From 0754969656349418befdb276ca5700988650a08f Mon Sep 17 00:00:00 2001
From: Tom Pantelis <tompantelis@gmail.com>
Date: Thu, 9 Jan 2025 14:50:05 -0500
Subject: [PATCH] Ignore github.com/go-git/go-git/v5 vulnerabilities

This package is only used by tooling and bumping to a fixed version
requires bumping the Go version.

Signed-off-by: Tom Pantelis <tompantelis@gmail.com>
---
 .grype.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.grype.yaml b/.grype.yaml
index 3c325f0d6..4d88cdb57 100644
--- a/.grype.yaml
+++ b/.grype.yaml
@@ -20,3 +20,9 @@ ignore:
   - vulnerability: GHSA-jw44-4f3j-q396
     package:
       name: helm.sh/helm/v3
+  - vulnerability: GHSA-r9px-m959-cxf4
+    package:
+      name: github.com/go-git/go-git/v5
+  - vulnerability: GHSA-v725-9546-7q7m
+    package:
+      name: github.com/go-git/go-git/v5