-
Notifications
You must be signed in to change notification settings - Fork 1
/
.grype.yml
18 lines (16 loc) · 954 Bytes
/
.grype.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# List of vulnerabilities to ignore for the anchore scan
# https://github.com/anchore/grype#specifying-matches-to-ignore
# More info can be found in the https://github.com/navapbc/template-infra/blob/main/docs/infra/vulnerability-management.md file
# Please add safelists in the following format to make it easier when checking
# Package/module name: URL to vulnerability for checking updates
# Versions: URL to the version history
# Dependencies: Name of any other packages or modules that are dependent on this version
# Link to the dependencies for ease of checking for updates
# Issue: Why there is a finding and why this is here or not been removed
# Last checked: Date last checked in scans
# - vulnerability: The-CVE-or-vuln-id # Remove comment at start of line
ignore:
# These settings ignore any findings that fall into these categories
- fix-state: not-fixed
- fix-state: wont-fix
- fix-state: unknown