CycloneDX
diff --git a/‎HISTORY.md
+5 b/‎HISTORY.md
+5
diff --git a/‎package-lock.json
+7-7 b/‎package-lock.json
+7-7
diff --git a/‎package.json
+1-1 b/‎package.json
+1-1
diff --git a/‎src/plugin.ts
+6-6 b/‎src/plugin.ts
+6-6
diff --git a/‎tests/integration/__snapshots__/index.test.js.snap
+27-27 b/‎tests/integration/__snapshots__/index.test.js.snap
+27-27
@@ -4,10 +4,15 @@ All notable changes to this project will be documented in this file.
 
 ## unreleased
 
+* Changed
+  * PackageUrl(PURL) in JSON and XML results are as short as possible, but still precise.  (via [#285])
+* Misc
+  * Raised dependency `@cyclonedx/cyclonedx-library@^1.4.0`, was `@^1.0.0`. (via [#285])
 * Build
   * Use _TypeScript_ `v4.8.2` now, was `v4.7.4`. (via [#284])
 
 [#284]: https://github.com/CycloneDX/cyclonedx-webpack-plugin/pull/284
+[#285]: https://github.com/CycloneDX/cyclonedx-webpack-plugin/pull/285
 
 ## 3.0.1 - 2022-06-25
 
 
@@ -33,7 +33,7 @@
     "node": ">=14"
   },
   "dependencies": {
-    "@cyclonedx/cyclonedx-library": "^1.0.0",
+    "@cyclonedx/cyclonedx-library": "^1.4.0",
     "read-pkg-up": "^7.0.0",
     "xmlbuilder2": "^3.0.2"
   },
 
@@ -146,11 +146,11 @@ export class CycloneDxWebpackPlugin {
     }
 
     const logger = compilation.getLogger(pluginName)
-    const cdxExternalReferenceFactory = new CDX.Factories.FromPackageJson.ExternalReferenceFactory()
+    const cdxExternalReferenceFactory = new CDX.Factories.FromNodePackageJson.ExternalReferenceFactory()
     const cdxLicenseFactory = new CDX.Factories.LicenseFactory()
-    const cdxPurlFactory = new CDX.Factories.PackageUrlFactory('npm')
-    const cdxToolBuilder = new CDX.Builders.FromPackageJson.ToolBuilder(cdxExternalReferenceFactory)
-    const cdxComponentBuilder = new CDX.Builders.FromPackageJson.ComponentBuilder(cdxExternalReferenceFactory, cdxLicenseFactory)
+    const cdxPurlFactory = new CDX.Factories.FromNodePackageJson.PackageUrlFactory('npm')
+    const cdxToolBuilder = new CDX.Builders.FromNodePackageJson.ToolBuilder(cdxExternalReferenceFactory)
+    const cdxComponentBuilder = new CDX.Builders.FromNodePackageJson.ComponentBuilder(cdxExternalReferenceFactory, cdxLicenseFactory)
 
     const bom = new CDX.Models.Bom()
     bom.metadata.component = this.#makeRootComponent(compilation.compiler.context, cdxComponentBuilder)
@@ -231,7 +231,7 @@ export class CycloneDxWebpackPlugin {
     )
   }
 
-  #makeRootComponent (cwd: string, builder: CDX.Builders.FromPackageJson.ComponentBuilder): CDX.Models.Component | undefined {
+  #makeRootComponent (cwd: string, builder: CDX.Builders.FromNodePackageJson.ComponentBuilder): CDX.Models.Component | undefined {
     const thisPackage = this.rootComponentAutodetect
       ? readPackageUpSync({ cwd, normalize: false })
       : { packageJson: { name: this.rootComponentName, version: this.rootComponentVersion } }
@@ -242,7 +242,7 @@ export class CycloneDxWebpackPlugin {
 
   #finalizeBom (
     bom: CDX.Models.Bom,
-    cdxToolBuilder: CDX.Builders.FromPackageJson.ToolBuilder,
+    cdxToolBuilder: CDX.Builders.FromNodePackageJson.ToolBuilder,
     cdxPurlFactory: CDX.Factories.PackageUrlFactory
   ): void {
     bom.metadata.timestamp = this.reproducibleResults