rename to use vulns and avoid ambiguous types

Signed-off-by: hectorj2f <[email protected]>
in-toto · Oct 13, 2024 · bd07c01 · bd07c01
1 parent 78d0e86
commit bd07c01
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 6 deletions.
diff --git a/protos/README.md b/protos/README.md
@@ -20,7 +20,7 @@ predicates have protobuf definitions:
     artifact.
 -   [SCAI]: Evidence-based assertions about software artifact and supply
     chain attributes.
--   [VULN]: Describes how to store the results of scanners when detecting vulnerabilities in a software artifact.
+-   [VULNS]: Describes how to store the results of scanners when detecting vulnerabilities in a software artifact.
     chain attributes.
 -   [Test Result]: Expresses the result of a test run in the software supply
     chain.
@@ -52,7 +52,7 @@ testing the supported language bindings.
 [SCAI]: in_toto_attestation/predicates/scai/
 [SLSA Provenance]: in_toto_attestation/predicates/provenance/
 [SLSA Verification Summary]: in_toto_attestation/predicates/vsa/
-[VULN]: in_toto_attestation/predicates/vuln/
+[VULNS]: in_toto_attestation/predicates/vulns/
 [in-toto Link]: in_toto_attestation/predicates/link/
 [Test Result]: in_toto_attestation/predicates/test_result/
 [documentation]: ../docs/protos.md

diff --git a/...testation/predicates/vuln/v0.1/vuln.proto → ...station/predicates/vulns/v0.1/vulns.proto b/...testation/predicates/vuln/v0.1/vuln.proto → ...station/predicates/vulns/v0.1/vulns.proto
@@ -1,12 +1,12 @@
 syntax = "proto3";
 
-package in_toto_attestation.predicates.vuln.v01;
+package in_toto_attestation.predicates.vulns.v01;
 
 import "google/protobuf/struct.proto";
 import "google/protobuf/timestamp.proto";
 
-option go_package = "github.com/in-toto/attestation/go/predicates/vuln/v1";
-option java_package = "io.github.intoto.attestation.predicates.vuln.v1";
+option go_package = "github.com/in-toto/attestation/go/predicates/vulns/v1";
+option java_package = "io.github.intoto.attestation.predicates.vulns.v1";
 
 // Validation of all fields is left to the users of this proto.
 message Vuln {

diff --git a/spec/predicates/vuln.md → spec/predicates/vulns.md b/spec/predicates/vuln.md → spec/predicates/vulns.md
@@ -94,7 +94,7 @@ The `predicate` contains a JSON-encoded data with the following fields:
 
 > > > > > This is a string representing the severity score based on the selected method.
 
-**scanner.result.[*].vulnerability.annotations, optional** list
+**scanner.result.[*].vulnerability.annotations, optional** list, map <string, value>
 
 > > > > > This is a list of key/value pairs where scanners can add additional custom information.