chore(deps): bump github.com/aquasecurity/trivy from 0.60.0 to 0.61.0

[dependabot]

Bumps github.com/aquasecurity/trivy from 0.60.0 to 0.61.0.

Release notes

Sourced from github.com/aquasecurity/trivy's releases.

v0.61.0

⚡Release highlights and summary⚡

👉 aquasecurity/trivy#8639

Changelog

https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0610-2025-03-28

Changelog

Sourced from github.com/aquasecurity/trivy's changelog.

0.61.0 (2025-03-28)

Features

• fs: optimize scanning performance by direct file access for known paths (#8525) (8bf6caf)
• k8s: add support for controllers (#8614) (1bf0117)
• misconf: adapt aws_default_security_group (#8538) (b57eccb)
• misconf: adapt aws_opensearch_domain (#8550) (9913465)
• misconf: adapt AWS::DynamoDB::Table (#8529) (8112cdf)
• misconf: adapt AWS::EC2::VPC (#8534) (0d9865f)
• misconf: Add support for aws_ami (#8499) (573502e)
• replace TinyGo with standard Go for WebAssembly modules (#8496) (529957e)

Bug Fixes

• debian: don't include empty licenses for dpkgs (#8623) (346f5b3)
• fs: check postAnalyzers for StaticPaths (#8543) (c228307)
• k8s: show report for --report all (#8613) (dbb6f28)
• misconf: add ephemeral block type to config schema (#8513) (41512f8)
• misconf: Check values wholly prior to evalution (#8604) (ad58cf4)
• misconf: do not skip loading documents from subdirectories (#8526) (de7eb13)
• misconf: do not use cty.NilVal for non-nil values (#8567) (400a79c)
• misconf: identify the chart file exactly by name (#8590) (ba77dbe)
• misconf: Improve logging for unsupported checks (#8634) (5b7704d)
• misconf: set default values for AWS::EKS::Cluster.ResourcesVpcConfig (#8548) (1f05b45)
• misconf: skip Azure CreateUiDefinition (#8503) (c7814f1)
• spdx: save text licenses into otherLicenses without normalize (#8502) (e5072f1)
• use --file-patterns flag for all post analyzers (#7365) (8b88238)

Performance Improvements

• misconf: parse input for Rego once (#8483) (0e5e909)
• misconf: retrieve check metadata from annotations once (#8478) (7b96351)

Commits

• 7f41822 release: v0.61.0 [main] (#8507)
• 5b7704d fix(misconf): Improve logging for unsupported checks (#8634)
• 1bf0117 feat(k8s): add support for controllers (#8614)
• 346f5b3 fix(debian): don't include empty licenses for dpkgs (#8623)
• ad58cf4 fix(misconf): Check values wholly prior to evalution (#8604)
• c76764e chore(deps): Bump trivy-checks (#8619)
• dbb6f28 fix(k8s): show report for --report all (#8613)
• 548a340 chore(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.1 to 4.5.2 (#8597)
• c80310d refactor: rename scanner to service (#8584)
• de7eb13 fix(misconf): do not skip loading documents from subdirectories (#8526)
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
github.com/aquasecurity/trivy	[>= 0.50.2.a, < 0.50.3]
github.com/aquasecurity/trivy	[< 0.51, > 0.50.1]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)