build(deps): bump github.com/aquasecurity/trivy from 0.58.0 to 0.58.1

[dependabot]

Bumps github.com/aquasecurity/trivy from 0.58.0 to 0.58.1.

Release notes

Sourced from github.com/aquasecurity/trivy's releases.

v0.58.1

⚡Release highlights and summary⚡

👉 aquasecurity/trivy#8171

Changelog

https://github.com/aquasecurity/trivy/blob/release/v0.58/CHANGELOG.md#0581-2024-12-24

Changelog

Sourced from github.com/aquasecurity/trivy's changelog.

0.58.1 (2024-12-24)

Bug Fixes

• handle BLOW_UNKNOWN error to download DBs [backport: release/v0.58] (#8121) (9a56e7c)
• java: correctly overwrite version from depManagement if dependency uses project.* props [backport: release/v0.58] (#8119) (4278a09)
• oracle: add architectures support for advisories [backport: release/v0.58] (#8125) (89b341f)
• python: skip dev group's deps for poetry [backport: release/v0.58] (#8158) (8b93081)
• redhat: correct rewriting of recommendations for the same vulnerability [backport: release/v0.58] (#8135) (33818e1)
• sbom: attach nested packages to Application [backport: release/v0.58] (#8168) (03160e4)
• sbom: fix wrong overwriting of applications obtained from different sbom files but having same app type [backport: release/v0.58] (#8124) (f842fe1)
• sbom: use root package for unknown dependencies (if exists) [backport: release/v0.58] (#8156) (18cd1a5)

Commits

• 7326db1 release: v0.58.1 [release/v0.58] (#8120)
• 03160e4 fix(sbom): attach nested packages to Application [backport: release/v0.58] (#...
• 8b93081 fix(python): skip dev group's deps for poetry [backport: release/v0.58] (#8158)
• 18cd1a5 fix(sbom): use root package for unknown dependencies (if exists) [backport:...
• 1bde3df chore(deps): bump golang.org/x/net from v0.32.0 to v0.33.0 [backport: r...
• 90f9e88 chore(deps): bump github.com/CycloneDX/cyclonedx-go from v0.9.1 to `v0.9....
• 33818e1 fix(redhat): correct rewriting of recommendations for the same vulnerability ...
• 89b341f fix(oracle): add architectures support for advisories [backport: release/v0.5...
• f842fe1 fix(sbom): fix wrong overwriting of applications obtained from different sbom...
• d52542f chore(deps): bump golang.org/x/crypto from 0.30.0 to 0.31.0 [backport: releas...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Looks like github.com/aquasecurity/trivy is up-to-date now, so this is no longer needed.