google-cloud-containeranalysis overview (2.31.0)

is a service that provides vulnerability scanning and metadata storage for software artifacts. The service performs vulnerability scans on built software artifacts, such as the images in Container Registry, then stores the resulting metadata and makes it available for consumption through an API. The metadata may come from several sources, including vulnerability scanning, other Cloud services, and third-party providers.

Cloud Container Analysis Product ReferenceGitHub Repository (includes samples)Maven artifact

Getting Started

In order to use this library, you first need to go through the following steps:

Use the Cloud Container Analysis for Java

To ensure that your project uses compatible versions of the libraries and their component artifacts, import com.google.cloud:libraries-bom and use the BOM to specify dependency versions. Be sure to remove any versions that you set previously. For more information about BOMs, see Google Cloud Platform Libraries BOM.

Which version should I use?

For this library, we recommend using API version v1 for new applications.

Each Cloud Java client library may contain multiple packages. Each package containing a version number in its name corresponds to a published version of the service. We recommend using the latest stable version for new production applications, which can be identified by the largest numeric version that does not contain a suffix. For example, if a client library has two packages: v1 and v2alpha, then the latest stable version is v1. If you use an unstable release, breaking changes may be introduced when upgrading. You can read more about Cloud API versioning strategy here.