test: update snapshots (#2535)

osv-robot · web-flow · commit a750891fe48d · 2026-02-23T00:22:23.000Z
The snapshots have changed, probably due to OSV advisories being
changed.
Please review the differences to make sure that they're expected!
diff --git a/cmd/osv-scanner/fix/__snapshots__/command_test.snap b/cmd/osv-scanner/fix/__snapshots__/command_test.snap
@@ -5260,12 +5260,13 @@ unsupported strategy "force" - must be one of: in-place, relax, override
 
 [TestCommand/fix_non-interactive_in-place_package-lock.json - 1]
 Scanning <tempdir>/package-lock.json...
-Found 11 vulnerabilities matching the filter
-Can fix 3/11 matching vulnerabilities by changing 3 dependencies
+Found 12 vulnerabilities matching the filter
+Can fix 4/12 matching vulnerabilities by changing 4 dependencies
+UPGRADED-PACKAGE: ajv,6.12.6,6.14.0
 UPGRADED-PACKAGE: brace-expansion,1.1.11,1.1.12
 UPGRADED-PACKAGE: concat-stream,1.5.0,1.6.1
 UPGRADED-PACKAGE: hosted-git-info,2.1.4,2.8.9
-FIXED-VULN-IDS: GHSA-43f8-2h32-f4cj,GHSA-g74r-ffvr-5q9f,GHSA-v6h2-p8h4-qcjw
+FIXED-VULN-IDS: GHSA-2g4f-4pwh-qvx6,GHSA-43f8-2h32-f4cj,GHSA-g74r-ffvr-5q9f,GHSA-v6h2-p8h4-qcjw
 REMAINING-VULNS: 8
 UNFIXABLE-VULNS: 8
 Rewriting <tempdir>/package-lock.json...
@@ -5292,9 +5293,9 @@ Rewriting <tempdir>/package-lock.json...
       }
     },
     "node_modules/ajv": {
-      "version": "6.12.6",
-      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
-      "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+      "version": "6.14.0",
+      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.14.0.tgz",
+      "integrity": "sha512-IWrosm/yrn43eiKqkfkHis7QioDleaXQHdDVPKg0FSwwd/DuvyX79TZnFOnYpB7dcsFAMmtFztZuXPDvSePkFw==",
       "dependencies": {
         "fast-deep-equal": "^3.1.1",
         "fast-json-stable-stringify": "^2.0.0",
@@ -6230,9 +6231,9 @@ Rewriting <tempdir>/package-lock.json...
   },
   "dependencies": {
     "ajv": {
-      "version": "6.12.6",
-      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
-      "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+      "version": "6.14.0",
+      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.14.0.tgz",
+      "integrity": "sha512-IWrosm/yrn43eiKqkfkHis7QioDleaXQHdDVPKg0FSwwd/DuvyX79TZnFOnYpB7dcsFAMmtFztZuXPDvSePkFw==",
       "requires": {
         "fast-deep-equal": "^3.1.1",
         "fast-json-stable-stringify": "^2.0.0",
@@ -7015,6 +7016,15 @@ Rewriting <tempdir>/package-lock.json...
           "name": "ajv",
           "version": "6.12.6"
         }
+      ]
+    },
+    {
+      "id": "GHSA-3ppc-4f35-3m26",
+      "packages": [
+        {
+          "name": "minimatch",
+          "version": "3.1.2"
+        }
       ],
       "unactionable": true
     },
@@ -7117,6 +7127,27 @@ Rewriting <tempdir>/package-lock.json...
     }
   ],
   "patches": [
+    {
+      "packageUpdates": [
+        {
+          "name": "ajv",
+          "versionFrom": "6.12.6",
+          "versionTo": "6.14.0",
+          "transitive": true
+        }
+      ],
+      "fixed": [
+        {
+          "id": "GHSA-2g4f-4pwh-qvx6",
+          "packages": [
+            {
+              "name": "ajv",
+              "version": "6.12.6"
+            }
+          ]
+        }
+      ]
+    },
     {
       "packageUpdates": [
         {
@@ -7207,9 +7238,9 @@ Rewriting <tempdir>/package-lock.json...
       }
     },
     "node_modules/ajv": {
-      "version": "6.12.6",
-      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
-      "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+      "version": "6.14.0",
+      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.14.0.tgz",
+      "integrity": "sha512-IWrosm/yrn43eiKqkfkHis7QioDleaXQHdDVPKg0FSwwd/DuvyX79TZnFOnYpB7dcsFAMmtFztZuXPDvSePkFw==",
       "dependencies": {
         "fast-deep-equal": "^3.1.1",
         "fast-json-stable-stringify": "^2.0.0",
@@ -8145,9 +8176,9 @@ Rewriting <tempdir>/package-lock.json...
   },
   "dependencies": {
     "ajv": {
-      "version": "6.12.6",
-      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
-      "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+      "version": "6.14.0",
+      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.14.0.tgz",
+      "integrity": "sha512-IWrosm/yrn43eiKqkfkHis7QioDleaXQHdDVPKg0FSwwd/DuvyX79TZnFOnYpB7dcsFAMmtFztZuXPDvSePkFw==",
       "requires": {
         "fast-deep-equal": "^3.1.1",
         "fast-json-stable-stringify": "^2.0.0",
@@ -9255,14 +9286,13 @@ Rewriting <tempdir>/pom.xml...
   "strategy": "relax",
   "vulnerabilities": [
     {
-      "id": "GHSA-2g4f-4pwh-qvx6",
+      "id": "GHSA-3ppc-4f35-3m26",
       "packages": [
         {
-          "name": "ajv",
-          "version": "6.12.6"
+          "name": "minimatch",
+          "version": "3.1.3"
         }
-      ],
-      "unactionable": true
+      ]
     },
     {
       "id": "GHSA-43f8-2h32-f4cj",
@@ -9343,6 +9373,15 @@ Rewriting <tempdir>/pom.xml...
         }
       ],
       "fixed": [
+        {
+          "id": "GHSA-3ppc-4f35-3m26",
+          "packages": [
+            {
+              "name": "minimatch",
+              "version": "3.1.3"
+            }
+          ]
+        },
         {
           "id": "GHSA-43f8-2h32-f4cj",
           "packages": [
@@ -9471,11 +9510,11 @@ Rewriting <tempdir>/pom.xml...
 [TestCommand/fix_non-interactive_relax_package.json - 1]
 Resolving <tempdir>/package.json...
 Found 8 vulnerabilities matching the filter
-Can fix 3/8 matching vulnerabilities by changing 1 dependencies
+Can fix 4/8 matching vulnerabilities by changing 1 dependencies
 UPGRADED-PACKAGE: npm-registry-client,6.2.0,^7.5.0
-FIXED-VULN-IDS: GHSA-43f8-2h32-f4cj,GHSA-c2qf-rxjj-qqgw,GHSA-c6rq-rjc2-86v2
-REMAINING-VULNS: 5
-UNFIXABLE-VULNS: 5
+FIXED-VULN-IDS: GHSA-3ppc-4f35-3m26,GHSA-43f8-2h32-f4cj,GHSA-c2qf-rxjj-qqgw,GHSA-c6rq-rjc2-86v2
+REMAINING-VULNS: 4
+UNFIXABLE-VULNS: 4
 Rewriting <tempdir>/package.json...
 
 ---
@@ -9504,12 +9543,13 @@ Rewriting <tempdir>/package.json...
 
 [TestCommand/fix_non_interactive_in_place_package_lock_json_with_native_data_source - 1]
 Scanning <tempdir>/package-lock.json...
-Found 11 vulnerabilities matching the filter
-Can fix 3/11 matching vulnerabilities by changing 3 dependencies
+Found 12 vulnerabilities matching the filter
+Can fix 4/12 matching vulnerabilities by changing 4 dependencies
+UPGRADED-PACKAGE: ajv,6.12.6,6.14.0
 UPGRADED-PACKAGE: brace-expansion,1.1.11,1.1.12
 UPGRADED-PACKAGE: concat-stream,1.5.0,1.6.1
 UPGRADED-PACKAGE: hosted-git-info,2.1.4,2.8.9
-FIXED-VULN-IDS: GHSA-43f8-2h32-f4cj,GHSA-g74r-ffvr-5q9f,GHSA-v6h2-p8h4-qcjw
+FIXED-VULN-IDS: GHSA-2g4f-4pwh-qvx6,GHSA-43f8-2h32-f4cj,GHSA-g74r-ffvr-5q9f,GHSA-v6h2-p8h4-qcjw
 REMAINING-VULNS: 8
 UNFIXABLE-VULNS: 8
 Rewriting <tempdir>/package-lock.json...
@@ -9536,9 +9576,9 @@ Rewriting <tempdir>/package-lock.json...
       }
     },
     "node_modules/ajv": {
-      "version": "6.12.6",
-      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
-      "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+      "version": "6.14.0",
+      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.14.0.tgz",
+      "integrity": "sha512-IWrosm/yrn43eiKqkfkHis7QioDleaXQHdDVPKg0FSwwd/DuvyX79TZnFOnYpB7dcsFAMmtFztZuXPDvSePkFw==",
       "dependencies": {
         "fast-deep-equal": "^3.1.1",
         "fast-json-stable-stringify": "^2.0.0",
@@ -10474,9 +10514,9 @@ Rewriting <tempdir>/package-lock.json...
   },
   "dependencies": {
     "ajv": {
-      "version": "6.12.6",
-      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
-      "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+      "version": "6.14.0",
+      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.14.0.tgz",
+      "integrity": "sha512-IWrosm/yrn43eiKqkfkHis7QioDleaXQHdDVPKg0FSwwd/DuvyX79TZnFOnYpB7dcsFAMmtFztZuXPDvSePkFw==",
       "requires": {
         "fast-deep-equal": "^3.1.1",
         "fast-json-stable-stringify": "^2.0.0",
@@ -11325,12 +11365,13 @@ manifest or lockfile is required
 [TestCommand_OfflineDatabase/fix_non_interactive_in_place_package_lock_json_with_offline_vulns - 1]
 Loaded npm local db from <tempdir>/osv-scanner/npm/all.zip
 Scanning <tempdir>/package-lock.json...
-Found 11 vulnerabilities matching the filter
-Can fix 3/11 matching vulnerabilities by changing 3 dependencies
+Found 12 vulnerabilities matching the filter
+Can fix 4/12 matching vulnerabilities by changing 4 dependencies
+UPGRADED-PACKAGE: ajv,6.12.6,6.14.0
 UPGRADED-PACKAGE: brace-expansion,1.1.11,1.1.12
 UPGRADED-PACKAGE: concat-stream,1.5.0,1.6.1
 UPGRADED-PACKAGE: hosted-git-info,2.1.4,2.8.9
-FIXED-VULN-IDS: GHSA-43f8-2h32-f4cj,GHSA-g74r-ffvr-5q9f,GHSA-v6h2-p8h4-qcjw
+FIXED-VULN-IDS: GHSA-2g4f-4pwh-qvx6,GHSA-43f8-2h32-f4cj,GHSA-g74r-ffvr-5q9f,GHSA-v6h2-p8h4-qcjw
 REMAINING-VULNS: 8
 UNFIXABLE-VULNS: 8
 Rewriting <tempdir>/package-lock.json...
@@ -11357,9 +11398,9 @@ Rewriting <tempdir>/package-lock.json...
       }
     },
     "node_modules/ajv": {
-      "version": "6.12.6",
-      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
-      "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+      "version": "6.14.0",
+      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.14.0.tgz",
+      "integrity": "sha512-IWrosm/yrn43eiKqkfkHis7QioDleaXQHdDVPKg0FSwwd/DuvyX79TZnFOnYpB7dcsFAMmtFztZuXPDvSePkFw==",
       "dependencies": {
         "fast-deep-equal": "^3.1.1",
         "fast-json-stable-stringify": "^2.0.0",
@@ -12295,9 +12336,9 @@ Rewriting <tempdir>/package-lock.json...
   },
   "dependencies": {
     "ajv": {
-      "version": "6.12.6",
-      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz",
-      "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==",
+      "version": "6.14.0",
+      "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.14.0.tgz",
+      "integrity": "sha512-IWrosm/yrn43eiKqkfkHis7QioDleaXQHdDVPKg0FSwwd/DuvyX79TZnFOnYpB7dcsFAMmtFztZuXPDvSePkFw==",
       "requires": {
         "fast-deep-equal": "^3.1.1",
         "fast-json-stable-stringify": "^2.0.0",
@@ -13071,11 +13112,11 @@ Rewriting <tempdir>/package-lock.json...
 Loaded npm local db from <tempdir>/osv-scanner/npm/all.zip
 Resolving <tempdir>/package.json...
 Found 8 vulnerabilities matching the filter
-Can fix 3/8 matching vulnerabilities by changing 1 dependencies
+Can fix 4/8 matching vulnerabilities by changing 1 dependencies
 UPGRADED-PACKAGE: npm-registry-client,6.2.0,^7.5.0
-FIXED-VULN-IDS: GHSA-43f8-2h32-f4cj,GHSA-c2qf-rxjj-qqgw,GHSA-c6rq-rjc2-86v2
-REMAINING-VULNS: 5
-UNFIXABLE-VULNS: 5
+FIXED-VULN-IDS: GHSA-3ppc-4f35-3m26,GHSA-43f8-2h32-f4cj,GHSA-c2qf-rxjj-qqgw,GHSA-c6rq-rjc2-86v2
+REMAINING-VULNS: 4
+UNFIXABLE-VULNS: 4
 Rewriting <tempdir>/package.json...
 
 ---
diff --git a/cmd/osv-scanner/scan/image/__snapshots__/command_test.snap b/cmd/osv-scanner/scan/image/__snapshots__/command_test.snap
@@ -7,7 +7,7 @@ Checking if docker image ("alpine:non-existent-tag") exists locally...
 [TestCommand_Docker/Fake_alpine_image - 2]
 Docker command exited with code ("/usr/bin/docker pull -q alpine:non-existent-tag"): 1
 STDERR:
-> Error response from daemon: failed to resolve reference "docker.io/library/alpine:non-existent-tag": docker.io/library/alpine:non-existent-tag: not found
+> Error response from daemon: manifest for alpine:non-existent-tag not found: manifest unknown: manifest unknown
 failed to pull container image: failed to run docker command
 
 ---
@@ -20,7 +20,7 @@ Checking if docker image ("this-image-definitely-does-not-exist-abcde:with-tag")
 [TestCommand_Docker/Fake_image_entirely - 2]
 Docker command exited with code ("/usr/bin/docker pull -q this-image-definitely-does-not-exist-abcde:with-tag"): 1
 STDERR:
-> Error response from daemon: pull access denied for this-image-definitely-does-not-exist-abcde, repository does not exist or may require 'docker login'
+> Error response from daemon: pull access denied for this-image-definitely-does-not-exist-abcde, repository does not exist or may require 'docker login': denied: requested access to the resource is denied
 failed to pull container image: failed to run docker command
 
 ---
@@ -2577,7 +2577,7 @@ Scanning local image tarball "./testdata/test-go-binary.tar"
         "diff_id": "sha256:...",
         "command": "/bin/sh -c #(nop) ADD file:c5377eaa926bf412dd8d4a08b0a1f2399cfd708743533b0aa03b53d14cb4bb4e in / ",
         "is_empty": false,
-        "base_image_index": 1
+        "base_image_index": 2
       },
       {
         "diff_id": "",
@@ -2600,6 +2600,10 @@ Scanning local image tarball "./testdata/test-go-binary.tar"
     ],
     "base_images": [
       {},
+      {
+        "name": "alpine",
+        "tags": null
+      },
       {
         "name": "alpine",
         "tags": null
@@ -2677,7 +2681,7 @@ Scanning local image tarball "./testdata/test-alpine-etcshadow.tar"
         "diff_id": "sha256:...",
         "command": "/bin/sh -c #(nop) ADD file:c5377eaa926bf412dd8d4a08b0a1f2399cfd708743533b0aa03b53d14cb4bb4e in / ",
         "is_empty": false,
-        "base_image_index": 1
+        "base_image_index": 2
       },
       {
         "diff_id": "",
@@ -2700,6 +2704,10 @@ Scanning local image tarball "./testdata/test-alpine-etcshadow.tar"
     ],
     "base_images": [
       {},
+      {
+        "name": "alpine",
+        "tags": null
+      },
       {
         "name": "alpine",
         "tags": null
diff --git a/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap b/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap
@@ -1881,7 +1881,7 @@ Total 0 packages affected by 0 known vulnerabilities (0 Critical, 0 High, 0 Medi
 Scanned <rootdir>/testdata/locks-git/osv-scanner.json file and found 11 packages
 Loaded GIT local db from <tempdir>/osv-scanner/GIT/all.zip
 Skipping commit scanning for: 45fda76bc1b9fd74d10e85e0ce9b65a12dcc58b0
-Total 8 packages affected by 27 known vulnerabilities (5 Critical, 6 High, 10 Medium, 0 Low, 6 Unknown) from 1 ecosystem.
+Total 8 packages affected by 29 known vulnerabilities (5 Critical, 7 High, 11 Medium, 0 Low, 6 Unknown) from 1 ecosystem.
 0 vulnerabilities can be fixed.
 
 
@@ -1897,8 +1897,10 @@ Total 8 packages affected by 27 known vulnerabilities (5 Critical, 6 High, 10 Me
 | https://osv.dev/CVE-2024-51757 | 9.3  | GIT       |  https://github.com/capricorn86/happy-dom.git@f8221103  | --            | testdata/locks-git/osv-scanner.json |
 | https://osv.dev/CVE-2025-61927 | 7.2  | GIT       |  https://github.com/capricorn86/happy-dom.git@f8221103  | --            | testdata/locks-git/osv-scanner.json |
 | https://osv.dev/CVE-2025-62410 | 9.4  | GIT       |  https://github.com/capricorn86/happy-dom.git@f8221103  | --            | testdata/locks-git/osv-scanner.json |
+| https://osv.dev/CVE-2016-2183  | 7.5  | GIT       |       https://github.com/openssl/openssl@aea7aaf2       | --            | testdata/locks-git/osv-scanner.json |
 | https://osv.dev/CVE-2025-11187 | 6.1  | GIT       |       https://github.com/openssl/openssl@aea7aaf2       | --            | testdata/locks-git/osv-scanner.json |
 | https://osv.dev/CVE-2025-15467 | 9.8  | GIT       |       https://github.com/openssl/openssl@aea7aaf2       | --            | testdata/locks-git/osv-scanner.json |
+| https://osv.dev/CVE-2025-15468 | 5.9  | GIT       |       https://github.com/openssl/openssl@aea7aaf2       | --            | testdata/locks-git/osv-scanner.json |
 | https://osv.dev/CVE-2025-15469 | 5.5  | GIT       |       https://github.com/openssl/openssl@aea7aaf2       | --            | testdata/locks-git/osv-scanner.json |
 | https://osv.dev/CVE-2025-4575  | 6.5  | GIT       |       https://github.com/openssl/openssl@aea7aaf2       | --            | testdata/locks-git/osv-scanner.json |
 | https://osv.dev/CVE-2025-66199 | 5.9  | GIT       |       https://github.com/openssl/openssl@aea7aaf2       | --            | testdata/locks-git/osv-scanner.json |
@@ -5307,8 +5309,8 @@ Total 3 packages affected by 11 known vulnerabilities (1 Critical, 4 High, 6 Med
 Scanning dir ./testdata/locks-requirements/requirements.txt
 Scanned <rootdir>/testdata/locks-requirements/requirements.txt file and found 3 packages
 Loaded PyPI local db from <tempdir>/osv-scanner/PyPI/all.zip
-Total 3 packages affected by 11 known vulnerabilities (1 Critical, 4 High, 6 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
-11 vulnerabilities can be fixed.
+Total 3 packages affected by 12 known vulnerabilities (1 Critical, 4 High, 6 Medium, 1 Low, 0 Unknown) from 1 ecosystem.
+12 vulnerabilities can be fixed.
 
 
 +-------------------------------------+------+-----------+----------+---------+---------------+----------------------------------------------+
@@ -5322,6 +5324,7 @@ Total 3 packages affected by 11 known vulnerabilities (1 Critical, 4 High, 6 Med
 | https://osv.dev/GHSA-frmv-pr5f-9mcr | 9.1  | PyPI      | django   | 1.11.29 | 4.2.26        | testdata/locks-requirements/requirements.txt |
 | https://osv.dev/GHSA-qw25-v68c-qjf3 | 7.5  | PyPI      | django   | 1.11.29 | 4.2.26        | testdata/locks-requirements/requirements.txt |
 | https://osv.dev/GHSA-rrqc-c2jx-6jgv | 6.3  | PyPI      | django   | 1.11.29 | 4.2.16        | testdata/locks-requirements/requirements.txt |
+| https://osv.dev/GHSA-68rp-wp8r-4726 | 2.3  | PyPI      | flask    | 1.0.0   | 3.1.3         | testdata/locks-requirements/requirements.txt |
 | https://osv.dev/GHSA-m2qf-hxjv-5gpq | 8.7  | PyPI      | flask    | 1.0.0   | 2.2.5         | testdata/locks-requirements/requirements.txt |
 | https://osv.dev/PYSEC-2023-74       | 6.1  | PyPI      | requests | 2.20.0  | 2.31.0        | testdata/locks-requirements/requirements.txt |
 | https://osv.dev/GHSA-j8r2-6x86-q33q |      |           |          |         |               |                                              |
@@ -5607,8 +5610,8 @@ No package sources found, --help for usage information.
 [TestCommand_Transitive/uses_native_data_source_for_requirements.txt - 1]
 Scanning dir ./testdata/locks-requirements/requirements.txt
 Scanned <rootdir>/testdata/locks-requirements/requirements.txt file and found 3 packages
-Total 5 packages affected by 21 known vulnerabilities (1 Critical, 9 High, 10 Medium, 0 Low, 1 Unknown) from 1 ecosystem.
-21 vulnerabilities can be fixed.
+Total 5 packages affected by 22 known vulnerabilities (1 Critical, 9 High, 10 Medium, 1 Low, 1 Unknown) from 1 ecosystem.
+22 vulnerabilities can be fixed.
 
 
 +-------------------------------------+------+-----------+----------+---------+---------------+----------------------------------------------+
@@ -5624,6 +5627,7 @@ Total 5 packages affected by 21 known vulnerabilities (1 Critical, 9 High, 10 Me
 | https://osv.dev/GHSA-rrqc-c2jx-6jgv | 6.3  | PyPI      | django   | 1.11.29 | 4.2.16        | testdata/locks-requirements/requirements.txt |
 | https://osv.dev/PYSEC-2023-62       | 8.7  | PyPI      | flask    | 1.0     | 2.2.5         | testdata/locks-requirements/requirements.txt |
 | https://osv.dev/GHSA-m2qf-hxjv-5gpq |      |           |          |         |               |                                              |
+| https://osv.dev/GHSA-68rp-wp8r-4726 | 2.3  | PyPI      | flask    | 1.0     | 3.1.3         | testdata/locks-requirements/requirements.txt |
 | https://osv.dev/PYSEC-2023-74       | 6.1  | PyPI      | requests | 2.20.0  | 2.31.0        | testdata/locks-requirements/requirements.txt |
 | https://osv.dev/GHSA-j8r2-6x86-q33q |      |           |          |         |               |                                              |
 | https://osv.dev/GHSA-9hjg-9r4m-mvj7 | 5.3  | PyPI      | requests | 2.20.0  | 2.32.4        | testdata/locks-requirements/requirements.txt |
diff --git a/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_Transitive.yaml b/cmd/osv-scanner/scan/source/testdata/cassettes/TestCommand_Transitive.yaml
