chore(deps): Bump github.com/anchore/grype from 0.75.0 to 0.76.0

[dependabot]

Bumps github.com/anchore/grype from 0.75.0 to 0.76.0.

Release notes

Sourced from github.com/anchore/grype's releases.

v0.76.0

Added Features

• Database download timeouts [#1731 #1777 @​willmurphyscode]

Bug Fixes

• Disable matching kernel vulnerabilities by default for indirect matches against the 'kernel-headers' packages [#1762 #1787 @​zhill]

Additional Changes

• Update Syft to v1.2.0 [#1803]

(Full Changelog)

Commits

• a7cbe3a fix: adds ignore rules for kernel-headers indirect matches (#1787)
• 018b415 chore(deps): bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 (#1805)
• 4c5e4c6 chore: fix function name in comment (#1798)
• a093c95 chore(deps): bump peter-evans/create-pull-request from 6.0.2 to 6.0.3 (#1802)
• 9ce3048 chore(deps): update Syft to v1.2.0 (#1803)
• 062217c chore(deps): bump github.com/docker/docker (#1800)
• 3c23dea chore(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (#1801)
• 2d613a8 chore(deps): bump github.com/gkampitakis/go-snaps from 0.5.2 to 0.5.3 (#1791)
• 420c0cd test: fuzzy version comparison for java versions (#1788)
• 046c191 chore: readme formats updated with sarif option (#1786)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)