diff --git a/go.mod b/go.mod index c7daf74f5b6..2163dfdfde2 100644 --- a/go.mod +++ b/go.mod @@ -184,7 +184,7 @@ require ( github.com/sigstore/sigstore v1.7.1 github.com/spdx/tools-golang v0.5.2 github.com/spf13/viper v1.16.0 - github.com/vektah/gqlparser/v2 v2.5.4 + github.com/vektah/gqlparser/v2 v2.5.6 golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 gopkg.in/yaml.v3 v3.0.1 ) diff --git a/go.sum b/go.sum index c918837b2d4..5df2bc29497 100644 --- a/go.sum +++ b/go.sum @@ -2314,8 +2314,8 @@ github.com/urfave/cli/v2 v2.25.5 h1:d0NIAyhh5shGscroL7ek/Ya9QYQE0KNabJgiUinIQkc= github.com/urfave/cli/v2 v2.25.5/go.mod h1:GHupkWPMM0M/sj1a2b4wUrWBPzazNrIjouW6fmdJLxc= github.com/vbatts/tar-split v0.11.3 h1:hLFqsOLQ1SsppQNTMpkpPXClLDfC2A3Zgy9OUU+RVck= github.com/vbatts/tar-split v0.11.3/go.mod h1:9QlHN18E+fEH7RdG+QAJJcuya3rqT7eXSTY7wGrAokY= -github.com/vektah/gqlparser/v2 v2.5.4 h1:TKZYLje269xipIHcoHPR0eRE40ONGjEXrbiN2SvurgY= -github.com/vektah/gqlparser/v2 v2.5.4/go.mod h1:z8xXUff237NntSuH8mLFijZ+1tjV1swDbpDqjJmk6ME= +github.com/vektah/gqlparser/v2 v2.5.6 h1:Ou14T0N1s191eRMZ1gARVqohcbe1e8FrcONScsq8cRU= +github.com/vektah/gqlparser/v2 v2.5.6/go.mod h1:z8xXUff237NntSuH8mLFijZ+1tjV1swDbpDqjJmk6ME= github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= diff --git a/pkg/assembler/clients/generated/operations.go b/pkg/assembler/clients/generated/operations.go index 59ef0d533f8..f260648e6f0 100644 --- a/pkg/assembler/clients/generated/operations.go +++ b/pkg/assembler/clients/generated/operations.go @@ -21980,6 +21980,7 @@ func (v *allSLSATreeSubjectArtifact) __premarshalJSON() (*__premarshalallSLSATre // The query or mutation executed by Artifacts. const Artifacts_Operation = ` +# Exposes GraphQL queries to retrieve GUAC sources query Artifacts ($filter: ArtifactSpec) { artifacts(artifactSpec: $filter) { ... AllArtifactTree @@ -22020,6 +22021,7 @@ func Artifacts( // The query or mutation executed by CVEs. const CVEs_Operation = ` +# Exposes GraphQL queries to retrieve GUAC CVEs query CVEs ($filter: CVESpec) { cve(cveSpec: $filter) { ... AllCveTree @@ -22083,6 +22085,23 @@ fragment AllCertifyBad on CertifyBad { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -22155,6 +22174,22 @@ func CertifyBadArtifact( // The query or mutation executed by CertifyBadPkg. const CertifyBadPkg_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to ingest a CertifyBad into GUAC mutation CertifyBadPkg ($pkg: PkgInputSpec!, $pkgMatchType: MatchFlags, $certifyBad: CertifyBadInputSpec!) { ingestCertifyBad(subject: {package:$pkg}, pkgMatchType: $pkgMatchType, certifyBad: $certifyBad) { ... AllCertifyBad @@ -22178,6 +22213,23 @@ fragment AllCertifyBad on CertifyBad { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -22275,6 +22327,23 @@ fragment AllCertifyBad on CertifyBad { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -22347,6 +22416,7 @@ func CertifyBadSrc( // The query or mutation executed by CertifyBads. const CertifyBads_Operation = ` +# Exposes GraphQL queries to retrieve GUAC CertifyBads query CertifyBads ($filter: CertifyBadSpec) { CertifyBad(certifyBadSpec: $filter) { ... AllCertifyBad @@ -22370,6 +22440,23 @@ fragment AllCertifyBad on CertifyBad { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -22475,6 +22562,23 @@ fragment AllCertifyVuln on CertifyVuln { collector } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -22578,6 +22682,23 @@ fragment AllCertifyVuln on CertifyVuln { collector } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -22669,6 +22790,23 @@ fragment allCertifyGood on CertifyGood { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -22741,6 +22879,22 @@ func CertifyGoodArtifact( // The query or mutation executed by CertifyGoodPkg. const CertifyGoodPkg_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to ingest a CertifyGood into GUAC mutation CertifyGoodPkg ($pkg: PkgInputSpec!, $pkgMatchType: MatchFlags, $certifyGood: CertifyGoodInputSpec!) { ingestCertifyGood(subject: {package:$pkg}, pkgMatchType: $pkgMatchType, certifyGood: $certifyGood) { ... allCertifyGood @@ -22764,6 +22918,23 @@ fragment allCertifyGood on CertifyGood { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -22861,6 +23032,23 @@ fragment allCertifyGood on CertifyGood { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -22968,6 +23156,23 @@ fragment AllCertifyVuln on CertifyVuln { collector } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -23034,6 +23239,22 @@ func CertifyNoKnownVuln( // The query or mutation executed by CertifyOSV. const CertifyOSV_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to ingest a vulnerability certification into GUAC mutation CertifyOSV ($pkg: PkgInputSpec!, $osv: OSVInputSpec!, $certifyVuln: VulnerabilityMetaDataInput!) { ingestVulnerability(pkg: $pkg, vulnerability: {osv:$osv}, certifyVuln: $certifyVuln) { ... AllCertifyVuln @@ -23069,6 +23290,23 @@ fragment AllCertifyVuln on CertifyVuln { collector } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -23137,6 +23375,20 @@ func CertifyOSV( // The query or mutation executed by FindSoftware. const FindSoftware_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. query FindSoftware ($searchText: String!) { findSoftware(searchText: $searchText) { __typename @@ -23151,6 +23403,23 @@ query FindSoftware ($searchText: String!) { } } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -23221,6 +23490,7 @@ func FindSoftware( // The query or mutation executed by GHSAs. const GHSAs_Operation = ` +# Exposes GraphQL queries to retrieve GUAC GHSAs query GHSAs ($filter: GHSASpec) { ghsa(ghsaSpec: $filter) { ... AllGHSATree @@ -23292,6 +23562,23 @@ fragment AllArtifactTree on Artifact { algorithm digest } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -23345,6 +23632,22 @@ func HasSBOMArtifact( // The query or mutation executed by HasSBOMPkg. const HasSBOMPkg_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to ingest that a package or source has an SBOM (specified by a URI) into GUAC mutation HasSBOMPkg ($pkg: PkgInputSpec!, $hasSBOM: HasSBOMInputSpec!) { ingestHasSBOM(subject: {package:$pkg}, hasSBOM: $hasSBOM) { ... allHasSBOMTree @@ -23377,6 +23680,23 @@ fragment AllArtifactTree on Artifact { algorithm digest } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -23430,6 +23750,22 @@ func HasSBOMPkg( // The query or mutation executed by HasSourceAt. const HasSourceAt_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to ingest that a package (either at the package version or package name level) has the specified source into GUAC mutation HasSourceAt ($pkg: PkgInputSpec!, $pkgMatchType: MatchFlags!, $source: SourceInputSpec!, $hasSourceAt: HasSourceAtInputSpec!) { ingestHasSourceAt(pkg: $pkg, pkgMatchType: $pkgMatchType, source: $source, hasSourceAt: $hasSourceAt) { ... allHasSourceAt @@ -23448,6 +23784,23 @@ fragment allHasSourceAt on HasSourceAt { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -23519,6 +23872,22 @@ func HasSourceAt( // The query or mutation executed by HashEqual. const HashEqual_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to certify that two artifacts are identical mutation HashEqual ($artifact: ArtifactInputSpec!, $otherArtifact: ArtifactInputSpec!, $hashEqual: HashEqualInputSpec!) { ingestHashEqual(artifact: $artifact, otherArtifact: $otherArtifact, hashEqual: $hashEqual) { ... allHashEqualTree @@ -23572,6 +23941,22 @@ func HashEqual( // The query or mutation executed by IngestArtifact. const IngestArtifact_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Ingest Artifact mutation IngestArtifact ($artifact: ArtifactInputSpec!) { ingestArtifact(artifact: $artifact) { ... AllArtifactTree @@ -23612,6 +23997,7 @@ func IngestArtifact( // The query or mutation executed by IngestArtifacts. const IngestArtifacts_Operation = ` +# Bulk Ingest Artifacts mutation IngestArtifacts ($artifacts: [ArtifactInputSpec!]!) { ingestArtifacts(artifacts: $artifacts) { ... AllArtifactTree @@ -23652,6 +24038,22 @@ func IngestArtifacts( // The query or mutation executed by IngestBuilder. const IngestBuilder_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Ingest Builder mutation IngestBuilder ($builder: BuilderInputSpec!) { ingestBuilder(builder: $builder) { uri @@ -23687,6 +24089,22 @@ func IngestBuilder( // The query or mutation executed by IngestCVE. const IngestCVE_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Ingest CVE mutation IngestCVE ($cve: CVEInputSpec!) { ingestCVE(cve: $cve) { ... AllCveTree @@ -23727,6 +24145,22 @@ func IngestCVE( // The query or mutation executed by IngestGHSA. const IngestGHSA_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Ingest GHSA mutation IngestGHSA ($ghsa: GHSAInputSpec!) { ingestGHSA(ghsa: $ghsa) { ... AllGHSATree @@ -23766,6 +24200,7 @@ func IngestGHSA( // The query or mutation executed by IngestMaterials. const IngestMaterials_Operation = ` +# Ingest Materials (artifacts) used by hasSLSA mutation IngestMaterials ($materials: [ArtifactInputSpec!]!) { ingestMaterials(materials: $materials) { ... AllArtifactTree @@ -23806,6 +24241,22 @@ func IngestMaterials( // The query or mutation executed by IngestOSV. const IngestOSV_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Ingest OSV mutation IngestOSV ($osv: OSVInputSpec!) { ingestOSV(osv: $osv) { ... AllOSVTree @@ -23845,11 +24296,44 @@ func IngestOSV( // The query or mutation executed by IngestPackage. const IngestPackage_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Ingest Package mutation IngestPackage ($pkg: PkgInputSpec!) { ingestPackage(pkg: $pkg) { ... AllPkgTree } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -23901,11 +24385,29 @@ func IngestPackage( // The query or mutation executed by IngestPackages. const IngestPackages_Operation = ` +# Bulk Ingest Packages mutation IngestPackages ($pkgs: [PkgInputSpec!]!) { ingestPackages(pkgs: $pkgs) { ... AllPkgTree } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -23957,6 +24459,22 @@ func IngestPackages( // The query or mutation executed by IngestSource. const IngestSource_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Ingest Source mutation IngestSource ($source: SourceInputSpec!) { ingestSource(source: $source) { ... AllSourceTree @@ -24006,6 +24524,7 @@ func IngestSource( // The query or mutation executed by IsDependencies. const IsDependencies_Operation = ` +# Defines the GraphQL operations to bulk ingest dependencies information into GUAC mutation IsDependencies ($pkgs: [PkgInputSpec!]!, $depPkgs: [PkgInputSpec!]!, $dependencies: [IsDependencyInputSpec!]!) { ingestDependencies(pkgs: $pkgs, depPkgs: $depPkgs, dependencies: $dependencies) { ... allIsDependencyTree @@ -24025,6 +24544,23 @@ fragment allIsDependencyTree on IsDependency { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -24080,6 +24616,22 @@ func IsDependencies( // The query or mutation executed by IsDependency. const IsDependency_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to ingest dependency information into GUAC mutation IsDependency ($pkg: PkgInputSpec!, $depPkg: PkgInputSpec!, $dependency: IsDependencyInputSpec!) { ingestDependency(pkg: $pkg, depPkg: $depPkg, dependency: $dependency) { ... allIsDependencyTree @@ -24099,6 +24651,23 @@ fragment allIsDependencyTree on IsDependency { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -24154,6 +24723,22 @@ func IsDependency( // The query or mutation executed by IsOccurrencePkg. const IsOccurrencePkg_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to ingest occurrence information into GUAC mutation IsOccurrencePkg ($pkg: PkgInputSpec!, $artifact: ArtifactInputSpec!, $occurrence: IsOccurrenceInputSpec!) { ingestOccurrence(subject: {package:$pkg}, artifact: $artifact, occurrence: $occurrence) { ... AllIsOccurrencesTree @@ -24177,6 +24762,23 @@ fragment AllIsOccurrencesTree on IsOccurrence { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -24274,6 +24876,23 @@ fragment AllIsOccurrencesTree on IsOccurrence { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -24348,6 +24967,7 @@ func IsOccurrenceSrc( // The query or mutation executed by IsOccurrencesPkg. const IsOccurrencesPkg_Operation = ` +# Defines the GraphQL operations to bulk ingest occurrences information into GUAC mutation IsOccurrencesPkg ($pkgs: [PkgInputSpec!]!, $artifacts: [ArtifactInputSpec!]!, $occurrences: [IsOccurrenceInputSpec!]!) { ingestOccurrences(subjects: {packages:$pkgs}, artifacts: $artifacts, occurrences: $occurrences) { ... AllIsOccurrencesTree @@ -24371,6 +24991,23 @@ fragment AllIsOccurrencesTree on IsOccurrence { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -24468,6 +25105,23 @@ fragment AllIsOccurrencesTree on IsOccurrence { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -24542,6 +25196,22 @@ func IsOccurrencesSrc( // The query or mutation executed by IsVulnerabilityCVE. const IsVulnerabilityCVE_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to ingest a isVulnerability into GUAC mutation IsVulnerabilityCVE ($osv: OSVInputSpec!, $cve: CVEInputSpec!, $isVulnerability: IsVulnerabilityInputSpec!) { ingestIsVulnerability(osv: $osv, vulnerability: {cve:$cve}, isVulnerability: $isVulnerability) { ... allIsVulnerability @@ -24753,6 +25423,23 @@ query Neighbors ($node: ID!, $usingOnly: [Edge!]!) { } } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -25156,6 +25843,23 @@ query Node ($node: ID!) { } } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -25557,6 +26261,23 @@ query Nodes ($nodes: [ID!]!) { } } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -25887,6 +26608,7 @@ func Nodes( // The query or mutation executed by OSVs. const OSVs_Operation = ` +# Exposes GraphQL queries to retrieve GUAC OSVs query OSVs ($filter: OSVSpec) { osv(osvSpec: $filter) { ... AllOSVTree @@ -25926,11 +26648,29 @@ func OSVs( // The query or mutation executed by Packages. const Packages_Operation = ` +# Exposes GraphQL queries to retrieve GUAC packages query Packages ($filter: PkgSpec) { packages(pkgSpec: $filter) { ... AllPkgTree } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -25982,6 +26722,22 @@ func Packages( // The query or mutation executed by Path. const Path_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Exposes GraphQL queries to retrieve GUAC graph connectivity data query Path ($subject: ID!, $target: ID!, $maxPathLength: Int!, $usingOnly: [Edge!]!) { path(subject: $subject, target: $target, maxPathLength: $maxPathLength, usingOnly: $usingOnly) { __typename @@ -26053,6 +26809,23 @@ query Path ($subject: ID!, $target: ID!, $maxPathLength: Int!, $usingOnly: [Edge } } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -26389,6 +27162,22 @@ func Path( // The query or mutation executed by PkgEqual. const PkgEqual_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to certify that two packages are identical mutation PkgEqual ($pkg: PkgInputSpec!, $otherPackage: PkgInputSpec!, $pkgEqual: PkgEqualInputSpec!) { pkg: ingestPackage(pkg: $pkg) { ... AllPkgTree @@ -26400,6 +27189,23 @@ mutation PkgEqual ($pkg: PkgInputSpec!, $otherPackage: PkgInputSpec!, $pkgEqual: ... allPkgEqual } } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -26464,6 +27270,22 @@ func PkgEqual( // The query or mutation executed by SLSAForArtifact. const SLSAForArtifact_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to ingest SLSA attestations into GUAC mutation SLSAForArtifact ($artifact: ArtifactInputSpec!, $materials: [ArtifactInputSpec!]!, $builder: BuilderInputSpec!, $slsa: SLSAInputSpec!) { ingestSLSA(subject: $artifact, builtFrom: $materials, builtBy: $builder, slsa: $slsa) { ... allSLSATree @@ -26535,6 +27357,22 @@ func SLSAForArtifact( // The query or mutation executed by Scorecard. const Scorecard_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to ingest a Scorecard certification into GUAC mutation Scorecard ($source: SourceInputSpec!, $scorecard: ScorecardInputSpec!) { certifyScorecard(source: $source, scorecard: $scorecard) { ... AllCertifyScorecard @@ -26604,6 +27442,7 @@ func Scorecard( // The query or mutation executed by Sources. const Sources_Operation = ` +# Exposes GraphQL queries to retrieve GUAC sources query Sources ($filter: SourceSpec) { sources(sourceSpec: $filter) { ... AllSourceTree @@ -26689,6 +27528,23 @@ fragment allCertifyVEXStatement on CertifyVEXStatement { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -26798,6 +27654,23 @@ fragment allCertifyVEXStatement on CertifyVEXStatement { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -26907,6 +27780,23 @@ fragment allCertifyVEXStatement on CertifyVEXStatement { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -27016,6 +27906,23 @@ fragment allCertifyVEXStatement on CertifyVEXStatement { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -27089,6 +27996,22 @@ func VexArtifactAndOsv( // The query or mutation executed by VexPackageAndCve. const VexPackageAndCve_Operation = ` +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines the GraphQL operations to ingest VEX statements into GUAC mutation VexPackageAndCve ($pkg: PkgInputSpec!, $cve: CVEInputSpec!, $vexStatement: VexStatementInputSpec!) { ingestVEXStatement(subject: {package:$pkg}, vulnerability: {cve:$cve}, vexStatement: $vexStatement) { ... allCertifyVEXStatement @@ -27125,6 +28048,23 @@ fragment allCertifyVEXStatement on CertifyVEXStatement { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type @@ -27234,6 +28174,23 @@ fragment allCertifyVEXStatement on CertifyVEXStatement { origin collector } +# +# Copyright 2023 The GUAC Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# NOTE: This is experimental and might change in the future! +# Defines GraphQL fragments used in the operations +# TODO(mihaimaruseac): Clean this up: do we want all of these to be returned? fragment AllPkgTree on Package { id type