diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml index eea8d903b4..ee3cd5595e 100644 --- a/.generator/schemas/v2/openapi.yaml +++ b/.generator/schemas/v2/openapi.yaml @@ -29996,6 +29996,13 @@ components: Library: description: Vulnerability library. properties: + additional_names: + description: Related library or package names (such as child packages or + affected binary paths). + items: + example: linux-tools-common + type: string + type: array name: description: Vulnerability library name. example: linux-aws-5.15 @@ -57371,6 +57378,12 @@ components: type: array risks: $ref: '#/components/schemas/VulnerabilityRisks' + running_kernel: + description: "True if the vulnerability affects a package in the host\u2019s + running kernel, false if it affects a non-running kernel, and omit if + it is not kernel-related." + example: true + type: boolean status: $ref: '#/components/schemas/VulnerabilityStatus' title: @@ -57431,10 +57444,15 @@ components: - RubyGems - Go - Packagist - - Ddeb + - Deb - Rpm - Apk - Windows + - Generic + - MacOs + - Oci + - BottleRocket + - None type: string x-enum-varnames: - PYPI @@ -57444,10 +57462,15 @@ components: - RUBY_GEMS - GO - PACKAGIST - - D_DEB + - DEB - RPM - APK - WINDOWS + - GENERIC + - MAC_OS + - OCI + - BOTTLE_ROCKET + - NONE VulnerabilityRelationships: description: Related entities object. properties: @@ -57548,12 +57571,14 @@ components: - IAST - SCA - Infra + - SAST example: SCA type: string x-enum-varnames: - IAST - SCA - INFRA + - SAST VulnerabilityType: description: The vulnerability type. enum: @@ -80311,6 +80336,10 @@ paths: summary: List assets SBOMs tags: - Security Monitoring + x-permission: + operator: OR + permissions: + - appsec_vm_read x-unstable: '**Note**: This endpoint is a private preview. If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' @@ -80382,6 +80411,10 @@ paths: summary: Get SBOM tags: - Security Monitoring + x-permission: + operator: OR + permissions: + - appsec_vm_read x-unstable: '**Note**: This endpoint is a private preview. If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' @@ -80496,6 +80529,10 @@ paths: summary: List scanned assets metadata tags: - Security Monitoring + x-permission: + operator: OR + permissions: + - appsec_vm_read x-unstable: '**Note**: This endpoint is a private preview. If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' @@ -80924,6 +80961,14 @@ paths: required: false schema: type: string + - description: Filter for whether the vulnerability affects a running kernel + (for vulnerabilities related to a `Host` asset). + example: true + in: query + name: filter[running_kernel] + required: false + schema: + type: boolean - description: Filter by asset name. This field supports the usage of wildcards (*). example: datadog-agent @@ -81067,6 +81112,10 @@ paths: summary: List vulnerabilities tags: - Security Monitoring + x-permission: + operator: OR + permissions: + - appsec_vm_read x-unstable: '**Note**: This endpoint is a private preview. If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' @@ -81425,6 +81474,10 @@ paths: summary: List vulnerable assets tags: - Security Monitoring + x-permission: + operator: OR + permissions: + - appsec_vm_read x-unstable: '**Note**: This endpoint is a private preview. If you are interested in accessing this API, [fill out this form](https://forms.gle/kMYC1sDr6WDUBDsx9).' @@ -84562,8 +84615,8 @@ paths: x-unstable: '**Note**: This endpoint may be subject to changes.' /api/v2/static-analysis/secrets/rules: get: - description: Returns list of Secrets rules with ID, Pattern, Description, Priority, - and SDS ID + description: Returns a list of Secrets rules with ID, Pattern, Description, + Priority, and SDS ID. operationId: GetSecretsRules responses: '200': @@ -84579,7 +84632,7 @@ paths: appKeyAuth: [] - AuthZ: - code_analysis_read - summary: Returns list of Secrets rules + summary: Returns a list of Secrets rules tags: - Security Monitoring x-unstable: '**Note**: This endpoint may be subject to changes.' diff --git a/examples/v2/security-monitoring/GetSecretsRules.py b/examples/v2/security-monitoring/GetSecretsRules.py index 4a6bd62e45..66bb6518b3 100644 --- a/examples/v2/security-monitoring/GetSecretsRules.py +++ b/examples/v2/security-monitoring/GetSecretsRules.py @@ -1,5 +1,5 @@ """ -Returns list of Secrets rules returns "OK" response +Returns a list of Secrets rules returns "OK" response """ from datadog_api_client import ApiClient, Configuration diff --git a/src/datadog_api_client/v2/api/security_monitoring_api.py b/src/datadog_api_client/v2/api/security_monitoring_api.py index 9d41c494e1..9adc685f98 100644 --- a/src/datadog_api_client/v2/api/security_monitoring_api.py +++ b/src/datadog_api_client/v2/api/security_monitoring_api.py @@ -1773,6 +1773,11 @@ def __init__(self, api_client=None): "attribute": "filter[origin]", "location": "query", }, + "filter_running_kernel": { + "openapi_types": (bool,), + "attribute": "filter[running_kernel]", + "location": "query", + }, "filter_asset_name": { "openapi_types": (str,), "attribute": "filter[asset.name]", @@ -2920,9 +2925,9 @@ def get_sbom( def get_secrets_rules( self, ) -> SecretRuleArray: - """Returns list of Secrets rules. + """Returns a list of Secrets rules. - Returns list of Secrets rules with ID, Pattern, Description, Priority, and SDS ID + Returns a list of Secrets rules with ID, Pattern, Description, Priority, and SDS ID. :rtype: SecretRuleArray """ @@ -3938,6 +3943,7 @@ def list_vulnerabilities( filter_fix_available: Union[bool, UnsetType] = unset, filter_repo_digests: Union[str, UnsetType] = unset, filter_origin: Union[str, UnsetType] = unset, + filter_running_kernel: Union[bool, UnsetType] = unset, filter_asset_name: Union[str, UnsetType] = unset, filter_asset_type: Union[AssetType, UnsetType] = unset, filter_asset_version_first: Union[str, UnsetType] = unset, @@ -4100,6 +4106,8 @@ def list_vulnerabilities( :type filter_repo_digests: str, optional :param filter_origin: Filter by origin. :type filter_origin: str, optional + :param filter_running_kernel: Filter for whether the vulnerability affects a running kernel (for vulnerabilities related to a ``Host`` asset). + :type filter_running_kernel: bool, optional :param filter_asset_name: Filter by asset name. This field supports the usage of wildcards (*). :type filter_asset_name: str, optional :param filter_asset_type: Filter by asset type. @@ -4214,6 +4222,9 @@ def list_vulnerabilities( if filter_origin is not unset: kwargs["filter_origin"] = filter_origin + if filter_running_kernel is not unset: + kwargs["filter_running_kernel"] = filter_running_kernel + if filter_asset_name is not unset: kwargs["filter_asset_name"] = filter_asset_name diff --git a/src/datadog_api_client/v2/model/library.py b/src/datadog_api_client/v2/model/library.py index 20da220002..91a447af97 100644 --- a/src/datadog_api_client/v2/model/library.py +++ b/src/datadog_api_client/v2/model/library.py @@ -3,7 +3,7 @@ # Copyright 2019-Present Datadog, Inc. from __future__ import annotations -from typing import Union +from typing import List, Union from datadog_api_client.model_utils import ( ModelNormal, @@ -17,25 +17,38 @@ class Library(ModelNormal): @cached_property def openapi_types(_): return { + "additional_names": ([str],), "name": (str,), "version": (str,), } attribute_map = { + "additional_names": "additional_names", "name": "name", "version": "version", } - def __init__(self_, name: str, version: Union[str, UnsetType] = unset, **kwargs): + def __init__( + self_, + name: str, + additional_names: Union[List[str], UnsetType] = unset, + version: Union[str, UnsetType] = unset, + **kwargs, + ): """ Vulnerability library. + :param additional_names: Related library or package names (such as child packages or affected binary paths). + :type additional_names: [str], optional + :param name: Vulnerability library name. :type name: str :param version: Vulnerability library version. :type version: str, optional """ + if additional_names is not unset: + kwargs["additional_names"] = additional_names if version is not unset: kwargs["version"] = version super().__init__(kwargs) diff --git a/src/datadog_api_client/v2/model/vulnerability_attributes.py b/src/datadog_api_client/v2/model/vulnerability_attributes.py index f6ad778602..696482a649 100644 --- a/src/datadog_api_client/v2/model/vulnerability_attributes.py +++ b/src/datadog_api_client/v2/model/vulnerability_attributes.py @@ -61,6 +61,7 @@ def openapi_types(_): "remediations": ([Remediation],), "repo_digests": ([str],), "risks": (VulnerabilityRisks,), + "running_kernel": (bool,), "status": (VulnerabilityStatus,), "title": (str,), "tool": (VulnerabilityTool,), @@ -86,6 +87,7 @@ def openapi_types(_): "remediations": "remediations", "repo_digests": "repo_digests", "risks": "risks", + "running_kernel": "running_kernel", "status": "status", "title": "title", "tool": "tool", @@ -116,6 +118,7 @@ def __init__( ecosystem: Union[VulnerabilityEcosystem, UnsetType] = unset, library: Union[Library, UnsetType] = unset, repo_digests: Union[List[str], UnsetType] = unset, + running_kernel: Union[bool, UnsetType] = unset, **kwargs, ): """ @@ -175,6 +178,9 @@ def __init__( :param risks: Vulnerability risks. :type risks: VulnerabilityRisks + :param running_kernel: True if the vulnerability affects a package in the host’s running kernel, false if it affects a non-running kernel, and omit if it is not kernel-related. + :type running_kernel: bool, optional + :param status: The vulnerability status. :type status: VulnerabilityStatus @@ -201,6 +207,8 @@ def __init__( kwargs["library"] = library if repo_digests is not unset: kwargs["repo_digests"] = repo_digests + if running_kernel is not unset: + kwargs["running_kernel"] = running_kernel super().__init__(kwargs) self_.cve_list = cve_list diff --git a/src/datadog_api_client/v2/model/vulnerability_ecosystem.py b/src/datadog_api_client/v2/model/vulnerability_ecosystem.py index 463b308a95..414cde6a18 100644 --- a/src/datadog_api_client/v2/model/vulnerability_ecosystem.py +++ b/src/datadog_api_client/v2/model/vulnerability_ecosystem.py @@ -16,7 +16,7 @@ class VulnerabilityEcosystem(ModelSimple): """ The related vulnerability asset ecosystem. - :param value: Must be one of ["PyPI", "Maven", "NuGet", "Npm", "RubyGems", "Go", "Packagist", "Ddeb", "Rpm", "Apk", "Windows"]. + :param value: Must be one of ["PyPI", "Maven", "NuGet", "Npm", "RubyGems", "Go", "Packagist", "Deb", "Rpm", "Apk", "Windows", "Generic", "MacOs", "Oci", "BottleRocket", "None"]. :type value: str """ @@ -28,10 +28,15 @@ class VulnerabilityEcosystem(ModelSimple): "RubyGems", "Go", "Packagist", - "Ddeb", + "Deb", "Rpm", "Apk", "Windows", + "Generic", + "MacOs", + "Oci", + "BottleRocket", + "None", } PYPI: ClassVar["VulnerabilityEcosystem"] MAVEN: ClassVar["VulnerabilityEcosystem"] @@ -40,10 +45,15 @@ class VulnerabilityEcosystem(ModelSimple): RUBY_GEMS: ClassVar["VulnerabilityEcosystem"] GO: ClassVar["VulnerabilityEcosystem"] PACKAGIST: ClassVar["VulnerabilityEcosystem"] - D_DEB: ClassVar["VulnerabilityEcosystem"] + DEB: ClassVar["VulnerabilityEcosystem"] RPM: ClassVar["VulnerabilityEcosystem"] APK: ClassVar["VulnerabilityEcosystem"] WINDOWS: ClassVar["VulnerabilityEcosystem"] + GENERIC: ClassVar["VulnerabilityEcosystem"] + MAC_OS: ClassVar["VulnerabilityEcosystem"] + OCI: ClassVar["VulnerabilityEcosystem"] + BOTTLE_ROCKET: ClassVar["VulnerabilityEcosystem"] + NONE: ClassVar["VulnerabilityEcosystem"] @cached_property def openapi_types(_): @@ -59,7 +69,12 @@ def openapi_types(_): VulnerabilityEcosystem.RUBY_GEMS = VulnerabilityEcosystem("RubyGems") VulnerabilityEcosystem.GO = VulnerabilityEcosystem("Go") VulnerabilityEcosystem.PACKAGIST = VulnerabilityEcosystem("Packagist") -VulnerabilityEcosystem.D_DEB = VulnerabilityEcosystem("Ddeb") +VulnerabilityEcosystem.DEB = VulnerabilityEcosystem("Deb") VulnerabilityEcosystem.RPM = VulnerabilityEcosystem("Rpm") VulnerabilityEcosystem.APK = VulnerabilityEcosystem("Apk") VulnerabilityEcosystem.WINDOWS = VulnerabilityEcosystem("Windows") +VulnerabilityEcosystem.GENERIC = VulnerabilityEcosystem("Generic") +VulnerabilityEcosystem.MAC_OS = VulnerabilityEcosystem("MacOs") +VulnerabilityEcosystem.OCI = VulnerabilityEcosystem("Oci") +VulnerabilityEcosystem.BOTTLE_ROCKET = VulnerabilityEcosystem("BottleRocket") +VulnerabilityEcosystem.NONE = VulnerabilityEcosystem("None") diff --git a/src/datadog_api_client/v2/model/vulnerability_tool.py b/src/datadog_api_client/v2/model/vulnerability_tool.py index 4b7ae312ec..1d747c50d8 100644 --- a/src/datadog_api_client/v2/model/vulnerability_tool.py +++ b/src/datadog_api_client/v2/model/vulnerability_tool.py @@ -16,7 +16,7 @@ class VulnerabilityTool(ModelSimple): """ The vulnerability tool. - :param value: Must be one of ["IAST", "SCA", "Infra"]. + :param value: Must be one of ["IAST", "SCA", "Infra", "SAST"]. :type value: str """ @@ -24,10 +24,12 @@ class VulnerabilityTool(ModelSimple): "IAST", "SCA", "Infra", + "SAST", } IAST: ClassVar["VulnerabilityTool"] SCA: ClassVar["VulnerabilityTool"] INFRA: ClassVar["VulnerabilityTool"] + SAST: ClassVar["VulnerabilityTool"] @cached_property def openapi_types(_): @@ -39,3 +41,4 @@ def openapi_types(_): VulnerabilityTool.IAST = VulnerabilityTool("IAST") VulnerabilityTool.SCA = VulnerabilityTool("SCA") VulnerabilityTool.INFRA = VulnerabilityTool("Infra") +VulnerabilityTool.SAST = VulnerabilityTool("SAST") diff --git a/tests/v2/cassettes/test_scenarios/test_list_vulnerabilities_returns_not_found_there_is_no_request_associated_with_the_provided_token_response.frozen b/tests/v2/cassettes/test_scenarios/test_list_vulnerabilities_returns_not_found_there_is_no_request_associated_with_the_provided_token_response.frozen index bebe514484..ae0101c9ee 100644 --- a/tests/v2/cassettes/test_scenarios/test_list_vulnerabilities_returns_not_found_there_is_no_request_associated_with_the_provided_token_response.frozen +++ b/tests/v2/cassettes/test_scenarios/test_list_vulnerabilities_returns_not_found_there_is_no_request_associated_with_the_provided_token_response.frozen @@ -1 +1 @@ -2025-01-31T12:04:28.397Z \ No newline at end of file +2025-12-12T14:36:04.169Z \ No newline at end of file diff --git a/tests/v2/cassettes/test_scenarios/test_list_vulnerabilities_returns_not_found_there_is_no_request_associated_with_the_provided_token_response.yaml b/tests/v2/cassettes/test_scenarios/test_list_vulnerabilities_returns_not_found_there_is_no_request_associated_with_the_provided_token_response.yaml index b3563d7086..88be80727d 100644 --- a/tests/v2/cassettes/test_scenarios/test_list_vulnerabilities_returns_not_found_there_is_no_request_associated_with_the_provided_token_response.yaml +++ b/tests/v2/cassettes/test_scenarios/test_list_vulnerabilities_returns_not_found_there_is_no_request_associated_with_the_provided_token_response.yaml @@ -8,8 +8,7 @@ interactions: uri: https://api.datadoghq.com/api/v2/security/vulnerabilities?page%5Btoken%5D=unknown&page%5Bnumber%5D=1 response: body: - string: '{"errors":[{"title":"Generic Error","detail":"rpc error: code = Internal - desc = no cached result set found for queryID: unknown"}]}' + string: '{"errors":[{"status":"404","title":"Unexpected internal error"}]}' headers: content-type: - application/vnd.api+json diff --git a/tests/v2/cassettes/test_scenarios/test_list_vulnerabilities_returns_ok_response.frozen b/tests/v2/cassettes/test_scenarios/test_list_vulnerabilities_returns_ok_response.frozen index 9ddcdc5dd2..e3e6312eec 100644 --- a/tests/v2/cassettes/test_scenarios/test_list_vulnerabilities_returns_ok_response.frozen +++ b/tests/v2/cassettes/test_scenarios/test_list_vulnerabilities_returns_ok_response.frozen @@ -1 +1 @@ -2025-01-31T12:04:39.730Z \ No newline at end of file +2025-12-12T14:36:49.310Z \ No newline at end of file diff --git a/tests/v2/features/security_monitoring.feature b/tests/v2/features/security_monitoring.feature index 7dc352a7a4..e8b72066af 100644 --- a/tests/v2/features/security_monitoring.feature +++ b/tests/v2/features/security_monitoring.feature @@ -781,7 +781,7 @@ Feature: Security Monitoring When the request is sent Then the response status is 404 Not Found - @generated @skip @team:DataDog/asm-vm + @generated @skip @team:DataDog/k9-cloud-vm Scenario: Get SBOM returns "Bad request: The server cannot process the request due to invalid syntax in the request." response Given operation "GetSBOM" enabled And new "GetSBOM" request @@ -790,7 +790,7 @@ Feature: Security Monitoring When the request is sent Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request. - @team:DataDog/asm-vm + @team:DataDog/k9-cloud-vm Scenario: Get SBOM returns "Not found: asset not found" response Given operation "GetSBOM" enabled And new "GetSBOM" request @@ -799,7 +799,7 @@ Feature: Security Monitoring When the request is sent Then the response status is 404 Not found: asset not found - @skip @team:DataDog/asm-vm + @skip @team:DataDog/k9-cloud-vm Scenario: Get SBOM returns "OK" response Given operation "GetSBOM" enabled And new "GetSBOM" request @@ -1182,14 +1182,14 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 The list of notification rules. - @generated @skip @team:DataDog/asm-vm + @generated @skip @team:DataDog/k9-cloud-vm Scenario: List assets SBOMs returns "Bad request: The server cannot process the request due to invalid syntax in the request." response Given operation "ListAssetsSBOMs" enabled And new "ListAssetsSBOMs" request When the request is sent Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request. - @team:DataDog/asm-vm + @team:DataDog/k9-cloud-vm Scenario: List assets SBOMs returns "Not found: There is no request associated with the provided token." response Given operation "ListAssetsSBOMs" enabled And new "ListAssetsSBOMs" request @@ -1198,14 +1198,14 @@ Feature: Security Monitoring When the request is sent Then the response status is 404 Not found: There is no request associated with the provided token. - @generated @skip @team:DataDog/asm-vm + @generated @skip @team:DataDog/k9-cloud-vm Scenario: List assets SBOMs returns "Not found: asset not found" response Given operation "ListAssetsSBOMs" enabled And new "ListAssetsSBOMs" request When the request is sent Then the response status is 404 Not found: asset not found - @team:DataDog/asm-vm + @team:DataDog/k9-cloud-vm Scenario: List assets SBOMs returns "OK" response Given operation "ListAssetsSBOMs" enabled And new "ListAssetsSBOMs" request @@ -1317,14 +1317,14 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK - @skip @team:DataDog/asm-vm + @skip @team:DataDog/k9-cloud-vm Scenario: List scanned assets metadata returns "Bad request: The server cannot process the request due to invalid syntax in the request." response Given operation "ListScannedAssetsMetadata" enabled And new "ListScannedAssetsMetadata" request When the request is sent Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request. - @team:DataDog/asm-vm + @team:DataDog/k9-cloud-vm Scenario: List scanned assets metadata returns "Not found: asset not found" response Given operation "ListScannedAssetsMetadata" enabled And new "ListScannedAssetsMetadata" request @@ -1333,7 +1333,7 @@ Feature: Security Monitoring When the request is sent Then the response status is 404 Not found: asset not found - @team:DataDog/asm-vm + @team:DataDog/k9-cloud-vm Scenario: List scanned assets metadata returns "OK" response Given operation "ListScannedAssetsMetadata" enabled And new "ListScannedAssetsMetadata" request @@ -1354,14 +1354,14 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/asm-vm + @generated @skip @team:DataDog/k9-cloud-vm Scenario: List vulnerabilities returns "Bad request: The server cannot process the request due to invalid syntax in the request." response Given operation "ListVulnerabilities" enabled And new "ListVulnerabilities" request When the request is sent Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request. - @team:DataDog/asm-vm + @team:DataDog/k9-cloud-vm Scenario: List vulnerabilities returns "Not found: There is no request associated with the provided token." response Given operation "ListVulnerabilities" enabled And new "ListVulnerabilities" request @@ -1370,7 +1370,7 @@ Feature: Security Monitoring When the request is sent Then the response status is 404 Not found: There is no request associated with the provided token. - @team:DataDog/asm-vm + @team:DataDog/k9-cloud-vm Scenario: List vulnerabilities returns "OK" response Given operation "ListVulnerabilities" enabled And new "ListVulnerabilities" request @@ -1380,14 +1380,14 @@ Feature: Security Monitoring When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/asm-vm + @generated @skip @team:DataDog/k9-cloud-vm Scenario: List vulnerable assets returns "Bad request: The server cannot process the request due to invalid syntax in the request." response Given operation "ListVulnerableAssets" enabled And new "ListVulnerableAssets" request When the request is sent Then the response status is 400 Bad request: The server cannot process the request due to invalid syntax in the request. - @team:DataDog/asm-vm + @team:DataDog/k9-cloud-vm Scenario: List vulnerable assets returns "Not found: There is no request associated with the provided token." response Given operation "ListVulnerableAssets" enabled And new "ListVulnerableAssets" request @@ -1396,7 +1396,7 @@ Feature: Security Monitoring When the request is sent Then the response status is 404 Not found: There is no request associated with the provided token. - @team:DataDog/asm-vm + @team:DataDog/k9-cloud-vm Scenario: List vulnerable assets returns "OK" response Given operation "ListVulnerableAssets" enabled And new "ListVulnerableAssets" request @@ -1530,14 +1530,14 @@ Feature: Security Monitoring When the request is sent Then the response status is 422 The server cannot process the request because it contains invalid data. - @generated @skip @team:DataDog/asm-vm - Scenario: Returns list of Secrets rules returns "OK" response + @generated @skip @team:DataDog/k9-vm-ast + Scenario: Returns a list of Secrets rules returns "OK" response Given operation "GetSecretsRules" enabled And new "GetSecretsRules" request When the request is sent Then the response status is 200 OK - @generated @skip @team:DataDog/asm-vm + @generated @skip @team:DataDog/k9-vm-ast Scenario: Ruleset get multiple returns "OK" response Given operation "ListMultipleRulesets" enabled And new "ListMultipleRulesets" request