From 081de1a1707b27db6e4ae6c00ec70d9a122258fb Mon Sep 17 00:00:00 2001
From: Michael Zalimeni <michael.zalimeni@hashicorp.com>
Date: Mon, 18 Dec 2023 17:11:28 -0500
Subject: [PATCH] fixup: review feedback for release scans

---
 .release/security-scan.hcl | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
index d881a08a5c..68d904064a 100644
--- a/.release/security-scan.hcl
+++ b/.release/security-scan.hcl
@@ -14,7 +14,7 @@
 
 container {
 	dependencies = true
-	alpine_secdb = false
+	alpine_secdb = true
 
 	secrets {
 		all = true
@@ -24,8 +24,8 @@ container {
 binary {
 	go_modules   = true
 	osv          = true
-	oss_index    = true
-	nvd          = true
+	# We can't enable npm for binary targets today because we don't yet embed the relevant file
+	# (yarn.lock) in the Consul binary. This is something we may investigate in the future.
 	
 	secrets {
 		all = true