diff --git a/security/osv-scanner/Makefile b/security/osv-scanner/Makefile index e1b4fc3acda3..c3f0fa16bbd3 100644 --- a/security/osv-scanner/Makefile +++ b/security/osv-scanner/Makefile @@ -1,42 +1,41 @@ PORTNAME= osv-scanner DISTVERSIONPREFIX= v -DISTVERSION= 2.2.1 -PORTREVISION= 1 +DISTVERSION= 2.2.2 CATEGORIES= security MAINTAINER= dutra@FreeBSD.org COMMENT= Vulnerability scanner written in Go which uses the OSV database WWW= https://github.com/google/osv-scanner LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE USES= go:1.24,modules,run _BUILD_VERSION= ${DISTVERSION} _BUILD_COMMIT= 04a8728 _BUILD_DATE= $$(date +%Y-%m-%d) GO_MODULE= github.com/google/${PORTNAME}/v2 GO_TARGET= ./cmd/${PORTNAME} GO_BUILDFLAGS= -ldflags "\ -s -w \ -X main.version=${_BUILD_VERSION} \ -X main.date=${_BUILD_DATE} \ -X main.commit=${_BUILD_COMMIT}" PLIST_FILES= ${GO_TARGET:C/.\/cmd/bin/} PORTDOCS= CHANGELOG.md CONTRIBUTING.md README.md OPTIONS_DEFINE= DOCS post-patch: @${REINPLACE_CMD} -e 's,%%GO_SUFFIX%%,${GO_SUFFIX},' \ ${WRKSRC}/internal/sourceanalysis/go.go post-install-DOCS-on: @${MKDIR} ${STAGEDIR}${DOCSDIR} ${INSTALL_DATA} ${PORTDOCS:S|^|${WRKSRC}/|} \ ${STAGEDIR}${DOCSDIR} .include diff --git a/security/osv-scanner/distinfo b/security/osv-scanner/distinfo index 265d20a79f1b..1a2041a4e6ed 100644 --- a/security/osv-scanner/distinfo +++ b/security/osv-scanner/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1754949434 -SHA256 (go/security_osv-scanner/osv-scanner-v2.2.1/v2.2.1.mod) = 0dce5dbfafb99b5582b02777a4a2b0b806fde168be423da7ed1ac6f0d9529abd -SIZE (go/security_osv-scanner/osv-scanner-v2.2.1/v2.2.1.mod) = 9801 -SHA256 (go/security_osv-scanner/osv-scanner-v2.2.1/v2.2.1.zip) = d249264cb9bfef83ef63567466dd7321032e7e7c44532be933fc12b920151637 -SIZE (go/security_osv-scanner/osv-scanner-v2.2.1/v2.2.1.zip) = 5234820 +TIMESTAMP = 1757786339 +SHA256 (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.mod) = d54389929750cc4839c89a8f2083a8d735c105d2aac0a3d90cdfb9a5e8fc998f +SIZE (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.mod) = 9801 +SHA256 (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.zip) = 5dbba62ae3d7fec8f1d61d3cb011b54f8b994ac6b7aa9a33a3f9bee0abf0a70a +SIZE (go/security_osv-scanner/osv-scanner-v2.2.2/v2.2.2.zip) = 12527375 diff --git a/security/osv-scanner/files/patch-internal_sourceanalysis_go.go b/security/osv-scanner/files/patch-internal_sourceanalysis_go.go index 04a027230126..024b5e0dda44 100644 --- a/security/osv-scanner/files/patch-internal_sourceanalysis_go.go +++ b/security/osv-scanner/files/patch-internal_sourceanalysis_go.go @@ -1,11 +1,11 @@ ---- internal/sourceanalysis/go.go.orig 1979-11-30 03:00:00 UTC +--- internal/sourceanalysis/go.go.orig 2025-09-13 17:59:56 UTC +++ internal/sourceanalysis/go.go -@@ -19,7 +19,7 @@ func goAnalysis(pkgs []models.PackageVulns, source mod - ) +@@ -21,7 +21,7 @@ func goAnalysis(pkgs []models.PackageVulns, source mod func goAnalysis(pkgs []models.PackageVulns, source models.SourceInfo) { -- cmd := exec.Command("go", "version") -+ cmd := exec.Command("go%%GO_SUFFIX%%", "version") + // TODO: This will be moved to enrichers which does have context. +- cmd := exec.CommandContext(context.TODO(), "go", "version") ++ cmd := exec.CommandContext(context.TODO(), "go%%GO_SUFFIX%%", "version") _, err := cmd.Output() if err != nil { - slog.Info("Skipping call analysis on Go code since Go is not installed.") + cmdlogger.Infof("Skipping call analysis on Go code since Go is not installed.")