peridot/apollo/proto/v1/affected_product.proto

42 lines
1.2 KiB
Protocol Buffer

syntax = "proto3";
package resf.apollo.v1;
import "google/protobuf/wrappers.proto";
option go_package = "peridot.resf.org/apollo/pb;apollopb";
message AffectedProduct {
int64 product_id = 1;
google.protobuf.StringValue cve_id = 2;
string version = 3;
enum State {
STATE_UNKNOWN = 0;
// CVE only affects downstream
STATE_UNDER_INVESTIGATION_DOWNSTREAM = 1;
// CVE affecting upstream and a fix still hasn't been issued
STATE_UNDER_INVESTIGATION_UPSTREAM = 2;
// CVE has been fixed upstream
STATE_FIXED_UPSTREAM = 3;
// CVE has been fixed downstream
// At this stage the CVE can be included in errata
STATE_FIXED_DOWNSTREAM = 4;
// CVE will NOT be fixed upstream
STATE_WILL_NOT_FIX_UPSTREAM = 5;
// CVE will NOT be fixed downstream
// This will probably never happen with Core, but may happen for SIGs
STATE_WILL_NOT_FIX_DOWNSTREAM = 6;
// CVE is out of support scope
STATE_OUT_OF_SUPPORT_SCOPE = 7;
// CVE affects product and upstream is working on a fix
STATE_AFFECTED_UPSTREAM = 8;
// CVE affects product and a fix is being worked out
STATE_AFFECTED_DOWNSTREAM = 9;
}
State state = 4;
string package = 5;
google.protobuf.StringValue advisory = 6;
}