Bump org.owasp:dependency-check-maven from 11.1.1 to 12.0.0

[dependabot]

Bumps org.owasp:dependency-check-maven from 11.1.1 to 12.0.0.

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 12.0.0

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 12.0.0 (2025-01-11)

• feat: report on CVSS v4 (#7204)
• feat: show from which dependency the CVE comes in failure report (#7224)
• feat: Use Maven settings decryption API for decrypting secrets from settings.xml (#7284)
• feat: Extend authentication to support Bearer token for many resources (#7277)
• feat: Add a flag to fail when one or more suppression rules are not used (#7244)
• fix: add product evidence as vendor to reduce FN (#7295)
• fix: Make the HTTP-Client use pre-emptive authentication (#7255)
• fix: Add the missing proxy credentials for suppressionFileUser/Password authentication scenario
• fix: increase max retry count (#7252)
• fix: Make the HTTP-Client use pre-emptive authentication for configured server credentials and extend HTTPClient usage to Nexus search
• fix: Tranform into UTC the last modified date from database (#7222)

See the full listing of changes.

Commits

• 48d567d build: prepare release v12.0.0
• 69453c8 chore: prepare release
• 0fd289a chore: Remove code-paths for Java versions <=8 (#7297)
• b51921f fix: add product evidence as vendor to reduce FN (#7295)
• ae8c06a chore: fixup JQuery LICENSE.txt file which was a full github html page dump (...
• 5a47091 build(deps): Sanitize dependencies based on dependency:analyze-report results...
• 57db1ca build(deps): bump commons-beanutils:commons-beanutils from 1.9.4 to 1.10.0 (#...
• 361fe48 build(deps): bump commons-beanutils:commons-beanutils
• 09c4c71 build(deps): bump commons-codec:commons-codec from 1.17.1 to 1.17.2 (#7287)
• 505ddff feat: Use Maven settings decryption API for decrypting secrets from settings....
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🚦Reports for run #646🚦

Reports will be posted here as they get available.

🥳 JVM Test passed

Passed	Failed	Skipped
✅ 16	❌ 0	⚠️ 0

You can see the report here.

🥳 Native Test passed

Passed	Failed	Skipped
✅ 16	❌ 0	⚠️ 0

You can see the report here.

🥳 OWASP Scan passed

Passed	Failed	Skipped
✅ 84	❌ 0	⚠️ 0

You can see the report here.

[turing85]

@dependabot merge