docs: update docs (#916)
* fix: re-run script
* test: fix noxfile
diff --git a/docs/dyn/websecurityscanner_v1.projects.scanConfigs.scanRuns.findings.html b/docs/dyn/websecurityscanner_v1.projects.scanConfigs.scanRuns.findings.html
index c3cae39..2cc2338 100644
--- a/docs/dyn/websecurityscanner_v1.projects.scanConfigs.scanRuns.findings.html
+++ b/docs/dyn/websecurityscanner_v1.projects.scanConfigs.scanRuns.findings.html
@@ -78,7 +78,7 @@
<code><a href="#get">get(name, x__xgafv=None)</a></code></p>
<p class="firstline">Gets a Finding.</p>
<p class="toc_element">
- <code><a href="#list">list(parent, pageSize=None, filter=None, pageToken=None, x__xgafv=None)</a></code></p>
+ <code><a href="#list">list(parent, filter=None, pageToken=None, pageSize=None, x__xgafv=None)</a></code></p>
<p class="firstline">List Findings under a given ScanRun.</p>
<p class="toc_element">
<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
@@ -102,50 +102,51 @@
{ # A Finding resource represents a vulnerability instance identified during a
# ScanRun.
- "violatingResource": { # Information regarding any resource causing the vulnerability such # Output only. An addon containing detailed information regarding any resource causing the
- # vulnerability such as JavaScript sources, image, audio files, etc.
- # as JavaScript sources, image, audio files, etc.
- "contentType": "A String", # The MIME type of this resource.
- "resourceUrl": "A String", # URL of this violating resource.
- },
- "xss": { # Information reported for an XSS. # Output only. An addon containing information reported for an XSS, if any.
- "errorMessage": "A String", # An error message generated by a javascript breakage.
- "stackTraces": [ # Stack traces leading to the point where the XSS occurred.
- "A String",
- ],
- "attackVector": "A String", # The attack vector of the payload triggering this XSS.
- "storedXssSeedingUrl": "A String", # The reproduction url for the seeding POST request of a Stored XSS.
- },
- "severity": "A String", # Output only. The severity level of the reported vulnerability.
- "finalUrl": "A String", # Output only. The URL where the browser lands when the vulnerability is detected.
- "reproductionUrl": "A String", # Output only. The URL containing human-readable payload that user can leverage to
- # reproduce the vulnerability.
- "body": "A String", # Output only. The body of the request that triggered the vulnerability.
- "form": { # ! Information about a vulnerability with an HTML. # Output only. An addon containing information reported for a vulnerability with an HTML
- # form, if any.
- "actionUri": "A String", # ! The URI where to send the form when it's submitted.
- "fields": [ # ! The names of form fields related to the vulnerability.
- "A String",
- ],
- },
- "frameUrl": "A String", # Output only. If the vulnerability was originated from nested IFrame, the immediate
- # parent IFrame is reported.
- "fuzzedUrl": "A String", # Output only. The URL produced by the server-side fuzzer and used in the request that
- # triggered the vulnerability.
+ "name": "A String", # Output only. The resource name of the Finding. The name follows the format of
+ # 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.
+ # The finding IDs are generated by the system.
"description": "A String", # Output only. The description of the vulnerability.
"trackingId": "A String", # Output only. The tracking ID uniquely identifies a vulnerability instance across
# multiple ScanRuns.
- "httpMethod": "A String", # Output only. The http method of the request that triggered the vulnerability, in
- # uppercase.
+ "form": { # ! Information about a vulnerability with an HTML. # Output only. An addon containing information reported for a vulnerability with an HTML
+ # form, if any.
+ "fields": [ # ! The names of form fields related to the vulnerability.
+ "A String",
+ ],
+ "actionUri": "A String", # ! The URI where to send the form when it's submitted.
+ },
+ "finalUrl": "A String", # Output only. The URL where the browser lands when the vulnerability is detected.
+ "xss": { # Information reported for an XSS. # Output only. An addon containing information reported for an XSS, if any.
+ "attackVector": "A String", # The attack vector of the payload triggering this XSS.
+ "stackTraces": [ # Stack traces leading to the point where the XSS occurred.
+ "A String",
+ ],
+ "errorMessage": "A String", # An error message generated by a javascript breakage.
+ "storedXssSeedingUrl": "A String", # The reproduction url for the seeding POST request of a Stored XSS.
+ },
+ "findingType": "A String", # Output only. The type of the Finding.
+ # Detailed and up-to-date information on findings can be found here:
+ # https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings
+ "severity": "A String", # Output only. The severity level of the reported vulnerability.
+ "frameUrl": "A String", # Output only. If the vulnerability was originated from nested IFrame, the immediate
+ # parent IFrame is reported.
"vulnerableParameters": { # Information about vulnerable request parameters. # Output only. An addon containing information about request parameters which were found
# to be vulnerable.
"parameterNames": [ # The vulnerable parameter names.
"A String",
],
},
- "name": "A String", # Output only. The resource name of the Finding. The name follows the format of
- # 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.
- # The finding IDs are generated by the system.
+ "violatingResource": { # Information regarding any resource causing the vulnerability such # Output only. An addon containing detailed information regarding any resource causing the
+ # vulnerability such as JavaScript sources, image, audio files, etc.
+ # as JavaScript sources, image, audio files, etc.
+ "resourceUrl": "A String", # URL of this violating resource.
+ "contentType": "A String", # The MIME type of this resource.
+ },
+ "fuzzedUrl": "A String", # Output only. The URL produced by the server-side fuzzer and used in the request that
+ # triggered the vulnerability.
+ "httpMethod": "A String", # Output only. The http method of the request that triggered the vulnerability, in
+ # uppercase.
+ "body": "A String", # Output only. The body of the request that triggered the vulnerability.
"vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # Output only. An addon containing information about vulnerable or missing HTTP headers.
"headers": [ # List of vulnerable headers.
{ # Describes a HTTP Header.
@@ -160,30 +161,26 @@
},
],
},
+ "reproductionUrl": "A String", # Output only. The URL containing human-readable payload that user can leverage to
+ # reproduce the vulnerability.
"outdatedLibrary": { # Information reported for an outdated library. # Output only. An addon containing information about outdated libraries.
- "version": "A String", # The version number.
- "libraryName": "A String", # The name of the outdated library.
"learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library.
"A String",
],
+ "version": "A String", # The version number.
+ "libraryName": "A String", # The name of the outdated library.
},
- "findingType": "A String", # Output only. The type of the Finding.
- # Detailed and up-to-date information on findings can be found here:
- # https://cloud.google.com/security-scanner/docs/scan-result-details
}</pre>
</div>
<div class="method">
- <code class="details" id="list">list(parent, pageSize=None, filter=None, pageToken=None, x__xgafv=None)</code>
+ <code class="details" id="list">list(parent, filter=None, pageToken=None, pageSize=None, x__xgafv=None)</code>
<pre>List Findings under a given ScanRun.
Args:
parent: string, Required. The parent resource name, which should be a scan run resource name in the
format
'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. (required)
- pageSize: integer, The maximum number of Findings to return, can be limited by server.
-If not specified or not positive, the implementation will select a
-reasonable value.
filter: string, The filter expression. The expression must be in the format: <field>
<operator> <value>.
Supported field: 'finding_type'.
@@ -191,6 +188,9 @@
pageToken: string, A token identifying a page of results to be returned. This should be a
`next_page_token` value returned from a previous List request.
If unspecified, the first page of results is returned.
+ pageSize: integer, The maximum number of Findings to return, can be limited by server.
+If not specified or not positive, the implementation will select a
+reasonable value.
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
@@ -200,55 +200,54 @@
An object of the form:
{ # Response for the `ListFindings` method.
- "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no
- # more results in the list.
"findings": [ # The list of Findings returned.
{ # A Finding resource represents a vulnerability instance identified during a
# ScanRun.
- "violatingResource": { # Information regarding any resource causing the vulnerability such # Output only. An addon containing detailed information regarding any resource causing the
- # vulnerability such as JavaScript sources, image, audio files, etc.
- # as JavaScript sources, image, audio files, etc.
- "contentType": "A String", # The MIME type of this resource.
- "resourceUrl": "A String", # URL of this violating resource.
- },
- "xss": { # Information reported for an XSS. # Output only. An addon containing information reported for an XSS, if any.
- "errorMessage": "A String", # An error message generated by a javascript breakage.
- "stackTraces": [ # Stack traces leading to the point where the XSS occurred.
- "A String",
- ],
- "attackVector": "A String", # The attack vector of the payload triggering this XSS.
- "storedXssSeedingUrl": "A String", # The reproduction url for the seeding POST request of a Stored XSS.
- },
- "severity": "A String", # Output only. The severity level of the reported vulnerability.
- "finalUrl": "A String", # Output only. The URL where the browser lands when the vulnerability is detected.
- "reproductionUrl": "A String", # Output only. The URL containing human-readable payload that user can leverage to
- # reproduce the vulnerability.
- "body": "A String", # Output only. The body of the request that triggered the vulnerability.
- "form": { # ! Information about a vulnerability with an HTML. # Output only. An addon containing information reported for a vulnerability with an HTML
- # form, if any.
- "actionUri": "A String", # ! The URI where to send the form when it's submitted.
- "fields": [ # ! The names of form fields related to the vulnerability.
- "A String",
- ],
- },
- "frameUrl": "A String", # Output only. If the vulnerability was originated from nested IFrame, the immediate
- # parent IFrame is reported.
- "fuzzedUrl": "A String", # Output only. The URL produced by the server-side fuzzer and used in the request that
- # triggered the vulnerability.
+ "name": "A String", # Output only. The resource name of the Finding. The name follows the format of
+ # 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.
+ # The finding IDs are generated by the system.
"description": "A String", # Output only. The description of the vulnerability.
"trackingId": "A String", # Output only. The tracking ID uniquely identifies a vulnerability instance across
# multiple ScanRuns.
- "httpMethod": "A String", # Output only. The http method of the request that triggered the vulnerability, in
- # uppercase.
+ "form": { # ! Information about a vulnerability with an HTML. # Output only. An addon containing information reported for a vulnerability with an HTML
+ # form, if any.
+ "fields": [ # ! The names of form fields related to the vulnerability.
+ "A String",
+ ],
+ "actionUri": "A String", # ! The URI where to send the form when it's submitted.
+ },
+ "finalUrl": "A String", # Output only. The URL where the browser lands when the vulnerability is detected.
+ "xss": { # Information reported for an XSS. # Output only. An addon containing information reported for an XSS, if any.
+ "attackVector": "A String", # The attack vector of the payload triggering this XSS.
+ "stackTraces": [ # Stack traces leading to the point where the XSS occurred.
+ "A String",
+ ],
+ "errorMessage": "A String", # An error message generated by a javascript breakage.
+ "storedXssSeedingUrl": "A String", # The reproduction url for the seeding POST request of a Stored XSS.
+ },
+ "findingType": "A String", # Output only. The type of the Finding.
+ # Detailed and up-to-date information on findings can be found here:
+ # https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings
+ "severity": "A String", # Output only. The severity level of the reported vulnerability.
+ "frameUrl": "A String", # Output only. If the vulnerability was originated from nested IFrame, the immediate
+ # parent IFrame is reported.
"vulnerableParameters": { # Information about vulnerable request parameters. # Output only. An addon containing information about request parameters which were found
# to be vulnerable.
"parameterNames": [ # The vulnerable parameter names.
"A String",
],
},
- "name": "A String", # Output only. The resource name of the Finding. The name follows the format of
- # 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.
- # The finding IDs are generated by the system.
+ "violatingResource": { # Information regarding any resource causing the vulnerability such # Output only. An addon containing detailed information regarding any resource causing the
+ # vulnerability such as JavaScript sources, image, audio files, etc.
+ # as JavaScript sources, image, audio files, etc.
+ "resourceUrl": "A String", # URL of this violating resource.
+ "contentType": "A String", # The MIME type of this resource.
+ },
+ "fuzzedUrl": "A String", # Output only. The URL produced by the server-side fuzzer and used in the request that
+ # triggered the vulnerability.
+ "httpMethod": "A String", # Output only. The http method of the request that triggered the vulnerability, in
+ # uppercase.
+ "body": "A String", # Output only. The body of the request that triggered the vulnerability.
"vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # Output only. An addon containing information about vulnerable or missing HTTP headers.
"headers": [ # List of vulnerable headers.
{ # Describes a HTTP Header.
@@ -263,18 +262,19 @@
},
],
},
+ "reproductionUrl": "A String", # Output only. The URL containing human-readable payload that user can leverage to
+ # reproduce the vulnerability.
"outdatedLibrary": { # Information reported for an outdated library. # Output only. An addon containing information about outdated libraries.
- "version": "A String", # The version number.
- "libraryName": "A String", # The name of the outdated library.
"learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library.
"A String",
],
+ "version": "A String", # The version number.
+ "libraryName": "A String", # The name of the outdated library.
},
- "findingType": "A String", # Output only. The type of the Finding.
- # Detailed and up-to-date information on findings can be found here:
- # https://cloud.google.com/security-scanner/docs/scan-result-details
},
],
+ "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no
+ # more results in the list.
}</pre>
</div>