Bump github.com/anchore/syft from 0.80.0 to 1.0.0

[dependabot]

Bumps github.com/anchore/syft from 0.80.0 to 1.0.0.

Release notes

Sourced from github.com/anchore/syft's releases.

v1.0.0

🎉 Checkout the blog post about v1!

Added Features

• Allow source type input via CLI flag (not scheme) [#1783 #2610 @​kzantow]

Bug Fixes

• OpenSSL binary matcher fails to properly detect letter releases [#2681 #2682 @​harmw]
• TUI package count does not match package count in default table output [#2672 #2679 @​wagoodman]
• .NET NuGet - dotnet-deps cataloger not working with syft v0.94.0 [#2264 #2674 @​willmurphyscode]
• New path filtering logic excluding large number of unintended paths [#2667 #2675 @​wagoodman]
• Syft TUI can hang when using license fetching from go modules [#2653 #2673 @​willmurphyscode]

(Full Changelog)

v0.105.1

Bug Fixes

• return error codes from install script [#2664 @​hacst]
• SPDX tag value version selector [#2665 @​kzantow]

Additional Changes

• Add syft version used to SBOM tool info by default [#2647 @​wagoodman]

(Full Changelog)

v0.105.0

Added Features

• Guess go main module version based on binary contents [#2608 @​wagoodman]
• Catalog wordpress plugins [#1911 #2218 @​disc]

Bug Fixes

• ensure version output to stdout [#2621 @​kzantow]
• Survive indexing dead symlinks [#2645 @​wagoodman]
• unable to index filesystem for amazonlinux images [#2627 #2644 @​wagoodman]
• CycloneDX OS component does not have a bom-ref [#2101 #2634 @​kzantow]
• v0.104.0 interface conversion error when creating bom from singularity image [#2628 #2631 @​wagoodman]

Additional Changes

• Rename binary cataloger to be more unique [#2633 @​wagoodman]
• Suppress executable parsing issues [#2614 @​wagoodman]
• update license list, cpe dictionary [#2620 @​spiffcs]

... (truncated)

Commits

• 356f7c9 fix: match OpenSSL letter releases (#2682)
• 6377465 Mark duplicated rows in table output (#2679)
• 3ad91f2 fix: trim path from deps.json in portable way (#2674)
• 5ef83fd chore(deps): update tools to latest versions (#2680)
• 06ff1a3 enforce breaking change bump major version (#2635)
• 326ec57 docs: fix incorrect flag name in readme (#2677)
• 48e5672 Consider filesystem types for mount points when ignoring system paths (#2675)
• 63171b5 fix: stop emitting bus events on go mod events (#2673)
• acc473f chore(deps): bump peter-evans/create-pull-request from 6.0.0 to 6.0.1 (#2676)
• a978966 feat: add --from flag, refactor source providers (#2610)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #558.