chore(deps): bump github.com/aquasecurity/trivy from 0.27.1 to 0.30.0

[dependabot]

Bumps github.com/aquasecurity/trivy from 0.27.1 to 0.30.0.

Release notes

Sourced from github.com/aquasecurity/trivy's releases.

v0.30.0

Changelog

• 45dae7c2 fix: separating multiple licenses from one line in dpkg copyright files (#2508)
• 469028dc fix: change a capital letter for plugin uninstall subcommand (#2519)
• ae9ba340 fix: k8s hide empty report when scanning resource (#2517)
• 783cf6fe refactor: fix comments (#2516)
• 603825a4 fix: scan vendor dir (#2515)
• a3a66df0 feat: Add support for license scanning (#2418)
• bb06f6f8 chore: add owners for secret scanning (#2485)
• 6b501219 fix: remove dependency-tree flag for image subcommand (#2492)
• 57192bd5 fix(k8s): add shorthand for k8s namespace flag (#2495)
• 9f8685c1 docs: add information about using multiple servers to troubleshooting (#2498)
• ed322ac6 ci: add pushing canary build images to registries (#2428)
• 8d4dba02 chore(deps): bump github.com/open-policy-agent/opa from 0.41.0 to 0.42.0 (#2479)
• a6685b1b feat(dotnet): add support for .Net core .deps.json files (#2487)
• 56265a9b feat(amazon): add support for 2022 version (#2429)
• c6f68e36 Type correction bitnami chart (#2415)
• 6ae4b360 chore(deps): bump github.com/owenrumney/go-sarif/v2 from 2.1.1 to 2.1.2 (#2449)
• 6def8634 chore(deps): bump github.com/aquasecurity/table from 1.5.1 to 1.6.0 (#2446)
• e98bde33 docs: add config file and update CLI references (#2489)
• 736e3f11 feat: add support for flag groups (#2488)
• 5b7e0a85 refactor: move from urfave/cli to spf13/cobra (#2458)
• 7699153c fix: Fix secrets output not containing file/lines (#2467)
• a70fd758 fix: clear output with modules (#2478)
• e99bf302 chore(deps): bump github.com/mailru/easyjson from 0.7.6 to 0.7.7 (#2448)
• 64854fc8 docs(cbl): distroless 1.0 supported (#2473)
• e77cfd64 fix: Fix example dockerfile rego policy (#2460)
• e778ac3e fix(config): add helm to list of config analyzers (#2457)
• aedcf5b5 feat: k8s resouces scan (#2395)
• 5b821d3b feat(sbom): add cyclonedx sbom scan (#2203)
• f0720f3c chore(deps): bump wazero to latest main (#2436)
• 581fe1ed chore(deps): bump github.com/stretchr/testify from 1.7.3 to 1.8.0 (#2444)
• 7a4e0687 chore(deps): bump github.com/alicebob/miniredis/v2 from 2.21.0 to 2.22.0 (#2445)
• 422b0fc0 chore(deps): bump sigstore/cosign-installer from 2.3.0 to 2.4.1 (#2442)
• 260756d5 chore(deps): bump actions/setup-python from 3 to 4 (#2441)
• 9b220359 chore(deps): bump github.com/Azure/azure-sdk-for-go (#2450)
• c96090ca docs: remove links to removed content (#2431)
• 14be70aa ci: added rpm build for rhel 9 (#2437)
• 71980fec fix(secret): remove space from asymmetric private key (#2434)
• d94df3d9 chore(deps): bump actions/cache from 3.0.2 to 3.0.4 (#2440)
• d2132230 chore(deps): bump helm/kind-action from 1.2.0 to 1.3.0 (#2439)
• 8e0c5373 chore(deps): bump golang from 1.18.2 to 1.18.3 (#2438)
• 005d0243 chore(deps): bump github.com/aws/aws-sdk-go from 1.44.25 to 1.44.46 (#2447)
• 7de7a1f8 test(integration): fix golden files for debian 9 (#2435)
• f6453465 fix(cli): fix version string in docs link when secret scanning is enabled (#2422)
• 16409496 refactor: move CycloneDX marshaling (#2420)
• 6be6f74d docs(nodejs): add docs about pnpm support (#2423)
• ac2fdc87 docs: improve k8s usage documentation (#2425)
• fe2ae8ed feat: Make secrets scanning output consistant (#2410)
• 0ed39fc8 ci: create canary build after main branch changes (#1638)

... (truncated)

Commits

• 45dae7c fix: separating multiple licenses from one line in dpkg copyright files (#2508)
• 469028d fix: change a capital letter for plugin uninstall subcommand (#2519)
• ae9ba34 fix: k8s hide empty report when scanning resource (#2517)
• 783cf6f refactor: fix comments (#2516)
• 603825a fix: scan vendor dir (#2515)
• a3a66df feat: Add support for license scanning (#2418)
• bb06f6f chore: add owners for secret scanning (#2485)
• 6b50121 fix: remove dependency-tree flag for image subcommand (#2492)
• 57192bd fix(k8s): add shorthand for k8s namespace flag (#2495)
• 9f8685c docs: add information about using multiple servers to troubleshooting (#2498)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[MaineK00n]

I checked the diff of the number of detections in lockfile.

$ ./vuls.old -v
vuls-v0.19.8-build-20220719_095936_d1a617c
$ ./vuls.new -v
vuls-v0.19.8-build-20220722_162310_6d9d7e5f
$ make diff

library	old	new
bundler	73	73
pip	2	2
pipenv	14	14
poetry	7	7
composer	18	18
npm	35	35
yarn	63	63
pnpm	0	1
cargo	17	17
gomod	8	8
gosum	49	49
gobinary	2	2
jar	4	4
pom	4	4
nuget-lock	6	6
nuget-config	6	6
dotnet-deps	0	1