From e558222c9e531e1f3d0c6638d799c2b387369812 Mon Sep 17 00:00:00 2001
From: Will Murphy <will.murphy@anchore.com>
Date: Wed, 16 Aug 2023 16:32:52 -0400
Subject: [PATCH] fix comment

Signed-off-by: Will Murphy <will.murphy@anchore.com>
---
 grype/pkg/package.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/grype/pkg/package.go b/grype/pkg/package.go
index 90463b23a148..4423e9425a78 100644
--- a/grype/pkg/package.go
+++ b/grype/pkg/package.go
@@ -139,9 +139,9 @@ func excludePackage(comprehensiveDistroFeed bool, p pkg.Package, parent pkg.Pack
 	}
 
 	// If the parent is an OS package and the child is not, exclude the child
-	// Except if the parent is an APK package, because the APK feed
-	// has fix but not vulnerability data, so grype may be relying on the
-	// related package to provide vulnerability data.
+  // for distros that have a comprehensive feed. That is, distros that list
+  // vulnerabilities that aren't fixed. Otherwise, the child package might
+  // be needed for matching.
 	if comprehensiveDistroFeed && isOSPackage(parent) && !isOSPackage(p) {
 		return true
 	}