Trivy version is very out of date

[JamesChristianson]

This tool uses a very old version of trivy (v0.19.2), which causes issues because apps using package-lock.json lockfileVersion: 3 , are not supported and vulnerabilities aren't found.

When is this going to be updated? Having such a old version makes the tool hard to justify to use.

[dotpaul]

@davidknise is working on this