Notification

Notification¶

Field	Type	Description
`level`	`Level`
`scope`	`Scope`
`group`	`Group`
`title`	`string`
`content`	`string`
`timestamp`	`google.protobuf.Timestamp`
`subject`	`google.protobuf.Any`

Subjects¶

BomConsumedOrProcessedSubject¶

Field	Type	Description
`project`	`Project`
`bom`	`Bom`
`token`	`string`

BomProcessingFailedSubject¶

Field	Type	Description
`project`	`Project`
`bom`	`Bom`
`cause`	`string`
`token`	`string`

BomValidationFailedSubject¶

Field	Type	Description
`project`	`Project`
`bom`	`Bom`
`errors`	`string[]`

ComponentVulnAnalysisCompleteSubject¶

Field	Type	Description
`component`	`Component`
`vulnerabilities`	`Vulnerability[]`

NewVulnerabilitySubject¶

Field	Type	Description
`component`	`Component`
`project`	`Project`
`vulnerability`	`Vulnerability`
`affected_projects_reference`	`BackReference`
`vulnerability_analysis_level`	`string`
`affected_projects`	`Project[]`	List of projects affected by the vulnerability. DEPRECATED: This list only holds one item, and it is identical to the one in the project field. The field is kept for backward compatibility of JSON notifications, but consumers should not expect multiple projects here. Transmitting all affected projects in one notification is not feasible for large portfolios, see https://github.com/DependencyTrack/hyades/issues/467 for details.

NewVulnerableDependencySubject¶

Field	Type	Description
`component`	`Component`
`project`	`Project`
`vulnerabilities`	`Vulnerability[]`

PolicyViolationAnalysisDecisionChangeSubject¶

Field	Type	Description
`component`	`Component`
`project`	`Project`
`policy_violation`	`PolicyViolation`
`analysis`	`PolicyViolationAnalysis`

PolicyViolationSubject¶

Field	Type	Description
`component`	`Component`
`project`	`Project`
`policy_violation`	`PolicyViolation`

ProjectVulnAnalysisCompleteSubject¶

Field	Type	Description
`project`	`Project`
`findings`	`ComponentVulnAnalysisCompleteSubject[]`
`status`	`ProjectVulnAnalysisStatus`
`token`	`string`

UserSubject¶

Field	Type	Description
`username`	`string`
`email`	`string`

VexConsumedOrProcessedSubject¶

Field	Type	Description
`project`	`Project`
`vex`	`bytes`
`format`	`string`
`spec_version`	`string`

VulnerabilityAnalysisDecisionChangeSubject¶

Field	Type	Description
`component`	`Component`
`project`	`Project`
`vulnerability`	`Vulnerability`
`analysis`	`VulnerabilityAnalysis`

Messages¶

BackReference¶

Field	Type	Description
`api_uri`	`string`	URI to the API endpoint from which additional information can be fetched.
`frontend_uri`	`string`	URI to the frontend where additional information can be seen.

Bom¶

Field	Type	Description
`content`	`string`
`format`	`string`
`spec_version`	`string`

Component¶

Field	Type	Description
`uuid`	`string`
`group`	`string`
`name`	`string`
`version`	`string`
`purl`	`string`
`md5`	`string`
`sha1`	`string`
`sha256`	`string`
`sha512`	`string`

Policy¶

Field	Type	Description
`uuid`	`string`
`name`	`string`
`violation_state`	`string`

PolicyCondition¶

Field	Type	Description
`uuid`	`string`
`subject`	`string`
`operator`	`string`
`value`	`string`
`policy`	`Policy`

PolicyViolation¶

Field	Type	Description
`uuid`	`string`
`type`	`string`
`timestamp`	`google.protobuf.Timestamp`
`condition`	`PolicyCondition`

PolicyViolationAnalysis¶

Field	Type	Description
`component`	`Component`
`project`	`Project`
`policy_violation`	`PolicyViolation`
`state`	`string`
`suppressed`	`bool`

Project¶

Field	Type	Description
`uuid`	`string`
`name`	`string`
`version`	`string`
`description`	`string`
`purl`	`string`
`tags`	`string[]`

Vulnerability¶

Field	Type	Description
`uuid`	`string`
`vuln_id`	`string`
`source`	`string`
`aliases`	`Vulnerability.Alias[]`
`title`	`string`
`sub_title`	`string`
`description`	`string`
`recommendation`	`string`
`cvss_v2`	`double`
`cvss_v3`	`double`
`owasp_rr_likelihood`	`double`
`owasp_rr_technical_impact`	`double`
`owasp_rr_business_impact`	`double`
`severity`	`string`
`cwes`	`Vulnerability.Cwe[]`
`cvss_v2_vector`	`string`
`cvss_v3_vector`	`string`
`owasp_rr_vector`	`string`

Vulnerability.Alias¶

Field	Type	Description
`id`	`string`
`source`	`string`

Vulnerability.Cwe¶

Field	Type	Description
`cwe_id`	`int32`
`name`	`string`

VulnerabilityAnalysis¶

Field	Type	Description
`component`	`Component`
`project`	`Project`
`vulnerability`	`Vulnerability`
`state`	`string`
`suppressed`	`bool`

Enums¶

Group¶

Name	Description
`GROUP_UNSPECIFIED`
`GROUP_CONFIGURATION`
`GROUP_DATASOURCE_MIRRORING`
`GROUP_REPOSITORY`
`GROUP_INTEGRATION`
`GROUP_FILE_SYSTEM`
`GROUP_ANALYZER`
`GROUP_NEW_VULNERABILITY`
`GROUP_NEW_VULNERABLE_DEPENDENCY`
`GROUP_PROJECT_AUDIT_CHANGE`
`GROUP_BOM_CONSUMED`
`GROUP_BOM_PROCESSED`
`GROUP_VEX_CONSUMED`
`GROUP_VEX_PROCESSED`
`GROUP_POLICY_VIOLATION`
`GROUP_PROJECT_CREATED`
`GROUP_BOM_PROCESSING_FAILED`
`GROUP_PROJECT_VULN_ANALYSIS_COMPLETE`
`GROUP_USER_CREATED`
`GROUP_USER_DELETED`
`GROUP_BOM_VALIDATION_FAILED`

Level¶

Name	Description
`LEVEL_UNSPECIFIED`
`LEVEL_INFORMATIONAL`
`LEVEL_WARNING`
`LEVEL_ERROR`

ProjectVulnAnalysisStatus¶

Name	Description
`PROJECT_VULN_ANALYSIS_STATUS_UNSPECIFIED`
`PROJECT_VULN_ANALYSIS_STATUS_FAILED`
`PROJECT_VULN_ANALYSIS_STATUS_COMPLETED`

Scope¶

Name	Description
`SCOPE_UNSPECIFIED`
`SCOPE_PORTFOLIO`
`SCOPE_SYSTEM`