google
diff --git a/‎.golangci.yaml
+46 b/‎.golangci.yaml
+46
diff --git a/‎cmd/osv-scanner/__snapshots__/main_test.snap
+86-152 b/‎cmd/osv-scanner/__snapshots__/main_test.snap
+86-152
diff --git a/‎cmd/osv-scanner/fix/main.go
+7-7 b/‎cmd/osv-scanner/fix/main.go
+7-7
diff --git a/‎cmd/osv-scanner/fix/model.go
+8-8 b/‎cmd/osv-scanner/fix/model.go
+8-8
diff --git a/‎cmd/osv-scanner/fix/noninteractive.go
+30-29 b/‎cmd/osv-scanner/fix/noninteractive.go
+30-29
@@ -55,11 +55,57 @@ linters-settings:
     disabled-checks:
       - ifElseChain
   revive:
+    # enable-all-rules: true
     rules:
+      # Overrides ----
+      # This is just here for documentation purposes, as all rules are disabled by default
       - name: increment-decrement
         disabled: true
+      # Defaults ----
+      - name: blank-imports
+        disabled: false
+      - name: context-as-argument
+        disabled: false
+      - name: context-keys-type
+        disabled: false
+      - name: dot-imports
+        disabled: false
+      - name: empty-block
+        disabled: false
+      - name: error-naming
+        disabled: false
+      - name: error-return
+        disabled: false
+      - name: error-strings
+        disabled: false
+      - name: errorf
+        disabled: false
+      - name: exported
+        disabled: false
       - name: indent-error-flow
         disabled: false
+      - name: package-comments
+        disabled: false
+      - name: range
+        disabled: false
+      - name: receiver-naming
+        disabled: false
+      - name: redefines-builtin-id
+        disabled: false
+      - name: superfluous-else
+        disabled: false
+      - name: time-naming
+        disabled: false
+      - name: unexported-return
+        disabled: false
+      - name: unreachable-code
+        disabled: false
+      - name: unused-parameter
+        disabled: false
+      - name: var-declaration
+        disabled: false
+      - name: var-naming
+        disabled: false
   nlreturn:
     # Size of the block (including return statement that is still "OK")
     # so no return split required.
 
@@ -29,12 +29,12 @@ const (
 )
 
 type osvFixOptions struct {
-	remediation.RemediationOptions
+	remediation.Options
 	Client     client.ResolutionClient
 	Manifest   string
-	ManifestRW manifest.ManifestIO
+	ManifestRW manifest.ReadWriter
 	Lockfile   string
-	LockfileRW lockfile.LockfileIO
+	LockfileRW lockfile.ReadWriter
 	RelockCmd  string
 }
 
@@ -60,7 +60,7 @@ func Command(stdout, stderr io.Writer, r *reporter.Reporter) *cli.Command {
 				Name:  "data-source",
 				Usage: "source to fetch package information from; value can be: deps.dev, native",
 				Value: "deps.dev",
-				Action: func(ctx *cli.Context, s string) error {
+				Action: func(_ *cli.Context, s string) error {
 					if s != "deps.dev" && s != "native" {
 						return fmt.Errorf("unsupported data-source \"%s\" - must be one of: deps.dev, native", s)
 					}
@@ -238,7 +238,7 @@ func action(ctx *cli.Context, stdout, stderr io.Writer) (reporter.Reporter, erro
 	r := reporter.NewTableReporter(stdout, stderr, reporter.InfoLevel, false, 0)
 
 	opts := osvFixOptions{
-		RemediationOptions: remediation.RemediationOptions{
+		Options: remediation.Options{
 			ResolveOpts: resolution.ResolveOpts{
 				MavenManagement: ctx.Bool("maven-fix-management"),
 			},
@@ -260,7 +260,7 @@ func action(ctx *cli.Context, stdout, stderr io.Writer) (reporter.Reporter, erro
 	system := resolve.UnknownSystem
 
 	if opts.Lockfile != "" {
-		rw, err := lockfile.GetLockfileIO(opts.Lockfile)
+		rw, err := lockfile.GetReadWriter(opts.Lockfile)
 		if err != nil {
 			return nil, err
 		}
@@ -269,7 +269,7 @@ func action(ctx *cli.Context, stdout, stderr io.Writer) (reporter.Reporter, erro
 	}
 
 	if opts.Manifest != "" {
-		rw, err := manifest.GetManifestIO(opts.Manifest)
+		rw, err := manifest.GetReadWriter(opts.Manifest)
 		if err != nil {
 			return nil, err
 		}
 
@@ -43,9 +43,9 @@ type model struct {
 	err     error      // set if a fatal error occurs within the program
 	writing bool       // whether the model is currently shelling out writing lockfile/manifest file
 
-	inPlaceResult     *remediation.InPlaceResult   // results & patches from minimal / in-place resolution
-	relockBaseRes     *resolution.ResolutionResult // Base relock result, matching the current manifest on disk
-	relockBaseResErrs []resolution.ResolutionError // Errors in base relock result
+	inPlaceResult     *remediation.InPlaceResult // results & patches from minimal / in-place resolution
+	relockBaseRes     *resolution.Result         // Base relock result, matching the current manifest on disk
+	relockBaseResErrs []resolution.NodeError     // Errors in base relock result
 }
 
 func newModel(ctx context.Context, opts osvFixOptions, cl client.ResolutionClient) model {
@@ -191,17 +191,17 @@ func doInPlaceResolution(ctx context.Context, cl client.ResolutionClient, opts o
 	if err != nil {
 		return inPlaceResolutionMsg{err: err}
 	}
-	res, err := remediation.ComputeInPlacePatches(ctx, cl, g, opts.RemediationOptions)
+	res, err := remediation.ComputeInPlacePatches(ctx, cl, g, opts.Options)
 
 	return inPlaceResolutionMsg{res, g, err}
 }
 
 type doRelockMsg struct {
-	res *resolution.ResolutionResult
+	res *resolution.Result
 	err error
 }
 
-func doRelock(ctx context.Context, cl client.ResolutionClient, m manif.Manifest, opts resolution.ResolveOpts, matchFn func(resolution.ResolutionVuln) bool) tea.Msg {
+func doRelock(ctx context.Context, cl client.ResolutionClient, m manif.Manifest, opts resolution.ResolveOpts, matchFn func(resolution.Vulnerability) bool) tea.Msg {
 	res, err := resolution.Resolve(ctx, cl, m, opts)
 	if err != nil {
 		return doRelockMsg{nil, err}
@@ -226,7 +226,7 @@ func doInitialRelock(ctx context.Context, opts osvFixOptions) tea.Msg {
 	if err != nil {
 		return doRelockMsg{err: err}
 	}
-	opts.Client.PreFetch(ctx, m.Requirements, m.FilePath)
+	client.PreFetch(ctx, opts.Client, m.Requirements, m.FilePath)
 
 	return doRelock(ctx, opts.Client, m, opts.ResolveOpts, opts.MatchVuln)
 }
@@ -240,7 +240,7 @@ func (s infoStringView) Resize(int, int)                         {}
 
 var emptyInfoView = infoStringView("")
 
-func resolutionErrorView(res *resolution.ResolutionResult, errs []resolution.ResolutionError) tui.ViewModel {
+func resolutionErrorView(res *resolution.Result, errs []resolution.NodeError) tui.ViewModel {
 	if len(errs) == 0 {
 		return emptyInfoView
 	}
 
@@ -12,6 +12,7 @@ import (
 	"deps.dev/util/resolve"
 	"github.com/google/osv-scanner/internal/remediation"
 	"github.com/google/osv-scanner/internal/resolution"
+	"github.com/google/osv-scanner/internal/resolution/client"
 	lf "github.com/google/osv-scanner/internal/resolution/lockfile"
 	"github.com/google/osv-scanner/internal/resolution/manifest"
 	"github.com/google/osv-scanner/pkg/lockfile"
@@ -36,7 +37,7 @@ func autoInPlace(ctx context.Context, r reporter.Reporter, opts osvFixOptions, m
 		return err
 	}
 
-	res, err := remediation.ComputeInPlacePatches(ctx, opts.Client, g, opts.RemediationOptions)
+	res, err := remediation.ComputeInPlacePatches(ctx, opts.Client, g, opts.Options)
 	if err != nil {
 		return err
 	}
@@ -57,7 +58,7 @@ func autoInPlace(ctx context.Context, r reporter.Reporter, opts osvFixOptions, m
 		if i > 0 {
 			r.Infof(",")
 		}
-		r.Infof("%s", v.Vulnerability.ID)
+		r.Infof("%s", v.OSV.ID)
 	}
 	r.Infof("\n")
 
@@ -72,7 +73,7 @@ func autoInPlace(ctx context.Context, r reporter.Reporter, opts osvFixOptions, m
 
 // returns the top {maxUpgrades} compatible patches, the vulns fixed, and the number of potentially fixable vulns left unfixed
 // if maxUpgrades is < 0, do as many patches as possible
-func autoChooseInPlacePatches(res remediation.InPlaceResult, maxUpgrades int) ([]lf.DependencyPatch, []resolution.ResolutionVuln, int) {
+func autoChooseInPlacePatches(res remediation.InPlaceResult, maxUpgrades int) ([]lf.DependencyPatch, []resolution.Vulnerability, int) {
 	// Keep track of the VersionKeys we've already patched so we know which patches are incompatible
 	seenVKs := make(map[resolve.VersionKey]bool)
 
@@ -83,7 +84,7 @@ func autoChooseInPlacePatches(res remediation.InPlaceResult, maxUpgrades int) ([
 	}
 	uniqueVulns := make(map[vulnKey]struct{})
 	var patches []lf.DependencyPatch
-	var fixed []resolution.ResolutionVuln
+	var fixed []resolution.Vulnerability
 
 	for _, p := range res.Patches {
 		vk := resolve.VersionKey{
@@ -93,7 +94,7 @@ func autoChooseInPlacePatches(res remediation.InPlaceResult, maxUpgrades int) ([
 
 		// add each of the resolved vulnKeys to the set of unique vulns
 		for _, rv := range p.ResolvedVulns {
-			uniqueVulns[vulnKey{id: rv.Vulnerability.ID, vk: vk}] = struct{}{}
+			uniqueVulns[vulnKey{id: rv.OSV.ID, vk: vk}] = struct{}{}
 		}
 
 		// If we still are picking more patches, and we haven't already patched this specific version,
@@ -107,7 +108,7 @@ func autoChooseInPlacePatches(res remediation.InPlaceResult, maxUpgrades int) ([
 	}
 
 	// Sort the fixed vulns by ID for consistency.
-	slices.SortFunc(fixed, func(a, b resolution.ResolutionVuln) int { return cmp.Compare(a.Vulnerability.ID, b.Vulnerability.ID) })
+	slices.SortFunc(fixed, func(a, b resolution.Vulnerability) int { return cmp.Compare(a.OSV.ID, b.OSV.ID) })
 
 	return patches, fixed, len(uniqueVulns) - len(fixed)
 }
@@ -129,7 +130,7 @@ func autoRelock(ctx context.Context, r reporter.Reporter, opts osvFixOptions, ma
 		return err
 	}
 
-	opts.Client.PreFetch(ctx, manif.Requirements, manif.FilePath)
+	client.PreFetch(ctx, opts.Client, manif.Requirements, manif.FilePath)
 	res, err := resolution.Resolve(ctx, opts.Client, manif, opts.ResolveOpts)
 	if err != nil {
 		return err
@@ -145,7 +146,7 @@ func autoRelock(ctx context.Context, r reporter.Reporter, opts osvFixOptions, ma
 	totalVulns := len(res.Vulns)
 	r.Infof("Found %d vulnerabilities matching the filter\n", totalVulns)
 
-	allPatches, err := remediation.ComputeRelaxPatches(ctx, opts.Client, res, opts.RemediationOptions)
+	allPatches, err := remediation.ComputeRelaxPatches(ctx, opts.Client, res, opts.Options)
 	if err != nil {
 		return err
 	}
@@ -175,7 +176,7 @@ func autoRelock(ctx context.Context, r reporter.Reporter, opts osvFixOptions, ma
 		if i > 0 {
 			r.Infof(",")
 		}
-		r.Infof("%s", v.Vulnerability.ID)
+		r.Infof("%s", v.OSV.ID)
 	}
 	r.Infof("\n")
 
@@ -185,7 +186,7 @@ func autoRelock(ctx context.Context, r reporter.Reporter, opts osvFixOptions, ma
 	// TODO: Consider potentially introduced vulnerabilities
 
 	r.Infof("Rewriting %s...\n", opts.Manifest)
-	if err := manifest.Overwrite(opts.ManifestRW, opts.Manifest, manifest.ManifestPatch{Manifest: &manif, Deps: depPatches}); err != nil {
+	if err := manifest.Overwrite(opts.ManifestRW, opts.Manifest, manifest.Patch{Manifest: &manif, Deps: depPatches}); err != nil {
 		return err
 	}
 
@@ -225,10 +226,10 @@ func autoRelock(ctx context.Context, r reporter.Reporter, opts osvFixOptions, ma
 
 // returns the top {maxUpgrades} compatible patches, and the vulns fixed
 // if maxUpgrades is < 0, do as many patches as possible
-func autoChooseRelockPatches(diffs []resolution.ResolutionDiff, maxUpgrades int) ([]manifest.DependencyPatch, []resolution.ResolutionVuln) {
+func autoChooseRelockPatches(diffs []resolution.Difference, maxUpgrades int) ([]manifest.DependencyPatch, []resolution.Vulnerability) {
 	var patches []manifest.DependencyPatch
 	pkgChanged := make(map[resolve.VersionKey]bool) // dependencies we've already applied a patch to
-	var fixed []resolution.ResolutionVuln
+	var fixed []resolution.Vulnerability
 
 	for _, diff := range diffs {
 		// If we are not picking any more patches, or this patch is incompatible with existing patches, skip adding it to the patch list.
@@ -249,27 +250,27 @@ func autoChooseRelockPatches(diffs []resolution.ResolutionDiff, maxUpgrades int)
 	}
 
 	// Sort the fixed vulns by ID for consistency.
-	slices.SortFunc(fixed, func(a, b resolution.ResolutionVuln) int { return cmp.Compare(a.Vulnerability.ID, b.Vulnerability.ID) })
+	slices.SortFunc(fixed, func(a, b resolution.Vulnerability) int { return cmp.Compare(a.OSV.ID, b.OSV.ID) })
 
 	return patches, fixed
 }
 
-func relockUnfixableVulns(diffs []resolution.ResolutionDiff) []*resolution.ResolutionVuln {
+func relockUnfixableVulns(diffs []resolution.Difference) []*resolution.Vulnerability {
 	if len(diffs) == 0 {
 		return nil
 	}
 	// find every vuln ID fixed in any patch
 	fixableVulnIDs := make(map[string]struct{})
 	for _, diff := range diffs {
 		for _, v := range diff.RemovedVulns {
-			fixableVulnIDs[v.Vulnerability.ID] = struct{}{}
+			fixableVulnIDs[v.OSV.ID] = struct{}{}
 		}
 	}
 
 	// select only vulns that aren't fixed in any patch
-	var unfixable []*resolution.ResolutionVuln
+	var unfixable []*resolution.Vulnerability
 	for i, v := range diffs[0].Original.Vulns {
-		if _, ok := fixableVulnIDs[v.Vulnerability.ID]; !ok {
+		if _, ok := fixableVulnIDs[v.OSV.ID]; !ok {
 			unfixable = append(unfixable, &diffs[0].Original.Vulns[i])
 		}
 	}
@@ -294,7 +295,7 @@ func autoOverride(ctx context.Context, r reporter.Reporter, opts osvFixOptions,
 		return err
 	}
 
-	opts.Client.PreFetch(ctx, manif.Requirements, manif.FilePath)
+	client.PreFetch(ctx, opts.Client, manif.Requirements, manif.FilePath)
 	res, err := resolution.Resolve(ctx, opts.Client, manif, opts.ResolveOpts)
 	if err != nil {
 		return err
@@ -310,7 +311,7 @@ func autoOverride(ctx context.Context, r reporter.Reporter, opts osvFixOptions,
 	totalVulns := len(res.Vulns)
 	r.Infof("Found %d vulnerabilities matching the filter\n", totalVulns)
 
-	allPatches, err := remediation.ComputeOverridePatches(ctx, opts.Client, res, opts.RemediationOptions)
+	allPatches, err := remediation.ComputeOverridePatches(ctx, opts.Client, res, opts.Options)
 	if err != nil {
 		return err
 	}
@@ -340,7 +341,7 @@ func autoOverride(ctx context.Context, r reporter.Reporter, opts osvFixOptions,
 		if i > 0 {
 			r.Infof(",")
 		}
-		r.Infof("%s", v.Vulnerability.ID)
+		r.Infof("%s", v.OSV.ID)
 	}
 	r.Infof("\n")
 
@@ -350,21 +351,21 @@ func autoOverride(ctx context.Context, r reporter.Reporter, opts osvFixOptions,
 	// TODO: Consider potentially introduced vulnerabilities
 
 	r.Infof("Rewriting %s...\n", opts.Manifest)
-	if err := manifest.Overwrite(opts.ManifestRW, opts.Manifest, manifest.ManifestPatch{Manifest: &manif, Deps: depPatches}); err != nil {
+	if err := manifest.Overwrite(opts.ManifestRW, opts.Manifest, manifest.Patch{Manifest: &manif, Deps: depPatches}); err != nil {
 		return err
 	}
 
 	return nil
 }
 
-func autoChooseOverridePatches(diffs []resolution.ResolutionDiff, maxUpgrades int) ([]manifest.DependencyPatch, []resolution.ResolutionVuln) {
+func autoChooseOverridePatches(diffs []resolution.Difference, maxUpgrades int) ([]manifest.DependencyPatch, []resolution.Vulnerability) {
 	if maxUpgrades == 0 {
 		return nil, nil
 	}
 
 	var patches []manifest.DependencyPatch
-	pkgChanged := make(map[resolve.PackageKey]bool)          // dependencies we've already applied a patch to
-	fixedVulns := make(map[string]resolution.ResolutionVuln) // vulns that have already been fixed by a patch
+	pkgChanged := make(map[resolve.PackageKey]bool)         // dependencies we've already applied a patch to
+	fixedVulns := make(map[string]resolution.Vulnerability) // vulns that have already been fixed by a patch
 	for _, diff := range diffs {
 		// If this patch is incompatible with existing patches, skip adding it to the patch list.
 
@@ -377,7 +378,7 @@ func autoChooseOverridePatches(diffs []resolution.ResolutionDiff, maxUpgrades in
 		// e.g. We have {foo@1 -> bar@1}, and two possible patches [foo@3, bar@2].
 		// Patching foo@3 makes {foo@3 -> bar@3}, which also fixes the vulnerability in bar.
 		// Applying both patches would force {foo@3 -> bar@2}, which is less desirable.
-		if slices.ContainsFunc(diff.RemovedVulns, func(rv resolution.ResolutionVuln) bool { _, ok := fixedVulns[rv.Vulnerability.ID]; return ok }) {
+		if slices.ContainsFunc(diff.RemovedVulns, func(rv resolution.Vulnerability) bool { _, ok := fixedVulns[rv.OSV.ID]; return ok }) {
 			continue
 		}
 
@@ -387,7 +388,7 @@ func autoChooseOverridePatches(diffs []resolution.ResolutionDiff, maxUpgrades in
 			pkgChanged[dp.Pkg] = true
 		}
 		for _, rv := range diff.RemovedVulns {
-			fixedVulns[rv.Vulnerability.ID] = rv
+			fixedVulns[rv.OSV.ID] = rv
 		}
 
 		maxUpgrades--
@@ -398,13 +399,13 @@ func autoChooseOverridePatches(diffs []resolution.ResolutionDiff, maxUpgrades in
 
 	// Sort the fixed vulns by ID for consistency.
 	fixed := maps.Values(fixedVulns)
-	slices.SortFunc(fixed, func(a, b resolution.ResolutionVuln) int { return cmp.Compare(a.Vulnerability.ID, b.Vulnerability.ID) })
+	slices.SortFunc(fixed, func(a, b resolution.Vulnerability) int { return cmp.Compare(a.OSV.ID, b.OSV.ID) })
 
 	return patches, fixed
 }
 
-func resolutionErrorString(res *resolution.ResolutionResult, errs []resolution.ResolutionError) string {
-	// we pass in the []ResolutionErrors because calling res.Errors() is costly
+func resolutionErrorString(res *resolution.Result, errs []resolution.NodeError) string {
+	// we pass in the []resolution.NodeError because calling res.Errors() is costly
 	s := strings.Builder{}
 	for _, e := range errs {
 		node := res.Graph.Nodes[e.NodeID]