[Issue #2582] Ignore CVEs in upstream golang CLI (#2606)

## Summary Relates to #2582 ### Time to review: __1 mins__ ## Changes proposed Ignores the CVE originally found in #2572
HHS · Oct 28, 2024 · ff57a80 · ff57a80
1 parent 4ffa4d3
commit ff57a80
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 0 deletions.
diff --git a/.grype.yml b/.grype.yml
@@ -18,3 +18,8 @@ ignore:
   - fix-state: not-fixed
   - fix-state: wont-fix
   - fix-state: unknown
+
+  # https://github.com/HHS/simpler-grants-gov/issues/2582
+  - vulnerability: CVE-2024-34158
+  - vulnerability: CVE-2024-34156
+  - vulnerability: CVE-2024-34155
diff --git a/analytics/Makefile b/analytics/Makefile
@@ -200,3 +200,4 @@ percent-complete:
 sprint-reports: sprint-burndown percent-complete
 
 sprint-reports-with-latest-data: gh-data-export sprint-reports
+
Original file line number	Diff line number	Diff line change
Expand Up		@@ -200,3 +200,4 @@ percent-complete:
		sprint-reports: sprint-burndown percent-complete

		sprint-reports-with-latest-data: gh-data-export sprint-reports