Created attachment 255957 [details] 0001-security-osv-scanner-Update-to-1.9.2.patch This patch updates osv-scanner to the latest release, version 1.9.2. This release only contains bug fixes: * Parsing crash on malformed pnpm lockfile. (#1327) * Warn if a vulnerability is ignored multiple times in the same config. (#1377) * Guided remediation: handle extraneous/missing packages in package-lock.json more leniently. (#1394) * Go call analysis now works with Go version up to v1.23.4. (#1443) * Only fetch Maven snapshots and releases when enabled. (#1436) * Remove redundant calls from PreFetch. (#1456)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=0beb78369f61fba43f0305967d54b221f857b80e commit 0beb78369f61fba43f0305967d54b221f857b80e Author: Pierre Pronchery <khorben@defora.org> AuthorDate: 2025-01-28 19:15:20 +0000 Commit: Joseph Mingrone <jrm@FreeBSD.org> CommitDate: 2025-02-06 14:19:56 +0000 security/osv-scanner: Update to 1.9.2 Changelog: https://github.com/google/osv-scanner/releases/tag/v1.9.2 PR: 283421 Approved by: lcook (maintainer, timeout) Sponsored by: The FreeBSD Foundation security/osv-scanner/Makefile | 5 ++--- security/osv-scanner/distinfo | 10 +++++----- 2 files changed, 7 insertions(+), 8 deletions(-)