Skip to content

Commit 2a68b95

Browse files
osv-robotgithub-actions[bot]
authored andcommitted
test: update snapshots
1 parent b56b519 commit 2a68b95

5 files changed

Lines changed: 1523 additions & 52 deletions

File tree

cmd/osv-scanner/scan/image/__snapshots__/command_test.snap

Lines changed: 60 additions & 42 deletions
Original file line numberDiff line numberDiff line change
@@ -448,8 +448,8 @@ Scanning local image tarball "./testdata/test-ubuntu.tar"
448448
449449
450450
Container Scanning Result (Ubuntu 22.04.5 LTS) (Based on "ubuntu" image):
451-
Total 26 packages affected by 83 known vulnerabilities (10 Critical, 21 High, 36 Medium, 5 Low, 11 Unknown) from 1 ecosystem.
452-
33 vulnerabilities can be fixed.
451+
Total 26 packages affected by 83 known vulnerabilities (10 Critical, 22 High, 36 Medium, 5 Low, 10 Unknown) from 1 ecosystem.
452+
36 vulnerabilities can be fixed.
453453
454454
455455
Ubuntu:22.04
@@ -479,7 +479,7 @@ Ubuntu:22.04
479479
| sed | 4.8-1ubuntu2 | Fix Available | 1 | sed | # 4 Layer | ubuntu |
480480
| shadow | 1:4.8.1-2ubuntu2.2 | No fix available | 2 | login, passwd | # 4 Layer | ubuntu |
481481
| systemd | 249.11-0ubuntu3.12 | Partial fixes Available | 4 | libsystemd0... (2) | # 4 Layer | ubuntu |
482-
| tar | 1.34+dfsg-1ubuntu0.1.22.04.2 | No fix available | 2 | tar | # 4 Layer | ubuntu |
482+
| tar | 1.34+dfsg-1ubuntu0.1.22.04.2 | Partial fixes Available | 2 | tar | # 4 Layer | ubuntu |
483483
| util-linux | 1:2.37.2-4ubuntu3.4 | No fix available | 5 | bsdutils | # 4 Layer | ubuntu |
484484
| util-linux | 2.37.2-4ubuntu3.4 | Partial fixes Available | 6 | libblkid1... (6) | # 4 Layer | ubuntu |
485485
| xz-utils | 5.2.5-2ubuntu1 | Fix Available | 1 | liblzma5 | # 4 Layer | ubuntu |
@@ -501,8 +501,8 @@ Scanning local image tarball "./testdata/test-ubuntu.tar"
501501
502502
503503
Container Scanning Result (Ubuntu 22.04.5 LTS) (Based on "ubuntu" image):
504-
Total 26 packages affected by 83 known vulnerabilities (10 Critical, 21 High, 36 Medium, 5 Low, 11 Unknown) from 1 ecosystem.
505-
33 vulnerabilities can be fixed.
504+
Total 26 packages affected by 83 known vulnerabilities (10 Critical, 22 High, 36 Medium, 5 Low, 10 Unknown) from 1 ecosystem.
505+
36 vulnerabilities can be fixed.
506506
507507
508508
Ubuntu:22.04
@@ -532,7 +532,7 @@ Ubuntu:22.04
532532
| sed | 4.8-1ubuntu2 | Fix Available | 1 | sed | # 4 Layer | ubuntu |
533533
| shadow | 1:4.8.1-2ubuntu2.2 | No fix available | 2 | login, passwd | # 4 Layer | ubuntu |
534534
| systemd | 249.11-0ubuntu3.12 | Partial fixes Available | 4 | libsystemd0... (2) | # 4 Layer | ubuntu |
535-
| tar | 1.34+dfsg-1ubuntu0.1.22.04.2 | No fix available | 2 | tar | # 4 Layer | ubuntu |
535+
| tar | 1.34+dfsg-1ubuntu0.1.22.04.2 | Partial fixes Available | 2 | tar | # 4 Layer | ubuntu |
536536
| util-linux | 1:2.37.2-4ubuntu3.4 | No fix available | 5 | bsdutils | # 4 Layer | ubuntu |
537537
| util-linux | 2.37.2-4ubuntu3.4 | Partial fixes Available | 6 | libblkid1... (6) | # 4 Layer | ubuntu |
538538
| xz-utils | 5.2.5-2ubuntu1 | Fix Available | 1 | liblzma5 | # 4 Layer | ubuntu |
@@ -573,8 +573,8 @@ Scanning local image tarball "./testdata/test-ubuntu-with-packages.tar"
573573
574574
575575
Container Scanning Result (Ubuntu 22.04.5 LTS) (Based on "ubuntu" image):
576-
Total 26 packages affected by 83 known vulnerabilities (10 Critical, 21 High, 36 Medium, 5 Low, 11 Unknown) from 1 ecosystem.
577-
33 vulnerabilities can be fixed.
576+
Total 26 packages affected by 83 known vulnerabilities (10 Critical, 22 High, 36 Medium, 5 Low, 10 Unknown) from 1 ecosystem.
577+
36 vulnerabilities can be fixed.
578578
579579
580580
Ubuntu:22.04
@@ -604,7 +604,7 @@ Ubuntu:22.04
604604
| sed | 4.8-1ubuntu2 | Fix Available | 1 | sed | # 4 Layer | ubuntu |
605605
| shadow | 1:4.8.1-2ubuntu2.2 | No fix available | 2 | login, passwd | # 4 Layer | ubuntu |
606606
| systemd | 249.11-0ubuntu3.12 | Partial fixes Available | 4 | libsystemd0... (2) | # 4 Layer | ubuntu |
607-
| tar | 1.34+dfsg-1ubuntu0.1.22.04.2 | No fix available | 2 | tar | # 4 Layer | ubuntu |
607+
| tar | 1.34+dfsg-1ubuntu0.1.22.04.2 | Partial fixes Available | 2 | tar | # 4 Layer | ubuntu |
608608
| util-linux | 1:2.37.2-4ubuntu3.4 | No fix available | 5 | bsdutils | # 4 Layer | ubuntu |
609609
| util-linux | 2.37.2-4ubuntu3.4 | Partial fixes Available | 6 | libblkid1... (6) | # 4 Layer | ubuntu |
610610
| xz-utils | 5.2.5-2ubuntu1 | Fix Available | 1 | liblzma5 | # 4 Layer | ubuntu |
@@ -626,7 +626,7 @@ Scanning local image tarball "./testdata/test-java-full.tar"
626626
627627
628628
Container Scanning Result (Alpine Linux v3.21) (Based on "eclipse-temurin" image):
629-
Total 35 packages affected by 136 known vulnerabilities (6 Critical, 66 High, 56 Medium, 7 Low, 1 Unknown) from 2 ecosystems.
629+
Total 35 packages affected by 136 known vulnerabilities (5 Critical, 67 High, 56 Medium, 7 Low, 1 Unknown) from 2 ecosystems.
630630
136 vulnerabilities can be fixed.
631631
632632
@@ -1061,52 +1061,52 @@ Scanning local image tarball "./testdata/test-chisel.tar"
10611061
10621062
10631063
Container Scanning Result (Ubuntu 26.04 LTS):
1064-
Total 7 packages affected by 121 known vulnerabilities (0 Critical, 0 High, 1 Medium, 0 Low, 120 Unknown) from 2 ecosystems.
1065-
120 vulnerabilities can be fixed.
1064+
Total 7 packages affected by 139 known vulnerabilities (0 Critical, 0 High, 1 Medium, 0 Low, 138 Unknown) from 2 ecosystems.
1065+
138 vulnerabilities can be fixed.
10661066
10671067
10681068
Go
10691069
+---------------------------------------------------------------------------------------------+
1070-
| Source:artifact:/usr/lib/go-1.25/bin/go |
1070+
| Source:artifact:/usr/lib/go-1.26/bin/go |
10711071
+---------+-------------------+---------------+------------+------------------+---------------+
10721072
| PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE |
10731073
+---------+-------------------+---------------+------------+------------------+---------------+
1074-
| stdlib | 1.25.7 | Fix Available | 20 | # 0 Layer | -- |
1074+
| stdlib | 1.26.0 | Fix Available | 23 | # 0 Layer | -- |
10751075
+---------+-------------------+---------------+------------+------------------+---------------+
10761076
+---------------------------------------------------------------------------------------------+
1077-
| Source:artifact:/usr/lib/go-1.25/bin/gofmt |
1077+
| Source:artifact:/usr/lib/go-1.26/bin/gofmt |
10781078
+---------+-------------------+---------------+------------+------------------+---------------+
10791079
| PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE |
10801080
+---------+-------------------+---------------+------------+------------------+---------------+
1081-
| stdlib | 1.25.7 | Fix Available | 20 | # 0 Layer | -- |
1081+
| stdlib | 1.26.0 | Fix Available | 23 | # 0 Layer | -- |
10821082
+---------+-------------------+---------------+------------+------------------+---------------+
10831083
+---------------------------------------------------------------------------------------------+
1084-
| Source:artifact:/usr/lib/go-1.25/pkg/tool/linux_amd64/asm |
1084+
| Source:artifact:/usr/lib/go-1.26/pkg/tool/linux_amd64/asm |
10851085
+---------+-------------------+---------------+------------+------------------+---------------+
10861086
| PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE |
10871087
+---------+-------------------+---------------+------------+------------------+---------------+
1088-
| stdlib | 1.25.7 | Fix Available | 20 | # 0 Layer | -- |
1088+
| stdlib | 1.26.0 | Fix Available | 23 | # 0 Layer | -- |
10891089
+---------+-------------------+---------------+------------+------------------+---------------+
10901090
+---------------------------------------------------------------------------------------------+
1091-
| Source:artifact:/usr/lib/go-1.25/pkg/tool/linux_amd64/compile |
1091+
| Source:artifact:/usr/lib/go-1.26/pkg/tool/linux_amd64/compile |
10921092
+---------+-------------------+---------------+------------+------------------+---------------+
10931093
| PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE |
10941094
+---------+-------------------+---------------+------------+------------------+---------------+
1095-
| stdlib | 1.25.7 | Fix Available | 20 | # 0 Layer | -- |
1095+
| stdlib | 1.26.0 | Fix Available | 23 | # 0 Layer | -- |
10961096
+---------+-------------------+---------------+------------+------------------+---------------+
10971097
+---------------------------------------------------------------------------------------------+
1098-
| Source:artifact:/usr/lib/go-1.25/pkg/tool/linux_amd64/link |
1098+
| Source:artifact:/usr/lib/go-1.26/pkg/tool/linux_amd64/link |
10991099
+---------+-------------------+---------------+------------+------------------+---------------+
11001100
| PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE |
11011101
+---------+-------------------+---------------+------------+------------------+---------------+
1102-
| stdlib | 1.25.7 | Fix Available | 20 | # 0 Layer | -- |
1102+
| stdlib | 1.26.0 | Fix Available | 23 | # 0 Layer | -- |
11031103
+---------+-------------------+---------------+------------+------------------+---------------+
11041104
+---------------------------------------------------------------------------------------------+
1105-
| Source:artifact:/usr/lib/go-1.25/pkg/tool/linux_amd64/vet |
1105+
| Source:artifact:/usr/lib/go-1.26/pkg/tool/linux_amd64/vet |
11061106
+---------+-------------------+---------------+------------+------------------+---------------+
11071107
| PACKAGE | INSTALLED VERSION | FIX AVAILABLE | VULN COUNT | INTRODUCED LAYER | IN BASE IMAGE |
11081108
+---------+-------------------+---------------+------------+------------------+---------------+
1109-
| stdlib | 1.25.7 | Fix Available | 20 | # 0 Layer | -- |
1109+
| stdlib | 1.26.0 | Fix Available | 23 | # 0 Layer | -- |
11101110
+---------+-------------------+---------------+------------+------------------+---------------+
11111111
Ubuntu:26.04
11121112
+-------------------------------------------------------------------------------------------------------------------------------------------+
@@ -3041,26 +3041,29 @@ Scanning local image tarball "./testdata/test-alpine-etcshadow.tar"
30413041
"results": [
30423042
{
30433043
"source": {
3044-
"path": "/usr/lib/go-1.25/bin/go",
3044+
"path": "/usr/lib/go-1.26/bin/go",
30453045
"type": "artifact"
30463046
},
30473047
"packages": [
30483048
{
30493049
"package": {
30503050
"name": "stdlib",
3051-
"version": "1.25.7",
3051+
"version": "1.26.0",
30523052
"ecosystem": "Go",
30533053
"image_origin_details": {
30543054
"index": 0
30553055
}
30563056
},
3057-
"groups": 20,
3057+
"groups": 23,
30583058
"vulnerabilities": [
3059+
"GO-2026-4599",
3060+
"GO-2026-4600",
30593061
"GO-2026-4601",
30603062
"GO-2026-4602",
30613063
"GO-2026-4603",
30623064
"GO-2026-4864",
30633065
"GO-2026-4865",
3066+
"GO-2026-4866",
30643067
"GO-2026-4869",
30653068
"GO-2026-4870",
30663069
"GO-2026-4918",
@@ -3082,26 +3085,29 @@ Scanning local image tarball "./testdata/test-alpine-etcshadow.tar"
30823085
},
30833086
{
30843087
"source": {
3085-
"path": "/usr/lib/go-1.25/bin/gofmt",
3088+
"path": "/usr/lib/go-1.26/bin/gofmt",
30863089
"type": "artifact"
30873090
},
30883091
"packages": [
30893092
{
30903093
"package": {
30913094
"name": "stdlib",
3092-
"version": "1.25.7",
3095+
"version": "1.26.0",
30933096
"ecosystem": "Go",
30943097
"image_origin_details": {
30953098
"index": 0
30963099
}
30973100
},
3098-
"groups": 20,
3101+
"groups": 23,
30993102
"vulnerabilities": [
3103+
"GO-2026-4599",
3104+
"GO-2026-4600",
31003105
"GO-2026-4601",
31013106
"GO-2026-4602",
31023107
"GO-2026-4603",
31033108
"GO-2026-4864",
31043109
"GO-2026-4865",
3110+
"GO-2026-4866",
31053111
"GO-2026-4869",
31063112
"GO-2026-4870",
31073113
"GO-2026-4918",
@@ -3123,26 +3129,29 @@ Scanning local image tarball "./testdata/test-alpine-etcshadow.tar"
31233129
},
31243130
{
31253131
"source": {
3126-
"path": "/usr/lib/go-1.25/pkg/tool/linux_amd64/asm",
3132+
"path": "/usr/lib/go-1.26/pkg/tool/linux_amd64/asm",
31273133
"type": "artifact"
31283134
},
31293135
"packages": [
31303136
{
31313137
"package": {
31323138
"name": "stdlib",
3133-
"version": "1.25.7",
3139+
"version": "1.26.0",
31343140
"ecosystem": "Go",
31353141
"image_origin_details": {
31363142
"index": 0
31373143
}
31383144
},
3139-
"groups": 20,
3145+
"groups": 23,
31403146
"vulnerabilities": [
3147+
"GO-2026-4599",
3148+
"GO-2026-4600",
31413149
"GO-2026-4601",
31423150
"GO-2026-4602",
31433151
"GO-2026-4603",
31443152
"GO-2026-4864",
31453153
"GO-2026-4865",
3154+
"GO-2026-4866",
31463155
"GO-2026-4869",
31473156
"GO-2026-4870",
31483157
"GO-2026-4918",
@@ -3164,26 +3173,29 @@ Scanning local image tarball "./testdata/test-alpine-etcshadow.tar"
31643173
},
31653174
{
31663175
"source": {
3167-
"path": "/usr/lib/go-1.25/pkg/tool/linux_amd64/compile",
3176+
"path": "/usr/lib/go-1.26/pkg/tool/linux_amd64/compile",
31683177
"type": "artifact"
31693178
},
31703179
"packages": [
31713180
{
31723181
"package": {
31733182
"name": "stdlib",
3174-
"version": "1.25.7",
3183+
"version": "1.26.0",
31753184
"ecosystem": "Go",
31763185
"image_origin_details": {
31773186
"index": 0
31783187
}
31793188
},
3180-
"groups": 20,
3189+
"groups": 23,
31813190
"vulnerabilities": [
3191+
"GO-2026-4599",
3192+
"GO-2026-4600",
31823193
"GO-2026-4601",
31833194
"GO-2026-4602",
31843195
"GO-2026-4603",
31853196
"GO-2026-4864",
31863197
"GO-2026-4865",
3198+
"GO-2026-4866",
31873199
"GO-2026-4869",
31883200
"GO-2026-4870",
31893201
"GO-2026-4918",
@@ -3205,26 +3217,29 @@ Scanning local image tarball "./testdata/test-alpine-etcshadow.tar"
32053217
},
32063218
{
32073219
"source": {
3208-
"path": "/usr/lib/go-1.25/pkg/tool/linux_amd64/link",
3220+
"path": "/usr/lib/go-1.26/pkg/tool/linux_amd64/link",
32093221
"type": "artifact"
32103222
},
32113223
"packages": [
32123224
{
32133225
"package": {
32143226
"name": "stdlib",
3215-
"version": "1.25.7",
3227+
"version": "1.26.0",
32163228
"ecosystem": "Go",
32173229
"image_origin_details": {
32183230
"index": 0
32193231
}
32203232
},
3221-
"groups": 20,
3233+
"groups": 23,
32223234
"vulnerabilities": [
3235+
"GO-2026-4599",
3236+
"GO-2026-4600",
32233237
"GO-2026-4601",
32243238
"GO-2026-4602",
32253239
"GO-2026-4603",
32263240
"GO-2026-4864",
32273241
"GO-2026-4865",
3242+
"GO-2026-4866",
32283243
"GO-2026-4869",
32293244
"GO-2026-4870",
32303245
"GO-2026-4918",
@@ -3246,26 +3261,29 @@ Scanning local image tarball "./testdata/test-alpine-etcshadow.tar"
32463261
},
32473262
{
32483263
"source": {
3249-
"path": "/usr/lib/go-1.25/pkg/tool/linux_amd64/vet",
3264+
"path": "/usr/lib/go-1.26/pkg/tool/linux_amd64/vet",
32503265
"type": "artifact"
32513266
},
32523267
"packages": [
32533268
{
32543269
"package": {
32553270
"name": "stdlib",
3256-
"version": "1.25.7",
3271+
"version": "1.26.0",
32573272
"ecosystem": "Go",
32583273
"image_origin_details": {
32593274
"index": 0
32603275
}
32613276
},
3262-
"groups": 20,
3277+
"groups": 23,
32633278
"vulnerabilities": [
3279+
"GO-2026-4599",
3280+
"GO-2026-4600",
32643281
"GO-2026-4601",
32653282
"GO-2026-4602",
32663283
"GO-2026-4603",
32673284
"GO-2026-4864",
32683285
"GO-2026-4865",
3286+
"GO-2026-4866",
32693287
"GO-2026-4869",
32703288
"GO-2026-4870",
32713289
"GO-2026-4918",

0 commit comments

Comments
 (0)