-
Notifications
You must be signed in to change notification settings - Fork 1
/
.grype.yml
29 lines (26 loc) · 1.28 KB
/
.grype.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
# List of vulnerabilities to ignore for the anchore scan
# https://github.com/anchore/grype#specifying-matches-to-ignore
# More info can be found in the docs/infra/vulnerability-management.md file
# Please add safelists in the following format to make it easier when checking
# Package/module name: URL to vulnerability for checking updates
# Versions: URL to the version history
# Dependencies: Name of any other packages or modules that are dependent on this version
# Link to the dependencies for ease of checking for updates
# Issue: Why there is a finding and why this is here or not been removed
# Last checked: Date last checked in scans
# - vulnerability: The-CVE-or-vuln-id # Remove comment at start of line
ignore:
# These settings ignore any findings that fall into these categories
- fix-state: not-fixed
- fix-state: wont-fix
- fix-state: unknown
# Ignoring since this is a simple example app
# https://github.com/anchore/grype/issues/1172
- vulnerability: GHSA-xqr8-7jwr-rhp7
- vulnerability: GHSA-5cpq-8wj7-hf2v
- vulnerability: GHSA-cf7p-gm2m-833m
- vulnerability: GHSA-jm77-qphf-c4w8
- vulnerability: GHSA-jfhm-5ghh-2f97
- vulnerability: GHSA-v8gr-m533-ghj9
- vulnerability: GHSA-mq26-g339-26xf
- vulnerability: GHSA-3ww4-gg4f-jr7f