5.3.0

Fixed

• Qualified PackageURLs (via #1503)

Changed

• Take care of PackageURL generation ourselves, now (via #1503)
  Previously, this was done at best-effort by a 3rd-party library.

Dependencies

• Upgraded runtime-dependency @cyclonedx/cyclonedx-library@^10.0.0 now, was @^9.2.0 (via #1503)
• Added runtime-dependency packageurl-js@^2.0.1 (via #1503)
• Added runtime-dependency spdx-expression-parse@^3.0.1||^4.0.0 (via #1503)

---

What's Changed

• chore(deps): bump actions/download-artifact from 6 to 7 by @dependabot[bot] in #1488
• chore(deps): bump actions/upload-artifact from 5 to 6 by @dependabot[bot] in #1487
• chore(deps): bump knip from 5.70.2 to 5.80.2 in /tools/test-dependencies by @dependabot[bot] in #1495
• chore(deps): bump knip from 5.80.2 to 5.81.0 in /tools/test-dependencies by @dependabot[bot] in #1496
• chore(deps): bump knip from 5.81.0 to 5.82.1 in /tools/test-dependencies by @dependabot[bot] in #1498
• chore(deps): bump knip from 5.82.1 to 5.83.1 in /tools/test-dependencies by @dependabot[bot] in #1499
• ci: test node25 by @jkowalleck in #1509
• feat: upgrade CycloneDX lib 10.0.0 by @jkowalleck in #1503
• chore(deps-dev): bump c8 from 10.1.3 to 11.0.0 by @dependabot[bot] in #1507
• chore(deps): bump knip from 5.83.1 to 5.85.0 in /tools/test-dependencies by @dependabot[bot] in #1508
• Chore/test trusted publishing by @jkowalleck in #1510

Full Changelog: v5.2.4...v5.3.0