chore: bump github.com/aquasecurity/trivy from 0.38.2 to 0.38.3

[dependabot]

Bumps github.com/aquasecurity/trivy from 0.38.2 to 0.38.3.

Release notes

Sourced from github.com/aquasecurity/trivy's releases.

v0.38.3

Changelog

• a12f58be5 chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.86.1 to 1.89.1 (#3827)
• ee518350c fix(java): skip empty files for jar post analyzer (#3832)
• 3987a679f fix(docker): build healthcheck command for line without /bin/sh prefix (#3831)
• 2bb25e766 refactor(license): use goyacc for license parser (#3824)
• 00c763bc1 chore(deps): bump github.com/docker/docker from 23.0.0-rc.1+incompatible to 23.0.1+incompatible (#3586)
• cac5881bb fix: populate timeout context to node-collector (#3766)
• bd9c6e613 fix: exclude node collector scanning (#3771)
• 20f10673b fix: display correct flag in error message when skipping java db update #3808
• 1fac7bf1b fix: disable jar analyzer for scanners other than vuln (#3810)
• aaf265881 fix(sbom): fix incompliant license format for spdx (#3335)
• f8307635a fix(java): the project props take precedence over the parent's props (#3320)
• 1aa3b7dc2 docs: add canary build info to README.md (#3799)
• 57904c0f9 docs: adding link to gh token generation (#3784)
• bdccf7233 docs: changing docs in accordance with #3460 (#3787)

Commits

• a12f58b chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.86.1 to 1.8...
• ee51835 fix(java): skip empty files for jar post analyzer (#3832)
• 3987a67 fix(docker): build healthcheck command for line without /bin/sh prefix (#3831)
• 2bb25e7 refactor(license): use goyacc for license parser (#3824)
• 00c763b chore(deps): bump github.com/docker/docker from 23.0.0-rc.1+incompatible to 2...
• cac5881 fix: populate timeout context to node-collector (#3766)
• bd9c6e6 fix: exclude node collector scanning (#3771)
• 20f1067 fix: display correct flag in error message when skipping java db update #3808
• 1fac7bf fix: disable jar analyzer for scanners other than vuln (#3810)
• aaf2658 fix(sbom): fix incompliant license format for spdx (#3335)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sozercan]

@dependabot rebase