diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 1b3f40a7..b269d9c6 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -44,8 +44,9 @@ include:
   - local: ci/build.yml
   - component: gitlab.protontech.ch/proton/devops/cicd-components/devsecops/gitleaks/scan-repository@~latest
     inputs: 
-      stage: analyse 
-  - component: gitlab.protontech.ch/proton/devops/cicd-components/devsecops/grype/scan-code@0.0.12
+      stage: analyse
+      cli-args: "--baseline-path $GITLEAKS_BASELINE"
+  - component: gitlab.protontech.ch/proton/devops/cicd-components/devsecops/grype/scan-code@~latest
     inputs:
       stage: analyse
 
diff --git a/.grype.yaml b/.grype.yaml
new file mode 100644
index 00000000..795fc025
--- /dev/null
+++ b/.grype.yaml
@@ -0,0 +1,2 @@
+# Check out for configuration details: https://github.com/anchore/grype?tab=readme-ov-file#configuration
+fail-on-severity: "medium"
\ No newline at end of file