Notification
Notification
Field | Type | Description |
---|---|---|
level |
Level |
|
scope |
Scope |
|
group |
Group |
|
title |
string |
|
content |
string |
|
timestamp |
google.protobuf.Timestamp |
|
subject |
google.protobuf.Any |
Subjects
BomConsumedOrProcessedSubject
Field | Type | Description |
---|---|---|
project |
Project |
|
bom |
Bom |
|
token |
string |
BomProcessingFailedSubject
Field | Type | Description |
---|---|---|
project |
Project |
|
bom |
Bom |
|
cause |
string |
|
token |
string |
BomValidationFailedSubject
Field | Type | Description |
---|---|---|
project |
Project |
|
bom |
Bom |
|
errors |
string[] |
ComponentVulnAnalysisCompleteSubject
Field | Type | Description |
---|---|---|
component |
Component |
|
vulnerabilities |
Vulnerability[] |
NewVulnerabilitySubject
Field | Type | Description |
---|---|---|
component |
Component |
|
project |
Project |
|
vulnerability |
Vulnerability |
|
affected_projects_reference |
BackReference |
|
vulnerability_analysis_level |
string |
|
affected_projects |
Project[] |
List of projects affected by the vulnerability. DEPRECATED: This list only holds one item, and it is identical to the one in the project field. The field is kept for backward compatibility of JSON notifications, but consumers should not expect multiple projects here. Transmitting all affected projects in one notification is not feasible for large portfolios, see https://github.com/DependencyTrack/hyades/issues/467 for details. |
NewVulnerableDependencySubject
Field | Type | Description |
---|---|---|
component |
Component |
|
project |
Project |
|
vulnerabilities |
Vulnerability[] |
PolicyViolationAnalysisDecisionChangeSubject
Field | Type | Description |
---|---|---|
component |
Component |
|
project |
Project |
|
policy_violation |
PolicyViolation |
|
analysis |
PolicyViolationAnalysis |
PolicyViolationSubject
Field | Type | Description |
---|---|---|
component |
Component |
|
project |
Project |
|
policy_violation |
PolicyViolation |
ProjectVulnAnalysisCompleteSubject
Field | Type | Description |
---|---|---|
project |
Project |
|
findings |
ComponentVulnAnalysisCompleteSubject[] |
|
status |
ProjectVulnAnalysisStatus |
|
token |
string |
UserSubject
Field | Type | Description |
---|---|---|
username |
string |
|
email |
string |
VexConsumedOrProcessedSubject
Field | Type | Description |
---|---|---|
project |
Project |
|
vex |
bytes |
|
format |
string |
|
spec_version |
string |
VulnerabilityAnalysisDecisionChangeSubject
Field | Type | Description |
---|---|---|
component |
Component |
|
project |
Project |
|
vulnerability |
Vulnerability |
|
analysis |
VulnerabilityAnalysis |
Messages
BackReference
Field | Type | Description |
---|---|---|
api_uri |
string |
URI to the API endpoint from which additional information can be fetched. |
frontend_uri |
string |
URI to the frontend where additional information can be seen. |
Bom
Field | Type | Description |
---|---|---|
content |
string |
|
format |
string |
|
spec_version |
string |
Component
Field | Type | Description |
---|---|---|
uuid |
string |
|
group |
string |
|
name |
string |
|
version |
string |
|
purl |
string |
|
md5 |
string |
|
sha1 |
string |
|
sha256 |
string |
|
sha512 |
string |
Policy
Field | Type | Description |
---|---|---|
uuid |
string |
|
name |
string |
|
violation_state |
string |
PolicyCondition
Field | Type | Description |
---|---|---|
uuid |
string |
|
subject |
string |
|
operator |
string |
|
value |
string |
|
policy |
Policy |
PolicyViolation
Field | Type | Description |
---|---|---|
uuid |
string |
|
type |
string |
|
timestamp |
google.protobuf.Timestamp |
|
condition |
PolicyCondition |
PolicyViolationAnalysis
Field | Type | Description |
---|---|---|
component |
Component |
|
project |
Project |
|
policy_violation |
PolicyViolation |
|
state |
string |
|
suppressed |
bool |
Project
Field | Type | Description |
---|---|---|
uuid |
string |
|
name |
string |
|
version |
string |
|
description |
string |
|
purl |
string |
|
tags |
string[] |
Vulnerability
Field | Type | Description |
---|---|---|
uuid |
string |
|
vuln_id |
string |
|
source |
string |
|
aliases |
Vulnerability.Alias[] |
|
title |
string |
|
sub_title |
string |
|
description |
string |
|
recommendation |
string |
|
cvss_v2 |
double |
|
cvss_v3 |
double |
|
owasp_rr_likelihood |
double |
|
owasp_rr_technical_impact |
double |
|
owasp_rr_business_impact |
double |
|
severity |
string |
|
cwes |
Vulnerability.Cwe[] |
|
cvss_v2_vector |
string |
|
cvss_v3_vector |
string |
|
owasp_rr_vector |
string |
Vulnerability.Alias
Field | Type | Description |
---|---|---|
id |
string |
|
source |
string |
Vulnerability.Cwe
Field | Type | Description |
---|---|---|
cwe_id |
int32 |
|
name |
string |
VulnerabilityAnalysis
Field | Type | Description |
---|---|---|
component |
Component |
|
project |
Project |
|
vulnerability |
Vulnerability |
|
state |
string |
|
suppressed |
bool |
Enums
Group
Name | Description |
---|---|
GROUP_UNSPECIFIED |
|
GROUP_CONFIGURATION |
|
GROUP_DATASOURCE_MIRRORING |
|
GROUP_REPOSITORY |
|
GROUP_INTEGRATION |
|
GROUP_FILE_SYSTEM |
|
GROUP_ANALYZER |
|
GROUP_NEW_VULNERABILITY |
|
GROUP_NEW_VULNERABLE_DEPENDENCY |
|
GROUP_PROJECT_AUDIT_CHANGE |
|
GROUP_BOM_CONSUMED |
|
GROUP_BOM_PROCESSED |
|
GROUP_VEX_CONSUMED |
|
GROUP_VEX_PROCESSED |
|
GROUP_POLICY_VIOLATION |
|
GROUP_PROJECT_CREATED |
|
GROUP_BOM_PROCESSING_FAILED |
|
GROUP_PROJECT_VULN_ANALYSIS_COMPLETE |
|
GROUP_USER_CREATED |
|
GROUP_USER_DELETED |
|
GROUP_BOM_VALIDATION_FAILED |
Level
Name | Description |
---|---|
LEVEL_UNSPECIFIED |
|
LEVEL_INFORMATIONAL |
|
LEVEL_WARNING |
|
LEVEL_ERROR |
ProjectVulnAnalysisStatus
Name | Description |
---|---|
PROJECT_VULN_ANALYSIS_STATUS_UNSPECIFIED |
|
PROJECT_VULN_ANALYSIS_STATUS_FAILED |
|
PROJECT_VULN_ANALYSIS_STATUS_COMPLETED |
Scope
Name | Description |
---|---|
SCOPE_UNSPECIFIED |
|
SCOPE_PORTFOLIO |
|
SCOPE_SYSTEM |