chore(deps): update module github.com/cyclonedx/cyclonedx-go to v0.9.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
github.com/CycloneDX/cyclonedx-go	v0.8.0 -> v0.9.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

CycloneDX/cyclonedx-go (github.com/CycloneDX/cyclonedx-go)

v0.9.0

Compare Source

Changelog

Features

• 729c284: feat: Add CycloneDX 1.6 fields swhid and omniborId (@​snyk-tim)
• b5d3595: feat: add manufacturer and authors (@​snyk-tim)
• c52e698: feat: raise baseline go version to 1.20 (@​nscuro)

Fixes

• 9166e10: fix: ioutil -> io (@​nscuro)
• 349fc8c: fix: add bom-ref to OrganizationalEntity/Contact (@​snyk-tim)
• c97da90: fix: handle breaking changes in skywalking-eyes (@​nscuro)

Building and Packaging

• ec6291e: build(deps): bump actions/checkout from 4.1.1 to 4.1.5 (@​dependabot[bot])
• 899fe39: build(deps): bump actions/checkout from 4.1.5 to 4.1.6 (@​dependabot[bot])
• 8674ed5: build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 (@​dependabot[bot])
• db3a114: build(deps): bump apache/skywalking-eyes from 0.4.0 to 0.6.0 (@​dependabot[bot])
• a3bd055: build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (@​dependabot[bot])
• 1179dd9: build(deps): bump gitpod/workspace-go from 8b9a0f6 to 8d15123 (@​dependabot[bot])
• d98494e: build(deps): bump gitpod/workspace-go from 9118b93 to 8b9a0f6 (@​dependabot[bot])
• 1e2a3a0: build(deps): bump gitpod/workspace-go from 94ae638 to 9118b93 (@​dependabot[bot])
• d4d6e35: build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (@​dependabot[bot])
• 521d1ce: build(deps): bump golangci/golangci-lint-action from 4.0.0 to 6.0.1 (@​dependabot[bot])
• f1ebafe: build(deps): bump goreleaser/goreleaser-action from 5.0.0 to 5.1.0 (@​dependabot[bot])

Others

• 16d2143: Fix(1.6): Added missing omitempty in NistQuantumSecurityLevel (@​Petzys)
• ffec473: chore: add license header (@​mcombuechen)
• 1f8fdcc: feat(1.6): add BOM.Declarations (@​mcombuechen)
• 62b5342: feat(1.6): add BOM.Definitions (@​mcombuechen)
• c33b9cb: feat(1.6): add CBOM types (@​Petzys)
• 10e10c8: feat(1.6): add JSON schema, XML namespace (@​mcombuechen)
• 2dc599a: feat(1.6): add License.Acknowledgement (@​mcombuechen)
• 7a32fde: feat(1.6): add PostalAddress type (@​mcombuechen)
• b8e4529: feat(1.6): add SpecVersion for v1.6 (@​mcombuechen)
• c877828: feat(1.6): add environmentalConsiderations (@​mcombuechen)
• e0e9c67: feat(1.6): add schema definitions for CycloneDX 1.6 (@​mcombuechen)
• b1636c2: feat(1.6): extend EvidenceOccurrence (@​mcombuechen)
• b4b3b94: fix(1.6): convert occurrences of OrganizationalEntity (@​mcombuechen)
• 9332ca6: fix(1.6): fix json, xml labels on BOM.Definitions (@​mcombuechen)

---

Configuration

📅 Schedule: Branch creation - "after 8am on Monday" in timezone Etc/UTC, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[paralta]

needs #1951

[renovate]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v0.9.0). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.