build(deps): bump github.com/anchore/syft from 1.38.0 to 1.43.0

[dependabot]

Bumps github.com/anchore/syft from 1.38.0 to 1.43.0.

Release notes

Sourced from github.com/anchore/syft's releases.

v1.43.0

Added Features

• added deno bin classifiers [#4677 @​rezmoss]
• Support haskell old versions [#3237 #4793 @​witchcraze]
• Add support for OpenLDAP binary detection [#4768 #4755 @​nadimz]
• Support erlang ols versions [#3235 #4766 @​witchcraze]

Bug Fixes

• improve redhat-release parsing fallback for RHEL clones [#4808 @​westonsteimel]
• fix format string in search results struct [#4775 @​willmurphyscode]
• prevent infinite recursion in Document.UnmarshalJSON with encoding/json/v2 [#4748 @​benja-M-1]
• Syft can not complete scanning golang image [#4686]
• javascript-package-cataloger drops entire package.json when authors/contributors/maintainers is a single string [#4778 #4779 @​yoav-orca]
• pnpm lock file cataloger produces unstable output [#4648 #4765 @​lawrence3699]
• Linux Kernel bzImage and zImage not cataloged by linux-kernel-cataloger [#4769 #4751 @​nadimz]
• Support istio binary (pilot-discovery, pilot-agent) alpha,beta,rc,dev version [#4546 #4645 @​witchcraze]
• Scanning mounted ISO: duplicate entries [#4759]

Additional Changes

• update CPE dictionary index [#4767 @​anchore-oss-update-bot]

(Full Changelog)

v1.42.4

Bug Fixes

• Similar Packages Should Be Aggregated [#1162]
• Support arangodb binary recent version [#4571 #4662 @​witchcraze]
• Support go binary various versions [#4687 #4694 @​kzantow]

Additional Changes

• update CPE dictionary index [#4745 @​anchore-oss-update-bot]
• update CPE dictionary index [#4726 @​anchore-oss-update-bot]
• Add a trust boundary section [#4716 @​joshbressers]

(Full Changelog)

v1.42.3

Bug Fixes

• Missing secondary evidence for .NET dependency in ghcr.io/open-telemetry/demo:2.0.0-accounting image [#4652]

Additional Changes

• bump github.com/buger/jsonsparser to v1.1.2 [#4680 @​willmurphyscode]
• centralize temp files and prefer streaming IO [#4668 @​willmurphyscode]

... (truncated)

Commits

• 390cf6c chore(deps): update anchore dependencies (#4797)
• 4393654 Chore fix sync bump (#4809)
• d179724 fix: improve redhat-release parsing fallback for RHEL clones (#4808)
• 2ddaaac restore go minimum version to 1.25.8 (#4805)
• 073b4c5 chore(deps): restore Go version to 1.25.8 (#4804)
• ff6c34d fix: improve haskell classifiers (#4793)
• 66ba575 chore(deps): bump the actions-minor-patch group across 1 directory with 2 upd...
• ed306c2 chore(deps): bump github.com/go-git/go-git/v5 from 5.17.0 to 5.18.0 (#4792)
• 33bc4b8 chore(deps): update Go version (#4798)
• 89e4e60 fix: update jruby download URLs from S3 to GitHub Releases (#4799)
• Additional commits viewable in compare view

[dependabot]

Superseded by #1966.