build(deps): bump github.com/aquasecurity/trivy from 0.53.0 to 0.55.0

[dependabot]

Bumps github.com/aquasecurity/trivy from 0.53.0 to 0.55.0.

Release notes

Sourced from github.com/aquasecurity/trivy's releases.

v0.55.0

⚡Release highlights and summary⚡

👉aquasecurity/trivy#7440

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0550-2024-09-03

v0.54.1

Changelog

• 854c61d34a550a9fcbab3bc59e55b868c15d1962 release: v0.54.1 [release/v0.54] (#7282)
• 334a1c293bb3d490af2a6d80732f399efaac22f7 fix(flag): incorrect behavior for deprected flag --clear-cache [backport: release/v0.54] (#7285)
• f61725c28b56d80fb46395479842a2ab0c517c5f fix(java): Return error when trying to find a remote pom to avoid segfault [backport: release/v0.54] (#7283)
• a7b7117fe2c9608e990b42e702cc83675c48f888 fix(plugin): do not call GitHub content API for releases and tags [backport: release/v0.54] (#7279)

v0.54.0

⚡Release highlights and summary⚡

👉 aquasecurity/trivy#7268

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0540-2024-07-30

Changelog

Sourced from github.com/aquasecurity/trivy's changelog.

0.55.0 (2024-09-03)

⚠ BREAKING CHANGES

• cli: delete deprecated SBOM flags (#7266)

Features

• cli: delete deprecated SBOM flags (#7266) (7024572)
• go: use toolchain as stdlib version for go.mod files (#7163) (2d80769)
• java: add test scope support for pom.xml files (#7414) (2d97700)
• misconf: Add support for using spec from on-disk bundle (#7179) (be86126)
• misconf: ignore duplicate checks (#7317) (9ef05fc)
• misconf: iterator argument support for dynamic blocks (#7236) (fe92072)
• misconf: port and protocol support for EC2 networks (#7146) (98e136e)
• misconf: scanning support for YAML and JSON (#7311) (efdbd8f)
• misconf: support for ignore by nested attributes (#7205) (44e4686)
• misconf: support for policy and bucket grants (#7284) (a817fae)
• misconf: variable support for Terraform Plan (#7228) (db2c955)
• python: use minimum version for pip packages (#7348) (e9b43f8)
• report: export modified findings in JSON (#7383) (7aea79d)
• sbom: set User-Agent header on requests to Rekor (#7396) (af1d257)
• server: add internal --path-prefix flag for client/server mode (#7321) (24a4563)
• server: Make Trivy Server Multiplexer Exported (#7389) (4c6e8ca)
• vm: Support direct filesystem (#7058) (45b3f34)
• vm: support the Ext2/Ext3 filesystems (#6983) (35c60f0)
• vuln: Add --detection-priority flag for accuracy tuning (#7288) (fd8348d)

Bug Fixes

• aws: handle ECR repositories in different regions (#6217) (feaef96)
• flag: incorrect behavior for deprected flag --clear-cache (#7281) (2a0e529)
• helm: explicitly define kind and apiVersion of volumeClaimTemplate element (#7362) (da4ebfa)
• java: Return error when trying to find a remote pom to avoid segfault (#7275) (49d5270)
• license: add license handling to JUnit template (#7409) (f80183c)
• logger initialization before flags parsing (#7372) (c929290)
• misconf: change default TLS values for the Azure storage account (#7345) (aadb090)
• misconf: do not filter Terraform plan JSON by name (#7406) (9d7264a)
• misconf: do not recreate filesystem map (#7416) (3a5d091)
• misconf: do not register Rego libs in checks registry (#7420) (a5aa63e)
• misconf: do not set default value for default_cache_behavior (#7234) (f0ed5e4)
• misconf: fix infer type for null value (#7424) (0cac3ac)
• misconf: init frameworks before updating them (#7376) (b65b32d)
• misconf: load only submodule if it is specified in source (#7112) (a4180bd)
• misconf: support deprecating for Go checks (#7377) (2a6c7ab)
• misconf: use module to log when metadata retrieval fails (#7405) (0799770)
• misconf: wrap Azure PortRange in iac types (#7357) (c5c62d5)
• nodejs: check all importers to detect dev deps from pnpm-lock.yaml file (#7387) (fd9ed3a)

... (truncated)

Commits

• 7a1e8b8 release: v0.55.0 [main] (#7271)
• 2d80769 feat(go): use toolchain as stdlib version for go.mod files (#7163)
• f80183c fix(license): add license handling to JUnit template (#7409)
• 2d97700 feat(java): add test scope support for pom.xml files (#7414)
• 870523d chore(deps): Bump trivy-checks and pin OPA (#7427)
• da4ebfa fix(helm): explicitly define kind and apiVersion of volumeClaimTemplate...
• af1d257 feat(sbom): set User-Agent header on requests to Rekor (#7396)
• 1a6295c test: add integration plugin tests (#7299)
• fd9ed3a fix(nodejs): check all importers to detect dev deps from pnpm-lock.yaml fil...
• c929290 fix: logger initialization before flags parsing (#7372)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)