build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.8.0 to 0.9.0

[dependabot[bot]]

Bumps github.com/CycloneDX/cyclonedx-go from 0.8.0 to 0.9.0.

Release notes

Sourced from github.com/CycloneDX/cyclonedx-go's releases.

v0.9.0

Changelog

Features

• 729c284798ebe341ced210b661362f77d68cd655: feat: Add CycloneDX 1.6 fields swhid and omniborId (@​snyk-tim)
• b5d35959767efce95f50e96bf752c47fbe374496: feat: add manufacturer and authors (@​snyk-tim)
• c52e698d2fe3fbd60df6ff397f44e7b0ea15a4bc: feat: raise baseline go version to 1.20 (@​nscuro)

Fixes

• 9166e10fdecaadd8a97ceed9636261d351d90a65: fix: ioutil -> io (@​nscuro)
• 349fc8cd072e90d81c0328f1d9dab16aa30fcf60: fix: add bom-ref to OrganizationalEntity/Contact (@​snyk-tim)
• c97da90e259e0051e02e07300c75ad5e37a0311b: fix: handle breaking changes in skywalking-eyes (@​nscuro)

Building and Packaging

• ec6291e9ce9efbbb5d0010de4d8668fcbd05d148: build(deps): bump actions/checkout from 4.1.1 to 4.1.5 (@​dependabot[bot])
• 899fe391ca4d756f1d5ba84478d3bc8795003cba: build(deps): bump actions/checkout from 4.1.5 to 4.1.6 (@​dependabot[bot])
• 8674ed5ecc38b65e03908b5a74308c95039068a9: build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 (@​dependabot[bot])
• db3a1144a2ce30b85e5985d2755fa3e4a81c5ca8: build(deps): bump apache/skywalking-eyes from 0.4.0 to 0.6.0 (@​dependabot[bot])
• a3bd05518575f14d917685a02c689f81eedaad5c: build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (@​dependabot[bot])
• 1179dd9051112c3b44a6cc577964c7d501a7258b: build(deps): bump gitpod/workspace-go from 8b9a0f6 to 8d15123 (@​dependabot[bot])
• d98494ea11dbb6550705d46d2473aa2a4a18e642: build(deps): bump gitpod/workspace-go from 9118b93 to 8b9a0f6 (@​dependabot[bot])
• 1e2a3a09e86d720729a3ab7ec55ed3ffa75164a5: build(deps): bump gitpod/workspace-go from 94ae638 to 9118b93 (@​dependabot[bot])
• d4d6e35fcfb08d14589b4a693aac3f28978b640b: build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (@​dependabot[bot])
• 521d1ce7b555013f2b78d8c4a21954815863ab44: build(deps): bump golangci/golangci-lint-action from 4.0.0 to 6.0.1 (@​dependabot[bot])
• f1ebafe5e2d2af3a3d551eb23c583a93b7ebccbf: build(deps): bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 (@​dependabot[bot])

Others

• 16d2143b3d74b77af8a309b331e1bc46a445f495: Fix(1.6): Added missing omitempty in NistQuantumSecurityLevel (@​Petzys)
• ffec473428073e1266169e97c1c64de95e89981b: chore: add license header (@​mcombuechen)
• 1f8fdcc0047611a8baacfcd214c5ba3821fefd51: feat(1.6): add BOM.Declarations (@​mcombuechen)
• 62b53429289d6cc6884b111256588150e3fed308: feat(1.6): add BOM.Definitions (@​mcombuechen)
• c33b9cb58eaa14e89740182fbde2a0cc888bc457: feat(1.6): add CBOM types (@​Petzys)
• 10e10c8bc8fcac6f90c914828786f11e404919b8: feat(1.6): add JSON schema, XML namespace (@​mcombuechen)
• 2dc599a8ad0f2be20e9bfc55ba75764758e6c7b8: feat(1.6): add License.Acknowledgement (@​mcombuechen)
• 7a32fde7e9e9e5fb44f8f8aafadd83a21ff82aaf: feat(1.6): add PostalAddress type (@​mcombuechen)
• b8e4529773c3d12b172729567574ea6201231682: feat(1.6): add SpecVersion for v1.6 (@​mcombuechen)
• c8778287f29dd21bff18a4f27f71f495de7b4991: feat(1.6): add environmentalConsiderations (@​mcombuechen)
• e0e9c670e1617adbdd147cff7cc0747769a4e723: feat(1.6): add schema definitions for CycloneDX 1.6 (@​mcombuechen)
• b1636c2d6bb8aca4161402958a8d894aab7d66b5: feat(1.6): extend EvidenceOccurrence (@​mcombuechen)
• b4b3b94a60b1665c1d0492744032a9375ef751b1: fix(1.6): convert occurrences of OrganizationalEntity (@​mcombuechen)
• 9332ca660b772bc538b3c274ceb3d9f81caa0eb8: fix(1.6): fix json, xml labels on BOM.Definitions (@​mcombuechen)

Commits

• 98a070d Merge pull request #184 from CycloneDX/go-1.20
• 07eb476 Merge pull request #139 from CycloneDX/dependabot/github_actions/apache/skywa...
• 9166e10 fix: ioutil -> io
• c97da90 fix: handle breaking changes in skywalking-eyes
• c52e698 feat: raise baseline go version to 1.20
• b1ff85b Merge pull request #181 from CycloneDX/dependabot/docker/gitpod/workspace-go-...
• 64d6336 Merge pull request #182 from CycloneDX/spec/1.6
• 199cd18 Merge pull request #183 from snyk/fix/convert-lic-header
• ffec473 chore: add license header
• 1179dd9 build(deps): bump gitpod/workspace-go from 8b9a0f6 to 8d15123
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[nscuro]

@dependabot recreate

[nscuro]

@dependabot rebase

[dependabot[bot]]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.