anchore
feat: add field to ignore-provider-date for long term broken providers
Description
This PR adds a new field to the grype-db config: build.ignore-provider-date
This field will be used when calculating the earliest timestamp when building the db.
grype-db will ignore user specified providers that may have been broken for extended periods of time. This allows the earliest date to be calculated for a more recent provider. This calculation would update the db date to be in compliance with checks like max-allowed-built-age when running https://github.com/anchore/grype.
Discussion
It looks like we have some overlap with v5/v6 on calculating this.
I added a placeholder in the v6 Archiver for where the config should be injected given this change.
I've marked this as draft for a team sync later today at standup to see what people think about decoupling this behavior since the code paths where this call exists are a little different.
