fix(ci): Renovate가 docker/cli를 github-tags로 추적

docker/Dockerfile

@@ -56,7 +56,7 @@
 ARG TARGETARCH=amd64
 # docker CLI (client only) — lets the web UI source scan launch cdxgen language
 # images as sibling containers via the mounted host socket (transitive deps).
-# renovate: datasource=github-releases depName=docker/cli extractVersion=^v(?<version>.+)$
+# renovate: datasource=github-tags depName=docker/cli extractVersion=^v(?<version>.+)$
 ARG DOCKER_CLI_VERSION=27.5.1
 
 # Firmware analysis (opt-in image `sbom-scanner-firmware`). GPL tools are isolated
@@ -72,12 +72,12 @@
 # jq (helper scripts), curl/tar (installers), file (binary mode),
 # git (web UI 'GitHub URL' ingestion: server.py clones into a temp source tree).
 # python3 + pip are already in the python:3.12-slim base (web UI + scancode).
 RUN apt-get update && apt-get install -y --no-install-recommends \
     jq curl wget ca-certificates bash tar file git \
     && rm -rf /var/lib/apt/lists/*
 
 # syft — image/binary/RootFS scanning (pinned)
 RUN curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh \
     | sh -s -- -b /usr/local/bin "${SYFT_VERSION}" \
     && syft version
 
@@ -142,7 +142,7 @@
 #   NOTE: the PyPI `binwalk` 2.x dist is broken (no binwalk.core), so it is NOT
 #   installed; unsquashfs covers the common squashfs case. vendor-modified
 #   (non-standard) squashfs still needs sasquatch added on top of this.
 RUN if [ "$SBOM_FIRMWARE" = "true" ]; then \
       apt-get update && apt-get install -y --no-install-recommends \
         squashfs-tools e2fsprogs p7zip-full unar cpio cabextract \
         lzop zstd lz4 liblzo2-2 zlib1g \