New creates a new Service.

NewService creates a new Service.

See, edit, configure, and delete your Google Cloud data and see the email address for your Google Account.

AliasContext: An alias to a repo revision.

AnalysisCompleted: Indicates which analysis completed successfully.

Artifact: Artifact describes a build product.

ArtifactHashes: Defines a hash object for use in Materials and Products.

ArtifactRule: Defines an object to declare an in-toto artifact rule.

Assessment: Assessment provides all information that is related to a single vulnerability for this product.

Attestation: Occurrence that represents a single "attestation".

Authority: Note kind that represents a logical attestation "role" or "authority".

Basis: Basis describes the base image portion (Note) of the DockerImage relationship.

BatchCreateNotesRequest: Request to create notes in batch.

BatchCreateNotesResponse: Response for creating notes in batch.

BatchCreateOccurrencesRequest: Request to create occurrences in batch.

BatchCreateOccurrencesResponse: Response for creating occurrences in batch.

Binding: Associates `members`, or principals, with a `role`.

Build: Note holding the version of the provider's builder and the signature of the provenance message in the build details occurrence.

BuildProvenance: Provenance of a build.

BuildSignature: Message encapsulating the signature of the verified build.

BuildStep: A step in the build pipeline.

ByProducts: Defines an object for the byproducts field in in-toto links.

CloudRepoSourceContext: A CloudRepoSourceContext denotes a particular revision in a Google Cloud Source Repo.

Command: Command describes a step performed as part of the build pipeline.

ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalConfig: ApprovalConfig describes configuration for manual approval of a build.

ContaineranalysisGoogleDevtoolsCloudbuildV1ApprovalResult: ApprovalResult describes the decision and associated metadata of a manual approval of a build.

ContaineranalysisGoogleDevtoolsCloudbuildV1Artifacts: Artifacts produced by a build that should be uploaded upon successful completion of all build steps.

ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsArtifactObjects: Files in the workspace to upload to Cloud Storage upon successful completion of all build steps.

ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsGoModule: Go module to upload to Artifact Registry upon successful completion of all build steps.

ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsMavenArtifact: A Maven artifact to upload to Artifact Registry upon successful completion of all build steps.

ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsNpmPackage: Npm package to upload to Artifact Registry upon successful completion of all build steps.

ContaineranalysisGoogleDevtoolsCloudbuildV1ArtifactsPythonPackage: Python package to upload to Artifact Registry upon successful completion of all build steps.

ContaineranalysisGoogleDevtoolsCloudbuildV1Build: A build resource in the Cloud Build API.

ContaineranalysisGoogleDevtoolsCloudbuildV1BuildApproval: BuildApproval describes a build's approval configuration, state, and result.

ContaineranalysisGoogleDevtoolsCloudbuildV1BuildFailureInfo: A fatal problem encountered during the execution of the build.

ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptions: Optional arguments to enable specific features of builds.

ContaineranalysisGoogleDevtoolsCloudbuildV1BuildOptionsPoolOption: Details about how a build should be executed on a `WorkerPool`.

ContaineranalysisGoogleDevtoolsCloudbuildV1BuildStep: A step in the build pipeline.

ContaineranalysisGoogleDevtoolsCloudbuildV1BuildWarning: A non-fatal problem encountered during the execution of the build.

ContaineranalysisGoogleDevtoolsCloudbuildV1BuiltImage: An image built by the pipeline.

ContaineranalysisGoogleDevtoolsCloudbuildV1ConnectedRepository: Location of the source in a 2nd-gen Google Cloud Build repository resource.

ContaineranalysisGoogleDevtoolsCloudbuildV1Dependency: A dependency that the Cloud Build worker will fetch before executing user steps.

ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceDependency: Represents a git repository as a build dependency.

ContaineranalysisGoogleDevtoolsCloudbuildV1DependencyGitSourceRepository: A repository for a git source.

ContaineranalysisGoogleDevtoolsCloudbuildV1DeveloperConnectConfig: This config defines the location of a source through Developer Connect.

ContaineranalysisGoogleDevtoolsCloudbuildV1FileHashes: Container message for hashes of byte content of files, used in SourceProvenance messages to verify integrity of source input to the build.

ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfig: GitConfig is a configuration for git operations.

ContaineranalysisGoogleDevtoolsCloudbuildV1GitConfigHttpConfig: HttpConfig is a configuration for HTTP related git operations.

ContaineranalysisGoogleDevtoolsCloudbuildV1GitSource: Location of the source in any accessible Git repository.

ContaineranalysisGoogleDevtoolsCloudbuildV1Hash: Container message for hash values.

ContaineranalysisGoogleDevtoolsCloudbuildV1InlineSecret: Pairs a set of secret environment variables mapped to encrypted values with the Cloud KMS key to use to decrypt the value.

ContaineranalysisGoogleDevtoolsCloudbuildV1RepoSource: Location of the source in a Google Cloud Source Repository.

ContaineranalysisGoogleDevtoolsCloudbuildV1Results: Artifacts created by the build pipeline.

ContaineranalysisGoogleDevtoolsCloudbuildV1Secret: Pairs a set of secret environment variables containing encrypted values with the Cloud KMS key to use to decrypt the value.

ContaineranalysisGoogleDevtoolsCloudbuildV1SecretManagerSecret: Pairs a secret environment variable with a SecretVersion in Secret Manager.

ContaineranalysisGoogleDevtoolsCloudbuildV1Secrets: Secrets and secret environment variables.

ContaineranalysisGoogleDevtoolsCloudbuildV1Source: Location of the source in a supported storage service.

ContaineranalysisGoogleDevtoolsCloudbuildV1SourceProvenance: Provenance of the source.

ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSource: Location of the source in an archive file in Cloud Storage.

ContaineranalysisGoogleDevtoolsCloudbuildV1StorageSourceManifest: Location of the source manifest in Cloud Storage.

ContaineranalysisGoogleDevtoolsCloudbuildV1TimeSpan: Start and end times for a build execution phase.

ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedGoModule: A Go module artifact uploaded to Artifact Registry using the GoModule directive.

ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedMavenArtifact: A Maven artifact uploaded using the MavenArtifact directive.

ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedNpmPackage: An npm package uploaded to Artifact Registry using the NpmPackage directive.

ContaineranalysisGoogleDevtoolsCloudbuildV1UploadedPythonPackage: Artifact uploaded using the PythonPackage directive.

ContaineranalysisGoogleDevtoolsCloudbuildV1Volume: Volume describes a Docker container volume which is mounted into build steps in order to persist files across build step execution.

CVSS: Common Vulnerability Scoring System.

CVSSv3: Deprecated.

Deployable: An artifact that can be deployed in some runtime.

Deployment: The period during which some deployable was active in a runtime.

Derived: Derived describes the derived image portion (Occurrence) of the DockerImage relationship.

Detail: Identifies all appearances of this vulnerability in the package for a specific distro/location.

Details: Details of an attestation occurrence.

Digest: Digest information.

Discovered: Provides information about the analysis status of a discovered resource.

Discovery: A note that indicates a type of analysis a provider would perform.

Distribution: This represents a particular channel of distribution for a given package.

DocumentNote: DocumentNote represents an SPDX Document Creation Information section: https://spdx.github.io/spdx-spec/2-document-creation-information/.

DocumentOccurrence: DocumentOccurrence represents an SPDX Document Creation Information section: https://spdx.github.io/spdx-spec/2-document-creation-information/.

Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs.

Envelope: MUST match https://github.com/secure-systems-lab/dsse/blob/master/envelope.proto.

Environment: Defines an object for the environment field in in-toto links.

ExportSBOMRequest: The request to a call of ExportSBOM.

ExportSBOMResponse: The response from a call to ExportSBOM.

Expr: Represents a textual expression in the Common Expression Language (CEL) syntax.

ExternalRef: An External Reference allows a Package to reference an external source of additional information, metadata, enumerations, asset identifiers, or downloadable content believed to be relevant to the Package.

FileHashes: Container message for hashes of byte content of files, used in source messages to verify integrity of source input to the build.

FileNote: FileNote represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/.

FileOccurrence: FileOccurrence represents an SPDX File Information section: https://spdx.github.io/spdx-spec/4-file-information/.

Fingerprint: A set of properties that uniquely identify a given Docker image.

FixableTotalByDigest: Per resource and severity counts of fixable and total vulnerabilities.

GeneratePackagesSummaryRequest: GeneratePackagesSummaryRequest is the request body for the GeneratePackagesSummary API method.

GenericSignedAttestation: An attestation wrapper that uses the Grafeas `Signature` message.

GerritSourceContext: A SourceContext referring to a Gerrit project.

GetIamPolicyRequest: Request message for `GetIamPolicy` method.

GetPolicyOptions: Encapsulates settings provided to GetIamPolicy.

GitSourceContext: A GitSourceContext denotes a particular revision in a third party Git repository (e.g., GitHub).

GoogleDevtoolsContaineranalysisV1alpha1OperationMetadata: Metadata for all operations used and required for all operations that created by Container Analysis Providers.

GrafeasV1beta1BuildDetails: Details of a build occurrence.

GrafeasV1beta1DeploymentDetails: Details of a deployment occurrence.

GrafeasV1beta1DiscoveryDetails: Details of a discovery occurrence.

GrafeasV1beta1ImageDetails: Details of an image occurrence.

GrafeasV1beta1IntotoDetails: This corresponds to a signed in-toto link - it is made up of one or more signatures and the in-toto link itself.

GrafeasV1beta1IntotoSignature: A signature object consists of the KeyID used and the signature itself.

GrafeasV1beta1PackageDetails: Details of a package occurrence.

GrafeasV1beta1VulnerabilityDetails: Details of a vulnerability Occurrence.

Hash: Container message for hash values.

Hint: This submessage provides human-readable hints about the purpose of the authority.

Installation: This represents how a particular software package may be installed on a system.

InToto: This contains the fields corresponding to the definition of a software supply chain step in an in-toto layout.

Justification: Justification provides the justification when the state of the assessment if NOT_AFFECTED.

Layer: Layer holds metadata specific to a layer of a Docker image.

License: License information.

LicensesSummary: Per license count.

Link: This corresponds to an in-toto link.

ListNoteOccurrencesResponse: Response for listing occurrences for a note.

ListNotesResponse: Response for listing notes.

ListOccurrencesResponse: Response for listing occurrences.

Location: An occurrence of a particular package installation found within a system's filesystem.

Note: A type of analysis that can be done for a resource.

Occurrence: An instance of an analysis type that has been found on a resource.

Package: Package represents a particular package version.

PackageInfoNote: PackageInfoNote represents an SPDX Package Information section: https://spdx.github.io/spdx-spec/3-package-information/.

PackageInfoOccurrence: PackageInfoOccurrence represents an SPDX Package Information section: https://spdx.github.io/spdx-spec/3-package-information/.

PackageIssue: This message wraps a location affected by a vulnerability and its associated fix (if one is available).

PackagesSummaryResponse: A summary of the packages found within the given resource.

PgpSignedAttestation: An attestation wrapper with a PGP-compatible signature.

Policy: An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources.

Product: Product contains information about a product and how to uniquely identify it.

ProjectRepoId: Selects a repo using a Google Cloud Platform project ID (e.g., winged-cargo-31) and a repo name within that project.

Publisher: Publisher contains information about the publisher of this Note.

RelatedUrl: Metadata for any related URL information.

RelationshipNote: RelationshipNote represents an SPDX Relationship section: https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/.

RelationshipOccurrence: RelationshipOccurrence represents an SPDX Relationship section: https://spdx.github.io/spdx-spec/7-relationships-between-SPDX-elements/.

Remediation: Specifies details on how to handle (and presumably, fix) a vulnerability.

RepoId: A unique identifier for a Cloud Repo.

Resource: An entity that can have metadata.

SbomReferenceIntotoPayload: The actual payload that contains the SBOM Reference data.

SbomReferenceIntotoPredicate: A predicate which describes the SBOM being referenced.

SBOMReferenceNote: The note representing an SBOM reference.

SBOMReferenceOccurrence: The occurrence representing an SBOM reference as applied to a specific resource.

SBOMStatus: The status of an SBOM generation.

SetIamPolicyRequest: Request message for `SetIamPolicy` method.

Signature: Verifiers (e.g.

SigningKey: This defines the format used to record keys used in the software supply chain.

SlsaProvenanceV1: Keep in sync with schema at https://github.com/slsa-framework/slsa/blob/main/docs/provenance/schema/v1/provenance.proto Builder renamed to ProvenanceBuilder because of Java conflicts.

Source: Source describes the location of the source used for the build.

SourceContext: A SourceContext is a reference to a tree of files.

Status: The `Status` type defines a logical error model that is suitable for different programming environments, including REST APIs and RPC APIs.

Subject: Set of software artifacts that the attestation applies to.

TestIamPermissionsRequest: Request message for `TestIamPermissions` method.

TestIamPermissionsResponse: Response message for `TestIamPermissions` method.

TimeSpan: Start and end times for a build execution phase.

Version: Version contains structured information about the version of a package.

VexAssessment: VexAssessment provides all publisher provided Vex information that is related to this vulnerability.

Volume: Volume describes a Docker container volume which is mounted into build steps in order to persist files across build step execution.

Vulnerability: Vulnerability provides metadata about a security vulnerability in a Note.

VulnerabilityAssessmentNote: A single VulnerabilityAssessmentNote represents one particular product's vulnerability assessment for one CVE.

VulnerabilityLocation: The location of the vulnerability.

VulnerabilityOccurrencesSummary: A summary of how many vulnerability occurrences there are per resource and severity type.