From 03f965706309e03cd70965ed9a6dce27e6b28f51 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Pereira?= <joaod@vmware.com>
Date: Wed, 3 Jul 2024 13:03:03 -0500
Subject: [PATCH] Add version of go and ignore gems when checking for CVEs
 (#2987)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The only Gemfiles that we have currently are under fixtures which are
not used in our code so it is safe to ignore them

Signed-off-by: João Pereira <joaod@vmware.com>
---
 .grype.yaml | 3 +++
 go.mod      | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)
 create mode 100644 .grype.yaml

diff --git a/.grype.yaml b/.grype.yaml
new file mode 100644
index 00000000000..3113d6c38eb
--- /dev/null
+++ b/.grype.yaml
@@ -0,0 +1,3 @@
+ignore:
+  - package:
+      type: gem
diff --git a/go.mod b/go.mod
index 593a09b0285..0c8c643045d 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module code.cloudfoundry.org/cli
 
-go 1.22
+go 1.22.5
 
 require (
 	code.cloudfoundry.org/bytefmt v0.0.0-20230612151507-41ef4d1f67a4