Bump org.cyclonedx:cyclonedx-maven-plugin from 2.7.9 to 2.7.11

[dependabot]

Bumps org.cyclonedx:cyclonedx-maven-plugin from 2.7.9 to 2.7.11.

Release notes

Sourced from org.cyclonedx:cyclonedx-maven-plugin's releases.

2.7.11

🚀 New features and improvements

• rename convert methohds to explicit project vs dependency (#456) @​hboutemy
• cleanup unused code (#455) @​hboutemy
• test dependency type=zip for #431 (reverts #9) (#454) @​hboutemy
• Support metadata when dependency is any other dependency type than jar (#431) @​AlbGarciam
• Add support for custom external references (#428) @​vy
• Add a configuration option to skip undeployed artifacts (#435) @​ppkarwasz
• use metadata properties in UUID (#441) @​hboutemy
• Generate serial numbers deterministically (#420) (#425) @​vy

📦 Dependency updates

• define plugin-tools.version property (#453) @​hboutemy
• Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.10.2 to 3.11.0 (#451) @​dependabot
• Bump org.apache.maven.plugins:maven-plugin-report-plugin from 3.10.2 to 3.11.0 (#450) @​dependabot
• Bump org.apache.maven.plugins:maven-plugin-plugin from 3.10.2 to 3.11.0 (#449) @​dependabot
• Bump org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.12.1 (#447) @​dependabot
• Bump org.apache.maven.plugins:maven-plugin-plugin from 3.10.1 to 3.10.2 (#445) @​dependabot
• Bump org.apache.maven.plugins:maven-project-info-reports-plugin from 3.4.5 to 3.5.0 (#442) @​dependabot
• Bump org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0 (#443) @​dependabot
• Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.10.1 to 3.10.2 (#444) @​dependabot
• Bump org.junit:junit-bom from 5.10.0 to 5.10.1 (#422) @​dependabot
• Bump org.apache.maven.plugins:maven-plugin-report-plugin from 3.10.1 to 3.10.2 (#424) @​dependabot
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.0 to 3.6.3 (#438) @​dependabot
• Bump actions/setup-java from 3 to 4 (#437) @​dependabot
• Bump org.apache.maven.plugins:maven-plugin-report-plugin from 3.9.0 to 3.10.1 (#417) @​dependabot

2.7.10

🚀 New features and improvements

• Extended documentation by pointing out the allowed project types (#383) @​r4fterman
• [409] Removes non-deployed artifacts from SBOM (#416) @​ppkarwasz
• Addressing issue #388. Checking if URL is null, empty, or blank (usin… (#396) @​mtgag
• replace maven.reproducible property with cdx:reproducible (#392) @​hboutemy
• upgrade cyclonedx-maven-plugin to 2.7.9 to produce Reproducible SBOM (#368) @​hboutemy

🐛 Bug Fixes

• ignore bomGenerator.generate() call (#376) @​seanly
• switch to m-plugin-report-p introduced in 3.9.0 (#381) @​hboutemy

📦 Dependency updates

• Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.8.2 to 3.10.1 (#413) @​dependabot
• Bump org.apache.maven.plugins:maven-plugin-plugin from 3.9.0 to 3.10.1 (#412) @​dependabot
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.5.0 to 3.6.0 (#404) @​dependabot

... (truncated)

Commits

• 349fe7c [maven-release-plugin] prepare release cyclonedx-maven-plugin-2.7.11
• 2d130a0 rename convert methohds to explicit project vs dependency
• 051be8e cleanup unused code
• d0e6cb5 test dependency type=zip for #431 (reverts #9)
• 46837cd Update DefaultModelConverter.java to support Zip files
• dc90b21 define plugin-tools.version property
• 8836cbd Add support for custom external references (#428)
• 86410aa Bump org.apache.maven.plugin-tools:maven-plugin-annotations
• 4d71b50 Bump org.apache.maven.plugins:maven-plugin-report-plugin
• 70aae8e Bump org.apache.maven.plugins:maven-plugin-plugin from 3.10.2 to 3.11.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #723.