Package-level declarations

The alias kind.

Provides the state of this Vulnerability assessment.

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.

Base Metrics Represents the intrinsic characteristics of a vulnerability that are constant over time and across user environments.

Platform hosting this deployment.

Required. Immutable. The kind of analysis that is handled by this discovery.

The status of discovery for the resource.

Whether the resource is continuously analyzed.

The CPU architecture for which packages in this distribution channel were built.

The justification type for this vulnerability.

The CPU architecture for which packages in this distribution channel were built. Architecture will be blank for language packages.

The type of remediation that can be applied.

Required. Distinguishes between sentinel MIN/MAX versions and normal versions.

Provides the state of this Vulnerability assessment.

CVSS version used to populate cvss_score and severity.

The note provider assigned severity of this vulnerability.

The distro assigned severity for this vulnerability when it is available, otherwise this is the note provider assigned severity. When there are multiple PackageIssues for this vulnerability, they can have different effective severities because some might be provided by the distro while others are provided by the language ecosystem for a language pack. For this reason, it is advised to use the effective severity on the PackageIssue level. In the case where multiple PackageIssues have differing effective severities, this field should be the highest severity for any of the PackageIssues.