grype db list contains only last 4 days DBs

[TimBrown1611]

What happened: grype listing file used to save 4 month back DB version, I see now it stores only 4 days back. What you expected to happen: I wondered why the behave have changed How to reproduce it (as minimally and precisely as possible): grype db list -o json

[
 {
  "built": "2024-09-16T01:32:11Z",
  "version": 5,
  "url": "https://grype.anchore.io/databases/vulnerability-db_v5_2024-09-16T01:32:11Z_1726460416.tar.gz",
  "checksum": "sha256:88f5e4dd470538a6aa792c148b92e0c9c7993458f75e67ee74087cf9a02d68ef"
 },
 {
  "built": "2024-09-15T01:31:45Z",
  "version": 5,
  "url": "https://grype.anchore.io/databases/vulnerability-db_v5_2024-09-15T01:31:45Z_1726373997.tar.gz",
  "checksum": "sha256:070f20bf709569ddf918ed910247fceef98f1809eac916b8e252b74f101ccf92"
 },
 {
  "built": "2024-09-14T01:31:25Z",
  "version": 5,
  "url": "https://grype.anchore.io/databases/vulnerability-db_v5_2024-09-14T01:31:25Z_1726287580.tar.gz",
  "checksum": "sha256:60d53a20e07ac160c810e2a4841de038ad66d66a525472d378a601da7c363dc4"
 },
 {
  "built": "2024-09-13T01:31:37Z",
  "version": 5,
  "url": "https://grype.anchore.io/databases/vulnerability-db_v5_2024-09-13T01:31:37Z_1726201173.tar.gz",
  "checksum": "sha256:395358bb162f5552ec2c77e5bdae4876bf960cd23a89ecbe368b94c46f2de9ae"
 }
]

Anything else we need to know?:

Environment:

• Output of grype version: 0.80.0
• OS (e.g: cat /etc/os-release or similar): mac

[kzantow]

This was changed to reduce the size of the listing file. The databases are still available at the old URLs. There are multiple threads about this on discourse, including: https://anchorecommunity.discourse.group/t/grype-db-network-and-cdn-issues/48/4