Update Go and various indirect code dependenciey

Merge pull request #14 from TomTonic/group-by-package

* Group by package
* Enhance context information/readability
* Restructure summary
* Add tool version information

Merge pull request #13 from TomTonic/password-support

* Add support for password encrypted archives (recursively, including multiple different passwords)
* Change extraction path to 7zip for all archive types that do not require a special tool (currently only InstallShield CAB via unshield) to reduce complexity and attack vector
* Enhance extraction error reporting
* Improve robustness and security
* Update dependencies

Update dependencies: bump syft to v1.44.0, docker/cli to v29.4.2, goo…

…kit/color to v1.6.1, pelletier/go-toml/v2 to v2.3.1, and pjbgf/sha1cd to v0.6.0

Merge pull request #11 from TomTonic/add-grype-scan

Add grype scan results to report

Increase robustness of 7-Zip binary detection/call

Co-authored-by: Copilot <copilot@github.com>

Fix: correct jq condition for checking extracted .cab files in releas…

…e test script

Co-authored-by: Copilot <copilot@github.com>

Pin go-diskfs to v1.7.0 via a replace in go.mod as github.com/anchore…

…/syft v1.43.0 expects the older go-diskfs API shape

Co-authored-by: Copilot <copilot@github.com>

Merge pull request #2 from TomTonic/copilot/fix-ci-race-detection-tests

fix: eliminate race-detector failures in buildinfo and orchestrator tests

Fix linter issues