chore(deps): bump github.com/aquasecurity/trivy from 0.49.1 to 0.51.4

[dependabot]

Bumps github.com/aquasecurity/trivy from 0.49.1 to 0.51.4.

Release notes

Sourced from github.com/aquasecurity/trivy's releases.

v0.51.4

Changelog

• c06f467e6 chore: downgrade trivy-checks and trivy-aws
• df4f7604a build: use main package instead of main.go (#6766)
• bf7a8ede3 chore(deps): bump the common group across 1 directory with 29 updates (#6756)
• acb22c60a chore(deps): bump the aws group with 8 updates (#6738)
• 9a3510ffd chore(deps): bump the docker group with 2 updates (#6739)
• 7806b37e2 ci: add generic dir to deb deploy script (#6636)

v0.51.2

Changelog

• eadc6fb64 fix: node-collector high and critical cves (#6707)
• cc489b1af Merge pull request from GHSA-xcq4-m2r3-cmrj
• 013f71a6a chore: auto-bump golang patch versions (#6711)
• 113a5b216 fix(misconf): don't shift ignore rule related to code (#6708)
• 733e5ac1f fix(go): include only .version|.ver (no prefixes) ldflags for gobinaries (#6705)
• d311e49bc fix(go): add only non-empty root modules for gobinaries (#6710)
• cf1a7bf30 refactor: unify package addition and vulnerability scanning (#6579)
• d465d9d1e fix: Golang version parsing from binaries w/GOEXPERIMENT (#6696)
• 0af225ccf fix(conda): add support pip deps for environment.yml files (#6675)
• 6f64d5518 fix(misconf): skip Rego errors with a nil location (#6666)
• 8c27430a2 fix(misconf): skip Rego errors with a nil location (#6638)
• c2b46d3c2 refactor: unify Library and Package structs (#6633)
• 4368f11e0 fix: use of specified context to obtain cluster name (#6645)
• 5ec62f863 docs: fix usage of image-config-scanners (#6635)

v0.51.1

Changelog

• 8016b821a fix(fs): handle default skip dirs properly (#6628)
• 7a25dadb4 fix(misconf): load cached tf modules (#6607)
• 9c794c0ff fix(misconf): do not use semver for parsing tf module versions (#6614)

v0.51.0

⚡Release highlights and summary⚡

👉 aquasecurity/trivy#6622

Changelog

• 14c1024b4 refactor: move setting scanners when using compliance reports to flag parsing (#6619)
• 998f75043 feat: introduce package UIDs for improved vulnerability mapping (#6583)
• 770b14113 perf(misconf): Improve cause performance (#6586)
• 3ccb1a0f1 docs: trivy-k8s new experiance remove un-used section (#6608)
• 58cfd1b07 chore(deps): bump github.com/docker/docker from 26.0.1+incompatible to 26.0.2+incompatible (#6612)
• 715963d75 docs: remove mention of GitLab Gold because it doesn't exist anymore (#6609)
• 37da98df4 feat(misconf): Use updated terminology for misconfiguration checks (#6476)
• cdee7030a chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.15.15 to 1.16.15 (#6593)
• 6a2225b42 docs: use generic link from trivy-repo (#6606)
• a2a02de7c docs: update trivy k8s with new experience (#6465)
• e739ab850 feat: support --skip-images scanning flag (#6334)
• c6d5d856c BREAKING: add support for k8s disable-node-collector flag (#6311)

... (truncated)

Commits

• c06f467 chore: downgrade trivy-checks and trivy-aws
• df4f760 build: use main package instead of main.go (#6766)
• bf7a8ed chore(deps): bump the common group across 1 directory with 29 updates (#6756)
• acb22c6 chore(deps): bump the aws group with 8 updates (#6738)
• 9a3510f chore(deps): bump the docker group with 2 updates (#6739)
• 7806b37 ci: add generic dir to deb deploy script (#6636)
• eadc6fb fix: node-collector high and critical cves (#6707)
• cc489b1 Merge pull request from GHSA-xcq4-m2r3-cmrj
• 013f71a chore: auto-bump golang patch versions (#6711)
• 113a5b2 fix(misconf): don't shift ignore rule related to code (#6708)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #61.