[Issue #1815] Update analytics packages (#1817)

## Summary Fixes #1815 ### Time to review: __1 mins__
HHS · Apr 24, 2024 · 5160ae8 · 5160ae8
1 parent a81fe16
commit 5160ae8
Show file tree

Hide file tree

Showing 2 changed files with 287 additions and 256 deletions.
diff --git a/.grype.yml b/.grype.yml
@@ -16,6 +16,11 @@ ignore:
   - fix-state: not-fixed
   - fix-state: wont-fix
   - fix-state: unknown
+  # Golang vulnerability inside of a python docker image. It's basically impossible to find
+  # out where the impacted golang vulnerability is coming from. The python image in question
+  # does not even have golang installed, yet somehow still there's a golang vulnerability.
+  # We are ignoring the finding because it would take undue effort to track down the source.
+  - vulnerability: GHSA-4v7x-pqxf-cx7m
   # https://github.com/anchore/grype/issues/1172
   - vulnerability: GHSA-xqr8-7jwr-rhp7
   - vulnerability: GHSA-7fh5-64p2-3v2j