Bump github.com/anchore/syft from 0.79.0 to 0.83.1

[dependabot]

Bumps github.com/anchore/syft from 0.79.0 to 0.83.1.

Release notes

Sourced from github.com/anchore/syft's releases.

v0.83.1

Changelog

v0.83.1 (2023-06-14)

Full Changelog

Bug Fixes

• fix: pom properties not setting artifact id [[PR #1870](https://redirect.github.com/fix: pom properties not setting artifact id anchore/syft#1870)] [jneate]
• fix(deps): pull in platform selection fix from stereoscope [[PR #1871](https://redirect.github.com/fix(deps): pull in platform selection fix from stereoscope anchore/syft#1871)] [anchore-actions-token-generator] - pulling in an image with a digest that does not match the platform and architecture of the host no longer fails with an error, see anchore/stereoscope#188
• symlinks within a scanned directory tree are parsed outside the tree, failing if target does not exist [[Issue #1860](https://redirect.github.com/symlinks within a scanned directory tree are parsed outside the tree, failing if target does not exist anchore/syft#1860)] [[PR #1861](https://redirect.github.com/in directory indexer, handle outside symlinks anchore/syft#1861)] [deitch]

v0.83.0

Changelog

v0.83.0 (2023-06-05)

Full Changelog

Added Features

• Add new '--source-version' and '--source-name' options to set the name and version of the target being analyzed for reference in resulting syft-json format SBOMs (more formats will support these flags soon). [[Issue #1399](https://redirect.github.com/Add '--version' param for Syft (for when project version is unclear) anchore/syft#1399)] [[PR #1859](https://redirect.github.com/feat: source-version flag anchore/syft#1859)] [kzantow]
• Add scope to POM properties [[PR #1779](https://redirect.github.com/feat: add scope to pom properties anchore/syft#1779)] [jneate]
• Accept main.version ldflags even without vcs [[PR #1855](https://redirect.github.com/accept main.version ldflags even without vcs anchore/syft#1855)] [deitch]

Bug Fixes

• Fix directory resolver to consider CWD and root path input correctly [[PR #1840](https://redirect.github.com/Fix directory resolver to consider CWD and root path input correctly anchore/syft#1840)] [wagoodman]
• Show all error messages if there is a failure retrieving an image with a specified scheme [[Issue #1569](https://redirect.github.com/The actual error is overridden and not returned from getImageWithRetryStrategy anchore/syft#1569)] [[PR #1801](https://redirect.github.com/Return both failures when failed to retrive an image with a scheme anchore/syft#1801)] [FrimIdan]
• v0.81.0 crashing parsing some images [[Issue #1837](https://redirect.github.com/v0.81.0 crashing parsing some images anchore/syft#1837)] [[PR #1839](https://redirect.github.com/fix: add panic recovery for license parse anchore/syft#1839)] [spiffcs]

Deprecated Features

• Migrate location-related structs to the file package [[PR #1751](https://redirect.github.com/Migrate location-related structs to the file package anchore/syft#1751)] [wagoodman]

Additional Changes

• chore: code cleanup [[PR #1865](https://redirect.github.com/chore: code cleanup anchore/syft#1865)] [spiffcs]

v0.82.0

Changelog

v0.82.0 (2023-05-23)

... (truncated)

Commits

• a1bba36 chore(deps): bump modernc.org/sqlite from 1.23.0 to 1.23.1 (#1874)
• c019cd5 chore(deps): update stereoscope to 5b5049bf4d3a99df9a2b1c31d5d52ddff7b5cec2 (...
• 5406d8a chore(deps): bump golang.org/x/net from 0.10.0 to 0.11.0 (#1876)
• 098c255 fix: pom properties not setting artifact id (#1870)
• 2c5d64a chore(deps): bump github.com/spdx/tools-golang from 0.5.1 to 0.5.2 (#1868)
• 1764e1c fix: handle invalid symlinks (#1861)
• c560ffd chore(deps): bump github.com/spdx/tools-golang from 0.5.0 to 0.5.1 (#1850)
• 7d1b292 chore(deps): update bootstrap tools to latest versions (#1857)
• f07581f Pr 1825 (#1865)
• d676e5e chore(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 (#1862)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #19.