Bump github.com/anchore/syft from 0.34.0 to 0.51.0

[dependabot]

Bumps github.com/anchore/syft from 0.34.0 to 0.51.0.

Release notes

Sourced from github.com/anchore/syft's releases.

v0.51.0

Changelog

v0.51.0 (2022-07-11)

Full Changelog

Added Features

• Syft ignore docker images [[Issue #670](anchore/syft#670
• feat: add support for cocoapods (Swift/Objective-C) [[Issue #815](anchore/grype#815
• An option to limit to a single filesystem (like -xdev) [[Issue #674](anchore/syft#674
• Add Gentoo Linux support [[Issue #998](anchore/syft#998
• Update README.md with information about syft choco package [[Issue #1028](anchore/syft#1028

Bug Fixes

• syft attest cmd is not exporting output to file [[Issue #1061](anchore/syft#1061
• Name is duplicated into Package URL Namespace when Go module path has one element [[Issue #1091](anchore/syft#1091
• fix: unintended artifactRelationship records of type ownership-by-file-overlap are being reported [Issue 1077]

v0.50.0

Changelog

v0.50.0 (2022-07-06)

Full Changelog

Added Features

• Add a dockerized workflow for local dev [[Issue #1042](anchore/syft#1042
• add flag for image scanning to use all catalogers rather than just some [[Issue #1049](anchore/syft#1049
• feat: add Conan (C/C++) support [[Issue #1082](anchore/syft#1082

Bug Fixes

• composer.json isn't parsed for packages [[Issue #1064](anchore/syft#1064
• Source pom.xml cataloger Namespace error [[Issue #1075](anchore/syft#1075
• unintended artifactRelationship records of type ownership-by-file-overlap are being reported in SBOMs generated against current fedora container imges [[Issue #1077](anchore/syft#1077

v0.49.0

Changelog

v0.49.0 (2022-06-24)

Full Changelog

... (truncated)

Commits

• 470b130 feat: add support for cocoapods (Swift/Objective-C) (#1081)
• 2f1aa33 Fix package url for Go modules with no / (#1092)
• b3a7b91 Update Stereoscope to 777471f38c5b2f15c19d6cffe093ce6392d8040c (#1090)
• 5206193 feat: output attestation to file (#1087)
• c7fa498 Update Stereoscope to cfbd966e5a8d11d73cd17adc8b8ab8468a086f1e (#1089)
• 4c55c62 Add portage support for Gentoo Linux (#1076)
• ba685ea Add PR action back to workflow with new token (#1086)
• 69134ed feat: add new login cmd (#1068)
• 47df669 update AltRpmDbGlob with comment and context (#1085)
• 57323a1 feat: add support for conan packages (C/C++) (#1083)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #46.