Bump org.cyclonedx:cyclonedx-maven-plugin from 2.9.0 to 2.9.1 (#4951)

Bumps
[org.cyclonedx:cyclonedx-maven-plugin](https://github.com/CycloneDX/cyclonedx-maven-plugin)
from 2.9.0 to 2.9.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin/releases">org.cyclonedx:cyclonedx-maven-plugin's
releases</a>.</em></p>
<blockquote>
<h2>2.9.1</h2>
<!-- raw HTML omitted -->
<h2>🚀 New features and improvements</h2>
<ul>
<li>Make log output more easy to understand by sorting (<a
href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/542">#542</a>)
<a
href="https://github.com/Bananeweizen"><code>@​Bananeweizen</code></a></li>
<li>simplify code (<a
href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/577">#577</a>)
<a href="https://github.com/hboutemy"><code>@​hboutemy</code></a></li>
<li>share isBlank(String) (<a
href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/575">#575</a>)
<a href="https://github.com/hboutemy"><code>@​hboutemy</code></a></li>
<li>don't generate invalid SBOM on blank license: ignore instead (<a
href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/573">#573</a>)
<a href="https://github.com/fupgang"><code>@​fupgang</code></a></li>
</ul>
<h2>🐛 Bug Fixes</h2>
<ul>
<li>Fix incorrect component type in aggregated SBOM (Multi-module
project) (<a
href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/522">#522</a>)
<a
href="https://github.com/lonewalker0"><code>@​lonewalker0</code></a></li>
</ul>
<h2>📦 Dependency updates</h2>
<ul>
<li>Bump actions/checkout from 4.2.0 to 4.2.1 (<a
href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/565">#565</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
<h2>🔧 Build</h2>
<ul>
<li>upgrade github-pages-deploy-action (<a
href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/584">#584</a>)
<a href="https://github.com/hboutemy"><code>@​hboutemy</code></a></li>
<li>Bump org.apache.maven.plugins:maven-project-info-reports-plugin from
3.6.2 to 3.8.0 (<a
href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/570">#570</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump actions/checkout from 4.2.1 to 4.2.2 (<a
href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/571">#571</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.7
(<a
href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/561">#561</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.junit:junit-bom from 5.10.3 to 5.11.2 (<a
href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/pull/563">#563</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/f5ac98a223ab582fe23c4e431a68e21e8c68fafb"><code>f5ac98a</code></a>
[maven-release-plugin] prepare release cyclonedx-maven-plugin-2.9.1</li>
<li><a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/b8e2442f1eb1578d36aee5f00c36ec0cf47a80cc"><code>b8e2442</code></a>
upgrade github-pages-deploy-action</li>
<li><a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/2c95cf251c80d98f0166e383ce7c7223cae9a61f"><code>2c95cf2</code></a>
Bump org.apache.maven.plugins:maven-project-info-reports-plugin</li>
<li><a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/f988a79b3edfb8278e868296625cbf370970870b"><code>f988a79</code></a>
Bump actions/checkout from 4.2.1 to 4.2.2</li>
<li><a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/db2a35b908911d21c1d26da02beb5809ff0d2b13"><code>db2a35b</code></a>
Make log output more easy to understand by sorting dependencies</li>
<li><a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/6429094a8801cff001065a96be5122bf26069671"><code>6429094</code></a>
simplify code</li>
<li><a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/4450f3b4ea67465788f13c3a8f0f3f26a1466d0d"><code>4450f3b</code></a>
Fix incorrect component type in aggregated SBOM</li>
<li><a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/c02b50f5534a3edc281a05862d857e60ea627402"><code>c02b50f</code></a>
share isBlank(String)</li>
<li><a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/0bef0d03bf144ad0ecb29f774e7054a4ebec580c"><code>0bef0d0</code></a>
fixes <a
href="https://redirect.github.com/CycloneDX/cyclonedx-maven-plugin/issues/382">CycloneDX/cyclonedx-maven-plugin#382</a></li>
<li><a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin/commit/cf7d3001da6b13cdaadc1a7ea68278936c3682f9"><code>cf7d300</code></a>
Bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.7</li>
<li>Additional commits viewable in <a
href="https://github.com/CycloneDX/cyclonedx-maven-plugin/compare/cyclonedx-maven-plugin-2.9.0...cyclonedx-maven-plugin-2.9.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.cyclonedx:cyclonedx-maven-plugin&package-manager=maven&previous-version=2.9.0&new-version=2.9.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

pom.xml

@@ -596,7 +596,7 @@
                 <!-- For å få dependency graph i SLSA som pushes av docker-build-push parameter byosbom -->
                 <groupId>org.cyclonedx</groupId>
                 <artifactId>cyclonedx-maven-plugin</artifactId>
-                <version>2.9.0</version>
+                <version>2.9.1</version>
                 <executions>
                     <execution>
                         <phase>package</phase>