chore(deps): bump github.com/anchore/syft from 0.79.0 to 0.85.0

[dependabot]

Bumps github.com/anchore/syft from 0.79.0 to 0.85.0.

Release notes

Sourced from github.com/anchore/syft's releases.

v0.85.0

Changelog

v0.85.0 (2023-07-12)

Full Changelog

Added Features

• Add a --base-path command line flag to set the directory base for scans (this option was previously exposed via API only) [[PR #1867](https://redirect.github.com/CLI flag for directory base anchore/syft#1867)] [deitch]
• Add file source digest support [[PR #1914](https://redirect.github.com/Add file source digest support anchore/syft#1914)] [wagoodman]
• Remove erroneous Java CPEs from generation [[PR #1918](https://redirect.github.com/Remove erroneous Java CPEs from generation anchore/syft#1918)] [luhring]
• Fix CPE generation for k8s python client [[PR #1921](https://redirect.github.com/Fix CPE generation for k8s python client anchore/syft#1921)] [luhring]
• Don't use the actual redis or grpc CPEs for gems [[PR #1926](https://redirect.github.com/Don't use the actual redis or grpc CPEs for gems anchore/syft#1926)] [luhring]
• The text user interface is now provided by the bubbletea library [[Issue #1441](https://redirect.github.com/Replace TUI library with bubbletea anchore/syft#1441)] [[PR #1888](https://redirect.github.com/Switch UI to bubbletea anchore/syft#1888)] [wagoodman]

Bug Fixes

• Install script returns exit code 0 even if install fails [[Issue #1566](https://redirect.github.com/Install script returns exit code 0 even if install fails anchore/syft#1566)] [[PR #1915](https://redirect.github.com/fix(install): return right error code anchore/syft#1915)] [lorsatti]
• [Windows] Not able to scan volume mounted to folder [[Issue #1828](https://redirect.github.com/[Windows] Not able to scan volume mounted to folder anchore/syft#1828)] [[PR #1884](https://redirect.github.com/fix: use filepath.EvalSymlinks if os.Readlink fails to evaluate the link anchore/syft#1884)] [dd-cws]
• Deprecated license: GFDL-1.2+ [[Issue #1899](https://redirect.github.com/Deprecated license: GFDL-1.2+ anchore/syft#1899)] [[PR #1907](https://redirect.github.com/fix: "or-later" suffix updated to consider deprecated "+" operator anchore/syft#1907)] [spiffcs]

Breaking Changes

• Revisit the source.New* set of functions [[Issue #1866](https://redirect.github.com/Revisit the source.New* set of functions anchore/syft#1866)] [[PR #1846](https://redirect.github.com/Refactor source API anchore/syft#1846)] [wagoodman]

Additional Changes

• chore: update iterations to protect against race [[PR #1927](https://redirect.github.com/chore: update iterations to protect against race anchore/syft#1927)] [spiffcs]
• fix: background reader apart from global handler for testing [[PR #1929](https://redirect.github.com/fix: background reader apart from global handler for testing anchore/syft#1929)] [spiffcs]

v0.84.1

Changelog

v0.84.1 (2023-06-29)

Full Changelog

Bug Fixes

• Fix version detection in Java archive name parsing [[PR #1889](https://redirect.github.com/Fix version detection in Java archive name parsing anchore/syft#1889)] [luhring]
• Improve support for Dart SDK package dependency lockfiles [[PR #1891](https://redirect.github.com/fix: add support for Dart SDK package dependencies anchore/syft#1891)] [rufman]
• Fix license output for some CycloneDX JSON SBOMs [[Issue #1877](https://redirect.github.com/Invalid CycloneDX JSON generated for specific images like "eclipse-temurin:17-jre-alpine" anchore/syft#1877)] [[PR #1879](https://redirect.github.com/fix: only output valid cyclonedx license choices anchore/syft#1879)] [kzantow]
• Correctly discover Debian file relationships in distroless images [[Issue #1900](https://redirect.github.com/Distroless image incorrectly reporting DEB python as binary anchore/syft#1900)] [[PR #1901](https://redirect.github.com/fix: discover deb file relationships in distroless images anchore/syft#1901)] [westonsteimel]

Additional Changes

... (truncated)

Commits

• 4fc17ed implement ui handle waiter (#1930)
• 38efe4e fix: background reader apart from global handler for testing (#1929)
• 05a6189 chore(deps): bump modernc.org/sqlite from 1.23.1 to 1.24.0 (#1928)
• 5a7c200 fix: allow valid cyclonedx input with no components (#1873)
• 72616db fix: "or-later" suffix updated to consider deprecated "+" operator (#1907)
• 4ab9f39 feat: CLI flag for directory base (#1867)
• 9744f4c Fix CPE gen for k8s python client (#1921)
• d21fa84 chore: update iterations to protect against race (#1927)
• d5d95da chore(deps): update bootstrap tools to latest versions (#1922)
• c0c089f fix: Don't use the actual redis or grpc CPEs for gems (#1926)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)