Crash when scanning large repository #2351
Description
Steps
- run the follow steps
cd /tmp
git clone https://github.com/openvinotoolkit/openvino.git
osv-scanner scan source --recursive --call-analysis=all --format json openvinoexpected
- results are printed as JSON
actual
Killed with exit code 137
...
Scanned /openvino/tests/llm/requirements.txt file and found 95 packages
failed to parse metadata for file google-pasta-0.2.0.tar.gz: sdist: dependencies in setup.py, not in PKG-INFO
Scanned /openvino/tests/model_hub_tests/performance_tests/requirements.txt file and found 49 packages
failed to parse metadata for file google-pasta-0.2.0.tar.gz: sdist: dependencies in setup.py, not in PKG-INFO
Killed
~ # echo $?
137
version
ghcr.io/google/osv-scanner:latest (pulled on November 18 2025)
/osv-scanner --version
osv-scanner version: 2.2.4
osv-scalibr version: 0.3.6
commit: 8b6727b2c439cdea8bc3a033bf7c76d76cbaee08
built at: 2025-10-29T05:12:57
notes
- this crash does not occur on 2.0.1
Metadata
Metadata
Assignees
Labels
No labels