Bump github.com/anchore/syft from 0.76.1 to 0.83.0

[dependabot]

Bumps github.com/anchore/syft from 0.76.1 to 0.83.0.

Release notes

Sourced from github.com/anchore/syft's releases.

v0.83.0

Changelog

v0.83.0 (2023-06-05)

Full Changelog

Added Features

• Add new '--source-version' and '--source-name' options to set the name and version of the target being analyzed for reference in resulting syft-json format SBOMs (more formats will support these flags soon). [[Issue #1399](https://github.com/Add '--version' param for Syft (for when project version is unclear) anchore/syft#1399)] [[PR #1859](https://github.com/feat: source-version flag anchore/syft#1859)] [kzantow]
• Add scope to POM properties [[PR #1779](https://github.com/feat: add scope to pom properties anchore/syft#1779)] [jneate]
• Accept main.version ldflags even without vcs [[PR #1855](https://github.com/accept main.version ldflags even without vcs anchore/syft#1855)] [deitch]

Bug Fixes

• Fix directory resolver to consider CWD and root path input correctly [[PR #1840](https://github.com/Fix directory resolver to consider CWD and root path input correctly anchore/syft#1840)] [wagoodman]
• Show all error messages if there is a failure retrieving an image with a specified scheme [[Issue #1569](https://github.com/The actual error is overridden and not returned from getImageWithRetryStrategy anchore/syft#1569)] [[PR #1801](https://github.com/Return both failures when failed to retrive an image with a scheme anchore/syft#1801)] [FrimIdan]
• v0.81.0 crashing parsing some images [[Issue #1837](https://github.com/v0.81.0 crashing parsing some images anchore/syft#1837)] [[PR #1839](https://github.com/fix: add panic recovery for license parse anchore/syft#1839)] [spiffcs]

Deprecated Features

• Migrate location-related structs to the file package [[PR #1751](https://github.com/Migrate location-related structs to the file package anchore/syft#1751)] [wagoodman]

Additional Changes

• chore: code cleanup [[PR #1865](https://github.com/chore: code cleanup anchore/syft#1865)] [spiffcs]

v0.82.0

Changelog

v0.82.0 (2023-05-23)

Full Changelog

Added Features

• Improve Go main module version detection by attempting to parse available ldflags [[Issue #1785](https://github.com/Attempt to extract go main module versions from available ldflags anchore/syft#1785)] [[PR #1832](https://github.com/Extract go module versions from ldflags for binaries built by go anchore/syft#1832)] [wagoodman]

Bug Fixes

• Fix a problem in the license parsing logic that may result in a panic [[PR #1839](https://github.com/fix: add panic recovery for license parse anchore/syft#1839)]
• Return all relevant error messages if an image retrieval fails when a scheme is specified [[PR #1801](https://github.com/Return both failures when failed to retrive an image with a scheme anchore/syft#1801)] [FrimIdan]
• Fix a problem with PNPM scanning where v6 lockfiles might result in duplicated packages [[Issue #1762](https://github.com/PNPM improvements: scanning does not support v6 and can result in duplicate packages anchore/syft#1762)] [[PR #1778](https://github.com/fix: duplicate packages, support pnpm lockfile v6 anchore/syft#1778)] [kzantow]

v0.81.0

... (truncated)

Commits

• 1764e1c fix: handle invalid symlinks (#1861)
• c560ffd chore(deps): bump github.com/spdx/tools-golang from 0.5.0 to 0.5.1 (#1850)
• 7d1b292 chore(deps): update bootstrap tools to latest versions (#1857)
• f07581f Pr 1825 (#1865)
• d676e5e chore(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 (#1862)
• 903d29b chore(deps): bump modernc.org/sqlite from 1.22.1 to 1.23.0 (#1863)
• 79a955b feat: source-version flag (#1859)
• 1bd9de9 chore(deps): bump github.com/spf13/viper from 1.15.0 to 1.16.0 (#1851)
• 68f8df9 accept main.version ldflags even without vcs (#1855)
• c69cdd9 feat: add scope to pom properties (#1779)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #39.