search

anchore / grype

A vulnerability scanner for container images and filesystems
Apache License 2.0
8.15k stars 528 forks source link

Remove wordpress mentions in false positive list #1930

Closed Javiery3889 closed 3 weeks ago

Javiery3889 commented 3 weeks ago

With reference to https://github.com/anchore/syft/issues/1911, Syft now supports wordpress plugins through the new wordpress cataloger that was merged in https://github.com/anchore/syft/pull/2218. Perhaps it would be better to remove these two lines?

https://github.com/anchore/grype/blob/9d28137f78a0f084fdf70e70935f78bf44ace7da/grype/search/only_vulnerable_targets.go#L20-L25

westonsteimel commented 3 weeks ago

Thanks, this work is already underway in https://github.com/anchore/grype/pull/1553

Javiery3889 commented 3 weeks ago

@westonsteimel Thanks, will be closing this issue