From f6fe020e34eed24ea34f0d830dc24e640d04a351 Mon Sep 17 00:00:00 2001
From: Lucas Rodriguez <lucas.rodriguez@defenseunicorns.com>
Date: Thu, 16 May 2024 13:45:27 -0500
Subject: [PATCH] chore: remove rouille CVE from grype ignore (#2515)

## Description
#2457 removed rouille as a dependency

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor Guide
Steps](https://github.com/defenseunicorns/zarf/blob/main/.github/CONTRIBUTING.md#developer-workflow)
followed
---
 .grype.yaml | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/.grype.yaml b/.grype.yaml
index dcc070020c..1ed8fe29e9 100644
--- a/.grype.yaml
+++ b/.grype.yaml
@@ -1,6 +1,4 @@
 ignore:
-  # From rouille - The Zarf injector does not expose endpoints that use multipart form data
-  - vulnerability: GHSA-mc8h-8q98-g5hr
-
   # From helm - This behavior was introduced intentionally, and cannot be removed without breaking backwards compatibility (some users may be relying on these values).
+  # https://helm.sh/blog/response-cve-2019-25210/
   - vulnerability: GHSA-jw44-4f3j-q396