Update aquasec/trivy Docker tag to v0.36.0

This PR contains the following updates:

Package	Type	Update	Change
aquasec/trivy	image-name	minor	`0.35.0` -> `0.36.0`

Release Notes

aquasecurity/trivy

### [`v0.36.0`](https://togithub.com/aquasecurity/trivy/releases/tag/v0.36.0) [Compare Source](https://togithub.com/aquasecurity/trivy/compare/v0.35.0...v0.36.0) #### Changelog - [`4813cf5`](https://togithub.com/aquasecurity/trivy/commit/4813cf5c) docs: improve compliance docs ([#3340](https://togithub.com/aquasecurity/trivy/issues/3340)) - [`025e509`](https://togithub.com/aquasecurity/trivy/commit/025e5099) feat(deps): add yarn lock dependency tree ([#3348](https://togithub.com/aquasecurity/trivy/issues/3348)) - [`4d59a1e`](https://togithub.com/aquasecurity/trivy/commit/4d59a1ef) fix: compliance change id and title naming ([#3349](https://togithub.com/aquasecurity/trivy/issues/3349)) - [`eaa5bcf`](https://togithub.com/aquasecurity/trivy/commit/eaa5bcf7) feat: add support for mix.lock files for elixir language ([#3328](https://togithub.com/aquasecurity/trivy/issues/3328)) - [`a888440`](https://togithub.com/aquasecurity/trivy/commit/a8884409) feat: add k8s cis bench ([#3315](https://togithub.com/aquasecurity/trivy/issues/3315)) - [`62b369e`](https://togithub.com/aquasecurity/trivy/commit/62b369ee) test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch ([#3322](https://togithub.com/aquasecurity/trivy/issues/3322)) - [`c110c4e`](https://togithub.com/aquasecurity/trivy/commit/c110c4e0) revert: cache merged layers ([#3334](https://togithub.com/aquasecurity/trivy/issues/3334)) - [`bc759ef`](https://togithub.com/aquasecurity/trivy/commit/bc759efd) feat(cyclonedx): add recommendation ([#3336](https://togithub.com/aquasecurity/trivy/issues/3336)) - [`fe3831e`](https://togithub.com/aquasecurity/trivy/commit/fe3831e0) feat(ubuntu): added support ubuntu ESM versions ([#1893](https://togithub.com/aquasecurity/trivy/issues/1893)) - [`b0cebec`](https://togithub.com/aquasecurity/trivy/commit/b0cebec3) fix: change logic to build relative paths for skip-dirs and skip-files ([#3331](https://togithub.com/aquasecurity/trivy/issues/3331)) - [`a66d3fe`](https://togithub.com/aquasecurity/trivy/commit/a66d3fe3) chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 ([#3265](https://togithub.com/aquasecurity/trivy/issues/3265)) - [`5190f95`](https://togithub.com/aquasecurity/trivy/commit/5190f956) feat: Adding support for Windows testing ([#3037](https://togithub.com/aquasecurity/trivy/issues/3037)) - [`b00f3c6`](https://togithub.com/aquasecurity/trivy/commit/b00f3c60) feat: add support for Alpine 3.17 ([#3319](https://togithub.com/aquasecurity/trivy/issues/3319)) - [`a70f885`](https://togithub.com/aquasecurity/trivy/commit/a70f8851) docs: change PodFile.lock to Podfile.lock ([#3318](https://togithub.com/aquasecurity/trivy/issues/3318)) - [`1ec1fe6`](https://togithub.com/aquasecurity/trivy/commit/1ec1fe64) fix(sbom): support for the detection of old CycloneDX predicate type ([#3316](https://togithub.com/aquasecurity/trivy/issues/3316)) - [`68eda79`](https://togithub.com/aquasecurity/trivy/commit/68eda793) feat(secret): Use .trivyignore for filtering secret scanning result ([#3312](https://togithub.com/aquasecurity/trivy/issues/3312)) - [`b95d435`](https://togithub.com/aquasecurity/trivy/commit/b95d435a) chore(go): remove experimental FS API usage in Wasm ([#3299](https://togithub.com/aquasecurity/trivy/issues/3299)) - [`ac6b7c3`](https://togithub.com/aquasecurity/trivy/commit/ac6b7c33) ci: add workflow to add issues to roadmap project ([#3292](https://togithub.com/aquasecurity/trivy/issues/3292)) - [`cfabdf9`](https://togithub.com/aquasecurity/trivy/commit/cfabdf91) fix(vuln): include duplicate vulnerabilities with different package paths in the final report ([#3275](https://togithub.com/aquasecurity/trivy/issues/3275)) - [`56e3d8d`](https://togithub.com/aquasecurity/trivy/commit/56e3d8de) chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 ([#3250](https://togithub.com/aquasecurity/trivy/issues/3250)) - [`bbccb44`](https://togithub.com/aquasecurity/trivy/commit/bbccb448) feat(sbom): better support for third-party SBOMs ([#3262](https://togithub.com/aquasecurity/trivy/issues/3262)) - [`e879b06`](https://togithub.com/aquasecurity/trivy/commit/e879b069) docs: add information about languages with support for dependency locations ([#3306](https://togithub.com/aquasecurity/trivy/issues/3306)) - [`e92266f`](https://togithub.com/aquasecurity/trivy/commit/e92266f2) feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots ([#3284](https://togithub.com/aquasecurity/trivy/issues/3284)) - [`01c7fb1`](https://togithub.com/aquasecurity/trivy/commit/01c7fb14) chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible ([#3251](https://togithub.com/aquasecurity/trivy/issues/3251)) - [`23d0613`](https://togithub.com/aquasecurity/trivy/commit/23d06138) fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln ([#3255](https://togithub.com/aquasecurity/trivy/issues/3255)) - [`407c240`](https://togithub.com/aquasecurity/trivy/commit/407c2407) docs: remove comparisons ([#3289](https://togithub.com/aquasecurity/trivy/issues/3289)) - [`93c5d2d`](https://togithub.com/aquasecurity/trivy/commit/93c5d2dc) feat: add support for Wolfi Linux ([#3215](https://togithub.com/aquasecurity/trivy/issues/3215)) - [`2809794`](https://togithub.com/aquasecurity/trivy/commit/28097949) ci: add go.mod to canary workflow ([#3288](https://togithub.com/aquasecurity/trivy/issues/3288)) - [`08b55c3`](https://togithub.com/aquasecurity/trivy/commit/08b55c33) feat(python): skip dev dependencies ([#3282](https://togithub.com/aquasecurity/trivy/issues/3282)) - [`52300e6`](https://togithub.com/aquasecurity/trivy/commit/52300e60) chore: update ubuntu version for Github action runnners ([#3257](https://togithub.com/aquasecurity/trivy/issues/3257)) - [`a7ac6ac`](https://togithub.com/aquasecurity/trivy/commit/a7ac6aca) fix(go): skip dep without Path for go-binaries ([#3254](https://togithub.com/aquasecurity/trivy/issues/3254)) - [`4436a20`](https://togithub.com/aquasecurity/trivy/commit/4436a202) feat(rust): add ID for cargo pgks ([#3256](https://togithub.com/aquasecurity/trivy/issues/3256)) - [`34d505a`](https://togithub.com/aquasecurity/trivy/commit/34d505ad) chore(deps): bump github.com/samber/lo from 1.33.0 to 1.36.0 ([#3263](https://togithub.com/aquasecurity/trivy/issues/3263)) - [`ea95602`](https://togithub.com/aquasecurity/trivy/commit/ea956026) chore(deps): bump github.com/Masterminds/sprig/v3 from 3.2.2 to 3.2.3 ([#3253](https://togithub.com/aquasecurity/trivy/issues/3253)) - [`aea298b`](https://togithub.com/aquasecurity/trivy/commit/aea298b3) feat: add support for swift cocoapods lock files ([#2956](https://togithub.com/aquasecurity/trivy/issues/2956)) - [`c67fe17`](https://togithub.com/aquasecurity/trivy/commit/c67fe17b) fix(sbom): use proper constants ([#3286](https://togithub.com/aquasecurity/trivy/issues/3286)) - [`f907255`](https://togithub.com/aquasecurity/trivy/commit/f9072556) chore(deps): bump golang.org/x/term from 0.1.0 to 0.3.0 ([#3278](https://togithub.com/aquasecurity/trivy/issues/3278)) - [`8f95743`](https://togithub.com/aquasecurity/trivy/commit/8f957435) test(vm): import relevant analyzers ([#3285](https://togithub.com/aquasecurity/trivy/issues/3285)) - [`8744534`](https://togithub.com/aquasecurity/trivy/commit/8744534c) feat: support scan remote repository ([#3131](https://togithub.com/aquasecurity/trivy/issues/3131)) - [`c278d86`](https://togithub.com/aquasecurity/trivy/commit/c278d866) docs: fix typo in fluxcd ([#3268](https://togithub.com/aquasecurity/trivy/issues/3268)) - [`fa2281f`](https://togithub.com/aquasecurity/trivy/commit/fa2281f7) docs: fix broken "ecosystem" link in readme ([#3280](https://togithub.com/aquasecurity/trivy/issues/3280)) - [`a3eece4`](https://togithub.com/aquasecurity/trivy/commit/a3eece4f) feat(misconf): Add compliance check support ([#3130](https://togithub.com/aquasecurity/trivy/issues/3130)) - [`7a6cf5a`](https://togithub.com/aquasecurity/trivy/commit/7a6cf5a2) docs: Adding Concourse resource for trivy ([#3224](https://togithub.com/aquasecurity/trivy/issues/3224)) - [`dd26bd2`](https://togithub.com/aquasecurity/trivy/commit/dd26bd23) chore(deps): change golang from 1.19.2 to 1.19 ([#3249](https://togithub.com/aquasecurity/trivy/issues/3249)) - [`cbba6d1`](https://togithub.com/aquasecurity/trivy/commit/cbba6d10) fix(sbom): duplicate dependson ([#3261](https://togithub.com/aquasecurity/trivy/issues/3261)) - [`fa2e3ac`](https://togithub.com/aquasecurity/trivy/commit/fa2e3ac2) chore(deps): bump alpine from 3.16.2 to 3.17.0 ([#3247](https://togithub.com/aquasecurity/trivy/issues/3247)) - [`5c43475`](https://togithub.com/aquasecurity/trivy/commit/5c434753) chore(go): updates wazero to 1.0.0-pre.4 ([#3242](https://togithub.com/aquasecurity/trivy/issues/3242)) - [`d29b0ed`](https://togithub.com/aquasecurity/trivy/commit/d29b0edc) feat(report): add dependency locations to sarif format ([#3210](https://togithub.com/aquasecurity/trivy/issues/3210)) - [`967e32f`](https://togithub.com/aquasecurity/trivy/commit/967e32f4) fix(rpm): add rocky to osVendors ([#3241](https://togithub.com/aquasecurity/trivy/issues/3241)) - [`9477416`](https://togithub.com/aquasecurity/trivy/commit/94774166) docs: fix a typo ([#3236](https://togithub.com/aquasecurity/trivy/issues/3236)) - [`97ce61e`](https://togithub.com/aquasecurity/trivy/commit/97ce61ee) feat(dotnet): add dependency parsing for nuget lock files ([#3222](https://togithub.com/aquasecurity/trivy/issues/3222)) - [`17e13c4`](https://togithub.com/aquasecurity/trivy/commit/17e13c4d) docs: add pre-commit hook to community tools ([#3203](https://togithub.com/aquasecurity/trivy/issues/3203)) - [`b1a2c4e`](https://togithub.com/aquasecurity/trivy/commit/b1a2c4e9) feat(helm): pass arbitrary env vars to trivy ([#3208](https://togithub.com/aquasecurity/trivy/issues/3208))