Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(&foo)) { ... }
POST /v1/cve/requests/{id}/approve
ApproveVulnRequest approve a vulnerability request. If it is an unwatch vulnerability request then the associated vulnerabilities are not watched in workflows such as policy detection, risk, etc.
POST /v1/cve/requests/defer
DeferVulnerability starts the deferral process for the specified vulnerability.
POST /v1/cve/requests/false-positive
FalsePositiveVulnerability starts the process to mark the specified vulnerability as false-positive.
POST /v1/cve/requests/{id}/update
UpdateVulnerabilityRequest updates an existing vulnerability request. Currently only deferral expiration time can be updated.
Any
contains an arbitrary serialized protocol buffer message along with a
URL that describes the type of the serialized message.
Protobuf library provides support to pack/unpack Any values in the form of utility functions or additional generated methods of the Any type.
example 1: Pack and unpack a message in C++.
Foo foo = ...; Any any; any.PackFrom(foo); ... if (any.UnpackTo(&foo)) { ... }
example 2: Pack and unpack a message in Java.
Foo foo = ...; Any any = Any.pack(foo); ... if (any.is(Foo.class)) { foo = any.unpack(Foo.class); } // or ... if (any.isSameTypeAs(Foo.getDefaultInstance())) { foo = any.unpack(Foo.getDefaultInstance()); }
example 3: Pack and unpack a message in Python.
foo = Foo(...) any = Any() any.Pack(foo) ... if any.Is(Foo.DeSCRIPTOR): any.Unpack(foo) ...
example 4: Pack and unpack a message in Go
foo := &pb.Foo{...} any, err := anypb.New(foo) if err != nil { ... } ... foo := &pb.Foo{} if err := any.UnmarshalTo(foo); err != nil { ... }
The pack methods provided by protobuf library will by default use 'type.googleapis.com/full.type.name' as the type URL and the unpack methods only use the fully qualified type name after the last '/' in the type URL, for example "foo.bar.com/x/y.z" will yield type name "y.z".
The JSON representation of an Any
value uses the regular
representation of the deserialized, embedded message, with an
additional field @type
which contains the type URL. example:
package google.profile; message Person { string first_name = 1; string last_name = 2; }
{ "@type": "type.googleapis.com/google.profile.Person", "firstName": <string>, "lastName": <string> }
If the embedded message type is well-known and has a custom JSON
representation, that representation will be embedded adding a field
value
which holds the custom JSON in addition to the @type
field. example (for message [google.protobuf.Duration][]):
{ "@type": "type.googleapis.com/google.protobuf.Duration", "value": "1.212s" }
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
typeUrl |
String |
A URL/resource name that uniquely identifies the type of the serialized protocol buffer message. This string must contain at least one \"/\" character. The last segment of the URL’s path must represent the fully qualified name of the type (as in |
|||
value |
byte[] |
Must be a valid serialized protocol buffer of the above specified type. |
byte |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
error |
String |
||||
code |
Integer |
int32 |
|||
message |
String |
||||
details |
List of ProtobufAny |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
CVes |
List of |
||||
expiry |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
id |
String |
||||
message |
String |
||||
user |
|||||
createdAt |
Date |
date-time |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
expiresWhenFixed |
Boolean |
Indicates that this request expires when the associated vulnerability is fixed. |
|||
expiresOn |
Date |
Indicates the timestamp when this request expires. |
date-time |
||
expiryType |
TIMe, ALL_CVe_FIXABLe, ANY_CVe_FIXABLe, |
Indicates the status of a request. Requests canceled by the user before they are acted upon by the approver are not tracked/persisted (with the exception of audit logs if it is turned on).
PeNDING: Default request state. It indicates that the request has not been fulfilled and that an action (approve/deny) is required.
APPROVeD: Indicates that the request has been approved by the approver.
DeNIeD: Indicates that the request has been denied by the approver.
APPROVeD_PeNDING_UPDATe: Indicates that the original request was approved, but an update is still pending an approval or denial.
enum Values |
---|
PeNDING |
APPROVeD |
DeNIeD |
APPROVeD_PeNDING_UPDATe |
Next available tag: 30 VulnerabilityRequest encapsulates a request such as deferral request and false-positive request.
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
id |
String |
||||
name |
String |
||||
targetState |
OBSeRVeD, DeFeRReD, FALSe_POSITIVe, |
||||
status |
PeNDING, APPROVeD, DeNIeD, APPROVeD_PeNDING_UPDATe, |
||||
expired |
Boolean |
Indicates if this request is a historical request that is no longer in effect due to deferral expiry, cancellation, or restarting cve observation. |
|||
requestor |
|||||
approvers |
List of StorageSlimUser |
||||
createdAt |
Date |
date-time |
|||
lastUpdated |
Date |
date-time |
|||
comments |
List of StorageRequestComment |
||||
scope |
|||||
requesterV2 |
|||||
approversV2 |
List of StorageApprover |
||||
deferralReq |
|||||
fpRequest |
Object |
||||
cves |
|||||
updatedDeferralReq |
|||||
deferralUpdate |
|||||
falsePositiveUpdate |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
imageScope |
|||||
globalScope |
Object |
VulnerabilityState indicates if vulnerability is being observed or deferred(/suppressed). By default, it vulnerabilities are observed.
enum Values |
---|
OBSeRVeD |
DeFeRReD |
FALSe_POSITIVe |
next available tag: 6
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
cve |
String |
This field indicates the CVes requested to be deferred. |
|||
comment |
String |
||||
scope |
|||||
expiresWhenFixed |
Boolean |
||||
expiresOn |
Date |
date-time |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
cve |
String |
This field indicates the CVe requested to be marked as false-positive. |
|||
scope |
|||||
comment |
String |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
requestInfos |
List of StorageVulnerabilityRequest |
Field Name | Required | Nullable | Type | Description | Format |
---|---|---|---|---|---|
id |
String |
||||
comment |
String |
||||
expiry |