Update all non-major dependencies (#1301)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence | Type |
Update |
|---|---|---|---|---|---|---|---|
| [@playwright/test](https://playwright.dev)
([source](https://togithub.com/Microsoft/playwright)) | [`1.29.2` ->
`1.30.0`](https://renovatebot.com/diffs/npm/@playwright%2ftest/1.29.2/1.30.0)
|
[![age](https://badges.renovateapi.com/packages/npm/@playwright%2ftest/1.30.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/@playwright%2ftest/1.30.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/@playwright%2ftest/1.30.0/compatibility-slim/1.29.2)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/@playwright%2ftest/1.30.0/confidence-slim/1.29.2)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor |
| [@sveltejs/kit](https://kit.svelte.dev)
([source](https://togithub.com/sveltejs/kit)) | [`1.2.10` ->
`1.3.5`](https://renovatebot.com/diffs/npm/@sveltejs%2fkit/1.2.10/1.3.5)
|
[![age](https://badges.renovateapi.com/packages/npm/@sveltejs%2fkit/1.3.5/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/@sveltejs%2fkit/1.3.5/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/@sveltejs%2fkit/1.3.5/compatibility-slim/1.2.10)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/@sveltejs%2fkit/1.3.5/confidence-slim/1.2.10)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | minor |
| [github.com/anchore/syft](https://togithub.com/anchore/syft) |
`v0.68.1` -> `v0.69.0` |
[![age](https://badges.renovateapi.com/packages/go/github.com%2fanchore%2fsyft/v0.69.0/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/github.com%2fanchore%2fsyft/v0.69.0/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/github.com%2fanchore%2fsyft/v0.69.0/compatibility-slim/v0.68.1)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/github.com%2fanchore%2fsyft/v0.69.0/confidence-slim/v0.68.1)](https://docs.renovatebot.com/merge-confidence/)
| require | minor |
| [quicktype](https://togithub.com/quicktype/quicktype) | [`21.0.4` ->
`21.0.5`](https://renovatebot.com/diffs/npm/quicktype/21.0.4/21.0.5) |
[![age](https://badges.renovateapi.com/packages/npm/quicktype/21.0.5/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/npm/quicktype/21.0.5/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/npm/quicktype/21.0.5/compatibility-slim/21.0.4)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/npm/quicktype/21.0.5/confidence-slim/21.0.4)](https://docs.renovatebot.com/merge-confidence/)
| devDependencies | patch |
|
[sigs.k8s.io/kustomize/kyaml](https://togithub.com/kubernetes-sigs/kustomize)
| `v0.13.9` -> `v0.13.10` |
[![age](https://badges.renovateapi.com/packages/go/sigs.k8s.io%2fkustomize%2fkyaml/v0.13.10/age-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://badges.renovateapi.com/packages/go/sigs.k8s.io%2fkustomize%2fkyaml/v0.13.10/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://badges.renovateapi.com/packages/go/sigs.k8s.io%2fkustomize%2fkyaml/v0.13.10/compatibility-slim/v0.13.9)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://badges.renovateapi.com/packages/go/sigs.k8s.io%2fkustomize%2fkyaml/v0.13.10/confidence-slim/v0.13.9)](https://docs.renovatebot.com/merge-confidence/)
| require | patch |

---

### Release Notes

<details>
<summary>Microsoft/playwright</summary>

###
[`v1.30.0`](https://togithub.com/microsoft/playwright/releases/tag/v1.30.0)

[Compare
Source](https://togithub.com/Microsoft/playwright/compare/v1.29.2...v1.30.0)

##### 🎉 Happy New Year 🎉

Maintenance release with bugfixes and new browsers only. We are baking
some nice features for v1.31.

##### Browser Versions

-   Chromium 110.0.5481.38
-   Mozilla Firefox 108.0.2
-   WebKit 16.4

This version was also tested against the following stable channels:

-   Google Chrome 109
-   Microsoft Edge 109

</details>

<details>
<summary>sveltejs/kit</summary>

###
[`v1.3.5`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;135)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Patch Changes

- docs: fix typo
([#&#8203;8790](https://togithub.com/sveltejs/kit/pull/8790))

- fix: build error on layout with missing leaves
([#&#8203;8792](https://togithub.com/sveltejs/kit/pull/8792))

- fix: handle hash links with non-ASCII characters when navigating
([#&#8203;8767](https://togithub.com/sveltejs/kit/pull/8767))

###
[`v1.3.4`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;134)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Patch Changes

- chore: bump devalue
([#&#8203;8789](https://togithub.com/sveltejs/kit/pull/8789))

###
[`v1.3.3`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;133)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Patch Changes

- fix: forward `process.env` to child process
([#&#8203;8777](https://togithub.com/sveltejs/kit/pull/8777))

###
[`v1.3.2`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;132)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Patch Changes

- fix: take base path into account when preloading code
([#&#8203;8748](https://togithub.com/sveltejs/kit/pull/8748))

###
[`v1.3.1`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;131)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Patch Changes

- fix: only fetch `__data.json` files for routes with a server `load`
function ([#&#8203;8636](https://togithub.com/sveltejs/kit/pull/8636))

- fix: add `ignoreDeprecations` flag for TS 5.x
([#&#8203;8718](https://togithub.com/sveltejs/kit/pull/8718))

- fix: install polyfills when analysing code
([#&#8203;8636](https://togithub.com/sveltejs/kit/pull/8636))

###
[`v1.3.0`](https://togithub.com/sveltejs/kit/blob/HEAD/packages/kit/CHANGELOG.md#&#8203;130)

[Compare
Source](https://togithub.com/sveltejs/kit/compare/@sveltejs/[email protected]...@sveltejs/[email protected])

##### Minor Changes

- feat: allow generated tsconfig to be modified
([#&#8203;8606](https://togithub.com/sveltejs/kit/pull/8606))

##### Patch Changes

- fix: skip navigation hooks on popstate events when only hash changed
([#&#8203;8730](https://togithub.com/sveltejs/kit/pull/8730))

</details>

<details>
<summary>anchore/syft</summary>

###
[`v0.69.0`](https://togithub.com/anchore/syft/compare/v0.68.1...v0.69.0)

[Compare
Source](https://togithub.com/anchore/syft/compare/v0.68.1...v0.69.0)

</details>

<details>
<summary>quicktype/quicktype</summary>

###
[`v21.0.5`](https://togithub.com/quicktype/quicktype/compare/196f0d2c60b5c0b8b05f7dafc36181f243a70ea1...7546d5535bb3a9db60db911271b765dc298e6d41)

[Compare
Source](https://togithub.com/quicktype/quicktype/compare/196f0d2c60b5c0b8b05f7dafc36181f243a70ea1...7546d5535bb3a9db60db911271b765dc298e6d41)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://app.renovatebot.com/dashboard#github/defenseunicorns/zarf).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC4xMTYuMSIsInVwZGF0ZWRJblZlciI6IjM0LjExNi4xIn0=-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Jeff McCoy <[email protected]>

docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_sbom_attest.md

@@ -17,6 +17,7 @@ zarf tools sbom attest --output [FORMAT] <IMAGE> [flags]
       --exclude stringArray      exclude paths from being scanned using a glob expression
       --file string              file to write the default report output to (default is STDOUT)
   -h, --help                     help for attest
+  -k, --key string               the key to use for the attestation
       --name string              set the name of the target being analyzed
   -o, --output stringArray       report output format, options=[syft-json cyclonedx-xml cyclonedx-json github github-json spdx-tag-value spdx-json table text template] (default [table])
       --platform string          an optional platform specifier for container image sources (e.g. 'linux/arm64', 'linux/arm64/v8', 'arm64', 'linux')

go.mod

@@ -2,13 +2,16 @@ module github.com/defenseunicorns/zarf
 
 go 1.19
 
+// not updating due to bug in kyaml, https://github.com/kubernetes-sigs/kustomize/issues/4896
+replace sigs.k8s.io/kustomize/kyaml => sigs.k8s.io/kustomize/kyaml v0.13.9
+
 require (
 	github.com/AlecAivazis/survey/v2 v2.3.6
 	github.com/alecthomas/jsonschema v0.0.0-20220216202328-9eeeec9d044b
 	github.com/anchore/stereoscope v0.0.0-20221208011002-c5ff155d72f1
-	github.com/anchore/syft v0.68.1
+	github.com/anchore/syft v0.69.0
 	github.com/derailed/k9s v0.27.0
-	github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2
+	github.com/distribution/distribution v2.8.1+incompatible
 	github.com/fatih/color v1.14.1
 	github.com/go-chi/chi/v5 v5.0.8
 	github.com/go-git/go-git/v5 v5.5.2
@@ -30,7 +33,7 @@ require (
 	k8s.io/client-go v0.26.1
 	k8s.io/klog/v2 v2.90.0
 	sigs.k8s.io/kustomize/api v0.12.1
-	sigs.k8s.io/kustomize/kyaml v0.13.9 // not updating due to bug in kyaml, https://github.com/kubernetes-sigs/kustomize/issues/4896
+	sigs.k8s.io/kustomize/kyaml v0.13.10
 	sigs.k8s.io/yaml v1.3.0
 )
 
@@ -151,7 +154,7 @@ require (
 	github.com/gdamore/encoding v1.0.0 // indirect
 	github.com/gdamore/tcell/v2 v2.5.4 // indirect
 	github.com/go-chi/chi v4.1.2+incompatible // indirect
-	github.com/go-errors/errors v1.4.2 // indirect
+	github.com/go-errors/errors v1.0.1 // indirect
 	github.com/go-git/gcfg v1.5.0 // indirect
 	github.com/go-git/go-billy/v5 v5.4.0 // indirect
 	github.com/go-gorp/gorp/v3 v3.0.2 // indirect

go.sum

@@ -307,8 +307,8 @@ github.com/anchore/packageurl-go v0.1.1-0.20230104203445-02e0a6721501 h1:AV7qjwM
 github.com/anchore/packageurl-go v0.1.1-0.20230104203445-02e0a6721501/go.mod h1:Blo6OgJNiYF41ufcgHKkbCKF2MDOMlrqhXv/ij6ocR4=
 github.com/anchore/stereoscope v0.0.0-20221208011002-c5ff155d72f1 h1:DXUAm/H9chRTEzMfkFyduBIcCiJyFXhCmv3zH3C0HGs=
 github.com/anchore/stereoscope v0.0.0-20221208011002-c5ff155d72f1/go.mod h1:/zjVnu2Jdl7xQCUtASegzeEg+IHKrM7SyMqdao3e+Nc=
-github.com/anchore/syft v0.68.1 h1:lXRSy51cCwOhlXyFYJppiHuOx+Aj59l9vIr9QwRXwXQ=
-github.com/anchore/syft v0.68.1/go.mod h1:8V+ty9yieYYjEL3wQkcQC1EfEy+yM+VXLnkqpXie1FQ=
+github.com/anchore/syft v0.69.0 h1:6Zbg9iUdNDv/tL2jUehqIm9xvGwCUS24RjWKZGQ/m48=
+github.com/anchore/syft v0.69.0/go.mod h1:8V+ty9yieYYjEL3wQkcQC1EfEy+yM+VXLnkqpXie1FQ=
 github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=
 github.com/andybalholm/brotli v1.0.1/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y=
 github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY=
@@ -685,8 +685,9 @@ github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8
 github.com/dimchansky/utfbom v1.1.0/go.mod h1:rO41eb7gLfo8SF1jd9F8HplJm1Fewwi4mQvIirEdv+8=
 github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U=
 github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
+github.com/distribution/distribution v2.8.1+incompatible h1:8iXUoOqRPx30bhzIEPUmNIqlmBlWdrieW1bqr6LrX30=
+github.com/distribution/distribution v2.8.1+incompatible/go.mod h1:EgLm2NgWtdKgzF9NpMzUKgzmR7AMmb0VQi2B+ZzDRjc=
 github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2 h1:aBfCb7iqHmDEIp6fBvC/hQUddQfg+3qdYjwzaiP9Hnc=
-github.com/distribution/distribution/v3 v3.0.0-20221208165359-362910506bc2/go.mod h1:WHNsWjnIn2V1LYOrME7e8KxSeKunYHsxEm4am0BUtcI=
 github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E=
 github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/cli v20.10.10+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
@@ -827,8 +828,8 @@ github.com/go-chi/chi v4.1.2+incompatible h1:fGFk2Gmi/YKXk0OmGfBh0WgmN3XB8lVnEyN
 github.com/go-chi/chi v4.1.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ=
 github.com/go-chi/chi/v5 v5.0.8 h1:lD+NLqFcAi1ovnVZpsnObHGW4xb4J8lNmoYVfECH1Y0=
 github.com/go-chi/chi/v5 v5.0.8/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
-github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA=
-github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og=
+github.com/go-errors/errors v1.0.1 h1:LUHzmkK3GUKUrL/1gfBUxAHzcev3apQlezX/+O7ma6w=
+github.com/go-errors/errors v1.0.1/go.mod h1:f4zRHt4oKfwPJE5k8C9vpYG+aDHdBFUsgrm6/TyX73Q=
 github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4=
 github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E=
 github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=