From ff11a33f0730b1b3d59a8923f9858c2c213bad7d Mon Sep 17 00:00:00 2001
From: Patrik <zepatrik@users.noreply.github.com>
Date: Wed, 24 Aug 2022 11:56:42 +0200
Subject: [PATCH] chore: ignore false-positive CVE detection

---
 .grype.yaml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.grype.yaml b/.grype.yaml
index a4649e825..d84c08d93 100644
--- a/.grype.yaml
+++ b/.grype.yaml
@@ -1,4 +1,7 @@
 only-fixed: true
 ignore:
+  # see https://github.com/anchore/grype/issues/558
   - vulnerability: CVE-2015-5237
-  - vulnerability: CVE-2022-30065
+  - vulnerability: CVE-2021-22570
+
+  - vulnerability: CVE-2022-30065 # alpine does not yet provide a fixed version (and the default docker image does not use or expose `awk` when running the server)