mirror of
https://github.com/anchore/grype
synced 2024-11-10 06:34:13 +00:00
a3ade4242b
* Take VEX docs into account when --fail-on is set Previously, VEX documents provided to Grype when --fail-on was set were not taken into account. That led to inconsistent behaviour where a vulnerability would be ignored when only `--vex` was specified, but would be included in Grype output when both `--vex` and `--fail-on` were specified. This change fixes that by moving the failure severity check to after the VEX documents provided are tested. I have also added a unit test to check that the combination of VEX docs and failure severity checks works as expected. Signed-off-by: Feroz Salam <feroz.salam@isovalent.com> * Fix typos Signed-off-by: Feroz Salam <feroz.salam@isovalent.com> --------- Signed-off-by: Feroz Salam <feroz.salam@isovalent.com> |
||
|---|---|---|
| .. | ||
| cli | ||
| internal | ||
| main.go | ||