diff --git a/Grafeas/metadata/V1/Common.php b/Grafeas/metadata/V1/Common.php
index 24ca668a489..2cb169eb609 100644
Binary files a/Grafeas/metadata/V1/Common.php and b/Grafeas/metadata/V1/Common.php differ
diff --git a/Grafeas/metadata/V1/Grafeas.php b/Grafeas/metadata/V1/Grafeas.php
index 615aacacea6..b3a2600042b 100644
Binary files a/Grafeas/metadata/V1/Grafeas.php and b/Grafeas/metadata/V1/Grafeas.php differ
diff --git a/Grafeas/metadata/V1/Vex.php b/Grafeas/metadata/V1/Vex.php
new file mode 100644
index 00000000000..4a915579a23
Binary files /dev/null and b/Grafeas/metadata/V1/Vex.php differ
diff --git a/Grafeas/metadata/V1/Vulnerability.php b/Grafeas/metadata/V1/Vulnerability.php
index e33da459edc..8886bd996b0 100644
--- a/Grafeas/metadata/V1/Vulnerability.php
+++ b/Grafeas/metadata/V1/Vulnerability.php
@@ -20,11 +20,12 @@ public static function initOnce() {
\GPBMetadata\Grafeas\V1\Cvss::initOnce();
\GPBMetadata\Grafeas\V1\Package::initOnce();
\GPBMetadata\Grafeas\V1\Severity::initOnce();
+ \GPBMetadata\Grafeas\V1\Vex::initOnce();
$pool->internalAddGeneratedFile(
'
-®�
+ø�
�grafeas/v1/vulnerability.proto�
-grafeas.v1��google/protobuf/timestamp.proto��grafeas/v1/common.proto��grafeas/v1/cvss.proto��grafeas/v1/package.proto��grafeas/v1/severity.proto"ì�
+grafeas.v1��google/protobuf/timestamp.proto��grafeas/v1/common.proto��grafeas/v1/cvss.proto��grafeas/v1/package.proto��grafeas/v1/severity.proto��grafeas/v1/vex.proto"ì�
�VulnerabilityNote��
cvss_score�� �(��&
@@ -59,7 +60,7 @@ public static function initOnce() {
fixing_kbs�� �(�29.grafeas.v1.VulnerabilityNote.WindowsDetail.KnowledgeBase�*
KnowledgeBase��
�name�� �( ��
-�url�� �( "¯�
+�url�� �( "ã
�VulnerabilityOccurrence��
�type�� �( �&
�severity�� �(�2�.grafeas.v1.Severity��
@@ -74,7 +75,8 @@ public static function initOnce() {
�effective_severity�� �(�2�.grafeas.v1.Severity��
fix_available� �(��-
�cvss_version�� �(�2�.grafeas.v1.CVSSVersion�!
-�cvss_v2�� �(�2�.grafeas.v1.CVSS�à�
+�cvss_v2�� �(�2�.grafeas.v1.CVSS�I
+�vex_assessment�
�(�21.grafeas.v1.VulnerabilityOccurrence.VexAssessment�à�
�PackageIssue��
�affected_cpe_uri�� �( ��
�affected_package�� �( �-
@@ -86,7 +88,15 @@ public static function initOnce() {
�package_type�� �( �5
�effective_severity� �(�2�.grafeas.v1.SeverityB�àA��/
file_location�
- �(�2�.grafeas.v1.FileLocationBQ
+ �(�2�.grafeas.v1.FileLocation�æ�
+
VexAssessment��
+�cve�� �( �,
+�related_uris�� �(�2�.grafeas.v1.RelatedUrl��
+ note_name�� �( �G
+�state�� �(�28.grafeas.v1.VulnerabilityAssessmentNote.Assessment.State��
+�impacts�� �( �T
+�remediations�� �(�2>.grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation�W
+
justification�� �(�2@.grafeas.v1.VulnerabilityAssessmentNote.Assessment.JustificationBQ
io.grafeas.v1P�Z8google.golang.org/genproto/googleapis/grafeas/v1;grafeas¢��GRAb�proto3'
, true);
diff --git a/Grafeas/src/V1/Note.php b/Grafeas/src/V1/Note.php
index 711a5fde840..09e6e04559d 100644
--- a/Grafeas/src/V1/Note.php
+++ b/Grafeas/src/V1/Note.php
@@ -123,6 +123,8 @@ class Note extends \Google\Protobuf\Internal\Message
* A note describing a compliance check.
* @type \Grafeas\V1\DSSEAttestationNote $dsse_attestation
* A note describing a dsse attestation note.
+ * @type \Grafeas\V1\VulnerabilityAssessmentNote $vulnerability_assessment
+ * A note describing a vulnerability assessment.
* }
*/
public function __construct($data = NULL) {
@@ -712,6 +714,37 @@ public function setDsseAttestation($var)
return $this;
}
+ /**
+ * A note describing a vulnerability assessment.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote vulnerability_assessment = 20;
+ * @return \Grafeas\V1\VulnerabilityAssessmentNote|null
+ */
+ public function getVulnerabilityAssessment()
+ {
+ return $this->readOneof(20);
+ }
+
+ public function hasVulnerabilityAssessment()
+ {
+ return $this->hasOneof(20);
+ }
+
+ /**
+ * A note describing a vulnerability assessment.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote vulnerability_assessment = 20;
+ * @param \Grafeas\V1\VulnerabilityAssessmentNote $var
+ * @return $this
+ */
+ public function setVulnerabilityAssessment($var)
+ {
+ GPBUtil::checkMessage($var, \Grafeas\V1\VulnerabilityAssessmentNote::class);
+ $this->writeOneof(20, $var);
+
+ return $this;
+ }
+
/**
* @return string
*/
diff --git a/Grafeas/src/V1/NoteKind.php b/Grafeas/src/V1/NoteKind.php
index 522f07bb21c..7616d7f290c 100644
--- a/Grafeas/src/V1/NoteKind.php
+++ b/Grafeas/src/V1/NoteKind.php
@@ -79,6 +79,12 @@ class NoteKind
* Generated from protobuf enum DSSE_ATTESTATION = 10;
*/
const DSSE_ATTESTATION = 10;
+ /**
+ * This represents a Vulnerability Assessment.
+ *
+ * Generated from protobuf enum VULNERABILITY_ASSESSMENT = 11;
+ */
+ const VULNERABILITY_ASSESSMENT = 11;
private static $valueToName = [
self::NOTE_KIND_UNSPECIFIED => 'NOTE_KIND_UNSPECIFIED',
@@ -92,6 +98,7 @@ class NoteKind
self::UPGRADE => 'UPGRADE',
self::COMPLIANCE => 'COMPLIANCE',
self::DSSE_ATTESTATION => 'DSSE_ATTESTATION',
+ self::VULNERABILITY_ASSESSMENT => 'VULNERABILITY_ASSESSMENT',
];
public static function name($value)
diff --git a/Grafeas/src/V1/VulnerabilityAssessmentNote.php b/Grafeas/src/V1/VulnerabilityAssessmentNote.php
new file mode 100644
index 00000000000..a386e04242c
--- /dev/null
+++ b/Grafeas/src/V1/VulnerabilityAssessmentNote.php
@@ -0,0 +1,306 @@
+grafeas.v1.VulnerabilityAssessmentNote
+ */
+class VulnerabilityAssessmentNote extends \Google\Protobuf\Internal\Message
+{
+ /**
+ * The title of the note. E.g. `Vex-Debian-11.4`
+ *
+ * Generated from protobuf field string title = 1;
+ */
+ private $title = '';
+ /**
+ * A one sentence description of this Vex.
+ *
+ * Generated from protobuf field string short_description = 2;
+ */
+ private $short_description = '';
+ /**
+ * A detailed description of this Vex.
+ *
+ * Generated from protobuf field string long_description = 3;
+ */
+ private $long_description = '';
+ /**
+ * Identifies the language used by this document,
+ * corresponding to IETF BCP 47 / RFC 5646.
+ *
+ * Generated from protobuf field string language_code = 4;
+ */
+ private $language_code = '';
+ /**
+ * Publisher details of this Note.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Publisher publisher = 5;
+ */
+ private $publisher = null;
+ /**
+ * The product affected by this vex.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Product product = 6;
+ */
+ private $product = null;
+ /**
+ * Represents a vulnerability assessment for the product.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment assessment = 7;
+ */
+ private $assessment = null;
+
+ /**
+ * Constructor.
+ *
+ * @param array $data {
+ * Optional. Data for populating the Message object.
+ *
+ * @type string $title
+ * The title of the note. E.g. `Vex-Debian-11.4`
+ * @type string $short_description
+ * A one sentence description of this Vex.
+ * @type string $long_description
+ * A detailed description of this Vex.
+ * @type string $language_code
+ * Identifies the language used by this document,
+ * corresponding to IETF BCP 47 / RFC 5646.
+ * @type \Grafeas\V1\VulnerabilityAssessmentNote\Publisher $publisher
+ * Publisher details of this Note.
+ * @type \Grafeas\V1\VulnerabilityAssessmentNote\Product $product
+ * The product affected by this vex.
+ * @type \Grafeas\V1\VulnerabilityAssessmentNote\Assessment $assessment
+ * Represents a vulnerability assessment for the product.
+ * }
+ */
+ public function __construct($data = NULL) {
+ \GPBMetadata\Grafeas\V1\Vex::initOnce();
+ parent::__construct($data);
+ }
+
+ /**
+ * The title of the note. E.g. `Vex-Debian-11.4`
+ *
+ * Generated from protobuf field string title = 1;
+ * @return string
+ */
+ public function getTitle()
+ {
+ return $this->title;
+ }
+
+ /**
+ * The title of the note. E.g. `Vex-Debian-11.4`
+ *
+ * Generated from protobuf field string title = 1;
+ * @param string $var
+ * @return $this
+ */
+ public function setTitle($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->title = $var;
+
+ return $this;
+ }
+
+ /**
+ * A one sentence description of this Vex.
+ *
+ * Generated from protobuf field string short_description = 2;
+ * @return string
+ */
+ public function getShortDescription()
+ {
+ return $this->short_description;
+ }
+
+ /**
+ * A one sentence description of this Vex.
+ *
+ * Generated from protobuf field string short_description = 2;
+ * @param string $var
+ * @return $this
+ */
+ public function setShortDescription($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->short_description = $var;
+
+ return $this;
+ }
+
+ /**
+ * A detailed description of this Vex.
+ *
+ * Generated from protobuf field string long_description = 3;
+ * @return string
+ */
+ public function getLongDescription()
+ {
+ return $this->long_description;
+ }
+
+ /**
+ * A detailed description of this Vex.
+ *
+ * Generated from protobuf field string long_description = 3;
+ * @param string $var
+ * @return $this
+ */
+ public function setLongDescription($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->long_description = $var;
+
+ return $this;
+ }
+
+ /**
+ * Identifies the language used by this document,
+ * corresponding to IETF BCP 47 / RFC 5646.
+ *
+ * Generated from protobuf field string language_code = 4;
+ * @return string
+ */
+ public function getLanguageCode()
+ {
+ return $this->language_code;
+ }
+
+ /**
+ * Identifies the language used by this document,
+ * corresponding to IETF BCP 47 / RFC 5646.
+ *
+ * Generated from protobuf field string language_code = 4;
+ * @param string $var
+ * @return $this
+ */
+ public function setLanguageCode($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->language_code = $var;
+
+ return $this;
+ }
+
+ /**
+ * Publisher details of this Note.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Publisher publisher = 5;
+ * @return \Grafeas\V1\VulnerabilityAssessmentNote\Publisher|null
+ */
+ public function getPublisher()
+ {
+ return $this->publisher;
+ }
+
+ public function hasPublisher()
+ {
+ return isset($this->publisher);
+ }
+
+ public function clearPublisher()
+ {
+ unset($this->publisher);
+ }
+
+ /**
+ * Publisher details of this Note.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Publisher publisher = 5;
+ * @param \Grafeas\V1\VulnerabilityAssessmentNote\Publisher $var
+ * @return $this
+ */
+ public function setPublisher($var)
+ {
+ GPBUtil::checkMessage($var, \Grafeas\V1\VulnerabilityAssessmentNote\Publisher::class);
+ $this->publisher = $var;
+
+ return $this;
+ }
+
+ /**
+ * The product affected by this vex.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Product product = 6;
+ * @return \Grafeas\V1\VulnerabilityAssessmentNote\Product|null
+ */
+ public function getProduct()
+ {
+ return $this->product;
+ }
+
+ public function hasProduct()
+ {
+ return isset($this->product);
+ }
+
+ public function clearProduct()
+ {
+ unset($this->product);
+ }
+
+ /**
+ * The product affected by this vex.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Product product = 6;
+ * @param \Grafeas\V1\VulnerabilityAssessmentNote\Product $var
+ * @return $this
+ */
+ public function setProduct($var)
+ {
+ GPBUtil::checkMessage($var, \Grafeas\V1\VulnerabilityAssessmentNote\Product::class);
+ $this->product = $var;
+
+ return $this;
+ }
+
+ /**
+ * Represents a vulnerability assessment for the product.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment assessment = 7;
+ * @return \Grafeas\V1\VulnerabilityAssessmentNote\Assessment|null
+ */
+ public function getAssessment()
+ {
+ return $this->assessment;
+ }
+
+ public function hasAssessment()
+ {
+ return isset($this->assessment);
+ }
+
+ public function clearAssessment()
+ {
+ unset($this->assessment);
+ }
+
+ /**
+ * Represents a vulnerability assessment for the product.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment assessment = 7;
+ * @param \Grafeas\V1\VulnerabilityAssessmentNote\Assessment $var
+ * @return $this
+ */
+ public function setAssessment($var)
+ {
+ GPBUtil::checkMessage($var, \Grafeas\V1\VulnerabilityAssessmentNote\Assessment::class);
+ $this->assessment = $var;
+
+ return $this;
+ }
+
+}
+
diff --git a/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment.php b/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment.php
new file mode 100644
index 00000000000..56c14cfb3d1
--- /dev/null
+++ b/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment.php
@@ -0,0 +1,341 @@
+grafeas.v1.VulnerabilityAssessmentNote.Assessment
+ */
+class Assessment extends \Google\Protobuf\Internal\Message
+{
+ /**
+ * Holds the MITRE standard Common Vulnerabilities and Exposures (CVE)
+ * tracking number for the vulnerability.
+ *
+ * Generated from protobuf field string cve = 1;
+ */
+ private $cve = '';
+ /**
+ * A one sentence description of this Vex.
+ *
+ * Generated from protobuf field string short_description = 2;
+ */
+ private $short_description = '';
+ /**
+ * A detailed description of this Vex.
+ *
+ * Generated from protobuf field string long_description = 3;
+ */
+ private $long_description = '';
+ /**
+ * Holds a list of references associated with this vulnerability item and
+ * assessment. These uris have additional information about the
+ * vulnerability and the assessment itself. E.g. Link to a document which
+ * details how this assessment concluded the state of this vulnerability.
+ *
+ * Generated from protobuf field repeated .grafeas.v1.RelatedUrl related_uris = 4;
+ */
+ private $related_uris;
+ /**
+ * Provides the state of this Vulnerability assessment.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.State state = 5;
+ */
+ private $state = 0;
+ /**
+ * Contains information about the impact of this vulnerability,
+ * this will change with time.
+ *
+ * Generated from protobuf field repeated string impacts = 6;
+ */
+ private $impacts;
+ /**
+ * Justification provides the justification when the state of the
+ * assessment if NOT_AFFECTED.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification justification = 7;
+ */
+ private $justification = null;
+ /**
+ * Specifies details on how to handle (and presumably, fix) a vulnerability.
+ *
+ * Generated from protobuf field repeated .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation remediations = 8;
+ */
+ private $remediations;
+
+ /**
+ * Constructor.
+ *
+ * @param array $data {
+ * Optional. Data for populating the Message object.
+ *
+ * @type string $cve
+ * Holds the MITRE standard Common Vulnerabilities and Exposures (CVE)
+ * tracking number for the vulnerability.
+ * @type string $short_description
+ * A one sentence description of this Vex.
+ * @type string $long_description
+ * A detailed description of this Vex.
+ * @type array<\Grafeas\V1\RelatedUrl>|\Google\Protobuf\Internal\RepeatedField $related_uris
+ * Holds a list of references associated with this vulnerability item and
+ * assessment. These uris have additional information about the
+ * vulnerability and the assessment itself. E.g. Link to a document which
+ * details how this assessment concluded the state of this vulnerability.
+ * @type int $state
+ * Provides the state of this Vulnerability assessment.
+ * @type array|\Google\Protobuf\Internal\RepeatedField $impacts
+ * Contains information about the impact of this vulnerability,
+ * this will change with time.
+ * @type \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Justification $justification
+ * Justification provides the justification when the state of the
+ * assessment if NOT_AFFECTED.
+ * @type array<\Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Remediation>|\Google\Protobuf\Internal\RepeatedField $remediations
+ * Specifies details on how to handle (and presumably, fix) a vulnerability.
+ * }
+ */
+ public function __construct($data = NULL) {
+ \GPBMetadata\Grafeas\V1\Vex::initOnce();
+ parent::__construct($data);
+ }
+
+ /**
+ * Holds the MITRE standard Common Vulnerabilities and Exposures (CVE)
+ * tracking number for the vulnerability.
+ *
+ * Generated from protobuf field string cve = 1;
+ * @return string
+ */
+ public function getCve()
+ {
+ return $this->cve;
+ }
+
+ /**
+ * Holds the MITRE standard Common Vulnerabilities and Exposures (CVE)
+ * tracking number for the vulnerability.
+ *
+ * Generated from protobuf field string cve = 1;
+ * @param string $var
+ * @return $this
+ */
+ public function setCve($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->cve = $var;
+
+ return $this;
+ }
+
+ /**
+ * A one sentence description of this Vex.
+ *
+ * Generated from protobuf field string short_description = 2;
+ * @return string
+ */
+ public function getShortDescription()
+ {
+ return $this->short_description;
+ }
+
+ /**
+ * A one sentence description of this Vex.
+ *
+ * Generated from protobuf field string short_description = 2;
+ * @param string $var
+ * @return $this
+ */
+ public function setShortDescription($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->short_description = $var;
+
+ return $this;
+ }
+
+ /**
+ * A detailed description of this Vex.
+ *
+ * Generated from protobuf field string long_description = 3;
+ * @return string
+ */
+ public function getLongDescription()
+ {
+ return $this->long_description;
+ }
+
+ /**
+ * A detailed description of this Vex.
+ *
+ * Generated from protobuf field string long_description = 3;
+ * @param string $var
+ * @return $this
+ */
+ public function setLongDescription($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->long_description = $var;
+
+ return $this;
+ }
+
+ /**
+ * Holds a list of references associated with this vulnerability item and
+ * assessment. These uris have additional information about the
+ * vulnerability and the assessment itself. E.g. Link to a document which
+ * details how this assessment concluded the state of this vulnerability.
+ *
+ * Generated from protobuf field repeated .grafeas.v1.RelatedUrl related_uris = 4;
+ * @return \Google\Protobuf\Internal\RepeatedField
+ */
+ public function getRelatedUris()
+ {
+ return $this->related_uris;
+ }
+
+ /**
+ * Holds a list of references associated with this vulnerability item and
+ * assessment. These uris have additional information about the
+ * vulnerability and the assessment itself. E.g. Link to a document which
+ * details how this assessment concluded the state of this vulnerability.
+ *
+ * Generated from protobuf field repeated .grafeas.v1.RelatedUrl related_uris = 4;
+ * @param array<\Grafeas\V1\RelatedUrl>|\Google\Protobuf\Internal\RepeatedField $var
+ * @return $this
+ */
+ public function setRelatedUris($var)
+ {
+ $arr = GPBUtil::checkRepeatedField($var, \Google\Protobuf\Internal\GPBType::MESSAGE, \Grafeas\V1\RelatedUrl::class);
+ $this->related_uris = $arr;
+
+ return $this;
+ }
+
+ /**
+ * Provides the state of this Vulnerability assessment.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.State state = 5;
+ * @return int
+ */
+ public function getState()
+ {
+ return $this->state;
+ }
+
+ /**
+ * Provides the state of this Vulnerability assessment.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.State state = 5;
+ * @param int $var
+ * @return $this
+ */
+ public function setState($var)
+ {
+ GPBUtil::checkEnum($var, \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\State::class);
+ $this->state = $var;
+
+ return $this;
+ }
+
+ /**
+ * Contains information about the impact of this vulnerability,
+ * this will change with time.
+ *
+ * Generated from protobuf field repeated string impacts = 6;
+ * @return \Google\Protobuf\Internal\RepeatedField
+ */
+ public function getImpacts()
+ {
+ return $this->impacts;
+ }
+
+ /**
+ * Contains information about the impact of this vulnerability,
+ * this will change with time.
+ *
+ * Generated from protobuf field repeated string impacts = 6;
+ * @param array|\Google\Protobuf\Internal\RepeatedField $var
+ * @return $this
+ */
+ public function setImpacts($var)
+ {
+ $arr = GPBUtil::checkRepeatedField($var, \Google\Protobuf\Internal\GPBType::STRING);
+ $this->impacts = $arr;
+
+ return $this;
+ }
+
+ /**
+ * Justification provides the justification when the state of the
+ * assessment if NOT_AFFECTED.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification justification = 7;
+ * @return \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Justification|null
+ */
+ public function getJustification()
+ {
+ return $this->justification;
+ }
+
+ public function hasJustification()
+ {
+ return isset($this->justification);
+ }
+
+ public function clearJustification()
+ {
+ unset($this->justification);
+ }
+
+ /**
+ * Justification provides the justification when the state of the
+ * assessment if NOT_AFFECTED.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification justification = 7;
+ * @param \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Justification $var
+ * @return $this
+ */
+ public function setJustification($var)
+ {
+ GPBUtil::checkMessage($var, \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Justification::class);
+ $this->justification = $var;
+
+ return $this;
+ }
+
+ /**
+ * Specifies details on how to handle (and presumably, fix) a vulnerability.
+ *
+ * Generated from protobuf field repeated .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation remediations = 8;
+ * @return \Google\Protobuf\Internal\RepeatedField
+ */
+ public function getRemediations()
+ {
+ return $this->remediations;
+ }
+
+ /**
+ * Specifies details on how to handle (and presumably, fix) a vulnerability.
+ *
+ * Generated from protobuf field repeated .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation remediations = 8;
+ * @param array<\Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Remediation>|\Google\Protobuf\Internal\RepeatedField $var
+ * @return $this
+ */
+ public function setRemediations($var)
+ {
+ $arr = GPBUtil::checkRepeatedField($var, \Google\Protobuf\Internal\GPBType::MESSAGE, \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Remediation::class);
+ $this->remediations = $arr;
+
+ return $this;
+ }
+
+}
+
+
diff --git a/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/Justification.php b/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/Justification.php
new file mode 100644
index 00000000000..92bb483d31a
--- /dev/null
+++ b/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/Justification.php
@@ -0,0 +1,103 @@
+grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification
+ */
+class Justification extends \Google\Protobuf\Internal\Message
+{
+ /**
+ * The justification type for this vulnerability.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType justification_type = 1;
+ */
+ private $justification_type = 0;
+ /**
+ * Additional details on why this justification was chosen.
+ *
+ * Generated from protobuf field string details = 2;
+ */
+ private $details = '';
+
+ /**
+ * Constructor.
+ *
+ * @param array $data {
+ * Optional. Data for populating the Message object.
+ *
+ * @type int $justification_type
+ * The justification type for this vulnerability.
+ * @type string $details
+ * Additional details on why this justification was chosen.
+ * }
+ */
+ public function __construct($data = NULL) {
+ \GPBMetadata\Grafeas\V1\Vex::initOnce();
+ parent::__construct($data);
+ }
+
+ /**
+ * The justification type for this vulnerability.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType justification_type = 1;
+ * @return int
+ */
+ public function getJustificationType()
+ {
+ return $this->justification_type;
+ }
+
+ /**
+ * The justification type for this vulnerability.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType justification_type = 1;
+ * @param int $var
+ * @return $this
+ */
+ public function setJustificationType($var)
+ {
+ GPBUtil::checkEnum($var, \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Justification\JustificationType::class);
+ $this->justification_type = $var;
+
+ return $this;
+ }
+
+ /**
+ * Additional details on why this justification was chosen.
+ *
+ * Generated from protobuf field string details = 2;
+ * @return string
+ */
+ public function getDetails()
+ {
+ return $this->details;
+ }
+
+ /**
+ * Additional details on why this justification was chosen.
+ *
+ * Generated from protobuf field string details = 2;
+ * @param string $var
+ * @return $this
+ */
+ public function setDetails($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->details = $var;
+
+ return $this;
+ }
+
+}
+
+
diff --git a/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/Justification/JustificationType.php b/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/Justification/JustificationType.php
new file mode 100644
index 00000000000..92babd236f7
--- /dev/null
+++ b/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/Justification/JustificationType.php
@@ -0,0 +1,92 @@
+grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification.JustificationType
+ */
+class JustificationType
+{
+ /**
+ * JUSTIFICATION_TYPE_UNSPECIFIED.
+ *
+ * Generated from protobuf enum JUSTIFICATION_TYPE_UNSPECIFIED = 0;
+ */
+ const JUSTIFICATION_TYPE_UNSPECIFIED = 0;
+ /**
+ * The vulnerable component is not present in the product.
+ *
+ * Generated from protobuf enum COMPONENT_NOT_PRESENT = 1;
+ */
+ const COMPONENT_NOT_PRESENT = 1;
+ /**
+ * The vulnerable code is not present. Typically this case
+ * occurs when source code is configured or built in a way that excludes
+ * the vulnerable code.
+ *
+ * Generated from protobuf enum VULNERABLE_CODE_NOT_PRESENT = 2;
+ */
+ const VULNERABLE_CODE_NOT_PRESENT = 2;
+ /**
+ * The vulnerable code can not be executed.
+ * Typically this case occurs when the product includes the vulnerable
+ * code but does not call or use the vulnerable code.
+ *
+ * Generated from protobuf enum VULNERABLE_CODE_NOT_IN_EXECUTE_PATH = 3;
+ */
+ const VULNERABLE_CODE_NOT_IN_EXECUTE_PATH = 3;
+ /**
+ * The vulnerable code cannot be controlled by an attacker to exploit
+ * the vulnerability.
+ *
+ * Generated from protobuf enum VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY = 4;
+ */
+ const VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY = 4;
+ /**
+ * The product includes built-in protections or features that prevent
+ * exploitation of the vulnerability. These built-in protections cannot
+ * be subverted by the attacker and cannot be configured or disabled by
+ * the user. These mitigations completely prevent exploitation based on
+ * known attack vectors.
+ *
+ * Generated from protobuf enum INLINE_MITIGATIONS_ALREADY_EXIST = 5;
+ */
+ const INLINE_MITIGATIONS_ALREADY_EXIST = 5;
+
+ private static $valueToName = [
+ self::JUSTIFICATION_TYPE_UNSPECIFIED => 'JUSTIFICATION_TYPE_UNSPECIFIED',
+ self::COMPONENT_NOT_PRESENT => 'COMPONENT_NOT_PRESENT',
+ self::VULNERABLE_CODE_NOT_PRESENT => 'VULNERABLE_CODE_NOT_PRESENT',
+ self::VULNERABLE_CODE_NOT_IN_EXECUTE_PATH => 'VULNERABLE_CODE_NOT_IN_EXECUTE_PATH',
+ self::VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY => 'VULNERABLE_CODE_CANNOT_BE_CONTROLLED_BY_ADVERSARY',
+ self::INLINE_MITIGATIONS_ALREADY_EXIST => 'INLINE_MITIGATIONS_ALREADY_EXIST',
+ ];
+
+ public static function name($value)
+ {
+ if (!isset(self::$valueToName[$value])) {
+ throw new UnexpectedValueException(sprintf(
+ 'Enum %s has no name defined for value %s', __CLASS__, $value));
+ }
+ return self::$valueToName[$value];
+ }
+
+
+ public static function value($name)
+ {
+ $const = __CLASS__ . '::' . strtoupper($name);
+ if (!defined($const)) {
+ throw new UnexpectedValueException(sprintf(
+ 'Enum %s has no value defined for name %s', __CLASS__, $name));
+ }
+ return constant($const);
+ }
+}
+
+
diff --git a/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/Remediation.php b/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/Remediation.php
new file mode 100644
index 00000000000..60c72a54fc7
--- /dev/null
+++ b/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/Remediation.php
@@ -0,0 +1,146 @@
+grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation
+ */
+class Remediation extends \Google\Protobuf\Internal\Message
+{
+ /**
+ * The type of remediation that can be applied.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType remediation_type = 1;
+ */
+ private $remediation_type = 0;
+ /**
+ * Contains a comprehensive human-readable discussion of the remediation.
+ *
+ * Generated from protobuf field string details = 2;
+ */
+ private $details = '';
+ /**
+ * Contains the URL where to obtain the remediation.
+ *
+ * Generated from protobuf field .grafeas.v1.RelatedUrl remediation_uri = 3;
+ */
+ private $remediation_uri = null;
+
+ /**
+ * Constructor.
+ *
+ * @param array $data {
+ * Optional. Data for populating the Message object.
+ *
+ * @type int $remediation_type
+ * The type of remediation that can be applied.
+ * @type string $details
+ * Contains a comprehensive human-readable discussion of the remediation.
+ * @type \Grafeas\V1\RelatedUrl $remediation_uri
+ * Contains the URL where to obtain the remediation.
+ * }
+ */
+ public function __construct($data = NULL) {
+ \GPBMetadata\Grafeas\V1\Vex::initOnce();
+ parent::__construct($data);
+ }
+
+ /**
+ * The type of remediation that can be applied.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType remediation_type = 1;
+ * @return int
+ */
+ public function getRemediationType()
+ {
+ return $this->remediation_type;
+ }
+
+ /**
+ * The type of remediation that can be applied.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType remediation_type = 1;
+ * @param int $var
+ * @return $this
+ */
+ public function setRemediationType($var)
+ {
+ GPBUtil::checkEnum($var, \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Remediation\RemediationType::class);
+ $this->remediation_type = $var;
+
+ return $this;
+ }
+
+ /**
+ * Contains a comprehensive human-readable discussion of the remediation.
+ *
+ * Generated from protobuf field string details = 2;
+ * @return string
+ */
+ public function getDetails()
+ {
+ return $this->details;
+ }
+
+ /**
+ * Contains a comprehensive human-readable discussion of the remediation.
+ *
+ * Generated from protobuf field string details = 2;
+ * @param string $var
+ * @return $this
+ */
+ public function setDetails($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->details = $var;
+
+ return $this;
+ }
+
+ /**
+ * Contains the URL where to obtain the remediation.
+ *
+ * Generated from protobuf field .grafeas.v1.RelatedUrl remediation_uri = 3;
+ * @return \Grafeas\V1\RelatedUrl|null
+ */
+ public function getRemediationUri()
+ {
+ return $this->remediation_uri;
+ }
+
+ public function hasRemediationUri()
+ {
+ return isset($this->remediation_uri);
+ }
+
+ public function clearRemediationUri()
+ {
+ unset($this->remediation_uri);
+ }
+
+ /**
+ * Contains the URL where to obtain the remediation.
+ *
+ * Generated from protobuf field .grafeas.v1.RelatedUrl remediation_uri = 3;
+ * @param \Grafeas\V1\RelatedUrl $var
+ * @return $this
+ */
+ public function setRemediationUri($var)
+ {
+ GPBUtil::checkMessage($var, \Grafeas\V1\RelatedUrl::class);
+ $this->remediation_uri = $var;
+
+ return $this;
+ }
+
+}
+
+
diff --git a/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/Remediation/RemediationType.php b/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/Remediation/RemediationType.php
new file mode 100644
index 00000000000..61fabdf6de4
--- /dev/null
+++ b/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/Remediation/RemediationType.php
@@ -0,0 +1,83 @@
+grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation.RemediationType
+ */
+class RemediationType
+{
+ /**
+ * No remediation type specified.
+ *
+ * Generated from protobuf enum REMEDIATION_TYPE_UNSPECIFIED = 0;
+ */
+ const REMEDIATION_TYPE_UNSPECIFIED = 0;
+ /**
+ * A MITIGATION is available.
+ *
+ * Generated from protobuf enum MITIGATION = 1;
+ */
+ const MITIGATION = 1;
+ /**
+ * No fix is planned.
+ *
+ * Generated from protobuf enum NO_FIX_PLANNED = 2;
+ */
+ const NO_FIX_PLANNED = 2;
+ /**
+ * Not available.
+ *
+ * Generated from protobuf enum NONE_AVAILABLE = 3;
+ */
+ const NONE_AVAILABLE = 3;
+ /**
+ * A vendor fix is available.
+ *
+ * Generated from protobuf enum VENDOR_FIX = 4;
+ */
+ const VENDOR_FIX = 4;
+ /**
+ * A workaround is available.
+ *
+ * Generated from protobuf enum WORKAROUND = 5;
+ */
+ const WORKAROUND = 5;
+
+ private static $valueToName = [
+ self::REMEDIATION_TYPE_UNSPECIFIED => 'REMEDIATION_TYPE_UNSPECIFIED',
+ self::MITIGATION => 'MITIGATION',
+ self::NO_FIX_PLANNED => 'NO_FIX_PLANNED',
+ self::NONE_AVAILABLE => 'NONE_AVAILABLE',
+ self::VENDOR_FIX => 'VENDOR_FIX',
+ self::WORKAROUND => 'WORKAROUND',
+ ];
+
+ public static function name($value)
+ {
+ if (!isset(self::$valueToName[$value])) {
+ throw new UnexpectedValueException(sprintf(
+ 'Enum %s has no name defined for value %s', __CLASS__, $value));
+ }
+ return self::$valueToName[$value];
+ }
+
+
+ public static function value($name)
+ {
+ $const = __CLASS__ . '::' . strtoupper($name);
+ if (!defined($const)) {
+ throw new UnexpectedValueException(sprintf(
+ 'Enum %s has no value defined for name %s', __CLASS__, $name));
+ }
+ return constant($const);
+ }
+}
+
+
diff --git a/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/State.php b/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/State.php
new file mode 100644
index 00000000000..f4d4826a29e
--- /dev/null
+++ b/Grafeas/src/V1/VulnerabilityAssessmentNote/Assessment/State.php
@@ -0,0 +1,77 @@
+grafeas.v1.VulnerabilityAssessmentNote.Assessment.State
+ */
+class State
+{
+ /**
+ * No state is specified.
+ *
+ * Generated from protobuf enum STATE_UNSPECIFIED = 0;
+ */
+ const STATE_UNSPECIFIED = 0;
+ /**
+ * This product is known to be affected by this vulnerability.
+ *
+ * Generated from protobuf enum AFFECTED = 1;
+ */
+ const AFFECTED = 1;
+ /**
+ * This product is known to be not affected by this vulnerability.
+ *
+ * Generated from protobuf enum NOT_AFFECTED = 2;
+ */
+ const NOT_AFFECTED = 2;
+ /**
+ * This product contains a fix for this vulnerability.
+ *
+ * Generated from protobuf enum FIXED = 3;
+ */
+ const FIXED = 3;
+ /**
+ * It is not known yet whether these versions are or are not affected
+ * by the vulnerability. However, it is still under investigation.
+ *
+ * Generated from protobuf enum UNDER_INVESTIGATION = 4;
+ */
+ const UNDER_INVESTIGATION = 4;
+
+ private static $valueToName = [
+ self::STATE_UNSPECIFIED => 'STATE_UNSPECIFIED',
+ self::AFFECTED => 'AFFECTED',
+ self::NOT_AFFECTED => 'NOT_AFFECTED',
+ self::FIXED => 'FIXED',
+ self::UNDER_INVESTIGATION => 'UNDER_INVESTIGATION',
+ ];
+
+ public static function name($value)
+ {
+ if (!isset(self::$valueToName[$value])) {
+ throw new UnexpectedValueException(sprintf(
+ 'Enum %s has no name defined for value %s', __CLASS__, $value));
+ }
+ return self::$valueToName[$value];
+ }
+
+
+ public static function value($name)
+ {
+ $const = __CLASS__ . '::' . strtoupper($name);
+ if (!defined($const)) {
+ throw new UnexpectedValueException(sprintf(
+ 'Enum %s has no value defined for name %s', __CLASS__, $name));
+ }
+ return constant($const);
+ }
+}
+
+
diff --git a/Grafeas/src/V1/VulnerabilityAssessmentNote/Product.php b/Grafeas/src/V1/VulnerabilityAssessmentNote/Product.php
new file mode 100644
index 00000000000..7509e82a22a
--- /dev/null
+++ b/Grafeas/src/V1/VulnerabilityAssessmentNote/Product.php
@@ -0,0 +1,158 @@
+grafeas.v1.VulnerabilityAssessmentNote.Product
+ */
+class Product extends \Google\Protobuf\Internal\Message
+{
+ /**
+ * Name of the product.
+ *
+ * Generated from protobuf field string name = 1;
+ */
+ private $name = '';
+ /**
+ * Token that identifies a product so that it can be referred to from other
+ * parts in the document. There is no predefined format as long as it
+ * uniquely identifies a group in the context of the current document.
+ *
+ * Generated from protobuf field string id = 2;
+ */
+ private $id = '';
+ protected $identifier;
+
+ /**
+ * Constructor.
+ *
+ * @param array $data {
+ * Optional. Data for populating the Message object.
+ *
+ * @type string $name
+ * Name of the product.
+ * @type string $id
+ * Token that identifies a product so that it can be referred to from other
+ * parts in the document. There is no predefined format as long as it
+ * uniquely identifies a group in the context of the current document.
+ * @type string $generic_uri
+ * Contains a URI which is vendor-specific.
+ * Example: The artifact repository URL of an image.
+ * }
+ */
+ public function __construct($data = NULL) {
+ \GPBMetadata\Grafeas\V1\Vex::initOnce();
+ parent::__construct($data);
+ }
+
+ /**
+ * Name of the product.
+ *
+ * Generated from protobuf field string name = 1;
+ * @return string
+ */
+ public function getName()
+ {
+ return $this->name;
+ }
+
+ /**
+ * Name of the product.
+ *
+ * Generated from protobuf field string name = 1;
+ * @param string $var
+ * @return $this
+ */
+ public function setName($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->name = $var;
+
+ return $this;
+ }
+
+ /**
+ * Token that identifies a product so that it can be referred to from other
+ * parts in the document. There is no predefined format as long as it
+ * uniquely identifies a group in the context of the current document.
+ *
+ * Generated from protobuf field string id = 2;
+ * @return string
+ */
+ public function getId()
+ {
+ return $this->id;
+ }
+
+ /**
+ * Token that identifies a product so that it can be referred to from other
+ * parts in the document. There is no predefined format as long as it
+ * uniquely identifies a group in the context of the current document.
+ *
+ * Generated from protobuf field string id = 2;
+ * @param string $var
+ * @return $this
+ */
+ public function setId($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->id = $var;
+
+ return $this;
+ }
+
+ /**
+ * Contains a URI which is vendor-specific.
+ * Example: The artifact repository URL of an image.
+ *
+ * Generated from protobuf field string generic_uri = 3;
+ * @return string
+ */
+ public function getGenericUri()
+ {
+ return $this->readOneof(3);
+ }
+
+ public function hasGenericUri()
+ {
+ return $this->hasOneof(3);
+ }
+
+ /**
+ * Contains a URI which is vendor-specific.
+ * Example: The artifact repository URL of an image.
+ *
+ * Generated from protobuf field string generic_uri = 3;
+ * @param string $var
+ * @return $this
+ */
+ public function setGenericUri($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->writeOneof(3, $var);
+
+ return $this;
+ }
+
+ /**
+ * @return string
+ */
+ public function getIdentifier()
+ {
+ return $this->whichOneof("identifier");
+ }
+
+}
+
+
diff --git a/Grafeas/src/V1/VulnerabilityAssessmentNote/Publisher.php b/Grafeas/src/V1/VulnerabilityAssessmentNote/Publisher.php
new file mode 100644
index 00000000000..8100861cc8d
--- /dev/null
+++ b/Grafeas/src/V1/VulnerabilityAssessmentNote/Publisher.php
@@ -0,0 +1,163 @@
+grafeas.v1.VulnerabilityAssessmentNote.Publisher
+ */
+class Publisher extends \Google\Protobuf\Internal\Message
+{
+ /**
+ * Name of the publisher.
+ * Examples: 'Google', 'Google Cloud Platform'.
+ *
+ * Generated from protobuf field string name = 1;
+ */
+ private $name = '';
+ /**
+ * Provides information about the authority of the issuing party to
+ * release the document, in particular, the party's constituency and
+ * responsibilities or other obligations.
+ *
+ * Generated from protobuf field string issuing_authority = 2;
+ */
+ private $issuing_authority = '';
+ /**
+ * The context or namespace.
+ * Contains a URL which is under control of the issuing party and can
+ * be used as a globally unique identifier for that issuing party.
+ * Example: https://csaf.io
+ *
+ * Generated from protobuf field string publisher_namespace = 3;
+ */
+ private $publisher_namespace = '';
+
+ /**
+ * Constructor.
+ *
+ * @param array $data {
+ * Optional. Data for populating the Message object.
+ *
+ * @type string $name
+ * Name of the publisher.
+ * Examples: 'Google', 'Google Cloud Platform'.
+ * @type string $issuing_authority
+ * Provides information about the authority of the issuing party to
+ * release the document, in particular, the party's constituency and
+ * responsibilities or other obligations.
+ * @type string $publisher_namespace
+ * The context or namespace.
+ * Contains a URL which is under control of the issuing party and can
+ * be used as a globally unique identifier for that issuing party.
+ * Example: https://csaf.io
+ * }
+ */
+ public function __construct($data = NULL) {
+ \GPBMetadata\Grafeas\V1\Vex::initOnce();
+ parent::__construct($data);
+ }
+
+ /**
+ * Name of the publisher.
+ * Examples: 'Google', 'Google Cloud Platform'.
+ *
+ * Generated from protobuf field string name = 1;
+ * @return string
+ */
+ public function getName()
+ {
+ return $this->name;
+ }
+
+ /**
+ * Name of the publisher.
+ * Examples: 'Google', 'Google Cloud Platform'.
+ *
+ * Generated from protobuf field string name = 1;
+ * @param string $var
+ * @return $this
+ */
+ public function setName($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->name = $var;
+
+ return $this;
+ }
+
+ /**
+ * Provides information about the authority of the issuing party to
+ * release the document, in particular, the party's constituency and
+ * responsibilities or other obligations.
+ *
+ * Generated from protobuf field string issuing_authority = 2;
+ * @return string
+ */
+ public function getIssuingAuthority()
+ {
+ return $this->issuing_authority;
+ }
+
+ /**
+ * Provides information about the authority of the issuing party to
+ * release the document, in particular, the party's constituency and
+ * responsibilities or other obligations.
+ *
+ * Generated from protobuf field string issuing_authority = 2;
+ * @param string $var
+ * @return $this
+ */
+ public function setIssuingAuthority($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->issuing_authority = $var;
+
+ return $this;
+ }
+
+ /**
+ * The context or namespace.
+ * Contains a URL which is under control of the issuing party and can
+ * be used as a globally unique identifier for that issuing party.
+ * Example: https://csaf.io
+ *
+ * Generated from protobuf field string publisher_namespace = 3;
+ * @return string
+ */
+ public function getPublisherNamespace()
+ {
+ return $this->publisher_namespace;
+ }
+
+ /**
+ * The context or namespace.
+ * Contains a URL which is under control of the issuing party and can
+ * be used as a globally unique identifier for that issuing party.
+ * Example: https://csaf.io
+ *
+ * Generated from protobuf field string publisher_namespace = 3;
+ * @param string $var
+ * @return $this
+ */
+ public function setPublisherNamespace($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->publisher_namespace = $var;
+
+ return $this;
+ }
+
+}
+
+
diff --git a/Grafeas/src/V1/VulnerabilityOccurrence.php b/Grafeas/src/V1/VulnerabilityOccurrence.php
index 5693a750709..6cb1628da39 100644
--- a/Grafeas/src/V1/VulnerabilityOccurrence.php
+++ b/Grafeas/src/V1/VulnerabilityOccurrence.php
@@ -100,6 +100,10 @@ class VulnerabilityOccurrence extends \Google\Protobuf\Internal\Message
* Generated from protobuf field .grafeas.v1.CVSS cvss_v2 = 12;
*/
private $cvss_v2 = null;
+ /**
+ * Generated from protobuf field .grafeas.v1.VulnerabilityOccurrence.VexAssessment vex_assessment = 13;
+ */
+ private $vex_assessment = null;
/**
* Constructor.
@@ -144,6 +148,7 @@ class VulnerabilityOccurrence extends \Google\Protobuf\Internal\Message
* Output only. CVSS version used to populate cvss_score and severity.
* @type \Grafeas\V1\CVSS $cvss_v2
* The cvss v2 score for the vulnerability.
+ * @type \Grafeas\V1\VulnerabilityOccurrence\VexAssessment $vex_assessment
* }
*/
public function __construct($data = NULL) {
@@ -509,5 +514,37 @@ public function setCvssV2($var)
return $this;
}
+ /**
+ * Generated from protobuf field .grafeas.v1.VulnerabilityOccurrence.VexAssessment vex_assessment = 13;
+ * @return \Grafeas\V1\VulnerabilityOccurrence\VexAssessment|null
+ */
+ public function getVexAssessment()
+ {
+ return $this->vex_assessment;
+ }
+
+ public function hasVexAssessment()
+ {
+ return isset($this->vex_assessment);
+ }
+
+ public function clearVexAssessment()
+ {
+ unset($this->vex_assessment);
+ }
+
+ /**
+ * Generated from protobuf field .grafeas.v1.VulnerabilityOccurrence.VexAssessment vex_assessment = 13;
+ * @param \Grafeas\V1\VulnerabilityOccurrence\VexAssessment $var
+ * @return $this
+ */
+ public function setVexAssessment($var)
+ {
+ GPBUtil::checkMessage($var, \Grafeas\V1\VulnerabilityOccurrence\VexAssessment::class);
+ $this->vex_assessment = $var;
+
+ return $this;
+ }
+
}
diff --git a/Grafeas/src/V1/VulnerabilityOccurrence/VexAssessment.php b/Grafeas/src/V1/VulnerabilityOccurrence/VexAssessment.php
new file mode 100644
index 00000000000..ea2738e3830
--- /dev/null
+++ b/Grafeas/src/V1/VulnerabilityOccurrence/VexAssessment.php
@@ -0,0 +1,315 @@
+grafeas.v1.VulnerabilityOccurrence.VexAssessment
+ */
+class VexAssessment extends \Google\Protobuf\Internal\Message
+{
+ /**
+ * Holds the MITRE standard Common Vulnerabilities and Exposures (CVE)
+ * tracking number for the vulnerability.
+ *
+ * Generated from protobuf field string cve = 1;
+ */
+ private $cve = '';
+ /**
+ * Holds a list of references associated with this vulnerability item and
+ * assessment.
+ *
+ * Generated from protobuf field repeated .grafeas.v1.RelatedUrl related_uris = 2;
+ */
+ private $related_uris;
+ /**
+ * The VulnerabilityAssessment note from which this VexAssessment was
+ * generated.
+ * This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`.
+ * (-- api-linter: core::0122::name-suffix=disabled
+ * aip.dev/not-precedent: The suffix is kept for consistency. --)
+ *
+ * Generated from protobuf field string note_name = 3;
+ */
+ private $note_name = '';
+ /**
+ * Provides the state of this Vulnerability assessment.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.State state = 4;
+ */
+ private $state = 0;
+ /**
+ * Contains information about the impact of this vulnerability,
+ * this will change with time.
+ *
+ * Generated from protobuf field repeated string impacts = 5;
+ */
+ private $impacts;
+ /**
+ * Specifies details on how to handle (and presumably, fix) a vulnerability.
+ *
+ * Generated from protobuf field repeated .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation remediations = 6;
+ */
+ private $remediations;
+ /**
+ * Justification provides the justification when the state of the
+ * assessment if NOT_AFFECTED.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification justification = 7;
+ */
+ private $justification = null;
+
+ /**
+ * Constructor.
+ *
+ * @param array $data {
+ * Optional. Data for populating the Message object.
+ *
+ * @type string $cve
+ * Holds the MITRE standard Common Vulnerabilities and Exposures (CVE)
+ * tracking number for the vulnerability.
+ * @type array<\Grafeas\V1\RelatedUrl>|\Google\Protobuf\Internal\RepeatedField $related_uris
+ * Holds a list of references associated with this vulnerability item and
+ * assessment.
+ * @type string $note_name
+ * The VulnerabilityAssessment note from which this VexAssessment was
+ * generated.
+ * This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`.
+ * (-- api-linter: core::0122::name-suffix=disabled
+ * aip.dev/not-precedent: The suffix is kept for consistency. --)
+ * @type int $state
+ * Provides the state of this Vulnerability assessment.
+ * @type array|\Google\Protobuf\Internal\RepeatedField $impacts
+ * Contains information about the impact of this vulnerability,
+ * this will change with time.
+ * @type array<\Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Remediation>|\Google\Protobuf\Internal\RepeatedField $remediations
+ * Specifies details on how to handle (and presumably, fix) a vulnerability.
+ * @type \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Justification $justification
+ * Justification provides the justification when the state of the
+ * assessment if NOT_AFFECTED.
+ * }
+ */
+ public function __construct($data = NULL) {
+ \GPBMetadata\Grafeas\V1\Vulnerability::initOnce();
+ parent::__construct($data);
+ }
+
+ /**
+ * Holds the MITRE standard Common Vulnerabilities and Exposures (CVE)
+ * tracking number for the vulnerability.
+ *
+ * Generated from protobuf field string cve = 1;
+ * @return string
+ */
+ public function getCve()
+ {
+ return $this->cve;
+ }
+
+ /**
+ * Holds the MITRE standard Common Vulnerabilities and Exposures (CVE)
+ * tracking number for the vulnerability.
+ *
+ * Generated from protobuf field string cve = 1;
+ * @param string $var
+ * @return $this
+ */
+ public function setCve($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->cve = $var;
+
+ return $this;
+ }
+
+ /**
+ * Holds a list of references associated with this vulnerability item and
+ * assessment.
+ *
+ * Generated from protobuf field repeated .grafeas.v1.RelatedUrl related_uris = 2;
+ * @return \Google\Protobuf\Internal\RepeatedField
+ */
+ public function getRelatedUris()
+ {
+ return $this->related_uris;
+ }
+
+ /**
+ * Holds a list of references associated with this vulnerability item and
+ * assessment.
+ *
+ * Generated from protobuf field repeated .grafeas.v1.RelatedUrl related_uris = 2;
+ * @param array<\Grafeas\V1\RelatedUrl>|\Google\Protobuf\Internal\RepeatedField $var
+ * @return $this
+ */
+ public function setRelatedUris($var)
+ {
+ $arr = GPBUtil::checkRepeatedField($var, \Google\Protobuf\Internal\GPBType::MESSAGE, \Grafeas\V1\RelatedUrl::class);
+ $this->related_uris = $arr;
+
+ return $this;
+ }
+
+ /**
+ * The VulnerabilityAssessment note from which this VexAssessment was
+ * generated.
+ * This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`.
+ * (-- api-linter: core::0122::name-suffix=disabled
+ * aip.dev/not-precedent: The suffix is kept for consistency. --)
+ *
+ * Generated from protobuf field string note_name = 3;
+ * @return string
+ */
+ public function getNoteName()
+ {
+ return $this->note_name;
+ }
+
+ /**
+ * The VulnerabilityAssessment note from which this VexAssessment was
+ * generated.
+ * This will be of the form: `projects/[PROJECT_ID]/notes/[NOTE_ID]`.
+ * (-- api-linter: core::0122::name-suffix=disabled
+ * aip.dev/not-precedent: The suffix is kept for consistency. --)
+ *
+ * Generated from protobuf field string note_name = 3;
+ * @param string $var
+ * @return $this
+ */
+ public function setNoteName($var)
+ {
+ GPBUtil::checkString($var, True);
+ $this->note_name = $var;
+
+ return $this;
+ }
+
+ /**
+ * Provides the state of this Vulnerability assessment.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.State state = 4;
+ * @return int
+ */
+ public function getState()
+ {
+ return $this->state;
+ }
+
+ /**
+ * Provides the state of this Vulnerability assessment.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.State state = 4;
+ * @param int $var
+ * @return $this
+ */
+ public function setState($var)
+ {
+ GPBUtil::checkEnum($var, \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\State::class);
+ $this->state = $var;
+
+ return $this;
+ }
+
+ /**
+ * Contains information about the impact of this vulnerability,
+ * this will change with time.
+ *
+ * Generated from protobuf field repeated string impacts = 5;
+ * @return \Google\Protobuf\Internal\RepeatedField
+ */
+ public function getImpacts()
+ {
+ return $this->impacts;
+ }
+
+ /**
+ * Contains information about the impact of this vulnerability,
+ * this will change with time.
+ *
+ * Generated from protobuf field repeated string impacts = 5;
+ * @param array|\Google\Protobuf\Internal\RepeatedField $var
+ * @return $this
+ */
+ public function setImpacts($var)
+ {
+ $arr = GPBUtil::checkRepeatedField($var, \Google\Protobuf\Internal\GPBType::STRING);
+ $this->impacts = $arr;
+
+ return $this;
+ }
+
+ /**
+ * Specifies details on how to handle (and presumably, fix) a vulnerability.
+ *
+ * Generated from protobuf field repeated .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation remediations = 6;
+ * @return \Google\Protobuf\Internal\RepeatedField
+ */
+ public function getRemediations()
+ {
+ return $this->remediations;
+ }
+
+ /**
+ * Specifies details on how to handle (and presumably, fix) a vulnerability.
+ *
+ * Generated from protobuf field repeated .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Remediation remediations = 6;
+ * @param array<\Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Remediation>|\Google\Protobuf\Internal\RepeatedField $var
+ * @return $this
+ */
+ public function setRemediations($var)
+ {
+ $arr = GPBUtil::checkRepeatedField($var, \Google\Protobuf\Internal\GPBType::MESSAGE, \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Remediation::class);
+ $this->remediations = $arr;
+
+ return $this;
+ }
+
+ /**
+ * Justification provides the justification when the state of the
+ * assessment if NOT_AFFECTED.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification justification = 7;
+ * @return \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Justification|null
+ */
+ public function getJustification()
+ {
+ return $this->justification;
+ }
+
+ public function hasJustification()
+ {
+ return isset($this->justification);
+ }
+
+ public function clearJustification()
+ {
+ unset($this->justification);
+ }
+
+ /**
+ * Justification provides the justification when the state of the
+ * assessment if NOT_AFFECTED.
+ *
+ * Generated from protobuf field .grafeas.v1.VulnerabilityAssessmentNote.Assessment.Justification justification = 7;
+ * @param \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Justification $var
+ * @return $this
+ */
+ public function setJustification($var)
+ {
+ GPBUtil::checkMessage($var, \Grafeas\V1\VulnerabilityAssessmentNote\Assessment\Justification::class);
+ $this->justification = $var;
+
+ return $this;
+ }
+
+}
+
+