Bump github.com/anchore/syft from 0.81.0 to 0.82.0

[dependabot]

Bumps github.com/anchore/syft from 0.81.0 to 0.82.0.

Release notes

Sourced from github.com/anchore/syft's releases.

v0.82.0

Changelog

v0.82.0 (2023-05-23)

Full Changelog

Added Features

• Improve Go main module version detection by attempting to parse available ldflags [[Issue #1785](https://redirect.github.com/Attempt to extract go main module versions from available ldflags anchore/syft#1785)] [[PR #1832](https://redirect.github.com/Extract go module versions from ldflags for binaries built by go anchore/syft#1832)] [wagoodman]

Bug Fixes

• Fix a problem in the license parsing logic that may result in a panic [[PR #1839](https://redirect.github.com/fix: add panic recovery for license parse anchore/syft#1839)]
• Return all relevant error messages if an image retrieval fails when a scheme is specified [[PR #1801](https://redirect.github.com/Return both failures when failed to retrive an image with a scheme anchore/syft#1801)] [FrimIdan]
• Fix a problem with PNPM scanning where v6 lockfiles might result in duplicated packages [[Issue #1762](https://redirect.github.com/PNPM improvements: scanning does not support v6 and can result in duplicate packages anchore/syft#1762)] [[PR #1778](https://redirect.github.com/fix: duplicate packages, support pnpm lockfile v6 anchore/syft#1778)] [kzantow]

Commits

• 4ac8fdf fix: add panic recovery for license parse (#1839)
• 087a635 chore: return both failures when failed to retrieve an image with a scheme (#...
• 26c201f Extract go module versions from ldflags for binaries built by go (#1832)
• a3c5550 fix: duplicate packages, support pnpm lockfile v6 (#1778)
• 798af57 chore(deps): update stereoscope to e14bc4437b2eac481c5b6f101890b22df4f33596 (...
• f50302b chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#1829)
• b09cf6c chore(deps): bump github.com/docker/docker (#1833)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)