- 2.55.0 (latest)
- 2.54.0
- 2.53.0
- 2.52.0
- 2.50.0
- 2.49.0
- 2.48.0
- 2.47.0
- 2.46.0
- 2.45.0
- 2.44.0
- 2.43.0
- 2.42.0
- 2.41.0
- 2.40.0
- 2.38.0
- 2.37.0
- 2.36.0
- 2.35.0
- 2.34.0
- 2.33.0
- 2.32.0
- 2.31.0
- 2.30.0
- 2.29.0
- 2.28.0
- 2.25.0
- 2.24.0
- 2.23.0
- 2.22.0
- 2.21.0
- 2.20.0
- 2.19.0
- 2.18.0
- 2.17.0
- 2.16.0
- 2.15.0
- 2.14.0
- 2.13.0
- 2.12.0
- 2.11.0
- 2.10.0
- 2.9.0
- 2.8.0
- 2.7.0
- 2.6.0
- 2.5.0
- 2.4.10
- 2.3.1
- 2.2.16
google-cloud-containeranalysis overview (2.33.0)
Key Reference Links
Cloud Container Analysis Description: Is a service that provides vulnerability scanning and metadata storage for software artifacts. The service performs vulnerability scans on built software artifacts, such as the images in Container Registry, then stores the resulting metadata and makes it available for consumption through an API. The metadata may come from several sources, including vulnerability scanning, other Cloud services, and third-party providers.
Cloud Container Analysis Product Reference | GitHub Repository (includes samples) | Maven artifact |
Getting Started
In order to use this library, you first need to go through the following steps:
- Install a JDK (Java Development Kit)
- Select or create a Cloud Platform project
- Enable billing for your project
- Enable the API
- Set up authentication
Use the Cloud Container Analysis for Java
To ensure that your project uses compatible versions of the libraries
and their component artifacts, import com.google.cloud:libraries-bom
and use
the BOM to specify dependency versions. Be sure to remove any versions that you
set previously. For more information about
BOMs, see Google Cloud Platform Libraries BOM.
Maven
Import the BOM in the dependencyManagement
section of your pom.xml
file.
Include specific artifacts you depend on in the dependencies
section, but don't
specify the artifacts' versions in the dependencies
section.
The example below demonstrates how you would import the BOM and include the google-cloud-containeranalysis
artifact.
<dependencyManagement> <dependencies> <dependency> <groupId>com.google.cloud</groupId> <artifactId>libraries-bom</artifactId> <version> 26.29.0</version> <type>pom</type> <scope>import</scope> </dependency> </dependencies> </dependencyManagement> <dependencies> <dependency> <groupId>com.google.cloud</groupId> <artifactId>google-cloud-containeranalysis</artifactId> </dependency> </dependencies>
Gradle
BOMs are supported by default in Gradle 5.x or later. Add a platform
dependency on com.google.cloud:libraries-bom
and remove the version from the
dependency declarations in the artifact's build.gradle
file.
The example below demonstrates how you would import the BOM and include the google-cloud-containeranalysis
artifact.
implementation platform('com.google.cloud:libraries-bom: 26.29.0') implementation 'com.google.cloud:google-cloud-containeranalysis'
The platform
and enforcedPlatform
keywords supply dependency versions
declared in a BOM. The enforcedPlatform
keyword enforces the dependency
versions declared in the BOM and thus overrides what you specified.
For more details of the platform
and enforcedPlatform
keywords Gradle 5.x or higher, see
Gradle: Importing Maven BOMs.
If you're using Gradle 4.6 or later, add
enableFeaturePreview('IMPROVED_POM_SUPPORT')
to your settings.gradle
file. For details, see
Gradle 4.6 Release Notes: BOM import.
Versions of Gradle earlier than 4.6 don't support BOMs.
SBT
SBT doesn't support BOMs. You can find recommended versions of libraries from a particular BOM version on the dashboard and set the versions manually. To use the latest version of this library, add this to your dependencies:
libraryDependencies += "com.google.cloud" % "google-cloud-containeranalysis" % "2.33.0"
Which version should I use?
For this library, we recommend using API version v1 for new applications.
Each Cloud Java client library may contain multiple packages. Each package containing a version number in its name corresponds to a published version of the service.
We recommend using the latest stable version for new production applications, which can be identified by the largest numeric version that does not contain a suffix.
For example, if a client library has two packages: v1
and v2alpha
, then the latest stable version is v1
.
If you use an unstable release, breaking changes may be introduced when upgrading.
You can read more about Cloud API versioning strategy here.