oliverchang/schema.proto Secret

## schema.proto
// Commit reference.
message Commit {
  // The type of the repo.
  string repo_type = 1;
  // The URL of the repo.
  string repo_url = 2;
  // The commit reference. In some cases, this may be a range in the form "A:B"
  // which means the commit range from A (exclusive) to B (inclusive).
  string commit = 3;
}
// Package information and version.
message Package {
  // Name of the package.
  string name = 1;
  // The ecosystem for this package.
  string ecosystem = 2;
}
message Affects {
  // The commit that this vulnerability was introduced in.
  Commit introduced_in = 1;
  // The commit that this vulnerability was fixed in. If the vulnerability is
  // not fixed, this will be unset.
  Commit fixed_in = 2;
  // List of affected versions. This should match tag names in the upstream
  // repository.
  repeated string versions = 3;
  // (Optional) List of impacted APIs/methods.
  repeated string apis = 4;
}
// A vulnerability entry.
message Vulnerability {
  // Vulnerability severity information.
  enum Severity {
    NONE = 0;
    LOW = 1;
    MEDIUM = 2;
    HIGH = 3;
    CRITICAL = 4;
  }
  // Unique identifier for this vulnerability (assigned by OSV).
  string id = 1;
  // Package information.
  Package package = 2;
  // One line summary for the vulnerability.
  string summary = 3;
  // Any additional human readable details for the vulnerability.
  string details = 4;
  // Severity of the vulnerability.
  Severity severity = 5;
  // Commit and version impacts.
  Affects affects = 6;
  // Links to more information/advisories.
  repeated string references = 7;
  // CVEs, if allocated.
  repeated string cves = 8;
  // Additional metadata specific to the package ecosystem. For the JSON REST
  // endpoint, this is any JSON object.
  google.protobuf.Struct additional_metadata = 9;
}
	// Commit reference.
	message Commit {
	// The type of the repo.
	string repo_type = 1;
	// The URL of the repo.
	string repo_url = 2;
	// The commit reference. In some cases, this may be a range in the form "A:B"
	// which means the commit range from A (exclusive) to B (inclusive).
	string commit = 3;
	}
	// Package information and version.
	message Package {
	// Name of the package.
	string name = 1;
	// The ecosystem for this package.
	string ecosystem = 2;
	}
	message Affects {
	// The commit that this vulnerability was introduced in.
	Commit introduced_in = 1;
	// The commit that this vulnerability was fixed in. If the vulnerability is
	// not fixed, this will be unset.
	Commit fixed_in = 2;
	// List of affected versions. This should match tag names in the upstream
	// repository.
	repeated string versions = 3;
	// (Optional) List of impacted APIs/methods.
	repeated string apis = 4;
	}
	// A vulnerability entry.
	message Vulnerability {
	// Vulnerability severity information.
	enum Severity {
	NONE = 0;
	LOW = 1;
	MEDIUM = 2;
	HIGH = 3;
	CRITICAL = 4;
	}
	// Unique identifier for this vulnerability (assigned by OSV).
	string id = 1;
	// Package information.
	Package package = 2;
	// One line summary for the vulnerability.
	string summary = 3;
	// Any additional human readable details for the vulnerability.
	string details = 4;
	// Severity of the vulnerability.
	Severity severity = 5;
	// Commit and version impacts.
	Affects affects = 6;
	// Links to more information/advisories.
	repeated string references = 7;
	// CVEs, if allocated.
	repeated string cves = 8;
	// Additional metadata specific to the package ecosystem. For the JSON REST
	// endpoint, this is any JSON object.
	google.protobuf.Struct additional_metadata = 9;
	}