cyclonedx-core-java-11.0.0

What's Changed

Breaking Changes 🚨

• Fix CryptoRef array type by @mr-zepol in #628

Enhancements 🚀

• Polish code for Validation by @mr-zepol in #613
• Add Extra Validations For Metadata by @mr-zepol in #612
• Bump SPDX license list to 3.26.0 by @nscuro in #647
• #640 Added license names to license-mapping.json by @bilak in #641
• chore: GH workflow permissions by @jkowalleck in #654
• feat: Add Apache 2 License by @jakub-bochenski in #677
• feat: Add Eclipse Public License Version 1.0 by @jakub-bochenski in #676
• feat: Add ASL, version 2 and LGPL, version 2.1 by @jakub-bochenski in #675
• feat: Add GPL v2 with the Classpath exception by @jakub-bochenski in #673
• Added mapping for CPL license by @t-swstk in #697
• Adjust release process for new Maven Central publishing by @nscuro in #713
• Bump SPDX license list to 3.27.0 by @stevenbuccini in #715
• Update README with steps to update license list by @stevenbuccini in #720

Bug Fixes 🐛

• Fix wrong property type in ComponentData.content by @mr-zepol in #627
• Fix failing GitHub Actions builds by @nscuro in #648
• Deserializer Nested Components in Metadata - Regression by @mr-zepol in #703
• Fix publish-snapshot workflow by @nscuro in #719
• Fix names of Maven Central secrets by @nscuro in #721

Dependency Updates 🤖

• Bump org.junit.jupiter:junit-jupiter-params from 5.12.0 to 5.12.1 by @dependabot[bot] in #615
• Bump org.junit.jupiter:junit-jupiter-engine from 5.12.0 to 5.12.1 by @dependabot[bot] in #614
• Bump actions/download-artifact from 4.1.9 to 4.2.0 by @dependabot[bot] in #617
• Bump actions/upload-artifact from 4.6.1 to 4.6.2 by @dependabot[bot] in #619
• Bump github/codeql-action from 3.28.11 to 3.28.12 by @dependabot[bot] in #620
• Bump actions/download-artifact from 4.2.0 to 4.2.1 by @dependabot[bot] in #618
• Bump github/codeql-action from 3.28.12 to 3.28.13 by @dependabot[bot] in #621
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.2 to 3.5.3 by @dependabot[bot] in #623
• Bump org.jacoco:jacoco-maven-plugin from 0.8.12 to 0.8.13 by @dependabot[bot] in #624
• Bump github/codeql-action from 3.28.13 to 3.28.15 by @dependabot[bot] in #625
• Bump commons-io:commons-io from 2.18.0 to 2.19.0 by @dependabot[bot] in #631
• Bump org.junit.jupiter:junit-jupiter-params from 5.12.1 to 5.12.2 by @dependabot[bot] in #630
• Bump org.junit.jupiter:junit-jupiter-engine from 5.12.1 to 5.12.2 by @dependabot[bot] in #629
• Bump org.apache.commons:commons-collections4 from 4.4 to 4.5.0 by @dependabot[bot] in #633
• Bump github/codeql-action from 3.28.15 to 3.28.16 by @dependabot[bot] in #634
• Bump actions/download-artifact from 4.2.1 to 4.3.0 by @dependabot[bot] in #635
• Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml from 2.18.3 to 2.19.0 by @dependabot[bot] in #636
• Bump com.networknt:json-schema-validator from 1.5.6 to 1.5.7 by @dependabot[bot] in #644
• Bump github/codeql-action from 3.28.16 to 3.28.18 by @dependabot[bot] in #639
• Bump org.junit.jupiter:junit-jupiter-engine from 5.12.2 to 5.13.0 by @dependabot[bot] in #646
• Bump github/codeql-action from 3.28.18 to 3.28.19 by @dependabot[bot] in #649
• Bump org.junit.jupiter:junit-jupiter-params from 5.12.2 to 5.13.0 by @dependabot[bot] in #645
• Bump github/codeql-action from 3.28.19 to 3.29.0 by @dependabot[bot] in #650
• Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml from 2.19.0 to 2.19.1 by @dependabot[bot] in #651
• Bump org.junit.jupiter:junit-jupiter-params from 5.13.1 to 5.13.2 by @dependabot[bot] in #653
• Bump org.junit.jupiter:junit-jupiter-engine from 5.13.1 to 5.13.2 by @dependabot[bot] in #652
• Bump org.junit.jupiter:junit-jupiter-params from 5.13.2 to 5.13.3 by @dependabot[bot] in #660
• Bump org.junit.jupiter:junit-jupiter-engine from 5.13.2 to 5.13.3 by @dependabot[bot] in #661
• Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.5.0 to 3.6.0 by @dependabot[bot] in #659
• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.7 to 3.2.8 by @dependabot[bot] in #658
• Bump github/codeql-action from 3.29.0 to 3.29.2 by @dependabot[bot] in #657
• Bump com.networknt:json-schema-validator from 1.5.7 to 1.5.8 by @dependabot[bot] in #656
• Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 by @dependabot[bot] in #662
• Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.6.0 to 3.6.1 by @dependabot[bot] in #664
• Bump commons-io:commons-io from 2.19.0 to 2.20.0 by @dependabot[bot] in #668
• Bump github/codeql-action from 3.29.2 to 3.29.3 by @dependabot[bot] in #669
• Bump commons-codec:commons-codec from 1.18.0 to 1.19.0 by @dependabot[bot] in #671
• Use Maven BOM for Jackson and JUnit by @nscuro in #670
• Bump github/codeql-action from 3.29.3 to 3.29.4 by @dependabot[bot] in #672
• Bump github/codeql-action from 3.29.4 to 3.29.5 by @dependabot[bot] in #680
• Bump actions/download-artifact from 4.3.0 to 5.0.0 by @dependabot[bot] in #690
• Bump github/codeql-action from 3.29.7 to 3.29.9 by @dependabot[bot] in #695
• Bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #694
• Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 by @dependabot[bot] in #691
• Bump actions/setup-java from 4.7.1 to 5.0.0 by @dependabot[bot] in #700
• Bump github/codeql-action from 3.29.9 to 3.29.11 by @dependabot[bot] in #701
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.2 to 3.11.3 by @dependabot[bot] in #696
• Bump com.fasterxml.jackson:jackson-bom from 2.19.2 to 2.20.0 by @dependabot[bot] in #702
• chore(deps): Bump github/codeql-action from 3.29.11 to 3.30.0 by @dependabot[bot] in #704
• chore(deps): Bump github/codeql-action from 3.30.0 to 3.30.1 by @dependabot[bot] in #705
• chore(deps): Bump github/codeql-action from 3.30.1 to 3.30.2 by @dependabot[bot] in #706
• chore(deps): Bump github/codeql-action from 3.30.2 to 3.30.3 by @dependabot[bot] in #707
• chore(deps): Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.3 to 3.5.4 by @dependabot[bot] in #709
• chore(...

cyclonedx-core-java-10.2.1

What's Changed

Enhancements 🚀

• Support extended ISO 8601 for Date parsing by @mr-zepol in #588
• Remove duplicated code by @mr-zepol in #591

Dependency Updates 🤖

• Bump org.assertj:assertj-core from 3.27.0 to 3.27.1 by @dependabot in #584
• Bump commons-codec:commons-codec from 1.17.1 to 1.17.2 by @dependabot in #586
• Bump org.assertj:assertj-core from 3.27.1 to 3.27.2 by @dependabot in #585
• Bump actions/upload-artifact from 4.5.0 to 4.6.0 by @dependabot in #587
• Bump github/codeql-action from 3.28.0 to 3.28.1 by @dependabot in #589
• Bump com.networknt:json-schema-validator from 1.5.4 to 1.5.5 by @dependabot in #590
• Bump org.assertj:assertj-core from 3.27.2 to 3.27.3 by @dependabot in #592
• Bump github/codeql-action from 3.28.1 to 3.28.3 by @dependabot in #594
• Bump github/codeql-action from 3.28.3 to 3.28.4 by @dependabot in #595
• Bump github/codeql-action from 3.28.4 to 3.28.5 by @dependabot in #596
• Bump commons-codec:commons-codec from 1.17.2 to 1.18.0 by @dependabot in #598
• Bump github/codeql-action from 3.28.5 to 3.28.6 by @dependabot in #597
• Bump github/codeql-action from 3.28.6 to 3.28.8 by @dependabot in #601
• Bump com.networknt:json-schema-validator from 1.5.5 to 1.5.6 by @dependabot in #603
• Bump JamesIves/github-pages-deploy-action from 4.7.2 to 4.7.3 by @dependabot in #604
• Bump github/codeql-action from 3.28.8 to 3.28.9 by @dependabot in #602
• Bump github/codeql-action from 3.28.9 to 3.28.10 by @dependabot in #608
• Bump actions/upload-artifact from 4.6.0 to 4.6.1 by @dependabot in #607
• Bump org.junit.jupiter:junit-jupiter-engine from 5.11.4 to 5.12.0 by @dependabot in #606
• Bump org.junit.jupiter:junit-jupiter-params from 5.11.4 to 5.12.0 by @dependabot in #605
• Bump actions/download-artifact from 4.1.8 to 4.1.9 by @dependabot in #609
• Bump github/codeql-action from 3.28.10 to 3.28.11 by @dependabot in #611
• Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml from 2.18.2 to 2.18.3 by @dependabot in #610

Full Changelog: cyclonedx-core-java-10.1.0...cyclonedx-core-java-10.2.1

cyclonedx-core-java-10.1.0

What's Changed

Enhancements 🚀

• Add new Enum based on the spec for acknoledgement by @mr-zepol in #579
• Add util methods in different classes by @mr-zepol in #578
• Better separation of tests depending on specific Java versions by @Bananeweizen in #581

Bug Fixes 🐛

• Fix UnsupportedOperationException when modifying an existing metadata.tools list by @mr-zepol in #574

Dependency Updates 🤖

• Bump github/codeql-action from 3.27.7 to 3.27.9 by @dependabot in #572
• Bump actions/upload-artifact from 4.4.3 to 4.5.0 by @dependabot in #577
• Bump org.junit.jupiter:junit-jupiter-params from 5.11.3 to 5.11.4 by @dependabot in #575
• Bump org.junit.jupiter:junit-jupiter-engine from 5.11.3 to 5.11.4 by @dependabot in #576
• Bump org.assertj:assertj-core from 3.26.3 to 3.27.0 by @dependabot in #580
• Bump github/codeql-action from 3.27.9 to 3.28.0 by @dependabot in #582

Other Changes

• docs: add version 10.x by @jkowalleck in #573

New Contributors

• @Bananeweizen made their first contribution in #581

Full Changelog: cyclonedx-core-java-10.0.0...cyclonedx-core-java-10.1.0

cyclonedx-core-java-10.0.0

What's Changed

Breaking Changes 🚨

• Support CycloneDX 1.6.1 by @jkowalleck & @mr-zepol in #552
• Move classes from package by @mr-zepol in #501
• Fix Env vars de/serialization for formulation by @mr-zepol in #486
• Fix Issue 498 by @mr-zepol in #500

Enhancements 🚀

• Reduce duplicated code by @mr-zepol in #556
• Update vulnerabilities to use new Tool specification by @shaikhu in #438
• feat: enhance enums to have from*(String) methods by @jeremylong in #561
• Allow to specify prettyPrint for toJsonString method by @mr-zepol in #569

Bug Fixes 🐛

• Fix incorrect (de-) serialization of tools by @mr-zepol in #568

Dependency Updates 🤖

• Bump com.networknt:json-schema-validator from 1.5.2 to 1.5.3 by @dependabot in #545
• Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml from 2.18.0 to 2.18.1 by @dependabot in #544
• Bump JamesIves/github-pages-deploy-action from 4.6.8 to 4.6.9 by @dependabot in #548
• Bump org.junit.jupiter:junit-jupiter-engine from 5.11.2 to 5.11.3 by @dependabot in #540
• Bump org.junit.jupiter:junit-jupiter-params from 5.11.2 to 5.11.3 by @dependabot in #539
• Bump commons-io:commons-io from 2.17.0 to 2.18.0 by @dependabot in #555
• Bump github/codeql-action from 3.26.13 to 3.27.5 by @dependabot in #553
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.1 to 3.5.2 by @dependabot in #554
• Bump actions/checkout from 4.2.1 to 4.2.2 by @dependabot in #542
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.10.1 to 3.11.1 by @dependabot in #546
• Bump actions/setup-java from 4.4.0 to 4.5.0 by @dependabot in #543
• Bump com.networknt:json-schema-validator from 1.5.3 to 1.5.4 by @dependabot in #557
• Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml from 2.18.1 to 2.18.2 by @dependabot in #558
• Bump org.cyclonedx:cyclonedx-maven-plugin from 2.9.0 to 2.9.1 by @dependabot in #560
• Bump JamesIves/github-pages-deploy-action from 4.6.9 to 4.7.1 by @dependabot in #559
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.1 to 3.11.2 by @dependabot in #567
• Bump github/codeql-action from 3.27.5 to 3.27.6 by @dependabot in #564
• Bump JamesIves/github-pages-deploy-action from 4.7.1 to 4.7.2 by @dependabot in #563
• Bump github/codeql-action from 3.27.6 to 3.27.7 by @dependabot in #570

New Contributors

• @jkowalleck made their first contribution in #552
• @shaikhu made their first contribution in #438
• @jeremylong made their first contribution in #561

Full Changelog: cyclonedx-core-java-9.1.0...cyclonedx-core-java-10.0.0

cyclonedx-core-java-9.1.0

What's Changed

Enhancements 🚀

• Fix Issue 462 by @mr-zepol in #493
• Code Improvements by @mr-zepol in #504
• Polish Code by @mr-zepol in #499
• Enhancements and polish code by @mr-zepol in #506

Bug Fixes 🐛

• Fix Issue 385 by @mr-zepol in #502
• Fix NPE when deserializing OrganizationalEntity without name by @nscuro in #508
• Fix apidocs path for doc publish workflow by @nscuro in #535

Dependency Updates 🤖

• Bump github/codeql-action from 3.25.15 to 3.26.0 by @dependabot in #475
• Bump actions/upload-artifact from 4.3.5 to 4.3.6 by @dependabot in #476
• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.5 by @dependabot in #478
• Bump github/codeql-action from 3.26.0 to 3.26.1 by @dependabot in #479
• Bump github/codeql-action from 3.26.1 to 3.26.2 by @dependabot in #482
• Bump org.junit.jupiter:junit-jupiter-engine from 5.10.3 to 5.11.0 by @dependabot in #480
• Bump org.junit.jupiter:junit-jupiter-params from 5.10.3 to 5.11.0 by @dependabot in #481
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.1 to 3.4.0 by @dependabot in #483
• Bump org.apache.commons:commons-lang3 from 3.15.0 to 3.16.0 by @dependabot in #477
• Bump github/codeql-action from 3.26.2 to 3.26.3 by @dependabot in #484
• Bump github/codeql-action from 3.26.3 to 3.26.5 by @dependabot in #487
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.8.0 to 3.10.0 by @dependabot in #488
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.4.0 to 3.5.0 by @dependabot in #489
• Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 by @dependabot in #491
• Bump github/codeql-action from 3.26.5 to 3.26.6 by @dependabot in #490
• Bump actions/upload-artifact from 4.3.6 to 4.4.0 by @dependabot in #494
• Bump JamesIves/github-pages-deploy-action from 4.6.3 to 4.6.4 by @dependabot in #496
• Bump actions/setup-java from 4.2.2 to 4.3.0 by @dependabot in #503
• Bump github/codeql-action from 3.26.6 to 3.26.7 by @dependabot in #510
• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.5 to 3.2.6 by @dependabot in #509
• Bump com.networknt:json-schema-validator from 1.5.1 to 1.5.2 by @dependabot in #513
• Bump github/codeql-action from 3.26.7 to 3.26.8 by @dependabot in #512
• Bump org.junit.jupiter:junit-jupiter-engine from 5.11.0 to 5.11.1 by @dependabot in #515
• Bump org.junit.jupiter:junit-jupiter-params from 5.11.0 to 5.11.1 by @dependabot in #514
• Bump actions/setup-java from 4.3.0 to 4.4.0 by @dependabot in #516
• Bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in #519
• Bump org.cyclonedx:cyclonedx-maven-plugin from 2.8.1 to 2.8.2 by @dependabot in #518
• Bump github/codeql-action from 3.26.8 to 3.26.9 by @dependabot in #517
• Bump JamesIves/github-pages-deploy-action from 4.6.4 to 4.6.8 by @dependabot in #522
• Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.6 to 3.2.7 by @dependabot in #521
• Bump github/codeql-action from 3.26.9 to 3.26.10 by @dependabot in #523
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.0 to 3.5.1 by @dependabot in #527
• Bump org.junit.jupiter:junit-jupiter-params from 5.11.1 to 5.11.2 by @dependabot in #526
• Bump github/codeql-action from 3.26.10 to 3.26.12 by @dependabot in #532
• Bump actions/checkout from 4.2.0 to 4.2.1 by @dependabot in #530
• Bump actions/upload-artifact from 4.4.0 to 4.4.1 by @dependabot in #531
• Bump org.cyclonedx:cyclonedx-maven-plugin from 2.8.2 to 2.9.0 by @dependabot in #529
• Bump org.junit.jupiter:junit-jupiter-engine from 5.11.1 to 5.11.2 by @dependabot in #528
• Bump commons-io:commons-io from 2.16.1 to 2.17.0 by @dependabot in #511
• Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml from 2.17.2 to 2.18.0 by @dependabot in #520
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.10.0 to 3.10.1 by @dependabot in #524
• Bump actions/upload-artifact from 4.4.1 to 4.4.2 by @dependabot in #533
• Bump actions/upload-artifact from 4.4.2 to 4.4.3 by @dependabot in #534
• Bump github/codeql-action from 3.26.12 to 3.26.13 by @dependabot in #537

Other Changes

• Bump version to 9.1.0-SNAPSHOT by @nscuro in #536

Full Changelog: cyclonedx-core-java-9.0.5...cyclonedx-core-java-9.1.0

cyclonedx-core-java-9.0.5

What's Changed

Enhancements 🚀

• Teach versions / generators about their supported file formats by @sschuberth in #445
• BOM string creation improvements by @sschuberth in #459
• Make Vulnerability objects comparable by value by @SaberStrat in #464

Bug Fixes 🐛

• Handle serialization of empty LicenseChoice correctly by @patveck in #441
• Fix missing offline mapping for jsf-0.82.schema.json by @nscuro in #469
• Fix ObjectLocator not working when BOM doesn't have a metadata.component node by @nscuro in #456

Dependency Updates 🤖

• Bump com.networknt:json-schema-validator from 1.4.2 to 1.4.3 by @dependabot in #440
• Bump org.junit.jupiter:junit-jupiter-engine from 5.10.2 to 5.10.3 by @dependabot in #442
• Bump org.junit.jupiter:junit-jupiter-params from 5.10.2 to 5.10.3 by @dependabot in #443
• Bump actions/upload-artifact from 4.3.3 to 4.3.4 by @dependabot in #451
• Bump actions/download-artifact from 4.1.7 to 4.1.8 by @dependabot in #452
• Bump JamesIves/github-pages-deploy-action from 4.6.1 to 4.6.3 by @dependabot in #450
• Bump com.fasterxml.jackson.dataformat:jackson-dataformat-xml from 2.17.1 to 2.17.2 by @dependabot in #449
• Bump com.networknt:json-schema-validator from 1.4.3 to 1.5.0 by @dependabot in #448
• Bump org.assertj:assertj-core from 3.26.0 to 3.26.3 by @dependabot in #453
• Bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in #444
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.3.1 by @dependabot in #454
• Bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #458
• Bump org.apache.maven.plugins:maven-release-plugin from 3.1.0 to 3.1.1 by @dependabot in #457
• Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 by @dependabot in #461
• Bump commons-codec:commons-codec from 1.17.0 to 1.17.1 by @dependabot in #460
• Bump actions/setup-java from 4.2.1 to 4.2.2 by @dependabot in #474
• Bump actions/upload-artifact from 4.3.4 to 4.3.5 by @dependabot in #473
• Bump org.cyclonedx:cyclonedx-maven-plugin from 2.8.0 to 2.8.1 by @dependabot in #472
• Bump github/codeql-action from 3.25.12 to 3.25.15 by @dependabot in #470
• Bump com.networknt:json-schema-validator from 1.5.0 to 1.5.1 by @dependabot in #467
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.7.0 to 3.8.0 by @dependabot in #465

New Contributors

• @patveck made their first contribution in #441
• @SaberStrat made their first contribution in #464

Full Changelog: cyclonedx-core-java-9.0.4...cyclonedx-core-java-9.0.5

9.0.4

What's Changed

Enhancements 🚀

• Add GitHub release notes config; Remove release-drafter by @nscuro in #432

Bug Fixes 🐛

• Fix possible XXE during XML schema version detection by @mr-zepol in #434
  • See also security advisory GHSA-683x-4444-jxh8
• Fix path to jacoco.xml for PR coverage reporting by @nscuro in #433

Dependency Updates 🤖

• Bump org.apache.maven.plugins:maven-jar-plugin from 3.4.1 to 3.4.2 by @dependabot in #435
• Bump com.networknt:json-schema-validator from 1.4.0 to 1.4.2 by @dependabot in #436

Full Changelog: cyclonedx-core-java-9.0.3...cyclonedx-core-java-9.0.4

cyclonedx-core-java-9.0.3

What's Changed

• Code Improvements by @mr-zepol in #376
• Add extensible types during license serialization by @mr-zepol in #414
• Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.7.0 by @dependabot in #417
• Bump org.apache.maven.plugins:maven-enforcer-plugin from 3.4.1 to 3.5.0 by @dependabot in #415
• Add missing equals and hashCode by @mr-zepol in #419
• Bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #420
• Fix Evidence Serialization by @mr-zepol in #423
• Improve De/Serializer by @mr-zepol in #421
• Add Missing Annotations to filter based on spec by @mr-zepol in #416
• External References and Metadata Validations by @mr-zepol in #426
• Add CODEOWNERS file by @nscuro in #425
• Serializer for Properties and Hashes for backwards compatibility by @mr-zepol in #428
• Bump org.apache.maven.plugins:maven-release-plugin from 3.0.1 to 3.1.0 by @dependabot in #429
• Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.3.0 by @dependabot in #430
• CI pipeline improvements by @nscuro in #424
• Fix order of elements for generated SBOMs to match the specs by @mr-zepol in #431

Full Changelog: https://github.com/CycloneDX/cyclonedx-core-java/commits/cyclonedx-core-java-9.0.3