diff --git a/security/osv-scanner/Makefile b/security/osv-scanner/Makefile
index 90410cea3e7..b6d6a827eeb 100644
--- a/security/osv-scanner/Makefile
+++ b/security/osv-scanner/Makefile
@@ -6,7 +6,7 @@ ONLY_FOR_ARCHS = aarch64 amd64 mips64 riscv64
 
 COMMENT =	scan your project's dependencies for vulnerabilities
 
-V =		1.0.1
+V =		1.1.0
 MODGO_MODNAME =	github.com/google/osv-scanner
 MODGO_VERSION =	v${V}
 
diff --git a/security/osv-scanner/distinfo b/security/osv-scanner/distinfo
index eeb60647730..5d4a28c2462 100644
--- a/security/osv-scanner/distinfo
+++ b/security/osv-scanner/distinfo
@@ -12,8 +12,8 @@ SHA256 (go_modules/github.com/davecgh/go-spew/@v/v1.1.1.zip) = a0SoQ5UfNxtwEMdU7
 SHA256 (go_modules/github.com/google/go-cmp/@v/v0.5.8.mod) = 58dmnUod1Ym6PgJLon9D8pPbYR/gdc4g17iENw1j/r0=
 SHA256 (go_modules/github.com/google/go-cmp/@v/v0.5.9.mod) = 58dmnUod1Ym6PgJLon9D8pPbYR/gdc4g17iENw1j/r0=
 SHA256 (go_modules/github.com/google/go-cmp/@v/v0.5.9.zip) = MkUIdKx1bvXUf2uBkwUQUwS5gZBFoW4/EFKJt88lLFE=
-SHA256 (go_modules/github.com/jedib0t/go-pretty/v6/@v/v6.4.3.mod) = KX5PvsKRgh9GSlm25ZC6Y3FGY+pDSkdaRlgoJOLOozQ=
-SHA256 (go_modules/github.com/jedib0t/go-pretty/v6/@v/v6.4.3.zip) = po8vjJ6jw4dLgDKeRLUVQd81BB9n/n3xlmItpAG/FkY=
+SHA256 (go_modules/github.com/jedib0t/go-pretty/v6/@v/v6.4.4.mod) = KX5PvsKRgh9GSlm25ZC6Y3FGY+pDSkdaRlgoJOLOozQ=
+SHA256 (go_modules/github.com/jedib0t/go-pretty/v6/@v/v6.4.4.zip) = AmTLWNxV8cnvWMbk9xXOUJSR9QBlxCvRKy+M8/R5Qvw=
 SHA256 (go_modules/github.com/mattn/go-runewidth/@v/v0.0.13.mod) = IWyT0ZMQYSyB1cdBAkmJ+DiX0jM8Op+We1ixMXWH9Rk=
 SHA256 (go_modules/github.com/mattn/go-runewidth/@v/v0.0.13.zip) = wQThTBYSptc2vRCf5f7JdJqBRuH303hE2KChKW4A1Ok=
 SHA256 (go_modules/github.com/package-url/packageurl-go/@v/v0.1.0.mod) = dRewXBS0JZJtI9XFqlk5cMumXf0FYeZSFfUOetMSct8=
@@ -27,7 +27,8 @@ SHA256 (go_modules/github.com/rivo/uniseg/@v/v0.2.0.zip) = MZnZS+UChBQiIGYso7AOG
 SHA256 (go_modules/github.com/russross/blackfriday/v2/@v/v2.1.0.mod) = w5VHzOboZujPo5XSk3vOMIAc0H8LkBwhMySPH7oS9Y0=
 SHA256 (go_modules/github.com/russross/blackfriday/v2/@v/v2.1.0.zip) = eFJ1DVigU844sB8sIDIIgXVk9VLr83GytjAIHXAExq4=
 SHA256 (go_modules/github.com/spdx/gordf/@v/v0.0.0-20201111095634-7098f93598fb.mod) = eKUongYQUXmwBVYtvFiYMNLnHrFgrEUV5RiQ5fFMgYk=
-SHA256 (go_modules/github.com/spdx/gordf/@v/v0.0.0-20201111095634-7098f93598fb.zip) = hqYCLfi79ax5wOEswMweeNSqW3stEN8myZb9AHM3CXc=
+SHA256 (go_modules/github.com/spdx/gordf/@v/v0.0.0-20221230105357-b735bd5aac89.mod) = eKUongYQUXmwBVYtvFiYMNLnHrFgrEUV5RiQ5fFMgYk=
+SHA256 (go_modules/github.com/spdx/gordf/@v/v0.0.0-20221230105357-b735bd5aac89.zip) = XxsMQLKthYlrDa14n8WZRd/FR93bivyiABl27UQYdtw=
 SHA256 (go_modules/github.com/spdx/tools-golang/@v/v0.3.0.mod) = pzTav12SNlf+zzGWYqCp8ffMLO3NPpMRSjcDuzz+BgY=
 SHA256 (go_modules/github.com/spdx/tools-golang/@v/v0.3.0.zip) = 28SikP6hnm0Rngc16IXi7oy/UdOl4JT5c62VjBW56Xc=
 SHA256 (go_modules/github.com/stretchr/objx/@v/v0.1.0.mod) = E1A1TVLSKHpiM27MDVYjLUxHaZr5u6ScZ8K0glTamPE=
@@ -41,17 +42,17 @@ SHA256 (go_modules/github.com/urfave/cli/v2/@v/v2.23.7.mod) = vrUO54Wf55rTJgt1on
 SHA256 (go_modules/github.com/urfave/cli/v2/@v/v2.23.7.zip) = ggVH4pFbQmV/sBeFs5SaraWtVKqPhFAOWWwJCqawjgQ=
 SHA256 (go_modules/github.com/xrash/smetrics/@v/v0.0.0-20201216005158-039620a65673.mod) = Kz9hJyfgYrwlZDq5c5S7f0F6KXqf9lIqDxjs93h38EI=
 SHA256 (go_modules/github.com/xrash/smetrics/@v/v0.0.0-20201216005158-039620a65673.zip) = u+u5oA9E/z4nvsFhEe/9zycG1yeCGkgz7I2hmq2W4m0=
-SHA256 (go_modules/golang.org/x/exp/@v/v0.0.0-20221212164502-fae10dda9338.mod) = AWlyQUC24fWTQogGuQZg3GxMER20/hXZIWJCRvypaug=
-SHA256 (go_modules/golang.org/x/exp/@v/v0.0.0-20221212164502-fae10dda9338.zip) = Me1mJoei/5JyjIGzefYZ6UB87H+oQTPYGZFXEU9HrKE=
+SHA256 (go_modules/golang.org/x/exp/@v/v0.0.0-20230111222715-75897c7a292a.mod) = AWlyQUC24fWTQogGuQZg3GxMER20/hXZIWJCRvypaug=
+SHA256 (go_modules/golang.org/x/exp/@v/v0.0.0-20230111222715-75897c7a292a.zip) = UVGYUJyqriBuvukNeEB8lVXUQrnZw9hlJFhcZMcCyh4=
 SHA256 (go_modules/golang.org/x/mod/@v/v0.6.0.mod) = mfQKUOjWDCWZrEXGzix21VSoQorNE8LGikk/ymGbT6g=
 SHA256 (go_modules/golang.org/x/mod/@v/v0.7.0.mod) = YkVnRZxumUesSr3gtwNO5h3Ltqk3P1lwCUwLs+gSGWQ=
 SHA256 (go_modules/golang.org/x/mod/@v/v0.7.0.zip) = JKvR2xMymHPXIDTcJ++tCcvDfTnPKLj/e7PCrcju3vc=
 SHA256 (go_modules/golang.org/x/sys/@v/v0.0.0-20190412213103-97732733099d.mod) = GBl56L1X0tngZBgtqGyaYRGqaXVeiI8IQx7OR0Kuw0M=
 SHA256 (go_modules/golang.org/x/sys/@v/v0.1.0.mod) = 8DMzMJb+GY8xUd7tk/LeunTlC7/nc5E0BFvDt85KUCQ=
-SHA256 (go_modules/golang.org/x/sys/@v/v0.3.0.mod) = 8DMzMJb+GY8xUd7tk/LeunTlC7/nc5E0BFvDt85KUCQ=
-SHA256 (go_modules/golang.org/x/sys/@v/v0.3.0.zip) = y98Y476fIRypYmhKwZ1B1L4kBCiY7AzGZL+NHClV04Q=
-SHA256 (go_modules/golang.org/x/term/@v/v0.3.0.mod) = HlYfdBO3S00wyi1smHTM0Tu4yU2qDmwjd7rZ6c9tvlg=
-SHA256 (go_modules/golang.org/x/term/@v/v0.3.0.zip) = HNnVjqLYYpm4VphyOOY5KlDmiNBGnMs7SkaTSfJDlQc=
+SHA256 (go_modules/golang.org/x/sys/@v/v0.4.0.mod) = 8DMzMJb+GY8xUd7tk/LeunTlC7/nc5E0BFvDt85KUCQ=
+SHA256 (go_modules/golang.org/x/sys/@v/v0.4.0.zip) = 76k1T8qnCYJbuxyGuD4jR867U0n0MmzEyMy5cq0yAyw=
+SHA256 (go_modules/golang.org/x/term/@v/v0.4.0.mod) = zeXNBcC9PaC/rF4royqoXCVwjmVJPn4bfXPDCXcKd7o=
+SHA256 (go_modules/golang.org/x/term/@v/v0.4.0.zip) = R3Dzfqp9VJkacfRu7I4pZBCRg7Ai649k1vqOaJNOL3w=
 SHA256 (go_modules/golang.org/x/tools/@v/v0.1.12.mod) = KouTZYmPCCL6zmW6CJoTU+aKZdNC8wDKMXzOzN5kIfM=
 SHA256 (go_modules/golang.org/x/tools/@v/v0.2.0.mod) = nJteYq9p8rEAKc4SlE3Ig08SJqg7skPpoNvzfguxhro=
 SHA256 (go_modules/golang.org/x/tools/@v/v0.2.0.zip) = BdojYR13Wy03cUOPouXlIsyUijU3LLetAZ/khPHpGuA=
@@ -62,7 +63,7 @@ SHA256 (go_modules/gopkg.in/yaml.v2/@v/v2.4.0.zip) = 7eSeJ8TMps3S7HGa7Y6k02NxDM6
 SHA256 (go_modules/gopkg.in/yaml.v3/@v/v3.0.0-20200313102051-9f266ea9e77c.mod) = IVeYYKIDBvz0OxvSNNH7oxlJnHdhG3HAX5vzupDauTk=
 SHA256 (go_modules/gopkg.in/yaml.v3/@v/v3.0.1.mod) = IVeYYKIDBvz0OxvSNNH7oxlJnHdhG3HAX5vzupDauTk=
 SHA256 (go_modules/gopkg.in/yaml.v3/@v/v3.0.1.zip) = qrj7xOYwDqCOav4crqGKIckMefSJ9SxT4vIEMfGpoBU=
-SHA256 (osv-scanner-v1.0.1.zip) = MmfEb0TSQZObr16FWwt0uOuaMeW8oCheIvcSBNBHKys=
+SHA256 (osv-scanner-v1.1.0.zip) = fwTZmxXuzkrk/Rh7my+/8UBVyqE6UKf7CrKitGV1xrs=
 SIZE (go_modules/github.com/!burnt!sushi/toml/@v/v1.2.1.mod) = 43
 SIZE (go_modules/github.com/!burnt!sushi/toml/@v/v1.2.1.zip) = 238822
 SIZE (go_modules/github.com/!cyclone!d!x/cyclonedx-go/@v/v0.7.0.mod) = 289
@@ -77,8 +78,8 @@ SIZE (go_modules/github.com/davecgh/go-spew/@v/v1.1.1.zip) = 60320
 SIZE (go_modules/github.com/google/go-cmp/@v/v0.5.8.mod) = 41
 SIZE (go_modules/github.com/google/go-cmp/@v/v0.5.9.mod) = 41
 SIZE (go_modules/github.com/google/go-cmp/@v/v0.5.9.zip) = 130220
-SIZE (go_modules/github.com/jedib0t/go-pretty/v6/@v/v6.4.3.mod) = 220
-SIZE (go_modules/github.com/jedib0t/go-pretty/v6/@v/v6.4.3.zip) = 787640
+SIZE (go_modules/github.com/jedib0t/go-pretty/v6/@v/v6.4.4.mod) = 220
+SIZE (go_modules/github.com/jedib0t/go-pretty/v6/@v/v6.4.4.zip) = 787989
 SIZE (go_modules/github.com/mattn/go-runewidth/@v/v0.0.13.mod) = 84
 SIZE (go_modules/github.com/mattn/go-runewidth/@v/v0.0.13.zip) = 20978
 SIZE (go_modules/github.com/package-url/packageurl-go/@v/v0.1.0.mod) = 53
@@ -92,7 +93,8 @@ SIZE (go_modules/github.com/rivo/uniseg/@v/v0.2.0.zip) = 45731
 SIZE (go_modules/github.com/russross/blackfriday/v2/@v/v2.1.0.mod) = 42
 SIZE (go_modules/github.com/russross/blackfriday/v2/@v/v2.1.0.zip) = 122358
 SIZE (go_modules/github.com/spdx/gordf/@v/v0.0.0-20201111095634-7098f93598fb.mod) = 38
-SIZE (go_modules/github.com/spdx/gordf/@v/v0.0.0-20201111095634-7098f93598fb.zip) = 43626
+SIZE (go_modules/github.com/spdx/gordf/@v/v0.0.0-20221230105357-b735bd5aac89.mod) = 38
+SIZE (go_modules/github.com/spdx/gordf/@v/v0.0.0-20221230105357-b735bd5aac89.zip) = 56398
 SIZE (go_modules/github.com/spdx/tools-golang/@v/v0.3.0.mod) = 111
 SIZE (go_modules/github.com/spdx/tools-golang/@v/v0.3.0.zip) = 433961
 SIZE (go_modules/github.com/stretchr/objx/@v/v0.1.0.mod) = 32
@@ -106,17 +108,17 @@ SIZE (go_modules/github.com/urfave/cli/v2/@v/v2.23.7.mod) = 280
 SIZE (go_modules/github.com/urfave/cli/v2/@v/v2.23.7.zip) = 3544683
 SIZE (go_modules/github.com/xrash/smetrics/@v/v0.0.0-20201216005158-039620a65673.mod) = 33
 SIZE (go_modules/github.com/xrash/smetrics/@v/v0.0.0-20201216005158-039620a65673.zip) = 1826113
-SIZE (go_modules/golang.org/x/exp/@v/v0.0.0-20221212164502-fae10dda9338.mod) = 176
-SIZE (go_modules/golang.org/x/exp/@v/v0.0.0-20221212164502-fae10dda9338.zip) = 431866
+SIZE (go_modules/golang.org/x/exp/@v/v0.0.0-20230111222715-75897c7a292a.mod) = 176
+SIZE (go_modules/golang.org/x/exp/@v/v0.0.0-20230111222715-75897c7a292a.zip) = 438005
 SIZE (go_modules/golang.org/x/mod/@v/v0.6.0.mod) = 117
 SIZE (go_modules/golang.org/x/mod/@v/v0.7.0.mod) = 84
 SIZE (go_modules/golang.org/x/mod/@v/v0.7.0.zip) = 161744
 SIZE (go_modules/golang.org/x/sys/@v/v0.0.0-20190412213103-97732733099d.mod) = 33
 SIZE (go_modules/golang.org/x/sys/@v/v0.1.0.mod) = 33
-SIZE (go_modules/golang.org/x/sys/@v/v0.3.0.mod) = 33
-SIZE (go_modules/golang.org/x/sys/@v/v0.3.0.zip) = 1862151
-SIZE (go_modules/golang.org/x/term/@v/v0.3.0.mod) = 67
-SIZE (go_modules/golang.org/x/term/@v/v0.3.0.zip) = 19924
+SIZE (go_modules/golang.org/x/sys/@v/v0.4.0.mod) = 33
+SIZE (go_modules/golang.org/x/sys/@v/v0.4.0.zip) = 1881264
+SIZE (go_modules/golang.org/x/term/@v/v0.4.0.mod) = 67
+SIZE (go_modules/golang.org/x/term/@v/v0.4.0.zip) = 19924
 SIZE (go_modules/golang.org/x/tools/@v/v0.1.12.mod) = 327
 SIZE (go_modules/golang.org/x/tools/@v/v0.2.0.mod) = 177
 SIZE (go_modules/golang.org/x/tools/@v/v0.2.0.zip) = 2935954
@@ -127,4 +129,4 @@ SIZE (go_modules/gopkg.in/yaml.v2/@v/v2.4.0.zip) = 81183
 SIZE (go_modules/gopkg.in/yaml.v3/@v/v3.0.0-20200313102051-9f266ea9e77c.mod) = 95
 SIZE (go_modules/gopkg.in/yaml.v3/@v/v3.0.1.mod) = 95
 SIZE (go_modules/gopkg.in/yaml.v3/@v/v3.0.1.zip) = 104623
-SIZE (osv-scanner-v1.0.1.zip) = 169996
+SIZE (osv-scanner-v1.1.0.zip) = 199043
diff --git a/security/osv-scanner/modules.inc b/security/osv-scanner/modules.inc
index b6b9d8dbca5..4310eeeed16 100644
--- a/security/osv-scanner/modules.inc
+++ b/security/osv-scanner/modules.inc
@@ -5,30 +5,32 @@ MODGO_MODULES =	\
 	github.com/cpuguy83/go-md2man/v2	 v2.0.2 \
 	github.com/davecgh/go-spew		 v1.1.1 \
 	github.com/google/go-cmp		 v0.5.9 \
-	github.com/jedib0t/go-pretty/v6		 v6.4.3 \
+	github.com/jedib0t/go-pretty/v6		 v6.4.4 \
 	github.com/mattn/go-runewidth		 v0.0.13 \
 	github.com/package-url/packageurl-go	 v0.1.0 \
 	github.com/pkg/profile			 v1.6.0 \
 	github.com/pmezard/go-difflib		 v1.0.0 \
 	github.com/rivo/uniseg			 v0.2.0 \
 	github.com/russross/blackfriday/v2	 v2.1.0 \
-	github.com/spdx/gordf			 v0.0.0-20201111095634-7098f93598fb \
+	github.com/spdx/gordf			 v0.0.0-20221230105357-b735bd5aac89 \
 	github.com/spdx/tools-golang		 v0.3.0 \
 	github.com/stretchr/objx		 v0.4.0 \
 	github.com/stretchr/testify		 v1.8.0 \
 	github.com/urfave/cli/v2		 v2.23.7 \
 	github.com/xrash/smetrics		 v0.0.0-20201216005158-039620a65673 \
-	golang.org/x/exp			 v0.0.0-20221212164502-fae10dda9338 \
+	golang.org/x/exp			 v0.0.0-20230111222715-75897c7a292a \
 	golang.org/x/mod			 v0.7.0 \
-	golang.org/x/sys			 v0.3.0 \
-	golang.org/x/term			 v0.3.0 \
+	golang.org/x/sys			 v0.4.0 \
+	golang.org/x/term			 v0.4.0 \
 	golang.org/x/tools			 v0.2.0 \
 	gopkg.in/check.v1			 v0.0.0-20161208181325-20d25e280405 \
 	gopkg.in/yaml.v2			 v2.4.0 \
 	gopkg.in/yaml.v3			 v3.0.1
+
 MODGO_MODFILES =	\
 	github.com/davecgh/go-spew	 v1.1.0 \
 	github.com/google/go-cmp	 v0.5.8 \
+	github.com/spdx/gordf		 v0.0.0-20201111095634-7098f93598fb \
 	github.com/stretchr/objx	 v0.1.0 \
 	github.com/stretchr/testify	 v1.7.1 \
 	github.com/stretchr/testify	 v1.7.4 \