v2.3.1

Features:

• Feature #2370 Add support for the packagedeprecation plugin via the new --experimental-flag-deprecated-packages flag. The result is available in all output formats except SPDX.

Fixes:

• Bug #2395 Fix license scanning to correctly match new deps.dev package names.
• Bug #2333 Deduplicate SARIF outputs for GitHub.
• Bug #2259 Fix lookup of Go packages with major versions by including the subpath of Go PURLs, preventing false positives.

Misc:

• Updated Go version to v1.25.5 to support Go reachability analysis for the latest version.