chore(deps): support normalize-package-data v8.0.0 (#1327)

Bumps
[normalize-package-data](https://github.com/npm/normalize-package-data)
from 7.0.1 to 8.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/npm/normalize-package-data/releases">normalize-package-data's
releases</a>.</em></p>
<blockquote>
<h2>v8.0.0</h2>
<h2><a
href="https://github.com/npm/normalize-package-data/compare/v7.0.1...v8.0.0">8.0.0</a>
(2025-07-24)</h2>
<h3>⚠️ BREAKING CHANGES</h3>
<ul>
<li><code>normalize-package-data</code> now supports node <code>^20.17.0
|| &gt;=22.9.0</code></li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://github.com/npm/normalize-package-data/commit/4b978e07b4c257407a60aef4fa325bea6a773164"><code>4b978e0</code></a>
<a
href="https://redirect.github.com/npm/normalize-package-data/pull/248">#248</a>
align to npm 11 node engine range (<a
href="https://github.com/owlstronaut"><code>@​owlstronaut</code></a>)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://github.com/npm/normalize-package-data/commit/7b28c1a84de9efa04b1f5d6a790e6fb082ef0244"><code>7b28c1a</code></a>
<a
href="https://redirect.github.com/npm/normalize-package-data/pull/248">#248</a>
<code>[email protected]</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/npm/normalize-package-data/blob/main/CHANGELOG.md">normalize-package-data's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/npm/normalize-package-data/compare/v7.0.1...v8.0.0">8.0.0</a>
(2025-07-24)</h2>
<h3>⚠️ BREAKING CHANGES</h3>
<ul>
<li><code>normalize-package-data</code> now supports node <code>^20.17.0
|| &gt;=22.9.0</code></li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><a
href="https://github.com/npm/normalize-package-data/commit/4b978e07b4c257407a60aef4fa325bea6a773164"><code>4b978e0</code></a>
<a
href="https://redirect.github.com/npm/normalize-package-data/pull/248">#248</a>
align to npm 11 node engine range (<a
href="https://github.com/owlstronaut"><code>@​owlstronaut</code></a>)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://github.com/npm/normalize-package-data/commit/7b28c1a84de9efa04b1f5d6a790e6fb082ef0244"><code>7b28c1a</code></a>
<a
href="https://redirect.github.com/npm/normalize-package-data/pull/248">#248</a>
<code>[email protected]</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/npm/normalize-package-data/commit/46967fd9b06db3cc23f6f813c89a9f6232299563"><code>46967fd</code></a>
chore: release 8.0.0 (<a
href="https://redirect.github.com/npm/normalize-package-data/issues/249">#249</a>)</li>
<li><a
href="https://github.com/npm/normalize-package-data/commit/4b978e07b4c257407a60aef4fa325bea6a773164"><code>4b978e0</code></a>
fix!: align to npm 11 node engine range</li>
<li><a
href="https://github.com/npm/normalize-package-data/commit/7b28c1a84de9efa04b1f5d6a790e6fb082ef0244"><code>7b28c1a</code></a>
deps: [email protected]</li>
<li>See full diff in <a
href="https://github.com/npm/normalize-package-data/compare/v7.0.1...v8.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=normalize-package-data&package-manager=npm_and_yarn&previous-version=7.0.1&new-version=8.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

> **Note**
> Automatic rebases have been disabled on this pull request as it has
been open for over 30 days.

---------

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: Jan Kowalleck <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jan Kowalleck <[email protected]>

Author: dependabot[bot]

package.json

@@ -71,7 +71,7 @@
   "dependencies": {
     "@cyclonedx/cyclonedx-library": "^8.4.0",
     "commander": "^14.0.0",
-    "normalize-package-data": "^7.0.0",
+    "normalize-package-data": "^7.0.0 || ^8.0.0",
     "xmlbuilder2": "^3.0.2"
   },
   "devDependencies": {