syft 1.24.0

[BrewTestBot]

Created by brew bump

---

Created with brew bump-formula-pr.

Details

release notes

### Added Features

Add cataloger for Dart pubspec [#3292 @LaurentGoderre]
Translate Portage license strings to SPDX expressions [#1763 @wagoodman]
Use package ID from decoded SBOMs when provided [#1872 @jneate]
Annotate visible/hidden paths when all-layers scope [#3855 @wagoodman]
Add support for PHP Pear [#2775 @LaurentGoderre]
Detect whether full license text or a license name has been provided [#3088 #3876 @spiffcs #3450 @spiffcs]
Add Cataloger for Homebrew on macOS [#3632 #3724 @rezmoss]
Provide a way to get the LayerID the package was first found in [#435 #3858 @wagoodman #3138 @tomersein]
Go binaries that currently get (devel) as the version should instead stub UNKNOWN based on the compliance policy [#3324 #3873 @wagoodman]
Upgrade base Docker image to gcr.io/distroless/static-debian12 [#3840 #3862 @bgoareguer]
Return full license string instead of SHA256 hash when license string exceeds 64 characters [#3780 #3844 @spiffcs]
Detect nix dependencies [#3814 #3837 @wagoodman]

Bug Fixes

update license sort to be stable with contents field [#3860 @spiffcs]
Improve detection of erlang binary in alpine Linux [#3839 @avodotiiets]
Do not search for main module versions within binary contents by default [#3874 @wagoodman]
dpkg license improvement for non SPDX licenses [#3090 #3888 @spiffcs]
CycloneDX group field not symmetrically handled by encoder/decoders [#2981 #3853 @kzantow]
Syft crash [signal SIGSEGV: segmentation violation code=0x80 addr=0x0 pc=0x123a0da] [#3872 #3875 @wagoodman]
Syft 1.23.1 shows version (devel) for grafana 12.0.0 [#3864]
.NET cataloger does not always pair up PE binaries and deps.json packages, resulting in duplicate packages on some runs [#3866 #3869 @wagoodman]
Propagate error in FileSourceProvider instead of warn log [#3831 #3845 @Rupikz]
Update github.com/Masterminds/semver package [#3829 #3836 @popey]
go-module-file-cataloger fails if symlinks in path [#3614 #3783 @VictorHuu]
Support fluent-bit some versions of arm/s390x images [#3793 #3817 @VictorHuu]

Additional Changes

update rust test fixtures to latest [#3852 @spiffcs]

(Full Changelog)

---

[github-actions]

🤖 An automated task has requested bottles to be published to this PR.

Please do not push to this PR branch before the bottle commits have been pushed, as this results in a state that is difficult to recover from. If you need to resolve a merge conflict, please use a merge commit. Do not force-push to this PR branch.