Bump github.com/anchore/syft from 0.34.0 to 0.57.0

[dependabot]

Bumps github.com/anchore/syft from 0.34.0 to 0.57.0.

Release notes

Sourced from github.com/anchore/syft's releases.

v0.57.0

Changelog

Full Changelog

Added Features

• Consistent sorting for SPDX JSON output [[Issue #1213](anchore/syft#1213

Bug Fixes

• Attest panic on MacOS [[Issue #1210](anchore/syft#1210

v0.56.0

Changelog

Full Changelog

Added Features

• Add flag to disable Syft hitting toolbox-data.anchore.io [[Issue #1185](anchore/syft#1185

Bug Fixes

• Warn on errors from RPM DB parsing [[PR #1200](anchore/syft#1200 [wagoodman]
• SPDX PackageLicenseDeclared should be NOASSERTION [[Issue #660](anchore/syft#660
• Syft failed to parse Singularity image [[Issue #1150](anchore/syft#1150

v0.55.0

Changelog

v0.55.0 (2022-08-29)

Full Changelog

Added Features

• Capture package.json private field for npm modules [[Issue #1160](anchore/syft#1160
• add support for pnpm [[Issue #1165](anchore/syft#1165

Bug Fixes

• Java-Cataloger produces empty entries for cyclonedx output [[Issue #466](anchore/syft#466
• No licenses included in scan with yarn.lock [[Issue #845](anchore/syft#845
• syft convert -o option erroring out [[Issue #1095](anchore/syft#1095

... (truncated)

Commits

• 04d288b feat: catalog python files for installed-files.txt file metadata (#1217)
• c2005fa Stabilize SPDX JSON output sorting (#1216)
• 0f99215 bug: remove chance for panic; provide default attestation path (#1214)
• ad263e6 refactor: update Makefile organization; update DEVELOPING.md instructions (#1...
• b483167 refactor: replace ioutil=>io; update linter (#1211)
• 0a1cd25 Update bootstrap tools to latest versions. (#1204)
• b20310e Add gosimports (#1205)
• 9097614 refactor: move formats from internal into syft module (#1172)
• c5dca00 warn on errors from RPM DB parsing (#1200)
• 999994f docs: improve Singularity image source docs (#1190)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #60.