Security News
The Changelog Podcast: Practical Steps to Stay Safe on npm
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.
By Sarah Gooding - Oct 31, 2025
🚀 DAY 5 OF LAUNCH WEEK: Introducing Socket Firewall Enterprise.Learn more →
@google-cloud/containeranalysis
Advanced tools
Container Analysis API: Nodejs Client
This library is considered to be stable. The code surface will not change in backwards-incompatible ways unless absolutely necessary (e.g. because of critical security issues) or with an extensive deprecation period. Issues and requests against stable libraries are addressed with the highest priority
Container Analysis API client for Node.js
A comprehensive list of changes in each version may be found in the CHANGELOG.
Read more about the client libraries for Cloud APIs, including the older Google APIs Client Libraries, in Client Libraries Explained.
Table of contents:
Quickstart
Before you begin
- Select or create a Cloud Platform project.
- Enable billing for your project.
- Enable the Container Analysis API API.
- Set up authentication so you can access the API from your local workstation.
Installing the client library
npm install @google-cloud/containeranalysis
Samples
Samples are in the samples/ directory. Each sample's README.md has instructions for running its sample.
| Sample | Source Code |
|---|---|
| export s b o m | source code |
| get iam policy | source code |
| get vulnerability occurrences summary | source code |
| set iam policy | source code |
| test iam permissions | source code |
| batch create notes | source code |
| batch create occurrences | source code |
| create note | source code |
| create occurrence | source code |
| delete note | source code |
| delete occurrence | source code |
| get note | source code |
| get occurrence | source code |
| get occurrence note | source code |
| list note occurrences | source code |
| list notes | source code |
| list occurrences | source code |
| update note | source code |
| update occurrence | source code |
| devtools | source code |
| export s b o m | source code |
| generate packages summary | source code |
| get iam policy | source code |
| set iam policy | source code |
| test iam permissions | source code |
| batch create notes | source code |
| batch create occurrences | source code |
| create note | source code |
| create occurrence | source code |
| delete note | source code |
| delete occurrence | source code |
| get note | source code |
| get occurrence | source code |
| get occurrence note | source code |
| get vulnerability occurrences summary | source code |
| list note occurrences | source code |
| list notes | source code |
| list occurrences | source code |
| update note | source code |
| update occurrence | source code |
| devtools | source code |
Supported Node.js Versions
Our client libraries follow the Node.js release schedule. Libraries are compatible with all current active and maintenance versions of Node.js. If you are using an end-of-life version of Node.js, we recommend that you update as soon as possible to an actively supported LTS version.
Google's client libraries support legacy versions of Node.js runtimes on a best-efforts basis with the following warnings:
- Legacy versions are not tested in continuous integration.
- Some security patches and features cannot be backported.
- Dependencies cannot be kept up-to-date.
Client libraries targeting some end-of-life versions of Node.js are available, and
can be installed through npm dist-tags.
The dist-tags follow the naming convention legacy-(version).
For example, npm install @google-cloud/containeranalysis@legacy-8 installs client libraries
for versions compatible with Node.js 8.
Versioning
This library follows Semantic Versioning.
More Information: Google Cloud Platform Launch Stages
Contributing
Contributions welcome! See the Contributing Guide.
Please note that this README.md
and a variety of configuration files in this repository (including .nycrc and tsconfig.json)
are generated from a central template.
License
Apache Version 2.0
See LICENSE
FAQs
Containeranalysis client for Node.js
The npm package @google-cloud/containeranalysis receives a total of 9,112 weekly downloads. As such, @google-cloud/containeranalysis popularity was classified as popular.
We found that @google-cloud/containeranalysis demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 13 Oct 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Security Community Slams MIT-linked Report Claiming AI Powers 80% of Ransomware
Experts push back on new claims about AI-driven ransomware, warning that hype and sponsored research are distorting how the threat is understood.
By Sarah Gooding - Oct 30, 2025
Security News
Ruby Core Team Assumes Stewardship of RubyGems and Bundler, Former Maintainers Offer to Transfer All Rights to Matz
Ruby's creator Matz assumes control of RubyGems and Bundler repositories while former maintainers agree to step back and transfer all rights to end the dispute.
By Sarah Gooding - Oct 29, 2025