Skip to content

fix: Fix slight inconsistency in for-human formats #2581

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Ly-Joey merged 4 commits into from
Mar 4, 2026
+286 −275
Merged

fix: Fix slight inconsistency in for-human formats #2581

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
168dfd9
Fix formatting that's been bugging me since Oct
Ly-Joey Mar 4, 2026
d6537aa
Add --format vertical to docs
Ly-Joey Mar 4, 2026
04dc185
snapshots
Ly-Joey Mar 4, 2026
5f66efe
More snaps
Ly-Joey Mar 4, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 26 additions & 1 deletion cmd/osv-scanner/scan/image/__snapshots__/command_test.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@ Checking if docker image ("alpine:3.18.9") exists locally...
Saving docker image ("alpine:3.18.9") to temporary file...
Scanning image "alpine:3.18.9"


Container Scanning Result (Alpine Linux v3.18) (Based on "alpine" image):
Total 2 packages affected by 3 known vulnerabilities (0 Critical, 1 High, 2 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
3 vulnerabilities can be fixed.
Expand Down Expand Up @@ -112,6 +113,7 @@ No issues found
[TestCommand_ExplicitExtractors_WithDefaults/add_extractors - 1]
Scanning local image tarball "testdata/test-alpine-sbom.tar"


Container Scanning Result (Alpine Linux v3.10) (Based on "alpine" image):
Total 2 packages affected by 2 known vulnerabilities (2 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 2 ecosystems.
1 vulnerability can be fixed.
Expand Down Expand Up @@ -146,6 +148,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_ExplicitExtractors_WithDefaults/extractors_cancelled_out - 1]
Scanning local image tarball "testdata/test-alpine-sbom.tar"


Container Scanning Result (Alpine Linux v3.10) (Based on "alpine" image):
Total 1 package affected by 1 known vulnerability (1 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
1 vulnerability can be fixed.
Expand All @@ -172,6 +175,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_ExplicitExtractors_WithDefaults/extractors_cancelled_out#01 - 1]
Scanning local image tarball "testdata/test-alpine-sbom.tar"


Container Scanning Result (Alpine Linux v3.10) (Based on "alpine" image):
Total 1 package affected by 1 known vulnerability (1 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
1 vulnerability can be fixed.
Expand All @@ -198,6 +202,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_ExplicitExtractors_WithDefaults/extractors_cancelled_out_with_presets - 1]
Scanning local image tarball "testdata/test-alpine-sbom.tar"


Container Scanning Result (Alpine Linux v3.10) (Based on "alpine" image):
Total 1 package affected by 1 known vulnerability (1 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
1 vulnerability can be fixed.
Expand All @@ -223,10 +228,10 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne

[TestCommand_ExplicitExtractors_WithoutDefaults/add_extractors - 1]
Scanning local image tarball "testdata/test-alpine-sbom.tar"

Total 1 package affected by 1 known vulnerability (1 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
0 vulnerabilities can be fixed.


+---------------------------------------+------+-----------+---------+-----------+---------------+---------------------------------------------------+
| OSV URL | CVSS | ECOSYSTEM | PACKAGE | VERSION | FIXED VERSION | SOURCE |
+---------------------------------------+------+-----------+---------+-----------+---------------+---------------------------------------------------+
Expand Down Expand Up @@ -275,6 +280,7 @@ HTML output available at: <tempdir>/report.html
[TestCommand_OCIImage/Alpine_3.10_image_tar_with_3.18_version_file - 1]
Scanning local image tarball "./testdata/test-alpine.tar"


Container Scanning Result (Alpine Linux v3.18) (Based on "alpine" image):
Total 5 packages affected by 65 known vulnerabilities (6 Critical, 33 High, 26 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
65 vulnerabilities can be fixed.
Expand Down Expand Up @@ -344,6 +350,7 @@ Package Ubuntu:20.04/util-linux/2.34-0.1ubuntu9.6 has been filtered out because:
Package Ubuntu:20.04/zlib/1:1.2.11.dfsg-2ubuntu1.5 has been filtered out because: Just want to test only unimportant vulns
Filtered 38 ignored package/s from the scan.


Container Scanning Result (Ubuntu 20.04.6 LTS) (Based on "ubuntu" image):
Total 0 packages affected by 0 known vulnerabilities (0 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
0 vulnerabilities can be fixed.
Expand Down Expand Up @@ -402,6 +409,7 @@ Package Ubuntu:20.04/util-linux/2.34-0.1ubuntu9.6 has been filtered out because:
Package Ubuntu:20.04/zlib/1:1.2.11.dfsg-2ubuntu1.5 has been filtered out because: Just want to test only unimportant vulns
Filtered 38 ignored package/s from the scan.


Container Scanning Result (Ubuntu 20.04.6 LTS) (Based on "ubuntu" image):
Total 0 packages affected by 0 known vulnerabilities (0 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
0 vulnerabilities can be fixed.
Expand All @@ -427,6 +435,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/Empty_Ubuntu_22.04_image_tar - 1]
Scanning local image tarball "./testdata/test-ubuntu.tar"


Container Scanning Result (Ubuntu 22.04.5 LTS) (Based on "ubuntu" image):
Total 20 packages affected by 45 known vulnerabilities (3 Critical, 13 High, 24 Medium, 3 Low, 2 Unknown) from 1 ecosystem.
24 vulnerabilities can be fixed.
Expand Down Expand Up @@ -473,6 +482,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/Empty_Ubuntu_22.04_image_tar_with_unimportant_vulns - 1]
Scanning local image tarball "./testdata/test-ubuntu.tar"


Container Scanning Result (Ubuntu 22.04.5 LTS) (Based on "ubuntu" image):
Total 20 packages affected by 45 known vulnerabilities (3 Critical, 13 High, 24 Medium, 3 Low, 2 Unknown) from 1 ecosystem.
24 vulnerabilities can be fixed.
Expand Down Expand Up @@ -538,6 +548,7 @@ failed to load image from tarball with path "../../testdata/locks-manyoci-image/
[TestCommand_OCIImage/Scanning_Ubuntu_image_with_go_OS_packages_json - 1]
Scanning local image tarball "./testdata/test-ubuntu-with-packages.tar"


Container Scanning Result (Ubuntu 22.04.5 LTS) (Based on "ubuntu" image):
Total 20 packages affected by 45 known vulnerabilities (3 Critical, 13 High, 24 Medium, 3 Low, 2 Unknown) from 1 ecosystem.
24 vulnerabilities can be fixed.
Expand Down Expand Up @@ -584,6 +595,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/Scanning_java_image_with_some_packages - 1]
Scanning local image tarball "./testdata/test-java-full.tar"


Container Scanning Result (Alpine Linux v3.21) (Based on "eclipse-temurin" image):
Total 24 packages affected by 61 known vulnerabilities (4 Critical, 24 High, 29 Medium, 3 Low, 1 Unknown) from 2 ecosystems.
61 vulnerabilities can be fixed.
Expand Down Expand Up @@ -640,6 +652,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/Scanning_python_image_with_no_packages - 1]
Scanning local image tarball "./testdata/test-python-empty.tar"


Container Scanning Result (Debian GNU/Linux 10 (buster)) (Based on "python" image):
Total 15 packages affected by 27 known vulnerabilities (0 Critical, 7 High, 4 Medium, 2 Low, 14 Unknown) from 2 ecosystems.
27 vulnerabilities can be fixed.
Expand Down Expand Up @@ -711,6 +724,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/Scanning_python_image_with_some_packages - 1]
Scanning local image tarball "./testdata/test-python-full.tar"


Container Scanning Result (Debian GNU/Linux 10 (buster)) (Based on "python" image):
Total 21 packages affected by 51 known vulnerabilities (1 Critical, 18 High, 15 Medium, 2 Low, 15 Unknown) from 2 ecosystems.
51 vulnerabilities can be fixed.
Expand Down Expand Up @@ -824,6 +838,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/scanning_image_with_go_binary - 1]
Scanning local image tarball "./testdata/test-package-tracing.tar"


Container Scanning Result (Alpine Linux v3.20) (Based on "alpine" image):
Total 9 packages affected by 195 known vulnerabilities (2 Critical, 6 High, 11 Medium, 2 Low, 174 Unknown) from 2 ecosystems.
195 vulnerabilities can be fixed.
Expand Down Expand Up @@ -895,6 +910,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/scanning_insecure_alpine_image_with_detector_preset - 1]
Scanning local image tarball "./testdata/test-alpine-etcshadow.tar"


Container Scanning Result (Alpine Linux v3.10) (Based on "alpine" image):
Total 1 package affected by 1 known vulnerability (1 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
1 vulnerability can be fixed.
Expand All @@ -921,6 +937,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/scanning_insecure_alpine_image_with_specific_detector_disabled - 1]
Scanning local image tarball "./testdata/test-alpine-etcshadow.tar"


Container Scanning Result (Alpine Linux v3.10) (Based on "alpine" image):
Total 1 package affected by 1 known vulnerability (1 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
1 vulnerability can be fixed.
Expand All @@ -947,6 +964,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/scanning_insecure_alpine_image_with_specific_detector_enabled - 1]
Scanning local image tarball "./testdata/test-alpine-etcshadow.tar"


Container Scanning Result (Alpine Linux v3.10) (Based on "alpine" image):
Total 1 package affected by 1 known vulnerability (1 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
1 vulnerability can be fixed.
Expand All @@ -973,6 +991,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/scanning_insecure_alpine_image_without_detectors - 1]
Scanning local image tarball "./testdata/test-alpine-etcshadow.tar"


Container Scanning Result (Alpine Linux v3.10) (Based on "alpine" image):
Total 1 package affected by 1 known vulnerability (1 Critical, 0 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
1 vulnerability can be fixed.
Expand All @@ -999,6 +1018,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/scanning_node_modules_using_npm_with_no_packages - 1]
Scanning local image tarball "./testdata/test-node_modules-npm-empty.tar"


Container Scanning Result (Alpine Linux v3.19) (Based on "library/node" image):
Total 2 packages affected by 15 known vulnerabilities (1 Critical, 3 High, 9 Medium, 2 Low, 0 Unknown) from 1 ecosystem.
15 vulnerabilities can be fixed.
Expand Down Expand Up @@ -1026,6 +1046,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/scanning_node_modules_using_npm_with_some_packages - 1]
Scanning local image tarball "./testdata/test-node_modules-npm-full.tar"


Container Scanning Result (Alpine Linux v3.19) (Based on "library/node" image):
Total 4 packages affected by 18 known vulnerabilities (3 Critical, 3 High, 10 Medium, 2 Low, 0 Unknown) from 2 ecosystems.
17 vulnerabilities can be fixed.
Expand Down Expand Up @@ -1062,6 +1083,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/scanning_node_modules_using_pnpm_with_no_packages - 1]
Scanning local image tarball "./testdata/test-node_modules-pnpm-empty.tar"


Container Scanning Result (Alpine Linux v3.19) (Based on "library/node" image):
Total 2 packages affected by 15 known vulnerabilities (1 Critical, 3 High, 9 Medium, 2 Low, 0 Unknown) from 1 ecosystem.
15 vulnerabilities can be fixed.
Expand Down Expand Up @@ -1089,6 +1111,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/scanning_node_modules_using_pnpm_with_some_packages - 1]
Scanning local image tarball "./testdata/test-node_modules-pnpm-full.tar"


Container Scanning Result (Alpine Linux v3.19) (Based on "library/node" image):
Total 2 packages affected by 15 known vulnerabilities (1 Critical, 3 High, 9 Medium, 2 Low, 0 Unknown) from 1 ecosystem.
15 vulnerabilities can be fixed.
Expand Down Expand Up @@ -1116,6 +1139,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/scanning_node_modules_using_yarn_with_no_packages - 1]
Scanning local image tarball "./testdata/test-node_modules-yarn-empty.tar"


Container Scanning Result (Alpine Linux v3.19) (Based on "library/node" image):
Total 2 packages affected by 15 known vulnerabilities (1 Critical, 3 High, 9 Medium, 2 Low, 0 Unknown) from 1 ecosystem.
15 vulnerabilities can be fixed.
Expand Down Expand Up @@ -1143,6 +1167,7 @@ You can also view the full vulnerability list in your terminal with: `osv-scanne
[TestCommand_OCIImage/scanning_node_modules_using_yarn_with_some_packages - 1]
Scanning local image tarball "./testdata/test-node_modules-yarn-full.tar"


Container Scanning Result (Alpine Linux v3.19) (Based on "library/node" image):
Total 2 packages affected by 15 known vulnerabilities (1 Critical, 3 High, 9 Medium, 2 Low, 0 Unknown) from 1 ecosystem.
15 vulnerabilities can be fixed.
Expand Down
Loading
Loading