diff --git a/Makefile b/Makefile index d03b604c990..c81c9d0786b 100644 --- a/Makefile +++ b/Makefile @@ -9,9 +9,13 @@ lint: format: scripts/run_formatters.sh +test-short: + scripts/run_tests.sh -short + test: scripts/run_tests.sh + clean: rm -f osv-scanner rm -r cmd/osv-scanner/scan/image/testdata/test-*.tar diff --git a/cmd/osv-scanner/fix/__snapshots__/command_test.snap b/cmd/osv-scanner/fix/__snapshots__/command_test.snap index 87987887486..ab1fd282056 100755 --- a/cmd/osv-scanner/fix/__snapshots__/command_test.snap +++ b/cmd/osv-scanner/fix/__snapshots__/command_test.snap @@ -11206,7 +11206,83 @@ Rewriting /package-lock.json... --- -[TestCommand/fix_non_interactive_in_place_package_lock_json_with_offline_vulns - 1] +[TestCommand/fix_non_interactive_override_pom_xml_with_native_data_source - 1] +Resolving /pom.xml... +Found 12 vulnerabilities matching the filter +Can fix 12/12 matching vulnerabilities by overriding 4 dependencies +OVERRIDE-PACKAGE: org.apache.httpcomponents:httpclient,4.5.13 +OVERRIDE-PACKAGE: org.codehaus.plexus:plexus-utils,3.0.24 +OVERRIDE-PACKAGE: commons-io:commons-io,2.14.0 +OVERRIDE-PACKAGE: org.jsoup:jsoup,1.15.3 +FIXED-VULN-IDS: GHSA-2x83-r56g-cv47,GHSA-78wr-2p64-hpwj,GHSA-7r82-7xv7-xcpj,GHSA-8vhq-qq4p-grq3,GHSA-cfh5-3ghh-wfjx,GHSA-fmj5-wv96-r2ch,GHSA-g6ph-x5wf-g337,GHSA-gp7f-rwcx-9369,GHSA-gw85-4gmf-m7rh,GHSA-gwrp-pvrq-jmwv,GHSA-jcwr-x25h-x5fh,GHSA-m72m-mhq2-9p6c +REMAINING-VULNS: 0 +UNFIXABLE-VULNS: 0 +Rewriting /pom.xml... + +--- + +[TestCommand/fix_non_interactive_override_pom_xml_with_native_data_source - 2] + +--- + +[TestCommand/fix_non_interactive_override_pom_xml_with_native_data_source - 3] + + 4.0.0 + + dev.osv + osv-fix + 1 + + + 4.5.13 + + + + + + commons-io + commons-io + 2.14.0 + + + org.jsoup + jsoup + 1.15.3 + + + org.apache.httpcomponents + httpclient + ${httpclient.version} + + + + + + + org.apache.maven.wagon + wagon-http + 3.0.0 + + + org.codehaus.plexus + plexus-utils + 3.0.24 + + + + +--- + +[TestCommand/no_args_provided - 1] + +--- + +[TestCommand/no_args_provided - 2] +manifest or lockfile is required + +--- + +[TestCommandOffline/fix_non_interactive_in_place_package_lock_json_with_offline_vulns - 1] Loaded npm local db from /osv-scanner/npm/all.zip Scanning /package-lock.json... Found 9 vulnerabilities matching the filter @@ -11221,11 +11297,11 @@ Rewriting /package-lock.json... --- -[TestCommand/fix_non_interactive_in_place_package_lock_json_with_offline_vulns - 2] +[TestCommandOffline/fix_non_interactive_in_place_package_lock_json_with_offline_vulns - 2] --- -[TestCommand/fix_non_interactive_in_place_package_lock_json_with_offline_vulns - 3] +[TestCommandOffline/fix_non_interactive_in_place_package_lock_json_with_offline_vulns - 3] { "name": "osv-fix", "version": "1.0.0", @@ -12951,74 +13027,7 @@ Rewriting /package-lock.json... --- -[TestCommand/fix_non_interactive_override_pom_xml_with_native_data_source - 1] -Resolving /pom.xml... -Found 12 vulnerabilities matching the filter -Can fix 12/12 matching vulnerabilities by overriding 4 dependencies -OVERRIDE-PACKAGE: org.apache.httpcomponents:httpclient,4.5.13 -OVERRIDE-PACKAGE: org.codehaus.plexus:plexus-utils,3.0.24 -OVERRIDE-PACKAGE: commons-io:commons-io,2.14.0 -OVERRIDE-PACKAGE: org.jsoup:jsoup,1.15.3 -FIXED-VULN-IDS: GHSA-2x83-r56g-cv47,GHSA-78wr-2p64-hpwj,GHSA-7r82-7xv7-xcpj,GHSA-8vhq-qq4p-grq3,GHSA-cfh5-3ghh-wfjx,GHSA-fmj5-wv96-r2ch,GHSA-g6ph-x5wf-g337,GHSA-gp7f-rwcx-9369,GHSA-gw85-4gmf-m7rh,GHSA-gwrp-pvrq-jmwv,GHSA-jcwr-x25h-x5fh,GHSA-m72m-mhq2-9p6c -REMAINING-VULNS: 0 -UNFIXABLE-VULNS: 0 -Rewriting /pom.xml... - ---- - -[TestCommand/fix_non_interactive_override_pom_xml_with_native_data_source - 2] - ---- - -[TestCommand/fix_non_interactive_override_pom_xml_with_native_data_source - 3] - - 4.0.0 - - dev.osv - osv-fix - 1 - - - 4.5.13 - - - - - - commons-io - commons-io - 2.14.0 - - - org.jsoup - jsoup - 1.15.3 - - - org.apache.httpcomponents - httpclient - ${httpclient.version} - - - - - - - org.apache.maven.wagon - wagon-http - 3.0.0 - - - org.codehaus.plexus - plexus-utils - 3.0.24 - - - - ---- - -[TestCommand/fix_non_interactive_relax_package_json_with_offline_vulns - 1] +[TestCommandOffline/fix_non_interactive_relax_package_json_with_offline_vulns - 1] Loaded npm local db from /osv-scanner/npm/all.zip Resolving /package.json... Found 6 vulnerabilities matching the filter @@ -13031,11 +13040,11 @@ Rewriting /package.json... --- -[TestCommand/fix_non_interactive_relax_package_json_with_offline_vulns - 2] +[TestCommandOffline/fix_non_interactive_relax_package_json_with_offline_vulns - 2] --- -[TestCommand/fix_non_interactive_relax_package_json_with_offline_vulns - 3] +[TestCommandOffline/fix_non_interactive_relax_package_json_with_offline_vulns - 3] { "name": "osv-fix", "version": "1.0.0", @@ -13052,12 +13061,3 @@ Rewriting /package.json... } --- - -[TestCommand/no_args_provided - 1] - ---- - -[TestCommand/no_args_provided - 2] -manifest or lockfile is required - ---- diff --git a/cmd/osv-scanner/fix/command_test.go b/cmd/osv-scanner/fix/command_test.go index 1ec83928d88..ac5af9c520a 100644 --- a/cmd/osv-scanner/fix/command_test.go +++ b/cmd/osv-scanner/fix/command_test.go @@ -25,6 +25,8 @@ func matchFile(t *testing.T, file string) { func TestCommand(t *testing.T) { t.Parallel() + testutility.SkipIfShort(t) + tests := []testcmd.Case{ { Name: "no_args_provided", @@ -36,11 +38,6 @@ func TestCommand(t *testing.T) { Args: []string{"", "fix", "--strategy=in-place", "-L", "./testdata/in-place-npm/package-lock.json"}, Exit: 0, }, - { - Name: "fix_non_interactive_in_place_package_lock_json_with_offline_vulns", - Args: []string{"", "fix", "--strategy=in-place", "--offline-vulnerabilities", "--download-offline-databases", "-L", "./testdata/in-place-npm/package-lock.json"}, - Exit: 0, - }, { Name: "fix_non_interactive_in_place_package_lock_json_with_native_data_source", Args: []string{"", "fix", "--strategy=in-place", "--data-source", "native", "-L", "./testdata/in-place-npm/package-lock.json"}, @@ -51,11 +48,6 @@ func TestCommand(t *testing.T) { Args: []string{"", "fix", "--strategy=relax", "-M", "./testdata/relax-npm/package.json"}, Exit: 0, }, - { - Name: "fix_non_interactive_relax_package_json_with_offline_vulns", - Args: []string{"", "fix", "--strategy=relax", "--offline-vulnerabilities", "--download-offline-databases", "-M", "./testdata/relax-npm/package.json"}, - Exit: 0, - }, { Name: "fix non-interactive override pom.xml", Args: []string{"", "fix", "--strategy=override", "-M", "./testdata/override-maven/pom.xml"}, @@ -139,6 +131,45 @@ func TestCommand(t *testing.T) { } } +func TestCommandOffline(t *testing.T) { + t.Parallel() + + testutility.SkipIfShort(t) + + tests := []testcmd.Case{ + { + Name: "fix_non_interactive_in_place_package_lock_json_with_offline_vulns", + Args: []string{"", "fix", "--strategy=in-place", "--offline-vulnerabilities", "--download-offline-databases", "-L", "./testdata/in-place-npm/package-lock.json"}, + Exit: 0, + }, + { + Name: "fix_non_interactive_relax_package_json_with_offline_vulns", + Args: []string{"", "fix", "--strategy=relax", "--offline-vulnerabilities", "--download-offline-databases", "-M", "./testdata/relax-npm/package.json"}, + Exit: 0, + }, + } + for _, tt := range tests { + t.Run(tt.Name, func(t *testing.T) { + t.Parallel() + + // fix action overwrites files, copy them to a temporary directory + testDir := testutility.CreateTestDir(t) + + lockfile := testcmd.CopyFileFlagTo(t, tt, "-L", testDir) + manifest := testcmd.CopyFileFlagTo(t, tt, "-M", testDir) + + testcmd.RunAndMatchSnapshots(t, tt) + + if lockfile != "" { + matchFile(t, lockfile) + } + if manifest != "" { + matchFile(t, manifest) + } + }) + } +} + func parseFlags(t *testing.T, flags []string, arguments []string) (*cli.Command, error) { // This is a bit hacky: make a mock App with only the flags we care about. // Then use app.RunAndMatchSnapshots() to parse the flags into the cli.Context, which is returned. diff --git a/cmd/osv-scanner/internal/testcmd/run.go b/cmd/osv-scanner/internal/testcmd/run.go index 973749f37a7..0ce2e9134a0 100644 --- a/cmd/osv-scanner/internal/testcmd/run.go +++ b/cmd/osv-scanner/internal/testcmd/run.go @@ -53,6 +53,8 @@ func run(t *testing.T, tc Case) (string, string) { if ec != tc.Exit { t.Errorf("cli exited with code %d, not %d", ec, tc.Exit) + t.Errorf("stdout: %s", stdout.String()) + t.Errorf("stderr: %s", stderr.String()) } return stdout.String(), stderr.String() @@ -67,6 +69,10 @@ func RunAndNormalize(t *testing.T, tc Case) (string, string) { stderr = normalizeDirScanOrder(t, stderr) if len(tc.ReplaceRules) > 0 { + if len(stdout) == 0 || !json.Valid([]byte(stdout)) { + t.Fatalf("invalid JSON when expecting json\n stdout: %s\n stderr: %s", stdout, stderr) + } + stdout = normalizeJSON(t, stdout, tc.ReplaceRules...) } diff --git a/cmd/osv-scanner/internal/testcmd/vcr.go b/cmd/osv-scanner/internal/testcmd/vcr.go index 908c829a4d4..30a0545d6e0 100644 --- a/cmd/osv-scanner/internal/testcmd/vcr.go +++ b/cmd/osv-scanner/internal/testcmd/vcr.go @@ -102,12 +102,16 @@ func InsertCassette(t *testing.T) *http.Client { delete(i.Request.Headers, "User-Agent") - i.Request.Body = string(pretty.Pretty([]byte(i.Request.Body))) + // Force copy of default options + prettyOptions := *pretty.DefaultOptions + prettyOptions.SortKeys = true + + i.Request.Body = string(pretty.PrettyOptions([]byte(i.Request.Body), &prettyOptions)) i.Request.ContentLength = int64(len(i.Request.Body)) // use a static duration since we don't care about replicating latency i.Response.Duration = 0 - i.Response.Body = string(pretty.Pretty([]byte(i.Response.Body))) + i.Response.Body = string(pretty.PrettyOptions([]byte(i.Response.Body), &prettyOptions)) return nil }, recorder.AfterCaptureHook), diff --git a/cmd/osv-scanner/scan/image/__snapshots__/command_test.snap b/cmd/osv-scanner/scan/image/__snapshots__/command_test.snap index cc6126c5ab7..15dd7b60839 100755 --- a/cmd/osv-scanner/scan/image/__snapshots__/command_test.snap +++ b/cmd/osv-scanner/scan/image/__snapshots__/command_test.snap @@ -109,42 +109,133 @@ No issues found --- +[TestCommand_ExplicitExtractors_WithDefaults/add_extractors - 1] +Scanning local image tarball "testdata/test-alpine-sbom.tar" + +Container Scanning Result (Alpine Linux v3.10): +Total 2 packages affected by 2 known vulnerabilities (2 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 2 ecosystems. +1 vulnerability can be fixed. + + +Alpine ++------------------------------------------------------------------------------------------------+ +| Source:sbom:/data/alpine-zlib-16.cdx.json:lib/apk/db/installed | ++---------+-------------------+------------------+------------+------------------+---------------+ +| PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE | ++---------+-------------------+------------------+------------+------------------+---------------+ +| zlib | 1.2.12-r1 | No fix available | 1 | # 2 Layer | -- | ++---------+-------------------+------------------+------------+------------------+---------------+ +Alpine:v3.10 ++------------------------------------------------------------------------------------------------------------------------------+ +| Source:os:/lib/apk/db/installed | ++----------------+-------------------+---------------+------------+-------------------------+------------------+---------------+ +| SOURCE PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | BINARY PACKAGES (COUNT) | INTRODUCED LAYER | IN BASE IMAGE | ++----------------+-------------------+---------------+------------+-------------------------+------------------+---------------+ +| apk-tools | 2.10.6-r0 | Fix Available | 1 | apk-tools | # 0 Layer | alpine | ++----------------+-------------------+---------------+------------+-------------------------+------------------+---------------+ + +For the most comprehensive scan results, we recommend using the HTML output: `osv-scanner scan image --serve `. +You can also view the full vulnerability list in your terminal with: `osv-scanner scan image --format vertical `. + +--- + +[TestCommand_ExplicitExtractors_WithDefaults/add_extractors - 2] + +--- + [TestCommand_ExplicitExtractors_WithDefaults/extractors_cancelled_out - 1] -Checking if docker image ("alpine:non-existent-tag") exists locally... +Scanning local image tarball "testdata/test-alpine-sbom.tar" + +Container Scanning Result (Alpine Linux v3.10): +Total 1 package affected by 1 known vulnerability (1 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem. +1 vulnerability can be fixed. + + +Alpine:v3.10 ++------------------------------------------------------------------------------------------------------------------------------+ +| Source:os:/lib/apk/db/installed | ++----------------+-------------------+---------------+------------+-------------------------+------------------+---------------+ +| SOURCE PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | BINARY PACKAGES (COUNT) | INTRODUCED LAYER | IN BASE IMAGE | ++----------------+-------------------+---------------+------------+-------------------------+------------------+---------------+ +| apk-tools | 2.10.6-r0 | Fix Available | 1 | apk-tools | # 0 Layer | alpine | ++----------------+-------------------+---------------+------------+-------------------------+------------------+---------------+ + +For the most comprehensive scan results, we recommend using the HTML output: `osv-scanner scan image --serve `. +You can also view the full vulnerability list in your terminal with: `osv-scanner scan image --format vertical `. --- [TestCommand_ExplicitExtractors_WithDefaults/extractors_cancelled_out - 2] -Docker command exited with code ("/usr/bin/docker pull -q alpine:non-existent-tag"): 1 -STDERR: -> Error response from daemon: manifest for alpine:non-existent-tag not found: manifest unknown: manifest unknown -failed to pull container image: failed to run docker command --- [TestCommand_ExplicitExtractors_WithDefaults/extractors_cancelled_out#01 - 1] -Checking if docker image ("alpine:non-existent-tag") exists locally... +Scanning local image tarball "testdata/test-alpine-sbom.tar" + +Container Scanning Result (Alpine Linux v3.10): +Total 1 package affected by 1 known vulnerability (1 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem. +1 vulnerability can be fixed. + + +Alpine:v3.10 ++------------------------------------------------------------------------------------------------------------------------------+ +| Source:os:/lib/apk/db/installed | ++----------------+-------------------+---------------+------------+-------------------------+------------------+---------------+ +| SOURCE PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | BINARY PACKAGES (COUNT) | INTRODUCED LAYER | IN BASE IMAGE | ++----------------+-------------------+---------------+------------+-------------------------+------------------+---------------+ +| apk-tools | 2.10.6-r0 | Fix Available | 1 | apk-tools | # 0 Layer | alpine | ++----------------+-------------------+---------------+------------+-------------------------+------------------+---------------+ + +For the most comprehensive scan results, we recommend using the HTML output: `osv-scanner scan image --serve `. +You can also view the full vulnerability list in your terminal with: `osv-scanner scan image --format vertical `. --- [TestCommand_ExplicitExtractors_WithDefaults/extractors_cancelled_out#01 - 2] -Docker command exited with code ("/usr/bin/docker pull -q alpine:non-existent-tag"): 1 -STDERR: -> Error response from daemon: manifest for alpine:non-existent-tag not found: manifest unknown: manifest unknown -failed to pull container image: failed to run docker command --- [TestCommand_ExplicitExtractors_WithDefaults/extractors_cancelled_out_with_presets - 1] -Checking if docker image ("alpine:non-existent-tag") exists locally... +Scanning local image tarball "testdata/test-alpine-sbom.tar" + +Container Scanning Result (Alpine Linux v3.10): +Total 1 package affected by 1 known vulnerability (1 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem. +1 vulnerability can be fixed. + + +Alpine:v3.10 ++------------------------------------------------------------------------------------------------------------------------------+ +| Source:os:/lib/apk/db/installed | ++----------------+-------------------+---------------+------------+-------------------------+------------------+---------------+ +| SOURCE PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | BINARY PACKAGES (COUNT) | INTRODUCED LAYER | IN BASE IMAGE | ++----------------+-------------------+---------------+------------+-------------------------+------------------+---------------+ +| apk-tools | 2.10.6-r0 | Fix Available | 1 | apk-tools | # 0 Layer | alpine | ++----------------+-------------------+---------------+------------+-------------------------+------------------+---------------+ + +For the most comprehensive scan results, we recommend using the HTML output: `osv-scanner scan image --serve `. +You can also view the full vulnerability list in your terminal with: `osv-scanner scan image --format vertical `. --- [TestCommand_ExplicitExtractors_WithDefaults/extractors_cancelled_out_with_presets - 2] -Docker command exited with code ("/usr/bin/docker pull -q alpine:non-existent-tag"): 1 -STDERR: -> Error response from daemon: manifest for alpine:non-existent-tag not found: manifest unknown: manifest unknown -failed to pull container image: failed to run docker command + +--- + +[TestCommand_ExplicitExtractors_WithoutDefaults/add_extractors - 1] +Scanning local image tarball "testdata/test-alpine-sbom.tar" +Total 1 package affected by 1 known vulnerability (1 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem. +0 vulnerabilities can be fixed. + + ++---------------------------------------+------+-----------+---------+-----------+---------------+---------------------------------------------------+ +| OSV URL | CVSS | ECOSYSTEM | PACKAGE | VERSION | FIXED VERSION | SOURCE | ++---------------------------------------+------+-----------+---------+-----------+---------------+---------------------------------------------------+ +| https://osv.dev/ALPINE-CVE-2022-37434 | 9.8 | Alpine | zlib | 1.2.12-r1 | -- | data/alpine-zlib-16.cdx.json:lib/apk/db/installed | ++---------------------------------------+------+-----------+---------+-----------+---------------+---------------------------------------------------+ + +--- + +[TestCommand_ExplicitExtractors_WithoutDefaults/add_extractors - 2] --- @@ -691,8 +782,8 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne Scanning local image tarball "./testdata/test-package-tracing.tar" Container Scanning Result (Alpine Linux v3.20): -Total 9 packages affected by 143 known vulnerabilities (1 Critical, 3 High, 5 Medium, 2 Low, 132 Unknown) from 2 ecosystems. -143 vulnerabilities can be fixed. +Total 9 packages affected by 155 known vulnerabilities (1 Critical, 3 High, 5 Medium, 2 Low, 144 Unknown) from 2 ecosystems. +155 vulnerabilities can be fixed. Go @@ -701,42 +792,42 @@ Go +---------+-------------------+---------------+------------+------------------+---------------+ | PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE | +---------+-------------------+---------------+------------+------------------+---------------+ -| stdlib | 1.22.4 | Fix Available | 22 | # 9 Layer | -- | +| stdlib | 1.22.4 | Fix Available | 24 | # 9 Layer | -- | +---------+-------------------+---------------+------------+------------------+---------------+ +---------------------------------------------------------------------------------------------+ | Source:artifact:/go/bin/ptf-1.2.0 | +---------+-------------------+---------------+------------+------------------+---------------+ | PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE | +---------+-------------------+---------------+------------+------------------+---------------+ -| stdlib | 1.22.4 | Fix Available | 22 | # 2 Layer | -- | +| stdlib | 1.22.4 | Fix Available | 24 | # 2 Layer | -- | +---------+-------------------+---------------+------------+------------------+---------------+ +---------------------------------------------------------------------------------------------+ | Source:artifact:/go/bin/ptf-1.3.0 | +---------+-------------------+---------------+------------+------------------+---------------+ | PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE | +---------+-------------------+---------------+------------+------------------+---------------+ -| stdlib | 1.22.4 | Fix Available | 22 | # 4 Layer | -- | +| stdlib | 1.22.4 | Fix Available | 24 | # 4 Layer | -- | +---------+-------------------+---------------+------------+------------------+---------------+ +---------------------------------------------------------------------------------------------+ | Source:artifact:/go/bin/ptf-1.3.0-moved | +---------+-------------------+---------------+------------+------------------+---------------+ | PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE | +---------+-------------------+---------------+------------+------------------+---------------+ -| stdlib | 1.22.4 | Fix Available | 22 | # 3 Layer | -- | +| stdlib | 1.22.4 | Fix Available | 24 | # 3 Layer | -- | +---------+-------------------+---------------+------------+------------------+---------------+ +---------------------------------------------------------------------------------------------+ | Source:artifact:/go/bin/ptf-1.4.0 | +---------+-------------------+---------------+------------+------------------+---------------+ | PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE | +---------+-------------------+---------------+------------+------------------+---------------+ -| stdlib | 1.22.4 | Fix Available | 22 | # 2 Layer | -- | +| stdlib | 1.22.4 | Fix Available | 24 | # 2 Layer | -- | +---------+-------------------+---------------+------------+------------------+---------------+ +---------------------------------------------------------------------------------------------+ | Source:artifact:/go/bin/ptf-vulnerable | +---------+-------------------+---------------+------------+------------------+---------------+ | PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE | +---------+-------------------+---------------+------------+------------------+---------------+ -| stdlib | 1.22.4 | Fix Available | 22 | # 7 Layer | -- | +| stdlib | 1.22.4 | Fix Available | 24 | # 7 Layer | -- | +---------+-------------------+---------------+------------+------------------+---------------+ Alpine:v3.20 +------------------------------------------------------------------------------------------------------------------------------+ @@ -1938,7 +2029,7 @@ Scanning local image tarball "./testdata/test-image-with-deprecated.tar" "index": 2 } }, - "groups": 22, + "groups": 24, "vulnerabilities": [ "GO-2024-2963", "GO-2024-3105", @@ -1961,7 +2052,9 @@ Scanning local image tarball "./testdata/test-image-with-deprecated.tar" "GO-2025-4012", "GO-2025-4013", "GO-2025-4014", - "GO-2025-4015" + "GO-2025-4015", + "GO-2025-4155", + "GO-2025-4175" ] }, { @@ -3486,7 +3579,7 @@ Scanning local image tarball "./testdata/test-ubuntu.tar" "index": 7 } }, - "groups": 74, + "groups": 76, "vulnerabilities": [ "GO-2022-0477", "GO-2022-0493", @@ -3561,7 +3654,9 @@ Scanning local image tarball "./testdata/test-ubuntu.tar" "GO-2025-4012", "GO-2025-4013", "GO-2025-4014", - "GO-2025-4015" + "GO-2025-4015", + "GO-2025-4155", + "GO-2025-4175" ] } ] diff --git a/cmd/osv-scanner/scan/image/command_test.go b/cmd/osv-scanner/scan/image/command_test.go index 24613b36d89..17e1ee90387 100644 --- a/cmd/osv-scanner/scan/image/command_test.go +++ b/cmd/osv-scanner/scan/image/command_test.go @@ -13,51 +13,61 @@ import ( func TestCommand_ExplicitExtractors_WithDefaults(t *testing.T) { t.Parallel() + testutility.SkipIfNotAcceptanceTesting(t, "Requires docker to build the images") client := testcmd.InsertCassette(t) tests := []testcmd.Case{ + { + Name: "add_extractors", + Args: []string{ + "", "image", + "--archive", + "--experimental-plugins=sbom/spdx", + "--experimental-plugins=sbom/cdx", + "testdata/test-alpine-sbom.tar", + }, + Exit: 1, + }, { Name: "extractors_cancelled_out", Args: []string{ "", "image", + "--archive", "--experimental-plugins=sbom/spdx", "--experimental-plugins=sbom/cdx", "--experimental-disable-plugins=sbom", - "alpine:non-existent-tag", + "testdata/test-alpine-sbom.tar", }, - Exit: 127, + Exit: 1, }, { Name: "extractors_cancelled_out_with_presets", Args: []string{ "", "image", + "--archive", "--experimental-plugins=sbom", "--experimental-disable-plugins=sbom", - "alpine:non-existent-tag", + "testdata/test-alpine-sbom.tar", }, - Exit: 127, + Exit: 1, }, { Name: "extractors_cancelled_out", Args: []string{ "", "image", + "--archive", "--experimental-plugins=sbom/spdx,sbom/cdx", "--experimental-disable-plugins=sbom", - "alpine:non-existent-tag", + "testdata/test-alpine-sbom.tar", }, - Exit: 127, + Exit: 1, }, } for _, tt := range tests { t.Run(tt.Name, func(t *testing.T) { t.Parallel() - // Only test on linux, and mac/windows CI/CD does not come with docker preinstalled - if runtime.GOOS != "linux" { - testutility.Skip(t, "Skipping Docker-based test as only Linux has Docker installed in CI") - } - tt.HTTPClient = testcmd.WithTestNameHeader(t, *client) testcmd.RunAndMatchSnapshots(t, tt) @@ -68,18 +78,33 @@ func TestCommand_ExplicitExtractors_WithDefaults(t *testing.T) { func TestCommand_ExplicitExtractors_WithoutDefaults(t *testing.T) { t.Parallel() + testutility.SkipIfNotAcceptanceTesting(t, "Requires docker to build the images") + client := testcmd.InsertCassette(t) tests := []testcmd.Case{ + { + Name: "add_extractors", + Args: []string{ + "", "image", + "--archive", + "--experimental-plugins=sbom/spdx", + "--experimental-plugins=sbom/cdx", + "--experimental-no-default-plugins", + "testdata/test-alpine-sbom.tar", + }, + Exit: 1, + }, { Name: "extractors_cancelled_out", Args: []string{ "", "image", + "--archive", "--experimental-plugins=sbom/spdx", "--experimental-plugins=sbom/cdx", "--experimental-disable-plugins=sbom", "--experimental-no-default-plugins", - "alpine:non-existent-tag", + "testdata/test-alpine-sbom.tar", }, Exit: 127, }, @@ -87,10 +112,11 @@ func TestCommand_ExplicitExtractors_WithoutDefaults(t *testing.T) { Name: "extractors_cancelled_out_with_presets", Args: []string{ "", "image", + "--archive", "--experimental-plugins=sbom", "--experimental-disable-plugins=sbom", "--experimental-no-default-plugins", - "alpine:non-existent-tag", + "testdata/test-alpine-sbom.tar", }, Exit: 127, }, @@ -98,10 +124,11 @@ func TestCommand_ExplicitExtractors_WithoutDefaults(t *testing.T) { Name: "extractors_cancelled_out", Args: []string{ "", "image", + "--archive", "--experimental-plugins=sbom/spdx,sbom/cdx", "--experimental-disable-plugins=sbom", "--experimental-no-default-plugins", - "alpine:non-existent-tag", + "testdata/test-alpine-sbom.tar", }, Exit: 127, }, @@ -120,7 +147,8 @@ func TestCommand_ExplicitExtractors_WithoutDefaults(t *testing.T) { func TestCommand_Docker(t *testing.T) { t.Parallel() - testutility.SkipIfNotAcceptanceTesting(t, "Takes a long time to pull down images") + testutility.SkipIfNotAcceptanceTesting(t, "Requires docker (also takes a long time to pull images)") + testutility.SkipIfShort(t) client := testcmd.InsertCassette(t) @@ -187,8 +215,7 @@ func TestCommand_Docker(t *testing.T) { func TestCommand_OCIImage(t *testing.T) { t.Parallel() - - testutility.SkipIfNotAcceptanceTesting(t, "Takes a while to run") + testutility.SkipIfNotAcceptanceTesting(t, "Requires docker to build the images") client := testcmd.InsertCassette(t) @@ -345,8 +372,7 @@ func TestCommand_OCIImage(t *testing.T) { func TestCommand_OCIImage_JSONFormat(t *testing.T) { t.Parallel() - - testutility.SkipIfNotAcceptanceTesting(t, "Takes a while to run") + testutility.SkipIfNotAcceptanceTesting(t, "Requires docker to build the images") client := testcmd.InsertCassette(t) @@ -482,7 +508,7 @@ func TestCommand_OCIImage_JSONFormat(t *testing.T) { func TestCommand_HtmlFile(t *testing.T) { t.Parallel() - testutility.SkipIfNotAcceptanceTesting(t, "Needs container image") + testutility.SkipIfNotAcceptanceTesting(t, "Needs built container images") testDir := testutility.CreateTestDir(t) client := testcmd.InsertCassette(t) diff --git a/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_Docker.yaml b/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_Docker.yaml index 4200e1357b2..03287f20858 100644 --- a/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_Docker.yaml +++ b/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_Docker.yaml @@ -145,11 +145,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" } ] }, @@ -157,11 +157,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" } ] }, @@ -169,7 +169,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -177,7 +177,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, diff --git a/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_ExplicitExtractors_WithDefaults.yaml b/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_ExplicitExtractors_WithDefaults.yaml index 2797c38e00e..31aff7ab5d2 100644 --- a/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_ExplicitExtractors_WithDefaults.yaml +++ b/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_ExplicitExtractors_WithDefaults.yaml @@ -1,3 +1,642 @@ --- version: 2 -interactions: [] +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 2031 + host: api.osv.dev + body: | + { + "queries": [ + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "alpine-baselayout" + }, + "version": "3.1.2-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "alpine-keys" + }, + "version": "2.1-r2" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "apk-tools" + }, + "version": "2.10.6-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "busybox" + }, + "version": "1.30.1-r5" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "ca-certificates" + }, + "version": "20191127-r2" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "libc-dev" + }, + "version": "0.7.1-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "openssl" + }, + "version": "1.1.1k-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "openssl" + }, + "version": "1.1.1k-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "libtls-standalone" + }, + "version": "2.9.1-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "musl" + }, + "version": "1.1.22-r4" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "musl" + }, + "version": "1.1.22-r4" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "pax-utils" + }, + "version": "1.2.3-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "busybox" + }, + "version": "1.30.1-r5" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "zlib" + }, + "version": "1.2.11-r1" + }, + { + "package": { + "ecosystem": "Alpine", + "name": "zlib" + }, + "version": "1.2.12-r1" + } + ] + } + headers: + Content-Type: + - application/json + X-Test-Name: + - TestCommand_ExplicitExtractors_WithDefaults/add_extractors + url: https://api.osv.dev/v1/querybatch + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + content_length: 220 + body: | + { + "results": [ + {}, + {}, + { + "vulns": [ + { + "id": "ALPINE-CVE-2021-36159", + "modified": "2025-12-03T22:50:23.251262Z" + } + ] + }, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + { + "vulns": [ + { + "id": "ALPINE-CVE-2022-37434", + "modified": "2025-12-03T22:50:43.469206Z" + } + ] + } + ] + } + headers: + Content-Length: + - "220" + Content-Type: + - application/json + status: 200 OK + code: 200 + duration: 0s + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 1907 + host: api.osv.dev + body: | + { + "queries": [ + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "alpine-baselayout" + }, + "version": "3.1.2-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "alpine-keys" + }, + "version": "2.1-r2" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "apk-tools" + }, + "version": "2.10.6-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "busybox" + }, + "version": "1.30.1-r5" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "ca-certificates" + }, + "version": "20191127-r2" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "libc-dev" + }, + "version": "0.7.1-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "openssl" + }, + "version": "1.1.1k-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "openssl" + }, + "version": "1.1.1k-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "libtls-standalone" + }, + "version": "2.9.1-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "musl" + }, + "version": "1.1.22-r4" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "musl" + }, + "version": "1.1.22-r4" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "pax-utils" + }, + "version": "1.2.3-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "busybox" + }, + "version": "1.30.1-r5" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "zlib" + }, + "version": "1.2.11-r1" + } + ] + } + headers: + Content-Type: + - application/json + X-Test-Name: + - TestCommand_ExplicitExtractors_WithDefaults/extractors_cancelled_out + url: https://api.osv.dev/v1/querybatch + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + content_length: 136 + body: | + { + "results": [ + {}, + {}, + { + "vulns": [ + { + "id": "ALPINE-CVE-2021-36159", + "modified": "2025-12-03T22:50:23.251262Z" + } + ] + }, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {} + ] + } + headers: + Content-Length: + - "136" + Content-Type: + - application/json + status: 200 OK + code: 200 + duration: 0s + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 1907 + host: api.osv.dev + body: | + { + "queries": [ + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "alpine-baselayout" + }, + "version": "3.1.2-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "alpine-keys" + }, + "version": "2.1-r2" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "apk-tools" + }, + "version": "2.10.6-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "busybox" + }, + "version": "1.30.1-r5" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "ca-certificates" + }, + "version": "20191127-r2" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "libc-dev" + }, + "version": "0.7.1-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "openssl" + }, + "version": "1.1.1k-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "openssl" + }, + "version": "1.1.1k-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "libtls-standalone" + }, + "version": "2.9.1-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "musl" + }, + "version": "1.1.22-r4" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "musl" + }, + "version": "1.1.22-r4" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "pax-utils" + }, + "version": "1.2.3-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "busybox" + }, + "version": "1.30.1-r5" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "zlib" + }, + "version": "1.2.11-r1" + } + ] + } + headers: + Content-Type: + - application/json + X-Test-Name: + - TestCommand_ExplicitExtractors_WithDefaults/extractors_cancelled_out#01 + url: https://api.osv.dev/v1/querybatch + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + content_length: 136 + body: | + { + "results": [ + {}, + {}, + { + "vulns": [ + { + "id": "ALPINE-CVE-2021-36159", + "modified": "2025-12-03T22:50:23.251262Z" + } + ] + }, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {} + ] + } + headers: + Content-Length: + - "136" + Content-Type: + - application/json + status: 200 OK + code: 200 + duration: 0s + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 1907 + host: api.osv.dev + body: | + { + "queries": [ + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "alpine-baselayout" + }, + "version": "3.1.2-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "alpine-keys" + }, + "version": "2.1-r2" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "apk-tools" + }, + "version": "2.10.6-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "busybox" + }, + "version": "1.30.1-r5" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "ca-certificates" + }, + "version": "20191127-r2" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "libc-dev" + }, + "version": "0.7.1-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "openssl" + }, + "version": "1.1.1k-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "openssl" + }, + "version": "1.1.1k-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "libtls-standalone" + }, + "version": "2.9.1-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "musl" + }, + "version": "1.1.22-r4" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "musl" + }, + "version": "1.1.22-r4" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "pax-utils" + }, + "version": "1.2.3-r0" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "busybox" + }, + "version": "1.30.1-r5" + }, + { + "package": { + "ecosystem": "Alpine:v3.10", + "name": "zlib" + }, + "version": "1.2.11-r1" + } + ] + } + headers: + Content-Type: + - application/json + X-Test-Name: + - TestCommand_ExplicitExtractors_WithDefaults/extractors_cancelled_out_with_presets + url: https://api.osv.dev/v1/querybatch + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + content_length: 136 + body: | + { + "results": [ + {}, + {}, + { + "vulns": [ + { + "id": "ALPINE-CVE-2021-36159", + "modified": "2025-12-03T22:50:23.251262Z" + } + ] + }, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {}, + {} + ] + } + headers: + Content-Length: + - "136" + Content-Type: + - application/json + status: 200 OK + code: 200 + duration: 0s diff --git a/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_ExplicitExtractors_WithoutDefaults.yaml b/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_ExplicitExtractors_WithoutDefaults.yaml index 2797c38e00e..fa51cded0a4 100644 --- a/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_ExplicitExtractors_WithoutDefaults.yaml +++ b/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_ExplicitExtractors_WithoutDefaults.yaml @@ -1,3 +1,55 @@ --- version: 2 -interactions: [] +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 146 + host: api.osv.dev + body: | + { + "queries": [ + { + "package": { + "ecosystem": "Alpine", + "name": "zlib" + }, + "version": "1.2.12-r1" + } + ] + } + headers: + Content-Type: + - application/json + X-Test-Name: + - TestCommand_ExplicitExtractors_WithoutDefaults/add_extractors + url: https://api.osv.dev/v1/querybatch + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + content_length: 97 + body: | + { + "results": [ + { + "vulns": [ + { + "id": "ALPINE-CVE-2022-37434", + "modified": "2025-12-03T22:50:43.469206Z" + } + ] + } + ] + } + headers: + Content-Length: + - "97" + Content-Type: + - application/json + status: 200 OK + code: 200 + duration: 0s diff --git a/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_HtmlFile.yaml b/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_HtmlFile.yaml index 1020b9268e9..c24e785f5d8 100644 --- a/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_HtmlFile.yaml +++ b/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_HtmlFile.yaml @@ -132,11 +132,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-30139", - "modified": "2025-11-19T06:23:57.762519Z" + "modified": "2025-12-03T22:50:14.655691Z" }, { "id": "ALPINE-CVE-2021-36159", - "modified": "2025-11-19T06:24:01.223586Z" + "modified": "2025-12-03T22:50:23.251262Z" } ] }, @@ -144,79 +144,79 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-28831", - "modified": "2025-11-19T06:18:58.945031Z" + "modified": "2025-12-03T22:48:35.192485Z" }, { "id": "ALPINE-CVE-2021-42374", - "modified": "2025-11-19T06:19:09.641521Z" + "modified": "2025-12-03T22:49:03.048460Z" }, { "id": "ALPINE-CVE-2021-42375", - "modified": "2025-11-19T06:19:09.513318Z" + "modified": "2025-12-03T22:49:02.368046Z" }, { "id": "ALPINE-CVE-2021-42378", - "modified": "2025-11-19T06:19:11.443342Z" + "modified": "2025-12-03T22:49:02.812229Z" }, { "id": "ALPINE-CVE-2021-42379", - "modified": "2025-11-19T06:19:11.544591Z" + "modified": "2025-12-03T22:49:03.820223Z" }, { "id": "ALPINE-CVE-2021-42380", - "modified": "2025-11-19T06:19:11.880615Z" + "modified": "2025-12-03T22:49:02.273108Z" }, { "id": "ALPINE-CVE-2021-42381", - "modified": "2025-11-19T06:19:09.859787Z" + "modified": "2025-12-03T22:49:03.051591Z" }, { "id": "ALPINE-CVE-2021-42382", - "modified": "2025-11-19T06:19:09.961363Z" + "modified": "2025-12-03T22:49:04.080847Z" }, { "id": "ALPINE-CVE-2021-42383", - "modified": "2025-11-19T06:19:11.785164Z" + "modified": "2025-12-03T22:44:20.740566Z" }, { "id": "ALPINE-CVE-2021-42384", - "modified": "2025-11-19T06:19:11.734177Z" + "modified": "2025-12-03T22:49:04.436301Z" }, { "id": "ALPINE-CVE-2021-42385", - "modified": "2025-11-19T06:19:11.992937Z" + "modified": "2025-12-03T22:49:10.217079Z" }, { "id": "ALPINE-CVE-2021-42386", - "modified": "2025-11-19T06:19:11.733649Z" + "modified": "2025-12-03T22:49:10.486445Z" }, { "id": "ALPINE-CVE-2022-28391", - "modified": "2025-11-19T06:20:08.996475Z" + "modified": "2025-12-03T22:49:51.276555Z" }, { "id": "ALPINE-CVE-2022-30065", - "modified": "2025-11-19T06:20:12.472322Z" + "modified": "2025-12-03T22:50:17.721153Z" }, { "id": "ALPINE-CVE-2022-48174", - "modified": "2025-11-19T06:20:30.892588Z" + "modified": "2025-12-03T22:51:16.750993Z" }, { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" } ] }, @@ -226,159 +226,159 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-3711", - "modified": "2025-11-19T06:19:03.837721Z" + "modified": "2025-12-03T22:48:47.560805Z" }, { "id": "ALPINE-CVE-2021-3712", - "modified": "2025-11-19T06:19:03.844625Z" + "modified": "2025-12-03T22:48:49.466816Z" }, { "id": "ALPINE-CVE-2021-4044", - "modified": "2025-11-19T06:19:06.093965Z" + "modified": "2025-12-03T22:48:53.587104Z" }, { "id": "ALPINE-CVE-2022-0778", - "modified": "2025-11-19T06:20:55.796693Z" + "modified": "2025-12-03T22:51:07.769542Z" }, { "id": "ALPINE-CVE-2022-1343", - "modified": "2025-11-19T06:19:37.259474Z" + "modified": "2025-12-03T22:49:45.912660Z" }, { "id": "ALPINE-CVE-2022-1434", - "modified": "2025-11-19T06:19:36.461424Z" + "modified": "2025-12-03T22:49:45.753526Z" }, { "id": "ALPINE-CVE-2022-1473", - "modified": "2025-11-19T06:19:37.842187Z" + "modified": "2025-12-03T22:49:45.860197Z" }, { "id": "ALPINE-CVE-2022-2097", - "modified": "2025-11-19T06:19:43.814857Z" + "modified": "2025-12-03T22:49:52.265196Z" }, { "id": "ALPINE-CVE-2022-3358", - "modified": "2025-11-19T06:20:14.541634Z" + "modified": "2025-12-03T22:50:26.362856Z" }, { "id": "ALPINE-CVE-2022-3602", - "modified": "2025-11-19T06:20:19.393927Z" + "modified": "2025-12-03T22:49:29.680146Z" }, { "id": "ALPINE-CVE-2022-3786", - "modified": "2025-11-19T06:20:21.480003Z" + "modified": "2025-12-03T22:49:30.746181Z" }, { "id": "ALPINE-CVE-2022-3996", - "modified": "2025-11-19T06:20:21.727658Z" + "modified": "2025-12-03T22:49:49.550771Z" }, { "id": "ALPINE-CVE-2022-4203", - "modified": "2025-11-19T06:20:24.175909Z" + "modified": "2025-12-03T22:50:09.259826Z" }, { "id": "ALPINE-CVE-2022-4304", - "modified": "2025-11-19T06:20:26.963753Z" + "modified": "2025-12-03T22:50:48.258567Z" }, { "id": "ALPINE-CVE-2022-4450", - "modified": "2025-11-19T06:20:28.511965Z" + "modified": "2025-12-03T22:50:58.174496Z" }, { "id": "ALPINE-CVE-2023-0215", - "modified": "2025-11-19T06:20:31.364602Z" + "modified": "2025-12-03T22:51:20.776116Z" }, { "id": "ALPINE-CVE-2023-0216", - "modified": "2025-11-19T06:20:30.822411Z" + "modified": "2025-12-03T22:51:17.381381Z" }, { "id": "ALPINE-CVE-2023-0217", - "modified": "2025-11-19T06:20:30.895650Z" + "modified": "2025-12-03T22:51:22.400597Z" }, { "id": "ALPINE-CVE-2023-0286", - "modified": "2025-11-19T06:20:30.801521Z" + "modified": "2025-12-03T22:51:24.172927Z" }, { "id": "ALPINE-CVE-2023-0401", - "modified": "2025-11-19T06:20:31.241586Z" + "modified": "2025-12-03T22:51:23.275814Z" }, { "id": "ALPINE-CVE-2023-0464", - "modified": "2025-11-19T06:20:31.207270Z" + "modified": "2025-12-03T22:51:31.741129Z" }, { "id": "ALPINE-CVE-2023-0465", - "modified": "2025-11-19T06:20:31.664484Z" + "modified": "2025-12-03T22:51:25.194508Z" }, { "id": "ALPINE-CVE-2023-1255", - "modified": "2025-11-19T06:20:33.292508Z" + "modified": "2025-12-03T22:51:44.316240Z" }, { "id": "ALPINE-CVE-2023-2650", - "modified": "2025-11-19T06:20:39.015342Z" + "modified": "2025-12-03T22:52:10.812098Z" }, { "id": "ALPINE-CVE-2023-2975", - "modified": "2025-11-19T06:20:41.735480Z" + "modified": "2025-12-03T22:52:35.084843Z" }, { "id": "ALPINE-CVE-2023-3446", - "modified": "2025-11-19T06:20:37.838934Z" + "modified": "2025-12-03T22:52:52.082224Z" }, { "id": "ALPINE-CVE-2023-3817", - "modified": "2025-11-19T06:20:38.085131Z" + "modified": "2025-12-03T22:52:53.211969Z" }, { "id": "ALPINE-CVE-2023-5363", - "modified": "2025-11-19T06:20:56.467034Z" + "modified": "2025-12-03T22:54:35.065257Z" }, { "id": "ALPINE-CVE-2023-5678", - "modified": "2025-11-19T06:20:57.019137Z" + "modified": "2025-12-03T22:54:30.066451Z" }, { "id": "ALPINE-CVE-2023-6129", - "modified": "2025-11-19T06:20:57.674628Z" + "modified": "2025-12-03T22:54:41.708177Z" }, { "id": "ALPINE-CVE-2023-6237", - "modified": "2025-11-19T06:20:48.791272Z" + "modified": "2025-12-03T22:54:40.422752Z" }, { "id": "ALPINE-CVE-2024-0727", - "modified": "2025-11-19T06:20:49.201611Z" + "modified": "2025-12-03T22:54:44.266485Z" }, { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" } ] }, @@ -386,159 +386,159 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-3711", - "modified": "2025-11-19T06:19:03.837721Z" + "modified": "2025-12-03T22:48:47.560805Z" }, { "id": "ALPINE-CVE-2021-3712", - "modified": "2025-11-19T06:19:03.844625Z" + "modified": "2025-12-03T22:48:49.466816Z" }, { "id": "ALPINE-CVE-2021-4044", - "modified": "2025-11-19T06:19:06.093965Z" + "modified": "2025-12-03T22:48:53.587104Z" }, { "id": "ALPINE-CVE-2022-0778", - "modified": "2025-11-19T06:20:55.796693Z" + "modified": "2025-12-03T22:51:07.769542Z" }, { "id": "ALPINE-CVE-2022-1343", - "modified": "2025-11-19T06:19:37.259474Z" + "modified": "2025-12-03T22:49:45.912660Z" }, { "id": "ALPINE-CVE-2022-1434", - "modified": "2025-11-19T06:19:36.461424Z" + "modified": "2025-12-03T22:49:45.753526Z" }, { "id": "ALPINE-CVE-2022-1473", - "modified": "2025-11-19T06:19:37.842187Z" + "modified": "2025-12-03T22:49:45.860197Z" }, { "id": "ALPINE-CVE-2022-2097", - "modified": "2025-11-19T06:19:43.814857Z" + "modified": "2025-12-03T22:49:52.265196Z" }, { "id": "ALPINE-CVE-2022-3358", - "modified": "2025-11-19T06:20:14.541634Z" + "modified": "2025-12-03T22:50:26.362856Z" }, { "id": "ALPINE-CVE-2022-3602", - "modified": "2025-11-19T06:20:19.393927Z" + "modified": "2025-12-03T22:49:29.680146Z" }, { "id": "ALPINE-CVE-2022-3786", - "modified": "2025-11-19T06:20:21.480003Z" + "modified": "2025-12-03T22:49:30.746181Z" }, { "id": "ALPINE-CVE-2022-3996", - "modified": "2025-11-19T06:20:21.727658Z" + "modified": "2025-12-03T22:49:49.550771Z" }, { "id": "ALPINE-CVE-2022-4203", - "modified": "2025-11-19T06:20:24.175909Z" + "modified": "2025-12-03T22:50:09.259826Z" }, { "id": "ALPINE-CVE-2022-4304", - "modified": "2025-11-19T06:20:26.963753Z" + "modified": "2025-12-03T22:50:48.258567Z" }, { "id": "ALPINE-CVE-2022-4450", - "modified": "2025-11-19T06:20:28.511965Z" + "modified": "2025-12-03T22:50:58.174496Z" }, { "id": "ALPINE-CVE-2023-0215", - "modified": "2025-11-19T06:20:31.364602Z" + "modified": "2025-12-03T22:51:20.776116Z" }, { "id": "ALPINE-CVE-2023-0216", - "modified": "2025-11-19T06:20:30.822411Z" + "modified": "2025-12-03T22:51:17.381381Z" }, { "id": "ALPINE-CVE-2023-0217", - "modified": "2025-11-19T06:20:30.895650Z" + "modified": "2025-12-03T22:51:22.400597Z" }, { "id": "ALPINE-CVE-2023-0286", - "modified": "2025-11-19T06:20:30.801521Z" + "modified": "2025-12-03T22:51:24.172927Z" }, { "id": "ALPINE-CVE-2023-0401", - "modified": "2025-11-19T06:20:31.241586Z" + "modified": "2025-12-03T22:51:23.275814Z" }, { "id": "ALPINE-CVE-2023-0464", - "modified": "2025-11-19T06:20:31.207270Z" + "modified": "2025-12-03T22:51:31.741129Z" }, { "id": "ALPINE-CVE-2023-0465", - "modified": "2025-11-19T06:20:31.664484Z" + "modified": "2025-12-03T22:51:25.194508Z" }, { "id": "ALPINE-CVE-2023-1255", - "modified": "2025-11-19T06:20:33.292508Z" + "modified": "2025-12-03T22:51:44.316240Z" }, { "id": "ALPINE-CVE-2023-2650", - "modified": "2025-11-19T06:20:39.015342Z" + "modified": "2025-12-03T22:52:10.812098Z" }, { "id": "ALPINE-CVE-2023-2975", - "modified": "2025-11-19T06:20:41.735480Z" + "modified": "2025-12-03T22:52:35.084843Z" }, { "id": "ALPINE-CVE-2023-3446", - "modified": "2025-11-19T06:20:37.838934Z" + "modified": "2025-12-03T22:52:52.082224Z" }, { "id": "ALPINE-CVE-2023-3817", - "modified": "2025-11-19T06:20:38.085131Z" + "modified": "2025-12-03T22:52:53.211969Z" }, { "id": "ALPINE-CVE-2023-5363", - "modified": "2025-11-19T06:20:56.467034Z" + "modified": "2025-12-03T22:54:35.065257Z" }, { "id": "ALPINE-CVE-2023-5678", - "modified": "2025-11-19T06:20:57.019137Z" + "modified": "2025-12-03T22:54:30.066451Z" }, { "id": "ALPINE-CVE-2023-6129", - "modified": "2025-11-19T06:20:57.674628Z" + "modified": "2025-12-03T22:54:41.708177Z" }, { "id": "ALPINE-CVE-2023-6237", - "modified": "2025-11-19T06:20:48.791272Z" + "modified": "2025-12-03T22:54:40.422752Z" }, { "id": "ALPINE-CVE-2024-0727", - "modified": "2025-11-19T06:20:49.201611Z" + "modified": "2025-12-03T22:54:44.266485Z" }, { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" } ] }, @@ -547,15 +547,15 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2019-14697", - "modified": "2025-11-19T06:15:11.257652Z" + "modified": "2025-12-03T22:44:35.333781Z" }, { "id": "ALPINE-CVE-2020-28928", - "modified": "2025-11-19T06:17:57.729401Z" + "modified": "2025-12-03T22:47:06.985001Z" }, { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -563,15 +563,15 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2019-14697", - "modified": "2025-11-19T06:15:11.257652Z" + "modified": "2025-12-03T22:44:35.333781Z" }, { "id": "ALPINE-CVE-2020-28928", - "modified": "2025-11-19T06:17:57.729401Z" + "modified": "2025-12-03T22:47:06.985001Z" }, { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -580,79 +580,79 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-28831", - "modified": "2025-11-19T06:18:58.945031Z" + "modified": "2025-12-03T22:48:35.192485Z" }, { "id": "ALPINE-CVE-2021-42374", - "modified": "2025-11-19T06:19:09.641521Z" + "modified": "2025-12-03T22:49:03.048460Z" }, { "id": "ALPINE-CVE-2021-42375", - "modified": "2025-11-19T06:19:09.513318Z" + "modified": "2025-12-03T22:49:02.368046Z" }, { "id": "ALPINE-CVE-2021-42378", - "modified": "2025-11-19T06:19:11.443342Z" + "modified": "2025-12-03T22:49:02.812229Z" }, { "id": "ALPINE-CVE-2021-42379", - "modified": "2025-11-19T06:19:11.544591Z" + "modified": "2025-12-03T22:49:03.820223Z" }, { "id": "ALPINE-CVE-2021-42380", - "modified": "2025-11-19T06:19:11.880615Z" + "modified": "2025-12-03T22:49:02.273108Z" }, { "id": "ALPINE-CVE-2021-42381", - "modified": "2025-11-19T06:19:09.859787Z" + "modified": "2025-12-03T22:49:03.051591Z" }, { "id": "ALPINE-CVE-2021-42382", - "modified": "2025-11-19T06:19:09.961363Z" + "modified": "2025-12-03T22:49:04.080847Z" }, { "id": "ALPINE-CVE-2021-42383", - "modified": "2025-11-19T06:19:11.785164Z" + "modified": "2025-12-03T22:44:20.740566Z" }, { "id": "ALPINE-CVE-2021-42384", - "modified": "2025-11-19T06:19:11.734177Z" + "modified": "2025-12-03T22:49:04.436301Z" }, { "id": "ALPINE-CVE-2021-42385", - "modified": "2025-11-19T06:19:11.992937Z" + "modified": "2025-12-03T22:49:10.217079Z" }, { "id": "ALPINE-CVE-2021-42386", - "modified": "2025-11-19T06:19:11.733649Z" + "modified": "2025-12-03T22:49:10.486445Z" }, { "id": "ALPINE-CVE-2022-28391", - "modified": "2025-11-19T06:20:08.996475Z" + "modified": "2025-12-03T22:49:51.276555Z" }, { "id": "ALPINE-CVE-2022-30065", - "modified": "2025-11-19T06:20:12.472322Z" + "modified": "2025-12-03T22:50:17.721153Z" }, { "id": "ALPINE-CVE-2022-48174", - "modified": "2025-11-19T06:20:30.892588Z" + "modified": "2025-12-03T22:51:16.750993Z" }, { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" } ] }, @@ -660,11 +660,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2018-25032", - "modified": "2025-11-19T06:20:59.474598Z" + "modified": "2025-12-03T22:47:03.844688Z" }, { "id": "ALPINE-CVE-2022-37434", - "modified": "2025-11-19T06:21:17.394860Z" + "modified": "2025-12-03T22:50:43.469206Z" } ] } diff --git a/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_OCIImage.yaml b/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_OCIImage.yaml index f0ba027632d..8b5e2bb0b36 100644 --- a/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_OCIImage.yaml +++ b/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_OCIImage.yaml @@ -132,11 +132,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-30139", - "modified": "2025-11-19T06:23:57.762519Z" + "modified": "2025-12-03T22:50:14.655691Z" }, { "id": "ALPINE-CVE-2021-36159", - "modified": "2025-11-19T06:24:01.223586Z" + "modified": "2025-12-03T22:50:23.251262Z" } ] }, @@ -144,79 +144,79 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-28831", - "modified": "2025-11-19T06:18:58.945031Z" + "modified": "2025-12-03T22:48:35.192485Z" }, { "id": "ALPINE-CVE-2021-42374", - "modified": "2025-11-19T06:19:09.641521Z" + "modified": "2025-12-03T22:49:03.048460Z" }, { "id": "ALPINE-CVE-2021-42375", - "modified": "2025-11-19T06:19:09.513318Z" + "modified": "2025-12-03T22:49:02.368046Z" }, { "id": "ALPINE-CVE-2021-42378", - "modified": "2025-11-19T06:19:11.443342Z" + "modified": "2025-12-03T22:49:02.812229Z" }, { "id": "ALPINE-CVE-2021-42379", - "modified": "2025-11-19T06:19:11.544591Z" + "modified": "2025-12-03T22:49:03.820223Z" }, { "id": "ALPINE-CVE-2021-42380", - "modified": "2025-11-19T06:19:11.880615Z" + "modified": "2025-12-03T22:49:02.273108Z" }, { "id": "ALPINE-CVE-2021-42381", - "modified": "2025-11-19T06:19:09.859787Z" + "modified": "2025-12-03T22:49:03.051591Z" }, { "id": "ALPINE-CVE-2021-42382", - "modified": "2025-11-19T06:19:09.961363Z" + "modified": "2025-12-03T22:49:04.080847Z" }, { "id": "ALPINE-CVE-2021-42383", - "modified": "2025-11-19T06:19:11.785164Z" + "modified": "2025-12-03T22:44:20.740566Z" }, { "id": "ALPINE-CVE-2021-42384", - "modified": "2025-11-19T06:19:11.734177Z" + "modified": "2025-12-03T22:49:04.436301Z" }, { "id": "ALPINE-CVE-2021-42385", - "modified": "2025-11-19T06:19:11.992937Z" + "modified": "2025-12-03T22:49:10.217079Z" }, { "id": "ALPINE-CVE-2021-42386", - "modified": "2025-11-19T06:19:11.733649Z" + "modified": "2025-12-03T22:49:10.486445Z" }, { "id": "ALPINE-CVE-2022-28391", - "modified": "2025-11-19T06:20:08.996475Z" + "modified": "2025-12-03T22:49:51.276555Z" }, { "id": "ALPINE-CVE-2022-30065", - "modified": "2025-11-19T06:20:12.472322Z" + "modified": "2025-12-03T22:50:17.721153Z" }, { "id": "ALPINE-CVE-2022-48174", - "modified": "2025-11-19T06:20:30.892588Z" + "modified": "2025-12-03T22:51:16.750993Z" }, { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" } ] }, @@ -226,159 +226,159 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-3711", - "modified": "2025-11-19T06:19:03.837721Z" + "modified": "2025-12-03T22:48:47.560805Z" }, { "id": "ALPINE-CVE-2021-3712", - "modified": "2025-11-19T06:19:03.844625Z" + "modified": "2025-12-03T22:48:49.466816Z" }, { "id": "ALPINE-CVE-2021-4044", - "modified": "2025-11-19T06:19:06.093965Z" + "modified": "2025-12-03T22:48:53.587104Z" }, { "id": "ALPINE-CVE-2022-0778", - "modified": "2025-11-19T06:20:55.796693Z" + "modified": "2025-12-03T22:51:07.769542Z" }, { "id": "ALPINE-CVE-2022-1343", - "modified": "2025-11-19T06:19:37.259474Z" + "modified": "2025-12-03T22:49:45.912660Z" }, { "id": "ALPINE-CVE-2022-1434", - "modified": "2025-11-19T06:19:36.461424Z" + "modified": "2025-12-03T22:49:45.753526Z" }, { "id": "ALPINE-CVE-2022-1473", - "modified": "2025-11-19T06:19:37.842187Z" + "modified": "2025-12-03T22:49:45.860197Z" }, { "id": "ALPINE-CVE-2022-2097", - "modified": "2025-11-19T06:19:43.814857Z" + "modified": "2025-12-03T22:49:52.265196Z" }, { "id": "ALPINE-CVE-2022-3358", - "modified": "2025-11-19T06:20:14.541634Z" + "modified": "2025-12-03T22:50:26.362856Z" }, { "id": "ALPINE-CVE-2022-3602", - "modified": "2025-11-19T06:20:19.393927Z" + "modified": "2025-12-03T22:49:29.680146Z" }, { "id": "ALPINE-CVE-2022-3786", - "modified": "2025-11-19T06:20:21.480003Z" + "modified": "2025-12-03T22:49:30.746181Z" }, { "id": "ALPINE-CVE-2022-3996", - "modified": "2025-11-19T06:20:21.727658Z" + "modified": "2025-12-03T22:49:49.550771Z" }, { "id": "ALPINE-CVE-2022-4203", - "modified": "2025-11-19T06:20:24.175909Z" + "modified": "2025-12-03T22:50:09.259826Z" }, { "id": "ALPINE-CVE-2022-4304", - "modified": "2025-11-19T06:20:26.963753Z" + "modified": "2025-12-03T22:50:48.258567Z" }, { "id": "ALPINE-CVE-2022-4450", - "modified": "2025-11-19T06:20:28.511965Z" + "modified": "2025-12-03T22:50:58.174496Z" }, { "id": "ALPINE-CVE-2023-0215", - "modified": "2025-11-19T06:20:31.364602Z" + "modified": "2025-12-03T22:51:20.776116Z" }, { "id": "ALPINE-CVE-2023-0216", - "modified": "2025-11-19T06:20:30.822411Z" + "modified": "2025-12-03T22:51:17.381381Z" }, { "id": "ALPINE-CVE-2023-0217", - "modified": "2025-11-19T06:20:30.895650Z" + "modified": "2025-12-03T22:51:22.400597Z" }, { "id": "ALPINE-CVE-2023-0286", - "modified": "2025-11-19T06:20:30.801521Z" + "modified": "2025-12-03T22:51:24.172927Z" }, { "id": "ALPINE-CVE-2023-0401", - "modified": "2025-11-19T06:20:31.241586Z" + "modified": "2025-12-03T22:51:23.275814Z" }, { "id": "ALPINE-CVE-2023-0464", - "modified": "2025-11-19T06:20:31.207270Z" + "modified": "2025-12-03T22:51:31.741129Z" }, { "id": "ALPINE-CVE-2023-0465", - "modified": "2025-11-19T06:20:31.664484Z" + "modified": "2025-12-03T22:51:25.194508Z" }, { "id": "ALPINE-CVE-2023-1255", - "modified": "2025-11-19T06:20:33.292508Z" + "modified": "2025-12-03T22:51:44.316240Z" }, { "id": "ALPINE-CVE-2023-2650", - "modified": "2025-11-19T06:20:39.015342Z" + "modified": "2025-12-03T22:52:10.812098Z" }, { "id": "ALPINE-CVE-2023-2975", - "modified": "2025-11-19T06:20:41.735480Z" + "modified": "2025-12-03T22:52:35.084843Z" }, { "id": "ALPINE-CVE-2023-3446", - "modified": "2025-11-19T06:20:37.838934Z" + "modified": "2025-12-03T22:52:52.082224Z" }, { "id": "ALPINE-CVE-2023-3817", - "modified": "2025-11-19T06:20:38.085131Z" + "modified": "2025-12-03T22:52:53.211969Z" }, { "id": "ALPINE-CVE-2023-5363", - "modified": "2025-11-19T06:20:56.467034Z" + "modified": "2025-12-03T22:54:35.065257Z" }, { "id": "ALPINE-CVE-2023-5678", - "modified": "2025-11-19T06:20:57.019137Z" + "modified": "2025-12-03T22:54:30.066451Z" }, { "id": "ALPINE-CVE-2023-6129", - "modified": "2025-11-19T06:20:57.674628Z" + "modified": "2025-12-03T22:54:41.708177Z" }, { "id": "ALPINE-CVE-2023-6237", - "modified": "2025-11-19T06:20:48.791272Z" + "modified": "2025-12-03T22:54:40.422752Z" }, { "id": "ALPINE-CVE-2024-0727", - "modified": "2025-11-19T06:20:49.201611Z" + "modified": "2025-12-03T22:54:44.266485Z" }, { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" } ] }, @@ -386,159 +386,159 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-3711", - "modified": "2025-11-19T06:19:03.837721Z" + "modified": "2025-12-03T22:48:47.560805Z" }, { "id": "ALPINE-CVE-2021-3712", - "modified": "2025-11-19T06:19:03.844625Z" + "modified": "2025-12-03T22:48:49.466816Z" }, { "id": "ALPINE-CVE-2021-4044", - "modified": "2025-11-19T06:19:06.093965Z" + "modified": "2025-12-03T22:48:53.587104Z" }, { "id": "ALPINE-CVE-2022-0778", - "modified": "2025-11-19T06:20:55.796693Z" + "modified": "2025-12-03T22:51:07.769542Z" }, { "id": "ALPINE-CVE-2022-1343", - "modified": "2025-11-19T06:19:37.259474Z" + "modified": "2025-12-03T22:49:45.912660Z" }, { "id": "ALPINE-CVE-2022-1434", - "modified": "2025-11-19T06:19:36.461424Z" + "modified": "2025-12-03T22:49:45.753526Z" }, { "id": "ALPINE-CVE-2022-1473", - "modified": "2025-11-19T06:19:37.842187Z" + "modified": "2025-12-03T22:49:45.860197Z" }, { "id": "ALPINE-CVE-2022-2097", - "modified": "2025-11-19T06:19:43.814857Z" + "modified": "2025-12-03T22:49:52.265196Z" }, { "id": "ALPINE-CVE-2022-3358", - "modified": "2025-11-19T06:20:14.541634Z" + "modified": "2025-12-03T22:50:26.362856Z" }, { "id": "ALPINE-CVE-2022-3602", - "modified": "2025-11-19T06:20:19.393927Z" + "modified": "2025-12-03T22:49:29.680146Z" }, { "id": "ALPINE-CVE-2022-3786", - "modified": "2025-11-19T06:20:21.480003Z" + "modified": "2025-12-03T22:49:30.746181Z" }, { "id": "ALPINE-CVE-2022-3996", - "modified": "2025-11-19T06:20:21.727658Z" + "modified": "2025-12-03T22:49:49.550771Z" }, { "id": "ALPINE-CVE-2022-4203", - "modified": "2025-11-19T06:20:24.175909Z" + "modified": "2025-12-03T22:50:09.259826Z" }, { "id": "ALPINE-CVE-2022-4304", - "modified": "2025-11-19T06:20:26.963753Z" + "modified": "2025-12-03T22:50:48.258567Z" }, { "id": "ALPINE-CVE-2022-4450", - "modified": "2025-11-19T06:20:28.511965Z" + "modified": "2025-12-03T22:50:58.174496Z" }, { "id": "ALPINE-CVE-2023-0215", - "modified": "2025-11-19T06:20:31.364602Z" + "modified": "2025-12-03T22:51:20.776116Z" }, { "id": "ALPINE-CVE-2023-0216", - "modified": "2025-11-19T06:20:30.822411Z" + "modified": "2025-12-03T22:51:17.381381Z" }, { "id": "ALPINE-CVE-2023-0217", - "modified": "2025-11-19T06:20:30.895650Z" + "modified": "2025-12-03T22:51:22.400597Z" }, { "id": "ALPINE-CVE-2023-0286", - "modified": "2025-11-19T06:20:30.801521Z" + "modified": "2025-12-03T22:51:24.172927Z" }, { "id": "ALPINE-CVE-2023-0401", - "modified": "2025-11-19T06:20:31.241586Z" + "modified": "2025-12-03T22:51:23.275814Z" }, { "id": "ALPINE-CVE-2023-0464", - "modified": "2025-11-19T06:20:31.207270Z" + "modified": "2025-12-03T22:51:31.741129Z" }, { "id": "ALPINE-CVE-2023-0465", - "modified": "2025-11-19T06:20:31.664484Z" + "modified": "2025-12-03T22:51:25.194508Z" }, { "id": "ALPINE-CVE-2023-1255", - "modified": "2025-11-19T06:20:33.292508Z" + "modified": "2025-12-03T22:51:44.316240Z" }, { "id": "ALPINE-CVE-2023-2650", - "modified": "2025-11-19T06:20:39.015342Z" + "modified": "2025-12-03T22:52:10.812098Z" }, { "id": "ALPINE-CVE-2023-2975", - "modified": "2025-11-19T06:20:41.735480Z" + "modified": "2025-12-03T22:52:35.084843Z" }, { "id": "ALPINE-CVE-2023-3446", - "modified": "2025-11-19T06:20:37.838934Z" + "modified": "2025-12-03T22:52:52.082224Z" }, { "id": "ALPINE-CVE-2023-3817", - "modified": "2025-11-19T06:20:38.085131Z" + "modified": "2025-12-03T22:52:53.211969Z" }, { "id": "ALPINE-CVE-2023-5363", - "modified": "2025-11-19T06:20:56.467034Z" + "modified": "2025-12-03T22:54:35.065257Z" }, { "id": "ALPINE-CVE-2023-5678", - "modified": "2025-11-19T06:20:57.019137Z" + "modified": "2025-12-03T22:54:30.066451Z" }, { "id": "ALPINE-CVE-2023-6129", - "modified": "2025-11-19T06:20:57.674628Z" + "modified": "2025-12-03T22:54:41.708177Z" }, { "id": "ALPINE-CVE-2023-6237", - "modified": "2025-11-19T06:20:48.791272Z" + "modified": "2025-12-03T22:54:40.422752Z" }, { "id": "ALPINE-CVE-2024-0727", - "modified": "2025-11-19T06:20:49.201611Z" + "modified": "2025-12-03T22:54:44.266485Z" }, { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" } ] }, @@ -547,15 +547,15 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2019-14697", - "modified": "2025-11-19T06:15:11.257652Z" + "modified": "2025-12-03T22:44:35.333781Z" }, { "id": "ALPINE-CVE-2020-28928", - "modified": "2025-11-19T06:17:57.729401Z" + "modified": "2025-12-03T22:47:06.985001Z" }, { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -563,15 +563,15 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2019-14697", - "modified": "2025-11-19T06:15:11.257652Z" + "modified": "2025-12-03T22:44:35.333781Z" }, { "id": "ALPINE-CVE-2020-28928", - "modified": "2025-11-19T06:17:57.729401Z" + "modified": "2025-12-03T22:47:06.985001Z" }, { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -580,79 +580,79 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-28831", - "modified": "2025-11-19T06:18:58.945031Z" + "modified": "2025-12-03T22:48:35.192485Z" }, { "id": "ALPINE-CVE-2021-42374", - "modified": "2025-11-19T06:19:09.641521Z" + "modified": "2025-12-03T22:49:03.048460Z" }, { "id": "ALPINE-CVE-2021-42375", - "modified": "2025-11-19T06:19:09.513318Z" + "modified": "2025-12-03T22:49:02.368046Z" }, { "id": "ALPINE-CVE-2021-42378", - "modified": "2025-11-19T06:19:11.443342Z" + "modified": "2025-12-03T22:49:02.812229Z" }, { "id": "ALPINE-CVE-2021-42379", - "modified": "2025-11-19T06:19:11.544591Z" + "modified": "2025-12-03T22:49:03.820223Z" }, { "id": "ALPINE-CVE-2021-42380", - "modified": "2025-11-19T06:19:11.880615Z" + "modified": "2025-12-03T22:49:02.273108Z" }, { "id": "ALPINE-CVE-2021-42381", - "modified": "2025-11-19T06:19:09.859787Z" + "modified": "2025-12-03T22:49:03.051591Z" }, { "id": "ALPINE-CVE-2021-42382", - "modified": "2025-11-19T06:19:09.961363Z" + "modified": "2025-12-03T22:49:04.080847Z" }, { "id": "ALPINE-CVE-2021-42383", - "modified": "2025-11-19T06:19:11.785164Z" + "modified": "2025-12-03T22:44:20.740566Z" }, { "id": "ALPINE-CVE-2021-42384", - "modified": "2025-11-19T06:19:11.734177Z" + "modified": "2025-12-03T22:49:04.436301Z" }, { "id": "ALPINE-CVE-2021-42385", - "modified": "2025-11-19T06:19:11.992937Z" + "modified": "2025-12-03T22:49:10.217079Z" }, { "id": "ALPINE-CVE-2021-42386", - "modified": "2025-11-19T06:19:11.733649Z" + "modified": "2025-12-03T22:49:10.486445Z" }, { "id": "ALPINE-CVE-2022-28391", - "modified": "2025-11-19T06:20:08.996475Z" + "modified": "2025-12-03T22:49:51.276555Z" }, { "id": "ALPINE-CVE-2022-30065", - "modified": "2025-11-19T06:20:12.472322Z" + "modified": "2025-12-03T22:50:17.721153Z" }, { "id": "ALPINE-CVE-2022-48174", - "modified": "2025-11-19T06:20:30.892588Z" + "modified": "2025-12-03T22:51:16.750993Z" }, { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" } ] }, @@ -660,11 +660,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2018-25032", - "modified": "2025-11-19T06:20:59.474598Z" + "modified": "2025-12-03T22:47:03.844688Z" }, { "id": "ALPINE-CVE-2022-37434", - "modified": "2025-11-19T06:21:17.394860Z" + "modified": "2025-12-03T22:50:43.469206Z" } ] } @@ -2520,7 +2520,7 @@ interactions: proto: HTTP/2.0 proto_major: 2 proto_minor: 0 - content_length: 8976 + content_length: 8997 body: | { "results": [ @@ -2564,7 +2564,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -2694,7 +2694,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -3064,7 +3064,7 @@ interactions: }, { "id": "UBUNTU-CVE-2024-41996", - "modified": "2025-11-27T07:52:14.406646Z" + "modified": "2025-12-01T07:36:42.094949Z" }, { "id": "UBUNTU-CVE-2024-9143", @@ -3092,7 +3092,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -3277,7 +3277,7 @@ interactions: } headers: Content-Length: - - "8976" + - "8997" Content-Type: - application/json status: 200 OK @@ -4013,7 +4013,7 @@ interactions: proto: HTTP/2.0 proto_major: 2 proto_minor: 0 - content_length: 8976 + content_length: 8997 body: | { "results": [ @@ -4057,7 +4057,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -4187,7 +4187,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -4557,7 +4557,7 @@ interactions: }, { "id": "UBUNTU-CVE-2024-41996", - "modified": "2025-11-27T07:52:14.406646Z" + "modified": "2025-12-01T07:36:42.094949Z" }, { "id": "UBUNTU-CVE-2024-9143", @@ -4585,7 +4585,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -4770,7 +4770,7 @@ interactions: } headers: Content-Length: - - "8976" + - "8997" Content-Type: - application/json status: 200 OK @@ -5520,7 +5520,7 @@ interactions: proto: HTTP/2.0 proto_major: 2 proto_minor: 0 - content_length: 13356 + content_length: 13503 body: | { "results": [ @@ -5565,7 +5565,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -5874,6 +5874,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] }, @@ -5995,7 +6003,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -6365,7 +6373,7 @@ interactions: }, { "id": "UBUNTU-CVE-2024-41996", - "modified": "2025-11-27T07:52:14.406646Z" + "modified": "2025-12-01T07:36:42.094949Z" }, { "id": "UBUNTU-CVE-2024-9143", @@ -6393,7 +6401,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -6578,7 +6586,7 @@ interactions: } headers: Content-Length: - - "13356" + - "13503" Content-Type: - application/json status: 200 OK @@ -8050,11 +8058,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -8062,11 +8070,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -8261,23 +8269,23 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-12797", - "modified": "2025-11-19T06:21:06.163218Z" + "modified": "2025-12-03T22:55:03.634026Z" }, { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9231", - "modified": "2025-11-19T05:59:27.591155Z" + "modified": "2025-12-03T23:00:26.184987Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -8285,11 +8293,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-8176", - "modified": "2025-11-19T06:21:14.893702Z" + "modified": "2025-12-03T22:57:51.246966Z" }, { "id": "ALPINE-CVE-2025-59375", - "modified": "2025-11-19T06:21:30.399374Z" + "modified": "2025-12-03T22:59:58.939558Z" } ] }, @@ -8308,23 +8316,23 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-12797", - "modified": "2025-11-19T06:21:06.163218Z" + "modified": "2025-12-03T22:55:03.634026Z" }, { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9231", - "modified": "2025-11-19T05:59:27.591155Z" + "modified": "2025-12-03T23:00:26.184987Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -8332,7 +8340,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-12133", - "modified": "2025-11-19T06:20:50.418011Z" + "modified": "2025-12-03T22:55:00.302559Z" } ] }, @@ -8342,7 +8350,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -8352,7 +8360,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -8363,23 +8371,23 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-12797", - "modified": "2025-11-19T06:21:06.163218Z" + "modified": "2025-12-03T22:55:03.634026Z" }, { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9231", - "modified": "2025-11-19T05:59:27.591155Z" + "modified": "2025-12-03T23:00:26.184987Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -8524,11 +8532,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -11208,7 +11216,7 @@ interactions: proto: HTTP/2.0 proto_major: 2 proto_minor: 0 - content_length: 10198 + content_length: 10954 body: | { "results": [ @@ -11220,11 +11228,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -11232,11 +11240,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -11336,6 +11344,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] }, @@ -11428,6 +11444,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] }, @@ -11520,6 +11544,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] }, @@ -11612,6 +11644,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] }, @@ -11704,6 +11744,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] }, @@ -11796,6 +11844,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] }, @@ -11803,35 +11859,35 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-12797", - "modified": "2025-11-19T06:21:06.163218Z" + "modified": "2025-12-03T22:55:03.634026Z" }, { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9231", - "modified": "2025-11-19T05:59:27.591155Z" + "modified": "2025-12-03T23:00:26.184987Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -11839,35 +11895,35 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-12797", - "modified": "2025-11-19T06:21:06.163218Z" + "modified": "2025-12-03T22:55:03.634026Z" }, { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9231", - "modified": "2025-11-19T05:59:27.591155Z" + "modified": "2025-12-03T23:00:26.184987Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -11875,7 +11931,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -11883,7 +11939,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -11898,11 +11954,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -11911,7 +11967,7 @@ interactions: } headers: Content-Length: - - "10198" + - "10954" Content-Type: - application/json status: 200 OK @@ -12048,7 +12104,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-36159", - "modified": "2025-11-19T06:24:01.223586Z" + "modified": "2025-12-03T22:50:23.251262Z" } ] }, @@ -12204,7 +12260,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-36159", - "modified": "2025-11-19T06:24:01.223586Z" + "modified": "2025-12-03T22:50:23.251262Z" } ] }, @@ -12360,7 +12416,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-36159", - "modified": "2025-11-19T06:24:01.223586Z" + "modified": "2025-12-03T22:50:23.251262Z" } ] }, @@ -12516,7 +12572,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-36159", - "modified": "2025-11-19T06:24:01.223586Z" + "modified": "2025-12-03T22:50:23.251262Z" } ] }, @@ -12695,27 +12751,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -12723,27 +12779,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -12753,39 +12809,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -12794,39 +12850,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -12838,27 +12894,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -13048,27 +13104,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -13076,27 +13132,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -13114,39 +13170,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -13155,39 +13211,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -13212,27 +13268,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -13401,27 +13457,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -13429,27 +13485,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -13459,39 +13515,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -13500,39 +13556,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -13544,27 +13600,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -13733,27 +13789,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -13761,27 +13817,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -13791,39 +13847,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -13832,39 +13888,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -13876,27 +13932,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -14065,27 +14121,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -14093,27 +14149,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -14123,39 +14179,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -14164,39 +14220,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -14208,27 +14264,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -14397,27 +14453,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -14425,27 +14481,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -14455,39 +14511,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -14496,39 +14552,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -14540,27 +14596,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, diff --git a/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_OCIImage_JSONFormat.yaml b/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_OCIImage_JSONFormat.yaml index cba20f4f6bf..b7560257728 100644 --- a/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_OCIImage_JSONFormat.yaml +++ b/cmd/osv-scanner/scan/image/testdata/cassettes/TestCommand_OCIImage_JSONFormat.yaml @@ -1327,1331 +1327,6 @@ interactions: code: 200 duration: 0s - id: 1 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 14536 - host: api.osv.dev - body: | - { - "queries": [ - { - "package": { - "ecosystem": "PyPI", - "name": "django" - }, - "version": "1.11.29" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "flask" - }, - "version": "0.12.2" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "jinja2" - }, - "version": "3.1.6" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "markupsafe" - }, - "version": "3.0.3" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "werkzeug" - }, - "version": "3.1.3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "adduser" - }, - "version": "3.118" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "apt" - }, - "version": "1.8.2.3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "base-files" - }, - "version": "10.3+deb10u13" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "base-passwd" - }, - "version": "3.5.46" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "bash" - }, - "version": "5.0-4" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "util-linux" - }, - "version": "1:2.33.1-0.1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "ca-certificates" - }, - "version": "20200601~deb10u2" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "certifi" - }, - "version": "2025.10.5" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "chardet" - }, - "version": "3.0.4" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "click" - }, - "version": "8.1.8" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "coreutils" - }, - "version": "8.30-3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "dash" - }, - "version": "0.5.10.2-5" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "debconf" - }, - "version": "1.5.71+deb10u1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "debian-archive-keyring" - }, - "version": "2019.1+deb10u1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "debianutils" - }, - "version": "4.8.6.1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "diffutils" - }, - "version": "1:3.7-3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "dpkg" - }, - "version": "1.19.8" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "e2fsprogs" - }, - "version": "1.44.5-1+deb10u3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "util-linux" - }, - "version": "2.33.1-0.1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "findutils" - }, - "version": "4.6.0+git+20190209-2" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "gcc-8" - }, - "version": "8.3.0-6" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "gnupg2" - }, - "version": "2.2.12-1+deb10u2" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "grep" - }, - "version": "3.3-1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "gzip" - }, - "version": "1.9-3+deb10u1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "hostname" - }, - "version": "3.21" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "idna" - }, - "version": "2.7" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "init-system-helpers" - }, - "version": "1.56+nmu1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "itsdangerous" - }, - "version": "2.2.0" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "acl" - }, - "version": "2.2.53-4" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "apt" - }, - "version": "1.8.2.3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "attr" - }, - "version": "1:2.4.48-4" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "audit" - }, - "version": "1:2.8.4-3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "audit" - }, - "version": "1:2.8.4-3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "util-linux" - }, - "version": "2.33.1-0.1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "bzip2" - }, - "version": "1.0.6-9.2~deb10u2" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "glibc" - }, - "version": "2.28-10+deb10u2" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "glibc" - }, - "version": "2.28-10+deb10u2" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libcap-ng" - }, - "version": "0.7.9-2" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "e2fsprogs" - }, - "version": "1.44.5-1+deb10u3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "db5.3" - }, - "version": "5.3.28+dfsg1-0.5" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "cdebconf" - }, - "version": "0.249" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "expat" - }, - "version": "2.2.6-2+deb10u6" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "e2fsprogs" - }, - "version": "1.44.5-1+deb10u3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "util-linux" - }, - "version": "2.33.1-0.1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libffi" - }, - "version": "3.2.1-9" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "gcc-8" - }, - "version": "1:8.3.0-6" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libgcrypt20" - }, - "version": "1.8.4-5+deb10u1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "gdbm" - }, - "version": "1.18.1-4" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "gmp" - }, - "version": "2:6.1.2+dfsg-4+deb10u1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "gnutls28" - }, - "version": "3.6.7-4+deb10u10" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libgpg-error" - }, - "version": "1.35-1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "nettle" - }, - "version": "3.4.1-1+deb10u1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libidn2" - }, - "version": "2.0.5-1+deb10u1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "lz4" - }, - "version": "1.8.3-1+deb10u1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "xz-utils" - }, - "version": "5.2.4-1+deb10u1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "util-linux" - }, - "version": "2.33.1-0.1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "ncurses" - }, - "version": "6.1+20181013-2+deb10u3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "nettle" - }, - "version": "3.4.1-1+deb10u1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "p11-kit" - }, - "version": "0.23.15-2+deb10u1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "pam" - }, - "version": "1.3.1-5" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "pam" - }, - "version": "1.3.1-5" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "pam" - }, - "version": "1.3.1-5" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "pam" - }, - "version": "1.3.1-5" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "pcre3" - }, - "version": "2:8.39-12" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "readline" - }, - "version": "7.0-5" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libseccomp" - }, - "version": "2.3.3-4" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libselinux" - }, - "version": "2.8-1+b1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libsemanage" - }, - "version": "2.8-2" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libsemanage" - }, - "version": "2.8-2" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libsepol" - }, - "version": "2.8-1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "util-linux" - }, - "version": "2.33.1-0.1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "sqlite3" - }, - "version": "3.27.2-3+deb10u2" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "e2fsprogs" - }, - "version": "1.44.5-1+deb10u3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "openssl" - }, - "version": "1.1.1n-0+deb10u5" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "gcc-8" - }, - "version": "8.3.0-6" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "systemd" - }, - "version": "241-7~deb10u9" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libtasn1-6" - }, - "version": "4.13-3+deb10u1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "ncurses" - }, - "version": "6.1+20181013-2+deb10u3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "systemd" - }, - "version": "241-7~deb10u9" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libunistring" - }, - "version": "0.9.10-1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "util-linux" - }, - "version": "2.33.1-0.1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "libzstd" - }, - "version": "1.3.8+dfsg-3+deb10u2" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "shadow" - }, - "version": "1:4.5-1.1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "mawk" - }, - "version": "1.3.3-17+b3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "util-linux" - }, - "version": "2.33.1-0.1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "ncurses" - }, - "version": "6.1+20181013-2+deb10u3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "ncurses" - }, - "version": "6.1+20181013-2+deb10u3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "netbase" - }, - "version": "5.6" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "openssl" - }, - "version": "1.1.1n-0+deb10u5" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "shadow" - }, - "version": "1:4.5-1.1" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "perl" - }, - "version": "5.28.1-6+deb10u1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "pip" - }, - "version": "23.0.1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "pip" - }, - "version": "23.0.1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "pytz" - }, - "version": "2025.2" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "readline" - }, - "version": "7.0-5" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "requests" - }, - "version": "2.20.0" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "sed" - }, - "version": "4.7-1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "setuptools" - }, - "version": "58.1.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "setuptools" - }, - "version": "58.1.0" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "sysvinit" - }, - "version": "2.93-8" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "tar" - }, - "version": "1.30+dfsg-6" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "tzdata" - }, - "version": "2021a-0+deb10u11" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "urllib3" - }, - "version": "1.24.3" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "util-linux" - }, - "version": "2.33.1-0.1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "wheel" - }, - "version": "0.40.0" - }, - { - "package": { - "ecosystem": "Debian:10", - "name": "zlib" - }, - "version": "1:1.2.11.dfsg-1+deb10u2" - } - ] - } - headers: - Content-Type: - - application/json - X-Test-Name: - - TestCommand_OCIImage_JSONFormat/Scanning_python_image_with_some_packages - url: https://api.osv.dev/v1/querybatch - method: POST - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - content_length: 5592 - body: | - { - "results": [ - { - "vulns": [ - { - "id": "GHSA-68w8-qjq3-2gfm", - "modified": "2024-09-20T15:46:52.557962Z" - }, - { - "id": "GHSA-6w2r-r2m5-xq5w", - "modified": "2025-11-05T20:52:11.756012Z" - }, - { - "id": "GHSA-7xr5-9hcq-chf9", - "modified": "2025-09-25T09:27:02.969281Z" - }, - { - "id": "GHSA-8x94-hmjh-97hq", - "modified": "2025-01-14T11:27:04.205746Z" - }, - { - "id": "GHSA-frmv-pr5f-9mcr", - "modified": "2025-11-15T02:34:25.379484Z" - }, - { - "id": "GHSA-qw25-v68c-qjf3", - "modified": "2025-11-11T15:28:46.308405Z" - }, - { - "id": "GHSA-rrqc-c2jx-6jgv", - "modified": "2024-10-30T19:23:59.139649Z" - }, - { - "id": "PYSEC-2021-98", - "modified": "2023-12-06T01:01:16.755410Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-562c-5r94-xh97", - "modified": "2025-02-21T05:29:40.872529Z" - }, - { - "id": "GHSA-5wv5-4vpf-pj6m", - "modified": "2024-09-20T21:24:25.140560Z" - }, - { - "id": "GHSA-m2qf-hxjv-5gpq", - "modified": "2025-02-21T05:42:17.337040Z" - }, - { - "id": "PYSEC-2018-66", - "modified": "2023-11-08T03:59:39.887416Z" - }, - { - "id": "PYSEC-2019-179", - "modified": "2023-11-08T04:00:40.602062Z" - }, - { - "id": "PYSEC-2023-62", - "modified": "2023-11-08T04:12:28.231927Z" - } - ] - }, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "DLA-3482-1", - "modified": "2025-05-26T07:01:25.263124Z" - } - ] - }, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "DLA-3782-1", - "modified": "2025-05-26T07:22:30.567107Z" - } - ] - }, - {}, - {}, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "GHSA-jjg7-2v4v-x38h", - "modified": "2025-11-05T20:30:45.121847Z" - }, - { - "id": "PYSEC-2024-60", - "modified": "2024-07-11T17:42:33.704488Z" - } - ] - }, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "DLA-3782-1", - "modified": "2025-05-26T07:22:30.567107Z" - } - ] - }, - {}, - { - "vulns": [ - { - "id": "DLA-3807-1", - "modified": "2025-05-26T07:24:04.503081Z" - }, - { - "id": "DLA-3850-1", - "modified": "2025-05-26T07:24:05.860020Z" - } - ] - }, - { - "vulns": [ - { - "id": "DLA-3807-1", - "modified": "2025-05-26T07:24:04.503081Z" - }, - { - "id": "DLA-3850-1", - "modified": "2025-05-26T07:24:05.860020Z" - } - ] - }, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "DLA-3783-1", - "modified": "2025-05-26T07:23:51.550862Z" - } - ] - }, - {}, - { - "vulns": [ - { - "id": "DLA-3782-1", - "modified": "2025-05-26T07:22:30.567107Z" - } - ] - }, - {}, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "DLA-3660-1", - "modified": "2025-05-26T07:23:53.429764Z" - }, - { - "id": "DLA-3740-1", - "modified": "2025-05-26T07:23:55.348455Z" - } - ] - }, - {}, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "DLA-3782-1", - "modified": "2025-05-26T07:22:30.567107Z" - } - ] - }, - { - "vulns": [ - { - "id": "DLA-3586-1", - "modified": "2025-05-26T07:21:44.419009Z" - }, - { - "id": "DLA-3682-1", - "modified": "2025-05-26T07:22:33.585830Z" - } - ] - }, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "DLA-3782-1", - "modified": "2025-05-26T07:22:30.567107Z" - } - ] - }, - {}, - {}, - { - "vulns": [ - { - "id": "DLA-3530-1", - "modified": "2025-05-26T07:23:36.219658Z" - } - ] - }, - {}, - { - "vulns": [ - { - "id": "DLA-3474-1", - "modified": "2025-05-26T07:23:08.729561Z" - } - ] - }, - {}, - { - "vulns": [ - { - "id": "DLA-3586-1", - "modified": "2025-05-26T07:21:44.419009Z" - }, - { - "id": "DLA-3682-1", - "modified": "2025-05-26T07:22:33.585830Z" - } - ] - }, - { - "vulns": [ - { - "id": "DLA-3474-1", - "modified": "2025-05-26T07:23:08.729561Z" - } - ] - }, - {}, - { - "vulns": [ - { - "id": "DLA-3782-1", - "modified": "2025-05-26T07:22:30.567107Z" - } - ] - }, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "DLA-3782-1", - "modified": "2025-05-26T07:22:30.567107Z" - } - ] - }, - { - "vulns": [ - { - "id": "DLA-3586-1", - "modified": "2025-05-26T07:21:44.419009Z" - }, - { - "id": "DLA-3682-1", - "modified": "2025-05-26T07:22:33.585830Z" - } - ] - }, - { - "vulns": [ - { - "id": "DLA-3586-1", - "modified": "2025-05-26T07:21:44.419009Z" - }, - { - "id": "DLA-3682-1", - "modified": "2025-05-26T07:22:33.585830Z" - } - ] - }, - {}, - { - "vulns": [ - { - "id": "DLA-3530-1", - "modified": "2025-05-26T07:23:36.219658Z" - } - ] - }, - {}, - {}, - { - "vulns": [ - { - "id": "GHSA-4xh5-x5gv-qwph", - "modified": "2025-11-03T19:51:02.757999Z" - }, - { - "id": "GHSA-mq26-g339-26xf", - "modified": "2025-11-03T22:10:45.107452Z" - }, - { - "id": "PYSEC-2023-228", - "modified": "2023-12-06T01:03:17.199012Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-4xh5-x5gv-qwph", - "modified": "2025-11-03T19:51:02.757999Z" - }, - { - "id": "GHSA-mq26-g339-26xf", - "modified": "2025-11-03T22:10:45.107452Z" - }, - { - "id": "PYSEC-2023-228", - "modified": "2023-12-06T01:03:17.199012Z" - } - ] - }, - {}, - {}, - { - "vulns": [ - { - "id": "GHSA-9hjg-9r4m-mvj7", - "modified": "2025-06-09T19:27:13.389930Z" - }, - { - "id": "GHSA-9wx4-h78v-vm56", - "modified": "2024-07-15T22:12:27.987373Z" - }, - { - "id": "GHSA-j8r2-6x86-q33q", - "modified": "2025-02-13T19:20:45.182158Z" - }, - { - "id": "PYSEC-2023-74", - "modified": "2023-11-08T04:12:35.436175Z" - } - ] - }, - {}, - { - "vulns": [ - { - "id": "GHSA-5rjg-fvgr-3xxf", - "modified": "2025-06-13T06:59:23.470501Z" - }, - { - "id": "GHSA-cx63-2mw6-8hw5", - "modified": "2025-11-04T20:28:44.074515Z" - }, - { - "id": "GHSA-r9hx-vwmv-q579", - "modified": "2025-11-04T20:46:15.019106Z" - }, - { - "id": "PYSEC-2022-43012", - "modified": "2023-12-06T01:02:35.662444Z" - }, - { - "id": "PYSEC-2025-49", - "modified": "2025-06-13T06:59:23.470501Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-5rjg-fvgr-3xxf", - "modified": "2025-06-13T06:59:23.470501Z" - }, - { - "id": "GHSA-cx63-2mw6-8hw5", - "modified": "2025-11-04T20:28:44.074515Z" - }, - { - "id": "GHSA-r9hx-vwmv-q579", - "modified": "2025-11-04T20:46:15.019106Z" - }, - { - "id": "PYSEC-2022-43012", - "modified": "2023-12-06T01:02:35.662444Z" - }, - { - "id": "PYSEC-2025-49", - "modified": "2025-06-13T06:59:23.470501Z" - } - ] - }, - {}, - { - "vulns": [ - { - "id": "DLA-3755-1", - "modified": "2025-05-26T07:23:40.399798Z" - } - ] - }, - { - "vulns": [ - { - "id": "DLA-3684-1", - "modified": "2025-05-26T07:01:38.953691Z" - }, - { - "id": "DLA-3788-1", - "modified": "2025-05-26T07:01:46.700929Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-34jh-p97f-mpxf", - "modified": "2025-11-04T17:17:45.245584Z" - }, - { - "id": "GHSA-g4mx-q9vg-27p4", - "modified": "2025-11-04T17:00:24.358773Z" - }, - { - "id": "GHSA-pq67-6m6q-mj2v", - "modified": "2025-06-19T16:15:11.736637Z" - }, - { - "id": "GHSA-v845-jxx5-vc9f", - "modified": "2025-11-04T17:12:10.974241Z" - }, - { - "id": "GHSA-wqvq-5m8c-6g24", - "modified": "2024-11-18T22:47:07.792720Z" - }, - { - "id": "PYSEC-2020-148", - "modified": "2023-11-08T04:03:14.251187Z" - }, - { - "id": "PYSEC-2021-108", - "modified": "2023-11-08T04:06:04.829992Z" - }, - { - "id": "PYSEC-2023-192", - "modified": "2023-11-08T04:13:33.452167Z" - }, - { - "id": "PYSEC-2023-212", - "modified": "2023-11-08T04:13:39.165450Z" - } - ] - }, - { - "vulns": [ - { - "id": "DLA-3782-1", - "modified": "2025-05-26T07:22:30.567107Z" - } - ] - }, - {}, - {} - ] - } - headers: - Content-Length: - - "5592" - Content-Type: - - application/json - status: 200 OK - code: 200 - duration: 0s - - id: 2 request: proto: HTTP/1.1 proto_major: 1 @@ -3030,11 +1705,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -3042,11 +1717,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -3079,11 +1754,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -3113,7 +1788,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 3 + - id: 2 request: proto: HTTP/1.1 proto_major: 1 @@ -3255,7 +1930,7 @@ interactions: proto: HTTP/2.0 proto_major: 2 proto_minor: 0 - content_length: 3228 + content_length: 3354 body: | { "results": [ @@ -3267,11 +1942,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -3279,11 +1954,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -3378,6 +2053,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] }, @@ -3385,35 +2068,35 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-12797", - "modified": "2025-11-19T06:21:06.163218Z" + "modified": "2025-12-03T22:55:03.634026Z" }, { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9231", - "modified": "2025-11-19T05:59:27.591155Z" + "modified": "2025-12-03T23:00:26.184987Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -3421,35 +2104,35 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-12797", - "modified": "2025-11-19T06:21:06.163218Z" + "modified": "2025-12-03T22:55:03.634026Z" }, { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9231", - "modified": "2025-11-19T05:59:27.591155Z" + "modified": "2025-12-03T23:00:26.184987Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -3457,7 +2140,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -3465,7 +2148,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -3475,11 +2158,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -3488,13 +2171,13 @@ interactions: } headers: Content-Length: - - "3228" + - "3354" Content-Type: - application/json status: 200 OK code: 200 duration: 0s - - id: 4 + - id: 3 request: proto: HTTP/1.1 proto_major: 1 @@ -3625,7 +2308,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-36159", - "modified": "2025-11-19T06:24:01.223586Z" + "modified": "2025-12-03T22:50:23.251262Z" } ] }, @@ -3650,7 +2333,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 5 + - id: 4 request: proto: HTTP/1.1 proto_major: 1 @@ -3781,7 +2464,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2021-36159", - "modified": "2025-11-19T06:24:01.223586Z" + "modified": "2025-12-03T22:50:23.251262Z" } ] }, @@ -3806,7 +2489,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 6 + - id: 5 request: proto: HTTP/1.1 proto_major: 1 @@ -3981,27 +2664,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -4009,27 +2692,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -4047,39 +2730,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -4088,39 +2771,39 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2024-13176", - "modified": "2025-11-19T06:11:21.935709Z" + "modified": "2025-12-03T22:55:07.817006Z" }, { "id": "ALPINE-CVE-2024-2511", - "modified": "2025-11-19T06:21:05.375681Z" + "modified": "2025-12-03T22:55:31.105344Z" }, { "id": "ALPINE-CVE-2024-4603", - "modified": "2025-11-19T06:21:12.728683Z" + "modified": "2025-12-03T22:57:04.661877Z" }, { "id": "ALPINE-CVE-2024-4741", - "modified": "2025-11-19T06:21:14.086798Z" + "modified": "2025-12-03T22:57:09.616922Z" }, { "id": "ALPINE-CVE-2024-5535", - "modified": "2025-11-19T06:21:19.406685Z" + "modified": "2025-12-03T22:57:32.699825Z" }, { "id": "ALPINE-CVE-2024-6119", - "modified": "2025-11-19T06:21:19.490779Z" + "modified": "2025-12-03T22:57:47.097001Z" }, { "id": "ALPINE-CVE-2024-9143", - "modified": "2025-11-19T06:21:15.538783Z" + "modified": "2025-12-03T22:57:50.413061Z" }, { "id": "ALPINE-CVE-2025-9230", - "modified": "2025-11-19T05:59:45.282415Z" + "modified": "2025-12-03T23:00:22.789476Z" }, { "id": "ALPINE-CVE-2025-9232", - "modified": "2025-11-19T06:05:01.345167Z" + "modified": "2025-12-03T23:00:27.900024Z" } ] }, @@ -4145,27 +2828,27 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2023-42363", - "modified": "2025-11-19T06:20:46.860775Z" + "modified": "2025-12-03T22:53:19.595031Z" }, { "id": "ALPINE-CVE-2023-42364", - "modified": "2025-11-19T06:20:47.596491Z" + "modified": "2025-12-03T22:53:16.639859Z" }, { "id": "ALPINE-CVE-2023-42365", - "modified": "2025-11-19T06:20:47.825033Z" + "modified": "2025-12-03T22:53:18.372883Z" }, { "id": "ALPINE-CVE-2023-42366", - "modified": "2025-11-19T06:20:47.393398Z" + "modified": "2025-12-03T22:53:21.200830Z" }, { "id": "ALPINE-CVE-2024-58251", - "modified": "2025-11-23T16:23:01.498455Z" + "modified": "2025-12-03T22:57:45.619122Z" }, { "id": "ALPINE-CVE-2025-46394", - "modified": "2025-11-23T16:25:10.717470Z" + "modified": "2025-12-03T22:59:20.065296Z" } ] }, @@ -4180,7 +2863,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 7 + - id: 6 request: proto: HTTP/1.1 proto_major: 1 @@ -4910,7 +3593,7 @@ interactions: proto: HTTP/2.0 proto_major: 2 proto_minor: 0 - content_length: 8976 + content_length: 8997 body: | { "results": [ @@ -4954,7 +3637,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -5084,7 +3767,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -5454,7 +4137,7 @@ interactions: }, { "id": "UBUNTU-CVE-2024-41996", - "modified": "2025-11-27T07:52:14.406646Z" + "modified": "2025-12-01T07:36:42.094949Z" }, { "id": "UBUNTU-CVE-2024-9143", @@ -5482,7 +4165,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -5667,13 +4350,13 @@ interactions: } headers: Content-Length: - - "8976" + - "8997" Content-Type: - application/json status: 200 OK code: 200 duration: 0s - - id: 8 + - id: 7 request: proto: HTTP/1.1 proto_major: 1 @@ -6417,7 +5100,7 @@ interactions: proto: HTTP/2.0 proto_major: 2 proto_minor: 0 - content_length: 13356 + content_length: 13503 body: | { "results": [ @@ -6462,7 +5145,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -6771,6 +5454,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] }, @@ -6892,7 +5583,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -7262,7 +5953,7 @@ interactions: }, { "id": "UBUNTU-CVE-2024-41996", - "modified": "2025-11-27T07:52:14.406646Z" + "modified": "2025-12-01T07:36:42.094949Z" }, { "id": "UBUNTU-CVE-2024-9143", @@ -7290,7 +5981,7 @@ interactions: "vulns": [ { "id": "UBUNTU-CVE-2022-27943", - "modified": "2025-10-30T04:59:14Z" + "modified": "2025-12-02T10:46:50.529908Z" }, { "id": "UBUNTU-CVE-2023-4039", @@ -7475,7 +6166,7 @@ interactions: } headers: Content-Length: - - "13356" + - "13503" Content-Type: - application/json status: 200 OK diff --git a/cmd/osv-scanner/scan/image/testdata/lockfile-fixture/alpine-zlib-16.cdx.json b/cmd/osv-scanner/scan/image/testdata/lockfile-fixture/alpine-zlib-16.cdx.json new file mode 100644 index 00000000000..4098afeed12 --- /dev/null +++ b/cmd/osv-scanner/scan/image/testdata/lockfile-fixture/alpine-zlib-16.cdx.json @@ -0,0 +1,47 @@ +{ + "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.6", + "version": 1, + "metadata": { + "timestamp": "2025-07-08T05:23:38Z", + "tools": { + "components": [ + { + "type": "application", + "name": "SCALIBR", + "externalReferences": [ + { + "url": "https://github.com/google/osv-scalibr", + "type": "website" + } + ] + } + ] + }, + "authors": [ + {} + ], + "component": { + "bom-ref": "a5add6de-55de-40a9-aa0d-1f03de5ab308", + "type": "", + "name": "" + } + }, + "components": [ + { + "bom-ref": "6756e583-83d8-4a08-a573-d2e9506cbd93", + "type": "library", + "name": "zlib", + "version": "1.2.12-r1", + "purl": "pkg:apk/alpine/zlib@1.2.12-r1?arch=x86_64\u0026distro=3.22.0\u0026origin=zlib", + "evidence": { + "occurrences": [ + { + "location": "lib/apk/db/installed" + } + ] + } + } + ] +} diff --git a/cmd/osv-scanner/scan/image/testdata/test-alpine-sbom.Dockerfile b/cmd/osv-scanner/scan/image/testdata/test-alpine-sbom.Dockerfile new file mode 100644 index 00000000000..9e1cfdb717e --- /dev/null +++ b/cmd/osv-scanner/scan/image/testdata/test-alpine-sbom.Dockerfile @@ -0,0 +1,3 @@ +FROM alpine:3.10@sha256:451eee8bedcb2f029756dc3e9d73bab0e7943c1ac55cff3a4861c52a0fdd3e98 + +COPY lockfile-fixture/alpine-zlib-16.cdx.json /data/alpine-zlib-16.cdx.json \ No newline at end of file diff --git a/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap b/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap index d0b2f2abdb0..b6870f7b93d 100755 --- a/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap +++ b/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap @@ -1001,8 +1001,8 @@ Scanned /testdata/locks-many-with-insecure/package-lock.json file and f [TestCommand/go_packages_in_osv-scanner.json_format - 1] Scanned /testdata/locks-insecure/osv-scanner.json file and found 2 packages -Total 2 packages affected by 13 known vulnerabilities (0 Critical, 0 High, 0 Medium, 0 Low, 13 Unknown) from 1 ecosystem. -13 vulnerabilities can be fixed. +Total 2 packages affected by 15 known vulnerabilities (0 Critical, 0 High, 0 Medium, 0 Low, 15 Unknown) from 1 ecosystem. +15 vulnerabilities can be fixed. +------------------------------+------+-----------+-----------+---------+---------------+------------------------------------------+ @@ -1020,6 +1020,8 @@ Total 2 packages affected by 13 known vulnerabilities (0 Critical, 0 High, 0 Med | https://osv.dev/GO-2025-4013 | | Go | stdlib | 1.24.4 | 1.24.8 | testdata/locks-insecure/osv-scanner.json | | https://osv.dev/GO-2025-4014 | | Go | stdlib | 1.24.4 | 1.24.8 | testdata/locks-insecure/osv-scanner.json | | https://osv.dev/GO-2025-4015 | | Go | stdlib | 1.24.4 | 1.24.8 | testdata/locks-insecure/osv-scanner.json | +| https://osv.dev/GO-2025-4155 | | Go | stdlib | 1.24.4 | 1.24.11 | testdata/locks-insecure/osv-scanner.json | +| https://osv.dev/GO-2025-4175 | | Go | stdlib | 1.24.4 | 1.24.11 | testdata/locks-insecure/osv-scanner.json | | https://osv.dev/GO-2025-3828 | | Go | toolchain | 1.24.4 | 1.24.5 | testdata/locks-insecure/osv-scanner.json | +------------------------------+------+-----------+-----------+---------+---------------+------------------------------------------+ diff --git a/cmd/osv-scanner/scan/source/command_test.go b/cmd/osv-scanner/scan/source/command_test.go index 5c45230edb2..b4a54791914 100644 --- a/cmd/osv-scanner/scan/source/command_test.go +++ b/cmd/osv-scanner/scan/source/command_test.go @@ -381,6 +381,8 @@ func TestCommand_Config_UnusedIgnores(t *testing.T) { func TestCommand_JavareachArchive(t *testing.T) { t.Parallel() + testutility.SkipIfShort(t) + client := testcmd.InsertCassette(t) tests := []testcmd.Case{ @@ -700,8 +702,8 @@ func TestCommand_ExplicitExtractors_WithoutDefaults(t *testing.T) { func TestCommand_CallAnalysis(t *testing.T) { t.Parallel() - // Switch to acceptance test if this takes too long, or when we add rust tests - // testutility.SkipIfNotAcceptanceTesting(t, "Takes a while to run") + // This does require Go toolchain, but the whole project requires go toolchain, + // so not an external dependency client := testcmd.InsertCassette(t) @@ -954,6 +956,8 @@ func TestCommand_GithubActions(t *testing.T) { func TestCommand_LocalDatabases(t *testing.T) { t.Parallel() + testutility.SkipIfShort(t) + client := testcmd.InsertCassette(t) tests := []testcmd.Case{ @@ -1073,6 +1077,8 @@ func TestCommand_LocalDatabases_AlwaysOffline(t *testing.T) { func TestCommand_CommitSupport(t *testing.T) { t.Parallel() + testutility.SkipIfShort(t) + tests := []testcmd.Case{ { Name: "online_uses_git_commits", @@ -1207,6 +1213,8 @@ func TestCommand_Licenses(t *testing.T) { func TestCommand_Transitive(t *testing.T) { t.Parallel() + testutility.SkipIfShort(t) + client := testcmd.InsertCassette(t) tests := []testcmd.Case{ diff --git a/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand.yaml b/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand.yaml index b78efc4240c..fd56f11a114 100644 --- a/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand.yaml +++ b/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand.yaml @@ -55,107 +55,6 @@ interactions: code: 200 duration: 0s - id: 1 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 1024 - host: api.osv.dev - body: | - { - "queries": [ - { - "package": { - "ecosystem": "RubyGems", - "name": "ast" - }, - "version": "2.4.2" - }, - { - "package": { - "ecosystem": "Packagist", - "name": "sentry/sdk" - }, - "version": "2.0.4" - }, - { - "package": { - "ecosystem": "RubyGems", - "name": "ast" - }, - "version": "2.4.2" - }, - { - "package": { - "ecosystem": "npm", - "name": "balanced-match" - }, - "version": "1.0.2" - }, - { - "package": { - "ecosystem": "RubyGems", - "name": "ast" - }, - "version": "2.4.2" - }, - { - "package": { - "ecosystem": "Packagist", - "name": "sentry/sdk" - }, - "version": "2.0.4" - }, - { - "package": { - "ecosystem": "npm", - "name": "balanced-match" - }, - "version": "1.0.2" - }, - { - "package": { - "ecosystem": "npm", - "name": "balanced-match" - }, - "version": "1.0.2" - } - ] - } - headers: - Content-Type: - - application/json - X-Test-Name: - - TestCommand/.gitignored_files - url: https://api.osv.dev/v1/querybatch - method: POST - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - content_length: 37 - body: | - { - "results": [ - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {} - ] - } - headers: - Content-Length: - - "37" - Content-Type: - - application/json - status: 200 OK - code: 200 - duration: 0s - - id: 2 request: proto: HTTP/1.1 proto_major: 1 @@ -200,7 +99,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 3 + - id: 2 request: proto: HTTP/1.1 proto_major: 1 @@ -245,7 +144,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 4 + - id: 3 request: proto: HTTP/1.1 proto_major: 1 @@ -290,7 +189,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 5 + - id: 4 request: proto: HTTP/1.1 proto_major: 1 @@ -335,7 +234,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 6 + - id: 5 request: proto: HTTP/1.1 proto_major: 1 @@ -380,7 +279,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 7 + - id: 6 request: proto: HTTP/1.1 proto_major: 1 @@ -410,7 +309,7 @@ interactions: proto: HTTP/2.0 proto_major: 2 proto_minor: 0 - content_length: 1905 + content_length: 2031 body: | { "results": [ @@ -535,6 +434,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] } @@ -542,13 +449,13 @@ interactions: } headers: Content-Length: - - "1905" + - "2031" Content-Type: - application/json status: 200 OK code: 200 duration: 0s - - id: 8 + - id: 7 request: proto: HTTP/1.1 proto_major: 1 @@ -585,7 +492,7 @@ interactions: proto: HTTP/2.0 proto_major: 2 proto_minor: 0 - content_length: 3797 + content_length: 4049 body: | { "results": [ @@ -710,6 +617,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] }, @@ -834,6 +749,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] } @@ -841,13 +764,13 @@ interactions: } headers: Content-Length: - - "3797" + - "4049" Content-Type: - application/json status: 200 OK code: 200 duration: 0s - - id: 9 + - id: 8 request: proto: HTTP/1.1 proto_major: 1 @@ -877,7 +800,7 @@ interactions: proto: HTTP/2.0 proto_major: 2 proto_minor: 0 - content_length: 1905 + content_length: 2031 body: | { "results": [ @@ -1002,6 +925,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] } @@ -1009,13 +940,13 @@ interactions: } headers: Content-Length: - - "1905" + - "2031" Content-Type: - application/json status: 200 OK code: 200 duration: 0s - - id: 10 + - id: 9 request: proto: HTTP/1.1 proto_major: 1 @@ -1153,7 +1084,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -1164,11 +1095,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2018-25032", - "modified": "2025-11-19T06:20:59.474598Z" + "modified": "2025-12-03T22:47:03.844688Z" }, { "id": "ALPINE-CVE-2022-37434", - "modified": "2025-11-19T06:21:17.394860Z" + "modified": "2025-12-03T22:50:43.469206Z" } ] } @@ -1182,7 +1113,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 11 + - id: 10 request: proto: HTTP/1.1 proto_major: 1 @@ -1234,7 +1165,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 12 + - id: 11 request: proto: HTTP/1.1 proto_major: 1 @@ -1303,7 +1234,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 13 + - id: 12 request: proto: HTTP/1.1 proto_major: 1 @@ -1356,7 +1287,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 14 + - id: 13 request: proto: HTTP/1.1 proto_major: 1 @@ -1598,7 +1529,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -1648,7 +1579,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 15 + - id: 14 request: proto: HTTP/1.1 proto_major: 1 @@ -1693,7 +1624,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 16 + - id: 15 request: proto: HTTP/1.1 proto_major: 1 @@ -1762,7 +1693,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 17 + - id: 16 request: proto: HTTP/1.1 proto_major: 1 @@ -1846,7 +1777,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 18 + - id: 17 request: proto: HTTP/1.1 proto_major: 1 @@ -1930,7 +1861,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 19 + - id: 18 request: proto: HTTP/1.1 proto_major: 1 @@ -1982,7 +1913,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 20 + - id: 19 request: proto: HTTP/1.1 proto_major: 1 @@ -2034,7 +1965,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 21 + - id: 20 request: proto: HTTP/1.1 proto_major: 1 @@ -3283,7 +3214,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2022-37434", - "modified": "2025-11-19T06:21:17.394860Z" + "modified": "2025-12-03T22:50:43.469206Z" } ] }, @@ -3300,7 +3231,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -3311,11 +3242,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2018-25032", - "modified": "2025-11-19T06:20:59.474598Z" + "modified": "2025-12-03T22:47:03.844688Z" }, { "id": "ALPINE-CVE-2022-37434", - "modified": "2025-11-19T06:21:17.394860Z" + "modified": "2025-12-03T22:50:43.469206Z" } ] }, @@ -4655,7 +4586,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -4666,11 +4597,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2018-25032", - "modified": "2025-11-19T06:20:59.474598Z" + "modified": "2025-12-03T22:47:03.844688Z" }, { "id": "ALPINE-CVE-2022-37434", - "modified": "2025-11-19T06:21:17.394860Z" + "modified": "2025-12-03T22:50:43.469206Z" } ] } @@ -4684,7 +4615,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 22 + - id: 21 request: proto: HTTP/1.1 proto_major: 1 @@ -4736,7 +4667,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 23 + - id: 22 request: proto: HTTP/1.1 proto_major: 1 @@ -4773,7 +4704,7 @@ interactions: proto: HTTP/2.0 proto_major: 2 proto_minor: 0 - content_length: 849 + content_length: 975 body: | { "results": [ @@ -4826,6 +4757,14 @@ interactions: { "id": "GO-2025-4015", "modified": "2025-11-06T13:59:33.352271Z" + }, + { + "id": "GO-2025-4155", + "modified": "2025-12-04T12:27:49.190431Z" + }, + { + "id": "GO-2025-4175", + "modified": "2025-12-03T19:43:47.587932Z" } ] }, @@ -4841,13 +4780,13 @@ interactions: } headers: Content-Length: - - "849" + - "975" Content-Type: - application/json status: 200 OK code: 200 duration: 0s - - id: 24 + - id: 23 request: proto: HTTP/1.1 proto_major: 1 @@ -4899,7 +4838,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 25 + - id: 24 request: proto: HTTP/1.1 proto_major: 1 @@ -5000,7 +4939,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 26 + - id: 25 request: proto: HTTP/1.1 proto_major: 1 @@ -5045,7 +4984,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 27 + - id: 26 request: proto: HTTP/1.1 proto_major: 1 @@ -5098,7 +5037,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 28 + - id: 27 request: proto: HTTP/1.1 proto_major: 1 @@ -5143,7 +5082,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 29 + - id: 28 request: proto: HTTP/1.1 proto_major: 1 @@ -5188,7 +5127,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 30 + - id: 29 request: proto: HTTP/1.1 proto_major: 1 @@ -5233,7 +5172,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 31 + - id: 30 request: proto: HTTP/1.1 proto_major: 1 @@ -5285,7 +5224,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 32 + - id: 31 request: proto: HTTP/1.1 proto_major: 1 @@ -5330,7 +5269,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 33 + - id: 32 request: proto: HTTP/1.1 proto_major: 1 @@ -5468,7 +5407,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -5479,11 +5418,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2018-25032", - "modified": "2025-11-19T06:20:59.474598Z" + "modified": "2025-12-03T22:47:03.844688Z" }, { "id": "ALPINE-CVE-2022-37434", - "modified": "2025-11-19T06:21:17.394860Z" + "modified": "2025-12-03T22:50:43.469206Z" } ] } @@ -5497,7 +5436,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 34 + - id: 33 request: proto: HTTP/1.1 proto_major: 1 @@ -5635,7 +5574,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -5646,11 +5585,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2018-25032", - "modified": "2025-11-19T06:20:59.474598Z" + "modified": "2025-12-03T22:47:03.844688Z" }, { "id": "ALPINE-CVE-2022-37434", - "modified": "2025-11-19T06:21:17.394860Z" + "modified": "2025-12-03T22:50:43.469206Z" } ] } @@ -5664,7 +5603,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 35 + - id: 34 request: proto: HTTP/1.1 proto_major: 1 @@ -5765,7 +5704,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 36 + - id: 35 request: proto: HTTP/1.1 proto_major: 1 @@ -5866,7 +5805,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 37 + - id: 36 request: proto: HTTP/1.1 proto_major: 1 @@ -6004,7 +5943,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -6015,11 +5954,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2018-25032", - "modified": "2025-11-19T06:20:59.474598Z" + "modified": "2025-12-03T22:47:03.844688Z" }, { "id": "ALPINE-CVE-2022-37434", - "modified": "2025-11-19T06:21:17.394860Z" + "modified": "2025-12-03T22:50:43.469206Z" } ] } @@ -6033,7 +5972,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 38 + - id: 37 request: proto: HTTP/1.1 proto_major: 1 @@ -6171,7 +6110,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -6182,11 +6121,11 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2018-25032", - "modified": "2025-11-19T06:20:59.474598Z" + "modified": "2025-12-03T22:47:03.844688Z" }, { "id": "ALPINE-CVE-2022-37434", - "modified": "2025-11-19T06:21:17.394860Z" + "modified": "2025-12-03T22:50:43.469206Z" } ] } @@ -6200,7 +6139,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 39 + - id: 38 request: proto: HTTP/1.1 proto_major: 1 @@ -6245,7 +6184,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 40 + - id: 39 request: proto: HTTP/1.1 proto_major: 1 @@ -6297,7 +6236,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 41 + - id: 40 request: proto: HTTP/1.1 proto_major: 1 @@ -7103,876 +7042,70 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 42 + - id: 41 request: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 5858 + content_length: 638 host: api.osv.dev body: | { "queries": [ { "package": { - "ecosystem": "PyPI", - "name": "click" + "ecosystem": "npm", + "name": "has-flag" }, - "version": "8.3.1" + "version": "4.0.0" }, { "package": { - "ecosystem": "PyPI", - "name": "flask" + "ecosystem": "npm", + "name": "wrappy" }, - "version": "1.0" + "version": "1.0.2" }, { "package": { - "ecosystem": "PyPI", - "name": "itsdangerous" + "ecosystem": "Packagist", + "name": "league/flysystem" }, - "version": "2.2.0" + "version": "1.0.8" }, { "package": { - "ecosystem": "PyPI", - "name": "jinja2" + "ecosystem": "Go", + "name": "stdlib" }, - "version": "3.1.6" + "version": "1.99.9" }, { "package": { - "ecosystem": "PyPI", - "name": "markupsafe" + "ecosystem": "Go", + "name": "toolchain" }, - "version": "3.0.3" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "werkzeug" - }, - "version": "3.1.4" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "black" - }, - "version": "25.1.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "click" - }, - "version": "8.3.1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "mypy-extensions" - }, - "version": "1.1.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "packaging" - }, - "version": "25.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "pathspec" - }, - "version": "0.12.1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "platformdirs" - }, - "version": "4.5.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "tomli" - }, - "version": "2.3.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "typing-extensions" - }, - "version": "4.15.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "django" - }, - "version": "1.11.29" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "flask" - }, - "version": "1.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "requests" - }, - "version": "2.20.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "certifi" - }, - "version": "2025.11.12" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "chardet" - }, - "version": "3.0.4" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "click" - }, - "version": "8.3.1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "idna" - }, - "version": "2.7" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "itsdangerous" - }, - "version": "2.2.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "jinja2" - }, - "version": "3.1.6" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "markupsafe" - }, - "version": "3.0.3" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "numpy" - }, - "version": "2.3.1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "pytz" - }, - "version": "2025.2" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "urllib3" - }, - "version": "1.24.3" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "werkzeug" - }, - "version": "3.1.4" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "django" - }, - "version": "2.2.24" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "pytz" - }, - "version": "2025.2" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "sqlparse" - }, - "version": "0.5.4" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "certifi" - }, - "version": "2025.11.12" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "chardet" - }, - "version": "3.0.4" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "click" - }, - "version": "8.3.1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "django" - }, - "version": "1.11.29" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "flask" - }, - "version": "1.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "idna" - }, - "version": "2.7" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "itsdangerous" - }, - "version": "2.2.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "jinja2" - }, - "version": "3.1.6" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "markupsafe" - }, - "version": "3.0.3" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "pytz" - }, - "version": "2025.2" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "requests" - }, - "version": "2.20.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "urllib3" - }, - "version": "1.24.3" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "werkzeug" - }, - "version": "3.1.4" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "numpy" - }, - "version": "2.3.1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "flask" - }, - "version": "1.0.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "flask-cors" - }, - "version": "1.0.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "pandas" - }, - "version": "0.23.4" - } - ] - } - headers: - Content-Type: - - application/json - X-Test-Name: - - TestCommand/requirements.txt_can_have_all_kinds_of_names - url: https://api.osv.dev/v1/querybatch - method: POST - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - content_length: 6076 - body: | - { - "results": [ - {}, - { - "vulns": [ - { - "id": "GHSA-m2qf-hxjv-5gpq", - "modified": "2025-02-21T05:42:17.337040Z" - }, - { - "id": "PYSEC-2023-62", - "modified": "2023-11-08T04:12:28.231927Z" - } - ] - }, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "GHSA-68w8-qjq3-2gfm", - "modified": "2024-09-20T15:46:52.557962Z" - }, - { - "id": "GHSA-6w2r-r2m5-xq5w", - "modified": "2025-11-05T20:52:11.756012Z" - }, - { - "id": "GHSA-7xr5-9hcq-chf9", - "modified": "2025-09-25T09:27:02.969281Z" - }, - { - "id": "GHSA-8x94-hmjh-97hq", - "modified": "2025-01-14T11:27:04.205746Z" - }, - { - "id": "GHSA-frmv-pr5f-9mcr", - "modified": "2025-11-27T09:10:30.649595Z" - }, - { - "id": "GHSA-qw25-v68c-qjf3", - "modified": "2025-11-11T15:28:46.308405Z" - }, - { - "id": "GHSA-rrqc-c2jx-6jgv", - "modified": "2024-10-30T19:23:59.139649Z" - }, - { - "id": "PYSEC-2021-98", - "modified": "2023-12-06T01:01:16.755410Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-m2qf-hxjv-5gpq", - "modified": "2025-02-21T05:42:17.337040Z" - }, - { - "id": "PYSEC-2023-62", - "modified": "2023-11-08T04:12:28.231927Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-9hjg-9r4m-mvj7", - "modified": "2025-06-09T19:27:13.389930Z" - }, - { - "id": "GHSA-9wx4-h78v-vm56", - "modified": "2024-07-15T22:12:27.987373Z" - }, - { - "id": "GHSA-j8r2-6x86-q33q", - "modified": "2025-02-13T19:20:45.182158Z" - }, - { - "id": "PYSEC-2023-74", - "modified": "2023-11-08T04:12:35.436175Z" - } - ] - }, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "GHSA-jjg7-2v4v-x38h", - "modified": "2025-11-05T20:30:45.121847Z" - }, - { - "id": "PYSEC-2024-60", - "modified": "2024-07-11T17:42:33.704488Z" - } - ] - }, - {}, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "GHSA-34jh-p97f-mpxf", - "modified": "2025-11-04T17:17:45.245584Z" - }, - { - "id": "GHSA-g4mx-q9vg-27p4", - "modified": "2025-11-04T17:00:24.358773Z" - }, - { - "id": "GHSA-pq67-6m6q-mj2v", - "modified": "2025-06-19T16:15:11.736637Z" - }, - { - "id": "GHSA-v845-jxx5-vc9f", - "modified": "2025-11-04T17:12:10.974241Z" - }, - { - "id": "GHSA-wqvq-5m8c-6g24", - "modified": "2024-11-18T22:47:07.792720Z" - }, - { - "id": "PYSEC-2020-148", - "modified": "2023-11-08T04:03:14.251187Z" - }, - { - "id": "PYSEC-2021-108", - "modified": "2023-11-08T04:06:04.829992Z" - }, - { - "id": "PYSEC-2023-192", - "modified": "2023-11-08T04:13:33.452167Z" - }, - { - "id": "PYSEC-2023-212", - "modified": "2023-11-08T04:13:39.165450Z" - } - ] - }, - {}, - { - "vulns": [ - { - "id": "GHSA-2gwj-7jmv-h26r", - "modified": "2025-02-21T05:41:10.759178Z" - }, - { - "id": "GHSA-53qw-q765-4fww", - "modified": "2024-09-20T16:09:39.890846Z" - }, - { - "id": "GHSA-6cw3-g6wv-c2xv", - "modified": "2024-09-20T15:47:27.155401Z" - }, - { - "id": "GHSA-6w2r-r2m5-xq5w", - "modified": "2025-11-05T20:52:11.756012Z" - }, - { - "id": "GHSA-7xr5-9hcq-chf9", - "modified": "2025-09-25T09:27:02.969281Z" - }, - { - "id": "GHSA-8c5j-9r9f-c6w8", - "modified": "2025-02-21T05:29:59.213830Z" - }, - { - "id": "GHSA-8x94-hmjh-97hq", - "modified": "2025-01-14T11:27:04.205746Z" - }, - { - "id": "GHSA-95rw-fx8r-36v6", - "modified": "2024-09-20T15:47:46.984048Z" - }, - { - "id": "GHSA-frmv-pr5f-9mcr", - "modified": "2025-11-27T09:10:30.649595Z" - }, - { - "id": "GHSA-jrh2-hc4r-7jwx", - "modified": "2024-09-20T12:22:54.101910Z" - }, - { - "id": "GHSA-qw25-v68c-qjf3", - "modified": "2025-11-11T15:28:46.308405Z" - }, - { - "id": "GHSA-rrqc-c2jx-6jgv", - "modified": "2024-10-30T19:23:59.139649Z" - }, - { - "id": "GHSA-v6rh-hp5x-86rv", - "modified": "2024-11-19T05:35:04.095106Z" - }, - { - "id": "GHSA-w24h-v9qh-8gxj", - "modified": "2025-02-21T05:41:01.294618Z" - }, - { - "id": "PYSEC-2021-439", - "modified": "2023-12-06T01:01:41.266810Z" - }, - { - "id": "PYSEC-2022-1", - "modified": "2023-12-06T01:01:43.028018Z" - }, - { - "id": "PYSEC-2022-19", - "modified": "2023-12-06T01:01:58.226668Z" - }, - { - "id": "PYSEC-2022-190", - "modified": "2023-12-06T01:02:11.594317Z" - }, - { - "id": "PYSEC-2022-191", - "modified": "2023-12-06T01:02:11.666037Z" - }, - { - "id": "PYSEC-2022-2", - "modified": "2023-12-06T01:01:43.088680Z" - }, - { - "id": "PYSEC-2022-20", - "modified": "2023-12-06T01:02:02.697371Z" - }, - { - "id": "PYSEC-2022-3", - "modified": "2023-12-06T01:01:43.819827Z" - } - ] - }, - {}, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "GHSA-68w8-qjq3-2gfm", - "modified": "2024-09-20T15:46:52.557962Z" - }, - { - "id": "GHSA-6w2r-r2m5-xq5w", - "modified": "2025-11-05T20:52:11.756012Z" - }, - { - "id": "GHSA-7xr5-9hcq-chf9", - "modified": "2025-09-25T09:27:02.969281Z" - }, - { - "id": "GHSA-8x94-hmjh-97hq", - "modified": "2025-01-14T11:27:04.205746Z" - }, - { - "id": "GHSA-frmv-pr5f-9mcr", - "modified": "2025-11-27T09:10:30.649595Z" - }, - { - "id": "GHSA-qw25-v68c-qjf3", - "modified": "2025-11-11T15:28:46.308405Z" - }, - { - "id": "GHSA-rrqc-c2jx-6jgv", - "modified": "2024-10-30T19:23:59.139649Z" - }, - { - "id": "PYSEC-2021-98", - "modified": "2023-12-06T01:01:16.755410Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-m2qf-hxjv-5gpq", - "modified": "2025-02-21T05:42:17.337040Z" - }, - { - "id": "PYSEC-2023-62", - "modified": "2023-11-08T04:12:28.231927Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-jjg7-2v4v-x38h", - "modified": "2025-11-05T20:30:45.121847Z" - }, - { - "id": "PYSEC-2024-60", - "modified": "2024-07-11T17:42:33.704488Z" - } - ] - }, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "GHSA-9hjg-9r4m-mvj7", - "modified": "2025-06-09T19:27:13.389930Z" - }, - { - "id": "GHSA-9wx4-h78v-vm56", - "modified": "2024-07-15T22:12:27.987373Z" - }, - { - "id": "GHSA-j8r2-6x86-q33q", - "modified": "2025-02-13T19:20:45.182158Z" - }, - { - "id": "PYSEC-2023-74", - "modified": "2023-11-08T04:12:35.436175Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-34jh-p97f-mpxf", - "modified": "2025-11-04T17:17:45.245584Z" - }, - { - "id": "GHSA-g4mx-q9vg-27p4", - "modified": "2025-11-04T17:00:24.358773Z" - }, - { - "id": "GHSA-pq67-6m6q-mj2v", - "modified": "2025-06-19T16:15:11.736637Z" - }, - { - "id": "GHSA-v845-jxx5-vc9f", - "modified": "2025-11-04T17:12:10.974241Z" - }, - { - "id": "GHSA-wqvq-5m8c-6g24", - "modified": "2024-11-18T22:47:07.792720Z" - }, - { - "id": "PYSEC-2020-148", - "modified": "2023-11-08T04:03:14.251187Z" - }, - { - "id": "PYSEC-2021-108", - "modified": "2023-11-08T04:06:04.829992Z" - }, - { - "id": "PYSEC-2023-192", - "modified": "2023-11-08T04:13:33.452167Z" - }, - { - "id": "PYSEC-2023-212", - "modified": "2023-11-08T04:13:39.165450Z" - } - ] - }, - {}, - {}, - { - "vulns": [ - { - "id": "GHSA-m2qf-hxjv-5gpq", - "modified": "2025-02-21T05:42:17.337040Z" - }, - { - "id": "PYSEC-2023-62", - "modified": "2023-11-08T04:12:28.231927Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-43qf-4rqw-9q2g", - "modified": "2025-11-03T21:57:24.048409Z" - }, - { - "id": "GHSA-7rxf-gvfg-47g4", - "modified": "2025-11-03T21:57:16.624715Z" - }, - { - "id": "GHSA-84pr-m4jr-85g5", - "modified": "2025-11-03T23:01:22.383418Z" - }, - { - "id": "GHSA-8vgw-p6qm-5gr7", - "modified": "2025-11-03T22:02:47.725498Z" - }, - { - "id": "GHSA-hxwh-jpp2-84pm", - "modified": "2025-04-07T20:13:56.570363Z" - }, - { - "id": "GHSA-xc3p-ff3m-f46v", - "modified": "2024-09-20T20:01:25.449661Z" - }, - { - "id": "PYSEC-2020-43", - "modified": "2025-10-09T07:22:50.566622Z" - }, - { - "id": "PYSEC-2024-71", - "modified": "2025-10-09T08:27:44.186589Z" - } - ] - }, - { - "vulns": [ - { - "id": "PYSEC-2020-73", - "modified": "2023-11-08T04:02:12.263851Z" - } - ] - } - ] - } - headers: - Content-Length: - - "6076" - Content-Type: - - application/json - status: 200 OK - code: 200 - duration: 0s - - id: 43 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 638 - host: api.osv.dev - body: | - { - "queries": [ - { - "package": { - "ecosystem": "npm", - "name": "has-flag" - }, - "version": "4.0.0" - }, - { - "package": { - "ecosystem": "npm", - "name": "wrappy" - }, - "version": "1.0.2" - }, - { - "package": { - "ecosystem": "Packagist", - "name": "league/flysystem" - }, - "version": "1.0.8" - }, - { - "package": { - "ecosystem": "Go", - "name": "stdlib" - }, - "version": "1.99.9" - }, - { - "package": { - "ecosystem": "Go", - "name": "toolchain" - }, - "version": "1.99.9" - } - ] - } - headers: - Content-Type: - - application/json - X-Test-Name: - - TestCommand/spdx_2.3_output - url: https://api.osv.dev/v1/querybatch - method: POST - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - content_length: 107 - body: | - { - "results": [ - {}, - {}, + "version": "1.99.9" + } + ] + } + headers: + Content-Type: + - application/json + X-Test-Name: + - TestCommand/spdx_2.3_output + url: https://api.osv.dev/v1/querybatch + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + content_length: 107 + body: | + { + "results": [ + {}, + {}, { "vulns": [ { @@ -7993,7 +7126,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 44 + - id: 42 request: proto: HTTP/1.1 proto_major: 1 @@ -8038,7 +7171,7 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 45 + - id: 43 request: proto: HTTP/1.1 proto_major: 1 diff --git a/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_CallAnalysis.yaml b/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_CallAnalysis.yaml index 6c45f02fb06..97dff2b4023 100644 --- a/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_CallAnalysis.yaml +++ b/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_CallAnalysis.yaml @@ -12,25 +12,25 @@ interactions: { "queries": [ { - "version": "1.3.1", "package": { - "name": "github.com/gogo/protobuf", - "ecosystem": "Go" - } + "ecosystem": "Go", + "name": "github.com/gogo/protobuf" + }, + "version": "1.3.1" }, { - "version": "1.0.0", "package": { - "name": "github.com/ipfs/go-bitfield", - "ecosystem": "Go" - } + "ecosystem": "Go", + "name": "github.com/ipfs/go-bitfield" + }, + "version": "1.0.0" }, { - "version": "0.4.0", "package": { - "name": "golang.org/x/image", - "ecosystem": "Go" - } + "ecosystem": "Go", + "name": "golang.org/x/image" + }, + "version": "0.4.0" } ] } @@ -130,11 +130,11 @@ interactions: { "queries": [ { - "version": "1.3.1", "package": { - "name": "github.com/gogo/protobuf", - "ecosystem": "Go" - } + "ecosystem": "Go", + "name": "github.com/gogo/protobuf" + }, + "version": "1.3.1" } ] } @@ -186,11 +186,11 @@ interactions: { "queries": [ { - "version": "1.3.1", "package": { - "name": "github.com/gogo/protobuf", - "ecosystem": "Go" - } + "ecosystem": "Go", + "name": "github.com/gogo/protobuf" + }, + "version": "1.3.1" } ] } diff --git a/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_Config_UnusedIgnores.yaml b/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_Config_UnusedIgnores.yaml index f2683261891..2e68c39bc42 100644 --- a/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_Config_UnusedIgnores.yaml +++ b/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_Config_UnusedIgnores.yaml @@ -139,7 +139,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -1434,7 +1434,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -2789,7 +2789,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, @@ -3908,7 +3908,7 @@ interactions: "vulns": [ { "id": "ALPINE-CVE-2025-26519", - "modified": "2025-11-19T06:21:21.194626Z" + "modified": "2025-12-03T22:58:36.705692Z" } ] }, diff --git a/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_Transitive.yaml b/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_Transitive.yaml index ca6994fd835..d8d13591097 100644 --- a/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_Transitive.yaml +++ b/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_Transitive.yaml @@ -1966,259 +1966,3 @@ interactions: status: 200 OK code: 200 duration: 0s - - id: 10 - request: - proto: HTTP/1.1 - proto_major: 1 - proto_minor: 1 - content_length: 1599 - host: api.osv.dev - body: | - { - "queries": [ - { - "package": { - "ecosystem": "PyPI", - "name": "certifi" - }, - "version": "2025.11.12" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "chardet" - }, - "version": "3.0.4" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "click" - }, - "version": "8.3.1" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "django" - }, - "version": "1.11.29" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "flask" - }, - "version": "1.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "idna" - }, - "version": "2.7" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "itsdangerous" - }, - "version": "2.2.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "jinja2" - }, - "version": "3.1.6" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "markupsafe" - }, - "version": "3.0.3" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "pytz" - }, - "version": "2025.2" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "requests" - }, - "version": "2.20.0" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "urllib3" - }, - "version": "1.24.3" - }, - { - "package": { - "ecosystem": "PyPI", - "name": "werkzeug" - }, - "version": "3.1.4" - } - ] - } - headers: - Content-Type: - - application/json - X-Test-Name: - - TestCommand_Transitive/uses_native_data_source_for_requirements.txt - url: https://api.osv.dev/v1/querybatch - method: POST - response: - proto: HTTP/2.0 - proto_major: 2 - proto_minor: 0 - content_length: 1803 - body: | - { - "results": [ - {}, - {}, - {}, - { - "vulns": [ - { - "id": "GHSA-68w8-qjq3-2gfm", - "modified": "2024-09-20T15:46:52.557962Z" - }, - { - "id": "GHSA-6w2r-r2m5-xq5w", - "modified": "2025-11-05T20:52:11.756012Z" - }, - { - "id": "GHSA-7xr5-9hcq-chf9", - "modified": "2025-09-25T09:27:02.969281Z" - }, - { - "id": "GHSA-8x94-hmjh-97hq", - "modified": "2025-01-14T11:27:04.205746Z" - }, - { - "id": "GHSA-frmv-pr5f-9mcr", - "modified": "2025-11-27T09:10:30.649595Z" - }, - { - "id": "GHSA-qw25-v68c-qjf3", - "modified": "2025-11-11T15:28:46.308405Z" - }, - { - "id": "GHSA-rrqc-c2jx-6jgv", - "modified": "2024-10-30T19:23:59.139649Z" - }, - { - "id": "PYSEC-2021-98", - "modified": "2023-12-06T01:01:16.755410Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-m2qf-hxjv-5gpq", - "modified": "2025-02-21T05:42:17.337040Z" - }, - { - "id": "PYSEC-2023-62", - "modified": "2023-11-08T04:12:28.231927Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-jjg7-2v4v-x38h", - "modified": "2025-11-05T20:30:45.121847Z" - }, - { - "id": "PYSEC-2024-60", - "modified": "2024-07-11T17:42:33.704488Z" - } - ] - }, - {}, - {}, - {}, - {}, - { - "vulns": [ - { - "id": "GHSA-9hjg-9r4m-mvj7", - "modified": "2025-06-09T19:27:13.389930Z" - }, - { - "id": "GHSA-9wx4-h78v-vm56", - "modified": "2024-07-15T22:12:27.987373Z" - }, - { - "id": "GHSA-j8r2-6x86-q33q", - "modified": "2025-02-13T19:20:45.182158Z" - }, - { - "id": "PYSEC-2023-74", - "modified": "2023-11-08T04:12:35.436175Z" - } - ] - }, - { - "vulns": [ - { - "id": "GHSA-34jh-p97f-mpxf", - "modified": "2025-11-04T17:17:45.245584Z" - }, - { - "id": "GHSA-g4mx-q9vg-27p4", - "modified": "2025-11-04T17:00:24.358773Z" - }, - { - "id": "GHSA-pq67-6m6q-mj2v", - "modified": "2025-06-19T16:15:11.736637Z" - }, - { - "id": "GHSA-v845-jxx5-vc9f", - "modified": "2025-11-04T17:12:10.974241Z" - }, - { - "id": "GHSA-wqvq-5m8c-6g24", - "modified": "2024-11-18T22:47:07.792720Z" - }, - { - "id": "PYSEC-2020-148", - "modified": "2023-11-08T04:03:14.251187Z" - }, - { - "id": "PYSEC-2021-108", - "modified": "2023-11-08T04:06:04.829992Z" - }, - { - "id": "PYSEC-2023-192", - "modified": "2023-11-08T04:13:33.452167Z" - }, - { - "id": "PYSEC-2023-212", - "modified": "2023-11-08T04:13:39.165450Z" - } - ] - }, - {} - ] - } - headers: - Content-Length: - - "1803" - Content-Type: - - application/json - status: 200 OK - code: 200 - duration: 0s diff --git a/internal/sourceanalysis/rust_test.go b/internal/sourceanalysis/rust_test.go index 1e1413e8360..9d7db5f281a 100644 --- a/internal/sourceanalysis/rust_test.go +++ b/internal/sourceanalysis/rust_test.go @@ -65,6 +65,8 @@ func Test_functionsFromDWARF(t *testing.T) { func Test_rustBuildSource(t *testing.T) { testutility.SkipIfNotAcceptanceTesting(t, "Requires rust toolchain to be installed") + testutility.SkipIfShort(t) + t.Parallel() cwd := testutility.GetCurrentWorkingDirectory(t) diff --git a/internal/testutility/utility.go b/internal/testutility/utility.go index 7cb6cfa2afa..8fd70a0013b 100644 --- a/internal/testutility/utility.go +++ b/internal/testutility/utility.go @@ -78,6 +78,7 @@ func IsAcceptanceTesting() bool { // SkipIfNotAcceptanceTesting marks the test as skipped unless the test suite is // being run with acceptance tests enabled, as indicated by IsAcceptanceTesting, // or the test is being run specifically with the -run flag +// This is used to skip tests that could require external dependencies other than go func SkipIfNotAcceptanceTesting(t *testing.T, reason string) { t.Helper() @@ -86,6 +87,16 @@ func SkipIfNotAcceptanceTesting(t *testing.T, reason string) { } } +// SkipIfShort marks the test as skipped if the short flag is set +// or the test is being run specifically with the -run flag +func SkipIfShort(t *testing.T) { + t.Helper() + + if testing.Short() && !isThisTestRunTarget(t) { + Skip(t, "Skipping long test: ", "Takes a while to run") + } +} + func ValueIfOnWindows(win, or string) string { if runtime.GOOS == "windows" { return win