build(deps): bump github.com/anchore/syft from 0.97.1 to 0.98.0

[dependabot]

Bumps github.com/anchore/syft from 0.97.1 to 0.98.0.

Release notes

Sourced from github.com/anchore/syft's releases.

v0.98.0

Added Features

• Add binary classifiers for MySQL and MariaDB [#2316 @​duanemay]
• Enhance redis binary classifier to support additional versions [#2329 @​whalelines]
• Expose compact JSON and XML format configuration [#561 #2275 @​wagoodman]

Bug Fixes

• Fix file metadata cataloger when passed explicit coordinates [#2370 @​wagoodman]
• hardcode xalan group ID [#2368 @​willmurphyscode]
• logging level for parsing potential PE files [#2367 @​kzantow]
• Use read lock in pkg.Collection [#2341 @​wagoodman]
• add manual namespace mapping for org.springframework jars [#2345 @​westonsteimel]
• add manual namespace mapping for org.springframework.security jars [#2343 @​westonsteimel]
• errors are printed into the stdout in syft 0.97.1 [#2356 #2364 @​kzantow]
• syft some-jar.jar fails to find packages if PWD is a symlink [#2355 #2359 @​willmurphyscode]
• Default for recently added base path, "", disables detection of symlinked *.jar files [#1962 #2359 @​willmurphyscode]
• syft attest broken since 0.85.0 [#2333 #2337 @​wagoodman]
• Incorrect Java PURL for org.bouncycastle jars [#2339 #2342 @​westonsteimel]

Breaking Changes

• Remove power-user command and related catalogers [#1419 #2306 @​wagoodman]

Additional Changes

• Normalize cataloger configuration patterns [#2365 @​wagoodman]
• Normalize enums to lowercase with hyphens [#2363 @​wagoodman]

(Full Changelog)

Special Thanks

Thanks @​duanemay and @​whalelines for the enhanced binary classifier support 👍

Commits

• 5c8dd4c fix file metadata cataloger to use resolved locations (#2370)
• f5a6b5a fix: logging level for parsing potential PE files (#2367)
• c379d21 only remove breaking-change label when there are schema changes (#2371)
• a50a0f7 fix: capture root command stdout (#2364)
• ea4a674 fix: hardcode xalan group ID (#2368)
• 1cfc4c7 Normalize cataloger configuration patterns (#2365)
• 4d0da70 normalize enums to lowercase with hyphens (#2363)
• 4ee6be3 chore(deps): update tools to latest versions (#2358)
• 5d44e49 chore(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 (#2361)
• 5dd3b12 chore(deps): bump github.com/go-git/go-git/v5 from 5.10.0 to 5.10.1 (#2362)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[crazy-max]

LGTM

PTAL @cdupuis @jedevc