From 8f915ea8bff5aaa7371f7364e053da4a3b05ab04 Mon Sep 17 00:00:00 2001
From: Nicolas Meienberger <github@thisprops.com>
Date: Wed, 7 Jan 2026 21:15:17 +0100
Subject: [PATCH] ci: don't block alpha and beta releases on grype scans

---
 .github/workflows/release.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 48420d6..5175021 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -78,6 +78,7 @@ jobs:
             APP_VERSION=${{ needs.determine-release-type.outputs.tagname }}
 
       - name: Scan new image for vulnerabilities
+        if: needs.determine-release-type.outputs.release_type == 'release'
         uses: anchore/scan-action@v7
         id: scan
         with:
@@ -86,6 +87,7 @@ jobs:
           severity-cutoff: critical
 
       - name: upload Anchore scan report
+        if: needs.determine-release-type.outputs.release_type == 'release'
         uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: ${{ steps.scan.outputs.sarif }}