From 63d4975282b04506b29ff7209c97ec21e9c90322 Mon Sep 17 00:00:00 2001 From: Xueqin Cui Date: Tue, 25 Nov 2025 13:55:41 +1100 Subject: [PATCH 1/2] update --- go.mod | 2 +- go.sum | 2 + .../__snapshots__/githubannotation_test.snap | 44 +++++++++---------- 3 files changed, 25 insertions(+), 23 deletions(-) diff --git a/go.mod b/go.mod index b56cf30ad03..885163d6375 100644 --- a/go.mod +++ b/go.mod @@ -20,7 +20,7 @@ require ( github.com/google/go-cmp v0.7.0 github.com/google/osv-scalibr v0.4.1-0.20251124120611-2d912db27794 github.com/ianlancetaylor/demangle v0.0.0-20251114061303-68c556c8ce09 - github.com/jedib0t/go-pretty/v6 v6.7.2 + github.com/jedib0t/go-pretty/v6 v6.7.5 github.com/modelcontextprotocol/go-sdk v1.1.0 github.com/muesli/reflow v0.3.0 github.com/opencontainers/go-digest v1.0.0 diff --git a/go.sum b/go.sum index 365a3e2935d..fc6fe32f663 100644 --- a/go.sum +++ b/go.sum @@ -275,6 +275,8 @@ github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOl github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= github.com/jedib0t/go-pretty/v6 v6.7.2 h1:EYWgQNIH/+JsyHki7ns9OHyBKuHPkzrBo02uYjran7w= github.com/jedib0t/go-pretty/v6 v6.7.2/go.mod h1:YwC5CE4fJ1HFUDeivSV1r//AmANFHyqczZk+U6BDALU= +github.com/jedib0t/go-pretty/v6 v6.7.5 h1:9dJSWTJnsXJVVAbvxIFxeHf/JxoJd7GUl5o3UzhtuiM= +github.com/jedib0t/go-pretty/v6 v6.7.5/go.mod h1:YwC5CE4fJ1HFUDeivSV1r//AmANFHyqczZk+U6BDALU= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= github.com/kevinburke/ssh_config v1.2.0 h1:x584FjTGwHzMwvHx18PXxbBVzfnxogHaAReU4gf13a4= github.com/kevinburke/ssh_config v1.2.0/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM= diff --git a/internal/output/__snapshots__/githubannotation_test.snap b/internal/output/__snapshots__/githubannotation_test.snap index 9cfbe8d4fc0..e67d9e857db 100755 --- a/internal/output/__snapshots__/githubannotation_test.snap +++ b/internal/output/__snapshots__/githubannotation_test.snap @@ -1,26 +1,26 @@ [TestPrintGHAnnotationReport_WithLicenseViolations/multiple_sources_with_a_mixed_count_of_packages,_no_license_violations - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/multiple_sources_with_a_mixed_count_of_packages,_some_license_violations - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/multiple_sources_with_a_mixed_count_of_packages,_some_license_violations#01 - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/multiple_sources_with_a_mixed_count_of_packages_across_ecosystems,_some_license_violations - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/multiple_sources_with_a_mixed_count_of_packages_and_groups,_some_license_violations - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/multiple_sources_with_no_packages - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/no_sources - 1] @@ -28,43 +28,43 @@ --- [TestPrintGHAnnotationReport_WithLicenseViolations/one_source_with_no_packages - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/one_source_with_one_package,_no_license_violations - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/one_source_with_one_package,_no_licenses - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/one_source_with_one_package_and_an_unknown_license - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/one_source_with_one_package_and_multiple_license_violations - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/one_source_with_one_package_and_one_license_violation - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/one_source_with_one_package_and_one_license_violation_(dev) - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/one_source_with_one_package_with_both_a_version_and_a_commit_and_one_license_violation - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/one_source_with_one_package_with_just_a_commit_and_one_license_violation - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithLicenseViolations/two_sources_with_packages,_one_license_violation - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithMixedIssues/multiple_sources_with_a_mixed_count_of_packages,_some_called_vulnerabilities_and_license_violations - 1] @@ -96,7 +96,7 @@ --- [TestPrintGHAnnotationReport_WithMixedIssues/two_sources_with_packages,_one_vulnerability,_one_license_violation - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+-----------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+-----------------------+------+-----------------+---------------+%0A| mine1 | https://osv.dev/OSV-1 | | 1.2.3 | |%0A+---------+-----------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+-----------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+-----------------------+------+-----------------+---------------+%0A| mine1 | https://osv.dev/OSV-1 | | 1.2.3 | |%0A+---------+-----------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithVulnerabilities/multiple_sources_with_a_mixed_count_of_grouped_packages,_and_multiple_vulnerabilities - 1] @@ -108,7 +108,7 @@ --- [TestPrintGHAnnotationReport_WithVulnerabilities/multiple_sources_with_a_mixed_count_of_packages,_no_vulnerabilities - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithVulnerabilities/multiple_sources_with_a_mixed_count_of_packages,_some_vulnerabilities - 1] @@ -128,7 +128,7 @@ --- [TestPrintGHAnnotationReport_WithVulnerabilities/multiple_sources_with_no_packages - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++::error file=path/to/my/third/lockfile::path/to/my/third/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithVulnerabilities/no_sources - 1] @@ -136,11 +136,11 @@ --- [TestPrintGHAnnotationReport_WithVulnerabilities/one_source_with_no_packages - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithVulnerabilities/one_source_with_one_package,_no_vulnerabilities - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithVulnerabilities/one_source_with_one_package,_one_uncalled_vulnerability,_and_one_called_vulnerability - 1] @@ -192,7 +192,7 @@ --- [TestPrintGHAnnotationReport_WithVulnerabilities/two_sources_with_packages,_one_vulnerability - 1] -::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+-----------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+-----------------------+------+-----------------+---------------+%0A| mine1 | https://osv.dev/OSV-1 | | 1.2.3 | |%0A+---------+-----------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A+---------+------------------+------+-----------------+---------------+ +::error file=path/to/my/first/lockfile::path/to/my/first/lockfile%0A+---------+-----------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+-----------------------+------+-----------------+---------------+%0A| mine1 | https://osv.dev/OSV-1 | | 1.2.3 | |%0A+---------+-----------------------+------+-----------------+---------------+::error file=path/to/my/second/lockfile::path/to/my/second/lockfile%0A+---------+------------------+------+-----------------+---------------+%0A| PACKAGE | VULNERABILITY ID | CVSS | CURRENT VERSION | FIXED VERSION |%0A+---------+------------------+------+-----------------+---------------+%0A++++++ --- [TestPrintGHAnnotationReport_WithVulnerabilities/two_sources_with_the_same_vulnerable_package - 1] From 69eaf1f98d1e1357aa7bf5b6c4ff18e9c0d2a61e Mon Sep 17 00:00:00 2001 From: Xueqin Cui Date: Tue, 25 Nov 2025 13:56:20 +1100 Subject: [PATCH 2/2] go mod --- go.sum | 2 -- 1 file changed, 2 deletions(-) diff --git a/go.sum b/go.sum index fc6fe32f663..9dff1cce945 100644 --- a/go.sum +++ b/go.sum @@ -273,8 +273,6 @@ github.com/ianlancetaylor/demangle v0.0.0-20251114061303-68c556c8ce09 h1:FWaBv/P github.com/ianlancetaylor/demangle v0.0.0-20251114061303-68c556c8ce09/go.mod h1:gx7rwoVhcfuVKG5uya9Hs3Sxj7EIvldVofAWIUtGouw= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A= github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= -github.com/jedib0t/go-pretty/v6 v6.7.2 h1:EYWgQNIH/+JsyHki7ns9OHyBKuHPkzrBo02uYjran7w= -github.com/jedib0t/go-pretty/v6 v6.7.2/go.mod h1:YwC5CE4fJ1HFUDeivSV1r//AmANFHyqczZk+U6BDALU= github.com/jedib0t/go-pretty/v6 v6.7.5 h1:9dJSWTJnsXJVVAbvxIFxeHf/JxoJd7GUl5o3UzhtuiM= github.com/jedib0t/go-pretty/v6 v6.7.5/go.mod h1:YwC5CE4fJ1HFUDeivSV1r//AmANFHyqczZk+U6BDALU= github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=