package scalibr

Mouse Melon logoGet desktop application:
View/edit binary Protocol Buffers messages

message APKPackageMetadata

scan_result.proto:343

The additional data found in APK packages.

Used in: Package

message AdvisoryId

scan_result.proto:292

A unique identifier per advisory.

Used in: GenericFindingAdvisory

message AsdfMetadata

scan_result.proto:641

Used in: Package

message BaseImageChain

scan_result.proto:1039

Used in: ContainerImageMetadata

message BaseImageDetails

scan_result.proto:1046

Used in: BaseImageChain

message CDXPackageMetadata

scan_result.proto:516

The additional data for packages extracted from CDX files.

Used in: Package

message COSPackageMetadata

scan_result.proto:390

The additional data found in COS packages.

Used in: Package

message ChromeExtensionsMetadata

scan_result.proto:596

The additional data found in Chrome extensions.

Used in: Package

message ContainerCommand

scan_result.proto:1018

Used in: Location

message ContainerImageMetadata

scan_result.proto:1022

Used in: Inventory

message ContainerdContainerMetadata

scan_result.proto:561

Used in: Package

message ContainerdRuntimeContainerMetadata

scan_result.proto:577

Used in: Package

message DEPSJSONMetadata

scan_result.proto:421

The additional data found in .NET deps json packages.

Used in: Package

message DPKGPackageMetadata

scan_result.proto:358

The additional data found in DPKG packages. Next ID: 11

Used in: Package

message DockerContainersMetadata

scan_result.proto:634

Used in: Package

message DockerPort

scan_result.proto:654

Used in: DockerContainersMetadata

message EnvironmentVariable

scan_result.proto:1014

Used in: Location

message FileError

scan_result.proto:72

Used in: ScanStatus

message Filepath

scan_result.proto:1005

Used in: Location

message FilepathWithLayerDetails

scan_result.proto:1009

Used in: Location

message FindingExploitabilitySignal

scan_result.proto:215

FindingExploitabilitySignal is used to indicate that a finding is not exploitable.

Used in: GenericFinding

message FlatpakPackageMetadata

scan_result.proto:448

The additional data found in Flatpak packages.

Used in: Package

message GenericFinding

scan_result.proto:264

Describes generic security findings not associated with any specific package, e.g. weak credentials.

Used in: Inventory, ScanResult

message GenericFindingAdvisory

scan_result.proto:280

Describes a security finding and how to remediate it. It should not contain any information specific to the target (e.g. which files were found vulnerable).

Used in: GenericFinding

message GenericFindingTargetDetails

scan_result.proto:307

Instance-specific details about the generic security finding.

Used in: GenericFinding

message HomebrewPackageMetadata

scan_result.proto:593

The additional data found in Homebrew packages.

Used in: Package

(message has no fields)

message Inventory

scan_result.proto:46

The artifacts (e.g. software inventory, security findings) that a scan found.

Used in: ScanResult

message JavaArchiveMetadata

scan_result.proto:522

The additional data found in Java JAR packages.

Used in: Package

message JavaLockfileMetadata

scan_result.proto:529

The additional data found in Java lockfiles.

Used in: Package

message JavascriptPackageJSONMetadata

scan_result.proto:320

The additional data found in npm packages.

Used in: Package

message KernelModuleMetadata

scan_result.proto:461

The additional data found in MODULE packages.

Used in: Package

message LayerDetails

scan_result.proto:177

Details about the layer a package was found in.

Used in: FilepathWithLayerDetails

message LayerMetadata

scan_result.proto:1055

Used in: ContainerImageMetadata

message Location

scan_result.proto:996

Used in: Secret

message MacAppsMetadata

scan_result.proto:489

The additional data found in Mac Applications.

Used in: Package

message MacportsPackageMetadata

scan_result.proto:503

The additional data found in Macports packages.

Used in: Package

message NetportsMetadata

scan_result.proto:555

Used to report open ports on a system.

Used in: Package

message NixPackageMetadata

scan_result.proto:410

The additional data found in Nix packages.

Used in: Package

message NodeVersionMetadata

scan_result.proto:650

Used in: Package

message NvmMetadata

scan_result.proto:646

Used in: Package

message OSVPackageMetadata

scan_result.proto:537

The additional data for packages extracted by an OSV extractor wrapper.

Used in: Package

message PACMANPackageMetadata

scan_result.proto:400

The additional data found in PACMAN packages.

Used in: Package

message Package

scan_result.proto:79

A software package or library found by an extractor. PURL or CPE needs to be set, maybe both.

Used in: Inventory, ScanResult

enum Package.AnnotationEnum

scan_result.proto:149

Used in: Package

message Package.ContainerImageMetadataIndexes

scan_result.proto:159

Used in: Package

message PackageExploitabilitySignal

scan_result.proto:194

PackageExploitabilitySignal is used to indicate that specific vulnerabilities are not applicable to a given package.

Used in: Package

enum PackageSource

scan_result.proto:330

The source of the package.

Used in: JavascriptPackageJSONMetadata

message PluginStatus

scan_result.proto:66

Used in: ScanResult

message PodmanMetadata

scan_result.proto:619

The additional data found in Podman containers.

Used in: Package

message PortagePackageMetadata

scan_result.proto:440

The additional data found in portage packages.

Used in: Package

message Protocol

scan_result.proto:630

Used in: PodmanMetadata

message Purl

scan_result.proto:240

Package URL, see https://github.com/package-url/purl-spec

Used in: CDXPackageMetadata, Package, SPDXPackageMetadata

message PythonPackageMetadata

scan_result.proto:314

The additional data found in python packages.

Used in: Package

message PythonRequirementsMetadata

scan_result.proto:544

Used in: Package

message PythonSetupMetadata

scan_result.proto:550

Used in: Package

message Qualifier

scan_result.proto:257

Used in: Purl

message RPMPackageMetadata

scan_result.proto:372

The additional data found in RPM packages.

Used in: Package

message SNAPPackageMetadata

scan_result.proto:428

The additional data found in SNAP packages.

Used in: Package

message SPDXPackageMetadata

scan_result.proto:510

The additional data for packages extracted from SPDX files.

Used in: Package

message ScanResult

scan_result.proto:31

The results of a scan incl. scan status and artifacts found.

message ScanStatus

scan_result.proto:53

Used in: PluginStatus, ScanResult

enum ScanStatus.ScanStatusEnum

scan_result.proto:58

Used in: ScanStatus

message Secret

scan_result.proto:673

A secret (i.e. credential) found by Veles secret scanning.

Used in: Inventory

message SecretData

scan_result.proto:679

Used in: Secret

message SecretData.AnthropicModelAPIKey

scan_result.proto:755

Used in: SecretData

message SecretData.AnthropicWorkspaceAPIKey

scan_result.proto:750

Used in: SecretData

message SecretData.AzureAccessToken

scan_result.proto:781

Used in: SecretData

message SecretData.AzureIdentityToken

scan_result.proto:801

Used in: SecretData

message SecretData.AzureStorageAccountAccessKey

scan_result.proto:772

Used in: SecretData

message SecretData.CratesIOAPIToken

scan_result.proto:842

Used in: SecretData

message SecretData.DigitalOceanAPIToken

scan_result.proto:838

Used in: SecretData

message SecretData.DockerHubPat

scan_result.proto:809

Used in: SecretData

message SecretData.GCPAPIKey

scan_result.proto:889

Used in: SecretData

message SecretData.GCPOAuth2AccessToken

scan_result.proto:938

Used in: SecretData

message SecretData.GCPOAuth2ClientCredentials

scan_result.proto:929

Used in: SecretData

message SecretData.GCPSAK

scan_result.proto:729

Used in: SecretData

message SecretData.GithubAppRefreshToken

scan_result.proto:846

Used in: SecretData

message SecretData.GithubAppServerToServerToken

scan_result.proto:850

Used in: SecretData

message SecretData.GithubAppUserToServerToken

scan_result.proto:866

Used in: SecretData

message SecretData.GithubClassicPersonalAccessToken

scan_result.proto:854

Used in: SecretData

message SecretData.GithubFineGrainedPersonalAccessToken

scan_result.proto:858

Used in: SecretData

message SecretData.GithubOAuthToken

scan_result.proto:862

Used in: SecretData

message SecretData.GitlabPat

scan_result.proto:814

Used in: SecretData

message SecretData.GrokXAIAPIKey

scan_result.proto:764

Used in: SecretData

message SecretData.GrokXAIManagementAPIKey

scan_result.proto:768

Used in: SecretData

message SecretData.HashiCorpCloudPlatformCredentials

scan_result.proto:899

Used in: SecretData

message SecretData.HashiCorpCloudPlatformToken

scan_result.proto:904

Used in: SecretData

message SecretData.HashiCorpVaultAppRoleCredentials

scan_result.proto:882

Used in: SecretData

message SecretData.HashiCorpVaultToken

scan_result.proto:878

Used in: SecretData

message SecretData.HuggingfaceAPIKey

scan_result.proto:893

Used in: SecretData

message SecretData.MariaDBCredentials

scan_result.proto:793

Used in: SecretData

message SecretData.OnePasswordConnectToken

scan_result.proto:944

Used in: SecretData

message SecretData.OnePasswordRecoveryCode

scan_result.proto:970

Used in: SecretData

message SecretData.OnePasswordSecretKey

scan_result.proto:963

Used in: SecretData

message SecretData.OnePasswordServiceToken

scan_result.proto:966

Used in: SecretData

message SecretData.OpenAIAPIKey

scan_result.proto:805

Used in: SecretData

message SecretData.PerplexityAPIKey

scan_result.proto:760

Used in: SecretData

message SecretData.Pgpass

scan_result.proto:785

Used in: SecretData

message SecretData.PostmanAPIKey

scan_result.proto:830

Used in: SecretData

message SecretData.PostmanCollectionAccessToken

scan_result.proto:834

Used in: SecretData

message SecretData.PrivateKey

scan_result.proto:776

Used in: SecretData

message SecretData.PyPIAPIToken

scan_result.proto:870

Used in: SecretData

message SecretData.SlackAppConfigAccessToken

scan_result.proto:822

Used in: SecretData

message SecretData.SlackAppConfigRefreshToken

scan_result.proto:826

Used in: SecretData

message SecretData.SlackAppLevelToken

scan_result.proto:818

Used in: SecretData

message SecretData.StripeRestrictedKey

scan_result.proto:921

Used in: SecretData

message SecretData.StripeSecretKey

scan_result.proto:917

Used in: SecretData

message SecretData.StripeWebhookSecret

scan_result.proto:925

Used in: SecretData

message SecretData.TinkKeyset

scan_result.proto:874

Used in: SecretData

message SecretStatus

scan_result.proto:975

Used in: Secret

enum SecretStatus.SecretStatusEnum

scan_result.proto:979

Used in: SecretStatus

enum SeverityEnum

scan_result.proto:297

Used in: GenericFindingAdvisory

message SourceCodeIdentifier

scan_result.proto:171

Additional identifiers for source code software packages (e.g. NPM).

Used in: Package

message VSCodeExtensionsMetadata

scan_result.proto:608

The additional data found in VSCode extensions.

Used in: Package

enum VexJustification

scan_result.proto:225

Vuln exclusion reasons - Mirrors the format from the official VEX documentation (https://www.cisa.gov/sites/default/files/publications/VEX_Status_Justification_Jun22.pdf)

Used in: FindingExploitabilitySignal, PackageExploitabilitySignal

message VmlinuzMetadata

scan_result.proto:473

The additional data found in Vmlinuz packages.

Used in: Package

message VulnIdentifiers

scan_result.proto:209

Used in: PackageExploitabilitySignal

message WindowsOSVersion

scan_result.proto:587

Used in: Package

message WingetPackageMetadata

scan_result.proto:662

The additional data found in Windows Package Manager (Winget) packages.

Used in: Package