From 01858b80e1618697e6bc072a0b51c8dcf370deab Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Mon, 30 Mar 2026 02:07:42 +0000
Subject: [PATCH 1/4] feat: inject original query into apitester snapshots

Modifies `normalizeJSONBody` in `tools/apitester/main_test.go` to accept the request body and include the `query` object directly alongside the results in the snapshot output. For single queries, the query is added as a top-level field. For batch queries, each individual query is injected into its corresponding entry in the `results` array. This makes it easier to trace test failures and review data quality by directly mapping responses back to the original request payload. Updated snapshot files to reflect these structural changes.

Co-authored-by: another-rex <106129829+another-rex@users.noreply.github.com>
---
 .../__snapshots__/cassette_TestCommand.snap   | 5217 ++++++++++++++---
 .../cassette_TestCommandNonGit.snap           |   10 +-
 .../cassette_TestCommand_CallAnalysis.snap    |   53 +-
 ...ssette_TestCommand_ExplicitExtractors.snap |  235 +-
 ...mmand_ExplicitExtractors_WithDefaults.snap | 1105 +++-
 ...nd_ExplicitExtractors_WithoutDefaults.snap |  335 +-
 .../cassette_TestCommand_GithubActions.snap   |   40 +-
 .../cassette_TestCommand_HtmlFile.snap        |   10 +-
 ...cassette_TestCommand_JavareachArchive.snap |  404 +-
 .../cassette_TestCommand_Licenses.snap        |  993 +++-
 ...stCommand_LockfileWithExplicitParseAs.snap |  222 +-
 .../cassette_TestCommand_MoreLockfiles.snap   |  437 +-
 .../cassette_TestCommand_Transitive.snap      | 1510 ++++-
 ...tte_TestCommand_WithDetector_OffLinux.snap |   30 +-
 ...ette_TestCommand_WithDetector_OnLinux.snap |   30 +-
 .../__snapshots__/cassette_batch_query.snap   |    9 +-
 .../__snapshots__/cassette_single_query.snap  |  289 +-
 tools/apitester/main_test.go                  |   25 +-
 18 files changed, 9505 insertions(+), 1449 deletions(-)

diff --git a/tools/apitester/__snapshots__/cassette_TestCommand.snap b/tools/apitester/__snapshots__/cassette_TestCommand.snap
index 7d239cd8d29..b8cde420d2e 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand.snap
@@ -2,8 +2,24 @@
 [Test/cassette_TestCommand/TestCommand/.gitignored_files - 1]
 {
   "results": [
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    }
   ]
 }
 
@@ -12,7 +28,15 @@
 [Test/cassette_TestCommand/TestCommand/Empty_cyclonedx_1.4_output - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -21,7 +45,15 @@
 [Test/cassette_TestCommand/TestCommand/Empty_cyclonedx_1.5_output - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -30,7 +62,15 @@
 [Test/cassette_TestCommand/TestCommand/Empty_gh-annotations_output - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -39,7 +79,15 @@
 [Test/cassette_TestCommand/TestCommand/Empty_sarif_output - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -48,7 +96,15 @@
 [Test/cassette_TestCommand/TestCommand/Empty_spdx_2.3_output - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -219,7 +275,14 @@
           "id": "GO-2026-4603",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.21.7"
+      }
     }
   ]
 }
@@ -391,7 +454,14 @@
           "id": "GO-2026-4603",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.21.7"
+      }
     },
     {
       "vulns": [
@@ -555,7 +625,14 @@
           "id": "GO-2026-4603",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.21.7"
+      }
     }
   ]
 }
@@ -727,7 +804,14 @@
           "id": "GO-2026-4603",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.21.7"
+      }
     }
   ]
 }
@@ -737,35 +821,138 @@
 [Test/cassette_TestCommand/TestCommand/PURL_SBOM_case_sensitivity_(api) - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -775,7 +962,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      }
     }
   ]
 }
@@ -791,7 +985,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
@@ -801,37 +1002,171 @@
 [Test/cassette_TestCommand/TestCommand/Scan_locks-many - 1]
 {
   "results": [
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -842,7 +1177,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -852,10 +1194,42 @@
 [Test/cassette_TestCommand/TestCommand/Scan_locks-many#01 - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -864,8 +1238,24 @@
 [Test/cassette_TestCommand/TestCommand/all_supported_lockfiles_in_the_directory_should_be_checked - 1]
 {
   "results": [
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    }
   ]
 }
 
@@ -874,7 +1264,12 @@
 [Test/cassette_TestCommand/TestCommand/config_file_can_be_broad - 1]
 {
   "results": [
-    {},
+    {
+      "query": {
+        "commit": "4579d5538f06c5ef615a15bc67ebb9ac0523a973",
+        "package": {}
+      }
+    },
     {
       "vulns": [
         {
@@ -885,41 +1280,192 @@
           "id": "CVE-2023-39139",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "commit": "9de7a0544457c6aba755ccb65abb41b0dc1db70d",
+        "package": {}
+      }
+    },
+    {
+      "query": {
+        "commit": "5d60bd2eb4642b64d00c845e5ca9f1ea41fd6db6",
+        "package": {}
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "GHSA-9f46-5r25-5wfm",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "league/flysystem",
+          "ecosystem": "Packagist"
+        },
+        "version": "1.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
     },
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "toolchain",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -930,7 +1476,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -940,7 +1493,15 @@
 [Test/cassette_TestCommand/TestCommand/config_file_is_invalid - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -949,37 +1510,171 @@
 [Test/cassette_TestCommand/TestCommand/config_files_should_not_have_multiple_ignores_with_the_same_id - 1]
 {
   "results": [
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -990,7 +1685,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -1000,10 +1702,42 @@
 [Test/cassette_TestCommand/TestCommand/config_files_should_not_have_multiple_ignores_with_the_same_id#01 - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -1012,18 +1746,57 @@
 [Test/cassette_TestCommand/TestCommand/cyclonedx_1.4_output - 1]
 {
   "results": [
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "has-flag",
+          "ecosystem": "npm"
+        },
+        "version": "4.0.0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-9f46-5r25-5wfm",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "league/flysystem",
+          "ecosystem": "Packagist"
+        },
+        "version": "1.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "toolchain",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
     },
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "wrappy",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    }
   ]
 }
 
@@ -1032,18 +1805,57 @@
 [Test/cassette_TestCommand/TestCommand/cyclonedx_1.5_output - 1]
 {
   "results": [
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "has-flag",
+          "ecosystem": "npm"
+        },
+        "version": "4.0.0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-9f46-5r25-5wfm",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "league/flysystem",
+          "ecosystem": "Packagist"
+        },
+        "version": "1.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "toolchain",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
     },
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "wrappy",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    }
   ]
 }
 
@@ -1058,7 +1870,14 @@
           "id": "UBUNTU-CVE-2017-11164",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "pcre3",
+          "ecosystem": "Ubuntu"
+        },
+        "version": "2:8.39-12ubuntu0.1"
+      }
     }
   ]
 }
@@ -1074,7 +1893,14 @@
           "id": "UBUNTU-CVE-2017-11164",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "pcre3",
+          "ecosystem": "Ubuntu"
+        },
+        "version": "2:8.39-12ubuntu0.1"
+      }
     }
   ]
 }
@@ -1084,18 +1910,114 @@
 [Test/cassette_TestCommand/TestCommand/folder_of_supported_sbom_with_vulns - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "adduser",
+          "ecosystem": "Debian"
+        },
+        "version": "3.115"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
     {
       "vulns": [
         {
@@ -1104,19 +2026,19 @@
         },
         {
           "id": "DEBIAN-CVE-2018-0501",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2019-3462",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2020-27350",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2020-3810",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DSA-4685-1",
@@ -1126,28 +2048,106 @@
           "id": "DSA-4808-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "apt",
+          "ecosystem": "Debian"
+        },
+        "version": "1.4.11"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "base-files",
+          "ecosystem": "Debian"
+        },
+        "version": "9.9+deb9u13"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "base-passwd",
+          "ecosystem": "Debian"
+        },
+        "version": "3.5.43"
+      }
     },
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "DEBIAN-CVE-2019-18276",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-3715",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "bash",
+          "ecosystem": "Debian"
+        },
+        "version": "4.4-5"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "bsdutils",
+          "ecosystem": "Debian"
+        },
+        "version": "1:2.29.2-1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -1160,32 +2160,86 @@
         },
         {
           "id": "DEBIAN-CVE-2024-0684",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-5278",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "coreutils",
+          "ecosystem": "Debian"
+        },
+        "version": "8.26-3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "dash",
+          "ecosystem": "Debian"
+        },
+        "version": "0.5.8-2.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "debconf",
+          "ecosystem": "Debian"
+        },
+        "version": "1.5.61"
+      }
     },
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "DLA-3482-1",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "debian-archive-keyring",
+          "ecosystem": "Debian"
+        },
+        "version": "2017.5+deb9u2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "debianutils",
+          "ecosystem": "Debian"
+        },
+        "version": "4.8.1.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "diffutils",
+          "ecosystem": "Debian"
+        },
+        "version": "1:3.5-3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "dirmngr",
+          "ecosystem": "Debian"
+        },
+        "version": "2.1.18-8~deb9u4"
+      }
     },
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "DEBIAN-CVE-2022-1664",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-6297",
@@ -1203,22 +2257,37 @@
           "id": "DSA-5147-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "dpkg",
+          "ecosystem": "Debian"
+        },
+        "version": "1.18.25"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "e2fslibs",
+          "ecosystem": "Debian"
+        },
+        "version": "1.43.4-2+deb9u2"
+      }
     },
-    {},
     {
       "vulns": [
         {
           "id": "DEBIAN-CVE-2019-5094",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2019-5188",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-1304",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-3910-1",
@@ -1228,10 +2297,33 @@
           "id": "DSA-4535-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "e2fsprogs",
+          "ecosystem": "Debian"
+        },
+        "version": "1.43.4-2+deb9u2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "findutils",
+          "ecosystem": "Debian"
+        },
+        "version": "4.6.0+git+20161106-2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "gcc-6-base",
+          "ecosystem": "Debian"
+        },
+        "version": "6.3.0-18+deb9u1"
+      }
     },
-    {},
-    {},
     {
       "vulns": [
         {
@@ -1314,11 +2406,42 @@
           "id": "GO-2025-4098",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "github.com/opencontainers/runc",
+          "ecosystem": "Go"
+        },
+        "version": "v1.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "github.com/tianon/gosu",
+          "ecosystem": "Go"
+        },
+        "version": "(devel)"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "gnupg",
+          "ecosystem": "Debian"
+        },
+        "version": "2.1.18-8~deb9u4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "gnupg-agent",
+          "ecosystem": "Debian"
+        },
+        "version": "2.1.18-8~deb9u4"
+      }
     },
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -1329,63 +2452,317 @@
           "id": "GO-2022-0493",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "golang.org/x/sys",
+          "ecosystem": "Go"
+        },
+        "version": "v0.0.0-20210817142637-7d9622a276b7"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "gpgv",
+          "ecosystem": "Debian"
+        },
+        "version": "2.1.18-8~deb9u4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "grep",
+          "ecosystem": "Debian"
+        },
+        "version": "2.27-2"
+      }
     },
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "DEBIAN-CVE-2022-1271",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DSA-5122-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
-    },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+      ],
+      "query": {
+        "package": {
+          "name": "gzip",
+          "ecosystem": "Debian"
+        },
+        "version": "1.6-5+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "hostname",
+          "ecosystem": "Debian"
+        },
+        "version": "3.18+b1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "init-system-helpers",
+          "ecosystem": "Debian"
+        },
+        "version": "1.48"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libacl1",
+          "ecosystem": "Debian"
+        },
+        "version": "2.2.52-3+b1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libapt-pkg5.0",
+          "ecosystem": "Debian"
+        },
+        "version": "1.4.11"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libassuan0",
+          "ecosystem": "Debian"
+        },
+        "version": "2.4.3-2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libattr1",
+          "ecosystem": "Debian"
+        },
+        "version": "1:2.4.47-2+b2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libaudit-common",
+          "ecosystem": "Debian"
+        },
+        "version": "1:2.6.7-2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libaudit1",
+          "ecosystem": "Debian"
+        },
+        "version": "1:2.6.7-2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libblkid1",
+          "ecosystem": "Debian"
+        },
+        "version": "2.29.2-1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libbsd0",
+          "ecosystem": "Debian"
+        },
+        "version": "0.8.3-1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libbz2-1.0",
+          "ecosystem": "Debian"
+        },
+        "version": "1.0.6-8.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-bin",
+          "ecosystem": "Debian"
+        },
+        "version": "2.24-11+deb9u4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-l10n",
+          "ecosystem": "Debian"
+        },
+        "version": "2.24-11+deb9u4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc6",
+          "ecosystem": "Debian"
+        },
+        "version": "2.24-11+deb9u4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcap-ng0",
+          "ecosystem": "Debian"
+        },
+        "version": "0.7.7-3+b1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcomerr2",
+          "ecosystem": "Debian"
+        },
+        "version": "1.43.4-2+deb9u2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libdb5.3",
+          "ecosystem": "Debian"
+        },
+        "version": "5.3.28-12+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libdebconfclient0",
+          "ecosystem": "Debian"
+        },
+        "version": "0.227"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libedit2",
+          "ecosystem": "Debian"
+        },
+        "version": "3.1-20160903-3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libfdisk1",
+          "ecosystem": "Debian"
+        },
+        "version": "2.29.2-1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libffi6",
+          "ecosystem": "Debian"
+        },
+        "version": "3.2.1-6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libgcc1",
+          "ecosystem": "Debian"
+        },
+        "version": "1:6.3.0-18+deb9u1"
+      }
+    },
     {
       "vulns": [
         {
           "id": "DEBIAN-CVE-2017-0379",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-7526",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-0495",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-6829",
@@ -1393,7 +2770,7 @@
         },
         {
           "id": "DEBIAN-CVE-2019-13627",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-33560",
@@ -1401,86 +2778,485 @@
         },
         {
           "id": "DEBIAN-CVE-2021-40528",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-2236",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
-    },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+      ],
+      "query": {
+        "package": {
+          "name": "libgcrypt20",
+          "ecosystem": "Debian"
+        },
+        "version": "1.7.6-2+deb9u4"
+      }
+    },
     {
-      "vulns": [
-        {
-          "id": "DEBIAN-CVE-2017-10790",
-          "modified": "<RFC3339 date with the year 2026>"
+      "query": {
+        "package": {
+          "name": "libgdbm3",
+          "ecosystem": "Debian"
         },
-        {
-          "id": "DEBIAN-CVE-2018-1000654",
-          "modified": "<RFC3339 date with the year 2026>"
+        "version": "1.8.3-14"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libgmp10",
+          "ecosystem": "Debian"
         },
-        {
-          "id": "DEBIAN-CVE-2018-6003",
-          "modified": "<RFC3339 date with the year 2026>"
+        "version": "2:6.1.2+dfsg-1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libgnutls30",
+          "ecosystem": "Debian"
         },
-        {
-          "id": "DEBIAN-CVE-2021-46848",
-          "modified": "<RFC3339 date with the year 2026>"
+        "version": "3.5.8-5+deb9u6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libgpg-error0",
+          "ecosystem": "Debian"
         },
-        {
-          "id": "DEBIAN-CVE-2024-12133",
-          "modified": "<RFC3339 date with the year 2026>"
+        "version": "1.26-2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libgssapi-krb5-2",
+          "ecosystem": "Debian"
         },
-        {
+        "version": "1.15-1+deb9u3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libhogweed4",
+          "ecosystem": "Debian"
+        },
+        "version": "3.3-1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libicu57",
+          "ecosystem": "Debian"
+        },
+        "version": "57.1-6+deb9u5"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libidn11",
+          "ecosystem": "Debian"
+        },
+        "version": "1.33-1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libjson-perl",
+          "ecosystem": "Debian"
+        },
+        "version": "2.90-1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libk5crypto3",
+          "ecosystem": "Debian"
+        },
+        "version": "1.15-1+deb9u3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libkeyutils1",
+          "ecosystem": "Debian"
+        },
+        "version": "1.5.9-9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libkrb5-3",
+          "ecosystem": "Debian"
+        },
+        "version": "1.15-1+deb9u3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libkrb5support0",
+          "ecosystem": "Debian"
+        },
+        "version": "1.15-1+deb9u3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libksba8",
+          "ecosystem": "Debian"
+        },
+        "version": "1.3.5-2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libldap-2.4-2",
+          "ecosystem": "Debian"
+        },
+        "version": "2.4.44+dfsg-5+deb9u8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libldap-common",
+          "ecosystem": "Debian"
+        },
+        "version": "2.4.44+dfsg-5+deb9u8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libllvm6.0",
+          "ecosystem": "Debian"
+        },
+        "version": "1:6.0-1~bpo9+1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "liblz4-1",
+          "ecosystem": "Debian"
+        },
+        "version": "0.0~r131-2+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "liblzma5",
+          "ecosystem": "Debian"
+        },
+        "version": "5.2.2-1.2+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libmount1",
+          "ecosystem": "Debian"
+        },
+        "version": "2.29.2-1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libncurses5",
+          "ecosystem": "Debian"
+        },
+        "version": "6.0+20161126-1+deb9u2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libncursesw5",
+          "ecosystem": "Debian"
+        },
+        "version": "6.0+20161126-1+deb9u2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libnettle6",
+          "ecosystem": "Debian"
+        },
+        "version": "3.3-1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libnpth0",
+          "ecosystem": "Debian"
+        },
+        "version": "1.3-1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libnss-wrapper",
+          "ecosystem": "Debian"
+        },
+        "version": "1.1.3-1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libp11-kit0",
+          "ecosystem": "Debian"
+        },
+        "version": "0.23.3-2+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libpam-modules",
+          "ecosystem": "Debian"
+        },
+        "version": "1.1.8-3.6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libpam-modules-bin",
+          "ecosystem": "Debian"
+        },
+        "version": "1.1.8-3.6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libpam-runtime",
+          "ecosystem": "Debian"
+        },
+        "version": "1.1.8-3.6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libpam0g",
+          "ecosystem": "Debian"
+        },
+        "version": "1.1.8-3.6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libpcre3",
+          "ecosystem": "Debian"
+        },
+        "version": "2:8.39-3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libperl5.24",
+          "ecosystem": "Debian"
+        },
+        "version": "5.24.1-3+deb9u7"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libpq5",
+          "ecosystem": "Debian"
+        },
+        "version": "14.2-1.pgdg90+1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libreadline7",
+          "ecosystem": "Debian"
+        },
+        "version": "7.0-3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libsasl2-2",
+          "ecosystem": "Debian"
+        },
+        "version": "2.1.27~101-g0780600+dfsg-3+deb9u2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libsasl2-modules-db",
+          "ecosystem": "Debian"
+        },
+        "version": "2.1.27~101-g0780600+dfsg-3+deb9u2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libselinux1",
+          "ecosystem": "Debian"
+        },
+        "version": "2.6-3+b3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libsemanage-common",
+          "ecosystem": "Debian"
+        },
+        "version": "2.6-2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libsemanage1",
+          "ecosystem": "Debian"
+        },
+        "version": "2.6-2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libsepol1",
+          "ecosystem": "Debian"
+        },
+        "version": "2.6-2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libsmartcols1",
+          "ecosystem": "Debian"
+        },
+        "version": "2.29.2-1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libsqlite3-0",
+          "ecosystem": "Debian"
+        },
+        "version": "3.16.2-5+deb9u3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libss2",
+          "ecosystem": "Debian"
+        },
+        "version": "1.43.4-2+deb9u2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl1.1",
+          "ecosystem": "Debian"
+        },
+        "version": "1.1.0l-1~deb9u5"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libstdc++6",
+          "ecosystem": "Debian"
+        },
+        "version": "6.3.0-18+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libsystemd0",
+          "ecosystem": "Debian"
+        },
+        "version": "232-25+deb9u13"
+      }
+    },
+    {
+      "vulns": [
+        {
+          "id": "DEBIAN-CVE-2017-10790",
+          "modified": "<RFC3339 date with the year 2025>"
+        },
+        {
+          "id": "DEBIAN-CVE-2018-1000654",
+          "modified": "<RFC3339 date with the year 2025>"
+        },
+        {
+          "id": "DEBIAN-CVE-2018-6003",
+          "modified": "<RFC3339 date with the year 2025>"
+        },
+        {
+          "id": "DEBIAN-CVE-2021-46848",
+          "modified": "<RFC3339 date with the year 2025>"
+        },
+        {
+          "id": "DEBIAN-CVE-2024-12133",
+          "modified": "<RFC3339 date with the year 2025>"
+        },
+        {
           "id": "DEBIAN-CVE-2025-13151",
           "modified": "<RFC3339 date with the year 2026>"
         },
@@ -1496,209 +3272,248 @@
           "id": "DSA-5863-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "libtasn1-6",
+          "ecosystem": "Debian"
+        },
+        "version": "4.10-1.1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libtinfo5",
+          "ecosystem": "Debian"
+        },
+        "version": "6.0+20161126-1+deb9u2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libudev1",
+          "ecosystem": "Debian"
+        },
+        "version": "232-25+deb9u13"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libustr-1.0-1",
+          "ecosystem": "Debian"
+        },
+        "version": "1.0.4-6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libuuid1",
+          "ecosystem": "Debian"
+        },
+        "version": "2.29.2-1+deb9u1"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "DEBIAN-CVE-2016-3709",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2016-9318",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-0663",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-15412",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-16931",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-16932",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-18258",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-5130",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-5969",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-7375",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-7376",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-8872",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-9047",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-9048",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-9049",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-9050",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-14404",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-14567",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2019-19956",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2019-20388",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2020-24977",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2020-7595",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-3516",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-3517",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-3518",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-3537",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-3541",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-2309",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-23308",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-29824",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-40303",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-40304",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-49043",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-28484",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-29469",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-39615",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-45322",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-25062",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-34459",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-56171",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-24928",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-27113",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-32414",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-32415",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-49794",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-49796",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-6021",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-6170",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-8732",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-9714",
@@ -1772,235 +3587,374 @@
           "id": "DSA-5990-1",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "libxml2",
+          "ecosystem": "Debian"
+        },
+        "version": "2.9.4+dfsg1-2.2+deb9u6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libxslt1.1",
+          "ecosystem": "Debian"
+        },
+        "version": "1.1.29-2.1+deb9u2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libzstd1",
+          "ecosystem": "Debian"
+        },
+        "version": "1.1.2-1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "locales",
+          "ecosystem": "Debian"
+        },
+        "version": "2.24-11+deb9u4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "login",
+          "ecosystem": "Debian"
+        },
+        "version": "1:4.4-4.1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "lsb-base",
+          "ecosystem": "Debian"
+        },
+        "version": "9.20161125"
+      }
+    },
+    {
+      "vulns": [
+        {
+          "id": "DEBIAN-CVE-2017-20229",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ],
+      "query": {
+        "package": {
+          "name": "mawk",
+          "ecosystem": "Debian"
+        },
+        "version": "1.3.3-17+b3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "mount",
+          "ecosystem": "Debian"
+        },
+        "version": "2.29.2-1+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "multiarch-support",
+          "ecosystem": "Debian"
+        },
+        "version": "2.24-11+deb9u4"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
     },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ncurses-base",
+          "ecosystem": "Debian"
+        },
+        "version": "6.0+20161126-1+deb9u2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ncurses-bin",
+          "ecosystem": "Debian"
+        },
+        "version": "6.0+20161126-1+deb9u2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "netbase",
+          "ecosystem": "Debian"
+        },
+        "version": "5.4"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "DEBIAN-CVE-2018-0732",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-0734",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-0735",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-5407",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2019-1543",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2019-1547",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2019-1549",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2019-1551",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2019-1563",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2020-1967",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2020-1971",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-23840",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-23841",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-3449",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-3450",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-3711",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-3712",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-4160",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-0778",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-1292",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-2068",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-2097",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-2274",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-3358",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-3602",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-3786",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-3996",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-4203",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-4304",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-4450",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-0215",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-0216",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-0217",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-0286",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-0401",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-0464",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-0465",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-0466",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-1255",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-2650",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-2975",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-3446",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-3817",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-5363",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-5678",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-6129",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-6237",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-0727",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-12797",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-13176",
@@ -2008,27 +3962,27 @@
         },
         {
           "id": "DEBIAN-CVE-2024-2511",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-4603",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-4741",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-5535",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-6119",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-9143",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-11187",
@@ -2052,7 +4006,7 @@
         },
         {
           "id": "DEBIAN-CVE-2025-4575",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-66199",
@@ -2144,7 +4098,7 @@
         },
         {
           "id": "DSA-4539-3",
-          "modified": "<RFC3339 date with the year 2019>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DSA-4661-1",
@@ -2202,90 +4156,112 @@
           "id": "DSA-6113-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "openssl",
+          "ecosystem": "Debian"
+        },
+        "version": "1.1.0l-1~deb9u5"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "passwd",
+          "ecosystem": "Debian"
+        },
+        "version": "1:4.4-4.1+deb9u1"
+      }
     },
-    {},
     {
       "vulns": [
         {
           "id": "UBUNTU-CVE-2017-11164",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "pcre3",
+          "ecosystem": "Ubuntu"
+        },
+        "version": "2:8.39-12ubuntu0.1"
+      }
     },
     {
       "vulns": [
         {
           "id": "DEBIAN-CVE-2011-4116",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-12837",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2017-12883",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-12015",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-18311",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-18312",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-18313",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-18314",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-6797",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-6798",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-6913",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2020-10543",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2020-10878",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2020-12723",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2020-16156",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-36770",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-48522",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-31484",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-31486",
@@ -2293,15 +4269,15 @@
         },
         {
           "id": "DEBIAN-CVE-2023-47038",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-56406",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-40909",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-3926-1",
@@ -2311,13 +4287,60 @@
           "id": "DSA-5902-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "perl",
+          "ecosystem": "Debian"
+        },
+        "version": "5.24.1-3+deb9u7"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "perl-base",
+          "ecosystem": "Debian"
+        },
+        "version": "5.24.1-3+deb9u7"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "perl-modules-5.24",
+          "ecosystem": "Debian"
+        },
+        "version": "5.24.1-3+deb9u7"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "pgdg-keyring",
+          "ecosystem": "Debian"
+        },
+        "version": "2018.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "pinentry-curses",
+          "ecosystem": "Debian"
+        },
+        "version": "1.0.0-2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "postgresql",
+          "ecosystem": "OSS-Fuzz"
+        },
+        "version": "11.15"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -2326,11 +4349,11 @@
         },
         {
           "id": "DLA-3189-1",
-          "modified": "<RFC3339 date with the year 2022>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-3316-1",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-3422-1",
@@ -2352,28 +4375,138 @@
           "id": "DSA-5135-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "postgresql-11",
+          "ecosystem": "Debian"
+        },
+        "version": "11.15-1.pgdg90+1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "postgresql-client-11",
+          "ecosystem": "Debian"
+        },
+        "version": "11.15-1.pgdg90+1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "postgresql-client-common",
+          "ecosystem": "Debian"
+        },
+        "version": "238.pgdg90+1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "postgresql-common",
+          "ecosystem": "Debian"
+        },
+        "version": "238.pgdg90+1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "readline-common",
+          "ecosystem": "Debian"
+        },
+        "version": "7.0-3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sed",
+          "ecosystem": "Debian"
+        },
+        "version": "4.4-1"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "DEBIAN-CVE-2017-17512",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "sensible-utils",
+          "ecosystem": "Debian"
+        },
+        "version": "0.0.9+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl-cert",
+          "ecosystem": "Debian"
+        },
+        "version": "1.0.39"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sysvinit-utils",
+          "ecosystem": "Debian"
+        },
+        "version": "2.88dsf-59.9"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -2382,63 +4515,70 @@
         },
         {
           "id": "DEBIAN-CVE-2018-20482",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2019-9923",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-20193",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-48303",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2023-39804",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-3755-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "tar",
+          "ecosystem": "Debian"
+        },
+        "version": "1.29b-1.1+deb9u1"
+      }
     },
     {
       "vulns": [
         {
           "id": "DLA-3051-1",
-          "modified": "<RFC3339 date with the year 2022>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-3134-1",
-          "modified": "<RFC3339 date with the year 2022>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-3161-1",
-          "modified": "<RFC3339 date with the year 2022>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-3366-1",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-3412-1",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-3684-1",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-3788-1",
-          "modified": "<RFC3339 date with the year 2024>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-3972-1",
-          "modified": "<RFC3339 date with the year 2024>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DLA-4085-1",
@@ -2452,7 +4592,14 @@
           "id": "DLA-4403-1",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "tzdata",
+          "ecosystem": "Debian"
+        },
+        "version": "2021a-0+deb9u3"
+      }
     },
     {
       "vulns": [
@@ -2460,29 +4607,36 @@
           "id": "DLA-4016-1",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ucf",
+          "ecosystem": "Debian"
+        },
+        "version": "3.0036"
+      }
     },
     {
       "vulns": [
         {
           "id": "DEBIAN-CVE-2016-2779",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2018-7738",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-37600",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-3995",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2021-3996",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2022-0563",
@@ -2490,7 +4644,7 @@
         },
         {
           "id": "DEBIAN-CVE-2024-28085",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-14104",
@@ -2512,21 +4666,28 @@
           "id": "DSA-5650-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "util-linux",
+          "ecosystem": "Debian"
+        },
+        "version": "2.29.2-1+deb9u1"
+      }
     },
     {
       "vulns": [
         {
           "id": "DEBIAN-CVE-2022-1271",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2024-3094",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DEBIAN-CVE-2025-31115",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "DSA-5123-1",
@@ -2536,17 +4697,24 @@
           "id": "DSA-5895-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "xz-utils",
+          "ecosystem": "Debian"
+        },
+        "version": "5.2.2-1.2+deb9u1"
+      }
     },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -2556,17 +4724,24 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      }
     },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -2576,17 +4751,24 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      }
     },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -2596,13 +4778,20 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      }
     },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -2612,10 +4801,33 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.12-r1"
+      }
     },
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "zlib1g",
+          "ecosystem": "Debian"
+        },
+        "version": "1:1.2.8.dfsg-5+deb9u1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "zstd",
+          "ecosystem": "Debian"
+        },
+        "version": "1.1.2-1+deb9u1"
+      }
+    }
   ]
 }
 
@@ -2630,7 +4842,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
@@ -2726,7 +4945,14 @@
           "id": "GO-2026-4603",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.24.4"
+      }
     },
     {
       "vulns": [
@@ -2742,7 +4968,14 @@
           "id": "GO-2026-4433",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "toolchain",
+          "ecosystem": "Go"
+        },
+        "version": "1.24.4"
+      }
     }
   ]
 }
@@ -2753,38 +4986,117 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ]
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
+    }
+  ]
+}
+
+---
+
+[Test/cassette_TestCommand/TestCommand/ignoring_.gitignore - 1]
+{
+  "results": [
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
     }
   ]
 }
 
 ---
 
-[Test/cassette_TestCommand/TestCommand/ignoring_.gitignore - 1]
-{
-  "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {}
-  ]
-}
-
----
-
 [Test/cassette_TestCommand/TestCommand/json_output - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -2793,8 +5105,24 @@
 [Test/cassette_TestCommand/TestCommand/nested_directories_are_checked_when_`--recursive`_is_passed - 1]
 {
   "results": [
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -2803,7 +5131,15 @@
 [Test/cassette_TestCommand/TestCommand/no_lockfiles_with_recursion_and_with_allow_flag_are_fine - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -2812,7 +5148,15 @@
 [Test/cassette_TestCommand/TestCommand/no_lockfiles_with_recursion_but_without_allow_flag_are_fine - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -2821,7 +5165,15 @@
 [Test/cassette_TestCommand/TestCommand/one_specific_supported_lockfile - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -2836,7 +5188,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
@@ -2846,7 +5205,15 @@
 [Test/cassette_TestCommand/TestCommand/one_specific_supported_lockfile_with_offline_explicitly_false - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -2855,35 +5222,138 @@
 [Test/cassette_TestCommand/TestCommand/one_specific_supported_sbom_with_duplicate_PURLs - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -2893,7 +5363,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      }
     }
   ]
 }
@@ -2903,35 +5380,138 @@
 [Test/cassette_TestCommand/TestCommand/one_specific_supported_sbom_with_duplicate_PURLs_using_-L_flag - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -2941,7 +5521,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      }
     }
   ]
 }
@@ -2951,14 +5538,78 @@
 [Test/cassette_TestCommand/TestCommand/one_specific_supported_sbom_with_invalid_PURLs - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    }
   ]
 }
 
@@ -2967,14 +5618,78 @@
 [Test/cassette_TestCommand/TestCommand/one_specific_supported_sbom_with_invalid_PURLs_using_-L_flag - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    }
   ]
 }
 
@@ -2983,35 +5698,138 @@
 [Test/cassette_TestCommand/TestCommand/one_specific_supported_sbom_with_vulns - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -3021,7 +5839,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      }
     }
   ]
 }
@@ -3031,35 +5856,138 @@
 [Test/cassette_TestCommand/TestCommand/one_specific_supported_sbom_with_vulns_using_-L_flag - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -3069,7 +5997,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      }
     }
   ]
 }
@@ -3079,7 +6014,15 @@
 [Test/cassette_TestCommand/TestCommand/only_the_files_in_the_given_directories_are_checked_by_default_(no_recursion) - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    }
   ]
 }
 
@@ -3094,7 +6037,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
@@ -3110,16 +6060,87 @@
           "id": "GHSA-3936-cmfr-pm3m",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "black",
+          "ecosystem": "PyPI"
+        },
+        "version": "25.1.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "certifi",
+          "ecosystem": "PyPI"
+        },
+        "version": "2025.10.5"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "certifi",
+          "ecosystem": "PyPI"
+        },
+        "version": "2025.10.5"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "chardet",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "chardet",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "click",
+          "ecosystem": "PyPI"
+        },
+        "version": "8.3.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "click",
+          "ecosystem": "PyPI"
+        },
+        "version": "8.3.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "click",
+          "ecosystem": "PyPI"
+        },
+        "version": "8.3.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "click",
+          "ecosystem": "PyPI"
+        },
+        "version": "8.3.0"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -3154,7 +6175,14 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.11.29"
+      }
     },
     {
       "vulns": [
@@ -3190,7 +6218,14 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.11.29"
+      }
     },
     {
       "vulns": [
@@ -3282,7 +6317,14 @@
           "id": "PYSEC-2022-3",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.2.24"
+      }
     },
     {
       "vulns": [
@@ -3292,13 +6334,20 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0"
+      }
     },
     {
       "vulns": [
@@ -3308,13 +6357,20 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0"
+      }
     },
     {
       "vulns": [
@@ -3324,13 +6380,20 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0"
+      }
     },
     {
       "vulns": [
@@ -3340,13 +6403,20 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0.0"
+      }
     },
     {
       "vulns": [
@@ -3382,7 +6452,14 @@
           "id": "PYSEC-2024-71",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask-cors",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0.0"
+      }
     },
     {
       "vulns": [
@@ -3392,9 +6469,16 @@
         },
         {
           "id": "PYSEC-2024-60",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2024>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "idna",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.7"
+      }
     },
     {
       "vulns": [
@@ -3404,36 +6488,194 @@
         },
         {
           "id": "PYSEC-2024-60",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2024>"
         }
-      ]
-    },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+      ],
+      "query": {
+        "package": {
+          "name": "idna",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.7"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "itsdangerous",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.2.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "itsdangerous",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.2.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "itsdangerous",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.2.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "jinja2",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "jinja2",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "jinja2",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "markupsafe",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.0.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "markupsafe",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.0.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "markupsafe",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.0.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "mypy-extensions",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.1.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "numpy",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.3.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "numpy",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.3.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "packaging",
+          "ecosystem": "PyPI"
+        },
+        "version": "25.0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "PYSEC-2020-73",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "pandas",
+          "ecosystem": "PyPI"
+        },
+        "version": "0.23.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "pathspec",
+          "ecosystem": "PyPI"
+        },
+        "version": "0.12.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "platformdirs",
+          "ecosystem": "PyPI"
+        },
+        "version": "4.4.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "pytz",
+          "ecosystem": "PyPI"
+        },
+        "version": "2025.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "pytz",
+          "ecosystem": "PyPI"
+        },
+        "version": "2025.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "pytz",
+          "ecosystem": "PyPI"
+        },
+        "version": "2025.2"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -3454,9 +6696,16 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "requests",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.20.0"
+      }
     },
     {
       "vulns": [
@@ -3478,9 +6727,16 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "requests",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.20.0"
+      }
     },
     {
       "vulns": [
@@ -3488,10 +6744,33 @@
           "id": "GHSA-27jp-wm6q-gp25",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "sqlparse",
+          "ecosystem": "PyPI"
+        },
+        "version": "0.5.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "tomli",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.2.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "typing-extensions",
+          "ecosystem": "PyPI"
+        },
+        "version": "4.15.0"
+      }
     },
-    {},
-    {},
     {
       "vulns": [
         {
@@ -3536,13 +6815,20 @@
         },
         {
           "id": "PYSEC-2023-192",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         },
         {
           "id": "PYSEC-2023-212",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "urllib3",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.24.3"
+      }
     },
     {
       "vulns": [
@@ -3588,13 +6874,20 @@
         },
         {
           "id": "PYSEC-2023-192",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         },
         {
           "id": "PYSEC-2023-212",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "urllib3",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.24.3"
+      }
     },
     {
       "vulns": [
@@ -3610,7 +6903,14 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "werkzeug",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.3"
+      }
     },
     {
       "vulns": [
@@ -3626,7 +6926,14 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "werkzeug",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.3"
+      }
     },
     {
       "vulns": [
@@ -3642,7 +6949,14 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "werkzeug",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.3"
+      }
     }
   ]
 }
@@ -3658,16 +6972,87 @@
           "id": "GHSA-3936-cmfr-pm3m",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "black",
+          "ecosystem": "PyPI"
+        },
+        "version": "25.1.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "certifi",
+          "ecosystem": "PyPI"
+        },
+        "version": "2025.10.5"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "certifi",
+          "ecosystem": "PyPI"
+        },
+        "version": "2025.10.5"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "chardet",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "chardet",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "click",
+          "ecosystem": "PyPI"
+        },
+        "version": "8.3.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "click",
+          "ecosystem": "PyPI"
+        },
+        "version": "8.3.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "click",
+          "ecosystem": "PyPI"
+        },
+        "version": "8.3.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "click",
+          "ecosystem": "PyPI"
+        },
+        "version": "8.3.0"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -3702,7 +7087,14 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.11.29"
+      }
     },
     {
       "vulns": [
@@ -3738,7 +7130,14 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.11.29"
+      }
     },
     {
       "vulns": [
@@ -3830,7 +7229,14 @@
           "id": "PYSEC-2022-3",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.2.24"
+      }
     },
     {
       "vulns": [
@@ -3840,13 +7246,20 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0"
+      }
     },
     {
       "vulns": [
@@ -3856,13 +7269,20 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0"
+      }
     },
     {
       "vulns": [
@@ -3872,13 +7292,20 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0"
+      }
     },
     {
       "vulns": [
@@ -3888,13 +7315,20 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0.0"
+      }
     },
     {
       "vulns": [
@@ -3930,7 +7364,14 @@
           "id": "PYSEC-2024-71",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask-cors",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0.0"
+      }
     },
     {
       "vulns": [
@@ -3940,9 +7381,16 @@
         },
         {
           "id": "PYSEC-2024-60",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2024>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "idna",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.7"
+      }
     },
     {
       "vulns": [
@@ -3952,36 +7400,194 @@
         },
         {
           "id": "PYSEC-2024-60",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2024>"
         }
-      ]
-    },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+      ],
+      "query": {
+        "package": {
+          "name": "idna",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.7"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "itsdangerous",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.2.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "itsdangerous",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.2.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "itsdangerous",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.2.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "jinja2",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "jinja2",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "jinja2",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "markupsafe",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.0.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "markupsafe",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.0.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "markupsafe",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.0.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "mypy-extensions",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.1.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "numpy",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.3.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "numpy",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.3.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "packaging",
+          "ecosystem": "PyPI"
+        },
+        "version": "25.0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "PYSEC-2020-73",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "pandas",
+          "ecosystem": "PyPI"
+        },
+        "version": "0.23.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "pathspec",
+          "ecosystem": "PyPI"
+        },
+        "version": "0.12.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "platformdirs",
+          "ecosystem": "PyPI"
+        },
+        "version": "4.5.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "pytz",
+          "ecosystem": "PyPI"
+        },
+        "version": "2025.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "pytz",
+          "ecosystem": "PyPI"
+        },
+        "version": "2025.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "pytz",
+          "ecosystem": "PyPI"
+        },
+        "version": "2025.2"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -4002,9 +7608,16 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "requests",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.20.0"
+      }
     },
     {
       "vulns": [
@@ -4026,9 +7639,16 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "requests",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.20.0"
+      }
     },
     {
       "vulns": [
@@ -4036,10 +7656,33 @@
           "id": "GHSA-27jp-wm6q-gp25",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "sqlparse",
+          "ecosystem": "PyPI"
+        },
+        "version": "0.5.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "tomli",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.3.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "typing-extensions",
+          "ecosystem": "PyPI"
+        },
+        "version": "4.15.0"
+      }
     },
-    {},
-    {},
     {
       "vulns": [
         {
@@ -4084,13 +7727,20 @@
         },
         {
           "id": "PYSEC-2023-192",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         },
         {
           "id": "PYSEC-2023-212",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "urllib3",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.24.3"
+      }
     },
     {
       "vulns": [
@@ -4136,13 +7786,20 @@
         },
         {
           "id": "PYSEC-2023-192",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         },
         {
           "id": "PYSEC-2023-212",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "urllib3",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.24.3"
+      }
     },
     {
       "vulns": [
@@ -4158,7 +7815,14 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "werkzeug",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.3"
+      }
     },
     {
       "vulns": [
@@ -4174,7 +7838,14 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "werkzeug",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.3"
+      }
     },
     {
       "vulns": [
@@ -4190,7 +7861,14 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "werkzeug",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.3"
+      }
     }
   ]
 }
@@ -4200,18 +7878,57 @@
 [Test/cassette_TestCommand/TestCommand/spdx_2.3_output - 1]
 {
   "results": [
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "has-flag",
+          "ecosystem": "npm"
+        },
+        "version": "4.0.0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-9f46-5r25-5wfm",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "league/flysystem",
+          "ecosystem": "Packagist"
+        },
+        "version": "1.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
     },
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "toolchain",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "wrappy",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    }
   ]
 }
 
@@ -4220,7 +7937,15 @@
 [Test/cassette_TestCommand/TestCommand/verbosity_level_=_error - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -4229,7 +7954,15 @@
 [Test/cassette_TestCommand/TestCommand/verbosity_level_=_info - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
diff --git a/tools/apitester/__snapshots__/cassette_TestCommandNonGit.snap b/tools/apitester/__snapshots__/cassette_TestCommandNonGit.snap
index b9a796d03fa..66d610bd9c6 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommandNonGit.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommandNonGit.snap
@@ -2,7 +2,15 @@
 [Test/cassette_TestCommandNonGit/TestCommandNonGit/one_specific_supported_lockfile - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_CallAnalysis.snap b/tools/apitester/__snapshots__/cassette_TestCommand_CallAnalysis.snap
index 71dcf91312c..5ad8817d232 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_CallAnalysis.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_CallAnalysis.snap
@@ -12,7 +12,14 @@
           "id": "GO-2021-0053",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "github.com/gogo/protobuf",
+          "ecosystem": "Go"
+        },
+        "version": "1.3.1"
+      }
     },
     {
       "vulns": [
@@ -22,9 +29,16 @@
         },
         {
           "id": "GO-2023-1558",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2024>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "github.com/ipfs/go-bitfield",
+          "ecosystem": "Go"
+        },
+        "version": "1.0.0"
+      }
     },
     {
       "vulns": [
@@ -46,15 +60,15 @@
         },
         {
           "id": "GO-2023-1572",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2024>"
         },
         {
           "id": "GO-2023-1989",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2024>"
         },
         {
           "id": "GO-2023-1990",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2024>"
         },
         {
           "id": "GO-2024-2937",
@@ -64,7 +78,14 @@
           "id": "GO-2026-4815",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "golang.org/x/image",
+          "ecosystem": "Go"
+        },
+        "version": "0.4.0"
+      }
     }
   ]
 }
@@ -84,7 +105,14 @@
           "id": "GO-2021-0053",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "github.com/gogo/protobuf",
+          "ecosystem": "Go"
+        },
+        "version": "1.3.1"
+      }
     }
   ]
 }
@@ -104,7 +132,14 @@
           "id": "GO-2021-0053",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "github.com/gogo/protobuf",
+          "ecosystem": "Go"
+        },
+        "version": "1.3.1"
+      }
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors.snap b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors.snap
index 6e0b1fe025d..c872d921af5 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors.snap
@@ -8,9 +8,24 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     },
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -25,9 +40,24 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     },
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -42,7 +72,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
@@ -52,29 +89,156 @@
 [Test/cassette_TestCommand_ExplicitExtractors/TestCommand_ExplicitExtractors/scanning_directory_with_one_specific_extractor_disabled - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -85,7 +249,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -101,7 +272,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
@@ -117,7 +295,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithDefaults.snap b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithDefaults.snap
index fc04e207e37..35f80536237 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithDefaults.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithDefaults.snap
@@ -2,10 +2,42 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithDefaults/TestCommand_ExplicitExtractors_WithDefaults/scanning_directory_with_a_couple_of_specific_extractors_enabled_individually - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -14,37 +46,171 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithDefaults/TestCommand_ExplicitExtractors_WithDefaults/scanning_directory_with_a_couple_of_specific_extractors_enabled_individually#01 - 1]
 {
   "results": [
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -55,7 +221,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -65,37 +238,171 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithDefaults/TestCommand_ExplicitExtractors_WithDefaults/scanning_directory_with_a_couple_of_specific_extractors_enabled_specified_together - 1]
 {
   "results": [
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -106,7 +413,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -116,10 +430,42 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithDefaults/TestCommand_ExplicitExtractors_WithDefaults/scanning_directory_with_a_couple_of_specific_extractors_enabled_specified_together#01 - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -128,37 +474,171 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithDefaults/TestCommand_ExplicitExtractors_WithDefaults/scanning_directory_with_an_extractor_that_does_not_exist - 1]
 {
   "results": [
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -169,7 +649,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -179,10 +666,42 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithDefaults/TestCommand_ExplicitExtractors_WithDefaults/scanning_directory_with_an_extractor_that_does_not_exist#01 - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -191,9 +710,33 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithDefaults/TestCommand_ExplicitExtractors_WithDefaults/scanning_directory_with_one_specific_extractor_disabled - 1]
 {
   "results": [
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -202,29 +745,156 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithDefaults/TestCommand_ExplicitExtractors_WithDefaults/scanning_directory_with_one_specific_extractor_disabled#01 - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -235,7 +905,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -245,37 +922,171 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithDefaults/TestCommand_ExplicitExtractors_WithDefaults/scanning_directory_with_one_specific_extractor_enabled_and_the_defaults - 1]
 {
   "results": [
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -286,7 +1097,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -296,10 +1114,42 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithDefaults/TestCommand_ExplicitExtractors_WithDefaults/scanning_directory_with_one_specific_extractor_enabled_and_the_defaults#01 - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -308,7 +1158,15 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithDefaults/TestCommand_ExplicitExtractors_WithDefaults/scanning_file_with_one_different_extractor_enabled - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -323,7 +1181,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
@@ -333,7 +1198,15 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithDefaults/TestCommand_ExplicitExtractors_WithDefaults/scanning_file_with_one_specific_extractor_enabled#01 - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    }
   ]
 }
 
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithoutDefaults.snap b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithoutDefaults.snap
index 01985806a83..3c73c73f0ff 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithoutDefaults.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithoutDefaults.snap
@@ -8,9 +8,24 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     },
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -19,8 +34,24 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithoutDefaults/TestCommand_ExplicitExtractors_WithoutDefaults/scanning_directory_with_a_couple_of_specific_extractors_enabled_individually#01 - 1]
 {
   "results": [
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -35,9 +66,24 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     },
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -46,8 +92,24 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithoutDefaults/TestCommand_ExplicitExtractors_WithoutDefaults/scanning_directory_with_a_couple_of_specific_extractors_enabled_specified_together#01 - 1]
 {
   "results": [
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -62,7 +124,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
@@ -72,7 +141,15 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithoutDefaults/TestCommand_ExplicitExtractors_WithoutDefaults/scanning_directory_with_an_extractor_that_does_not_exist#01 - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    }
   ]
 }
 
@@ -81,29 +158,156 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithoutDefaults/TestCommand_ExplicitExtractors_WithoutDefaults/scanning_directory_with_one_specific_extractor_disabled - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -114,7 +318,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -124,9 +335,33 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithoutDefaults/TestCommand_ExplicitExtractors_WithoutDefaults/scanning_directory_with_one_specific_extractor_disabled#01 - 1]
 {
   "results": [
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -141,7 +376,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
@@ -151,7 +393,15 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithoutDefaults/TestCommand_ExplicitExtractors_WithoutDefaults/scanning_directory_with_one_specific_extractor_enabled_and_no_defaults#01 - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    }
   ]
 }
 
@@ -166,7 +416,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
@@ -176,7 +433,15 @@
 [Test/cassette_TestCommand_ExplicitExtractors_WithoutDefaults/TestCommand_ExplicitExtractors_WithoutDefaults/scanning_file_with_one_specific_extractor_enabled#01 - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    }
   ]
 }
 
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_GithubActions.snap b/tools/apitester/__snapshots__/cassette_TestCommand_GithubActions.snap
index 7fd2a6eed15..5d6444dadf1 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_GithubActions.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_GithubActions.snap
@@ -2,7 +2,12 @@
 [Test/cassette_TestCommand_GithubActions/TestCommand_GithubActions/scanning_osv-scanner_custom_format - 1]
 {
   "results": [
-    {},
+    {
+      "query": {
+        "commit": "4579d5538f06c5ef615a15bc67ebb9ac0523a973",
+        "package": {}
+      }
+    },
     {
       "vulns": [
         {
@@ -13,9 +18,18 @@
           "id": "CVE-2023-39139",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "commit": "9de7a0544457c6aba755ccb65abb41b0dc1db70d",
+        "package": {}
+      }
     },
-    {}
+    {
+      "query": {
+        "commit": "5d60bd2eb4642b64d00c845e5ca9f1ea41fd6db6",
+        "package": {}
+      }
+    }
   ]
 }
 
@@ -24,7 +38,12 @@
 [Test/cassette_TestCommand_GithubActions/TestCommand_GithubActions/scanning_osv-scanner_custom_format_output_json - 1]
 {
   "results": [
-    {},
+    {
+      "query": {
+        "commit": "4579d5538f06c5ef615a15bc67ebb9ac0523a973",
+        "package": {}
+      }
+    },
     {
       "vulns": [
         {
@@ -35,9 +54,18 @@
           "id": "CVE-2023-39139",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "commit": "9de7a0544457c6aba755ccb65abb41b0dc1db70d",
+        "package": {}
+      }
     },
-    {}
+    {
+      "query": {
+        "commit": "5d60bd2eb4642b64d00c845e5ca9f1ea41fd6db6",
+        "package": {}
+      }
+    }
   ]
 }
 
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_HtmlFile.snap b/tools/apitester/__snapshots__/cassette_TestCommand_HtmlFile.snap
index 1345c968ffd..150e713c6f5 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_HtmlFile.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_HtmlFile.snap
@@ -2,7 +2,15 @@
 [Test/cassette_TestCommand_HtmlFile/TestCommand_HtmlFile - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_JavareachArchive.snap b/tools/apitester/__snapshots__/cassette_TestCommand_JavareachArchive.snap
index 14a3130fa68..05d625f4051 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_JavareachArchive.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_JavareachArchive.snap
@@ -2,19 +2,66 @@
 [Test/cassette_TestCommand_JavareachArchive/TestCommand_JavareachArchive/jars_can_be_scanned_with_call_analysis - 1]
 {
   "results": [
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "com.amazonaws:aws-java-sdk-core",
+          "ecosystem": "Maven"
+        },
+        "version": "1.11.327"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.amazonaws:aws-java-sdk-kms",
+          "ecosystem": "Maven"
+        },
+        "version": "1.11.327"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-c28r-hw5m-5gv3",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "com.amazonaws:aws-java-sdk-s3",
+          "ecosystem": "Maven"
+        },
+        "version": "1.11.327"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.amazonaws:jmespath-java",
+          "ecosystem": "Maven"
+        },
+        "version": "1.11.327"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.example:hello-tester",
+          "ecosystem": "Maven"
+        },
+        "version": "1.0-SNAPSHOT"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.fasterxml.jackson.core:jackson-annotations",
+          "ecosystem": "Maven"
+        },
+        "version": "2.6.0"
+      }
     },
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -25,7 +72,14 @@
           "id": "GHSA-h46c-h94j-95f3",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "com.fasterxml.jackson.core:jackson-core",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.0"
+      }
     },
     {
       "vulns": [
@@ -221,19 +275,65 @@
           "id": "GHSA-wh8g-3j2c-rqj5",
           "modified": "<RFC3339 date with the year 2024>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "com.fasterxml.jackson.core:jackson-databind",
+          "ecosystem": "Maven"
+        },
+        "version": "2.6.7.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.fasterxml.jackson.dataformat:jackson-dataformat-cbor",
+          "ecosystem": "Maven"
+        },
+        "version": "2.6.7"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "commons-codec:commons-codec",
+          "ecosystem": "Maven"
+        },
+        "version": "1.10"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "commons-logging:commons-logging",
+          "ecosystem": "Maven"
+        },
+        "version": "1.1.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "joda-time:joda-time",
+          "ecosystem": "Maven"
+        },
+        "version": "2.8.1"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "GHSA-j288-q9x7-2f5v",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "org.apache.commons:commons-lang3",
+          "ecosystem": "Maven"
+        },
+        "version": "3.12.0"
+      }
     },
     {
       "vulns": [
@@ -241,10 +341,33 @@
           "id": "GHSA-7r82-7xv7-xcpj",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "org.apache.httpcomponents:httpclient",
+          "ecosystem": "Maven"
+        },
+        "version": "4.5.5"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "org.apache.httpcomponents:httpcore",
+          "ecosystem": "Maven"
+        },
+        "version": "4.4.9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "org.eclipse.jetty:jetty-continuation",
+          "ecosystem": "Maven"
+        },
+        "version": "9.4.40.v20210413"
+      }
     },
-    {},
-    {},
     {
       "vulns": [
         {
@@ -263,9 +386,24 @@
           "id": "GHSA-wjpw-4j6x-6rwh",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "org.eclipse.jetty:jetty-http",
+          "ecosystem": "Maven"
+        },
+        "version": "9.4.40.v20210413"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "org.eclipse.jetty:jetty-io",
+          "ecosystem": "Maven"
+        },
+        "version": "9.4.40.v20210413"
+      }
     },
-    {},
     {
       "vulns": [
         {
@@ -280,16 +418,38 @@
           "id": "GHSA-j26w-f9rq-mr2q",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "org.eclipse.jetty:jetty-servlets",
+          "ecosystem": "Maven"
+        },
+        "version": "9.4.40.v20210413"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "org.eclipse.jetty:jetty-util",
+          "ecosystem": "Maven"
+        },
+        "version": "9.4.40.v20210413"
+      }
     },
-    {},
     {
       "vulns": [
         {
           "id": "GHSA-264p-99wq-f4j6",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "software.amazon.ion:ion-java",
+          "ecosystem": "Maven"
+        },
+        "version": "1.0.2"
+      }
     }
   ]
 }
@@ -299,19 +459,66 @@
 [Test/cassette_TestCommand_JavareachArchive/TestCommand_JavareachArchive/jars_can_be_scanned_without_call_analysis - 1]
 {
   "results": [
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "com.amazonaws:aws-java-sdk-core",
+          "ecosystem": "Maven"
+        },
+        "version": "1.11.327"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.amazonaws:aws-java-sdk-kms",
+          "ecosystem": "Maven"
+        },
+        "version": "1.11.327"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-c28r-hw5m-5gv3",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "com.amazonaws:aws-java-sdk-s3",
+          "ecosystem": "Maven"
+        },
+        "version": "1.11.327"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.amazonaws:jmespath-java",
+          "ecosystem": "Maven"
+        },
+        "version": "1.11.327"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.example:hello-tester",
+          "ecosystem": "Maven"
+        },
+        "version": "1.0-SNAPSHOT"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.fasterxml.jackson.core:jackson-annotations",
+          "ecosystem": "Maven"
+        },
+        "version": "2.6.0"
+      }
     },
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -322,7 +529,14 @@
           "id": "GHSA-h46c-h94j-95f3",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "com.fasterxml.jackson.core:jackson-core",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.0"
+      }
     },
     {
       "vulns": [
@@ -518,19 +732,65 @@
           "id": "GHSA-wh8g-3j2c-rqj5",
           "modified": "<RFC3339 date with the year 2024>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "com.fasterxml.jackson.core:jackson-databind",
+          "ecosystem": "Maven"
+        },
+        "version": "2.6.7.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.fasterxml.jackson.dataformat:jackson-dataformat-cbor",
+          "ecosystem": "Maven"
+        },
+        "version": "2.6.7"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "commons-codec:commons-codec",
+          "ecosystem": "Maven"
+        },
+        "version": "1.10"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "commons-logging:commons-logging",
+          "ecosystem": "Maven"
+        },
+        "version": "1.1.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "joda-time:joda-time",
+          "ecosystem": "Maven"
+        },
+        "version": "2.8.1"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "GHSA-j288-q9x7-2f5v",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "org.apache.commons:commons-lang3",
+          "ecosystem": "Maven"
+        },
+        "version": "3.12.0"
+      }
     },
     {
       "vulns": [
@@ -538,10 +798,33 @@
           "id": "GHSA-7r82-7xv7-xcpj",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "org.apache.httpcomponents:httpclient",
+          "ecosystem": "Maven"
+        },
+        "version": "4.5.5"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "org.apache.httpcomponents:httpcore",
+          "ecosystem": "Maven"
+        },
+        "version": "4.4.9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "org.eclipse.jetty:jetty-continuation",
+          "ecosystem": "Maven"
+        },
+        "version": "9.4.40.v20210413"
+      }
     },
-    {},
-    {},
     {
       "vulns": [
         {
@@ -560,9 +843,24 @@
           "id": "GHSA-wjpw-4j6x-6rwh",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "org.eclipse.jetty:jetty-http",
+          "ecosystem": "Maven"
+        },
+        "version": "9.4.40.v20210413"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "org.eclipse.jetty:jetty-io",
+          "ecosystem": "Maven"
+        },
+        "version": "9.4.40.v20210413"
+      }
     },
-    {},
     {
       "vulns": [
         {
@@ -577,16 +875,38 @@
           "id": "GHSA-j26w-f9rq-mr2q",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "org.eclipse.jetty:jetty-servlets",
+          "ecosystem": "Maven"
+        },
+        "version": "9.4.40.v20210413"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "org.eclipse.jetty:jetty-util",
+          "ecosystem": "Maven"
+        },
+        "version": "9.4.40.v20210413"
+      }
     },
-    {},
     {
       "vulns": [
         {
           "id": "GHSA-264p-99wq-f4j6",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "software.amazon.ion:ion-java",
+          "ecosystem": "Maven"
+        },
+        "version": "1.0.2"
+      }
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_Licenses.snap b/tools/apitester/__snapshots__/cassette_TestCommand_Licenses.snap
index 638a909f050..469ca6860cd 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_Licenses.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_Licenses.snap
@@ -2,10 +2,42 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/Licenses_in_summary_mode_json - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "babel",
+          "ecosystem": "npm"
+        },
+        "version": "6.23.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "human-signals",
+          "ecosystem": "npm"
+        },
+        "version": "5.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ms",
+          "ecosystem": "npm"
+        },
+        "version": "2.1.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "type-fest",
+          "ecosystem": "npm"
+        },
+        "version": "4.26.1"
+      }
+    }
   ]
 }
 
@@ -14,10 +46,42 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/Licenses_with_expressions - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "babel",
+          "ecosystem": "npm"
+        },
+        "version": "6.23.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "human-signals",
+          "ecosystem": "npm"
+        },
+        "version": "5.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ms",
+          "ecosystem": "npm"
+        },
+        "version": "2.1.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "type-fest",
+          "ecosystem": "npm"
+        },
+        "version": "4.26.1"
+      }
+    }
   ]
 }
 
@@ -26,10 +90,42 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/Licenses_with_invalid_expression_in_config - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "babel",
+          "ecosystem": "npm"
+        },
+        "version": "6.23.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "human-signals",
+          "ecosystem": "npm"
+        },
+        "version": "5.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ms",
+          "ecosystem": "npm"
+        },
+        "version": "2.1.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "type-fest",
+          "ecosystem": "npm"
+        },
+        "version": "4.26.1"
+      }
+    }
   ]
 }
 
@@ -38,10 +134,42 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/No_license_violations_and_show-all-packages_in_json - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "babel",
+          "ecosystem": "npm"
+        },
+        "version": "6.23.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "human-signals",
+          "ecosystem": "npm"
+        },
+        "version": "5.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ms",
+          "ecosystem": "npm"
+        },
+        "version": "2.1.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "type-fest",
+          "ecosystem": "npm"
+        },
+        "version": "4.26.1"
+      }
+    }
   ]
 }
 
@@ -50,7 +178,15 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/No_vulnerabilities_but_license_violations_with_allowlist - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    }
   ]
 }
 
@@ -59,10 +195,42 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/No_vulnerabilities_with_license_summary - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -71,37 +239,171 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/No_vulnerabilities_with_license_summary#01 - 1]
 {
   "results": [
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -112,7 +414,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -122,37 +431,171 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/No_vulnerabilities_with_license_summary_in_markdown - 1]
 {
   "results": [
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -163,7 +606,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -173,10 +623,42 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/No_vulnerabilities_with_license_summary_in_markdown#01 - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -185,10 +667,42 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/Show_all_Packages_with_license_summary_in_json - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "babel",
+          "ecosystem": "npm"
+        },
+        "version": "6.23.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "human-signals",
+          "ecosystem": "npm"
+        },
+        "version": "5.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ms",
+          "ecosystem": "npm"
+        },
+        "version": "2.1.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "type-fest",
+          "ecosystem": "npm"
+        },
+        "version": "4.26.1"
+      }
+    }
   ]
 }
 
@@ -197,38 +711,180 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/Some_packages_with_ignored_licenses - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-baselayout-data",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.4.0-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "alpine-keys",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.4-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "apk-tools",
+          "ecosystem": "Alpine"
+        },
+        "version": "2.12.10-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "busybox-binsh",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ca-certificates-bundle",
+          "ecosystem": "Alpine"
+        },
+        "version": "20220614-r4"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-9f46-5r25-5wfm",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "league/flysystem",
+          "ecosystem": "Packagist"
+        },
+        "version": "1.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libc-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "0.7.2-r3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libcrypto3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "libssl3",
+          "ecosystem": "Alpine"
+        },
+        "version": "3.0.8-r0"
+      }
     },
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "musl",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "musl-utils",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.3-r4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "scanelf",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.3.5-r1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ssl_client",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.36.1-r27"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "toolchain",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
     },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -239,7 +895,14 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      }
     }
   ]
 }
@@ -249,18 +912,57 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/Some_packages_with_ignored_licenses#01 - 1]
 {
   "results": [
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "ast",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.4.2"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-9f46-5r25-5wfm",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "league/flysystem",
+          "ecosystem": "Packagist"
+        },
+        "version": "1.0.8"
+      }
     },
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "toolchain",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
+    }
   ]
 }
 
@@ -269,10 +971,42 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/Some_packages_with_license_violations_and_show-all-packages_in_json - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "babel",
+          "ecosystem": "npm"
+        },
+        "version": "6.23.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "human-signals",
+          "ecosystem": "npm"
+        },
+        "version": "5.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ms",
+          "ecosystem": "npm"
+        },
+        "version": "2.1.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "type-fest",
+          "ecosystem": "npm"
+        },
+        "version": "4.26.1"
+      }
+    }
   ]
 }
 
@@ -281,10 +1015,42 @@
 [Test/cassette_TestCommand_Licenses/TestCommand_Licenses/Some_packages_with_license_violations_in_json - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "babel",
+          "ecosystem": "npm"
+        },
+        "version": "6.23.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "human-signals",
+          "ecosystem": "npm"
+        },
+        "version": "5.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ms",
+          "ecosystem": "npm"
+        },
+        "version": "2.1.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "type-fest",
+          "ecosystem": "npm"
+        },
+        "version": "4.26.1"
+      }
+    }
   ]
 }
 
@@ -299,7 +1065,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
@@ -315,7 +1088,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
@@ -331,7 +1111,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_LockfileWithExplicitParseAs.snap b/tools/apitester/__snapshots__/cassette_TestCommand_LockfileWithExplicitParseAs.snap
index a932c0f8e5d..0824edc7132 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_LockfileWithExplicitParseAs.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_LockfileWithExplicitParseAs.snap
@@ -2,7 +2,15 @@
 [Test/cassette_TestCommand_LockfileWithExplicitParseAs/TestCommand_LockfileWithExplicitParseAs/absolute_paths_are_automatically_escaped_on_windows - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    }
   ]
 }
 
@@ -11,7 +19,15 @@
 [Test/cassette_TestCommand_LockfileWithExplicitParseAs/TestCommand_LockfileWithExplicitParseAs/absolute_paths_work_with_explicit_escaping - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "balanced-match",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    }
   ]
 }
 
@@ -20,7 +36,15 @@
 [Test/cassette_TestCommand_LockfileWithExplicitParseAs/TestCommand_LockfileWithExplicitParseAs/empty_is_default - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -35,7 +59,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     },
     {
       "vulns": [
@@ -43,20 +74,66 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "has-flag",
+          "ecosystem": "npm"
+        },
+        "version": "4.0.0"
+      }
     },
-    {},
     {
       "vulns": [
         {
           "id": "GHSA-9f46-5r25-5wfm",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "league/flysystem",
+          "ecosystem": "Packagist"
+        },
+        "version": "1.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "toolchain",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
     },
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "wrappy",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    }
   ]
 }
 
@@ -71,7 +148,14 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
     },
     {
       "vulns": [
@@ -79,20 +163,66 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "has-flag",
+          "ecosystem": "npm"
+        },
+        "version": "4.0.0"
+      }
     },
-    {},
     {
       "vulns": [
         {
           "id": "GHSA-9f46-5r25-5wfm",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "league/flysystem",
+          "ecosystem": "Packagist"
+        },
+        "version": "1.0.8"
+      }
     },
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "toolchain",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "wrappy",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    }
   ]
 }
 
@@ -112,20 +242,66 @@
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "ansi-html",
+          "ecosystem": "npm"
+        },
+        "version": "0.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "has-flag",
+          "ecosystem": "npm"
+        },
+        "version": "4.0.0"
+      }
     },
-    {},
     {
       "vulns": [
         {
           "id": "GHSA-9f46-5r25-5wfm",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "league/flysystem",
+          "ecosystem": "Packagist"
+        },
+        "version": "1.0.8"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
     },
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "toolchain",
+          "ecosystem": "Go"
+        },
+        "version": "1.99.9"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "wrappy",
+          "ecosystem": "npm"
+        },
+        "version": "1.0.2"
+      }
+    }
   ]
 }
 
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_MoreLockfiles.snap b/tools/apitester/__snapshots__/cassette_TestCommand_MoreLockfiles.snap
index 69e9d2e386f..9e522cab46a 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_MoreLockfiles.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_MoreLockfiles.snap
@@ -2,18 +2,65 @@
 [Test/cassette_TestCommand_MoreLockfiles/TestCommand_MoreLockfiles/cabal.project.freeze - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "AC-Angle",
+          "ecosystem": "Hackage"
+        },
+        "version": "1.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ALUT",
+          "ecosystem": "Hackage"
+        },
+        "version": "2.4.0.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "ANum",
+          "ecosystem": "Hackage"
+        },
+        "version": "0.2.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "Agda",
+          "ecosystem": "Hackage"
+        },
+        "version": "2.6.4.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "Allure",
+          "ecosystem": "Hackage"
+        },
+        "version": "0.11.0.0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "HSEC-2024-0009",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "biscuit-haskell",
+          "ecosystem": "Hackage"
+        },
+        "version": "0.3.0.0"
+      }
     }
   ]
 }
@@ -23,17 +70,48 @@
 [Test/cassette_TestCommand_MoreLockfiles/TestCommand_MoreLockfiles/depsjson - 1]
 {
   "results": [
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "AWSSDK.Core",
+          "ecosystem": "NuGet"
+        },
+        "version": "3.7.10.6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "Microsoft.Extensions.DependencyInjection",
+          "ecosystem": "NuGet"
+        },
+        "version": "6.0.0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-4cv2-4hjh-77rx",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "System.Linq.Dynamic.Core",
+          "ecosystem": "NuGet"
+        },
+        "version": "1.3.7"
+      }
     },
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "TestLibrary",
+          "ecosystem": "NuGet"
+        },
+        "version": "1.0.0"
+      }
+    }
   ]
 }
 
@@ -42,27 +120,138 @@
 [Test/cassette_TestCommand_MoreLockfiles/TestCommand_MoreLockfiles/gems.locked - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "async",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.23.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "async-dns",
+          "ecosystem": "RubyGems"
+        },
+        "version": "1.4.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "async-http",
+          "ecosystem": "RubyGems"
+        },
+        "version": "0.87.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "async-pool",
+          "ecosystem": "RubyGems"
+        },
+        "version": "0.10.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "console",
+          "ecosystem": "RubyGems"
+        },
+        "version": "1.29.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "fiber-annotation",
+          "ecosystem": "RubyGems"
+        },
+        "version": "0.2.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "fiber-local",
+          "ecosystem": "RubyGems"
+        },
+        "version": "1.1.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "fiber-storage",
+          "ecosystem": "RubyGems"
+        },
+        "version": "1.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "geoip",
+          "ecosystem": "RubyGems"
+        },
+        "version": "1.6.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "io-endpoint",
+          "ecosystem": "RubyGems"
+        },
+        "version": "0.15.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "io-event",
+          "ecosystem": "RubyGems"
+        },
+        "version": "1.9.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "io-stream",
+          "ecosystem": "RubyGems"
+        },
+        "version": "0.6.1"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-9m3q-rhmv-5q44",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "json",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.10.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "metrics",
+          "ecosystem": "RubyGems"
+        },
+        "version": "0.12.1"
+      }
     },
-    {},
     {
       "vulns": [
         {
@@ -85,18 +274,105 @@
           "id": "GHSA-wx95-c6cv-8532",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
-    },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {}
+      ],
+      "query": {
+        "package": {
+          "name": "nokogiri",
+          "ecosystem": "RubyGems"
+        },
+        "version": "1.18.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "process-daemon",
+          "ecosystem": "RubyGems"
+        },
+        "version": "1.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "protocol-hpack",
+          "ecosystem": "RubyGems"
+        },
+        "version": "1.5.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "protocol-http",
+          "ecosystem": "RubyGems"
+        },
+        "version": "0.49.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "protocol-http1",
+          "ecosystem": "RubyGems"
+        },
+        "version": "0.30.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "protocol-http2",
+          "ecosystem": "RubyGems"
+        },
+        "version": "0.22.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "racc",
+          "ecosystem": "RubyGems"
+        },
+        "version": "1.8.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "rainbow",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.2.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "rake",
+          "ecosystem": "RubyGems"
+        },
+        "version": "13.2.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "rubydns",
+          "ecosystem": "RubyGems"
+        },
+        "version": "2.0.2"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "traces",
+          "ecosystem": "RubyGems"
+        },
+        "version": "0.15.2"
+      }
+    }
   ]
 }
 
@@ -105,8 +381,24 @@
 [Test/cassette_TestCommand_MoreLockfiles/TestCommand_MoreLockfiles/packages.config - 1]
 {
   "results": [
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "Microsoft.CodeDom.Providers.DotNetCompilerPlatform",
+          "ecosystem": "NuGet"
+        },
+        "version": "1.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "Microsoft.Net.Compilers",
+          "ecosystem": "NuGet"
+        },
+        "version": "1.0.0"
+      }
+    }
   ]
 }
 
@@ -115,7 +407,15 @@
 [Test/cassette_TestCommand_MoreLockfiles/TestCommand_MoreLockfiles/packages.lock.json - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "Newtonsoft.Json",
+          "ecosystem": "NuGet"
+        },
+        "version": "13.0.3"
+      }
+    }
   ]
 }
 
@@ -124,10 +424,42 @@
 [Test/cassette_TestCommand_MoreLockfiles/TestCommand_MoreLockfiles/stack.yaml.lock - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "fuzzyset",
+          "ecosystem": "Hackage"
+        },
+        "version": "0.2.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "hasql-pool",
+          "ecosystem": "Hackage"
+        },
+        "version": "1.0.1"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "jose-jwt",
+          "ecosystem": "Hackage"
+        },
+        "version": "0.10.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "postgresql-libpq",
+          "ecosystem": "Hackage"
+        },
+        "version": "0.10.1.0"
+      }
+    }
   ]
 }
 
@@ -136,7 +468,15 @@
 [Test/cassette_TestCommand_MoreLockfiles/TestCommand_MoreLockfiles/uv.lock - 1]
 {
   "results": [
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "emoji",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.14.0"
+      }
+    },
     {
       "vulns": [
         {
@@ -147,7 +487,14 @@
           "id": "GHSA-8qvm-5x2c-j2w7",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "protobuf",
+          "ecosystem": "PyPI"
+        },
+        "version": "4.25.5"
+      }
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_Transitive.snap b/tools/apitester/__snapshots__/cassette_TestCommand_Transitive.snap
index ce816a27e42..bb5f0784fbb 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_Transitive.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_Transitive.snap
@@ -2,7 +2,15 @@
 [Test/cassette_TestCommand_Transitive/TestCommand_Transitive/does_not_scan_transitive_dependencies_for_pom.xml_with_no-resolve - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-web",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
+    }
   ]
 }
 
@@ -45,7 +53,14 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.11.29"
+      }
     },
     {
       "vulns": [
@@ -55,13 +70,20 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0.0"
+      }
     },
     {
       "vulns": [
@@ -83,9 +105,16 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "requests",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.20.0"
+      }
     }
   ]
 }
@@ -103,13 +132,20 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0.0"
+      }
     },
     {
       "vulns": [
@@ -145,7 +181,14 @@
           "id": "PYSEC-2024-71",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask-cors",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0.0"
+      }
     },
     {
       "vulns": [
@@ -153,7 +196,14 @@
           "id": "PYSEC-2020-73",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "pandas",
+          "ecosystem": "PyPI"
+        },
+        "version": "0.23.4"
+      }
     }
   ]
 }
@@ -163,70 +213,525 @@
 [Test/cassette_TestCommand_Transitive/TestCommand_Transitive/resolves_transitive_dependencies_with_native_data_source - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:animated-vector-drawable",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:appcompat-v7",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:mediarouter-v7",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:palette-v7",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:support-annotations",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:support-v4",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:support-vector-drawable",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-ads",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-ads-lite",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-analytics",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-analytics-impl",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-appinvite",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-auth",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-auth-base",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-awareness",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-base",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-cm6r-892j-jv2g",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
-    },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+      ],
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-basement",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-cast",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-cast-framework",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-clearcut",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-drive",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-fitness",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-games",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-gass",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-gcm",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-identity",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-iid",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-instantapps",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-location",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-maps",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-nearby",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-panorama",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-places",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-plus",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-safetynet",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-tagmanager",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-tagmanager-api",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-tagmanager-v4-impl",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-tasks",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-vision",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-wallet",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-wearable",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-analytics",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-analytics-impl",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-appindexing",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-auth",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-common",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-config",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-crash",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-database",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-database-connection",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-iid",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-messaging",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-storage",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-storage-common",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-api",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
+    },
     {
       "vulns": [
         {
@@ -249,9 +754,24 @@
           "id": "GHSA-vc5p-v9hr-52mj",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-core",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
     },
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-web",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
+    }
   ]
 }
 
@@ -294,7 +814,14 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.11.29"
+      }
     },
     {
       "vulns": [
@@ -304,15 +831,30 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "numpy",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.3.1"
+      }
     },
-    {},
     {
       "vulns": [
         {
@@ -333,9 +875,16 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "requests",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.20.0"
+      }
     }
   ]
 }
@@ -345,70 +894,525 @@
 [Test/cassette_TestCommand_Transitive/TestCommand_Transitive/scans_dependencies_from_multiple_registries - 1]
 {
   "results": [
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:animated-vector-drawable",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:appcompat-v7",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:mediarouter-v7",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:palette-v7",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:support-annotations",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:support-v4",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.android.support:support-vector-drawable",
+          "ecosystem": "Maven"
+        },
+        "version": "24.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-ads",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-ads-lite",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-analytics",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-analytics-impl",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-appinvite",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-auth",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-auth-base",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-awareness",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-base",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
     {
       "vulns": [
         {
           "id": "GHSA-cm6r-892j-jv2g",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
-    },
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
-    {},
+      ],
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-basement",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-cast",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-cast-framework",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-clearcut",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-drive",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-fitness",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-games",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-gass",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-gcm",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-identity",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-iid",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-instantapps",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-location",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-maps",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-nearby",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-panorama",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-places",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-plus",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-safetynet",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-tagmanager",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-tagmanager-api",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-tagmanager-v4-impl",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-tasks",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-vision",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-wallet",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.android.gms:play-services-wearable",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-analytics",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-analytics-impl",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-appindexing",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-auth",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-common",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-config",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-crash",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-database",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-database-connection",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-iid",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-messaging",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-storage",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "com.google.firebase:firebase-storage-common",
+          "ecosystem": "Maven"
+        },
+        "version": "10.0.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-api",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
+    },
     {
       "vulns": [
         {
@@ -431,9 +1435,24 @@
           "id": "GHSA-vc5p-v9hr-52mj",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-core",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
     },
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-web",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
+    }
   ]
 }
 
@@ -448,9 +1467,24 @@
           "id": "GHSA-269g-pwp5-87pp",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "junit:junit",
+          "ecosystem": "Maven"
+        },
+        "version": "4.12"
+      }
     },
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "org.hamcrest:hamcrest-core",
+          "ecosystem": "Maven"
+        },
+        "version": "1.3"
+      }
+    }
   ]
 }
 
@@ -459,7 +1493,15 @@
 [Test/cassette_TestCommand_Transitive/TestCommand_Transitive/scans_transitive_dependencies_by_specifying_pom.xml - 1]
 {
   "results": [
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-api",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
+    },
     {
       "vulns": [
         {
@@ -482,9 +1524,24 @@
           "id": "GHSA-vc5p-v9hr-52mj",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-core",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
     },
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-web",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
+    }
   ]
 }
 
@@ -493,7 +1550,15 @@
 [Test/cassette_TestCommand_Transitive/TestCommand_Transitive/scans_transitive_dependencies_for_pom.xml_by_default - 1]
 {
   "results": [
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-api",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
+    },
     {
       "vulns": [
         {
@@ -516,9 +1581,24 @@
           "id": "GHSA-vc5p-v9hr-52mj",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-core",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
     },
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-web",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      }
+    }
   ]
 }
 
@@ -527,9 +1607,33 @@
 [Test/cassette_TestCommand_Transitive/TestCommand_Transitive/uses_native_data_source_for_requirements.txt - 1]
 {
   "results": [
-    {},
-    {},
-    {},
+    {
+      "query": {
+        "package": {
+          "name": "certifi",
+          "ecosystem": "PyPI"
+        },
+        "version": "2025.10.5"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "chardet",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.0.4"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "click",
+          "ecosystem": "PyPI"
+        },
+        "version": "8.3.0"
+      }
+    },
     {
       "vulns": [
         {
@@ -564,7 +1668,14 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.11.29"
+      }
     },
     {
       "vulns": [
@@ -574,13 +1685,20 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2025>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0"
+      }
     },
     {
       "vulns": [
@@ -590,14 +1708,53 @@
         },
         {
           "id": "PYSEC-2024-60",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2024>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "idna",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.7"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "itsdangerous",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.2.0"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "jinja2",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.6"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "markupsafe",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.0.3"
+      }
+    },
+    {
+      "query": {
+        "package": {
+          "name": "pytz",
+          "ecosystem": "PyPI"
+        },
+        "version": "2025.2"
+      }
     },
-    {},
-    {},
-    {},
-    {},
     {
       "vulns": [
         {
@@ -618,9 +1775,16 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "requests",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.20.0"
+      }
     },
     {
       "vulns": [
@@ -666,13 +1830,20 @@
         },
         {
           "id": "PYSEC-2023-192",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         },
         {
           "id": "PYSEC-2023-212",
-          "modified": "<RFC3339 date with the year 2026>"
+          "modified": "<RFC3339 date with the year 2023>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "urllib3",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.24.3"
+      }
     },
     {
       "vulns": [
@@ -688,7 +1859,14 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "package": {
+          "name": "werkzeug",
+          "ecosystem": "PyPI"
+        },
+        "version": "3.1.3"
+      }
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OffLinux.snap b/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OffLinux.snap
index 1045a195aab..5c2d9550002 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OffLinux.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OffLinux.snap
@@ -2,7 +2,15 @@
 [Test/cassette_TestCommand_WithDetector_OffLinux/TestCommand_WithDetector_OffLinux/ssh_version_errors - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -11,7 +19,15 @@
 [Test/cassette_TestCommand_WithDetector_OffLinux/TestCommand_WithDetector_OffLinux/ssh_version_is_after_last_vuln_version - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -20,7 +36,15 @@
 [Test/cassette_TestCommand_WithDetector_OffLinux/TestCommand_WithDetector_OffLinux/ssh_version_is_before_first_vuln_version - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OnLinux.snap b/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OnLinux.snap
index 24522cb11d2..506552aa1b4 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OnLinux.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OnLinux.snap
@@ -2,7 +2,15 @@
 [Test/cassette_TestCommand_WithDetector_OnLinux/TestCommand_WithDetector_OnLinux/ssh_version_errors - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -11,7 +19,15 @@
 [Test/cassette_TestCommand_WithDetector_OnLinux/TestCommand_WithDetector_OnLinux/ssh_version_is_after_last_vuln_version - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
@@ -20,7 +36,15 @@
 [Test/cassette_TestCommand_WithDetector_OnLinux/TestCommand_WithDetector_OnLinux/ssh_version_is_before_first_vuln_version - 1]
 {
   "results": [
-    {}
+    {
+      "query": {
+        "package": {
+          "name": "sentry/sdk",
+          "ecosystem": "Packagist"
+        },
+        "version": "2.0.4"
+      }
+    }
   ]
 }
 
diff --git a/tools/apitester/__snapshots__/cassette_batch_query.snap b/tools/apitester/__snapshots__/cassette_batch_query.snap
index 059b9c07312..0d8248dc9b3 100644
--- a/tools/apitester/__snapshots__/cassette_batch_query.snap
+++ b/tools/apitester/__snapshots__/cassette_batch_query.snap
@@ -31,12 +31,11 @@
         {
           "id": "CVE-2024-7254",
           "modified": "<RFC3339 date with the year 2026>"
-        },
-        {
-          "id": "CVE-2025-4565",
-          "modified": "<RFC3339 date with the year 2026>"
         }
-      ]
+      ],
+      "query": {
+        "commit": "17b30e96476be70b8773b2b807bab857fd3ceb39"
+      }
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_single_query.snap b/tools/apitester/__snapshots__/cassette_single_query.snap
index 7d4c9e9d441..6eb75391e72 100755
--- a/tools/apitester/__snapshots__/cassette_single_query.snap
+++ b/tools/apitester/__snapshots__/cassette_single_query.snap
@@ -93,15 +93,15 @@
       "references": [
         {
           "type": "WEB",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"
         },
         {
           "type": "WEB",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"
         },
         {
           "type": "WEB",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"
         },
         {
           "type": "ADVISORY",
@@ -190,19 +190,19 @@
       "references": [
         {
           "type": "WEB",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547/"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3/"
         },
         {
           "type": "WEB",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3/"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://github.com/harfbuzz/harfbuzz/blob/2822b589bc837fae6f66233e2cf2eef0f6ce8470/src/hb-ot-layout-gsubgpos.hh"
+          "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
+          "url": "https://github.com/harfbuzz/harfbuzz/blob/2822b589bc837fae6f66233e2cf2eef0f6ce8470/src/hb-ot-layout-gsubgpos.hh"
         },
         {
           "type": "FIX",
@@ -265,7 +265,8 @@
         "MGASA-2026-0015",
         "SUSE-SU-2026:0287-1",
         "SUSE-SU-2026:20762-1",
-        "openSUSE-SU-2026:10065-1"
+        "openSUSE-SU-2026:10065-1",
+        "openSUSE-SU-2026:20409-1"
       ],
       "database_specific": "<Any value>",
       "references": [
@@ -281,6 +282,10 @@
           "type": "ADVISORY",
           "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/22xxx/CVE-2026-22693.json"
         },
+        {
+          "type": "FIX",
+          "url": "https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae"
+        },
         {
           "type": "ADVISORY",
           "url": "https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww"
@@ -288,10 +293,6 @@
         {
           "type": "ADVISORY",
           "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22693"
-        },
-        {
-          "type": "FIX",
-          "url": "https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae"
         }
       ],
       "affected": [
@@ -345,7 +346,7 @@
       "id": "OSV-2020-484",
       "summary": "Heap-buffer-overflow in AAT::KerxSubTableFormat4\u003cAAT::KerxSubTableHeader\u003e::driver_context_t::transition",
       "details": "OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12532\n\n```\nCrash type: Heap-buffer-overflow READ 4\nCrash state:\nAAT::KerxSubTableFormat4\u003cAAT::KerxSubTableHeader\u003e::driver_context_t::transition\nvoid AAT::StateTableDriver\u003cAAT::ExtendedTypes, AAT::KerxSubTableFormat4\u003cAAT::Ker\nAAT::KerxSubTableFormat4\u003cAAT::KerxSubTableHeader\u003e::apply\n```\n",
-      "modified": "<RFC3339 date with the year 2026>",
+      "modified": "<RFC3339 date with the year 2022>",
       "published": "2020-07-01T00:00:12.297418Z",
       "references": [
         {
@@ -381,9 +382,12 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.5"
+      "schema_version": "1.7.3"
     }
-  ]
+  ],
+  "query": {
+    "commit": "6879efc2c1596d11a6a6ad296f80063b558d5e0f"
+  }
 }
 
 ---
@@ -753,7 +757,7 @@
       "summary": "HSTS subdomain overwrites parent cache entry",
       "details": "When curl is asked to use HSTS, the expiry time for a subdomain might\noverwrite a parent domain's cache entry, making it end sooner or later than\notherwise intended.\n\nThis affects curl using applications that enable HSTS and use URLs with the\ninsecure `HTTP://` scheme and perform transfers with hosts like\n`x.example.com` as well as `example.com` where the first host is a subdomain\nof the second host.\n\n(The HSTS cache either needs to have been populated manually or there needs to\nhave been previous HTTPS accesses done as the cache needs to have entries for\nthe domains involved to trigger this problem.)\n\nWhen `x.example.com` responds with `Strict-Transport-Security:` headers, this\nbug can make the subdomain's expiry timeout *bleed over* and get set for the\nparent domain `example.com` in curl's HSTS cache.\n\nThe result of a triggered bug is that HTTP accesses to `example.com` get\nconverted to HTTPS for a different period of time than what was asked for by\nthe origin server. If `example.com` for example stops supporting HTTPS at its\nexpiry time, curl might then fail to access `http://example.com` until the\n(wrongly set) timeout expires. This bug can also expire the parent's entry\n*earlier*, thus making curl inadvertently switch back to insecure HTTP earlier\nthan otherwise intended.",
       "aliases": ["CVE-2024-9681"],
-      "modified": "<RFC3339 date with the year 2026>",
+      "modified": "<RFC3339 date with the year 2024>",
       "published": "2024-11-05T08:00:00Z",
       "database_specific": "<Any value>",
       "affected": [
@@ -1419,6 +1423,10 @@
       "published": "2024-02-03T14:15:50.850Z",
       "related": ["CGA-jhf8-hfv6-c8cj", "openSUSE-SU-2024:13637-1"],
       "references": [
+        {
+          "type": "ADVISORY",
+          "url": "https://security.netapp.com/advisory/ntap-20240503-0012/"
+        },
         {
           "type": "ADVISORY",
           "url": "https://curl.se/docs/CVE-2024-0853.html"
@@ -1435,10 +1443,6 @@
           "type": "ADVISORY",
           "url": "https://security.netapp.com/advisory/ntap-20240426-0009/"
         },
-        {
-          "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20240503-0012/"
-        },
         {
           "type": "REPORT",
           "url": "https://hackerone.com/reports/2298922"
@@ -1572,23 +1576,23 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20240524-0006/"
+          "url": "https://support.apple.com/kb/HT214119"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214118"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214120"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2004.json"
+          "url": "https://curl.se/docs/CVE-2024-2004.html"
         },
         {
           "type": "ADVISORY",
@@ -1596,27 +1600,27 @@
         },
         {
           "type": "ADVISORY",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/"
+          "url": "https://support.apple.com/kb/HT214118"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214119"
+          "url": "https://support.apple.com/kb/HT214120"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
+          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/1"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
+          "url": "https://curl.se/docs/CVE-2024-2004.json"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/1"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2004.html"
+          "url": "https://security.netapp.com/advisory/ntap-20240524-0006/"
         },
         {
           "type": "REPORT",
@@ -1667,43 +1671,43 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
+          "url": "https://curl.se/docs/CVE-2024-2379.json"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
+          "url": "https://security.netapp.com/advisory/ntap-20240531-0001/"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/2"
+          "url": "https://support.apple.com/kb/HT214118"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2379.json"
+          "url": "https://support.apple.com/kb/HT214119"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214118"
+          "url": "https://support.apple.com/kb/HT214120"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214119"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2379.html"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20240531-0001/"
+          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/2"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214120"
+          "url": "https://curl.se/docs/CVE-2024-2379.html"
         },
         {
           "type": "REPORT",
@@ -1761,27 +1765,27 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
+          "url": "https://curl.se/docs/CVE-2024-2398.html"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/3"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2398.html"
+          "url": "https://support.apple.com/kb/HT214118"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2398.json"
+          "url": "https://support.apple.com/kb/HT214119"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20240503-0009/"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
+          "url": "https://curl.se/docs/CVE-2024-2398.json"
         },
         {
           "type": "ADVISORY",
@@ -1789,23 +1793,23 @@
         },
         {
           "type": "ADVISORY",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/"
+          "url": "https://security.netapp.com/advisory/ntap-20240503-0009/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214118"
+          "url": "https://support.apple.com/kb/HT214120"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214119"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214120"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
+          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/3"
         },
         {
           "type": "REPORT",
@@ -1856,19 +1860,19 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214120"
+          "url": "https://support.apple.com/kb/HT214118"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2466.html"
+          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/4"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214118"
+          "url": "https://curl.se/docs/CVE-2024-2466.html"
         },
         {
           "type": "ADVISORY",
@@ -1876,15 +1880,15 @@
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
+          "url": "https://support.apple.com/kb/HT214120"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/4"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
         },
         {
           "type": "ADVISORY",
@@ -2093,23 +2097,23 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2024/09/11/1"
+          "url": "https://curl.se/docs/CVE-2024-8096.html"
         },
         {
           "type": "ADVISORY",
-          "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00008.html"
+          "url": "https://curl.se/docs/CVE-2024-8096.json"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20241011-0005/"
+          "url": "http://www.openwall.com/lists/oss-security/2024/09/11/1"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-8096.html"
+          "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00008.html"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-8096.json"
+          "url": "https://security.netapp.com/advisory/ntap-20241011-0005/"
         },
         {
           "type": "REPORT",
@@ -2169,51 +2173,51 @@
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/4"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/12"
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/5"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/13"
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/8"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/4"
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/10"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/8"
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/12"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/9"
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/13"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/10"
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/9"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/5"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-9681.json"
+          "url": "https://security.netapp.com/advisory/ntap-20241213-0006/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20241213-0006/"
+          "url": "https://curl.se/docs/CVE-2024-9681.json"
         },
         {
           "type": "FIX",
-          "url": "https://hackerone.com/reports/2764830"
+          "url": "http://www.openwall.com/lists/oss-security/2024/11/06/2"
         },
         {
           "type": "FIX",
-          "url": "http://www.openwall.com/lists/oss-security/2024/11/06/2"
+          "url": "https://curl.se/docs/CVE-2024-9681.html"
         },
         {
           "type": "FIX",
-          "url": "https://curl.se/docs/CVE-2024-9681.html"
+          "url": "https://hackerone.com/reports/2764830"
         }
       ],
       "affected": [
@@ -2263,15 +2267,15 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20250306-0008/"
+          "url": "https://curl.se/docs/CVE-2025-0167.html"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2025-0167.html"
+          "url": "https://curl.se/docs/CVE-2025-0167.json"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2025-0167.json"
+          "url": "https://security.netapp.com/advisory/ntap-20250306-0008/"
         },
         {
           "type": "REPORT",
@@ -2323,23 +2327,23 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2025/02/05/2"
+          "url": "https://curl.se/docs/CVE-2025-0665.html"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2025/02/05/5"
+          "url": "https://curl.se/docs/CVE-2025-0665.json"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20250306-0007/"
+          "url": "http://www.openwall.com/lists/oss-security/2025/02/05/2"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2025-0665.html"
+          "url": "http://www.openwall.com/lists/oss-security/2025/02/05/5"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2025-0665.json"
+          "url": "https://security.netapp.com/advisory/ntap-20250306-0007/"
         },
         {
           "type": "REPORT",
@@ -2371,7 +2375,7 @@
       "severity": [
         {
           "type": "CVSS_V3",
-          "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"
+          "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
         }
       ]
     },
@@ -2413,15 +2417,15 @@
         },
         {
           "type": "ARTICLE",
-          "url": "http://www.openwall.com/lists/oss-security/2025/02/06/2"
+          "url": "http://www.openwall.com/lists/oss-security/2025/02/05/3"
         },
         {
           "type": "ARTICLE",
-          "url": "http://www.openwall.com/lists/oss-security/2025/02/06/4"
+          "url": "http://www.openwall.com/lists/oss-security/2025/02/06/2"
         },
         {
           "type": "ARTICLE",
-          "url": "http://www.openwall.com/lists/oss-security/2025/02/05/3"
+          "url": "http://www.openwall.com/lists/oss-security/2025/02/06/4"
         }
       ],
       "affected": [
@@ -2673,11 +2677,11 @@
         },
         {
           "type": "FIX",
-          "url": "http://www.openwall.com/lists/oss-security/2026/01/07/5"
+          "url": "https://curl.se/docs/CVE-2025-14819.html"
         },
         {
           "type": "FIX",
-          "url": "https://curl.se/docs/CVE-2025-14819.html"
+          "url": "http://www.openwall.com/lists/oss-security/2026/01/07/5"
         }
       ],
       "affected": [
@@ -2740,11 +2744,11 @@
         },
         {
           "type": "FIX",
-          "url": "http://www.openwall.com/lists/oss-security/2026/01/07/6"
+          "url": "https://curl.se/docs/CVE-2025-15079.html"
         },
         {
           "type": "FIX",
-          "url": "https://curl.se/docs/CVE-2025-15079.html"
+          "url": "http://www.openwall.com/lists/oss-security/2026/01/07/6"
         }
       ],
       "affected": [
@@ -2806,11 +2810,11 @@
         },
         {
           "type": "FIX",
-          "url": "http://www.openwall.com/lists/oss-security/2026/01/07/7"
+          "url": "https://curl.se/docs/CVE-2025-15224.html"
         },
         {
           "type": "FIX",
-          "url": "https://curl.se/docs/CVE-2025-15224.html"
+          "url": "http://www.openwall.com/lists/oss-security/2026/01/07/7"
         }
       ],
       "affected": [
@@ -2856,15 +2860,15 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2025/05/28/5"
+          "url": "https://curl.se/docs/CVE-2025-5025.html"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2025-5025.html"
+          "url": "https://curl.se/docs/CVE-2025-5025.json"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2025-5025.json"
+          "url": "http://www.openwall.com/lists/oss-security/2025/05/28/5"
         },
         {
           "type": "REPORT",
@@ -2915,7 +2919,8 @@
         "SUSE-SU-2026:20668-1",
         "SUSE-SU-2026:20722-1",
         "SUSE-SU-2026:20760-1",
-        "openSUSE-SU-2026:10371-1"
+        "openSUSE-SU-2026:10371-1",
+        "openSUSE-SU-2026:20404-1"
       ],
       "references": [
         {
@@ -2944,7 +2949,7 @@
               "database_specific": "<Any value>"
             }
           ],
-          "versions": 181,
+          "versions": 178,
           "database_specific": "<Any value>"
         }
       ],
@@ -2971,16 +2976,17 @@
         "SUSE-SU-2026:20668-1",
         "SUSE-SU-2026:20722-1",
         "SUSE-SU-2026:20760-1",
-        "openSUSE-SU-2026:10371-1"
+        "openSUSE-SU-2026:10371-1",
+        "openSUSE-SU-2026:20404-1"
       ],
       "references": [
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2026/03/11/2"
+          "url": "https://curl.se/docs/CVE-2026-3783.json"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2026-3783.json"
+          "url": "http://www.openwall.com/lists/oss-security/2026/03/11/2"
         },
         {
           "type": "REPORT",
@@ -3008,7 +3014,7 @@
               "database_specific": "<Any value>"
             }
           ],
-          "versions": 116,
+          "versions": 113,
           "database_specific": "<Any value>"
         }
       ],
@@ -3035,16 +3041,17 @@
         "SUSE-SU-2026:20668-1",
         "SUSE-SU-2026:20722-1",
         "SUSE-SU-2026:20760-1",
-        "openSUSE-SU-2026:10371-1"
+        "openSUSE-SU-2026:10371-1",
+        "openSUSE-SU-2026:20404-1"
       ],
       "references": [
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2026/03/11/3"
+          "url": "https://curl.se/docs/CVE-2026-3784.json"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2026-3784.json"
+          "url": "http://www.openwall.com/lists/oss-security/2026/03/11/3"
         },
         {
           "type": "REPORT",
@@ -3072,7 +3079,7 @@
               "database_specific": "<Any value>"
             }
           ],
-          "versions": 207,
+          "versions": 204,
           "database_specific": "<Any value>"
         }
       ],
@@ -3084,7 +3091,14 @@
         }
       ]
     }
-  ]
+  ],
+  "query": {
+    "package": {
+      "name": "https://github.com/curl/curl.git",
+      "ecosystem": "GIT"
+    },
+    "version": "8.5.0"
+  }
 }
 
 ---
@@ -3092,7 +3106,13 @@
 [Test/cassette_single_query/TestQueryEndpoint/Invalid1 - 1]
 {
   "code": 3,
-  "message": "version specified in params and PURL query"
+  "message": "version specified in params and PURL query",
+  "query": {
+    "package": {
+      "purl": "pkg:pypi/jinja2@3.1.4"
+    },
+    "version": "3.1.4"
+  }
 }
 
 ---
@@ -3388,7 +3408,14 @@
         }
       ]
     }
-  ]
+  ],
+  "query": {
+    "package": {
+      "name": "nokogiri",
+      "ecosystem": "RubyGems"
+    },
+    "version": "1.18.2"
+  }
 }
 
 ---
@@ -3455,7 +3482,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.5",
+      "schema_version": "1.7.3",
       "severity": [
         {
           "type": "CVSS_V4",
@@ -3522,7 +3549,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.5",
+      "schema_version": "1.7.3",
       "severity": [
         {
           "type": "CVSS_V3",
@@ -3593,7 +3620,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.5",
+      "schema_version": "1.7.3",
       "severity": [
         {
           "type": "CVSS_V3",
@@ -3605,7 +3632,14 @@
         }
       ]
     }
-  ]
+  ],
+  "query": {
+    "package": {
+      "name": "jinja2",
+      "ecosystem": "PyPI"
+    },
+    "version": "3.1.4"
+  }
 }
 
 ---
@@ -3672,7 +3706,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.5",
+      "schema_version": "1.7.3",
       "severity": [
         {
           "type": "CVSS_V4",
@@ -3739,7 +3773,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.5",
+      "schema_version": "1.7.3",
       "severity": [
         {
           "type": "CVSS_V3",
@@ -3810,7 +3844,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.5",
+      "schema_version": "1.7.3",
       "severity": [
         {
           "type": "CVSS_V3",
@@ -3822,7 +3856,12 @@
         }
       ]
     }
-  ]
+  ],
+  "query": {
+    "package": {
+      "purl": "pkg:pypi/jinja2@3.1.4"
+    }
+  }
 }
 
 ---
@@ -3889,7 +3928,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.5",
+      "schema_version": "1.7.3",
       "severity": [
         {
           "type": "CVSS_V4",
@@ -3956,7 +3995,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.5",
+      "schema_version": "1.7.3",
       "severity": [
         {
           "type": "CVSS_V3",
@@ -4027,7 +4066,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.5",
+      "schema_version": "1.7.3",
       "severity": [
         {
           "type": "CVSS_V3",
@@ -4039,7 +4078,13 @@
         }
       ]
     }
-  ]
+  ],
+  "query": {
+    "package": {
+      "purl": "pkg:pypi/jinja2"
+    },
+    "version": "3.1.4"
+  }
 }
 
 ---
diff --git a/tools/apitester/main_test.go b/tools/apitester/main_test.go
index 3aa82bfeaa8..68cefaf12f3 100644
--- a/tools/apitester/main_test.go
+++ b/tools/apitester/main_test.go
@@ -12,6 +12,7 @@ import (
 	"github.com/google/apitester/internal/jsonreplace"
 	"github.com/google/apitester/internal/vcr"
 	"github.com/tidwall/gjson"
+	"github.com/tidwall/sjson"
 	"github.com/tidwall/pretty"
 )
 
@@ -79,7 +80,7 @@ func jsonReplaceRules(t *testing.T, resp *http.Response) []jsonreplace.Rule {
 	}
 }
 
-func normalizeJSONBody(t *testing.T, resp *http.Response) string {
+func normalizeJSONBody(t *testing.T, reqBody []byte, resp *http.Response) string {
 	t.Helper()
 
 	body, err := io.ReadAll(resp.Body)
@@ -90,6 +91,25 @@ func normalizeJSONBody(t *testing.T, resp *http.Response) string {
 
 	body = jsonreplace.DoBytes(t, body, jsonReplaceRules(t, resp))
 
+	if resp.Request.URL.Path == "/v1/query" {
+		if len(reqBody) > 0 {
+			res, err := sjson.SetRawBytes(body, "query", reqBody)
+			if err == nil {
+				body = res
+			}
+		}
+	} else if resp.Request.URL.Path == "/v1/querybatch" {
+		queries := gjson.GetBytes(reqBody, "queries")
+		if queries.IsArray() {
+			for i, query := range queries.Array() {
+				res, err := sjson.SetRawBytes(body, fmt.Sprintf("results.%d.query", i), []byte(query.Raw))
+				if err == nil {
+					body = res
+				}
+			}
+		}
+	}
+
 	return string(pretty.Pretty(body))
 }
 
@@ -105,8 +125,9 @@ func Test(t *testing.T) {
 				t.Run(vcr.DetermineInteractionName(interaction), func(t *testing.T) {
 					t.Parallel()
 
+					reqBody := []byte(interaction.Request.Body)
 					resp := vcr.Play(t, interaction)
-					body := normalizeJSONBody(t, resp)
+					body := normalizeJSONBody(t, reqBody, resp)
 
 					resp.Body.Close()
 

From 9677eb8e3ba2e1dfc24dd65cd952038150763f28 Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Mon, 30 Mar 2026 02:18:48 +0000
Subject: [PATCH 2/4] feat: inject original query into apitester snapshots

Modifies `normalizeJSONBody` in `tools/apitester/main_test.go` to accept the request body and include the `query` object directly alongside the results in the snapshot output. For single queries, the query is added as a top-level field. For batch queries, each individual query is injected into its corresponding entry in the `results` array. This makes it easier to trace test failures and review data quality by directly mapping responses back to the original request payload. Updated snapshot files to reflect these structural changes.

This also addresses formatting (gofmt) and staticcheck (`QF1003`) issues found in the initial CI run.

Co-authored-by: another-rex <106129829+another-rex@users.noreply.github.com>
---
 tools/apitester/main_test.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/tools/apitester/main_test.go b/tools/apitester/main_test.go
index 68cefaf12f3..2c34a8260cb 100644
--- a/tools/apitester/main_test.go
+++ b/tools/apitester/main_test.go
@@ -12,8 +12,8 @@ import (
 	"github.com/google/apitester/internal/jsonreplace"
 	"github.com/google/apitester/internal/vcr"
 	"github.com/tidwall/gjson"
-	"github.com/tidwall/sjson"
 	"github.com/tidwall/pretty"
+	"github.com/tidwall/sjson"
 )
 
 var (
@@ -91,14 +91,15 @@ func normalizeJSONBody(t *testing.T, reqBody []byte, resp *http.Response) string
 
 	body = jsonreplace.DoBytes(t, body, jsonReplaceRules(t, resp))
 
-	if resp.Request.URL.Path == "/v1/query" {
+	switch resp.Request.URL.Path {
+	case "/v1/query":
 		if len(reqBody) > 0 {
 			res, err := sjson.SetRawBytes(body, "query", reqBody)
 			if err == nil {
 				body = res
 			}
 		}
-	} else if resp.Request.URL.Path == "/v1/querybatch" {
+	case "/v1/querybatch":
 		queries := gjson.GetBytes(reqBody, "queries")
 		if queries.IsArray() {
 			for i, query := range queries.Array() {

From 397f78b8b455f8d44c5afb6cbe84cd6f8ff2df74 Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Mon, 30 Mar 2026 02:35:49 +0000
Subject: [PATCH 3/4] fix: inject "vulns": [] when no vulnerabilities exist

Addresses PR feedback by injecting an explicit `"vulns": []` field in the API snapshot output for queries that return no vulnerabilities, improving clarity in the snapshots. Run `go mod tidy` as well.

Co-authored-by: another-rex <106129829+another-rex@users.noreply.github.com>
---
 .../__snapshots__/cassette_TestCommand.snap   | 1125 +++++++++++------
 .../cassette_TestCommandNonGit.snap           |    3 +-
 ...ssette_TestCommand_ExplicitExtractors.snap |   51 +-
 ...mmand_ExplicitExtractors_WithDefaults.snap |  288 +++--
 ...nd_ExplicitExtractors_WithoutDefaults.snap |   81 +-
 .../cassette_TestCommand_GithubActions.snap   |   12 +-
 .../cassette_TestCommand_HtmlFile.snap        |    3 +-
 ...cassette_TestCommand_JavareachArchive.snap |   78 +-
 .../cassette_TestCommand_Licenses.snap        |  261 ++--
 ...stCommand_LockfileWithExplicitParseAs.snap |   45 +-
 .../cassette_TestCommand_MoreLockfiles.snap   |  117 +-
 .../cassette_TestCommand_Transitive.snap      |  384 ++++--
 ...tte_TestCommand_WithDetector_OffLinux.snap |    9 +-
 ...ette_TestCommand_WithDetector_OnLinux.snap |    9 +-
 .../__snapshots__/cassette_single_query.snap  |    3 +-
 tools/apitester/main_test.go                  |   12 +
 16 files changed, 1658 insertions(+), 823 deletions(-)

diff --git a/tools/apitester/__snapshots__/cassette_TestCommand.snap b/tools/apitester/__snapshots__/cassette_TestCommand.snap
index b8cde420d2e..773ac24d9a8 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand.snap
@@ -9,7 +9,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -18,7 +19,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -35,7 +37,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -52,7 +55,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -69,7 +73,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -86,7 +91,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -103,7 +109,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -828,7 +835,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -837,7 +845,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -846,7 +855,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -855,7 +865,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -864,7 +875,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -873,7 +885,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -882,7 +895,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -891,7 +905,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -900,7 +915,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -924,7 +940,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -933,7 +950,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -942,7 +960,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1009,7 +1028,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1018,7 +1038,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1027,7 +1048,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1051,7 +1073,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1060,7 +1083,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1069,7 +1093,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1078,7 +1103,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1087,7 +1113,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1096,7 +1123,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1105,7 +1133,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1114,7 +1143,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1138,7 +1168,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1147,7 +1178,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1156,7 +1188,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1165,7 +1198,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1201,7 +1235,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1210,7 +1245,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1219,7 +1255,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1228,7 +1265,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1245,7 +1283,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1254,7 +1293,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1268,7 +1308,8 @@
       "query": {
         "commit": "4579d5538f06c5ef615a15bc67ebb9ac0523a973",
         "package": {}
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1290,7 +1331,8 @@
       "query": {
         "commit": "5d60bd2eb4642b64d00c845e5ca9f1ea41fd6db6",
         "package": {}
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1299,7 +1341,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1308,7 +1351,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1317,7 +1361,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1326,7 +1371,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1335,7 +1381,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1344,7 +1391,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1353,7 +1401,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1377,7 +1426,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1386,7 +1436,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1395,7 +1446,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1419,7 +1471,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1428,7 +1481,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1437,7 +1491,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1446,7 +1501,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1455,7 +1511,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1464,7 +1521,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1500,7 +1558,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1517,7 +1576,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1526,7 +1586,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1535,7 +1596,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1559,7 +1621,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1568,7 +1631,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1577,7 +1641,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1586,7 +1651,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1595,7 +1661,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1604,7 +1671,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1613,7 +1681,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1622,7 +1691,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1646,7 +1716,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1655,7 +1726,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1664,7 +1736,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1673,7 +1746,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1709,7 +1783,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1718,7 +1793,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1727,7 +1803,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1736,7 +1813,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1753,7 +1831,8 @@
           "ecosystem": "npm"
         },
         "version": "4.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1777,7 +1856,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1786,7 +1866,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1795,7 +1876,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1812,7 +1894,8 @@
           "ecosystem": "npm"
         },
         "version": "4.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1836,7 +1919,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1845,7 +1929,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1854,7 +1939,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1917,7 +2003,8 @@
           "ecosystem": "Debian"
         },
         "version": "3.115"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1926,7 +2013,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1935,7 +2023,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1944,7 +2033,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1953,7 +2043,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1962,7 +2053,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1971,7 +2063,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1980,7 +2073,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1989,7 +2083,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1998,7 +2093,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2007,7 +2103,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2016,7 +2113,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -2064,7 +2162,8 @@
           "ecosystem": "Debian"
         },
         "version": "9.9+deb9u13"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2073,7 +2172,8 @@
           "ecosystem": "Debian"
         },
         "version": "3.5.43"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -2101,7 +2201,8 @@
           "ecosystem": "Debian"
         },
         "version": "1:2.29.2-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2110,7 +2211,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2119,7 +2221,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2128,7 +2231,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2137,7 +2241,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2146,7 +2251,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -2182,7 +2288,8 @@
           "ecosystem": "Debian"
         },
         "version": "0.5.8-2.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2191,7 +2298,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.5.61"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -2215,7 +2323,8 @@
           "ecosystem": "Debian"
         },
         "version": "4.8.1.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2224,7 +2333,8 @@
           "ecosystem": "Debian"
         },
         "version": "1:3.5-3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2233,7 +2343,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.1.18-8~deb9u4"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -2273,7 +2384,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.43.4-2+deb9u2"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -2313,7 +2425,8 @@
           "ecosystem": "Debian"
         },
         "version": "4.6.0+git+20161106-2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2322,7 +2435,8 @@
           "ecosystem": "Debian"
         },
         "version": "6.3.0-18+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -2422,7 +2536,8 @@
           "ecosystem": "Go"
         },
         "version": "(devel)"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2431,7 +2546,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.1.18-8~deb9u4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2440,7 +2556,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.1.18-8~deb9u4"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -2468,7 +2585,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.1.18-8~deb9u4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2477,7 +2595,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.27-2"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -2505,7 +2624,8 @@
           "ecosystem": "Debian"
         },
         "version": "3.18+b1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2514,7 +2634,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.48"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2523,7 +2644,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.2.52-3+b1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2532,7 +2654,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.4.11"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2541,7 +2664,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.4.3-2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2550,7 +2674,8 @@
           "ecosystem": "Debian"
         },
         "version": "1:2.4.47-2+b2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2559,7 +2684,8 @@
           "ecosystem": "Debian"
         },
         "version": "1:2.6.7-2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2568,7 +2694,8 @@
           "ecosystem": "Debian"
         },
         "version": "1:2.6.7-2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2577,7 +2704,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.29.2-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2586,7 +2714,8 @@
           "ecosystem": "Debian"
         },
         "version": "0.8.3-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2595,7 +2724,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.0.6-8.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2604,7 +2734,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.24-11+deb9u4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2613,7 +2744,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.24-11+deb9u4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2622,7 +2754,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2631,7 +2764,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2640,7 +2774,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.24-11+deb9u4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2649,7 +2784,8 @@
           "ecosystem": "Debian"
         },
         "version": "0.7.7-3+b1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2658,7 +2794,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.43.4-2+deb9u2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2667,7 +2804,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2676,7 +2814,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2685,7 +2824,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2694,7 +2834,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2703,7 +2844,8 @@
           "ecosystem": "Debian"
         },
         "version": "5.3.28-12+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2712,7 +2854,8 @@
           "ecosystem": "Debian"
         },
         "version": "0.227"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2721,7 +2864,8 @@
           "ecosystem": "Debian"
         },
         "version": "3.1-20160903-3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2730,7 +2874,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.29.2-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2739,7 +2884,8 @@
           "ecosystem": "Debian"
         },
         "version": "3.2.1-6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2748,7 +2894,8 @@
           "ecosystem": "Debian"
         },
         "version": "1:6.3.0-18+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -2800,7 +2947,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.8.3-14"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2809,7 +2957,8 @@
           "ecosystem": "Debian"
         },
         "version": "2:6.1.2+dfsg-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2818,7 +2967,8 @@
           "ecosystem": "Debian"
         },
         "version": "3.5.8-5+deb9u6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2827,7 +2977,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.26-2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2836,7 +2987,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.15-1+deb9u3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2845,7 +2997,8 @@
           "ecosystem": "Debian"
         },
         "version": "3.3-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2854,7 +3007,8 @@
           "ecosystem": "Debian"
         },
         "version": "57.1-6+deb9u5"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2863,7 +3017,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.33-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2872,7 +3027,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.90-1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2881,7 +3037,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.15-1+deb9u3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2890,7 +3047,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.5.9-9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2899,7 +3057,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.15-1+deb9u3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2908,7 +3067,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.15-1+deb9u3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2917,7 +3077,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.3.5-2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2926,7 +3087,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.4.44+dfsg-5+deb9u8"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2935,7 +3097,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.4.44+dfsg-5+deb9u8"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2944,7 +3107,8 @@
           "ecosystem": "Debian"
         },
         "version": "1:6.0-1~bpo9+1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2953,7 +3117,8 @@
           "ecosystem": "Debian"
         },
         "version": "0.0~r131-2+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2962,7 +3127,8 @@
           "ecosystem": "Debian"
         },
         "version": "5.2.2-1.2+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2971,7 +3137,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.29.2-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2980,7 +3147,8 @@
           "ecosystem": "Debian"
         },
         "version": "6.0+20161126-1+deb9u2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2989,7 +3157,8 @@
           "ecosystem": "Debian"
         },
         "version": "6.0+20161126-1+deb9u2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -2998,7 +3167,8 @@
           "ecosystem": "Debian"
         },
         "version": "3.3-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3007,7 +3177,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.3-1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3016,7 +3187,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.1.3-1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3025,7 +3197,8 @@
           "ecosystem": "Debian"
         },
         "version": "0.23.3-2+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3034,7 +3207,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.1.8-3.6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3043,7 +3217,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.1.8-3.6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3052,7 +3227,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.1.8-3.6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3061,7 +3237,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.1.8-3.6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3070,7 +3247,8 @@
           "ecosystem": "Debian"
         },
         "version": "2:8.39-3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3079,7 +3257,8 @@
           "ecosystem": "Debian"
         },
         "version": "5.24.1-3+deb9u7"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3088,7 +3267,8 @@
           "ecosystem": "Debian"
         },
         "version": "14.2-1.pgdg90+1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3097,7 +3277,8 @@
           "ecosystem": "Debian"
         },
         "version": "7.0-3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3106,7 +3287,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.1.27~101-g0780600+dfsg-3+deb9u2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3115,7 +3297,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.1.27~101-g0780600+dfsg-3+deb9u2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3124,7 +3307,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.6-3+b3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3133,7 +3317,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.6-2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3142,7 +3327,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.6-2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3151,7 +3337,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.6-2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3160,7 +3347,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.29.2-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3169,7 +3357,8 @@
           "ecosystem": "Debian"
         },
         "version": "3.16.2-5+deb9u3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3178,7 +3367,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.43.4-2+deb9u2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3187,7 +3377,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.1.0l-1~deb9u5"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3196,7 +3387,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3205,7 +3397,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3214,7 +3407,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3223,7 +3417,8 @@
           "ecosystem": "Debian"
         },
         "version": "6.3.0-18+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3232,7 +3427,8 @@
           "ecosystem": "Debian"
         },
         "version": "232-25+deb9u13"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -3288,7 +3484,8 @@
           "ecosystem": "Debian"
         },
         "version": "6.0+20161126-1+deb9u2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3297,7 +3494,8 @@
           "ecosystem": "Debian"
         },
         "version": "232-25+deb9u13"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3306,7 +3504,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.0.4-6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3315,7 +3514,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.29.2-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -3603,7 +3803,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.1.29-2.1+deb9u2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3612,7 +3813,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.1.2-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3621,7 +3823,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.24-11+deb9u4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3630,7 +3833,8 @@
           "ecosystem": "Debian"
         },
         "version": "1:4.4-4.1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3639,7 +3843,8 @@
           "ecosystem": "Debian"
         },
         "version": "9.20161125"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -3663,7 +3868,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.29.2-1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3672,7 +3878,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.24-11+deb9u4"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -3711,7 +3918,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3720,7 +3928,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3729,7 +3938,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3738,7 +3948,8 @@
           "ecosystem": "Debian"
         },
         "version": "6.0+20161126-1+deb9u2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3747,7 +3958,8 @@
           "ecosystem": "Debian"
         },
         "version": "6.0+20161126-1+deb9u2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -3756,7 +3968,8 @@
           "ecosystem": "Debian"
         },
         "version": "5.4"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -4172,7 +4385,8 @@
           "ecosystem": "Debian"
         },
         "version": "1:4.4-4.1+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -4303,7 +4517,8 @@
           "ecosystem": "Debian"
         },
         "version": "5.24.1-3+deb9u7"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4312,7 +4527,8 @@
           "ecosystem": "Debian"
         },
         "version": "5.24.1-3+deb9u7"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4321,7 +4537,8 @@
           "ecosystem": "Debian"
         },
         "version": "2018.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4330,7 +4547,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.0.0-2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4339,7 +4557,8 @@
           "ecosystem": "OSS-Fuzz"
         },
         "version": "11.15"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -4391,7 +4610,8 @@
           "ecosystem": "Debian"
         },
         "version": "11.15-1.pgdg90+1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4400,7 +4620,8 @@
           "ecosystem": "Debian"
         },
         "version": "238.pgdg90+1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4409,7 +4630,8 @@
           "ecosystem": "Debian"
         },
         "version": "238.pgdg90+1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4418,7 +4640,8 @@
           "ecosystem": "Debian"
         },
         "version": "7.0-3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4427,7 +4650,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4436,7 +4660,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4445,7 +4670,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4454,7 +4680,8 @@
           "ecosystem": "Debian"
         },
         "version": "4.4-1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -4478,7 +4705,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.0.39"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4487,7 +4715,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4496,7 +4725,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4505,7 +4735,8 @@
           "ecosystem": "Debian"
         },
         "version": "2.88dsf-59.9"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -4817,7 +5048,8 @@
           "ecosystem": "Debian"
         },
         "version": "1:1.2.8.dfsg-5+deb9u1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -4826,7 +5058,8 @@
           "ecosystem": "Debian"
         },
         "version": "1.1.2-1+deb9u1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -5015,7 +5248,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5024,7 +5258,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5033,7 +5268,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5042,7 +5278,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5051,7 +5288,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5060,7 +5298,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5069,7 +5308,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5078,7 +5318,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -5095,7 +5336,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -5112,7 +5354,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5121,7 +5364,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -5138,7 +5382,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -5155,7 +5400,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -5172,7 +5418,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -5212,7 +5459,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -5229,7 +5477,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5238,7 +5487,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5247,7 +5497,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5256,7 +5507,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5265,7 +5517,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5274,7 +5527,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5283,7 +5537,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5292,7 +5547,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5301,7 +5557,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -5325,7 +5582,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5334,7 +5592,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5343,7 +5602,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -5387,7 +5647,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5396,7 +5657,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5405,7 +5667,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5414,7 +5677,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5423,7 +5687,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5432,7 +5697,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5441,7 +5707,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5450,7 +5717,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5459,7 +5727,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -5483,7 +5752,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5492,7 +5762,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5501,7 +5772,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -5545,7 +5817,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5554,7 +5827,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5563,7 +5837,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5572,7 +5847,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5581,7 +5857,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5590,7 +5867,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5599,7 +5877,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5608,7 +5887,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -5625,7 +5905,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5634,7 +5915,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5643,7 +5925,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5652,7 +5935,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5661,7 +5945,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5670,7 +5955,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5679,7 +5965,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5688,7 +5975,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -5705,7 +5993,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5714,7 +6003,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5723,7 +6013,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5732,7 +6023,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5741,7 +6033,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5750,7 +6043,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5759,7 +6053,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5768,7 +6063,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5777,7 +6073,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -5801,7 +6098,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5810,7 +6108,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5819,7 +6118,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -5863,7 +6163,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5872,7 +6173,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5881,7 +6183,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5890,7 +6193,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5899,7 +6203,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5908,7 +6213,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5917,7 +6223,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5926,7 +6233,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5935,7 +6243,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -5959,7 +6268,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5968,7 +6278,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -5977,7 +6288,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -6021,7 +6333,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -6076,7 +6389,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2025.10.5"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6085,7 +6399,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2025.10.5"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6094,7 +6409,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6103,7 +6419,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6112,7 +6429,8 @@
           "ecosystem": "PyPI"
         },
         "version": "8.3.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6121,7 +6439,8 @@
           "ecosystem": "PyPI"
         },
         "version": "8.3.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6130,7 +6449,8 @@
           "ecosystem": "PyPI"
         },
         "version": "8.3.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6139,7 +6459,8 @@
           "ecosystem": "PyPI"
         },
         "version": "8.3.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -6506,7 +6827,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.2.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6515,7 +6837,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.2.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6524,7 +6847,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.2.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6533,7 +6857,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.1.6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6542,7 +6867,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.1.6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6551,7 +6877,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.1.6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6560,7 +6887,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.0.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6569,7 +6897,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.0.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6578,7 +6907,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.0.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6587,7 +6917,8 @@
           "ecosystem": "PyPI"
         },
         "version": "1.1.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6596,7 +6927,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.3.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6605,7 +6937,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.3.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6614,7 +6947,8 @@
           "ecosystem": "PyPI"
         },
         "version": "25.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -6638,7 +6972,8 @@
           "ecosystem": "PyPI"
         },
         "version": "0.12.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6647,7 +6982,8 @@
           "ecosystem": "PyPI"
         },
         "version": "4.4.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6656,7 +6992,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2025.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6665,7 +7002,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2025.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6674,7 +7012,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2025.2"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -6760,7 +7099,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.2.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6769,7 +7109,8 @@
           "ecosystem": "PyPI"
         },
         "version": "4.15.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -6988,7 +7329,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2025.10.5"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -6997,7 +7339,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2025.10.5"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7006,7 +7349,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7015,7 +7359,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7024,7 +7369,8 @@
           "ecosystem": "PyPI"
         },
         "version": "8.3.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7033,7 +7379,8 @@
           "ecosystem": "PyPI"
         },
         "version": "8.3.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7042,7 +7389,8 @@
           "ecosystem": "PyPI"
         },
         "version": "8.3.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7051,7 +7399,8 @@
           "ecosystem": "PyPI"
         },
         "version": "8.3.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -7418,7 +7767,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.2.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7427,7 +7777,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.2.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7436,7 +7787,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.2.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7445,7 +7797,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.1.6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7454,7 +7807,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.1.6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7463,7 +7817,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.1.6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7472,7 +7827,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.0.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7481,7 +7837,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.0.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7490,7 +7847,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.0.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7499,7 +7857,8 @@
           "ecosystem": "PyPI"
         },
         "version": "1.1.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7508,7 +7867,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.3.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7517,7 +7877,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.3.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7526,7 +7887,8 @@
           "ecosystem": "PyPI"
         },
         "version": "25.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -7550,7 +7912,8 @@
           "ecosystem": "PyPI"
         },
         "version": "0.12.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7559,7 +7922,8 @@
           "ecosystem": "PyPI"
         },
         "version": "4.5.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7568,7 +7932,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2025.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7577,7 +7942,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2025.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7586,7 +7952,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2025.2"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -7672,7 +8039,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.3.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7681,7 +8049,8 @@
           "ecosystem": "PyPI"
         },
         "version": "4.15.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -7885,7 +8254,8 @@
           "ecosystem": "npm"
         },
         "version": "4.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -7909,7 +8279,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7918,7 +8289,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -7927,7 +8299,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -7944,7 +8317,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -7961,7 +8335,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommandNonGit.snap b/tools/apitester/__snapshots__/cassette_TestCommandNonGit.snap
index 66d610bd9c6..f193232e42a 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommandNonGit.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommandNonGit.snap
@@ -9,7 +9,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors.snap b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors.snap
index c872d921af5..5e5b9b309f5 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors.snap
@@ -24,7 +24,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -56,7 +57,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -96,7 +98,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -105,7 +108,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -114,7 +118,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -123,7 +128,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -132,7 +138,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -141,7 +148,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -150,7 +158,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -159,7 +168,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -168,7 +178,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -177,7 +188,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -186,7 +198,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -210,7 +223,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -219,7 +233,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -228,7 +243,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -237,7 +253,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithDefaults.snap b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithDefaults.snap
index 35f80536237..ad2d9728e27 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithDefaults.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithDefaults.snap
@@ -9,7 +9,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -18,7 +19,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -27,7 +29,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -36,7 +39,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -53,7 +57,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -62,7 +67,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -71,7 +77,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -95,7 +102,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -104,7 +112,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -113,7 +122,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -122,7 +132,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -131,7 +142,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -140,7 +152,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -149,7 +162,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -158,7 +172,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -182,7 +197,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -191,7 +207,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -200,7 +217,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -209,7 +227,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -245,7 +264,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -254,7 +274,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -263,7 +284,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -287,7 +309,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -296,7 +319,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -305,7 +329,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -314,7 +339,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -323,7 +349,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -332,7 +359,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -341,7 +369,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -350,7 +379,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -374,7 +404,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -383,7 +414,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -392,7 +424,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -401,7 +434,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -437,7 +471,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -446,7 +481,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -455,7 +491,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -464,7 +501,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -481,7 +519,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -490,7 +529,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -499,7 +539,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -523,7 +564,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -532,7 +574,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -541,7 +584,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -550,7 +594,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -559,7 +604,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -568,7 +614,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -577,7 +624,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -586,7 +634,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -610,7 +659,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -619,7 +669,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -628,7 +679,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -637,7 +689,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -673,7 +726,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -682,7 +736,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -691,7 +746,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -700,7 +756,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -717,7 +774,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -726,7 +784,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -735,7 +794,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -752,7 +812,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -761,7 +822,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -770,7 +832,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -779,7 +842,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -788,7 +852,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -797,7 +862,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -806,7 +872,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -815,7 +882,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -824,7 +892,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -833,7 +902,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -842,7 +912,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -866,7 +937,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -875,7 +947,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -884,7 +957,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -893,7 +967,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -929,7 +1004,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -938,7 +1014,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -947,7 +1024,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -971,7 +1049,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -980,7 +1059,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -989,7 +1069,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -998,7 +1079,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1007,7 +1089,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1016,7 +1099,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1025,7 +1109,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1034,7 +1119,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1058,7 +1144,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1067,7 +1154,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1076,7 +1164,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1085,7 +1174,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1121,7 +1211,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1130,7 +1221,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1139,7 +1231,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1148,7 +1241,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1165,7 +1259,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1205,7 +1300,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithoutDefaults.snap b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithoutDefaults.snap
index 3c73c73f0ff..41163dddd8f 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithoutDefaults.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithoutDefaults.snap
@@ -24,7 +24,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -41,7 +42,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -50,7 +52,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -82,7 +85,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -99,7 +103,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -108,7 +113,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -148,7 +154,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -165,7 +172,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -174,7 +182,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -183,7 +192,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -192,7 +202,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -201,7 +212,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -210,7 +222,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -219,7 +232,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -228,7 +242,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -237,7 +252,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -246,7 +262,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -255,7 +272,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -279,7 +297,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -288,7 +307,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -297,7 +317,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -306,7 +327,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -342,7 +364,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -351,7 +374,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -360,7 +384,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -400,7 +425,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -440,7 +466,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_GithubActions.snap b/tools/apitester/__snapshots__/cassette_TestCommand_GithubActions.snap
index 5d6444dadf1..b2865b82fc3 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_GithubActions.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_GithubActions.snap
@@ -6,7 +6,8 @@
       "query": {
         "commit": "4579d5538f06c5ef615a15bc67ebb9ac0523a973",
         "package": {}
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -28,7 +29,8 @@
       "query": {
         "commit": "5d60bd2eb4642b64d00c845e5ca9f1ea41fd6db6",
         "package": {}
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -42,7 +44,8 @@
       "query": {
         "commit": "4579d5538f06c5ef615a15bc67ebb9ac0523a973",
         "package": {}
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -64,7 +67,8 @@
       "query": {
         "commit": "5d60bd2eb4642b64d00c845e5ca9f1ea41fd6db6",
         "package": {}
-      }
+      },
+      "vulns": []
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_HtmlFile.snap b/tools/apitester/__snapshots__/cassette_TestCommand_HtmlFile.snap
index 150e713c6f5..82849f1c519 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_HtmlFile.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_HtmlFile.snap
@@ -9,7 +9,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_JavareachArchive.snap b/tools/apitester/__snapshots__/cassette_TestCommand_JavareachArchive.snap
index 05d625f4051..035e91f13a4 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_JavareachArchive.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_JavareachArchive.snap
@@ -9,7 +9,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.11.327"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -18,7 +19,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.11.327"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -42,7 +44,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.11.327"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -51,7 +54,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.0-SNAPSHOT"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -60,7 +64,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.6.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -291,7 +296,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.6.7"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -300,7 +306,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.10"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -309,7 +316,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.1.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -318,7 +326,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.8.1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -357,7 +366,8 @@
           "ecosystem": "Maven"
         },
         "version": "4.4.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -366,7 +376,8 @@
           "ecosystem": "Maven"
         },
         "version": "9.4.40.v20210413"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -402,7 +413,8 @@
           "ecosystem": "Maven"
         },
         "version": "9.4.40.v20210413"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -434,7 +446,8 @@
           "ecosystem": "Maven"
         },
         "version": "9.4.40.v20210413"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -466,7 +479,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.11.327"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -475,7 +489,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.11.327"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -499,7 +514,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.11.327"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -508,7 +524,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.0-SNAPSHOT"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -517,7 +534,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.6.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -748,7 +766,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.6.7"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -757,7 +776,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.10"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -766,7 +786,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.1.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -775,7 +796,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.8.1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -814,7 +836,8 @@
           "ecosystem": "Maven"
         },
         "version": "4.4.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -823,7 +846,8 @@
           "ecosystem": "Maven"
         },
         "version": "9.4.40.v20210413"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -859,7 +883,8 @@
           "ecosystem": "Maven"
         },
         "version": "9.4.40.v20210413"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -891,7 +916,8 @@
           "ecosystem": "Maven"
         },
         "version": "9.4.40.v20210413"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_Licenses.snap b/tools/apitester/__snapshots__/cassette_TestCommand_Licenses.snap
index 469ca6860cd..c972ee02c98 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_Licenses.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_Licenses.snap
@@ -9,7 +9,8 @@
           "ecosystem": "npm"
         },
         "version": "6.23.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -18,7 +19,8 @@
           "ecosystem": "npm"
         },
         "version": "5.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -27,7 +29,8 @@
           "ecosystem": "npm"
         },
         "version": "2.1.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -36,7 +39,8 @@
           "ecosystem": "npm"
         },
         "version": "4.26.1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -53,7 +57,8 @@
           "ecosystem": "npm"
         },
         "version": "6.23.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -62,7 +67,8 @@
           "ecosystem": "npm"
         },
         "version": "5.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -71,7 +77,8 @@
           "ecosystem": "npm"
         },
         "version": "2.1.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -80,7 +87,8 @@
           "ecosystem": "npm"
         },
         "version": "4.26.1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -97,7 +105,8 @@
           "ecosystem": "npm"
         },
         "version": "6.23.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -106,7 +115,8 @@
           "ecosystem": "npm"
         },
         "version": "5.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -115,7 +125,8 @@
           "ecosystem": "npm"
         },
         "version": "2.1.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -124,7 +135,8 @@
           "ecosystem": "npm"
         },
         "version": "4.26.1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -141,7 +153,8 @@
           "ecosystem": "npm"
         },
         "version": "6.23.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -150,7 +163,8 @@
           "ecosystem": "npm"
         },
         "version": "5.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -159,7 +173,8 @@
           "ecosystem": "npm"
         },
         "version": "2.1.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -168,7 +183,8 @@
           "ecosystem": "npm"
         },
         "version": "4.26.1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -185,7 +201,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -202,7 +219,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -211,7 +229,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -220,7 +239,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -229,7 +249,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -246,7 +267,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -255,7 +277,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -264,7 +287,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -288,7 +312,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -297,7 +322,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -306,7 +332,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -315,7 +342,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -324,7 +352,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -333,7 +362,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -342,7 +372,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -351,7 +382,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -375,7 +407,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -384,7 +417,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -393,7 +427,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -402,7 +437,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -438,7 +474,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -447,7 +484,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -456,7 +494,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -480,7 +519,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -489,7 +529,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -498,7 +539,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -507,7 +549,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -516,7 +559,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -525,7 +569,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -534,7 +579,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -543,7 +589,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -567,7 +614,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -576,7 +624,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -585,7 +634,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -594,7 +644,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -630,7 +681,8 @@
           "ecosystem": "npm"
         },
         "version": "0.0.8"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -639,7 +691,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -648,7 +701,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -657,7 +711,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -674,7 +729,8 @@
           "ecosystem": "npm"
         },
         "version": "6.23.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -683,7 +739,8 @@
           "ecosystem": "npm"
         },
         "version": "5.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -692,7 +749,8 @@
           "ecosystem": "npm"
         },
         "version": "2.1.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -701,7 +759,8 @@
           "ecosystem": "npm"
         },
         "version": "4.26.1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -718,7 +777,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -727,7 +787,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.4.0-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -736,7 +797,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.4-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -745,7 +807,8 @@
           "ecosystem": "Alpine"
         },
         "version": "2.12.10-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -754,7 +817,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -763,7 +827,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -772,7 +837,8 @@
           "ecosystem": "Alpine"
         },
         "version": "20220614-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -796,7 +862,8 @@
           "ecosystem": "Alpine"
         },
         "version": "0.7.2-r3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -805,7 +872,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -814,7 +882,8 @@
           "ecosystem": "Alpine"
         },
         "version": "3.0.8-r0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -838,7 +907,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -847,7 +917,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.3.5-r1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -856,7 +927,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -865,7 +937,8 @@
           "ecosystem": "Alpine"
         },
         "version": "1.36.1-r27"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -874,7 +947,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -883,7 +957,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -919,7 +994,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.4.2"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -943,7 +1019,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -952,7 +1029,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -961,7 +1039,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -978,7 +1057,8 @@
           "ecosystem": "npm"
         },
         "version": "6.23.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -987,7 +1067,8 @@
           "ecosystem": "npm"
         },
         "version": "5.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -996,7 +1077,8 @@
           "ecosystem": "npm"
         },
         "version": "2.1.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1005,7 +1087,8 @@
           "ecosystem": "npm"
         },
         "version": "4.26.1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1022,7 +1105,8 @@
           "ecosystem": "npm"
         },
         "version": "6.23.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1031,7 +1115,8 @@
           "ecosystem": "npm"
         },
         "version": "5.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1040,7 +1125,8 @@
           "ecosystem": "npm"
         },
         "version": "2.1.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1049,7 +1135,8 @@
           "ecosystem": "npm"
         },
         "version": "4.26.1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_LockfileWithExplicitParseAs.snap b/tools/apitester/__snapshots__/cassette_TestCommand_LockfileWithExplicitParseAs.snap
index 0824edc7132..528df340b89 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_LockfileWithExplicitParseAs.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_LockfileWithExplicitParseAs.snap
@@ -9,7 +9,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -26,7 +27,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -43,7 +45,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -90,7 +93,8 @@
           "ecosystem": "npm"
         },
         "version": "4.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -114,7 +118,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -123,7 +128,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -132,7 +138,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -179,7 +186,8 @@
           "ecosystem": "npm"
         },
         "version": "4.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -203,7 +211,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -212,7 +221,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -221,7 +231,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -258,7 +269,8 @@
           "ecosystem": "npm"
         },
         "version": "4.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -282,7 +294,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -291,7 +304,8 @@
           "ecosystem": "Go"
         },
         "version": "1.99.9"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -300,7 +314,8 @@
           "ecosystem": "npm"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_MoreLockfiles.snap b/tools/apitester/__snapshots__/cassette_TestCommand_MoreLockfiles.snap
index 9e522cab46a..6f433827340 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_MoreLockfiles.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_MoreLockfiles.snap
@@ -9,7 +9,8 @@
           "ecosystem": "Hackage"
         },
         "version": "1.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -18,7 +19,8 @@
           "ecosystem": "Hackage"
         },
         "version": "2.4.0.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -27,7 +29,8 @@
           "ecosystem": "Hackage"
         },
         "version": "0.2.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -36,7 +39,8 @@
           "ecosystem": "Hackage"
         },
         "version": "2.6.4.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -45,7 +49,8 @@
           "ecosystem": "Hackage"
         },
         "version": "0.11.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -77,7 +82,8 @@
           "ecosystem": "NuGet"
         },
         "version": "3.7.10.6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -86,7 +92,8 @@
           "ecosystem": "NuGet"
         },
         "version": "6.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -110,7 +117,8 @@
           "ecosystem": "NuGet"
         },
         "version": "1.0.0"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -127,7 +135,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.23.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -136,7 +145,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "1.4.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -145,7 +155,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "0.87.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -154,7 +165,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "0.10.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -163,7 +175,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "1.29.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -172,7 +185,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "0.2.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -181,7 +195,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "1.1.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -190,7 +205,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "1.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -199,7 +215,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "1.6.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -208,7 +225,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "0.15.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -217,7 +235,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "1.9.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -226,7 +245,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "0.6.1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -250,7 +270,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "0.12.1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -290,7 +311,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "1.0.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -299,7 +321,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "1.5.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -308,7 +331,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "0.49.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -317,7 +341,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "0.30.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -326,7 +351,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "0.22.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -335,7 +361,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "1.8.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -344,7 +371,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.2.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -353,7 +381,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "13.2.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -362,7 +391,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "2.0.2"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -371,7 +401,8 @@
           "ecosystem": "RubyGems"
         },
         "version": "0.15.2"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -388,7 +419,8 @@
           "ecosystem": "NuGet"
         },
         "version": "1.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -397,7 +429,8 @@
           "ecosystem": "NuGet"
         },
         "version": "1.0.0"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -414,7 +447,8 @@
           "ecosystem": "NuGet"
         },
         "version": "13.0.3"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -431,7 +465,8 @@
           "ecosystem": "Hackage"
         },
         "version": "0.2.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -440,7 +475,8 @@
           "ecosystem": "Hackage"
         },
         "version": "1.0.1"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -449,7 +485,8 @@
           "ecosystem": "Hackage"
         },
         "version": "0.10.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -458,7 +495,8 @@
           "ecosystem": "Hackage"
         },
         "version": "0.10.1.0"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -475,7 +513,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.14.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_Transitive.snap b/tools/apitester/__snapshots__/cassette_TestCommand_Transitive.snap
index bb5f0784fbb..f9746d60aa0 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_Transitive.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_Transitive.snap
@@ -9,7 +9,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.14.1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -220,7 +221,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -229,7 +231,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -238,7 +241,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -247,7 +251,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -256,7 +261,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -265,7 +271,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -274,7 +281,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -283,7 +291,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -292,7 +301,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -301,7 +311,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -310,7 +321,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -319,7 +331,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -328,7 +341,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -337,7 +351,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -346,7 +361,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -355,7 +371,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -364,7 +381,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -388,7 +406,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -397,7 +416,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -406,7 +426,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -415,7 +436,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -424,7 +446,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -433,7 +456,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -442,7 +466,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -451,7 +476,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -460,7 +486,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -469,7 +496,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -478,7 +506,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -487,7 +516,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -496,7 +526,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -505,7 +536,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -514,7 +546,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -523,7 +556,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -532,7 +566,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -541,7 +576,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -550,7 +586,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -559,7 +596,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -568,7 +606,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -577,7 +616,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -586,7 +626,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -595,7 +636,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -604,7 +646,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -613,7 +656,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -622,7 +666,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -631,7 +676,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -640,7 +686,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -649,7 +696,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -658,7 +706,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -667,7 +716,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -676,7 +726,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -685,7 +736,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -694,7 +746,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -703,7 +756,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -712,7 +766,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -721,7 +776,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -730,7 +786,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.14.1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -770,7 +827,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.14.1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -853,7 +911,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.3.1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -901,7 +960,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -910,7 +970,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -919,7 +980,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -928,7 +990,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -937,7 +1000,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -946,7 +1010,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -955,7 +1020,8 @@
           "ecosystem": "Maven"
         },
         "version": "24.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -964,7 +1030,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -973,7 +1040,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -982,7 +1050,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -991,7 +1060,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1000,7 +1070,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1009,7 +1080,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1018,7 +1090,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1027,7 +1100,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1036,7 +1110,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1045,7 +1120,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1069,7 +1145,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1078,7 +1155,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1087,7 +1165,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1096,7 +1175,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1105,7 +1185,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1114,7 +1195,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1123,7 +1205,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1132,7 +1215,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1141,7 +1225,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1150,7 +1235,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1159,7 +1245,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1168,7 +1255,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1177,7 +1265,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1186,7 +1275,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1195,7 +1285,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1204,7 +1295,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1213,7 +1305,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1222,7 +1315,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1231,7 +1325,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1240,7 +1335,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1249,7 +1345,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1258,7 +1355,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1267,7 +1365,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1276,7 +1375,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1285,7 +1385,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1294,7 +1395,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1303,7 +1405,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1312,7 +1415,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1321,7 +1425,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1330,7 +1435,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1339,7 +1445,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1348,7 +1455,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1357,7 +1465,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1366,7 +1475,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1375,7 +1485,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1384,7 +1495,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1393,7 +1505,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1402,7 +1515,8 @@
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1411,7 +1525,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.14.1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1451,7 +1566,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.14.1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1483,7 +1599,8 @@
           "ecosystem": "Maven"
         },
         "version": "1.3"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1500,7 +1617,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.14.1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1540,7 +1658,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.14.1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1557,7 +1676,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.14.1"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1597,7 +1717,8 @@
           "ecosystem": "Maven"
         },
         "version": "2.14.1"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -1614,7 +1735,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2025.10.5"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1623,7 +1745,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.0.4"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1632,7 +1755,8 @@
           "ecosystem": "PyPI"
         },
         "version": "8.3.0"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
@@ -1726,7 +1850,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2.2.0"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1735,7 +1860,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.1.6"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1744,7 +1870,8 @@
           "ecosystem": "PyPI"
         },
         "version": "3.0.3"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
@@ -1753,7 +1880,8 @@
           "ecosystem": "PyPI"
         },
         "version": "2025.2"
-      }
+      },
+      "vulns": []
     },
     {
       "vulns": [
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OffLinux.snap b/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OffLinux.snap
index 5c2d9550002..765065a2e0b 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OffLinux.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OffLinux.snap
@@ -9,7 +9,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -26,7 +27,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -43,7 +45,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OnLinux.snap b/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OnLinux.snap
index 506552aa1b4..474dcc14444 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OnLinux.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_WithDetector_OnLinux.snap
@@ -9,7 +9,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -26,7 +27,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
@@ -43,7 +45,8 @@
           "ecosystem": "Packagist"
         },
         "version": "2.0.4"
-      }
+      },
+      "vulns": []
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_single_query.snap b/tools/apitester/__snapshots__/cassette_single_query.snap
index 6eb75391e72..6ba797cfe54 100755
--- a/tools/apitester/__snapshots__/cassette_single_query.snap
+++ b/tools/apitester/__snapshots__/cassette_single_query.snap
@@ -3112,7 +3112,8 @@
       "purl": "pkg:pypi/jinja2@3.1.4"
     },
     "version": "3.1.4"
-  }
+  },
+  "vulns": []
 }
 
 ---
diff --git a/tools/apitester/main_test.go b/tools/apitester/main_test.go
index 2c34a8260cb..9f479c4a650 100644
--- a/tools/apitester/main_test.go
+++ b/tools/apitester/main_test.go
@@ -99,6 +99,12 @@ func normalizeJSONBody(t *testing.T, reqBody []byte, resp *http.Response) string
 				body = res
 			}
 		}
+		if !gjson.GetBytes(body, "vulns").Exists() {
+			res, err := sjson.SetRawBytes(body, "vulns", []byte("[]"))
+			if err == nil {
+				body = res
+			}
+		}
 	case "/v1/querybatch":
 		queries := gjson.GetBytes(reqBody, "queries")
 		if queries.IsArray() {
@@ -107,6 +113,12 @@ func normalizeJSONBody(t *testing.T, reqBody []byte, resp *http.Response) string
 				if err == nil {
 					body = res
 				}
+				if !gjson.GetBytes(body, fmt.Sprintf("results.%d.vulns", i)).Exists() {
+					res, err := sjson.SetRawBytes(body, fmt.Sprintf("results.%d.vulns", i), []byte("[]"))
+					if err == nil {
+						body = res
+					}
+				}
 			}
 		}
 	}

From 8527bd0bcab88fb26368c1f88a128114a6651ec2 Mon Sep 17 00:00:00 2001
From: "google-labs-jules[bot]"
 <161369871+google-labs-jules[bot]@users.noreply.github.com>
Date: Mon, 30 Mar 2026 02:56:06 +0000
Subject: [PATCH 4/4] fix: order query before vulns in snapshots

Addresses PR feedback to consistently order the `query` object before the `vulns` array in the apitester snapshots for better readability. Re-generated snapshots against `api.test.osv.dev` accordingly.

Co-authored-by: another-rex <106129829+another-rex@users.noreply.github.com>
---
 .../__snapshots__/cassette_TestCommand.snap   | 1810 ++++++++---------
 .../cassette_TestCommand_CallAnalysis.snap    |   80 +-
 ...ssette_TestCommand_ExplicitExtractors.snap |  100 +-
 ...mmand_ExplicitExtractors_WithDefaults.snap |  220 +-
 ...nd_ExplicitExtractors_WithoutDefaults.snap |  100 +-
 .../cassette_TestCommand_GithubActions.snap   |   20 +-
 ...cassette_TestCommand_JavareachArchive.snap |  220 +-
 .../cassette_TestCommand_Licenses.snap        |  188 +-
 ...stCommand_LockfileWithExplicitParseAs.snap |  100 +-
 .../cassette_TestCommand_MoreLockfiles.snap   |   74 +-
 .../cassette_TestCommand_Transitive.snap      |  336 +--
 .../__snapshots__/cassette_batch_query.snap   |   12 +-
 .../__snapshots__/cassette_single_query.snap  |  307 ++-
 tools/apitester/main_test.go                  |   10 +-
 14 files changed, 1793 insertions(+), 1784 deletions(-)
 mode change 100644 => 100755 tools/apitester/__snapshots__/cassette_batch_query.snap

diff --git a/tools/apitester/__snapshots__/cassette_TestCommand.snap b/tools/apitester/__snapshots__/cassette_TestCommand.snap
index 773ac24d9a8..dc03238194d 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand.snap
@@ -121,6 +121,13 @@
 {
   "results": [
     {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.21.7"
+      },
       "vulns": [
         {
           "id": "GO-2024-2598",
@@ -282,14 +289,7 @@
           "id": "GO-2026-4603",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "stdlib",
-          "ecosystem": "Go"
-        },
-        "version": "1.21.7"
-      }
+      ]
     }
   ]
 }
@@ -300,6 +300,13 @@
 {
   "results": [
     {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.21.7"
+      },
       "vulns": [
         {
           "id": "GO-2024-2598",
@@ -461,16 +468,16 @@
           "id": "GO-2026-4603",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "stdlib",
           "ecosystem": "Go"
         },
         "version": "1.21.7"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GO-2024-2598",
@@ -632,14 +639,7 @@
           "id": "GO-2026-4603",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "stdlib",
-          "ecosystem": "Go"
-        },
-        "version": "1.21.7"
-      }
+      ]
     }
   ]
 }
@@ -650,6 +650,13 @@
 {
   "results": [
     {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.21.7"
+      },
       "vulns": [
         {
           "id": "GO-2024-2598",
@@ -811,14 +818,7 @@
           "id": "GO-2026-4603",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "stdlib",
-          "ecosystem": "Go"
-        },
-        "version": "1.21.7"
-      }
+      ]
     }
   ]
 }
@@ -919,19 +919,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -964,14 +964,21 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -981,14 +988,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.10-r0"
-      }
+      ]
     }
   ]
 }
@@ -999,19 +999,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
@@ -1052,19 +1052,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -1147,19 +1147,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -1202,6 +1202,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -1211,14 +1218,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -1312,6 +1312,10 @@
       "vulns": []
     },
     {
+      "query": {
+        "commit": "9de7a0544457c6aba755ccb65abb41b0dc1db70d",
+        "package": {}
+      },
       "vulns": [
         {
           "id": "CVE-2023-39137",
@@ -1321,11 +1325,7 @@
           "id": "CVE-2023-39139",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "commit": "9de7a0544457c6aba755ccb65abb41b0dc1db70d",
-        "package": {}
-      }
+      ]
     },
     {
       "query": {
@@ -1405,19 +1405,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-9f46-5r25-5wfm",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "league/flysystem",
           "ecosystem": "Packagist"
         },
         "version": "1.0.8"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-9f46-5r25-5wfm",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -1450,19 +1450,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -1525,6 +1525,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -1534,14 +1541,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -1600,19 +1600,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -1695,19 +1695,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -1750,6 +1750,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -1759,14 +1766,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -1835,19 +1835,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-9f46-5r25-5wfm",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "league/flysystem",
           "ecosystem": "Packagist"
         },
         "version": "1.0.8"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-9f46-5r25-5wfm",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -1898,19 +1898,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-9f46-5r25-5wfm",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "league/flysystem",
           "ecosystem": "Packagist"
         },
         "version": "1.0.8"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-9f46-5r25-5wfm",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -1951,19 +1951,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "UBUNTU-CVE-2017-11164",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "pcre3",
           "ecosystem": "Ubuntu"
         },
         "version": "2:8.39-12ubuntu0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "UBUNTU-CVE-2017-11164",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     }
   ]
 }
@@ -1974,19 +1974,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "UBUNTU-CVE-2017-11164",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "pcre3",
           "ecosystem": "Ubuntu"
         },
         "version": "2:8.39-12ubuntu0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "UBUNTU-CVE-2017-11164",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     }
   ]
 }
@@ -2117,6 +2117,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "apt",
+          "ecosystem": "Debian"
+        },
+        "version": "1.4.11"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2011-3374",
@@ -2124,19 +2131,19 @@
         },
         {
           "id": "DEBIAN-CVE-2018-0501",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2019-3462",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2020-27350",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2020-3810",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DSA-4685-1",
@@ -2146,16 +2153,9 @@
           "id": "DSA-4808-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "apt",
-          "ecosystem": "Debian"
-        },
-        "version": "1.4.11"
-      }
-    },
-    {
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "base-files",
@@ -2176,23 +2176,23 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "bash",
+          "ecosystem": "Debian"
+        },
+        "version": "4.4-5"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2019-18276",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-3715",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "bash",
-          "ecosystem": "Debian"
-        },
-        "version": "4.4-5"
-      }
+      ]
     },
     {
       "query": {
@@ -2255,6 +2255,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "coreutils",
+          "ecosystem": "Debian"
+        },
+        "version": "8.26-3"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2016-2781",
@@ -2266,20 +2273,13 @@
         },
         {
           "id": "DEBIAN-CVE-2024-0684",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-5278",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "coreutils",
-          "ecosystem": "Debian"
-        },
-        "version": "8.26-3"
-      }
+      ]
     },
     {
       "query": {
@@ -2302,19 +2302,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "DLA-3482-1",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "debian-archive-keyring",
           "ecosystem": "Debian"
         },
         "version": "2017.5+deb9u2"
-      }
+      },
+      "vulns": [
+        {
+          "id": "DLA-3482-1",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -2347,10 +2347,17 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "dpkg",
+          "ecosystem": "Debian"
+        },
+        "version": "1.18.25"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2022-1664",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-6297",
@@ -2368,14 +2375,7 @@
           "id": "DSA-5147-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "dpkg",
-          "ecosystem": "Debian"
-        },
-        "version": "1.18.25"
-      }
+      ]
     },
     {
       "query": {
@@ -2388,18 +2388,25 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "e2fsprogs",
+          "ecosystem": "Debian"
+        },
+        "version": "1.43.4-2+deb9u2"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2019-5094",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2019-5188",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-1304",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DLA-3910-1",
@@ -2409,14 +2416,7 @@
           "id": "DSA-4535-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "e2fsprogs",
-          "ecosystem": "Debian"
-        },
-        "version": "1.43.4-2+deb9u2"
-      }
+      ]
     },
     {
       "query": {
@@ -2439,6 +2439,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "github.com/opencontainers/runc",
+          "ecosystem": "Go"
+        },
+        "version": "v1.0.1"
+      },
       "vulns": [
         {
           "id": "GHSA-9493-h29p-rfm2",
@@ -2520,14 +2527,7 @@
           "id": "GO-2025-4098",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "github.com/opencontainers/runc",
-          "ecosystem": "Go"
-        },
-        "version": "v1.0.1"
-      }
+      ]
     },
     {
       "query": {
@@ -2560,6 +2560,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "golang.org/x/sys",
+          "ecosystem": "Go"
+        },
+        "version": "v0.0.0-20210817142637-7d9622a276b7"
+      },
       "vulns": [
         {
           "id": "GHSA-p782-xgp4-8hr8",
@@ -2569,14 +2576,7 @@
           "id": "GO-2022-0493",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "golang.org/x/sys",
-          "ecosystem": "Go"
-        },
-        "version": "v0.0.0-20210817142637-7d9622a276b7"
-      }
+      ]
     },
     {
       "query": {
@@ -2599,23 +2599,23 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "gzip",
+          "ecosystem": "Debian"
+        },
+        "version": "1.6-5+deb9u1"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2022-1271",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DSA-5122-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "gzip",
-          "ecosystem": "Debian"
-        },
-        "version": "1.6-5+deb9u1"
-      }
+      ]
     },
     {
       "query": {
@@ -2898,18 +2898,25 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "libgcrypt20",
+          "ecosystem": "Debian"
+        },
+        "version": "1.7.6-2+deb9u4"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2017-0379",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-7526",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-0495",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-6829",
@@ -2917,7 +2924,7 @@
         },
         {
           "id": "DEBIAN-CVE-2019-13627",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-33560",
@@ -2925,20 +2932,13 @@
         },
         {
           "id": "DEBIAN-CVE-2021-40528",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-2236",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "libgcrypt20",
-          "ecosystem": "Debian"
-        },
-        "version": "1.7.6-2+deb9u4"
-      }
+      ]
     },
     {
       "query": {
@@ -3431,26 +3431,33 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "libtasn1-6",
+          "ecosystem": "Debian"
+        },
+        "version": "4.10-1.1+deb9u1"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2017-10790",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-1000654",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-6003",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-46848",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-12133",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-13151",
@@ -3468,14 +3475,7 @@
           "id": "DSA-5863-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "libtasn1-6",
-          "ecosystem": "Debian"
-        },
-        "version": "4.10-1.1+deb9u1"
-      }
+      ]
     },
     {
       "query": {
@@ -3518,202 +3518,209 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "libxml2",
+          "ecosystem": "Debian"
+        },
+        "version": "2.9.4+dfsg1-2.2+deb9u6"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2016-3709",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2016-9318",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-0663",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-15412",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-16931",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-16932",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-18258",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-5130",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-5969",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-7375",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-7376",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-8872",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-9047",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-9048",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-9049",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-9050",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-14404",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-14567",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2019-19956",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2019-20388",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2020-24977",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2020-7595",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-3516",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-3517",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-3518",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-3537",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-3541",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-2309",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-23308",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-29824",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-40303",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-40304",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-49043",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-28484",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-29469",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-39615",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-45322",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-25062",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-34459",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-56171",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-24928",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-27113",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-32414",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-32415",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-49794",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-49796",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-6021",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-6170",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-8732",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-9714",
@@ -3787,14 +3794,7 @@
           "id": "DSA-5990-1",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "libxml2",
-          "ecosystem": "Debian"
-        },
-        "version": "2.9.4+dfsg1-2.2+deb9u6"
-      }
+      ]
     },
     {
       "query": {
@@ -3847,19 +3847,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "DEBIAN-CVE-2017-20229",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "mawk",
           "ecosystem": "Debian"
         },
         "version": "1.3.3-17+b3"
-      }
+      },
+      "vulns": [
+        {
+          "id": "DEBIAN-CVE-2017-20229",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -3882,34 +3882,34 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -3972,202 +3972,209 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "openssl",
+          "ecosystem": "Debian"
+        },
+        "version": "1.1.0l-1~deb9u5"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2018-0732",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-0734",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-0735",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-5407",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2019-1543",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2019-1547",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2019-1549",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2019-1551",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2019-1563",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2020-1967",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2020-1971",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-23840",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-23841",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-3449",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-3450",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-3711",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-3712",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-4160",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-0778",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-1292",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-2068",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-2097",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-2274",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-3358",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-3602",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-3786",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-3996",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-4203",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-4304",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-4450",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-0215",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-0216",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-0217",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-0286",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-0401",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-0464",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-0465",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-0466",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-1255",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-2650",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-2975",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-3446",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-3817",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-5363",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-5678",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-6129",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-6237",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-0727",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-12797",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-13176",
@@ -4175,27 +4182,27 @@
         },
         {
           "id": "DEBIAN-CVE-2024-2511",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-4603",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-4741",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-5535",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-6119",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-9143",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-11187",
@@ -4219,7 +4226,7 @@
         },
         {
           "id": "DEBIAN-CVE-2025-4575",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-66199",
@@ -4311,7 +4318,7 @@
         },
         {
           "id": "DSA-4539-3",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2019>"
         },
         {
           "id": "DSA-4661-1",
@@ -4369,14 +4376,7 @@
           "id": "DSA-6113-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "openssl",
-          "ecosystem": "Debian"
-        },
-        "version": "1.1.0l-1~deb9u5"
-      }
+      ]
     },
     {
       "query": {
@@ -4389,93 +4389,100 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "UBUNTU-CVE-2017-11164",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "pcre3",
           "ecosystem": "Ubuntu"
         },
         "version": "2:8.39-12ubuntu0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "UBUNTU-CVE-2017-11164",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
+      "query": {
+        "package": {
+          "name": "perl",
+          "ecosystem": "Debian"
+        },
+        "version": "5.24.1-3+deb9u7"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2011-4116",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-12837",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2017-12883",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-12015",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-18311",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-18312",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-18313",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-18314",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-6797",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-6798",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-6913",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2020-10543",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2020-10878",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2020-12723",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2020-16156",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-36770",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-48522",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-31484",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-31486",
@@ -4483,15 +4490,15 @@
         },
         {
           "id": "DEBIAN-CVE-2023-47038",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-56406",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-40909",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DLA-3926-1",
@@ -4501,14 +4508,7 @@
           "id": "DSA-5902-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "perl",
-          "ecosystem": "Debian"
-        },
-        "version": "5.24.1-3+deb9u7"
-      }
+      ]
     },
     {
       "query": {
@@ -4561,6 +4561,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "postgresql-11",
+          "ecosystem": "Debian"
+        },
+        "version": "11.15-1.pgdg90+1"
+      },
       "vulns": [
         {
           "id": "DLA-3072-1",
@@ -4568,11 +4575,11 @@
         },
         {
           "id": "DLA-3189-1",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2022>"
         },
         {
           "id": "DLA-3316-1",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2023>"
         },
         {
           "id": "DLA-3422-1",
@@ -4594,14 +4601,7 @@
           "id": "DSA-5135-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "postgresql-11",
-          "ecosystem": "Debian"
-        },
-        "version": "11.15-1.pgdg90+1"
-      }
+      ]
     },
     {
       "query": {
@@ -4684,19 +4684,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "DEBIAN-CVE-2017-17512",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "sensible-utils",
           "ecosystem": "Debian"
         },
         "version": "0.0.9+deb9u1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "DEBIAN-CVE-2017-17512",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -4739,6 +4739,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "tar",
+          "ecosystem": "Debian"
+        },
+        "version": "1.29b-1.1+deb9u1"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2005-2541",
@@ -4746,70 +4753,70 @@
         },
         {
           "id": "DEBIAN-CVE-2018-20482",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2019-9923",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-20193",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-48303",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2023-39804",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DLA-3755-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "tar",
+          "name": "tzdata",
           "ecosystem": "Debian"
         },
-        "version": "1.29b-1.1+deb9u1"
-      }
-    },
-    {
+        "version": "2021a-0+deb9u3"
+      },
       "vulns": [
         {
           "id": "DLA-3051-1",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2022>"
         },
         {
           "id": "DLA-3134-1",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2022>"
         },
         {
           "id": "DLA-3161-1",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2022>"
         },
         {
           "id": "DLA-3366-1",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2023>"
         },
         {
           "id": "DLA-3412-1",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2023>"
         },
         {
           "id": "DLA-3684-1",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2023>"
         },
         {
           "id": "DLA-3788-1",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2024>"
         },
         {
           "id": "DLA-3972-1",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2024>"
         },
         {
           "id": "DLA-4085-1",
@@ -4823,51 +4830,51 @@
           "id": "DLA-4403-1",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "tzdata",
+          "name": "ucf",
           "ecosystem": "Debian"
         },
-        "version": "2021a-0+deb9u3"
-      }
-    },
-    {
+        "version": "3.0036"
+      },
       "vulns": [
         {
           "id": "DLA-4016-1",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "ucf",
+          "name": "util-linux",
           "ecosystem": "Debian"
         },
-        "version": "3.0036"
-      }
-    },
-    {
+        "version": "2.29.2-1+deb9u1"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2016-2779",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2018-7738",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-37600",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-3995",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2021-3996",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2022-0563",
@@ -4875,7 +4882,7 @@
         },
         {
           "id": "DEBIAN-CVE-2024-28085",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-14104",
@@ -4897,28 +4904,28 @@
           "id": "DSA-5650-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "util-linux",
+          "name": "xz-utils",
           "ecosystem": "Debian"
         },
-        "version": "2.29.2-1+deb9u1"
-      }
-    },
-    {
+        "version": "5.2.2-1.2+deb9u1"
+      },
       "vulns": [
         {
           "id": "DEBIAN-CVE-2022-1271",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2024-3094",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DEBIAN-CVE-2025-31115",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "DSA-5123-1",
@@ -4928,24 +4935,24 @@
           "id": "DSA-5895-1",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "xz-utils",
-          "ecosystem": "Debian"
+          "name": "zlib",
+          "ecosystem": "Alpine"
         },
-        "version": "5.2.2-1.2+deb9u1"
-      }
-    },
-    {
+        "version": "1.2.10-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -4955,24 +4962,24 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "zlib",
           "ecosystem": "Alpine"
         },
         "version": "1.2.10-r0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -4982,24 +4989,24 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "zlib",
           "ecosystem": "Alpine"
         },
         "version": "1.2.10-r0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -5009,20 +5016,20 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "zlib",
           "ecosystem": "Alpine"
         },
-        "version": "1.2.10-r0"
-      }
-    },
-    {
+        "version": "1.2.12-r1"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -5032,14 +5039,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.12-r1"
-      }
+      ]
     },
     {
       "query": {
@@ -5070,19 +5070,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
@@ -5093,6 +5093,13 @@
 {
   "results": [
     {
+      "query": {
+        "package": {
+          "name": "stdlib",
+          "ecosystem": "Go"
+        },
+        "version": "1.24.4"
+      },
       "vulns": [
         {
           "id": "GO-2025-3849",
@@ -5178,16 +5185,16 @@
           "id": "GO-2026-4603",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "stdlib",
+          "name": "toolchain",
           "ecosystem": "Go"
         },
         "version": "1.24.4"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GO-2025-3828",
@@ -5201,14 +5208,7 @@
           "id": "GO-2026-4433",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "toolchain",
-          "ecosystem": "Go"
-        },
-        "version": "1.24.4"
-      }
+      ]
     }
   ]
 }
@@ -5219,19 +5219,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
@@ -5430,19 +5430,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
@@ -5561,19 +5561,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -5606,14 +5606,21 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -5623,14 +5630,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.10-r0"
-      }
+      ]
     }
   ]
 }
@@ -5731,19 +5731,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -5776,14 +5776,21 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -5793,14 +5800,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.10-r0"
-      }
+      ]
     }
   ]
 }
@@ -6077,19 +6077,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -6122,14 +6122,21 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -6139,14 +6146,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.10-r0"
-      }
+      ]
     }
   ]
 }
@@ -6247,19 +6247,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -6292,14 +6292,21 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.10-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2018-25032",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2022-37434",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -6309,14 +6316,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.10-r0"
-      }
+      ]
     }
   ]
 }
@@ -6345,19 +6345,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
@@ -6368,19 +6368,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-3936-cmfr-pm3m",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "black",
           "ecosystem": "PyPI"
         },
         "version": "25.1.0"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-3936-cmfr-pm3m",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -6463,6 +6463,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.11.29"
+      },
       "vulns": [
         {
           "id": "GHSA-68w8-qjq3-2gfm",
@@ -6496,16 +6503,16 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "django",
           "ecosystem": "PyPI"
         },
         "version": "1.11.29"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-68w8-qjq3-2gfm",
@@ -6539,16 +6546,16 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "django",
           "ecosystem": "PyPI"
         },
-        "version": "1.11.29"
-      }
-    },
-    {
+        "version": "2.2.24"
+      },
       "vulns": [
         {
           "id": "GHSA-2gwj-7jmv-h26r",
@@ -6638,16 +6645,16 @@
           "id": "PYSEC-2022-3",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "django",
+          "name": "flask",
           "ecosystem": "PyPI"
         },
-        "version": "2.2.24"
-      }
-    },
-    {
+        "version": "1.0"
+      },
       "vulns": [
         {
           "id": "GHSA-68rp-wp8r-4726",
@@ -6655,22 +6662,22 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "flask",
           "ecosystem": "PyPI"
         },
         "version": "1.0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-68rp-wp8r-4726",
@@ -6678,22 +6685,22 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "flask",
           "ecosystem": "PyPI"
         },
         "version": "1.0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-68rp-wp8r-4726",
@@ -6701,22 +6708,22 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "flask",
           "ecosystem": "PyPI"
         },
-        "version": "1.0"
-      }
-    },
-    {
+        "version": "1.0.0"
+      },
       "vulns": [
         {
           "id": "GHSA-68rp-wp8r-4726",
@@ -6724,22 +6731,22 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "flask",
+          "name": "flask-cors",
           "ecosystem": "PyPI"
         },
         "version": "1.0.0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-43qf-4rqw-9q2g",
@@ -6773,16 +6780,16 @@
           "id": "PYSEC-2024-71",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "flask-cors",
+          "name": "idna",
           "ecosystem": "PyPI"
         },
-        "version": "1.0.0"
-      }
-    },
-    {
+        "version": "2.7"
+      },
       "vulns": [
         {
           "id": "GHSA-jjg7-2v4v-x38h",
@@ -6790,18 +6797,18 @@
         },
         {
           "id": "PYSEC-2024-60",
-          "modified": "<RFC3339 date with the year 2024>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "idna",
           "ecosystem": "PyPI"
         },
         "version": "2.7"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-jjg7-2v4v-x38h",
@@ -6809,16 +6816,9 @@
         },
         {
           "id": "PYSEC-2024-60",
-          "modified": "<RFC3339 date with the year 2024>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "idna",
-          "ecosystem": "PyPI"
-        },
-        "version": "2.7"
-      }
+      ]
     },
     {
       "query": {
@@ -6951,19 +6951,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "PYSEC-2020-73",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "pandas",
           "ecosystem": "PyPI"
         },
         "version": "0.23.4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "PYSEC-2020-73",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -7016,6 +7016,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "requests",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.20.0"
+      },
       "vulns": [
         {
           "id": "GHSA-9hjg-9r4m-mvj7",
@@ -7035,18 +7042,18 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "requests",
           "ecosystem": "PyPI"
         },
         "version": "2.20.0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-9hjg-9r4m-mvj7",
@@ -7065,32 +7072,25 @@
           "modified": "<RFC3339 date with the year 2026>"
         },
         {
-          "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
-      "query": {
-        "package": {
-          "name": "requests",
-          "ecosystem": "PyPI"
-        },
-        "version": "2.20.0"
-      }
-    },
-    {
-      "vulns": [
-        {
-          "id": "GHSA-27jp-wm6q-gp25",
+          "id": "PYSEC-2023-74",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "sqlparse",
           "ecosystem": "PyPI"
         },
         "version": "0.5.3"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-27jp-wm6q-gp25",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -7113,6 +7113,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "urllib3",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.24.3"
+      },
       "vulns": [
         {
           "id": "GHSA-2xpw-w6gg-jr37",
@@ -7156,22 +7163,22 @@
         },
         {
           "id": "PYSEC-2023-192",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-212",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "urllib3",
           "ecosystem": "PyPI"
         },
         "version": "1.24.3"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-2xpw-w6gg-jr37",
@@ -7215,22 +7222,22 @@
         },
         {
           "id": "PYSEC-2023-192",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-212",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "urllib3",
+          "name": "werkzeug",
           "ecosystem": "PyPI"
         },
-        "version": "1.24.3"
-      }
-    },
-    {
+        "version": "3.1.3"
+      },
       "vulns": [
         {
           "id": "GHSA-29vq-49wr-vm6x",
@@ -7244,16 +7251,16 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "werkzeug",
           "ecosystem": "PyPI"
         },
         "version": "3.1.3"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-29vq-49wr-vm6x",
@@ -7267,16 +7274,16 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "werkzeug",
           "ecosystem": "PyPI"
         },
         "version": "3.1.3"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-29vq-49wr-vm6x",
@@ -7290,14 +7297,7 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "werkzeug",
-          "ecosystem": "PyPI"
-        },
-        "version": "3.1.3"
-      }
+      ]
     }
   ]
 }
@@ -7308,19 +7308,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-3936-cmfr-pm3m",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "black",
           "ecosystem": "PyPI"
         },
         "version": "25.1.0"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-3936-cmfr-pm3m",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -7403,6 +7403,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.11.29"
+      },
       "vulns": [
         {
           "id": "GHSA-68w8-qjq3-2gfm",
@@ -7436,16 +7443,16 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "django",
           "ecosystem": "PyPI"
         },
         "version": "1.11.29"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-68w8-qjq3-2gfm",
@@ -7479,16 +7486,16 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "django",
           "ecosystem": "PyPI"
         },
-        "version": "1.11.29"
-      }
-    },
-    {
+        "version": "2.2.24"
+      },
       "vulns": [
         {
           "id": "GHSA-2gwj-7jmv-h26r",
@@ -7578,16 +7585,16 @@
           "id": "PYSEC-2022-3",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "django",
+          "name": "flask",
           "ecosystem": "PyPI"
         },
-        "version": "2.2.24"
-      }
-    },
-    {
+        "version": "1.0"
+      },
       "vulns": [
         {
           "id": "GHSA-68rp-wp8r-4726",
@@ -7595,22 +7602,22 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "flask",
           "ecosystem": "PyPI"
         },
         "version": "1.0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-68rp-wp8r-4726",
@@ -7618,22 +7625,22 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "flask",
           "ecosystem": "PyPI"
         },
         "version": "1.0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-68rp-wp8r-4726",
@@ -7641,22 +7648,22 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "flask",
           "ecosystem": "PyPI"
         },
-        "version": "1.0"
-      }
-    },
-    {
+        "version": "1.0.0"
+      },
       "vulns": [
         {
           "id": "GHSA-68rp-wp8r-4726",
@@ -7664,22 +7671,22 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "flask",
+          "name": "flask-cors",
           "ecosystem": "PyPI"
         },
         "version": "1.0.0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-43qf-4rqw-9q2g",
@@ -7713,16 +7720,16 @@
           "id": "PYSEC-2024-71",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "flask-cors",
+          "name": "idna",
           "ecosystem": "PyPI"
         },
-        "version": "1.0.0"
-      }
-    },
-    {
+        "version": "2.7"
+      },
       "vulns": [
         {
           "id": "GHSA-jjg7-2v4v-x38h",
@@ -7730,18 +7737,18 @@
         },
         {
           "id": "PYSEC-2024-60",
-          "modified": "<RFC3339 date with the year 2024>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "idna",
           "ecosystem": "PyPI"
         },
         "version": "2.7"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-jjg7-2v4v-x38h",
@@ -7749,16 +7756,9 @@
         },
         {
           "id": "PYSEC-2024-60",
-          "modified": "<RFC3339 date with the year 2024>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "idna",
-          "ecosystem": "PyPI"
-        },
-        "version": "2.7"
-      }
+      ]
     },
     {
       "query": {
@@ -7891,19 +7891,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "PYSEC-2020-73",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "pandas",
           "ecosystem": "PyPI"
         },
         "version": "0.23.4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "PYSEC-2020-73",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -7956,6 +7956,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "requests",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.20.0"
+      },
       "vulns": [
         {
           "id": "GHSA-9hjg-9r4m-mvj7",
@@ -7975,18 +7982,18 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "requests",
           "ecosystem": "PyPI"
         },
         "version": "2.20.0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-9hjg-9r4m-mvj7",
@@ -8006,31 +8013,24 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "requests",
+          "name": "sqlparse",
           "ecosystem": "PyPI"
         },
-        "version": "2.20.0"
-      }
-    },
-    {
+        "version": "0.5.3"
+      },
       "vulns": [
         {
           "id": "GHSA-27jp-wm6q-gp25",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "sqlparse",
-          "ecosystem": "PyPI"
-        },
-        "version": "0.5.3"
-      }
+      ]
     },
     {
       "query": {
@@ -8053,6 +8053,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "urllib3",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.24.3"
+      },
       "vulns": [
         {
           "id": "GHSA-2xpw-w6gg-jr37",
@@ -8096,22 +8103,22 @@
         },
         {
           "id": "PYSEC-2023-192",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-212",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "urllib3",
           "ecosystem": "PyPI"
         },
         "version": "1.24.3"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-2xpw-w6gg-jr37",
@@ -8155,22 +8162,22 @@
         },
         {
           "id": "PYSEC-2023-192",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-212",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "urllib3",
+          "name": "werkzeug",
           "ecosystem": "PyPI"
         },
-        "version": "1.24.3"
-      }
-    },
-    {
+        "version": "3.1.3"
+      },
       "vulns": [
         {
           "id": "GHSA-29vq-49wr-vm6x",
@@ -8184,16 +8191,16 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "werkzeug",
           "ecosystem": "PyPI"
         },
         "version": "3.1.3"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-29vq-49wr-vm6x",
@@ -8207,16 +8214,16 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "werkzeug",
           "ecosystem": "PyPI"
         },
         "version": "3.1.3"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-29vq-49wr-vm6x",
@@ -8230,14 +8237,7 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "werkzeug",
-          "ecosystem": "PyPI"
-        },
-        "version": "3.1.3"
-      }
+      ]
     }
   ]
 }
@@ -8258,19 +8258,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-9f46-5r25-5wfm",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "league/flysystem",
           "ecosystem": "Packagist"
         },
         "version": "1.0.8"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-9f46-5r25-5wfm",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_CallAnalysis.snap b/tools/apitester/__snapshots__/cassette_TestCommand_CallAnalysis.snap
index 5ad8817d232..3d93526e5a1 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_CallAnalysis.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_CallAnalysis.snap
@@ -3,6 +3,13 @@
 {
   "results": [
     {
+      "query": {
+        "package": {
+          "name": "github.com/gogo/protobuf",
+          "ecosystem": "Go"
+        },
+        "version": "1.3.1"
+      },
       "vulns": [
         {
           "id": "GHSA-c3h9-896r-86jm",
@@ -12,16 +19,16 @@
           "id": "GO-2021-0053",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "github.com/gogo/protobuf",
+          "name": "github.com/ipfs/go-bitfield",
           "ecosystem": "Go"
         },
-        "version": "1.3.1"
-      }
-    },
-    {
+        "version": "1.0.0"
+      },
       "vulns": [
         {
           "id": "GHSA-2h6c-j3gf-xp9r",
@@ -29,18 +36,18 @@
         },
         {
           "id": "GO-2023-1558",
-          "modified": "<RFC3339 date with the year 2024>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "github.com/ipfs/go-bitfield",
+          "name": "golang.org/x/image",
           "ecosystem": "Go"
         },
-        "version": "1.0.0"
-      }
-    },
-    {
+        "version": "0.4.0"
+      },
       "vulns": [
         {
           "id": "GHSA-9phm-fm57-rhg8",
@@ -60,15 +67,15 @@
         },
         {
           "id": "GO-2023-1572",
-          "modified": "<RFC3339 date with the year 2024>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "GO-2023-1989",
-          "modified": "<RFC3339 date with the year 2024>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "GO-2023-1990",
-          "modified": "<RFC3339 date with the year 2024>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "GO-2024-2937",
@@ -78,14 +85,7 @@
           "id": "GO-2026-4815",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "golang.org/x/image",
-          "ecosystem": "Go"
-        },
-        "version": "0.4.0"
-      }
+      ]
     }
   ]
 }
@@ -96,6 +96,13 @@
 {
   "results": [
     {
+      "query": {
+        "package": {
+          "name": "github.com/gogo/protobuf",
+          "ecosystem": "Go"
+        },
+        "version": "1.3.1"
+      },
       "vulns": [
         {
           "id": "GHSA-c3h9-896r-86jm",
@@ -105,14 +112,7 @@
           "id": "GO-2021-0053",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "github.com/gogo/protobuf",
-          "ecosystem": "Go"
-        },
-        "version": "1.3.1"
-      }
+      ]
     }
   ]
 }
@@ -123,6 +123,13 @@
 {
   "results": [
     {
+      "query": {
+        "package": {
+          "name": "github.com/gogo/protobuf",
+          "ecosystem": "Go"
+        },
+        "version": "1.3.1"
+      },
       "vulns": [
         {
           "id": "GHSA-c3h9-896r-86jm",
@@ -132,14 +139,7 @@
           "id": "GO-2021-0053",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "github.com/gogo/protobuf",
-          "ecosystem": "Go"
-        },
-        "version": "1.3.1"
-      }
+      ]
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors.snap b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors.snap
index 5e5b9b309f5..5b251968781 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors.snap
@@ -3,19 +3,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -36,19 +36,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -69,19 +69,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
@@ -202,19 +202,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -257,6 +257,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -266,14 +273,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -284,19 +284,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
@@ -307,19 +307,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithDefaults.snap b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithDefaults.snap
index ad2d9728e27..f5562d02c5b 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithDefaults.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithDefaults.snap
@@ -81,19 +81,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -176,19 +176,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -231,6 +231,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -240,14 +247,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -288,19 +288,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -383,19 +383,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -438,6 +438,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -447,14 +454,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -543,19 +543,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -638,19 +638,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -693,6 +693,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -702,14 +709,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -916,19 +916,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -971,6 +971,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -980,14 +987,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -1028,19 +1028,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -1123,19 +1123,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -1178,6 +1178,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -1187,14 +1194,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -1271,19 +1271,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithoutDefaults.snap b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithoutDefaults.snap
index 41163dddd8f..f17d83477da 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithoutDefaults.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_ExplicitExtractors_WithoutDefaults.snap
@@ -3,19 +3,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -64,19 +64,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -125,19 +125,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
@@ -276,19 +276,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -331,6 +331,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -340,14 +347,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -396,19 +396,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
@@ -437,19 +437,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_GithubActions.snap b/tools/apitester/__snapshots__/cassette_TestCommand_GithubActions.snap
index b2865b82fc3..e465495f3aa 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_GithubActions.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_GithubActions.snap
@@ -10,6 +10,10 @@
       "vulns": []
     },
     {
+      "query": {
+        "commit": "9de7a0544457c6aba755ccb65abb41b0dc1db70d",
+        "package": {}
+      },
       "vulns": [
         {
           "id": "CVE-2023-39137",
@@ -19,11 +23,7 @@
           "id": "CVE-2023-39139",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "commit": "9de7a0544457c6aba755ccb65abb41b0dc1db70d",
-        "package": {}
-      }
+      ]
     },
     {
       "query": {
@@ -48,6 +48,10 @@
       "vulns": []
     },
     {
+      "query": {
+        "commit": "9de7a0544457c6aba755ccb65abb41b0dc1db70d",
+        "package": {}
+      },
       "vulns": [
         {
           "id": "CVE-2023-39137",
@@ -57,11 +61,7 @@
           "id": "CVE-2023-39139",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "commit": "9de7a0544457c6aba755ccb65abb41b0dc1db70d",
-        "package": {}
-      }
+      ]
     },
     {
       "query": {
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_JavareachArchive.snap b/tools/apitester/__snapshots__/cassette_TestCommand_JavareachArchive.snap
index 035e91f13a4..d0c7ced1a7f 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_JavareachArchive.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_JavareachArchive.snap
@@ -23,19 +23,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-c28r-hw5m-5gv3",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "com.amazonaws:aws-java-sdk-s3",
           "ecosystem": "Maven"
         },
         "version": "1.11.327"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-c28r-hw5m-5gv3",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -68,6 +68,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "com.fasterxml.jackson.core:jackson-core",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.0"
+      },
       "vulns": [
         {
           "id": "GHSA-72hv-8253-57qq",
@@ -77,16 +84,16 @@
           "id": "GHSA-h46c-h94j-95f3",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "com.fasterxml.jackson.core:jackson-core",
+          "name": "com.fasterxml.jackson.core:jackson-databind",
           "ecosystem": "Maven"
         },
-        "version": "2.14.0"
-      }
-    },
-    {
+        "version": "2.6.7.1"
+      },
       "vulns": [
         {
           "id": "GHSA-288c-cq4h-88gq",
@@ -280,14 +287,7 @@
           "id": "GHSA-wh8g-3j2c-rqj5",
           "modified": "<RFC3339 date with the year 2024>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "com.fasterxml.jackson.core:jackson-databind",
-          "ecosystem": "Maven"
-        },
-        "version": "2.6.7.1"
-      }
+      ]
     },
     {
       "query": {
@@ -330,34 +330,34 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-j288-q9x7-2f5v",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "org.apache.commons:commons-lang3",
           "ecosystem": "Maven"
         },
         "version": "3.12.0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
-          "id": "GHSA-7r82-7xv7-xcpj",
+          "id": "GHSA-j288-q9x7-2f5v",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "org.apache.httpcomponents:httpclient",
           "ecosystem": "Maven"
         },
         "version": "4.5.5"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-7r82-7xv7-xcpj",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -380,6 +380,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "org.eclipse.jetty:jetty-http",
+          "ecosystem": "Maven"
+        },
+        "version": "9.4.40.v20210413"
+      },
       "vulns": [
         {
           "id": "GHSA-cj7v-27pg-wf7q",
@@ -397,26 +404,26 @@
           "id": "GHSA-wjpw-4j6x-6rwh",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "org.eclipse.jetty:jetty-http",
+          "name": "org.eclipse.jetty:jetty-io",
           "ecosystem": "Maven"
         },
         "version": "9.4.40.v20210413"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
         "package": {
-          "name": "org.eclipse.jetty:jetty-io",
+          "name": "org.eclipse.jetty:jetty-servlets",
           "ecosystem": "Maven"
         },
         "version": "9.4.40.v20210413"
       },
-      "vulns": []
-    },
-    {
       "vulns": [
         {
           "id": "GHSA-3gh6-v5v9-6v9j",
@@ -430,14 +437,7 @@
           "id": "GHSA-j26w-f9rq-mr2q",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "org.eclipse.jetty:jetty-servlets",
-          "ecosystem": "Maven"
-        },
-        "version": "9.4.40.v20210413"
-      }
+      ]
     },
     {
       "query": {
@@ -450,19 +450,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-264p-99wq-f4j6",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "software.amazon.ion:ion-java",
           "ecosystem": "Maven"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-264p-99wq-f4j6",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     }
   ]
 }
@@ -493,19 +493,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-c28r-hw5m-5gv3",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "com.amazonaws:aws-java-sdk-s3",
           "ecosystem": "Maven"
         },
         "version": "1.11.327"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-c28r-hw5m-5gv3",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -538,6 +538,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "com.fasterxml.jackson.core:jackson-core",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.0"
+      },
       "vulns": [
         {
           "id": "GHSA-72hv-8253-57qq",
@@ -547,16 +554,16 @@
           "id": "GHSA-h46c-h94j-95f3",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "com.fasterxml.jackson.core:jackson-core",
+          "name": "com.fasterxml.jackson.core:jackson-databind",
           "ecosystem": "Maven"
         },
-        "version": "2.14.0"
-      }
-    },
-    {
+        "version": "2.6.7.1"
+      },
       "vulns": [
         {
           "id": "GHSA-288c-cq4h-88gq",
@@ -750,14 +757,7 @@
           "id": "GHSA-wh8g-3j2c-rqj5",
           "modified": "<RFC3339 date with the year 2024>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "com.fasterxml.jackson.core:jackson-databind",
-          "ecosystem": "Maven"
-        },
-        "version": "2.6.7.1"
-      }
+      ]
     },
     {
       "query": {
@@ -800,34 +800,34 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-j288-q9x7-2f5v",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "org.apache.commons:commons-lang3",
           "ecosystem": "Maven"
         },
         "version": "3.12.0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
-          "id": "GHSA-7r82-7xv7-xcpj",
+          "id": "GHSA-j288-q9x7-2f5v",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "org.apache.httpcomponents:httpclient",
           "ecosystem": "Maven"
         },
         "version": "4.5.5"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-7r82-7xv7-xcpj",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -850,6 +850,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "org.eclipse.jetty:jetty-http",
+          "ecosystem": "Maven"
+        },
+        "version": "9.4.40.v20210413"
+      },
       "vulns": [
         {
           "id": "GHSA-cj7v-27pg-wf7q",
@@ -867,26 +874,26 @@
           "id": "GHSA-wjpw-4j6x-6rwh",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "org.eclipse.jetty:jetty-http",
+          "name": "org.eclipse.jetty:jetty-io",
           "ecosystem": "Maven"
         },
         "version": "9.4.40.v20210413"
-      }
+      },
+      "vulns": []
     },
     {
       "query": {
         "package": {
-          "name": "org.eclipse.jetty:jetty-io",
+          "name": "org.eclipse.jetty:jetty-servlets",
           "ecosystem": "Maven"
         },
         "version": "9.4.40.v20210413"
       },
-      "vulns": []
-    },
-    {
       "vulns": [
         {
           "id": "GHSA-3gh6-v5v9-6v9j",
@@ -900,14 +907,7 @@
           "id": "GHSA-j26w-f9rq-mr2q",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "org.eclipse.jetty:jetty-servlets",
-          "ecosystem": "Maven"
-        },
-        "version": "9.4.40.v20210413"
-      }
+      ]
     },
     {
       "query": {
@@ -920,19 +920,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-264p-99wq-f4j6",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "software.amazon.ion:ion-java",
           "ecosystem": "Maven"
         },
         "version": "1.0.2"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-264p-99wq-f4j6",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_Licenses.snap b/tools/apitester/__snapshots__/cassette_TestCommand_Licenses.snap
index c972ee02c98..a15e123eadc 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_Licenses.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_Licenses.snap
@@ -291,19 +291,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -386,19 +386,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -441,6 +441,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -450,14 +457,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -498,19 +498,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -593,19 +593,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -648,6 +648,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -657,14 +664,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -841,19 +841,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-9f46-5r25-5wfm",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "league/flysystem",
           "ecosystem": "Packagist"
         },
         "version": "1.0.8"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-9f46-5r25-5wfm",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -886,19 +886,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "ALPINE-CVE-2025-26519",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "musl",
           "ecosystem": "Alpine"
         },
         "version": "1.2.3-r4"
-      }
+      },
+      "vulns": [
+        {
+          "id": "ALPINE-CVE-2025-26519",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -961,6 +961,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "zlib",
+          "ecosystem": "Alpine"
+        },
+        "version": "1.2.13-r0"
+      },
       "vulns": [
         {
           "id": "ALPINE-CVE-2026-22184",
@@ -970,14 +977,7 @@
           "id": "ALPINE-CVE-2026-27171",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "zlib",
-          "ecosystem": "Alpine"
-        },
-        "version": "1.2.13-r0"
-      }
+      ]
     }
   ]
 }
@@ -998,19 +998,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-9f46-5r25-5wfm",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "league/flysystem",
           "ecosystem": "Packagist"
         },
         "version": "1.0.8"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-9f46-5r25-5wfm",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -1147,19 +1147,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
@@ -1170,19 +1170,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
@@ -1193,19 +1193,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_LockfileWithExplicitParseAs.snap b/tools/apitester/__snapshots__/cassette_TestCommand_LockfileWithExplicitParseAs.snap
index 528df340b89..05b0b961347 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_LockfileWithExplicitParseAs.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_LockfileWithExplicitParseAs.snap
@@ -57,34 +57,34 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -97,19 +97,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-9f46-5r25-5wfm",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "league/flysystem",
           "ecosystem": "Packagist"
         },
         "version": "1.0.8"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-9f46-5r25-5wfm",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -150,34 +150,34 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-whgm-jr23-g3j9",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -190,19 +190,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-9f46-5r25-5wfm",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "league/flysystem",
           "ecosystem": "Packagist"
         },
         "version": "1.0.8"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-9f46-5r25-5wfm",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -248,19 +248,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-whgm-jr23-g3j9",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "ansi-html",
           "ecosystem": "npm"
         },
         "version": "0.0.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-whgm-jr23-g3j9",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -273,19 +273,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-9f46-5r25-5wfm",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "league/flysystem",
           "ecosystem": "Packagist"
         },
         "version": "1.0.8"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-9f46-5r25-5wfm",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_MoreLockfiles.snap b/tools/apitester/__snapshots__/cassette_TestCommand_MoreLockfiles.snap
index 6f433827340..c10c9a313a9 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_MoreLockfiles.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_MoreLockfiles.snap
@@ -53,19 +53,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "HSEC-2024-0009",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "biscuit-haskell",
           "ecosystem": "Hackage"
         },
         "version": "0.3.0.0"
-      }
+      },
+      "vulns": [
+        {
+          "id": "HSEC-2024-0009",
+          "modified": "<RFC3339 date with the year 2025>"
+        }
+      ]
     }
   ]
 }
@@ -96,19 +96,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-4cv2-4hjh-77rx",
-          "modified": "<RFC3339 date with the year 2025>"
-        }
-      ],
       "query": {
         "package": {
           "name": "System.Linq.Dynamic.Core",
           "ecosystem": "NuGet"
         },
         "version": "1.3.7"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-4cv2-4hjh-77rx",
+          "modified": "<RFC3339 date with the year 2025>"
+        }
+      ]
     },
     {
       "query": {
@@ -249,19 +249,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-9m3q-rhmv-5q44",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "json",
           "ecosystem": "RubyGems"
         },
         "version": "2.10.1"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-9m3q-rhmv-5q44",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -274,6 +274,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "nokogiri",
+          "ecosystem": "RubyGems"
+        },
+        "version": "1.18.2"
+      },
       "vulns": [
         {
           "id": "GHSA-353f-x4gh-cqq8",
@@ -295,14 +302,7 @@
           "id": "GHSA-wx95-c6cv-8532",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "nokogiri",
-          "ecosystem": "RubyGems"
-        },
-        "version": "1.18.2"
-      }
+      ]
     },
     {
       "query": {
@@ -517,6 +517,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "protobuf",
+          "ecosystem": "PyPI"
+        },
+        "version": "4.25.5"
+      },
       "vulns": [
         {
           "id": "GHSA-7gcm-g887-7qv7",
@@ -526,14 +533,7 @@
           "id": "GHSA-8qvm-5x2c-j2w7",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "protobuf",
-          "ecosystem": "PyPI"
-        },
-        "version": "4.25.5"
-      }
+      ]
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_TestCommand_Transitive.snap b/tools/apitester/__snapshots__/cassette_TestCommand_Transitive.snap
index f9746d60aa0..b4f1708b0e3 100755
--- a/tools/apitester/__snapshots__/cassette_TestCommand_Transitive.snap
+++ b/tools/apitester/__snapshots__/cassette_TestCommand_Transitive.snap
@@ -21,6 +21,13 @@
 {
   "results": [
     {
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.11.29"
+      },
       "vulns": [
         {
           "id": "GHSA-68w8-qjq3-2gfm",
@@ -54,16 +61,16 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "django",
+          "name": "flask",
           "ecosystem": "PyPI"
         },
-        "version": "1.11.29"
-      }
-    },
-    {
+        "version": "1.0.0"
+      },
       "vulns": [
         {
           "id": "GHSA-68rp-wp8r-4726",
@@ -71,22 +78,22 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "flask",
+          "name": "requests",
           "ecosystem": "PyPI"
         },
-        "version": "1.0.0"
-      }
-    },
-    {
+        "version": "2.20.0"
+      },
       "vulns": [
         {
           "id": "GHSA-9hjg-9r4m-mvj7",
@@ -106,16 +113,9 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "requests",
-          "ecosystem": "PyPI"
-        },
-        "version": "2.20.0"
-      }
+      ]
     }
   ]
 }
@@ -126,6 +126,13 @@
 {
   "results": [
     {
+      "query": {
+        "package": {
+          "name": "flask",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.0.0"
+      },
       "vulns": [
         {
           "id": "GHSA-68rp-wp8r-4726",
@@ -133,22 +140,22 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "flask",
+          "name": "flask-cors",
           "ecosystem": "PyPI"
         },
         "version": "1.0.0"
-      }
-    },
-    {
+      },
       "vulns": [
         {
           "id": "GHSA-43qf-4rqw-9q2g",
@@ -182,29 +189,22 @@
           "id": "PYSEC-2024-71",
           "modified": "<RFC3339 date with the year 2025>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "flask-cors",
+          "name": "pandas",
           "ecosystem": "PyPI"
         },
-        "version": "1.0.0"
-      }
-    },
-    {
+        "version": "0.23.4"
+      },
       "vulns": [
         {
           "id": "PYSEC-2020-73",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "pandas",
-          "ecosystem": "PyPI"
-        },
-        "version": "0.23.4"
-      }
+      ]
     }
   ]
 }
@@ -385,19 +385,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-cm6r-892j-jv2g",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "com.google.android.gms:play-services-basement",
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-cm6r-892j-jv2g",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -790,6 +790,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-core",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      },
       "vulns": [
         {
           "id": "GHSA-7rjr-3q55-vv33",
@@ -811,14 +818,7 @@
           "id": "GHSA-vc5p-v9hr-52mj",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "org.apache.logging.log4j:log4j-core",
-          "ecosystem": "Maven"
-        },
-        "version": "2.14.1"
-      }
+      ]
     },
     {
       "query": {
@@ -839,6 +839,13 @@
 {
   "results": [
     {
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.11.29"
+      },
       "vulns": [
         {
           "id": "GHSA-68w8-qjq3-2gfm",
@@ -872,16 +879,16 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "django",
+          "name": "flask",
           "ecosystem": "PyPI"
         },
-        "version": "1.11.29"
-      }
-    },
-    {
+        "version": "1.0.0"
+      },
       "vulns": [
         {
           "id": "GHSA-68rp-wp8r-4726",
@@ -889,20 +896,13 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "flask",
-          "ecosystem": "PyPI"
-        },
-        "version": "1.0.0"
-      }
+      ]
     },
     {
       "query": {
@@ -915,6 +915,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "requests",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.20.0"
+      },
       "vulns": [
         {
           "id": "GHSA-9hjg-9r4m-mvj7",
@@ -934,16 +941,9 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "requests",
-          "ecosystem": "PyPI"
-        },
-        "version": "2.20.0"
-      }
+      ]
     }
   ]
 }
@@ -1124,19 +1124,19 @@
       "vulns": []
     },
     {
-      "vulns": [
-        {
-          "id": "GHSA-cm6r-892j-jv2g",
-          "modified": "<RFC3339 date with the year 2023>"
-        }
-      ],
       "query": {
         "package": {
           "name": "com.google.android.gms:play-services-basement",
           "ecosystem": "Maven"
         },
         "version": "10.0.0"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-cm6r-892j-jv2g",
+          "modified": "<RFC3339 date with the year 2023>"
+        }
+      ]
     },
     {
       "query": {
@@ -1529,6 +1529,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-core",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      },
       "vulns": [
         {
           "id": "GHSA-7rjr-3q55-vv33",
@@ -1550,14 +1557,7 @@
           "id": "GHSA-vc5p-v9hr-52mj",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "org.apache.logging.log4j:log4j-core",
-          "ecosystem": "Maven"
-        },
-        "version": "2.14.1"
-      }
+      ]
     },
     {
       "query": {
@@ -1578,19 +1578,19 @@
 {
   "results": [
     {
-      "vulns": [
-        {
-          "id": "GHSA-269g-pwp5-87pp",
-          "modified": "<RFC3339 date with the year 2026>"
-        }
-      ],
       "query": {
         "package": {
           "name": "junit:junit",
           "ecosystem": "Maven"
         },
         "version": "4.12"
-      }
+      },
+      "vulns": [
+        {
+          "id": "GHSA-269g-pwp5-87pp",
+          "modified": "<RFC3339 date with the year 2026>"
+        }
+      ]
     },
     {
       "query": {
@@ -1621,6 +1621,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-core",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      },
       "vulns": [
         {
           "id": "GHSA-7rjr-3q55-vv33",
@@ -1642,14 +1649,7 @@
           "id": "GHSA-vc5p-v9hr-52mj",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "org.apache.logging.log4j:log4j-core",
-          "ecosystem": "Maven"
-        },
-        "version": "2.14.1"
-      }
+      ]
     },
     {
       "query": {
@@ -1680,6 +1680,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "org.apache.logging.log4j:log4j-core",
+          "ecosystem": "Maven"
+        },
+        "version": "2.14.1"
+      },
       "vulns": [
         {
           "id": "GHSA-7rjr-3q55-vv33",
@@ -1701,14 +1708,7 @@
           "id": "GHSA-vc5p-v9hr-52mj",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "org.apache.logging.log4j:log4j-core",
-          "ecosystem": "Maven"
-        },
-        "version": "2.14.1"
-      }
+      ]
     },
     {
       "query": {
@@ -1759,6 +1759,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "django",
+          "ecosystem": "PyPI"
+        },
+        "version": "1.11.29"
+      },
       "vulns": [
         {
           "id": "GHSA-68w8-qjq3-2gfm",
@@ -1792,16 +1799,16 @@
           "id": "PYSEC-2021-98",
           "modified": "<RFC3339 date with the year 2023>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "django",
+          "name": "flask",
           "ecosystem": "PyPI"
         },
-        "version": "1.11.29"
-      }
-    },
-    {
+        "version": "1.0"
+      },
       "vulns": [
         {
           "id": "GHSA-68rp-wp8r-4726",
@@ -1809,22 +1816,22 @@
         },
         {
           "id": "GHSA-m2qf-hxjv-5gpq",
-          "modified": "<RFC3339 date with the year 2025>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-62",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "flask",
+          "name": "idna",
           "ecosystem": "PyPI"
         },
-        "version": "1.0"
-      }
-    },
-    {
+        "version": "2.7"
+      },
       "vulns": [
         {
           "id": "GHSA-jjg7-2v4v-x38h",
@@ -1832,16 +1839,9 @@
         },
         {
           "id": "PYSEC-2024-60",
-          "modified": "<RFC3339 date with the year 2024>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "idna",
-          "ecosystem": "PyPI"
-        },
-        "version": "2.7"
-      }
+      ]
     },
     {
       "query": {
@@ -1884,6 +1884,13 @@
       "vulns": []
     },
     {
+      "query": {
+        "package": {
+          "name": "requests",
+          "ecosystem": "PyPI"
+        },
+        "version": "2.20.0"
+      },
       "vulns": [
         {
           "id": "GHSA-9hjg-9r4m-mvj7",
@@ -1903,18 +1910,18 @@
         },
         {
           "id": "PYSEC-2023-74",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "requests",
+          "name": "urllib3",
           "ecosystem": "PyPI"
         },
-        "version": "2.20.0"
-      }
-    },
-    {
+        "version": "1.24.3"
+      },
       "vulns": [
         {
           "id": "GHSA-2xpw-w6gg-jr37",
@@ -1958,22 +1965,22 @@
         },
         {
           "id": "PYSEC-2023-192",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         },
         {
           "id": "PYSEC-2023-212",
-          "modified": "<RFC3339 date with the year 2023>"
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
+      ]
+    },
+    {
       "query": {
         "package": {
-          "name": "urllib3",
+          "name": "werkzeug",
           "ecosystem": "PyPI"
         },
-        "version": "1.24.3"
-      }
-    },
-    {
+        "version": "3.1.3"
+      },
       "vulns": [
         {
           "id": "GHSA-29vq-49wr-vm6x",
@@ -1987,14 +1994,7 @@
           "id": "GHSA-hgf8-39gv-g3f2",
           "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "package": {
-          "name": "werkzeug",
-          "ecosystem": "PyPI"
-        },
-        "version": "3.1.3"
-      }
+      ]
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_batch_query.snap b/tools/apitester/__snapshots__/cassette_batch_query.snap
old mode 100644
new mode 100755
index 0d8248dc9b3..c8d68d73f2c
--- a/tools/apitester/__snapshots__/cassette_batch_query.snap
+++ b/tools/apitester/__snapshots__/cassette_batch_query.snap
@@ -3,6 +3,9 @@
 {
   "results": [
     {
+      "query": {
+        "commit": "17b30e96476be70b8773b2b807bab857fd3ceb39"
+      },
       "vulns": [
         {
           "id": "CVE-2021-22569",
@@ -31,11 +34,12 @@
         {
           "id": "CVE-2024-7254",
           "modified": "<RFC3339 date with the year 2026>"
+        },
+        {
+          "id": "CVE-2025-4565",
+          "modified": "<RFC3339 date with the year 2026>"
         }
-      ],
-      "query": {
-        "commit": "17b30e96476be70b8773b2b807bab857fd3ceb39"
-      }
+      ]
     }
   ]
 }
diff --git a/tools/apitester/__snapshots__/cassette_single_query.snap b/tools/apitester/__snapshots__/cassette_single_query.snap
index 6ba797cfe54..efae4e2cb66 100755
--- a/tools/apitester/__snapshots__/cassette_single_query.snap
+++ b/tools/apitester/__snapshots__/cassette_single_query.snap
@@ -1,6 +1,9 @@
 
 [Test/cassette_single_query/TestQueryEndpoint/CommitQuery - 1]
 {
+  "query": {
+    "commit": "6879efc2c1596d11a6a6ad296f80063b558d5e0f"
+  },
   "vulns": [
     {
       "id": "CVE-2021-45931",
@@ -93,15 +96,15 @@
       "references": [
         {
           "type": "WEB",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"
         },
         {
           "type": "WEB",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"
         },
         {
           "type": "WEB",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"
         },
         {
           "type": "ADVISORY",
@@ -190,19 +193,19 @@
       "references": [
         {
           "type": "WEB",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3/"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547/"
         },
         {
           "type": "WEB",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547/"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
+          "url": "https://github.com/harfbuzz/harfbuzz/blob/2822b589bc837fae6f66233e2cf2eef0f6ce8470/src/hb-ot-layout-gsubgpos.hh"
         },
         {
           "type": "ADVISORY",
-          "url": "https://github.com/harfbuzz/harfbuzz/blob/2822b589bc837fae6f66233e2cf2eef0f6ce8470/src/hb-ot-layout-gsubgpos.hh"
+          "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
         },
         {
           "type": "FIX",
@@ -282,10 +285,6 @@
           "type": "ADVISORY",
           "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/22xxx/CVE-2026-22693.json"
         },
-        {
-          "type": "FIX",
-          "url": "https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae"
-        },
         {
           "type": "ADVISORY",
           "url": "https://github.com/harfbuzz/harfbuzz/security/advisories/GHSA-xvjr-f2r9-c7ww"
@@ -293,6 +292,10 @@
         {
           "type": "ADVISORY",
           "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22693"
+        },
+        {
+          "type": "FIX",
+          "url": "https://github.com/harfbuzz/harfbuzz/commit/1265ff8d990284f04d8768f35b0e20ae5f60daae"
         }
       ],
       "affected": [
@@ -346,7 +349,7 @@
       "id": "OSV-2020-484",
       "summary": "Heap-buffer-overflow in AAT::KerxSubTableFormat4\u003cAAT::KerxSubTableHeader\u003e::driver_context_t::transition",
       "details": "OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12532\n\n```\nCrash type: Heap-buffer-overflow READ 4\nCrash state:\nAAT::KerxSubTableFormat4\u003cAAT::KerxSubTableHeader\u003e::driver_context_t::transition\nvoid AAT::StateTableDriver\u003cAAT::ExtendedTypes, AAT::KerxSubTableFormat4\u003cAAT::Ker\nAAT::KerxSubTableFormat4\u003cAAT::KerxSubTableHeader\u003e::apply\n```\n",
-      "modified": "<RFC3339 date with the year 2022>",
+      "modified": "<RFC3339 date with the year 2026>",
       "published": "2020-07-01T00:00:12.297418Z",
       "references": [
         {
@@ -382,18 +385,22 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.3"
+      "schema_version": "1.7.5"
     }
-  ],
-  "query": {
-    "commit": "6879efc2c1596d11a6a6ad296f80063b558d5e0f"
-  }
+  ]
 }
 
 ---
 
 [Test/cassette_single_query/TestQueryEndpoint/GitQueryByTag - 1]
 {
+  "query": {
+    "package": {
+      "name": "https://github.com/curl/curl.git",
+      "ecosystem": "GIT"
+    },
+    "version": "8.5.0"
+  },
   "vulns": [
     {
       "id": "CURL-CVE-2024-0853",
@@ -757,7 +764,7 @@
       "summary": "HSTS subdomain overwrites parent cache entry",
       "details": "When curl is asked to use HSTS, the expiry time for a subdomain might\noverwrite a parent domain's cache entry, making it end sooner or later than\notherwise intended.\n\nThis affects curl using applications that enable HSTS and use URLs with the\ninsecure `HTTP://` scheme and perform transfers with hosts like\n`x.example.com` as well as `example.com` where the first host is a subdomain\nof the second host.\n\n(The HSTS cache either needs to have been populated manually or there needs to\nhave been previous HTTPS accesses done as the cache needs to have entries for\nthe domains involved to trigger this problem.)\n\nWhen `x.example.com` responds with `Strict-Transport-Security:` headers, this\nbug can make the subdomain's expiry timeout *bleed over* and get set for the\nparent domain `example.com` in curl's HSTS cache.\n\nThe result of a triggered bug is that HTTP accesses to `example.com` get\nconverted to HTTPS for a different period of time than what was asked for by\nthe origin server. If `example.com` for example stops supporting HTTPS at its\nexpiry time, curl might then fail to access `http://example.com` until the\n(wrongly set) timeout expires. This bug can also expire the parent's entry\n*earlier*, thus making curl inadvertently switch back to insecure HTTP earlier\nthan otherwise intended.",
       "aliases": ["CVE-2024-9681"],
-      "modified": "<RFC3339 date with the year 2024>",
+      "modified": "<RFC3339 date with the year 2026>",
       "published": "2024-11-05T08:00:00Z",
       "database_specific": "<Any value>",
       "affected": [
@@ -1423,10 +1430,6 @@
       "published": "2024-02-03T14:15:50.850Z",
       "related": ["CGA-jhf8-hfv6-c8cj", "openSUSE-SU-2024:13637-1"],
       "references": [
-        {
-          "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20240503-0012/"
-        },
         {
           "type": "ADVISORY",
           "url": "https://curl.se/docs/CVE-2024-0853.html"
@@ -1443,6 +1446,10 @@
           "type": "ADVISORY",
           "url": "https://security.netapp.com/advisory/ntap-20240426-0009/"
         },
+        {
+          "type": "ADVISORY",
+          "url": "https://security.netapp.com/advisory/ntap-20240503-0012/"
+        },
         {
           "type": "REPORT",
           "url": "https://hackerone.com/reports/2298922"
@@ -1576,23 +1583,23 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214119"
+          "url": "https://security.netapp.com/advisory/ntap-20240524-0006/"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
+          "url": "https://support.apple.com/kb/HT214118"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
+          "url": "https://support.apple.com/kb/HT214120"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2004.html"
+          "url": "https://curl.se/docs/CVE-2024-2004.json"
         },
         {
           "type": "ADVISORY",
@@ -1600,27 +1607,27 @@
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214118"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214120"
+          "url": "https://support.apple.com/kb/HT214119"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/1"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2004.json"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
         },
         {
           "type": "ADVISORY",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/"
+          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/1"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20240524-0006/"
+          "url": "https://curl.se/docs/CVE-2024-2004.html"
         },
         {
           "type": "REPORT",
@@ -1671,43 +1678,43 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2379.json"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20240531-0001/"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214118"
+          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/2"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214119"
+          "url": "https://curl.se/docs/CVE-2024-2379.json"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214120"
+          "url": "https://support.apple.com/kb/HT214118"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
+          "url": "https://support.apple.com/kb/HT214119"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
+          "url": "https://curl.se/docs/CVE-2024-2379.html"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/2"
+          "url": "https://security.netapp.com/advisory/ntap-20240531-0001/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2379.html"
+          "url": "https://support.apple.com/kb/HT214120"
         },
         {
           "type": "REPORT",
@@ -1765,27 +1772,27 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2398.html"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
         },
         {
           "type": "ADVISORY",
-          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/"
+          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/3"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214118"
+          "url": "https://curl.se/docs/CVE-2024-2398.html"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214119"
+          "url": "https://curl.se/docs/CVE-2024-2398.json"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
+          "url": "https://security.netapp.com/advisory/ntap-20240503-0009/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2398.json"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
         },
         {
           "type": "ADVISORY",
@@ -1793,23 +1800,23 @@
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20240503-0009/"
+          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMD6UYKCCRCYETWQZUJ65ZRFULT6SHLI/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214120"
+          "url": "https://support.apple.com/kb/HT214118"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
+          "url": "https://support.apple.com/kb/HT214119"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
+          "url": "https://support.apple.com/kb/HT214120"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/3"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
         },
         {
           "type": "REPORT",
@@ -1860,19 +1867,19 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214118"
+          "url": "https://support.apple.com/kb/HT214120"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/4"
+          "url": "https://curl.se/docs/CVE-2024-2466.html"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-2466.html"
+          "url": "https://support.apple.com/kb/HT214118"
         },
         {
           "type": "ADVISORY",
@@ -1880,15 +1887,15 @@
         },
         {
           "type": "ADVISORY",
-          "url": "https://support.apple.com/kb/HT214120"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
+          "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
         },
         {
           "type": "ADVISORY",
-          "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
+          "url": "http://www.openwall.com/lists/oss-security/2024/03/27/4"
         },
         {
           "type": "ADVISORY",
@@ -2097,23 +2104,23 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-8096.html"
+          "url": "http://www.openwall.com/lists/oss-security/2024/09/11/1"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-8096.json"
+          "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00008.html"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2024/09/11/1"
+          "url": "https://security.netapp.com/advisory/ntap-20241011-0005/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00008.html"
+          "url": "https://curl.se/docs/CVE-2024-8096.html"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20241011-0005/"
+          "url": "https://curl.se/docs/CVE-2024-8096.json"
         },
         {
           "type": "REPORT",
@@ -2173,51 +2180,51 @@
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/12"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/4"
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/13"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/5"
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/4"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/8"
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/8"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/10"
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/9"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/12"
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/10"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/13"
         },
         {
           "type": "WEB",
-          "url": "http://seclists.org/fulldisclosure/2025/Apr/5"
+          "url": "http://seclists.org/fulldisclosure/2025/Apr/9"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20241213-0006/"
+          "url": "https://curl.se/docs/CVE-2024-9681.json"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2024-9681.json"
+          "url": "https://security.netapp.com/advisory/ntap-20241213-0006/"
         },
         {
           "type": "FIX",
-          "url": "http://www.openwall.com/lists/oss-security/2024/11/06/2"
+          "url": "https://hackerone.com/reports/2764830"
         },
         {
           "type": "FIX",
-          "url": "https://curl.se/docs/CVE-2024-9681.html"
+          "url": "http://www.openwall.com/lists/oss-security/2024/11/06/2"
         },
         {
           "type": "FIX",
-          "url": "https://hackerone.com/reports/2764830"
+          "url": "https://curl.se/docs/CVE-2024-9681.html"
         }
       ],
       "affected": [
@@ -2267,15 +2274,15 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2025-0167.html"
+          "url": "https://security.netapp.com/advisory/ntap-20250306-0008/"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2025-0167.json"
+          "url": "https://curl.se/docs/CVE-2025-0167.html"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20250306-0008/"
+          "url": "https://curl.se/docs/CVE-2025-0167.json"
         },
         {
           "type": "REPORT",
@@ -2327,23 +2334,23 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2025-0665.html"
+          "url": "http://www.openwall.com/lists/oss-security/2025/02/05/2"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2025-0665.json"
+          "url": "http://www.openwall.com/lists/oss-security/2025/02/05/5"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2025/02/05/2"
+          "url": "https://security.netapp.com/advisory/ntap-20250306-0007/"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2025/02/05/5"
+          "url": "https://curl.se/docs/CVE-2025-0665.html"
         },
         {
           "type": "ADVISORY",
-          "url": "https://security.netapp.com/advisory/ntap-20250306-0007/"
+          "url": "https://curl.se/docs/CVE-2025-0665.json"
         },
         {
           "type": "REPORT",
@@ -2375,7 +2382,7 @@
       "severity": [
         {
           "type": "CVSS_V3",
-          "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+          "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"
         }
       ]
     },
@@ -2417,15 +2424,15 @@
         },
         {
           "type": "ARTICLE",
-          "url": "http://www.openwall.com/lists/oss-security/2025/02/05/3"
+          "url": "http://www.openwall.com/lists/oss-security/2025/02/06/2"
         },
         {
           "type": "ARTICLE",
-          "url": "http://www.openwall.com/lists/oss-security/2025/02/06/2"
+          "url": "http://www.openwall.com/lists/oss-security/2025/02/06/4"
         },
         {
           "type": "ARTICLE",
-          "url": "http://www.openwall.com/lists/oss-security/2025/02/06/4"
+          "url": "http://www.openwall.com/lists/oss-security/2025/02/05/3"
         }
       ],
       "affected": [
@@ -2677,11 +2684,11 @@
         },
         {
           "type": "FIX",
-          "url": "https://curl.se/docs/CVE-2025-14819.html"
+          "url": "http://www.openwall.com/lists/oss-security/2026/01/07/5"
         },
         {
           "type": "FIX",
-          "url": "http://www.openwall.com/lists/oss-security/2026/01/07/5"
+          "url": "https://curl.se/docs/CVE-2025-14819.html"
         }
       ],
       "affected": [
@@ -2744,11 +2751,11 @@
         },
         {
           "type": "FIX",
-          "url": "https://curl.se/docs/CVE-2025-15079.html"
+          "url": "http://www.openwall.com/lists/oss-security/2026/01/07/6"
         },
         {
           "type": "FIX",
-          "url": "http://www.openwall.com/lists/oss-security/2026/01/07/6"
+          "url": "https://curl.se/docs/CVE-2025-15079.html"
         }
       ],
       "affected": [
@@ -2810,11 +2817,11 @@
         },
         {
           "type": "FIX",
-          "url": "https://curl.se/docs/CVE-2025-15224.html"
+          "url": "http://www.openwall.com/lists/oss-security/2026/01/07/7"
         },
         {
           "type": "FIX",
-          "url": "http://www.openwall.com/lists/oss-security/2026/01/07/7"
+          "url": "https://curl.se/docs/CVE-2025-15224.html"
         }
       ],
       "affected": [
@@ -2860,15 +2867,15 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2025-5025.html"
+          "url": "http://www.openwall.com/lists/oss-security/2025/05/28/5"
         },
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2025-5025.json"
+          "url": "https://curl.se/docs/CVE-2025-5025.html"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2025/05/28/5"
+          "url": "https://curl.se/docs/CVE-2025-5025.json"
         },
         {
           "type": "REPORT",
@@ -2949,7 +2956,7 @@
               "database_specific": "<Any value>"
             }
           ],
-          "versions": 178,
+          "versions": 181,
           "database_specific": "<Any value>"
         }
       ],
@@ -2982,11 +2989,11 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2026-3783.json"
+          "url": "http://www.openwall.com/lists/oss-security/2026/03/11/2"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2026/03/11/2"
+          "url": "https://curl.se/docs/CVE-2026-3783.json"
         },
         {
           "type": "REPORT",
@@ -3014,7 +3021,7 @@
               "database_specific": "<Any value>"
             }
           ],
-          "versions": 113,
+          "versions": 116,
           "database_specific": "<Any value>"
         }
       ],
@@ -3047,11 +3054,11 @@
       "references": [
         {
           "type": "ADVISORY",
-          "url": "https://curl.se/docs/CVE-2026-3784.json"
+          "url": "http://www.openwall.com/lists/oss-security/2026/03/11/3"
         },
         {
           "type": "ADVISORY",
-          "url": "http://www.openwall.com/lists/oss-security/2026/03/11/3"
+          "url": "https://curl.se/docs/CVE-2026-3784.json"
         },
         {
           "type": "REPORT",
@@ -3079,7 +3086,7 @@
               "database_specific": "<Any value>"
             }
           ],
-          "versions": 204,
+          "versions": 207,
           "database_specific": "<Any value>"
         }
       ],
@@ -3091,14 +3098,7 @@
         }
       ]
     }
-  ],
-  "query": {
-    "package": {
-      "name": "https://github.com/curl/curl.git",
-      "ecosystem": "GIT"
-    },
-    "version": "8.5.0"
-  }
+  ]
 }
 
 ---
@@ -3112,14 +3112,20 @@
       "purl": "pkg:pypi/jinja2@3.1.4"
     },
     "version": "3.1.4"
-  },
-  "vulns": []
+  }
 }
 
 ---
 
 [Test/cassette_single_query/TestQueryEndpoint/PackageAndVersionQuery - 1]
 {
+  "query": {
+    "package": {
+      "name": "nokogiri",
+      "ecosystem": "RubyGems"
+    },
+    "version": "1.18.2"
+  },
   "vulns": [
     {
       "id": "GHSA-353f-x4gh-cqq8",
@@ -3409,20 +3415,20 @@
         }
       ]
     }
-  ],
-  "query": {
-    "package": {
-      "name": "nokogiri",
-      "ecosystem": "RubyGems"
-    },
-    "version": "1.18.2"
-  }
+  ]
 }
 
 ---
 
 [Test/cassette_single_query/TestQueryEndpoint/Valid1 - 1]
 {
+  "query": {
+    "package": {
+      "name": "jinja2",
+      "ecosystem": "PyPI"
+    },
+    "version": "3.1.4"
+  },
   "vulns": [
     {
       "id": "GHSA-cpwx-vrp4-4pq7",
@@ -3483,7 +3489,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.3",
+      "schema_version": "1.7.5",
       "severity": [
         {
           "type": "CVSS_V4",
@@ -3550,7 +3556,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.3",
+      "schema_version": "1.7.5",
       "severity": [
         {
           "type": "CVSS_V3",
@@ -3621,7 +3627,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.3",
+      "schema_version": "1.7.5",
       "severity": [
         {
           "type": "CVSS_V3",
@@ -3633,20 +3639,18 @@
         }
       ]
     }
-  ],
-  "query": {
-    "package": {
-      "name": "jinja2",
-      "ecosystem": "PyPI"
-    },
-    "version": "3.1.4"
-  }
+  ]
 }
 
 ---
 
 [Test/cassette_single_query/TestQueryEndpoint/Valid2 - 1]
 {
+  "query": {
+    "package": {
+      "purl": "pkg:pypi/jinja2@3.1.4"
+    }
+  },
   "vulns": [
     {
       "id": "GHSA-cpwx-vrp4-4pq7",
@@ -3707,7 +3711,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.3",
+      "schema_version": "1.7.5",
       "severity": [
         {
           "type": "CVSS_V4",
@@ -3774,7 +3778,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.3",
+      "schema_version": "1.7.5",
       "severity": [
         {
           "type": "CVSS_V3",
@@ -3845,7 +3849,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.3",
+      "schema_version": "1.7.5",
       "severity": [
         {
           "type": "CVSS_V3",
@@ -3857,18 +3861,19 @@
         }
       ]
     }
-  ],
-  "query": {
-    "package": {
-      "purl": "pkg:pypi/jinja2@3.1.4"
-    }
-  }
+  ]
 }
 
 ---
 
 [Test/cassette_single_query/TestQueryEndpoint/Valid3 - 1]
 {
+  "query": {
+    "package": {
+      "purl": "pkg:pypi/jinja2"
+    },
+    "version": "3.1.4"
+  },
   "vulns": [
     {
       "id": "GHSA-cpwx-vrp4-4pq7",
@@ -3929,7 +3934,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.3",
+      "schema_version": "1.7.5",
       "severity": [
         {
           "type": "CVSS_V4",
@@ -3996,7 +4001,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.3",
+      "schema_version": "1.7.5",
       "severity": [
         {
           "type": "CVSS_V3",
@@ -4067,7 +4072,7 @@
           "database_specific": "<Any value>"
         }
       ],
-      "schema_version": "1.7.3",
+      "schema_version": "1.7.5",
       "severity": [
         {
           "type": "CVSS_V3",
@@ -4079,13 +4084,7 @@
         }
       ]
     }
-  ],
-  "query": {
-    "package": {
-      "purl": "pkg:pypi/jinja2"
-    },
-    "version": "3.1.4"
-  }
+  ]
 }
 
 ---
diff --git a/tools/apitester/main_test.go b/tools/apitester/main_test.go
index 9f479c4a650..ca919e5bd23 100644
--- a/tools/apitester/main_test.go
+++ b/tools/apitester/main_test.go
@@ -99,11 +99,14 @@ func normalizeJSONBody(t *testing.T, reqBody []byte, resp *http.Response) string
 				body = res
 			}
 		}
-		if !gjson.GetBytes(body, "vulns").Exists() {
+		if !gjson.GetBytes(body, "vulns").Exists() && !gjson.GetBytes(body, "code").Exists() {
 			res, err := sjson.SetRawBytes(body, "vulns", []byte("[]"))
 			if err == nil {
 				body = res
 			}
+		} else if vulns := gjson.GetBytes(body, "vulns"); vulns.Exists() {
+			body, _ = sjson.DeleteBytes(body, "vulns")
+			body, _ = sjson.SetRawBytes(body, "vulns", []byte(vulns.Raw))
 		}
 	case "/v1/querybatch":
 		queries := gjson.GetBytes(reqBody, "queries")
@@ -113,11 +116,14 @@ func normalizeJSONBody(t *testing.T, reqBody []byte, resp *http.Response) string
 				if err == nil {
 					body = res
 				}
-				if !gjson.GetBytes(body, fmt.Sprintf("results.%d.vulns", i)).Exists() {
+				if !gjson.GetBytes(body, fmt.Sprintf("results.%d.vulns", i)).Exists() && !gjson.GetBytes(body, "code").Exists() {
 					res, err := sjson.SetRawBytes(body, fmt.Sprintf("results.%d.vulns", i), []byte("[]"))
 					if err == nil {
 						body = res
 					}
+				} else if vulns := gjson.GetBytes(body, fmt.Sprintf("results.%d.vulns", i)); vulns.Exists() {
+					body, _ = sjson.DeleteBytes(body, fmt.Sprintf("results.%d.vulns", i))
+					body, _ = sjson.SetRawBytes(body, fmt.Sprintf("results.%d.vulns", i), []byte(vulns.Raw))
 				}
 			}
 		}