chore: bump github.com/aquasecurity/trivy from 0.38.1 to 0.38.2

[dependabot]

Bumps github.com/aquasecurity/trivy from 0.38.1 to 0.38.2.

Release notes

Sourced from github.com/aquasecurity/trivy's releases.

v0.38.2

Changelog

• 800473a8b chore(deps): bump github.com/moby/buildkit from 0.11.0 to 0.11.4 (#3789)
• e6ab389f9 chore(deps): bump actions/add-to-project from 0.4.0 to 0.4.1 (#3724)
• 6614398ab fix(license): disable jar analyzer for licence scan only (#3780)
• 1dc6fee78 bump trivy-issue-action to v0.0.0; skip pkg dir (#3781)
• 3357ed096 fix: skip checking dirs for required post-analyzers (#3773)
• 1064636b3 docs: add information about plugin format (#3749)
• 60b7ef5a5 fix(sbom): add trivy version to spdx creators tool field (#3756)

Commits

• 800473a chore(deps): bump github.com/moby/buildkit from 0.11.0 to 0.11.4 (#3789)
• e6ab389 chore(deps): bump actions/add-to-project from 0.4.0 to 0.4.1 (#3724)
• 6614398 fix(license): disable jar analyzer for licence scan only (#3780)
• 1dc6fee bump trivy-issue-action to v0.0.0; skip pkg dir (#3781)
• 3357ed0 fix: skip checking dirs for required post-analyzers (#3773)
• 1064636 docs: add information about plugin format (#3749)
• 60b7ef5 fix(sbom): add trivy version to spdx creators tool field (#3756)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Patch and project coverage have no change.

Comparison is base (f31631a) 34.27% compared to head (20cb9a0) 34.27%.

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #66   +/-   ##
=======================================
  Coverage   34.27%   34.27%           
=======================================
  Files          12       12           
  Lines        1132     1132           
=======================================
  Hits          388      388           
  Misses        723      723           
  Partials       21       21           

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.