Fix Trivy arm64 scan: set TRIVY_PLATFORM to match image architecture

Trivy defaults to linux/amd64 when resolving remote image digests.
On the arm64 build job, the pushed digest is a single-platform arm64
image, so Trivy fails with 'no child with platform linux/amd64'.
Setting TRIVY_PLATFORM=linux/arm64 resolves this.

.github/workflows/build.yml

@@ -187,6 +187,8 @@ jobs:
 
     - name: Run Trivy vulnerability scanner (arm64)
       uses: aquasecurity/trivy-action@0.33.1
+      env:
+        TRIVY_PLATFORM: linux/arm64
       with:
         image-ref: 'ghcr.io/netbootxyz/netbootxyz@${{ steps.build.outputs.digest }}'
         version: 'v0.69.3'