Summary

Syft needs a way where we can inject the scanner via API rather than injecting a config that then creates the scanner. It's either this or syft needs to expose a way to retrieve the scanner from context that it's using so grant can share the same scanner during its own license analysis.