chore: Bump org.cyclonedx:cyclonedx-maven-plugin from 2.7.9 to 2.8.1

[dependabot]

Bumps org.cyclonedx:cyclonedx-maven-plugin from 2.7.9 to 2.8.1.

Release notes

Sourced from org.cyclonedx:cyclonedx-maven-plugin's releases.

2.8.1

🚀 New features and improvements

• replace CDX 1.5 deprecated tool (#517) @​hboutemy
• make classifier used to attach the sbom configurable (#506) @​hboutemy

📦 Dependency updates

• upgrade cyclonedx-maven-plugin from 2.7.9 to 2.8.0 (#536) @​hboutemy
• Bump net.javacrumbs.json-unit:json-unit-assertj from 2.38.0 to 2.40.1 (#532) @​dependabot
• Bump org.apache.maven.plugins:maven-release-plugin from 3.0.1 to 3.1.1 (#535) @​dependabot
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.7.0 to 3.8.0 (#533) @​dependabot
• Bump org.junit:junit-bom from 5.10.2 to 5.10.3 (#527) @​dependabot
• Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.1 to 3.4.2 (#528) @​dependabot
• Bump plugin-tools.version from 3.13.0 to 3.13.1 (#519) @​dependabot
• Bump org.apache.maven.plugins:maven-project-info-reports-plugin from 3.5.0 to 3.6.1 (#525) @​dependabot
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 (#511) @​dependabot
• Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.1 to 3.7.0 (#512) @​dependabot
• Bump actions/checkout from 4.1.6 to 4.1.7 (#515) @​dependabot
• Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0 (#509) @​dependabot
• Bump org.apache.maven.shared:maven-dependency-tree from 3.2.1 to 3.3.0 (#508) @​dependabot
• Bump org.apache.maven.plugins:maven-source-plugin from 3.3.0 to 3.3.1 (#507) @​dependabot
• Bump org.apache.maven.shared:maven-dependency-analyzer from 1.13.2 to 1.14.1 (#503) @​dependabot
• Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 (#501) @​dependabot
• Bump plugin-tools.version from 3.12.0 to 3.13.0 (#499) @​dependabot
• Bump actions/checkout from 4.1.5 to 4.1.6 (#502) @​dependabot
• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.4 (#488) @​dependabot
• Bump org.apache.maven.plugins:maven-invoker-plugin from 3.5.1 to 3.6.1 (#482) @​dependabot
• Bump org.apache.maven.plugins:maven-jar-plugin from 3.3.0 to 3.4.1 (#490) @​dependabot
• Bump actions/checkout from 4.1.2 to 4.1.5 (#496) @​dependabot
• Bump plugin-tools.version from 3.11.0 to 3.12.0 (#484) @​dependabot

2.8.0

• Update CycloneDX Description Text (#461) @​msymons

🚀 New features and improvements

• convert external reference type by value instead of CONSTANT_NAME (#480) @​hboutemy
• distribution-intake external reference is more accurate (#477) @​hboutemy
• add 'build' lifecycle when CDX 1.5 (#462) @​hboutemy
• document SBOM external references (#459) @​hboutemy
• improve site generation (#458) @​hboutemy
• upgrade to CycloneDX 1.5 (#457) @​hboutemy

🐛 Bug Fixes

• check if configured schemaVersion is supported (#479) @​hboutemy

... (truncated)

Commits

• 2de88e5 [maven-release-plugin] prepare release cyclonedx-maven-plugin-2.8.1
• 1510a02 upgrade cyclonedx-maven-plugin from 2.7.9 to 2.8.0
• 448d117 Bump net.javacrumbs.json-unit:json-unit-assertj from 2.38.0 to 2.40.1
• cfcf26b Bump org.apache.maven.plugins:maven-release-plugin from 3.0.1 to 3.1.1
• f95fe87 Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.7.0 to 3.8.0
• 4ee61c3 Bump org.junit:junit-bom from 5.10.2 to 5.10.3
• 8eb5316 Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.1 to 3.4.2
• 4c77122 replace CDX 1.5 deprecated tool
• 7f34a10 Bump plugin-tools.version from 3.13.0 to 3.13.1
• ab713bb Bump org.apache.maven.plugins:maven-project-info-reports-plugin
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[berezovskyi]

@dependabot rebase

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

[berezovskyi]

@dependabot rebase

[dependabot]

Looks like this PR is already up-to-date with master! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[berezovskyi]

@dependabot recreate

[dependabot]

Superseded by #619.