chore(deps): bump github.com/anchore/syft from 0.104.0 to 0.105.0

[dependabot[bot]]

Bumps github.com/anchore/syft from 0.104.0 to 0.105.0.

Release notes

Sourced from github.com/anchore/syft's releases.

v0.105.0

Added Features

• Guess go main module version based on binary contents [#2608 @​wagoodman]
• Catalog wordpress plugins [#1911 #2218 @​disc]

Bug Fixes

• ensure version output to stdout [#2621 @​kzantow]
• Survive indexing dead symlinks [#2645 @​wagoodman]
• unable to index filesystem for amazonlinux images [#2627 #2644 @​wagoodman]
• CycloneDX OS component does not have a bom-ref [#2101 #2634 @​kzantow]
• v0.104.0 interface conversion error when creating bom from singularity image [#2628 #2631 @​wagoodman]

Additional Changes

• Rename binary cataloger to be more unique [#2633 @​wagoodman]
• Suppress executable parsing issues [#2614 @​wagoodman]
• update license list, cpe dictionary [#2620 @​spiffcs]

(Full Changelog)

Commits

• 65cadda Survive indexing dead symlinks (#2645)
• a909e3c fix considering base path when ignoring known bad unix paths (#2644)
• 8e62ff9 test for field conventions in json schema (#2642)
• 96ee2db feat: Add Wordpress cataloger (#2218)
• 98b700e rename binary cataloger to be more unique (#2633)
• 9803db2 fix: update runner size to use larger HD for codeql (#2641)
• 17ef243 chore(deps): update tools to latest versions (#2616)
• 3ac7369 chore(deps): bump github/codeql-action from 3.24.0 to 3.24.1 (#2638)
• 4d4efa4 chore(deps): bump dawidd6/action-homebrew-bump-formula (#2639)
• a7da227 chore(deps): bump modernc.org/sqlite from 1.29.0 to 1.29.1 (#2640)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)