FreshPorts -- security/osv-scanner: Vulnerability scanner written in Go which uses the OSV database

Port details on branch 2023Q1

osv-scanner Vulnerability scanner written in Go which uses the OSV database

1.0.2_2 security =0 2.2.2_1Version of this port present on the latest quarterly branch.

Maintainer: lcook@FreeBSD.org

Port Added: 2023-02-17 10:51:08

Last Update: 2023-03-09 19:50:37

Commit Hash: 636f0a9

License: APACHE20

WWW:

https://github.com/google/osv-scanner

Description:

Use OSV-Scanner to find existing vulnerabilities affecting your projects dependencies. OSV-Scanner provides an officially supported frontend to the OSV database that connects a projects list of dependencies with the vulnerabilities that affect them. Since the OSV.dev database is open source and distributed, it has several benefits in comparison with closed source advisory databases and scanners: * Each advisory comes from an open and authoritative source. * Anyone can suggest improvements to advisories, resulting in a very high quality database. * The OSV format unambiguously stores information about affected versions in a machine-readable format that precisely maps onto a developers list of packages. The above all results in fewer, more actionable vulnerability notifications, which reduces the time needed to resolve them.

¦ ¦ ¦ ¦

Manual pages:

FreshPorts has no man page information for this port.

pkg-plist: as obtained via: make generate-plist

Expand this list (4 items)

Collapse this list.

bin/osv-scanner
/usr/local/share/licenses/osv-scanner-1.0.2_2/catalog.mk
/usr/local/share/licenses/osv-scanner-1.0.2_2/LICENSE
/usr/local/share/licenses/osv-scanner-1.0.2_2/APACHE20

Collapse this list.

USE_RC_SUBR (Service Scripts)

no SUBR information found for this port

Dependency lines:

osv-scanner>0:security/osv-scanner

To install the port:

cd /usr/ports/security/osv-scanner/ && make install clean

To add the package, run one of these commands:

pkg install security/osv-scanner
pkg install osv-scanner

NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.

PKGNAME: osv-scanner

Flavors: there is no flavor information for this port.

distinfo:

TIMESTAMP = 1671654174 SHA256 (go/security_osv-scanner/osv-scanner-v1.0.2/v1.0.2.mod) = 41cc1f1962a203e7608947fd522c919db6f412d9ac679a11992eda093f523380 SIZE (go/security_osv-scanner/osv-scanner-v1.0.2/v1.0.2.mod) = 850

Expand this list (2 items)

Collapse this list.

SHA256 (go/security_osv-scanner/osv-scanner-v1.0.2/v1.0.2.zip) = 2ebc68d05b4a248eaa506538716f82d2e1ee77084c506b6a6d7760b586f4f00c SIZE (go/security_osv-scanner/osv-scanner-v1.0.2/v1.0.2.zip) = 170207

Collapse this list.

Packages (timestamps in pop-ups are UTC):

osv-scanner
ABI	aarch64	amd64	armv6	armv7	i386	powerpc	powerpc64	powerpc64le
FreeBSD:13:latest	2.2.2_1	2.2.4_1	-	2.2.2	-	n/a	n/a	n/a
FreeBSD:13:quarterly	2.2.2	2.2.2_1	-	1.9.2_3	2.2.2_1	n/a	n/a	n/a
FreeBSD:14:latest	2.2.4	2.2.4_1	-	2.2.1	-	-	-	-
FreeBSD:14:quarterly	2.2.2_1	2.2.2_1	-	1.9.2_3	2.2.2_1	-	-	-
FreeBSD:15:latest	2.2.3	2.2.4_1	n/a	-	n/a	n/a	-	-
FreeBSD:15:quarterly	2.2.2_1	2.2.2_1	n/a	-	n/a	n/a	-	-
FreeBSD:16:latest	2.2.2_1	2.2.4_1	n/a	-	n/a	n/a	-	-

Dependencies

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:

go119 : lang/go119

Fetch dependencies:

go119 : lang/go119
ca_root_nss>0 : security/ca_root_nss

There are no ports dependent upon this port

Configuration Options:

===> The following configuration options are available for osv-scanner-1.0.2_2: DOCS=on: Build and/or install documentation ===> Use 'make config' to modify these settings

Options name:

security_osv-scanner

USES:

go:modules zip

FreshPorts was unable to extract/find any pkg message

Master Sites:

Expand this list (1 items)

Collapse this list.

https://proxy.golang.org/github.com/google/osv-scanner/@v/

Collapse this list.

Number of commits found: 2

Commit History - (may be incomplete: for full details, see links to repositories near top of page)

Commit

Credits

Log message

1.0.2_2
09 Mar 2023 19:50:37

Dmitri Goutnik (dmgk)

all: Bump PORTREVISION after lang/go119 update

Direct commit to quarterly to bump Go ports revisions after 61a665d2d8d2

Approved by:    ports-secteam (blanket)

1.0.2_1
17 Feb 2023 10:49:10

Dmitri Goutnik (dmgk)

all: Bump PORTREVISION after lang/go119 update

Direct commit to quarterly to bump Go ports revisions after f30271912e48

Approved by:	riggs (ports-secteam)

Number of commits found: 2

Login
User Login Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts? About the authors Issues FAQ How big is it? Security Policy Privacy Blog Contact

Search
Enter Keywords: more...

Latest Vulnerabilities

gnutls	Nov 21
chromium	Nov 18
ungoogled-chromium	Nov 18
openvpn	Nov 17
openvpn-devel	Nov 17
openvpn-devel	Nov 17
pkcs11-helper	Nov 17
py-pdfminer.six	Nov 17
sudo-rs	Nov 16
sudo-rs	Nov 16
postgresql13-client	Nov 14
postgresql14-client	Nov 14
postgresql15-client	Nov 14
postgresql16-client	Nov 14
postgresql17-client	Nov 14

18 vulnerabilities affecting 274 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last processed:
2025-11-21 11:10:32 UTC

Ports
Home Categories Deleted ports Sanity Test Failures Newsfeeds

Statistics

Graphs
NEW Graphs (Javascript)

Calculated hourly:

Port count	33943
Broken	125
Deprecated	257
Ignore	241
Forbidden	0
Restricted	2
No CDROM	1
Vulnerable	35
Expired	8
Set to expire	202
Interactive	0
new 24 hours	5
new 48 hours	5
new 7 days	52
new fortnight	78
new month	155