From 816dd48a6da9cea87a9f511e5797746756072e07 Mon Sep 17 00:00:00 2001 From: osv-robot Date: Tue, 19 May 2026 19:35:26 +0000 Subject: [PATCH] test: update snapshots --- .../source/__snapshots__/command_test.snap | 25 +++++++++++-------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap b/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap index 4c7d587fcad..d2fea5e274a 100755 --- a/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap +++ b/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap @@ -911,7 +911,7 @@ Scanned /testdata/sbom-insecure/postgres-stretch.cdx.xml file and found Scanned /testdata/sbom-insecure/with-duplicates.cdx.xml file and found 17 packages Filtered 10 local/unscannable package/s from the scan. -Total 27 packages affected by 200 known vulnerabilities (22 Critical, 87 High, 64 Medium, 4 Low, 23 Unknown) from 4 ecosystems. +Total 27 packages affected by 200 known vulnerabilities (22 Critical, 86 High, 65 Medium, 4 Low, 23 Unknown) from 4 ecosystems. 11 vulnerabilities can be fixed. +---------------------------------------+------+-----------+--------------------------------+------------------------------------+-----------------------------------+---------------------------------------------------------------------+ @@ -1082,7 +1082,7 @@ Total 27 packages affected by 200 known vulnerabilities (22 Critical, 87 High, 6 | https://osv.dev/DEBIAN-CVE-2025-4575 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2025-66199 | 5.9 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2025-9231 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | -| https://osv.dev/DEBIAN-CVE-2026-2673 | 7.3 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | +| https://osv.dev/DEBIAN-CVE-2026-2673 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28386 | 7.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28387 | 8.1 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28388 | 7.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | @@ -2168,7 +2168,7 @@ Filtered 8 vulnerabilities from output testdata/osv-scanner-partial-ignores-config.toml has unused ignores: - CVE-2019-5188 -Total 27 packages affected by 194 known vulnerabilities (22 Critical, 82 High, 63 Medium, 4 Low, 23 Unknown) from 4 ecosystems. +Total 27 packages affected by 194 known vulnerabilities (22 Critical, 81 High, 64 Medium, 4 Low, 23 Unknown) from 4 ecosystems. 10 vulnerabilities can be fixed. +---------------------------------------+------+-----------+--------------------------------+------------------------------------+-----------------------------------+---------------------------------------------------------------------+ @@ -2331,7 +2331,7 @@ Total 27 packages affected by 194 known vulnerabilities (22 Critical, 82 High, 6 | https://osv.dev/DEBIAN-CVE-2025-4575 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2025-66199 | 5.9 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2025-9231 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | -| https://osv.dev/DEBIAN-CVE-2026-2673 | 7.3 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | +| https://osv.dev/DEBIAN-CVE-2026-2673 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28386 | 7.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28387 | 8.1 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28388 | 7.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | @@ -2417,7 +2417,7 @@ Filtered 6 vulnerabilities from output testdata/osv-scanner-partial-ignores-config.toml has unused ignores: - CVE-2019-5188 -Total 24 packages affected by 186 known vulnerabilities (20 Critical, 79 High, 60 Medium, 4 Low, 23 Unknown) from 3 ecosystems. +Total 24 packages affected by 186 known vulnerabilities (20 Critical, 78 High, 61 Medium, 4 Low, 23 Unknown) from 3 ecosystems. 10 vulnerabilities can be fixed. +---------------------------------------+------+-----------+--------------------------------+------------------------------------+-----------------------------------+-------------------------------------------------+ @@ -2572,7 +2572,7 @@ Total 24 packages affected by 186 known vulnerabilities (20 Critical, 79 High, 6 | https://osv.dev/DEBIAN-CVE-2025-4575 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2025-66199 | 5.9 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2025-9231 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | -| https://osv.dev/DEBIAN-CVE-2026-2673 | 7.3 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | +| https://osv.dev/DEBIAN-CVE-2026-2673 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28386 | 7.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28387 | 8.1 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28388 | 7.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | @@ -4749,7 +4749,7 @@ Filtered 1 local/unscannable package/s from the scan. Loaded Debian local db from /osv-scanner/Debian/all.zip Loaded Go local db from /osv-scanner/Go/all.zip -Total 22 packages affected by 183 known vulnerabilities (19 Critical, 78 High, 59 Medium, 4 Low, 23 Unknown) from 2 ecosystems. +Total 22 packages affected by 183 known vulnerabilities (19 Critical, 77 High, 60 Medium, 4 Low, 23 Unknown) from 2 ecosystems. 11 vulnerabilities can be fixed. +---------------------------------------+------+-----------+--------------------------------+------------------------------------+-----------------------------------+-------------------------------------------------+ @@ -4903,7 +4903,7 @@ Total 22 packages affected by 183 known vulnerabilities (19 Critical, 78 High, 5 | https://osv.dev/DEBIAN-CVE-2025-4575 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2025-66199 | 5.9 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2025-9231 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | -| https://osv.dev/DEBIAN-CVE-2026-2673 | 7.3 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | +| https://osv.dev/DEBIAN-CVE-2026-2673 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28386 | 7.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28387 | 8.1 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28388 | 7.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | @@ -4982,7 +4982,7 @@ Filtered 1 local/unscannable package/s from the scan. Loaded Debian local db from /osv-scanner/Debian/all.zip Loaded Go local db from /osv-scanner/Go/all.zip -Total 22 packages affected by 183 known vulnerabilities (19 Critical, 78 High, 59 Medium, 4 Low, 23 Unknown) from 2 ecosystems. +Total 22 packages affected by 183 known vulnerabilities (19 Critical, 77 High, 60 Medium, 4 Low, 23 Unknown) from 2 ecosystems. 11 vulnerabilities can be fixed. +---------------------------------------+------+-----------+--------------------------------+------------------------------------+-----------------------------------+-------------------------------------------------+ @@ -5136,7 +5136,7 @@ Total 22 packages affected by 183 known vulnerabilities (19 Critical, 78 High, 5 | https://osv.dev/DEBIAN-CVE-2025-4575 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2025-66199 | 5.9 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2025-9231 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | -| https://osv.dev/DEBIAN-CVE-2026-2673 | 7.3 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | +| https://osv.dev/DEBIAN-CVE-2026-2673 | 6.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28386 | 7.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28387 | 8.1 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2026-28388 | 7.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | @@ -5956,6 +5956,11 @@ Total 3 packages affected by 13 known vulnerabilities (1 Critical, 4 High, 7 Med Scanning dir ./testdata/locks-requirements/requirements.txt Scanned /testdata/locks-requirements/requirements.txt file and found 3 packages Loaded PyPI local db from /osv-scanner/PyPI/all.zip +PYSEC-2011-28 does not have any ranges or versions - this is probably a mistake! +PYSEC-2011-29 does not have any ranges or versions - this is probably a mistake! +PYSEC-2011-30 does not have any ranges or versions - this is probably a mistake! +PYSEC-2011-31 does not have any ranges or versions - this is probably a mistake! +PYSEC-2020-345 does not have any ranges or versions - this is probably a mistake! Total 3 packages affected by 13 known vulnerabilities (1 Critical, 4 High, 7 Medium, 1 Low, 0 Unknown) from 1 ecosystem. 13 vulnerabilities can be fixed.