Update aquasec/trivy Docker tag to v0.54.0

This MR contains the following updates:

Package	Type	Update	Change
aquasec/trivy		minor	0.53.0 -> 0.54.0
aquasec/trivy	ironbank-docker	minor	0.53.0 -> 0.54.0
aquasec/trivy	stage	minor	0.53.0 -> 0.54.0

---

Release Notes

aquasecurity/trivy (aquasec/trivy)

v0.54.0

Compare Source

Features

• add log.FilePath() function for logger (#​7080) (1f5f348)
• add openSUSE tumbleweed detection and scanning (#​6965) (17b5dbf)
• cli: rename --vuln-type flag to --pkg-types flag (#​7104) (7cbdb0a)
• mariner: Add support for Azure Linux (#​7186) (5cbc452)
• misconf: enabled China configuration for ACRs (#​7156) (d1ec89d)
• nodejs: add license parser to pnpm analyser (#​7036) (03ac93d)
• sbom: add image labels into SPDX and CycloneDX reports (#​7257) (4a2f492)
• sbom: add vulnerability support for SPDX formats (#​7213) (efb1f69)
• share build-in rules (#​7207) (bff317c)
• vex: retrieve VEX attestations from OCI registries (#​7249) (c2fd2e0)
• vex: VEX Repository support (#​7206) (88ba460)
• vuln: add --pkg-relationships (#​7237) (5c37361)

Bug Fixes

• Add dependencyManagement exclusions to the child exclusions (#​6969) (dc68a66)
• add missing platform and type to spec (#​7149) (c8a7abd)
• cli: error on missing config file (#​7154) (7fa5e7d)
• close file when failed to open gzip (#​7164) (2a577a7)
• dotnet: don't include non-runtime libraries into report for *.deps.json files (#​7039) (5bc662b)
• dotnet: show nuget package dir not found log only when checking nuget packages (#​7194) (d76feba)
• ignore nodes when listing permission is not allowed (#​7107) (25f8143)
• java: avoid panic if deps from pom in it dir are not found (#​7245) (4e54a7e)
• java: use go-mvn-version to remove Package duplicates (#​7088) (a7a304d)
• misconf: do not evaluate TF when a load error occurs (#​7109) (f27c236)
• nodejs: detect direct dependencies when using latest version for files yarn.lock + package.json (#​7110) (54bb8bd)
• report: hide empty table when all secrets/license/misconfigs are ignored (#​7171) (c3036de)
• secret: skip regular strings contain secret patterns (#​7182) (174b1e3)
• secret: trim excessively long lines (#​7192) (92b13be)
• secret: update length of hugging-face-access-token (#​7216) (8c87194)
• server: pass license categories to options (#​7203) (9d52018)

Performance Improvements

• debian: use bytes.Index in emptyLineSplit to cut allocation (#​7065) (acbec05)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.