Consider bumping default BOM export version to CycloneDX 1.6

[aluqmanj-ni]

The GET /api/v1/bom/cyclonedx/project/{uuid} endpoint defaults to CycloneDX 1.5 when the version query parameter is not specified:

dependency-track/src/main/java/org/dependencytrack/resources/v1/BomResource.java

Line 122 in dcaee5d

private static final String DEFAULT_EXPORT_VERSION = "1.5";

Since DT 4.14 already supports ingesting CycloneDX 1.6 BOMs, would it make sense to bump this default to "1.6"? The UI "Download BOM" button doesn't pass the version parameter, so users always get a 1.5 export unless they call the API directly with ?version=1.6.

Suggestions (in order of preference):

1. Bump DEFAULT_EXPORT_VERSION to "1.6" - minimal change, aligns with the latest supported schema.
2. Add an admin-configurable setting (similar to BOM_VALIDATION_MODE) so teams can set their preferred export version without rebuilding.
3. Have the frontend expose a version selector in the download dialog.