build(deps): bump github.com/anchore/grype from 0.95.0 to 0.96.1

[dependabot]

Bumps github.com/anchore/grype from 0.95.0 to 0.96.1.

Release notes

Sourced from github.com/anchore/grype's releases.

v0.96.1

Syft Improvments

• Update to latest version of syft v1.29.0

Performance Improvements

• Create ignore regex objects conditionally[#2805 @​wagoodman ]

(Full Changelog)

v0.96.0

Added Features

• Added the EPSS score and KEV indications as CycloneDX vulnerabilities.ratings entries [#2695 #2765 @​AlinaPodoba]

Bug Fixes

• The go run and go install broken due to useless redirect directive in go.mod [#2777 #2780 @​stefanb]
• EPSS implementation using percentile instead of percent probability [#2778 #2785 @​wagoodman]
• Latest version of grype with V6 schema lists incorrect URL for v6 database [#2513]

Additional Changes

• Add more detail around cataloging and DB load log statements [#2779 @​wagoodman]
• add version set and combined constraint [#2763 @​wagoodman]
• add v6 OS store [#2766 @​wagoodman]

(Full Changelog)

Commits

• 3e57a29 chore(deps): update anchore dependencies (#2815)
• f5bcd68 chore: revert credentials persistence for release (#2816)
• 7dc71a2 chore(deps): bump github/codeql-action from 3.29.2 to 3.29.3 (#2814)
• c1d6b5d chore(deps): update tools to latest versions (#2806)
• 4c399e4 chore(deps): bump sigstore/cosign-installer from 3.9.1 to 3.9.2 (#2808)
• 7a07e3d create ignore regexs conditionally (#2805)
• a9fb8f1 chore: lint gh actions (#2804)
• 6592f3c chore(deps): update tools to latest versions (#2801)
• 421c93b remove disallowed characters from hostname before cert generation (#2800)
• c147d66 chore(deps): update tools to latest versions (#2792)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)