Bump org.owasp:dependency-check-maven from 12.1.0 to 12.1.1

Bumps org.owasp:dependency-check-maven from 12.1.0 to 12.1.1.

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 12.1.1

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 12.1.1 (2025-04-05)

• fix: resolve NVD data Parse error com.fasterxml.jackson.core.JsonParseException: Unexpected character (']' (code 93))
  • bump open-vulnerability-client from 7.3.1 to 7.3.2 (#7577)
• fix: update links for repository move from jeremylong to the dependency-check organization (#7373)
• fix: resolve NPE when processing CVE-2025-2682 (#7558)
• fix: prevent rogue base suppression files (#7544)
• fix: #6819 handle invalid toml file (#7548)
• fix: Use unscored severity only in absence of any CVSS baseScore (#7530)
• fix: protect against exotic version number of yarn (#7525)
• fix: Ignore require-bundle MANIFEST.MF entry for evidence (#7523)
• fix: avoid error on yarn berry audit when no vulnerability found (#7501)
• fix: improve null checks in Downloader (#7493)
• fix: improve null checks resolves dependency-check/dependency-check-gradle#441
• fix: Avoid FPs when Composer product name has php (#7486)
• fix: cli not honoring window paths correctly (#7470)
• fix: Also apply muteNoisyLoggers to UpdateMojo (#7469)
• fix: Make HC5 Downloader honor the connection- and readTimeout settings that the old URLConnectionFactory based downloads observed (#7437)
• docs: sync the supported Maven version with the one stated in the system requirement section (#7570)
• docs: update proxy config documentation (#7550)
• docs: Remove copyright as requested by the Apache foundation
• docs: drop redundant text in the Internet Access Required section (#7521)
• docs: correct gradle documentation (#7511)

See the full listing of changes

Commits

• 67cccfb build: prepare release v12.1.1
• d7f876d docs: release 12.1.1
• f7e3d05 build(deps): bump open-vulnerability-client from 7.3.1 to 7.3.2 (#7577)
• 20c62ec build(deps-dev): bump io.netty:netty-codec-http from 4.1.119.Final to 4.2.0.F...
• c0a8a52 build(deps-dev): bump io.netty:netty-codec-http
• 35b7a16 docs: sync the supported Maven version with the one stated in the system requ...
• 511710f build(deps): bump org.jacoco:jacoco-maven-plugin from 0.8.12 to 0.8.13 (#7571)
• b231423 build(deps): bump golang from 1.24.1-alpine to 1.24.2-alpine (#7568)
• 1491689 build(deps): bump org.apache.maven.plugins:maven-surefire-plugin from 3.5.2 t...
• 288458c build(deps): bump org.apache.maven.plugins:maven-failsafe-plugin from 3.5.2 t...
• Additional commits viewable in compare view

---

Dependabot commands

You can trigger Dependabot actions by commenting on this MR

• $dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

pom.xml

@@ -135,7 +135,7 @@
 			<plugin>
 				<groupId>org.owasp</groupId>
 				<artifactId>dependency-check-maven</artifactId>
-				<version>12.1.0</version>
+				<version>12.1.1</version>
 				<executions>
 					<execution>
 						<phase>${lalaland.owasp}</phase>