1 // Copyright 2018 Google Inc.
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
7 // http://www.apache.org/licenses/LICENSE-2.0
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
17 package google.devtools.containeranalysis.v1alpha1;
19 import "google/api/annotations.proto";
20 import "google/devtools/containeranalysis/v1alpha1/package_vulnerability.proto";
22 option go_package = "google.golang.org/genproto/googleapis/devtools/containeranalysis/v1alpha1;containeranalysis";
23 option java_multiple_files = true;
24 option java_package = "com.google.containeranalysis.v1alpha1";
25 option objc_class_prefix = "GCA";
27 // PackageManager provides metadata about available / installed packages.
28 message PackageManager {
29 // This represents a particular channel of distribution for a given package.
30 // e.g. Debian's jessie-backports dpkg mirror
31 message Distribution {
32 // The cpe_uri in [cpe format](https://cpe.mitre.org/specification/)
33 // denoting the package manager version distributing a package.
36 // The CPU architecture for which packages in this distribution
38 Architecture architecture = 2;
40 // The latest available version of this package in
41 // this distribution channel.
42 VulnerabilityType.Version latest_version = 3;
44 // A freeform string denoting the maintainer of this package.
45 string maintainer = 4;
47 // The distribution channel-specific homepage for this package.
50 // The distribution channel-specific description of this package.
51 string description = 7;
54 // An occurrence of a particular package installation found within a
55 // system's filesystem.
56 // e.g. glibc was found in /var/lib/dpkg/status
58 // The cpe_uri in [cpe format](https://cpe.mitre.org/specification/)
59 // denoting the package manager version distributing a package.
62 // The version installed at this location.
63 VulnerabilityType.Version version = 2;
65 // The path from which we gathered that this package/version is installed.
69 // This represents a particular package that is distributed over
71 // e.g. glibc (aka libc6) is distributed by many, at various versions.
73 // The name of the package.
76 // The various channels by which a package is distributed.
77 repeated Distribution distribution = 10;
80 // This represents how a particular software package may be installed on
82 message Installation {
83 // Output only. The name of the installed package.
86 // All of the places within the filesystem versions of this package
88 repeated Location location = 2;
91 // Instruction set architectures supported by various package managers.
93 // Unknown architecture
94 ARCHITECTURE_UNSPECIFIED = 0;