Skip to content

Commit 4fcbde5

Browse files
authored
test: update snapshots (#2840)
The snapshots have changed, probably due to OSV advisories being changed. Please review the differences to make sure that they're expected!
1 parent 96b78e8 commit 4fcbde5

2 files changed

Lines changed: 52 additions & 46 deletions

File tree

cmd/osv-scanner/fix/__snapshots__/command_test.snap

Lines changed: 44 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -5263,7 +5263,7 @@ Guided remediation (the fix command) can be risky when run on untrusted projects
52635263
Found 16 vulnerabilities matching the filter
52645264
Can fix 8/16 matching vulnerabilities by changing 5 dependencies
52655265
UPGRADED-PACKAGE: minimatch,3.1.2,3.1.5
5266-
UPGRADED-PACKAGE: brace-expansion,1.1.11,1.1.14
5266+
UPGRADED-PACKAGE: brace-expansion,1.1.11,1.1.15
52675267
UPGRADED-PACKAGE: ajv,6.12.6,6.15.0
52685268
UPGRADED-PACKAGE: concat-stream,1.5.0,1.6.1
52695269
UPGRADED-PACKAGE: hosted-git-info,2.1.4,2.8.9
@@ -5379,12 +5379,12 @@ UNFIXABLE-VULNS: 8
53795379
}
53805380
},
53815381
"node_modules/brace-expansion": {
5382-
"version": "1.1.14",
5383-
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.14.tgz",
5384-
"integrity": "sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==",
5382+
"version": "1.1.15",
5383+
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.15.tgz",
5384+
"integrity": "sha512-EwOCDEex4quD37XhqM3omwtMoJjr//isUZz1JopUNWms+4Z2ViyM/k1YIRePpoVNnQhENnxtFjLaxNHrT7xIUg==",
53855385
"dependencies": {
5386-
"concat-map": "0.0.1",
5387-
"balanced-match": "^1.0.0"
5386+
"balanced-match": "^1.0.0",
5387+
"concat-map": "0.0.1"
53885388
}
53895389
},
53905390
"node_modules/caseless": {
@@ -6299,12 +6299,12 @@ UNFIXABLE-VULNS: 8
62996299
}
63006300
},
63016301
"brace-expansion": {
6302-
"version": "1.1.14",
6303-
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.14.tgz",
6304-
"integrity": "sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==",
6302+
"version": "1.1.15",
6303+
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.15.tgz",
6304+
"integrity": "sha512-EwOCDEex4quD37XhqM3omwtMoJjr//isUZz1JopUNWms+4Z2ViyM/k1YIRePpoVNnQhENnxtFjLaxNHrT7xIUg==",
63056305
"requires": {
6306-
"concat-map": "0.0.1",
6307-
"balanced-match": "^1.0.0"
6306+
"balanced-match": "^1.0.0",
6307+
"concat-map": "0.0.1"
63086308
}
63096309
},
63106310
"caseless": {
@@ -7205,7 +7205,7 @@ UNFIXABLE-VULNS: 8
72057205
{
72067206
"name": "brace-expansion",
72077207
"versionFrom": "1.1.11",
7208-
"versionTo": "1.1.14",
7208+
"versionTo": "1.1.15",
72097209
"transitive": true
72107210
}
72117211
],
@@ -7405,12 +7405,12 @@ Guided remediation (the fix command) can be risky when run on untrusted projects
74057405
}
74067406
},
74077407
"node_modules/brace-expansion": {
7408-
"version": "1.1.14",
7409-
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.14.tgz",
7410-
"integrity": "sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==",
7408+
"version": "1.1.15",
7409+
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.15.tgz",
7410+
"integrity": "sha512-EwOCDEex4quD37XhqM3omwtMoJjr//isUZz1JopUNWms+4Z2ViyM/k1YIRePpoVNnQhENnxtFjLaxNHrT7xIUg==",
74117411
"dependencies": {
7412-
"concat-map": "0.0.1",
7413-
"balanced-match": "^1.0.0"
7412+
"balanced-match": "^1.0.0",
7413+
"concat-map": "0.0.1"
74147414
}
74157415
},
74167416
"node_modules/caseless": {
@@ -8325,12 +8325,12 @@ Guided remediation (the fix command) can be risky when run on untrusted projects
83258325
}
83268326
},
83278327
"brace-expansion": {
8328-
"version": "1.1.14",
8329-
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.14.tgz",
8330-
"integrity": "sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==",
8328+
"version": "1.1.15",
8329+
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.15.tgz",
8330+
"integrity": "sha512-EwOCDEex4quD37XhqM3omwtMoJjr//isUZz1JopUNWms+4Z2ViyM/k1YIRePpoVNnQhENnxtFjLaxNHrT7xIUg==",
83318331
"requires": {
8332-
"concat-map": "0.0.1",
8333-
"balanced-match": "^1.0.0"
8332+
"balanced-match": "^1.0.0",
8333+
"concat-map": "0.0.1"
83348334
}
83358335
},
83368336
"caseless": {
@@ -9631,7 +9631,7 @@ Guided remediation (the fix command) can be risky when run on untrusted projects
96319631
Found 16 vulnerabilities matching the filter
96329632
Can fix 8/16 matching vulnerabilities by changing 5 dependencies
96339633
UPGRADED-PACKAGE: minimatch,3.1.2,3.1.5
9634-
UPGRADED-PACKAGE: brace-expansion,1.1.11,1.1.14
9634+
UPGRADED-PACKAGE: brace-expansion,1.1.11,1.1.15
96359635
UPGRADED-PACKAGE: ajv,6.12.6,6.15.0
96369636
UPGRADED-PACKAGE: concat-stream,1.5.0,1.6.1
96379637
UPGRADED-PACKAGE: hosted-git-info,2.1.4,2.8.9
@@ -9747,12 +9747,12 @@ UNFIXABLE-VULNS: 8
97479747
}
97489748
},
97499749
"node_modules/brace-expansion": {
9750-
"version": "1.1.14",
9751-
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.14.tgz",
9752-
"integrity": "sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==",
9750+
"version": "1.1.15",
9751+
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.15.tgz",
9752+
"integrity": "sha512-EwOCDEex4quD37XhqM3omwtMoJjr//isUZz1JopUNWms+4Z2ViyM/k1YIRePpoVNnQhENnxtFjLaxNHrT7xIUg==",
97539753
"dependencies": {
9754-
"concat-map": "0.0.1",
9755-
"balanced-match": "^1.0.0"
9754+
"balanced-match": "^1.0.0",
9755+
"concat-map": "0.0.1"
97569756
}
97579757
},
97589758
"node_modules/caseless": {
@@ -10667,12 +10667,12 @@ UNFIXABLE-VULNS: 8
1066710667
}
1066810668
},
1066910669
"brace-expansion": {
10670-
"version": "1.1.14",
10671-
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.14.tgz",
10672-
"integrity": "sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==",
10670+
"version": "1.1.15",
10671+
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.15.tgz",
10672+
"integrity": "sha512-EwOCDEex4quD37XhqM3omwtMoJjr//isUZz1JopUNWms+4Z2ViyM/k1YIRePpoVNnQhENnxtFjLaxNHrT7xIUg==",
1067310673
"requires": {
10674-
"concat-map": "0.0.1",
10675-
"balanced-match": "^1.0.0"
10674+
"balanced-match": "^1.0.0",
10675+
"concat-map": "0.0.1"
1067610676
}
1067710677
},
1067810678
"caseless": {
@@ -11450,7 +11450,7 @@ Guided remediation (the fix command) can be risky when run on untrusted projects
1145011450
Found 16 vulnerabilities matching the filter
1145111451
Can fix 8/16 matching vulnerabilities by changing 5 dependencies
1145211452
UPGRADED-PACKAGE: minimatch,3.1.2,3.1.5
11453-
UPGRADED-PACKAGE: brace-expansion,1.1.11,1.1.14
11453+
UPGRADED-PACKAGE: brace-expansion,1.1.11,1.1.15
1145411454
UPGRADED-PACKAGE: ajv,6.12.6,6.15.0
1145511455
UPGRADED-PACKAGE: concat-stream,1.5.0,1.6.1
1145611456
UPGRADED-PACKAGE: hosted-git-info,2.1.4,2.8.9
@@ -11566,12 +11566,12 @@ UNFIXABLE-VULNS: 8
1156611566
}
1156711567
},
1156811568
"node_modules/brace-expansion": {
11569-
"version": "1.1.14",
11570-
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.14.tgz",
11571-
"integrity": "sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==",
11569+
"version": "1.1.15",
11570+
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.15.tgz",
11571+
"integrity": "sha512-EwOCDEex4quD37XhqM3omwtMoJjr//isUZz1JopUNWms+4Z2ViyM/k1YIRePpoVNnQhENnxtFjLaxNHrT7xIUg==",
1157211572
"dependencies": {
11573-
"concat-map": "0.0.1",
11574-
"balanced-match": "^1.0.0"
11573+
"balanced-match": "^1.0.0",
11574+
"concat-map": "0.0.1"
1157511575
}
1157611576
},
1157711577
"node_modules/caseless": {
@@ -12486,12 +12486,12 @@ UNFIXABLE-VULNS: 8
1248612486
}
1248712487
},
1248812488
"brace-expansion": {
12489-
"version": "1.1.14",
12490-
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.14.tgz",
12491-
"integrity": "sha512-MWPGfDxnyzKU7rNOW9SP/c50vi3xrmrua/+6hfPbCS2ABNWfx24vPidzvC7krjU/RTo235sV776ymlsMtGKj8g==",
12489+
"version": "1.1.15",
12490+
"resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.15.tgz",
12491+
"integrity": "sha512-EwOCDEex4quD37XhqM3omwtMoJjr//isUZz1JopUNWms+4Z2ViyM/k1YIRePpoVNnQhENnxtFjLaxNHrT7xIUg==",
1249212492
"requires": {
12493-
"concat-map": "0.0.1",
12494-
"balanced-match": "^1.0.0"
12493+
"balanced-match": "^1.0.0",
12494+
"concat-map": "0.0.1"
1249512495
}
1249612496
},
1249712497
"caseless": {

cmd/osv-scanner/scan/source/__snapshots__/command_test.snap

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4970,7 +4970,7 @@ Filtered 1 local/unscannable package/s from the scan.
49704970
Loaded Debian local db from <tempdir>/osv-scanner/Debian/all.zip
49714971
Loaded Go local db from <tempdir>/osv-scanner/Go/all.zip
49724972

4973-
Total 22 packages affected by 185 known vulnerabilities (19 Critical, 77 High, 60 Medium, 4 Low, 25 Unknown) from 2 ecosystems.
4973+
Total 22 packages affected by 188 known vulnerabilities (19 Critical, 77 High, 60 Medium, 4 Low, 28 Unknown) from 2 ecosystems.
49744974
12 vulnerabilities can be fixed.
49754975

49764976
+---------------------------------------+------+-----------+--------------------------------+------------------------------------+-----------------------------------+-------------------------------------------------+
@@ -5154,7 +5154,10 @@ Total 22 packages affected by 185 known vulnerabilities (19 Critical, 77 High, 6
51545154
| https://osv.dev/DEBIAN-CVE-2021-36770 | 7.8 | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
51555155
| https://osv.dev/DEBIAN-CVE-2023-47038 | 7.8 | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
51565156
| https://osv.dev/DEBIAN-CVE-2025-40909 | 5.9 | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
5157+
| https://osv.dev/DEBIAN-CVE-2026-42496 | | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
5158+
| https://osv.dev/DEBIAN-CVE-2026-42497 | | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
51575159
| https://osv.dev/DEBIAN-CVE-2026-8376 | | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
5160+
| https://osv.dev/DEBIAN-CVE-2026-9538 | | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
51585161
| https://osv.dev/DSA-5135-1 | | Debian | postgresql-11 | 11.15-1.pgdg90+1 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
51595162
| https://osv.dev/DLA-3072-1 | | Debian | postgresql-11 | 11.15-1.pgdg90+1 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
51605163
| https://osv.dev/DLA-3189-1 | | Debian | postgresql-11 | 11.15-1.pgdg90+1 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
@@ -5205,7 +5208,7 @@ Filtered 1 local/unscannable package/s from the scan.
52055208
Loaded Debian local db from <tempdir>/osv-scanner/Debian/all.zip
52065209
Loaded Go local db from <tempdir>/osv-scanner/Go/all.zip
52075210

5208-
Total 22 packages affected by 185 known vulnerabilities (19 Critical, 77 High, 60 Medium, 4 Low, 25 Unknown) from 2 ecosystems.
5211+
Total 22 packages affected by 188 known vulnerabilities (19 Critical, 77 High, 60 Medium, 4 Low, 28 Unknown) from 2 ecosystems.
52095212
12 vulnerabilities can be fixed.
52105213

52115214
+---------------------------------------+------+-----------+--------------------------------+------------------------------------+-----------------------------------+-------------------------------------------------+
@@ -5389,7 +5392,10 @@ Total 22 packages affected by 185 known vulnerabilities (19 Critical, 77 High, 6
53895392
| https://osv.dev/DEBIAN-CVE-2021-36770 | 7.8 | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
53905393
| https://osv.dev/DEBIAN-CVE-2023-47038 | 7.8 | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
53915394
| https://osv.dev/DEBIAN-CVE-2025-40909 | 5.9 | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
5395+
| https://osv.dev/DEBIAN-CVE-2026-42496 | | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
5396+
| https://osv.dev/DEBIAN-CVE-2026-42497 | | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
53925397
| https://osv.dev/DEBIAN-CVE-2026-8376 | | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
5398+
| https://osv.dev/DEBIAN-CVE-2026-9538 | | Debian | perl | 5.24.1-3+deb9u7 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
53935399
| https://osv.dev/DSA-5135-1 | | Debian | postgresql-11 | 11.15-1.pgdg90+1 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
53945400
| https://osv.dev/DLA-3072-1 | | Debian | postgresql-11 | 11.15-1.pgdg90+1 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |
53955401
| https://osv.dev/DLA-3189-1 | | Debian | postgresql-11 | 11.15-1.pgdg90+1 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |

0 commit comments

Comments
 (0)