downgrade trivy to v0.54.1

[prezha]

this pr downgrades trivy back to v0.54.1

background:

i think i found a bug in trivy that is causing the file does not exist issue we seen while scanning tar-ed helm charts with with newer (ie, 0.55.2) trivy versions - tl;dr:

• helm parser calls ParseFS() recursively that in turn uses fs.WalkDir() which is also recursive
• once an archive is processed, it gets removed from the memoryfs.FS
• now, while returning from recursive calls, the "parent" caller might try to process archive that was previously known to fs.WalkDir() to exist, but the "child" might have already processed and removed it
• so, we'd need to detect and skip those

the bug was probably introduced in commit e95152f as part of the pr#7289, where a check was removed, which further means that it was probably introduced in trivy v0.55.0 but it was working in v0.54.1

next steps:

• we could revert/update our buildkite plugin to use trivy v0.54.1 (this pr)
• i'll look into proposing a pr to fix this upstream, but the process for that is a bit tedious (you cannot open an issue/pr, you have to go through discussions first)