Bump io.opentelemetry.instrumentation:opentelemetry-instrumentation-a…

…pi from 2.7.0 to 2.8.0 (#265)

* Bump io.opentelemetry.instrumentation:opentelemetry-instrumentation-api

Bumps [io.opentelemetry.instrumentation:opentelemetry-instrumentation-api](https://github.com/open-telemetry/opentelemetry-java-instrumentation) from 2.7.0 to 2.8.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-java-instrumentation@v2.7.0...v2.8.0)

---
updated-dependencies:
- dependency-name: io.opentelemetry.instrumentation:opentelemetry-instrumentation-api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update .trivyignore

* Update .trivyignore

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Thomas Reppesgård <thr@digdir.no>

.trivyignore

@@ -1 +1,2 @@
-
+CVE-2024-38816 # spring-framework: Path Traversal Vulnerability in Spring Applications Using RouterFunctions and FileSystemResource
+CVE-2024-34156 # encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures...

pom.xml

@@ -22,7 +22,7 @@
         <surefire.plugin.version>3.5.0</surefire.plugin.version>
         <idporten.actuator.version>1.2.0</idporten.actuator.version>
         <idporten-access-log-spring-boot-starter.version>2.4.3</idporten-access-log-spring-boot-starter.version>
-        <open.telemetry.version>2.7.0</open.telemetry.version>
+        <open.telemetry.version>2.8.0</open.telemetry.version>
         <snakeyaml.version>2.0</snakeyaml.version><!-- To avoid CVE-2022-1471  -->
     </properties>