Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
google-cloud-container_analysis
Advanced tools
API Client library for the Container Analysis API
The Container Analysis API is an implementation of Grafeas. It stores, and enables querying and retrieval of, critical metadata about all of your software artifacts.
Actual client classes for the various versions of this API are defined in
versioned client gems, with names of the form google-cloud-container_analysis-v*
.
The gem google-cloud-container_analysis
is the main client library that brings the
verisoned gems in as dependencies, and provides high-level methods for
constructing clients. More information on versioned clients can be found below
in the section titled Which client should I use?.
View the Client Library Documentation for this library, google-cloud-container_analysis, to see the convenience methods for constructing client objects. Reference documentation for the client objects themselves can be found in the client library documentation for the versioned client gems: google-cloud-container_analysis-v1.
See also the Product Documentation for more usage information.
$ gem install google-cloud-container_analysis
In order to use this library, you first need to go through the following steps:
The 1.0 release of the google-cloud-container_analysis client is a significant upgrade based on a next-gen code generator, and includes substantial interface changes. Existing code written for earlier versions of this library will likely require updates to use this version. See the {file:MIGRATING.md MIGRATING.md} document for more information.
To enable logging for this library, set the logger for the underlying gRPC library.
The logger that you set may be a Ruby stdlib Logger
as shown below,
or a Google::Cloud::Logging::Logger
that will write logs to Cloud Logging. See grpc/logconfig.rb
and the gRPC spec_helper.rb for additional information.
Configuring a Ruby stdlib logger:
require "logger"
module MyLogger
LOGGER = Logger.new $stderr, level: Logger::WARN
def logger
LOGGER
end
end
# Define a gRPC module-level logger method before grpc/logconfig.rb loads.
module GRPC
extend MyLogger
end
This library is supported on Ruby 2.7+.
Google provides official support for Ruby versions that are actively supported by Ruby Core—that is, Ruby versions that are either in normal maintenance or in security maintenance, and not end of life. Older versions of Ruby may still work, but are unsupported and not recommended. See https://www.ruby-lang.org/en/downloads/branches/ for details about the Ruby support schedule.
Most modern Ruby client libraries for Google APIs come in two flavors: the main
client library with a name such as google-cloud-container_analysis
,
and lower-level versioned client libraries with names such as
google-cloud-container_analysis-v1
.
In most cases, you should install the main client.
A versioned client provides a basic set of data types and client classes for a single version of a specific service. (That is, for a service with multiple versions, there might be a separate versioned client for each service version.) Most versioned clients are written and maintained by a code generator.
The main client is designed to provide you with the recommended client interfaces for the service. There will be only one main client for any given service, even a service with multiple versions. The main client includes factory methods for constructing the client objects we recommend for most users. In some cases, those will be classes provided by an underlying versioned client; in other cases, they will be handwritten higher-level client objects with additional capabilities, convenience methods, or best practices built in. Generally, the main client will default to a recommended service version, although in some cases you can override this if you need to talk to a specific service version.
We recommend that most users install the main client gem for a service. You can
identify this gem as the one without a version in its name, e.g.
google-cloud-container_analysis
.
The main client is recommended because it will embody the best practices for
accessing the service, and may also provide more convenient interfaces or
tighter integration into frameworks and third-party libraries. In addition, the
documentation and samples published by Google will generally demonstrate use of
the main client.
You can use a versioned client if you are content with a possibly lower-level
class interface, you explicitly want to avoid features provided by the main
client, or you want to access a specific service version not be covered by the
main client. You can identify versioned client gems because the service version
is part of the name, e.g. google-cloud-container_analysis-v1
.
Client library gems with names that begin with google-apis-
are based on an
older code generation technology. They talk to a REST/JSON backend (whereas
most modern clients talk to a gRPC backend) and they may
not offer the same performance, features, and ease of use provided by more
modern clients.
The google-apis-
clients have wide coverage across Google services, so you
might need to use one if there is no modern client available for the service.
However, if a modern client is available, we generally recommend it over the
older google-apis-
clients.
FAQs
Unknown package
We found that google-cloud-container_analysis demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.