisher.encode(message.publisher, writer.uint32(/* id 5, wireType 2 =*/42).fork()).ldelim(); + if (message.product != null && Object.hasOwnProperty.call(message, "product")) + $root.grafeas.v1.VulnerabilityAssessmentNote.Product.encode(message.product, writer.uint32(/* id 6, wireType 2 =*/50).fork()).ldelim(); + if (message.assessment != null && Object.hasOwnProperty.call(message, "assessment")) + $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.encode(message.assessment, writer.uint32(/* id 7, wireType 2 =*/58).fork()).ldelim(); return writer; }; /** - * Encodes the specified VulnerabilityNote message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityNote.verify|verify} messages. + * Encodes the specified VulnerabilityAssessmentNote message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.verify|verify} messages. * @function encodeDelimited - * @memberof grafeas.v1.VulnerabilityNote + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @static - * @param {grafeas.v1.IVulnerabilityNote} message VulnerabilityNote message or plain object to encode + * @param {grafeas.v1.IVulnerabilityAssessmentNote} message VulnerabilityAssessmentNote message or plain object to encode * @param {$protobuf.Writer} [writer] Writer to encode to * @returns {$protobuf.Writer} Writer */ - VulnerabilityNote.encodeDelimited = function encodeDelimited(message, writer) { + VulnerabilityAssessmentNote.encodeDelimited = function encodeDelimited(message, writer) { return this.encode(message, writer).ldelim(); }; /** - * Decodes a VulnerabilityNote message from the specified reader or buffer. + * Decodes a VulnerabilityAssessmentNote message from the specified reader or buffer. * @function decode - * @memberof grafeas.v1.VulnerabilityNote + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @static * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from * @param {number} [length] Message length if known beforehand - * @returns {grafeas.v1.VulnerabilityNote} VulnerabilityNote + * @returns {grafeas.v1.VulnerabilityAssessmentNote} VulnerabilityAssessmentNote * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - VulnerabilityNote.decode = function decode(reader, length) { + VulnerabilityAssessmentNote.decode = function decode(reader, length) { if (!(reader instanceof $Reader)) reader = $Reader.create(reader); - var end = length === undefined ? reader.len : reader.pos + length, message = new $root.grafeas.v1.VulnerabilityNote(); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.grafeas.v1.VulnerabilityAssessmentNote(); while (reader.pos < end) { var tag = reader.uint32(); switch (tag >>> 3) { case 1: { - message.cvssScore = reader.float(); + message.title = reader.string(); break; } case 2: { - message.severity = reader.int32(); + message.shortDescription = reader.string(); break; } case 3: { - if (!(message.details && message.details.length)) - message.details = []; - message.details.push($root.grafeas.v1.VulnerabilityNote.Detail.decode(reader, reader.uint32())); + message.longDescription = reader.string(); break; } case 4: { - message.cvssV3 = $root.grafeas.v1.CVSSv3.decode(reader, reader.uint32()); + message.languageCode = reader.string(); break; } case 5: { - if (!(message.windowsDetails && message.windowsDetails.length)) - message.windowsDetails = []; - message.windowsDetails.push($root.grafeas.v1.VulnerabilityNote.WindowsDetail.decode(reader, reader.uint32())); + message.publisher = $root.grafeas.v1.VulnerabilityAssessmentNote.Publisher.decode(reader, reader.uint32()); break; } case 6: { - message.sourceUpdateTime = $root.google.protobuf.Timestamp.decode(reader, reader.uint32()); + message.product = $root.grafeas.v1.VulnerabilityAssessmentNote.Product.decode(reader, reader.uint32()); break; } case 7: { - message.cvssVersion = reader.int32(); - break; - } - case 8: { - message.cvssV2 = $root.grafeas.v1.CVSS.decode(reader, reader.uint32()); + message.assessment = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.decode(reader, reader.uint32()); break; } default: @@ -29683,141 +29712,2128 @@ }; /** - * Decodes a VulnerabilityNote message from the specified reader or buffer, length delimited. + * Decodes a VulnerabilityAssessmentNote message from the specified reader or buffer, length delimited. * @function decodeDelimited - * @memberof grafeas.v1.VulnerabilityNote + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @static * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from - * @returns {grafeas.v1.VulnerabilityNote} VulnerabilityNote + * @returns {grafeas.v1.VulnerabilityAssessmentNote} VulnerabilityAssessmentNote * @throws {Error} If the payload is not a reader or valid buffer * @throws {$protobuf.util.ProtocolError} If required fields are missing */ - VulnerabilityNote.decodeDelimited = function decodeDelimited(reader) { + VulnerabilityAssessmentNote.decodeDelimited = function decodeDelimited(reader) { if (!(reader instanceof $Reader)) reader = new $Reader(reader); return this.decode(reader, reader.uint32()); }; /** - * Verifies a VulnerabilityNote message. + * Verifies a VulnerabilityAssessmentNote message. * @function verify - * @memberof grafeas.v1.VulnerabilityNote + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @static * @param {Object.} message Plain object to verify * @returns {string|null} `null` if valid, otherwise the reason why it is not */ - VulnerabilityNote.verify = function verify(message) { + VulnerabilityAssessmentNote.verify = function verify(message) { if (typeof message !== "object" || message === null) return "object expected"; - if (message.cvssScore != null && message.hasOwnProperty("cvssScore")) - if (typeof message.cvssScore !== "number") - return "cvssScore: number expected"; - if (message.severity != null && message.hasOwnProperty("severity")) - switch (message.severity) { - default: - return "severity: enum value expected"; - case 0: - case 1: - case 2: - case 3: - case 4: - case 5: - break; - } - if (message.details != null && message.hasOwnProperty("details")) { - if (!Array.isArray(message.details)) - return "details: array expected"; - for (var i = 0; i < message.details.length; ++i) { - var error = $root.grafeas.v1.VulnerabilityNote.Detail.verify(message.details[i]); - if (error) - return "details." + error; - } - } - if (message.cvssV3 != null && message.hasOwnProperty("cvssV3")) { - var error = $root.grafeas.v1.CVSSv3.verify(message.cvssV3); + if (message.title != null && message.hasOwnProperty("title")) + if (!$util.isString(message.title)) + return "title: string expected"; + if (message.shortDescription != null && message.hasOwnProperty("shortDescription")) + if (!$util.isString(message.shortDescription)) + return "shortDescription: string expected"; + if (message.longDescription != null && message.hasOwnProperty("longDescription")) + if (!$util.isString(message.longDescription)) + return "longDescription: string expected"; + if (message.languageCode != null && message.hasOwnProperty("languageCode")) + if (!$util.isString(message.languageCode)) + return "languageCode: string expected"; + if (message.publisher != null && message.hasOwnProperty("publisher")) { + var error = $root.grafeas.v1.VulnerabilityAssessmentNote.Publisher.verify(message.publisher); if (error) - return "cvssV3." + error; - } - if (message.windowsDetails != null && message.hasOwnProperty("windowsDetails")) { - if (!Array.isArray(message.windowsDetails)) - return "windowsDetails: array expected"; - for (var i = 0; i < message.windowsDetails.length; ++i) { - var error = $root.grafeas.v1.VulnerabilityNote.WindowsDetail.verify(message.windowsDetails[i]); - if (error) - return "windowsDetails." + error; - } + return "publisher." + error; } - if (message.sourceUpdateTime != null && message.hasOwnProperty("sourceUpdateTime")) { - var error = $root.google.protobuf.Timestamp.verify(message.sourceUpdateTime); + if (message.product != null && message.hasOwnProperty("product")) { + var error = $root.grafeas.v1.VulnerabilityAssessmentNote.Product.verify(message.product); if (error) - return "sourceUpdateTime." + error; + return "product." + error; } - if (message.cvssVersion != null && message.hasOwnProperty("cvssVersion")) - switch (message.cvssVersion) { - default: - return "cvssVersion: enum value expected"; - case 0: - case 1: - case 2: - break; - } - if (message.cvssV2 != null && message.hasOwnProperty("cvssV2")) { - var error = $root.grafeas.v1.CVSS.verify(message.cvssV2); + if (message.assessment != null && message.hasOwnProperty("assessment")) { + var error = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.verify(message.assessment); if (error) - return "cvssV2." + error; + return "assessment." + error; } return null; }; /** - * Creates a VulnerabilityNote message from a plain object. Also converts values to their respective internal types. + * Creates a VulnerabilityAssessmentNote message from a plain object. Also converts values to their respective internal types. * @function fromObject - * @memberof grafeas.v1.VulnerabilityNote + * @memberof grafeas.v1.VulnerabilityAssessmentNote * @static * @param {Object.} object Plain object - * @returns {grafeas.v1.VulnerabilityNote} VulnerabilityNote + * @returns {grafeas.v1.VulnerabilityAssessmentNote} VulnerabilityAssessmentNote */ - VulnerabilityNote.fromObject = function fromObject(object) { - if (object instanceof $root.grafeas.v1.VulnerabilityNote) + VulnerabilityAssessmentNote.fromObject = function fromObject(object) { + if (object instanceof $root.grafeas.v1.VulnerabilityAssessmentNote) return object; - var message = new $root.grafeas.v1.VulnerabilityNote(); - if (object.cvssScore != null) - message.cvssScore = Number(object.cvssScore); - switch (object.severity) { - default: - if (typeof object.severity === "number") { - message.severity = object.severity; - break; - } - break; - case "SEVERITY_UNSPECIFIED": - case 0: - message.severity = 0; - break; - case "MINIMAL": - case 1: - message.severity = 1; - break; - case "LOW": - case 2: - message.severity = 2; - break; - case "MEDIUM": - case 3: - message.severity = 3; - break; - case "HIGH": - case 4: - message.severity = 4; - break; - case "CRITICAL": - case 5: - message.severity = 5; - break; - } - if (object.details) { - if (!Array.isArray(object.details)) - throw TypeError(".grafeas.v1.VulnerabilityNote.details: array expected"); + var message = new $root.grafeas.v1.VulnerabilityAssessmentNote(); + if (object.title != null) + message.title = String(object.title); + if (object.shortDescription != null) + message.shortDescription = String(object.shortDescription); + if (object.longDescription != null) + message.longDescription = String(object.longDescription); + if (object.languageCode != null) + message.languageCode = String(object.languageCode); + if (object.publisher != null) { + if (typeof object.publisher !== "object") + throw TypeError(".grafeas.v1.VulnerabilityAssessmentNote.publisher: object expected"); + message.publisher = $root.grafeas.v1.VulnerabilityAssessmentNote.Publisher.fromObject(object.publisher); + } + if (object.product != null) { + if (typeof object.product !== "object") + throw TypeError(".grafeas.v1.VulnerabilityAssessmentNote.product: object expected"); + message.product = $root.grafeas.v1.VulnerabilityAssessmentNote.Product.fromObject(object.product); + } + if (object.assessment != null) { + if (typeof object.assessment !== "object") + throw TypeError(".grafeas.v1.VulnerabilityAssessmentNote.assessment: object expected"); + message.assessment = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.fromObject(object.assessment); + } + return message; + }; + + /** + * Creates a plain object from a VulnerabilityAssessmentNote message. Also converts values to other types if specified. + * @function toObject + * @memberof grafeas.v1.VulnerabilityAssessmentNote + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote} message VulnerabilityAssessmentNote + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + VulnerabilityAssessmentNote.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.title = ""; + object.shortDescription = ""; + object.longDescription = ""; + object.languageCode = ""; + object.publisher = null; + object.product = null; + object.assessment = null; + } + if (message.title != null && message.hasOwnProperty("title")) + object.title = message.title; + if (message.shortDescription != null && message.hasOwnProperty("shortDescription")) + object.shortDescription = message.shortDescription; + if (message.longDescription != null && message.hasOwnProperty("longDescription")) + object.longDescription = message.longDescription; + if (message.languageCode != null && message.hasOwnProperty("languageCode")) + object.languageCode = message.languageCode; + if (message.publisher != null && message.hasOwnProperty("publisher")) + object.publisher = $root.grafeas.v1.VulnerabilityAssessmentNote.Publisher.toObject(message.publisher, options); + if (message.product != null && message.hasOwnProperty("product")) + object.product = $root.grafeas.v1.VulnerabilityAssessmentNote.Product.toObject(message.product, options); + if (message.assessment != null && message.hasOwnProperty("assessment")) + object.assessment = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.toObject(message.assessment, options); + return object; + }; + + /** + * Converts this VulnerabilityAssessmentNote to JSON. + * @function toJSON + * @memberof grafeas.v1.VulnerabilityAssessmentNote + * @instance + * @returns {Object.} JSON object + */ + VulnerabilityAssessmentNote.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + /** + * Gets the default type url for VulnerabilityAssessmentNote + * @function getTypeUrl + * @memberof grafeas.v1.VulnerabilityAssessmentNote + * @static + * @param {string} [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns {string} The default type url + */ + VulnerabilityAssessmentNote.getTypeUrl = function getTypeUrl(typeUrlPrefix) { + if (typeUrlPrefix === undefined) { + typeUrlPrefix = "type.googleapis.com"; + } + return typeUrlPrefix + "/grafeas.v1.VulnerabilityAssessmentNote"; + }; + + VulnerabilityAssessmentNote.Publisher = (function() { + + /** + * Properties of a Publisher. + * @memberof grafeas.v1.VulnerabilityAssessmentNote + * @interface IPublisher + * @property {string|null} [name] Publisher name + * @property {string|null} [issuingAuthority] Publisher issuingAuthority + * @property {string|null} [publisherNamespace] Publisher publisherNamespace + */ + + /** + * Constructs a new Publisher. + * @memberof grafeas.v1.VulnerabilityAssessmentNote + * @classdesc Represents a Publisher. + * @implements IPublisher + * @constructor + * @param {grafeas.v1.VulnerabilityAssessmentNote.IPublisher=} [properties] Properties to set + */ + function Publisher(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Publisher name. + * @member {string} name + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @instance + */ + Publisher.prototype.name = ""; + + /** + * Publisher issuingAuthority. + * @member {string} issuingAuthority + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @instance + */ + Publisher.prototype.issuingAuthority = ""; + + /** + * Publisher publisherNamespace. + * @member {string} publisherNamespace + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @instance + */ + Publisher.prototype.publisherNamespace = ""; + + /** + * Creates a new Publisher instance using the specified properties. + * @function create + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.IPublisher=} [properties] Properties to set + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Publisher} Publisher instance + */ + Publisher.create = function create(properties) { + return new Publisher(properties); + }; + + /** + * Encodes the specified Publisher message. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Publisher.verify|verify} messages. + * @function encode + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.IPublisher} message Publisher message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Publisher.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.name != null && Object.hasOwnProperty.call(message, "name")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.name); + if (message.issuingAuthority != null && Object.hasOwnProperty.call(message, "issuingAuthority")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.issuingAuthority); + if (message.publisherNamespace != null && Object.hasOwnProperty.call(message, "publisherNamespace")) + writer.uint32(/* id 3, wireType 2 =*/26).string(message.publisherNamespace); + return writer; + }; + + /** + * Encodes the specified Publisher message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Publisher.verify|verify} messages. + * @function encodeDelimited + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.IPublisher} message Publisher message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Publisher.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a Publisher message from the specified reader or buffer. + * @function decode + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Publisher} Publisher + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Publisher.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.grafeas.v1.VulnerabilityAssessmentNote.Publisher(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: { + message.name = reader.string(); + break; + } + case 2: { + message.issuingAuthority = reader.string(); + break; + } + case 3: { + message.publisherNamespace = reader.string(); + break; + } + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a Publisher message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Publisher} Publisher + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Publisher.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a Publisher message. + * @function verify + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Publisher.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.name != null && message.hasOwnProperty("name")) + if (!$util.isString(message.name)) + return "name: string expected"; + if (message.issuingAuthority != null && message.hasOwnProperty("issuingAuthority")) + if (!$util.isString(message.issuingAuthority)) + return "issuingAuthority: string expected"; + if (message.publisherNamespace != null && message.hasOwnProperty("publisherNamespace")) + if (!$util.isString(message.publisherNamespace)) + return "publisherNamespace: string expected"; + return null; + }; + + /** + * Creates a Publisher message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @static + * @param {Object.} object Plain object + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Publisher} Publisher + */ + Publisher.fromObject = function fromObject(object) { + if (object instanceof $root.grafeas.v1.VulnerabilityAssessmentNote.Publisher) + return object; + var message = new $root.grafeas.v1.VulnerabilityAssessmentNote.Publisher(); + if (object.name != null) + message.name = String(object.name); + if (object.issuingAuthority != null) + message.issuingAuthority = String(object.issuingAuthority); + if (object.publisherNamespace != null) + message.publisherNamespace = String(object.publisherNamespace); + return message; + }; + + /** + * Creates a plain object from a Publisher message. Also converts values to other types if specified. + * @function toObject + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.Publisher} message Publisher + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Publisher.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.name = ""; + object.issuingAuthority = ""; + object.publisherNamespace = ""; + } + if (message.name != null && message.hasOwnProperty("name")) + object.name = message.name; + if (message.issuingAuthority != null && message.hasOwnProperty("issuingAuthority")) + object.issuingAuthority = message.issuingAuthority; + if (message.publisherNamespace != null && message.hasOwnProperty("publisherNamespace")) + object.publisherNamespace = message.publisherNamespace; + return object; + }; + + /** + * Converts this Publisher to JSON. + * @function toJSON + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @instance + * @returns {Object.} JSON object + */ + Publisher.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + /** + * Gets the default type url for Publisher + * @function getTypeUrl + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Publisher + * @static + * @param {string} [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns {string} The default type url + */ + Publisher.getTypeUrl = function getTypeUrl(typeUrlPrefix) { + if (typeUrlPrefix === undefined) { + typeUrlPrefix = "type.googleapis.com"; + } + return typeUrlPrefix + "/grafeas.v1.VulnerabilityAssessmentNote.Publisher"; + }; + + return Publisher; + })(); + + VulnerabilityAssessmentNote.Product = (function() { + + /** + * Properties of a Product. + * @memberof grafeas.v1.VulnerabilityAssessmentNote + * @interface IProduct + * @property {string|null} [name] Product name + * @property {string|null} [id] Product id + * @property {string|null} [genericUri] Product genericUri + */ + + /** + * Constructs a new Product. + * @memberof grafeas.v1.VulnerabilityAssessmentNote + * @classdesc Represents a Product. + * @implements IProduct + * @constructor + * @param {grafeas.v1.VulnerabilityAssessmentNote.IProduct=} [properties] Properties to set + */ + function Product(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Product name. + * @member {string} name + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @instance + */ + Product.prototype.name = ""; + + /** + * Product id. + * @member {string} id + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @instance + */ + Product.prototype.id = ""; + + /** + * Product genericUri. + * @member {string|null|undefined} genericUri + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @instance + */ + Product.prototype.genericUri = null; + + // OneOf field names bound to virtual getters and setters + var $oneOfFields; + + /** + * Product identifier. + * @member {"genericUri"|undefined} identifier + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @instance + */ + Object.defineProperty(Product.prototype, "identifier", { + get: $util.oneOfGetter($oneOfFields = ["genericUri"]), + set: $util.oneOfSetter($oneOfFields) + }); + + /** + * Creates a new Product instance using the specified properties. + * @function create + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.IProduct=} [properties] Properties to set + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Product} Product instance + */ + Product.create = function create(properties) { + return new Product(properties); + }; + + /** + * Encodes the specified Product message. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Product.verify|verify} messages. + * @function encode + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.IProduct} message Product message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Product.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.name != null && Object.hasOwnProperty.call(message, "name")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.name); + if (message.id != null && Object.hasOwnProperty.call(message, "id")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.id); + if (message.genericUri != null && Object.hasOwnProperty.call(message, "genericUri")) + writer.uint32(/* id 3, wireType 2 =*/26).string(message.genericUri); + return writer; + }; + + /** + * Encodes the specified Product message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Product.verify|verify} messages. + * @function encodeDelimited + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.IProduct} message Product message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Product.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a Product message from the specified reader or buffer. + * @function decode + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Product} Product + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Product.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.grafeas.v1.VulnerabilityAssessmentNote.Product(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: { + message.name = reader.string(); + break; + } + case 2: { + message.id = reader.string(); + break; + } + case 3: { + message.genericUri = reader.string(); + break; + } + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a Product message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Product} Product + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Product.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a Product message. + * @function verify + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Product.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + var properties = {}; + if (message.name != null && message.hasOwnProperty("name")) + if (!$util.isString(message.name)) + return "name: string expected"; + if (message.id != null && message.hasOwnProperty("id")) + if (!$util.isString(message.id)) + return "id: string expected"; + if (message.genericUri != null && message.hasOwnProperty("genericUri")) { + properties.identifier = 1; + if (!$util.isString(message.genericUri)) + return "genericUri: string expected"; + } + return null; + }; + + /** + * Creates a Product message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @static + * @param {Object.} object Plain object + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Product} Product + */ + Product.fromObject = function fromObject(object) { + if (object instanceof $root.grafeas.v1.VulnerabilityAssessmentNote.Product) + return object; + var message = new $root.grafeas.v1.VulnerabilityAssessmentNote.Product(); + if (object.name != null) + message.name = String(object.name); + if (object.id != null) + message.id = String(object.id); + if (object.genericUri != null) + message.genericUri = String(object.genericUri); + return message; + }; + + /** + * Creates a plain object from a Product message. Also converts values to other types if specified. + * @function toObject + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.Product} message Product + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Product.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.name = ""; + object.id = ""; + } + if (message.name != null && message.hasOwnProperty("name")) + object.name = message.name; + if (message.id != null && message.hasOwnProperty("id")) + object.id = message.id; + if (message.genericUri != null && message.hasOwnProperty("genericUri")) { + object.genericUri = message.genericUri; + if (options.oneofs) + object.identifier = "genericUri"; + } + return object; + }; + + /** + * Converts this Product to JSON. + * @function toJSON + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @instance + * @returns {Object.} JSON object + */ + Product.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + /** + * Gets the default type url for Product + * @function getTypeUrl + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Product + * @static + * @param {string} [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns {string} The default type url + */ + Product.getTypeUrl = function getTypeUrl(typeUrlPrefix) { + if (typeUrlPrefix === undefined) { + typeUrlPrefix = "type.googleapis.com"; + } + return typeUrlPrefix + "/grafeas.v1.VulnerabilityAssessmentNote.Product"; + }; + + return Product; + })(); + + VulnerabilityAssessmentNote.Assessment = (function() { + + /** + * Properties of an Assessment. + * @memberof grafeas.v1.VulnerabilityAssessmentNote + * @interface IAssessment + * @property {string|null} [cve] Assessment cve + * @property {string|null} [shortDescription] Assessment shortDescription + * @property {string|null} [longDescription] Assessment longDescription + * @property {Array.|null} [relatedUris] Assessment relatedUris + * @property {grafeas.v1.VulnerabilityAssessmentNote.Assessment.State|null} [state] Assessment state + * @property {Array.|null} [impacts] Assessment impacts + * @property {grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification|null} [justification] Assessment justification + * @property {Array.|null} [remediations] Assessment remediations + */ + + /** + * Constructs a new Assessment. + * @memberof grafeas.v1.VulnerabilityAssessmentNote + * @classdesc Represents an Assessment. + * @implements IAssessment + * @constructor + * @param {grafeas.v1.VulnerabilityAssessmentNote.IAssessment=} [properties] Properties to set + */ + function Assessment(properties) { + this.relatedUris = []; + this.impacts = []; + this.remediations = []; + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Assessment cve. + * @member {string} cve + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @instance + */ + Assessment.prototype.cve = ""; + + /** + * Assessment shortDescription. + * @member {string} shortDescription + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @instance + */ + Assessment.prototype.shortDescription = ""; + + /** + * Assessment longDescription. + * @member {string} longDescription + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @instance + */ + Assessment.prototype.longDescription = ""; + + /** + * Assessment relatedUris. + * @member {Array.} relatedUris + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @instance + */ + Assessment.prototype.relatedUris = $util.emptyArray; + + /** + * Assessment state. + * @member {grafeas.v1.VulnerabilityAssessmentNote.Assessment.State} state + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @instance + */ + Assessment.prototype.state = 0; + + /** + * Assessment impacts. + * @member {Array.} impacts + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @instance + */ + Assessment.prototype.impacts = $util.emptyArray; + + /** + * Assessment justification. + * @member {grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification|null|undefined} justification + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @instance + */ + Assessment.prototype.justification = null; + + /** + * Assessment remediations. + * @member {Array.} remediations + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @instance + */ + Assessment.prototype.remediations = $util.emptyArray; + + /** + * Creates a new Assessment instance using the specified properties. + * @function create + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.IAssessment=} [properties] Properties to set + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Assessment} Assessment instance + */ + Assessment.create = function create(properties) { + return new Assessment(properties); + }; + + /** + * Encodes the specified Assessment message. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Assessment.verify|verify} messages. + * @function encode + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.IAssessment} message Assessment message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Assessment.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.cve != null && Object.hasOwnProperty.call(message, "cve")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.cve); + if (message.shortDescription != null && Object.hasOwnProperty.call(message, "shortDescription")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.shortDescription); + if (message.longDescription != null && Object.hasOwnProperty.call(message, "longDescription")) + writer.uint32(/* id 3, wireType 2 =*/26).string(message.longDescription); + if (message.relatedUris != null && message.relatedUris.length) + for (var i = 0; i < message.relatedUris.length; ++i) + $root.grafeas.v1.RelatedUrl.encode(message.relatedUris[i], writer.uint32(/* id 4, wireType 2 =*/34).fork()).ldelim(); + if (message.state != null && Object.hasOwnProperty.call(message, "state")) + writer.uint32(/* id 5, wireType 0 =*/40).int32(message.state); + if (message.impacts != null && message.impacts.length) + for (var i = 0; i < message.impacts.length; ++i) + writer.uint32(/* id 6, wireType 2 =*/50).string(message.impacts[i]); + if (message.justification != null && Object.hasOwnProperty.call(message, "justification")) + $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.encode(message.justification, writer.uint32(/* id 7, wireType 2 =*/58).fork()).ldelim(); + if (message.remediations != null && message.remediations.length) + for (var i = 0; i < message.remediations.length; ++i) + $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.encode(message.remediations[i], writer.uint32(/* id 8, wireType 2 =*/66).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified Assessment message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Assessment.verify|verify} messages. + * @function encodeDelimited + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.IAssessment} message Assessment message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Assessment.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes an Assessment message from the specified reader or buffer. + * @function decode + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Assessment} Assessment + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Assessment.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: { + message.cve = reader.string(); + break; + } + case 2: { + message.shortDescription = reader.string(); + break; + } + case 3: { + message.longDescription = reader.string(); + break; + } + case 4: { + if (!(message.relatedUris && message.relatedUris.length)) + message.relatedUris = []; + message.relatedUris.push($root.grafeas.v1.RelatedUrl.decode(reader, reader.uint32())); + break; + } + case 5: { + message.state = reader.int32(); + break; + } + case 6: { + if (!(message.impacts && message.impacts.length)) + message.impacts = []; + message.impacts.push(reader.string()); + break; + } + case 7: { + message.justification = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.decode(reader, reader.uint32()); + break; + } + case 8: { + if (!(message.remediations && message.remediations.length)) + message.remediations = []; + message.remediations.push($root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.decode(reader, reader.uint32())); + break; + } + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes an Assessment message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Assessment} Assessment + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Assessment.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies an Assessment message. + * @function verify + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Assessment.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.cve != null && message.hasOwnProperty("cve")) + if (!$util.isString(message.cve)) + return "cve: string expected"; + if (message.shortDescription != null && message.hasOwnProperty("shortDescription")) + if (!$util.isString(message.shortDescription)) + return "shortDescription: string expected"; + if (message.longDescription != null && message.hasOwnProperty("longDescription")) + if (!$util.isString(message.longDescription)) + return "longDescription: string expected"; + if (message.relatedUris != null && message.hasOwnProperty("relatedUris")) { + if (!Array.isArray(message.relatedUris)) + return "relatedUris: array expected"; + for (var i = 0; i < message.relatedUris.length; ++i) { + var error = $root.grafeas.v1.RelatedUrl.verify(message.relatedUris[i]); + if (error) + return "relatedUris." + error; + } + } + if (message.state != null && message.hasOwnProperty("state")) + switch (message.state) { + default: + return "state: enum value expected"; + case 0: + case 1: + case 2: + case 3: + case 4: + break; + } + if (message.impacts != null && message.hasOwnProperty("impacts")) { + if (!Array.isArray(message.impacts)) + return "impacts: array expected"; + for (var i = 0; i < message.impacts.length; ++i) + if (!$util.isString(message.impacts[i])) + return "impacts: string[] expected"; + } + if (message.justification != null && message.hasOwnProperty("justification")) { + var error = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.verify(message.justification); + if (error) + return "justification." + error; + } + if (message.remediations != null && message.hasOwnProperty("remediations")) { + if (!Array.isArray(message.remediations)) + return "remediations: array expected"; + for (var i = 0; i < message.remediations.length; ++i) { + var error = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.verify(message.remediations[i]); + if (error) + return "remediations." + error; + } + } + return null; + }; + + /** + * Creates an Assessment message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @static + * @param {Object.} object Plain object + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Assessment} Assessment + */ + Assessment.fromObject = function fromObject(object) { + if (object instanceof $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment) + return object; + var message = new $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment(); + if (object.cve != null) + message.cve = String(object.cve); + if (object.shortDescription != null) + message.shortDescription = String(object.shortDescription); + if (object.longDescription != null) + message.longDescription = String(object.longDescription); + if (object.relatedUris) { + if (!Array.isArray(object.relatedUris)) + throw TypeError(".grafeas.v1.VulnerabilityAssessmentNote.Assessment.relatedUris: array expected"); + message.relatedUris = []; + for (var i = 0; i < object.relatedUris.length; ++i) { + if (typeof object.relatedUris[i] !== "object") + throw TypeError(".grafeas.v1.VulnerabilityAssessmentNote.Assessment.relatedUris: object expected"); + message.relatedUris[i] = $root.grafeas.v1.RelatedUrl.fromObject(object.relatedUris[i]); + } + } + switch (object.state) { + default: + if (typeof object.state === "number") { + message.state = object.state; + break; + } + break; + case "STATE_UNSPECIFIED": + case 0: + message.state = 0; + break; + case "AFFECTED": + case 1: + message.state = 1; + break; + case "NOT_AFFECTED": + case 2: + message.state = 2; + break; + case "FIXED": + case 3: + message.state = 3; + break; + case "UNDER_INVESTIGATION": + case 4: + message.state = 4; + break; + } + if (object.impacts) { + if (!Array.isArray(object.impacts)) + throw TypeError(".grafeas.v1.VulnerabilityAssessmentNote.Assessment.impacts: array expected"); + message.impacts = []; + for (var i = 0; i < object.impacts.length; ++i) + message.impacts[i] = String(object.impacts[i]); + } + if (object.justification != null) { + if (typeof object.justification !== "object") + throw TypeError(".grafeas.v1.VulnerabilityAssessmentNote.Assessment.justification: object expected"); + message.justification = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.fromObject(object.justification); + } + if (object.remediations) { + if (!Array.isArray(object.remediations)) + throw TypeError(".grafeas.v1.VulnerabilityAssessmentNote.Assessment.remediations: array expected"); + message.remediations = []; + for (var i = 0; i < object.remediations.length; ++i) { + if (typeof object.remediations[i] !== "object") + throw TypeError(".grafeas.v1.VulnerabilityAssessmentNote.Assessment.remediations: object expected"); + message.remediations[i] = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.fromObject(object.remediations[i]); + } + } + return message; + }; + + /** + * Creates a plain object from an Assessment message. Also converts values to other types if specified. + * @function toObject + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.Assessment} message Assessment + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Assessment.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.arrays || options.defaults) { + object.relatedUris = []; + object.impacts = []; + object.remediations = []; + } + if (options.defaults) { + object.cve = ""; + object.shortDescription = ""; + object.longDescription = ""; + object.state = options.enums === String ? "STATE_UNSPECIFIED" : 0; + object.justification = null; + } + if (message.cve != null && message.hasOwnProperty("cve")) + object.cve = message.cve; + if (message.shortDescription != null && message.hasOwnProperty("shortDescription")) + object.shortDescription = message.shortDescription; + if (message.longDescription != null && message.hasOwnProperty("longDescription")) + object.longDescription = message.longDescription; + if (message.relatedUris && message.relatedUris.length) { + object.relatedUris = []; + for (var j = 0; j < message.relatedUris.length; ++j) + object.relatedUris[j] = $root.grafeas.v1.RelatedUrl.toObject(message.relatedUris[j], options); + } + if (message.state != null && message.hasOwnProperty("state")) + object.state = options.enums === String ? $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.State[message.state] === undefined ? message.state : $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.State[message.state] : message.state; + if (message.impacts && message.impacts.length) { + object.impacts = []; + for (var j = 0; j < message.impacts.length; ++j) + object.impacts[j] = message.impacts[j]; + } + if (message.justification != null && message.hasOwnProperty("justification")) + object.justification = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.toObject(message.justification, options); + if (message.remediations && message.remediations.length) { + object.remediations = []; + for (var j = 0; j < message.remediations.length; ++j) + object.remediations[j] = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.toObject(message.remediations[j], options); + } + return object; + }; + + /** + * Converts this Assessment to JSON. + * @function toJSON + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @instance + * @returns {Object.} JSON object + */ + Assessment.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + /** + * Gets the default type url for Assessment + * @function getTypeUrl + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @static + * @param {string} [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns {string} The default type url + */ + Assessment.getTypeUrl = function getTypeUrl(typeUrlPrefix) { + if (typeUrlPrefix === undefined) { + typeUrlPrefix = "type.googleapis.com"; + } + return typeUrlPrefix + "/grafeas.v1.VulnerabilityAssessmentNote.Assessment"; + }; + + /** + * State enum. + * @name grafeas.v1.VulnerabilityAssessmentNote.Assessment.State + * @enum {number} + * @property {number} STATE_UNSPECIFIED=0 STATE_UNSPECIFIED value + * @property {number} AFFECTED=1 AFFECTED value + * @property {number} NOT_AFFECTED=2 NOT_AFFECTED value + * @property {number} FIXED=3 FIXED value + * @property {number} UNDER_INVESTIGATION=4 UNDER_INVESTIGATION value + */ + Assessment.State = (function() { + var valuesById = {}, values = Object.create(valuesById); + values[valuesById[0] = "STATE_UNSPECIFIED"] = 0; + values[valuesById[1] = "AFFECTED"] = 1; + values[valuesById[2] = "NOT_AFFECTED"] = 2; + values[valuesById[3] = "FIXED"] = 3; + values[valuesById[4] = "UNDER_INVESTIGATION"] = 4; + return values; + })(); + + Assessment.Justification = (function() { + + /** + * Properties of a Justification. + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @interface IJustification + * @property {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType|null} [justificationType] Justification justificationType + * @property {string|null} [details] Justification details + */ + + /** + * Constructs a new Justification. + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @classdesc Represents a Justification. + * @implements IJustification + * @constructor + * @param {grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification=} [properties] Properties to set + */ + function Justification(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Justification justificationType. + * @member {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType} justificationType + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + * @instance + */ + Justification.prototype.justificationType = 0; + + /** + * Justification details. + * @member {string} details + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + * @instance + */ + Justification.prototype.details = ""; + + /** + * Creates a new Justification instance using the specified properties. + * @function create + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification=} [properties] Properties to set + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification} Justification instance + */ + Justification.create = function create(properties) { + return new Justification(properties); + }; + + /** + * Encodes the specified Justification message. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.verify|verify} messages. + * @function encode + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification} message Justification message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Justification.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.justificationType != null && Object.hasOwnProperty.call(message, "justificationType")) + writer.uint32(/* id 1, wireType 0 =*/8).int32(message.justificationType); + if (message.details != null && Object.hasOwnProperty.call(message, "details")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.details); + return writer; + }; + + /** + * Encodes the specified Justification message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.verify|verify} messages. + * @function encodeDelimited + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification} message Justification message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Justification.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a Justification message from the specified reader or buffer. + * @function decode + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification} Justification + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Justification.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: { + message.justificationType = reader.int32(); + break; + } + case 2: { + message.details = reader.string(); + break; + } + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a Justification message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification} Justification + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Justification.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a Justification message. + * @function verify + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Justification.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.justificationType != null && message.hasOwnProperty("justificationType")) + switch (message.justificationType) { + default: + return "justificationType: enum value expected"; + case 0: + case 1: + case 2: + case 3: + case 4: + case 5: + break; + } + if (message.details != null && message.hasOwnProperty("details")) + if (!$util.isString(message.details)) + return "details: string expected"; + return null; + }; + + /** + * Creates a Justification message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + * @static + * @param {Object.} object Plain object + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification} Justification + */ + Justification.fromObject = function fromObject(object) { + if (object instanceof $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification) + return object; + var message = new $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification(); + switch (object.justificationType) { + default: + if (typeof object.justificationType === "number") { + message.justificationType = object.justificationType; + break; + } + break; + case "JUSTIFICATION_TYPE_UNSPECIFIED": + case 0: + message.justificationType = 0; + break; + case "COMPONENT_NOT_PRESENT": + case 1: + message.justificationType = 1; + break; + case "VULNERABLE_CODE_NOT_PRESENT": + case 2: + message.justificationType = 2; + break; + case "VULNERABLE_CODE_NOT_IN_EXECUTE_PATH": + case 3: + message.justificationType = 3; + break; + case "VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY": + case 4: + message.justificationType = 4; + break; + case "INLINE_MITIGATIONS_ALREADY_EXIST": + case 5: + message.justificationType = 5; + break; + } + if (object.details != null) + message.details = String(object.details); + return message; + }; + + /** + * Creates a plain object from a Justification message. Also converts values to other types if specified. + * @function toObject + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification} message Justification + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Justification.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.justificationType = options.enums === String ? "JUSTIFICATION_TYPE_UNSPECIFIED" : 0; + object.details = ""; + } + if (message.justificationType != null && message.hasOwnProperty("justificationType")) + object.justificationType = options.enums === String ? $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType[message.justificationType] === undefined ? message.justificationType : $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType[message.justificationType] : message.justificationType; + if (message.details != null && message.hasOwnProperty("details")) + object.details = message.details; + return object; + }; + + /** + * Converts this Justification to JSON. + * @function toJSON + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + * @instance + * @returns {Object.} JSON object + */ + Justification.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + /** + * Gets the default type url for Justification + * @function getTypeUrl + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification + * @static + * @param {string} [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns {string} The default type url + */ + Justification.getTypeUrl = function getTypeUrl(typeUrlPrefix) { + if (typeUrlPrefix === undefined) { + typeUrlPrefix = "type.googleapis.com"; + } + return typeUrlPrefix + "/grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification"; + }; + + /** + * JustificationType enum. + * @name grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType + * @enum {number} + * @property {number} JUSTIFICATION_TYPE_UNSPECIFIED=0 JUSTIFICATION_TYPE_UNSPECIFIED value + * @property {number} COMPONENT_NOT_PRESENT=1 COMPONENT_NOT_PRESENT value + * @property {number} VULNERABLE_CODE_NOT_PRESENT=2 VULNERABLE_CODE_NOT_PRESENT value + * @property {number} VULNERABLE_CODE_NOT_IN_EXECUTE_PATH=3 VULNERABLE_CODE_NOT_IN_EXECUTE_PATH value + * @property {number} VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY=4 VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY value + * @property {number} INLINE_MITIGATIONS_ALREADY_EXIST=5 INLINE_MITIGATIONS_ALREADY_EXIST value + */ + Justification.JustificationType = (function() { + var valuesById = {}, values = Object.create(valuesById); + values[valuesById[0] = "JUSTIFICATION_TYPE_UNSPECIFIED"] = 0; + values[valuesById[1] = "COMPONENT_NOT_PRESENT"] = 1; + values[valuesById[2] = "VULNERABLE_CODE_NOT_PRESENT"] = 2; + values[valuesById[3] = "VULNERABLE_CODE_NOT_IN_EXECUTE_PATH"] = 3; + values[valuesById[4] = "VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY"] = 4; + values[valuesById[5] = "INLINE_MITIGATIONS_ALREADY_EXIST"] = 5; + return values; + })(); + + return Justification; + })(); + + Assessment.Remediation = (function() { + + /** + * Properties of a Remediation. + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @interface IRemediation + * @property {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType|null} [remediationType] Remediation remediationType + * @property {string|null} [details] Remediation details + * @property {grafeas.v1.IRelatedUrl|null} [remediationUri] Remediation remediationUri + */ + + /** + * Constructs a new Remediation. + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment + * @classdesc Represents a Remediation. + * @implements IRemediation + * @constructor + * @param {grafeas.v1.VulnerabilityAssessmentNote.Assessment.IRemediation=} [properties] Properties to set + */ + function Remediation(properties) { + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * Remediation remediationType. + * @member {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType} remediationType + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @instance + */ + Remediation.prototype.remediationType = 0; + + /** + * Remediation details. + * @member {string} details + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @instance + */ + Remediation.prototype.details = ""; + + /** + * Remediation remediationUri. + * @member {grafeas.v1.IRelatedUrl|null|undefined} remediationUri + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @instance + */ + Remediation.prototype.remediationUri = null; + + /** + * Creates a new Remediation instance using the specified properties. + * @function create + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.Assessment.IRemediation=} [properties] Properties to set + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation} Remediation instance + */ + Remediation.create = function create(properties) { + return new Remediation(properties); + }; + + /** + * Encodes the specified Remediation message. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.verify|verify} messages. + * @function encode + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.Assessment.IRemediation} message Remediation message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Remediation.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.remediationType != null && Object.hasOwnProperty.call(message, "remediationType")) + writer.uint32(/* id 1, wireType 0 =*/8).int32(message.remediationType); + if (message.details != null && Object.hasOwnProperty.call(message, "details")) + writer.uint32(/* id 2, wireType 2 =*/18).string(message.details); + if (message.remediationUri != null && Object.hasOwnProperty.call(message, "remediationUri")) + $root.grafeas.v1.RelatedUrl.encode(message.remediationUri, writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified Remediation message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.verify|verify} messages. + * @function encodeDelimited + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.Assessment.IRemediation} message Remediation message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + Remediation.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a Remediation message from the specified reader or buffer. + * @function decode + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation} Remediation + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Remediation.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: { + message.remediationType = reader.int32(); + break; + } + case 2: { + message.details = reader.string(); + break; + } + case 3: { + message.remediationUri = $root.grafeas.v1.RelatedUrl.decode(reader, reader.uint32()); + break; + } + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a Remediation message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation} Remediation + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + Remediation.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a Remediation message. + * @function verify + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + Remediation.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.remediationType != null && message.hasOwnProperty("remediationType")) + switch (message.remediationType) { + default: + return "remediationType: enum value expected"; + case 0: + case 1: + case 2: + case 3: + case 4: + case 5: + break; + } + if (message.details != null && message.hasOwnProperty("details")) + if (!$util.isString(message.details)) + return "details: string expected"; + if (message.remediationUri != null && message.hasOwnProperty("remediationUri")) { + var error = $root.grafeas.v1.RelatedUrl.verify(message.remediationUri); + if (error) + return "remediationUri." + error; + } + return null; + }; + + /** + * Creates a Remediation message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @static + * @param {Object.} object Plain object + * @returns {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation} Remediation + */ + Remediation.fromObject = function fromObject(object) { + if (object instanceof $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation) + return object; + var message = new $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation(); + switch (object.remediationType) { + default: + if (typeof object.remediationType === "number") { + message.remediationType = object.remediationType; + break; + } + break; + case "REMEDIATION_TYPE_UNSPECIFIED": + case 0: + message.remediationType = 0; + break; + case "MITIGATION": + case 1: + message.remediationType = 1; + break; + case "NO_FIX_PLANNED": + case 2: + message.remediationType = 2; + break; + case "NONE_AVAILABLE": + case 3: + message.remediationType = 3; + break; + case "VENDOR_FIX": + case 4: + message.remediationType = 4; + break; + case "WORKAROUND": + case 5: + message.remediationType = 5; + break; + } + if (object.details != null) + message.details = String(object.details); + if (object.remediationUri != null) { + if (typeof object.remediationUri !== "object") + throw TypeError(".grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.remediationUri: object expected"); + message.remediationUri = $root.grafeas.v1.RelatedUrl.fromObject(object.remediationUri); + } + return message; + }; + + /** + * Creates a plain object from a Remediation message. Also converts values to other types if specified. + * @function toObject + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @static + * @param {grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation} message Remediation + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + Remediation.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.defaults) { + object.remediationType = options.enums === String ? "REMEDIATION_TYPE_UNSPECIFIED" : 0; + object.details = ""; + object.remediationUri = null; + } + if (message.remediationType != null && message.hasOwnProperty("remediationType")) + object.remediationType = options.enums === String ? $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType[message.remediationType] === undefined ? message.remediationType : $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType[message.remediationType] : message.remediationType; + if (message.details != null && message.hasOwnProperty("details")) + object.details = message.details; + if (message.remediationUri != null && message.hasOwnProperty("remediationUri")) + object.remediationUri = $root.grafeas.v1.RelatedUrl.toObject(message.remediationUri, options); + return object; + }; + + /** + * Converts this Remediation to JSON. + * @function toJSON + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @instance + * @returns {Object.} JSON object + */ + Remediation.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + /** + * Gets the default type url for Remediation + * @function getTypeUrl + * @memberof grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation + * @static + * @param {string} [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns {string} The default type url + */ + Remediation.getTypeUrl = function getTypeUrl(typeUrlPrefix) { + if (typeUrlPrefix === undefined) { + typeUrlPrefix = "type.googleapis.com"; + } + return typeUrlPrefix + "/grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation"; + }; + + /** + * RemediationType enum. + * @name grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType + * @enum {number} + * @property {number} REMEDIATION_TYPE_UNSPECIFIED=0 REMEDIATION_TYPE_UNSPECIFIED value + * @property {number} MITIGATION=1 MITIGATION value + * @property {number} NO_FIX_PLANNED=2 NO_FIX_PLANNED value + * @property {number} NONE_AVAILABLE=3 NONE_AVAILABLE value + * @property {number} VENDOR_FIX=4 VENDOR_FIX value + * @property {number} WORKAROUND=5 WORKAROUND value + */ + Remediation.RemediationType = (function() { + var valuesById = {}, values = Object.create(valuesById); + values[valuesById[0] = "REMEDIATION_TYPE_UNSPECIFIED"] = 0; + values[valuesById[1] = "MITIGATION"] = 1; + values[valuesById[2] = "NO_FIX_PLANNED"] = 2; + values[valuesById[3] = "NONE_AVAILABLE"] = 3; + values[valuesById[4] = "VENDOR_FIX"] = 4; + values[valuesById[5] = "WORKAROUND"] = 5; + return values; + })(); + + return Remediation; + })(); + + return Assessment; + })(); + + return VulnerabilityAssessmentNote; + })(); + + v1.VulnerabilityNote = (function() { + + /** + * Properties of a VulnerabilityNote. + * @memberof grafeas.v1 + * @interface IVulnerabilityNote + * @property {number|null} [cvssScore] VulnerabilityNote cvssScore + * @property {grafeas.v1.Severity|null} [severity] VulnerabilityNote severity + * @property {Array.|null} [details] VulnerabilityNote details + * @property {grafeas.v1.ICVSSv3|null} [cvssV3] VulnerabilityNote cvssV3 + * @property {Array.|null} [windowsDetails] VulnerabilityNote windowsDetails + * @property {google.protobuf.ITimestamp|null} [sourceUpdateTime] VulnerabilityNote sourceUpdateTime + * @property {grafeas.v1.CVSSVersion|null} [cvssVersion] VulnerabilityNote cvssVersion + * @property {grafeas.v1.ICVSS|null} [cvssV2] VulnerabilityNote cvssV2 + */ + + /** + * Constructs a new VulnerabilityNote. + * @memberof grafeas.v1 + * @classdesc Represents a VulnerabilityNote. + * @implements IVulnerabilityNote + * @constructor + * @param {grafeas.v1.IVulnerabilityNote=} [properties] Properties to set + */ + function VulnerabilityNote(properties) { + this.details = []; + this.windowsDetails = []; + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * VulnerabilityNote cvssScore. + * @member {number} cvssScore + * @memberof grafeas.v1.VulnerabilityNote + * @instance + */ + VulnerabilityNote.prototype.cvssScore = 0; + + /** + * VulnerabilityNote severity. + * @member {grafeas.v1.Severity} severity + * @memberof grafeas.v1.VulnerabilityNote + * @instance + */ + VulnerabilityNote.prototype.severity = 0; + + /** + * VulnerabilityNote details. + * @member {Array.} details + * @memberof grafeas.v1.VulnerabilityNote + * @instance + */ + VulnerabilityNote.prototype.details = $util.emptyArray; + + /** + * VulnerabilityNote cvssV3. + * @member {grafeas.v1.ICVSSv3|null|undefined} cvssV3 + * @memberof grafeas.v1.VulnerabilityNote + * @instance + */ + VulnerabilityNote.prototype.cvssV3 = null; + + /** + * VulnerabilityNote windowsDetails. + * @member {Array.} windowsDetails + * @memberof grafeas.v1.VulnerabilityNote + * @instance + */ + VulnerabilityNote.prototype.windowsDetails = $util.emptyArray; + + /** + * VulnerabilityNote sourceUpdateTime. + * @member {google.protobuf.ITimestamp|null|undefined} sourceUpdateTime + * @memberof grafeas.v1.VulnerabilityNote + * @instance + */ + VulnerabilityNote.prototype.sourceUpdateTime = null; + + /** + * VulnerabilityNote cvssVersion. + * @member {grafeas.v1.CVSSVersion} cvssVersion + * @memberof grafeas.v1.VulnerabilityNote + * @instance + */ + VulnerabilityNote.prototype.cvssVersion = 0; + + /** + * VulnerabilityNote cvssV2. + * @member {grafeas.v1.ICVSS|null|undefined} cvssV2 + * @memberof grafeas.v1.VulnerabilityNote + * @instance + */ + VulnerabilityNote.prototype.cvssV2 = null; + + /** + * Creates a new VulnerabilityNote instance using the specified properties. + * @function create + * @memberof grafeas.v1.VulnerabilityNote + * @static + * @param {grafeas.v1.IVulnerabilityNote=} [properties] Properties to set + * @returns {grafeas.v1.VulnerabilityNote} VulnerabilityNote instance + */ + VulnerabilityNote.create = function create(properties) { + return new VulnerabilityNote(properties); + }; + + /** + * Encodes the specified VulnerabilityNote message. Does not implicitly {@link grafeas.v1.VulnerabilityNote.verify|verify} messages. + * @function encode + * @memberof grafeas.v1.VulnerabilityNote + * @static + * @param {grafeas.v1.IVulnerabilityNote} message VulnerabilityNote message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + VulnerabilityNote.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.cvssScore != null && Object.hasOwnProperty.call(message, "cvssScore")) + writer.uint32(/* id 1, wireType 5 =*/13).float(message.cvssScore); + if (message.severity != null && Object.hasOwnProperty.call(message, "severity")) + writer.uint32(/* id 2, wireType 0 =*/16).int32(message.severity); + if (message.details != null && message.details.length) + for (var i = 0; i < message.details.length; ++i) + $root.grafeas.v1.VulnerabilityNote.Detail.encode(message.details[i], writer.uint32(/* id 3, wireType 2 =*/26).fork()).ldelim(); + if (message.cvssV3 != null && Object.hasOwnProperty.call(message, "cvssV3")) + $root.grafeas.v1.CVSSv3.encode(message.cvssV3, writer.uint32(/* id 4, wireType 2 =*/34).fork()).ldelim(); + if (message.windowsDetails != null && message.windowsDetails.length) + for (var i = 0; i < message.windowsDetails.length; ++i) + $root.grafeas.v1.VulnerabilityNote.WindowsDetail.encode(message.windowsDetails[i], writer.uint32(/* id 5, wireType 2 =*/42).fork()).ldelim(); + if (message.sourceUpdateTime != null && Object.hasOwnProperty.call(message, "sourceUpdateTime")) + $root.google.protobuf.Timestamp.encode(message.sourceUpdateTime, writer.uint32(/* id 6, wireType 2 =*/50).fork()).ldelim(); + if (message.cvssVersion != null && Object.hasOwnProperty.call(message, "cvssVersion")) + writer.uint32(/* id 7, wireType 0 =*/56).int32(message.cvssVersion); + if (message.cvssV2 != null && Object.hasOwnProperty.call(message, "cvssV2")) + $root.grafeas.v1.CVSS.encode(message.cvssV2, writer.uint32(/* id 8, wireType 2 =*/66).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified VulnerabilityNote message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityNote.verify|verify} messages. + * @function encodeDelimited + * @memberof grafeas.v1.VulnerabilityNote + * @static + * @param {grafeas.v1.IVulnerabilityNote} message VulnerabilityNote message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + VulnerabilityNote.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a VulnerabilityNote message from the specified reader or buffer. + * @function decode + * @memberof grafeas.v1.VulnerabilityNote + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {grafeas.v1.VulnerabilityNote} VulnerabilityNote + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + VulnerabilityNote.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.grafeas.v1.VulnerabilityNote(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: { + message.cvssScore = reader.float(); + break; + } + case 2: { + message.severity = reader.int32(); + break; + } + case 3: { + if (!(message.details && message.details.length)) + message.details = []; + message.details.push($root.grafeas.v1.VulnerabilityNote.Detail.decode(reader, reader.uint32())); + break; + } + case 4: { + message.cvssV3 = $root.grafeas.v1.CVSSv3.decode(reader, reader.uint32()); + break; + } + case 5: { + if (!(message.windowsDetails && message.windowsDetails.length)) + message.windowsDetails = []; + message.windowsDetails.push($root.grafeas.v1.VulnerabilityNote.WindowsDetail.decode(reader, reader.uint32())); + break; + } + case 6: { + message.sourceUpdateTime = $root.google.protobuf.Timestamp.decode(reader, reader.uint32()); + break; + } + case 7: { + message.cvssVersion = reader.int32(); + break; + } + case 8: { + message.cvssV2 = $root.grafeas.v1.CVSS.decode(reader, reader.uint32()); + break; + } + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a VulnerabilityNote message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof grafeas.v1.VulnerabilityNote + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {grafeas.v1.VulnerabilityNote} VulnerabilityNote + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + VulnerabilityNote.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a VulnerabilityNote message. + * @function verify + * @memberof grafeas.v1.VulnerabilityNote + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + VulnerabilityNote.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.cvssScore != null && message.hasOwnProperty("cvssScore")) + if (typeof message.cvssScore !== "number") + return "cvssScore: number expected"; + if (message.severity != null && message.hasOwnProperty("severity")) + switch (message.severity) { + default: + return "severity: enum value expected"; + case 0: + case 1: + case 2: + case 3: + case 4: + case 5: + break; + } + if (message.details != null && message.hasOwnProperty("details")) { + if (!Array.isArray(message.details)) + return "details: array expected"; + for (var i = 0; i < message.details.length; ++i) { + var error = $root.grafeas.v1.VulnerabilityNote.Detail.verify(message.details[i]); + if (error) + return "details." + error; + } + } + if (message.cvssV3 != null && message.hasOwnProperty("cvssV3")) { + var error = $root.grafeas.v1.CVSSv3.verify(message.cvssV3); + if (error) + return "cvssV3." + error; + } + if (message.windowsDetails != null && message.hasOwnProperty("windowsDetails")) { + if (!Array.isArray(message.windowsDetails)) + return "windowsDetails: array expected"; + for (var i = 0; i < message.windowsDetails.length; ++i) { + var error = $root.grafeas.v1.VulnerabilityNote.WindowsDetail.verify(message.windowsDetails[i]); + if (error) + return "windowsDetails." + error; + } + } + if (message.sourceUpdateTime != null && message.hasOwnProperty("sourceUpdateTime")) { + var error = $root.google.protobuf.Timestamp.verify(message.sourceUpdateTime); + if (error) + return "sourceUpdateTime." + error; + } + if (message.cvssVersion != null && message.hasOwnProperty("cvssVersion")) + switch (message.cvssVersion) { + default: + return "cvssVersion: enum value expected"; + case 0: + case 1: + case 2: + break; + } + if (message.cvssV2 != null && message.hasOwnProperty("cvssV2")) { + var error = $root.grafeas.v1.CVSS.verify(message.cvssV2); + if (error) + return "cvssV2." + error; + } + return null; + }; + + /** + * Creates a VulnerabilityNote message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof grafeas.v1.VulnerabilityNote + * @static + * @param {Object.} object Plain object + * @returns {grafeas.v1.VulnerabilityNote} VulnerabilityNote + */ + VulnerabilityNote.fromObject = function fromObject(object) { + if (object instanceof $root.grafeas.v1.VulnerabilityNote) + return object; + var message = new $root.grafeas.v1.VulnerabilityNote(); + if (object.cvssScore != null) + message.cvssScore = Number(object.cvssScore); + switch (object.severity) { + default: + if (typeof object.severity === "number") { + message.severity = object.severity; + break; + } + break; + case "SEVERITY_UNSPECIFIED": + case 0: + message.severity = 0; + break; + case "MINIMAL": + case 1: + message.severity = 1; + break; + case "LOW": + case 2: + message.severity = 2; + break; + case "MEDIUM": + case 3: + message.severity = 3; + break; + case "HIGH": + case 4: + message.severity = 4; + break; + case "CRITICAL": + case 5: + message.severity = 5; + break; + } + if (object.details) { + if (!Array.isArray(object.details)) + throw TypeError(".grafeas.v1.VulnerabilityNote.details: array expected"); message.details = []; for (var i = 0; i < object.details.length; ++i) { if (typeof object.details[i] !== "object") @@ -31015,6 +33031,7 @@ * @property {boolean|null} [fixAvailable] VulnerabilityOccurrence fixAvailable * @property {grafeas.v1.CVSSVersion|null} [cvssVersion] VulnerabilityOccurrence cvssVersion * @property {grafeas.v1.ICVSS|null} [cvssV2] VulnerabilityOccurrence cvssV2 + * @property {grafeas.v1.VulnerabilityOccurrence.IVexAssessment|null} [vexAssessment] VulnerabilityOccurrence vexAssessment */ /** @@ -31130,6 +33147,14 @@ */ VulnerabilityOccurrence.prototype.cvssV2 = null; + /** + * VulnerabilityOccurrence vexAssessment. + * @member {grafeas.v1.VulnerabilityOccurrence.IVexAssessment|null|undefined} vexAssessment + * @memberof grafeas.v1.VulnerabilityOccurrence + * @instance + */ + VulnerabilityOccurrence.prototype.vexAssessment = null; + /** * Creates a new VulnerabilityOccurrence instance using the specified properties. * @function create @@ -31180,6 +33205,8 @@ writer.uint32(/* id 11, wireType 0 =*/88).int32(message.cvssVersion); if (message.cvssV2 != null && Object.hasOwnProperty.call(message, "cvssV2")) $root.grafeas.v1.CVSS.encode(message.cvssV2, writer.uint32(/* id 12, wireType 2 =*/98).fork()).ldelim(); + if (message.vexAssessment != null && Object.hasOwnProperty.call(message, "vexAssessment")) + $root.grafeas.v1.VulnerabilityOccurrence.VexAssessment.encode(message.vexAssessment, writer.uint32(/* id 13, wireType 2 =*/106).fork()).ldelim(); return writer; }; @@ -31266,6 +33293,10 @@ message.cvssV2 = $root.grafeas.v1.CVSS.decode(reader, reader.uint32()); break; } + case 13: { + message.vexAssessment = $root.grafeas.v1.VulnerabilityOccurrence.VexAssessment.decode(reader, reader.uint32()); + break; + } default: reader.skipType(tag & 7); break; @@ -31377,6 +33408,11 @@ if (error) return "cvssV2." + error; } + if (message.vexAssessment != null && message.hasOwnProperty("vexAssessment")) { + var error = $root.grafeas.v1.VulnerabilityOccurrence.VexAssessment.verify(message.vexAssessment); + if (error) + return "vexAssessment." + error; + } return null; }; @@ -31516,6 +33552,11 @@ throw TypeError(".grafeas.v1.VulnerabilityOccurrence.cvssV2: object expected"); message.cvssV2 = $root.grafeas.v1.CVSS.fromObject(object.cvssV2); } + if (object.vexAssessment != null) { + if (typeof object.vexAssessment !== "object") + throw TypeError(".grafeas.v1.VulnerabilityOccurrence.vexAssessment: object expected"); + message.vexAssessment = $root.grafeas.v1.VulnerabilityOccurrence.VexAssessment.fromObject(object.vexAssessment); + } return message; }; @@ -31547,6 +33588,7 @@ object.cvssv3 = null; object.cvssVersion = options.enums === String ? "CVSS_VERSION_UNSPECIFIED" : 0; object.cvssV2 = null; + object.vexAssessment = null; } if (message.type != null && message.hasOwnProperty("type")) object.type = message.type; @@ -31578,6 +33620,8 @@ object.cvssVersion = options.enums === String ? $root.grafeas.v1.CVSSVersion[message.cvssVersion] === undefined ? message.cvssVersion : $root.grafeas.v1.CVSSVersion[message.cvssVersion] : message.cvssVersion; if (message.cvssV2 != null && message.hasOwnProperty("cvssV2")) object.cvssV2 = $root.grafeas.v1.CVSS.toObject(message.cvssV2, options); + if (message.vexAssessment != null && message.hasOwnProperty("vexAssessment")) + object.vexAssessment = $root.grafeas.v1.VulnerabilityOccurrence.VexAssessment.toObject(message.vexAssessment, options); return object; }; @@ -32089,6 +34133,447 @@ return PackageIssue; })(); + VulnerabilityOccurrence.VexAssessment = (function() { + + /** + * Properties of a VexAssessment. + * @memberof grafeas.v1.VulnerabilityOccurrence + * @interface IVexAssessment + * @property {string|null} [cve] VexAssessment cve + * @property {Array.|null} [relatedUris] VexAssessment relatedUris + * @property {string|null} [noteName] VexAssessment noteName + * @property {grafeas.v1.VulnerabilityAssessmentNote.Assessment.State|null} [state] VexAssessment state + * @property {Array.|null} [impacts] VexAssessment impacts + * @property {Array.|null} [remediations] VexAssessment remediations + * @property {grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification|null} [justification] VexAssessment justification + */ + + /** + * Constructs a new VexAssessment. + * @memberof grafeas.v1.VulnerabilityOccurrence + * @classdesc Represents a VexAssessment. + * @implements IVexAssessment + * @constructor + * @param {grafeas.v1.VulnerabilityOccurrence.IVexAssessment=} [properties] Properties to set + */ + function VexAssessment(properties) { + this.relatedUris = []; + this.impacts = []; + this.remediations = []; + if (properties) + for (var keys = Object.keys(properties), i = 0; i < keys.length; ++i) + if (properties[keys[i]] != null) + this[keys[i]] = properties[keys[i]]; + } + + /** + * VexAssessment cve. + * @member {string} cve + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @instance + */ + VexAssessment.prototype.cve = ""; + + /** + * VexAssessment relatedUris. + * @member {Array.} relatedUris + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @instance + */ + VexAssessment.prototype.relatedUris = $util.emptyArray; + + /** + * VexAssessment noteName. + * @member {string} noteName + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @instance + */ + VexAssessment.prototype.noteName = ""; + + /** + * VexAssessment state. + * @member {grafeas.v1.VulnerabilityAssessmentNote.Assessment.State} state + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @instance + */ + VexAssessment.prototype.state = 0; + + /** + * VexAssessment impacts. + * @member {Array.} impacts + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @instance + */ + VexAssessment.prototype.impacts = $util.emptyArray; + + /** + * VexAssessment remediations. + * @member {Array.} remediations + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @instance + */ + VexAssessment.prototype.remediations = $util.emptyArray; + + /** + * VexAssessment justification. + * @member {grafeas.v1.VulnerabilityAssessmentNote.Assessment.IJustification|null|undefined} justification + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @instance + */ + VexAssessment.prototype.justification = null; + + /** + * Creates a new VexAssessment instance using the specified properties. + * @function create + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @static + * @param {grafeas.v1.VulnerabilityOccurrence.IVexAssessment=} [properties] Properties to set + * @returns {grafeas.v1.VulnerabilityOccurrence.VexAssessment} VexAssessment instance + */ + VexAssessment.create = function create(properties) { + return new VexAssessment(properties); + }; + + /** + * Encodes the specified VexAssessment message. Does not implicitly {@link grafeas.v1.VulnerabilityOccurrence.VexAssessment.verify|verify} messages. + * @function encode + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @static + * @param {grafeas.v1.VulnerabilityOccurrence.IVexAssessment} message VexAssessment message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + VexAssessment.encode = function encode(message, writer) { + if (!writer) + writer = $Writer.create(); + if (message.cve != null && Object.hasOwnProperty.call(message, "cve")) + writer.uint32(/* id 1, wireType 2 =*/10).string(message.cve); + if (message.relatedUris != null && message.relatedUris.length) + for (var i = 0; i < message.relatedUris.length; ++i) + $root.grafeas.v1.RelatedUrl.encode(message.relatedUris[i], writer.uint32(/* id 2, wireType 2 =*/18).fork()).ldelim(); + if (message.noteName != null && Object.hasOwnProperty.call(message, "noteName")) + writer.uint32(/* id 3, wireType 2 =*/26).string(message.noteName); + if (message.state != null && Object.hasOwnProperty.call(message, "state")) + writer.uint32(/* id 4, wireType 0 =*/32).int32(message.state); + if (message.impacts != null && message.impacts.length) + for (var i = 0; i < message.impacts.length; ++i) + writer.uint32(/* id 5, wireType 2 =*/42).string(message.impacts[i]); + if (message.remediations != null && message.remediations.length) + for (var i = 0; i < message.remediations.length; ++i) + $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.encode(message.remediations[i], writer.uint32(/* id 6, wireType 2 =*/50).fork()).ldelim(); + if (message.justification != null && Object.hasOwnProperty.call(message, "justification")) + $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.encode(message.justification, writer.uint32(/* id 7, wireType 2 =*/58).fork()).ldelim(); + return writer; + }; + + /** + * Encodes the specified VexAssessment message, length delimited. Does not implicitly {@link grafeas.v1.VulnerabilityOccurrence.VexAssessment.verify|verify} messages. + * @function encodeDelimited + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @static + * @param {grafeas.v1.VulnerabilityOccurrence.IVexAssessment} message VexAssessment message or plain object to encode + * @param {$protobuf.Writer} [writer] Writer to encode to + * @returns {$protobuf.Writer} Writer + */ + VexAssessment.encodeDelimited = function encodeDelimited(message, writer) { + return this.encode(message, writer).ldelim(); + }; + + /** + * Decodes a VexAssessment message from the specified reader or buffer. + * @function decode + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @param {number} [length] Message length if known beforehand + * @returns {grafeas.v1.VulnerabilityOccurrence.VexAssessment} VexAssessment + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + VexAssessment.decode = function decode(reader, length) { + if (!(reader instanceof $Reader)) + reader = $Reader.create(reader); + var end = length === undefined ? reader.len : reader.pos + length, message = new $root.grafeas.v1.VulnerabilityOccurrence.VexAssessment(); + while (reader.pos < end) { + var tag = reader.uint32(); + switch (tag >>> 3) { + case 1: { + message.cve = reader.string(); + break; + } + case 2: { + if (!(message.relatedUris && message.relatedUris.length)) + message.relatedUris = []; + message.relatedUris.push($root.grafeas.v1.RelatedUrl.decode(reader, reader.uint32())); + break; + } + case 3: { + message.noteName = reader.string(); + break; + } + case 4: { + message.state = reader.int32(); + break; + } + case 5: { + if (!(message.impacts && message.impacts.length)) + message.impacts = []; + message.impacts.push(reader.string()); + break; + } + case 6: { + if (!(message.remediations && message.remediations.length)) + message.remediations = []; + message.remediations.push($root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.decode(reader, reader.uint32())); + break; + } + case 7: { + message.justification = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.decode(reader, reader.uint32()); + break; + } + default: + reader.skipType(tag & 7); + break; + } + } + return message; + }; + + /** + * Decodes a VexAssessment message from the specified reader or buffer, length delimited. + * @function decodeDelimited + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @static + * @param {$protobuf.Reader|Uint8Array} reader Reader or buffer to decode from + * @returns {grafeas.v1.VulnerabilityOccurrence.VexAssessment} VexAssessment + * @throws {Error} If the payload is not a reader or valid buffer + * @throws {$protobuf.util.ProtocolError} If required fields are missing + */ + VexAssessment.decodeDelimited = function decodeDelimited(reader) { + if (!(reader instanceof $Reader)) + reader = new $Reader(reader); + return this.decode(reader, reader.uint32()); + }; + + /** + * Verifies a VexAssessment message. + * @function verify + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @static + * @param {Object.} message Plain object to verify + * @returns {string|null} `null` if valid, otherwise the reason why it is not + */ + VexAssessment.verify = function verify(message) { + if (typeof message !== "object" || message === null) + return "object expected"; + if (message.cve != null && message.hasOwnProperty("cve")) + if (!$util.isString(message.cve)) + return "cve: string expected"; + if (message.relatedUris != null && message.hasOwnProperty("relatedUris")) { + if (!Array.isArray(message.relatedUris)) + return "relatedUris: array expected"; + for (var i = 0; i < message.relatedUris.length; ++i) { + var error = $root.grafeas.v1.RelatedUrl.verify(message.relatedUris[i]); + if (error) + return "relatedUris." + error; + } + } + if (message.noteName != null && message.hasOwnProperty("noteName")) + if (!$util.isString(message.noteName)) + return "noteName: string expected"; + if (message.state != null && message.hasOwnProperty("state")) + switch (message.state) { + default: + return "state: enum value expected"; + case 0: + case 1: + case 2: + case 3: + case 4: + break; + } + if (message.impacts != null && message.hasOwnProperty("impacts")) { + if (!Array.isArray(message.impacts)) + return "impacts: array expected"; + for (var i = 0; i < message.impacts.length; ++i) + if (!$util.isString(message.impacts[i])) + return "impacts: string[] expected"; + } + if (message.remediations != null && message.hasOwnProperty("remediations")) { + if (!Array.isArray(message.remediations)) + return "remediations: array expected"; + for (var i = 0; i < message.remediations.length; ++i) { + var error = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.verify(message.remediations[i]); + if (error) + return "remediations." + error; + } + } + if (message.justification != null && message.hasOwnProperty("justification")) { + var error = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.verify(message.justification); + if (error) + return "justification." + error; + } + return null; + }; + + /** + * Creates a VexAssessment message from a plain object. Also converts values to their respective internal types. + * @function fromObject + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @static + * @param {Object.} object Plain object + * @returns {grafeas.v1.VulnerabilityOccurrence.VexAssessment} VexAssessment + */ + VexAssessment.fromObject = function fromObject(object) { + if (object instanceof $root.grafeas.v1.VulnerabilityOccurrence.VexAssessment) + return object; + var message = new $root.grafeas.v1.VulnerabilityOccurrence.VexAssessment(); + if (object.cve != null) + message.cve = String(object.cve); + if (object.relatedUris) { + if (!Array.isArray(object.relatedUris)) + throw TypeError(".grafeas.v1.VulnerabilityOccurrence.VexAssessment.relatedUris: array expected"); + message.relatedUris = []; + for (var i = 0; i < object.relatedUris.length; ++i) { + if (typeof object.relatedUris[i] !== "object") + throw TypeError(".grafeas.v1.VulnerabilityOccurrence.VexAssessment.relatedUris: object expected"); + message.relatedUris[i] = $root.grafeas.v1.RelatedUrl.fromObject(object.relatedUris[i]); + } + } + if (object.noteName != null) + message.noteName = String(object.noteName); + switch (object.state) { + default: + if (typeof object.state === "number") { + message.state = object.state; + break; + } + break; + case "STATE_UNSPECIFIED": + case 0: + message.state = 0; + break; + case "AFFECTED": + case 1: + message.state = 1; + break; + case "NOT_AFFECTED": + case 2: + message.state = 2; + break; + case "FIXED": + case 3: + message.state = 3; + break; + case "UNDER_INVESTIGATION": + case 4: + message.state = 4; + break; + } + if (object.impacts) { + if (!Array.isArray(object.impacts)) + throw TypeError(".grafeas.v1.VulnerabilityOccurrence.VexAssessment.impacts: array expected"); + message.impacts = []; + for (var i = 0; i < object.impacts.length; ++i) + message.impacts[i] = String(object.impacts[i]); + } + if (object.remediations) { + if (!Array.isArray(object.remediations)) + throw TypeError(".grafeas.v1.VulnerabilityOccurrence.VexAssessment.remediations: array expected"); + message.remediations = []; + for (var i = 0; i < object.remediations.length; ++i) { + if (typeof object.remediations[i] !== "object") + throw TypeError(".grafeas.v1.VulnerabilityOccurrence.VexAssessment.remediations: object expected"); + message.remediations[i] = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.fromObject(object.remediations[i]); + } + } + if (object.justification != null) { + if (typeof object.justification !== "object") + throw TypeError(".grafeas.v1.VulnerabilityOccurrence.VexAssessment.justification: object expected"); + message.justification = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.fromObject(object.justification); + } + return message; + }; + + /** + * Creates a plain object from a VexAssessment message. Also converts values to other types if specified. + * @function toObject + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @static + * @param {grafeas.v1.VulnerabilityOccurrence.VexAssessment} message VexAssessment + * @param {$protobuf.IConversionOptions} [options] Conversion options + * @returns {Object.} Plain object + */ + VexAssessment.toObject = function toObject(message, options) { + if (!options) + options = {}; + var object = {}; + if (options.arrays || options.defaults) { + object.relatedUris = []; + object.impacts = []; + object.remediations = []; + } + if (options.defaults) { + object.cve = ""; + object.noteName = ""; + object.state = options.enums === String ? "STATE_UNSPECIFIED" : 0; + object.justification = null; + } + if (message.cve != null && message.hasOwnProperty("cve")) + object.cve = message.cve; + if (message.relatedUris && message.relatedUris.length) { + object.relatedUris = []; + for (var j = 0; j < message.relatedUris.length; ++j) + object.relatedUris[j] = $root.grafeas.v1.RelatedUrl.toObject(message.relatedUris[j], options); + } + if (message.noteName != null && message.hasOwnProperty("noteName")) + object.noteName = message.noteName; + if (message.state != null && message.hasOwnProperty("state")) + object.state = options.enums === String ? $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.State[message.state] === undefined ? message.state : $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.State[message.state] : message.state; + if (message.impacts && message.impacts.length) { + object.impacts = []; + for (var j = 0; j < message.impacts.length; ++j) + object.impacts[j] = message.impacts[j]; + } + if (message.remediations && message.remediations.length) { + object.remediations = []; + for (var j = 0; j < message.remediations.length; ++j) + object.remediations[j] = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.toObject(message.remediations[j], options); + } + if (message.justification != null && message.hasOwnProperty("justification")) + object.justification = $root.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.toObject(message.justification, options); + return object; + }; + + /** + * Converts this VexAssessment to JSON. + * @function toJSON + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @instance + * @returns {Object.} JSON object + */ + VexAssessment.prototype.toJSON = function toJSON() { + return this.constructor.toObject(this, $protobuf.util.toJSONOptions); + }; + + /** + * Gets the default type url for VexAssessment + * @function getTypeUrl + * @memberof grafeas.v1.VulnerabilityOccurrence.VexAssessment + * @static + * @param {string} [typeUrlPrefix] your custom typeUrlPrefix(default "type.googleapis.com") + * @returns {string} The default type url + */ + VexAssessment.getTypeUrl = function getTypeUrl(typeUrlPrefix) { + if (typeUrlPrefix === undefined) { + typeUrlPrefix = "type.googleapis.com"; + } + return typeUrlPrefix + "/grafeas.v1.VulnerabilityOccurrence.VexAssessment"; + }; + + return VexAssessment; + })(); + return VulnerabilityOccurrence; })(); diff --git a/packages/google-devtools-containeranalysis/protos/protos.json b/packages/google-devtools-containeranalysis/protos/protos.json index 9b34a35d585..2abe830a090 100644 --- a/packages/google-devtools-containeranalysis/protos/protos.json +++ b/packages/google-devtools-containeranalysis/protos/protos.json @@ -79,7 +79,8 @@ "ATTESTATION": 7, "UPGRADE": 8, "COMPLIANCE": 9, - "DSSE_ATTESTATION": 10 + "DSSE_ATTESTATION": 10, + "VULNERABILITY_ASSESSMENT": 11 } }, "RelatedUrl": { @@ -1738,7 +1739,8 @@ "attestation", "upgrade", "compliance", - "dsseAttestation" + "dsseAttestation", + "vulnerabilityAssessment" ] } }, @@ -1820,6 +1822,10 @@ "dsseAttestation": { "type": "grafeas.v1.DSSEAttestationNote", "id": 19 + }, + "vulnerabilityAssessment": { + "type": "grafeas.v1.VulnerabilityAssessmentNote", + "id": 20 } } }, @@ -2520,6 +2526,181 @@ } } }, + "VulnerabilityAssessmentNote": { + "fields": { + "title": { + "type": "string", + "id": 1 + }, + "shortDescription": { + "type": "string", + "id": 2 + }, + "longDescription": { + "type": "string", + "id": 3 + }, + "languageCode": { + "type": "string", + "id": 4 + }, + "publisher": { + "type": "Publisher", + "id": 5 + }, + "product": { + "type": "Product", + "id": 6 + }, + "assessment": { + "type": "Assessment", + "id": 7 + } + }, + "nested": { + "Publisher": { + "fields": { + "name": { + "type": "string", + "id": 1 + }, + "issuingAuthority": { + "type": "string", + "id": 2 + }, + "publisherNamespace": { + "type": "string", + "id": 3 + } + } + }, + "Product": { + "oneofs": { + "identifier": { + "oneof": [ + "genericUri" + ] + } + }, + "fields": { + "name": { + "type": "string", + "id": 1 + }, + "id": { + "type": "string", + "id": 2 + }, + "genericUri": { + "type": "string", + "id": 3 + } + } + }, + "Assessment": { + "fields": { + "cve": { + "type": "string", + "id": 1 + }, + "shortDescription": { + "type": "string", + "id": 2 + }, + "longDescription": { + "type": "string", + "id": 3 + }, + "relatedUris": { + "rule": "repeated", + "type": "grafeas.v1.RelatedUrl", + "id": 4 + }, + "state": { + "type": "State", + "id": 5 + }, + "impacts": { + "rule": "repeated", + "type": "string", + "id": 6 + }, + "justification": { + "type": "Justification", + "id": 7 + }, + "remediations": { + "rule": "repeated", + "type": "Remediation", + "id": 8 + } + }, + "nested": { + "State": { + "values": { + "STATE_UNSPECIFIED": 0, + "AFFECTED": 1, + "NOT_AFFECTED": 2, + "FIXED": 3, + "UNDER_INVESTIGATION": 4 + } + }, + "Justification": { + "fields": { + "justificationType": { + "type": "JustificationType", + "id": 1 + }, + "details": { + "type": "string", + "id": 2 + } + }, + "nested": { + "JustificationType": { + "values": { + "JUSTIFICATION_TYPE_UNSPECIFIED": 0, + "COMPONENT_NOT_PRESENT": 1, + "VULNERABLE_CODE_NOT_PRESENT": 2, + "VULNERABLE_CODE_NOT_IN_EXECUTE_PATH": 3, + "VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY": 4, + "INLINE_MITIGATIONS_ALREADY_EXIST": 5 + } + } + } + }, + "Remediation": { + "fields": { + "remediationType": { + "type": "RemediationType", + "id": 1 + }, + "details": { + "type": "string", + "id": 2 + }, + "remediationUri": { + "type": "grafeas.v1.RelatedUrl", + "id": 3 + } + }, + "nested": { + "RemediationType": { + "values": { + "REMEDIATION_TYPE_UNSPECIFIED": 0, + "MITIGATION": 1, + "NO_FIX_PLANNED": 2, + "NONE_AVAILABLE": 3, + "VENDOR_FIX": 4, + "WORKAROUND": 5 + } + } + } + } + } + } + } + }, "VulnerabilityNote": { "fields": { "cvssScore": { @@ -2706,6 +2887,10 @@ "cvssV2": { "type": "CVSS", "id": 12 + }, + "vexAssessment": { + "type": "VexAssessment", + "id": 13 } }, "nested": { @@ -2756,6 +2941,41 @@ "id": 10 } } + }, + "VexAssessment": { + "fields": { + "cve": { + "type": "string", + "id": 1 + }, + "relatedUris": { + "rule": "repeated", + "type": "grafeas.v1.RelatedUrl", + "id": 2 + }, + "noteName": { + "type": "string", + "id": 3 + }, + "state": { + "type": "grafeas.v1.VulnerabilityAssessmentNote.Assessment.State", + "id": 4 + }, + "impacts": { + "rule": "repeated", + "type": "string", + "id": 5 + }, + "remediations": { + "rule": "repeated", + "type": "grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation", + "id": 6 + }, + "justification": { + "type": "grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification", + "id": 7 + } + } } } } diff --git a/packages/google-devtools-containeranalysis/src/v1/container_analysis_proto_list.json b/packages/google-devtools-containeranalysis/src/v1/container_analysis_proto_list.json index 47d0fc80b10..7def0c8942f 100644 --- a/packages/google-devtools-containeranalysis/src/v1/container_analysis_proto_list.json +++ b/packages/google-devtools-containeranalysis/src/v1/container_analysis_proto_list.json @@ -18,5 +18,6 @@ "../../protos/grafeas/v1/slsa_provenance.proto", "../../protos/grafeas/v1/slsa_provenance_zero_two.proto", "../../protos/grafeas/v1/upgrade.proto", + "../../protos/grafeas/v1/vex.proto", "../../protos/grafeas/v1/vulnerability.proto" ] diff --git a/packages/google-devtools-containeranalysis/src/v1/grafeas_proto_list.json b/packages/google-devtools-containeranalysis/src/v1/grafeas_proto_list.json index 47d0fc80b10..7def0c8942f 100644 --- a/packages/google-devtools-containeranalysis/src/v1/grafeas_proto_list.json +++ b/packages/google-devtools-containeranalysis/src/v1/grafeas_proto_list.json @@ -18,5 +18,6 @@ "../../protos/grafeas/v1/slsa_provenance.proto", "../../protos/grafeas/v1/slsa_provenance_zero_two.proto", "../../protos/grafeas/v1/upgrade.proto", + "../../protos/grafeas/v1/vex.proto", "../../protos/grafeas/v1/vulnerability.proto" ]