Bump cyclonedx-maven-plugin from 2.7.0 to 2.7.5

[dependabot[bot]]

Bumps cyclonedx-maven-plugin from 2.7.0 to 2.7.5.

Release notes

Sourced from cyclonedx-maven-plugin's releases.

2.7.5

• document and test verbose (#280) @​hboutemy
• simplify ITs code (#277) @​hboutemy
• extract model converter DI component from base mojo (#275) @​hboutemy
• move code out of base when possible (#268) @​hboutemy
• Simplify code (#267) @​hboutemy
• Explicit aggregate dependencies where necessary (#266) @​hboutemy
• clarify exclude* parameters (#265) @​hboutemy

🚀 New features and improvements

• add effective goal into BOM tool name (#283) @​hboutemy
• add outputDirectory parameter (#279) @​hboutemy
• Fix dependencies concealed during BOM creation, aligning more closely with the dependency graph (#256) @​knrc
• mark makeBom and makeAggregatedBom threadsafe as makePackageBom (#264) @​hboutemy

🐛 Bug Fixes

• don't warn with ERROR stacktrace on dependencies with bundle packaging (#278) @​hboutemy

📦 Dependency updates

• Bump maven-javadoc-plugin from 3.4.1 to 3.5.0 (#281) @​dependabot
• Bump maven-invoker-plugin from 3.4.0 to 3.5.0 (#282) @​dependabot
• Bump maven-enforcer-plugin from 3.1.0 to 3.2.1 (#270) @​dependabot
• Bump actions/checkout from 3.2.0 to 3.3.0 (#255) @​dependabot
• Bump junit-bom from 5.9.1 to 5.9.2 (#258) @​dependabot
• Bump maven-plugin-plugin from 3.7.0 to 3.7.1 (#260) @​dependabot
• Bump maven-plugin-annotations from 3.7.0 to 3.7.1 (#261) @​dependabot

Full Changelog: https://github.com/CycloneDX/cyclonedx-maven-plugin/compare/cyclonedx-maven-plugin-2.7.4...cyclonedx-maven-plugin-2.7.5

2.7.4

• code cleanup: move parameter to aggregate, simplify code (#249) @​hboutemy
• add goals description (#251) @​hboutemy
• add release-drafter configuration (#247) @​hboutemy
• fix multiple times BOM generation on multi-module makeAggregateBom (#242) @​hboutemy
• use project.url for component website instead of organisation url (#241) @​hboutemy
• improve README: no execution by default (#243) @​hboutemy
• Simplifying effective pom generation (#238) @​stevespringett
• Revert "don't use pom.distributionManagement.repository.url for BOM" (#244) @​stevespringett
• don't use pom.distributionManagement.repository.url for BOM (#239) @​hboutemy
• Add JUnit5 and vintage engine. #227 (#228) @​robertk3s
• directly document parameters so it's picked by generated goal documen… (#230) @​hboutemy
• add smoke tests for makeBom and makeAggregateBom (#234) @​hboutemy
• improve menu and breadcrumbs (#229) @​hboutemy

📦 Dependency updates

... (truncated)

Commits

• 8ff9c3a [maven-release-plugin] prepare release cyclonedx-maven-plugin-2.7.5
• ae16697 Removing version from example
• d383c50 Merge pull request #283 from CycloneDX/tool-goal
• 6132313 add effective goal into BOM tool name
• 1039975 Merge pull request #279 from CycloneDX/outputDirectory
• 3f5656e add outputDirectory parameter
• 4436ada Merge pull request #280 from CycloneDX/verbose
• 1dfb33a document and test verbose
• 38dca23 Bump maven-javadoc-plugin from 3.4.1 to 3.5.0
• 614fb84 Bump maven-invoker-plugin from 3.4.0 to 3.5.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)