ARTEMIS-X Bump owasp.version from 12.1.9 to 12.2.0

[dependabot]

Bumps owasp.version from 12.1.9 to 12.2.0.
Updates org.owasp:dependency-check-maven from 12.1.9 to 12.2.0

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 12.2.0

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 12.2.0 (2026-01-09)

• feat: package and utilize generated suppression file (#8116)

• feat: override pnpm audit registry parameter (#8158)

• feat: support multiple cvssBelow thresholds per version (#2563) (#8024)

• feat: usage telemetry via scarf (#8066)

• feat: add new suppression xsd allowing grouping of suppressions (#7957)

• fix(ant): resolve relative paths against basedir (#8202)

• fix: add hint for Elastic APM Java agent CPE mapping (#8200)

• fix: Allow NVD data feed metadata downloads to fail on 1st Jan while logging correct errors (#8205)

• fix(ant): resolve paths relative to basedir for suppression and output

• fix: correct XML/JSON report CVSS field & HTML report URL mappings (#8156)

• fix: log GrokAssembly output when dotnet invocation fails (#8141)

• fix: correct reliability of Central etc (JCS cache) analyzers on Java 25/Docker by making CLI classpath deterministic (#8117)

• docs: Update & correct README (#8166)

• docs: update suppression schema version (#8136)

• docs: fix typos in some files (#8135)

• chore: remove duplicate suppression rules from base that are in the generated branch (#8138)

• chore: remove suppression rules that were deleted from the generatedSuppression branch (#8119)

• build: transition dependency to org.eclipse.parsson groupId (#8128)

• See the full listing of changes

Commits

• 909229e build: prepare release v12.2.0
• f6f3d76 chore: reset snapshot version and fix site
• 67d0d1a build: Release 12.2.0 (#8216)
• 6f46091 build: prepare for next development iteration
• 9ec772f build: prepare release v12.2.0
• e81b240 docs: prepare release 12.2.0
• 41f1cdf build(deps): bump junit.version from 5.14.1 to 5.14.2 (#8214)
• 26cfd65 build(deps): bump org.sonatype.central:central-publishing-maven-plugin from 0...
• f437aa0 fix(ant): resolve relative paths against basedir (#8202)
• 7f63b48 Merge branch 'main' into fix-7918-ant-relative-paths
• Additional commits viewable in compare view

Updates org.owasp:dependency-check-core from 12.1.9 to 12.2.0

Release notes

Sourced from org.owasp:dependency-check-core's releases.

Version 12.2.0

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-core's changelog.

Version 12.2.0 (2026-01-09)

• feat: package and utilize generated suppression file (#8116)

• feat: override pnpm audit registry parameter (#8158)

• feat: support multiple cvssBelow thresholds per version (#2563) (#8024)

• feat: usage telemetry via scarf (#8066)

• feat: add new suppression xsd allowing grouping of suppressions (#7957)

• fix(ant): resolve relative paths against basedir (#8202)

• fix: add hint for Elastic APM Java agent CPE mapping (#8200)

• fix: Allow NVD data feed metadata downloads to fail on 1st Jan while logging correct errors (#8205)

• fix(ant): resolve paths relative to basedir for suppression and output

• fix: correct XML/JSON report CVSS field & HTML report URL mappings (#8156)

• fix: log GrokAssembly output when dotnet invocation fails (#8141)

• fix: correct reliability of Central etc (JCS cache) analyzers on Java 25/Docker by making CLI classpath deterministic (#8117)

• docs: Update & correct README (#8166)

• docs: update suppression schema version (#8136)

• docs: fix typos in some files (#8135)

• chore: remove duplicate suppression rules from base that are in the generated branch (#8138)

• chore: remove suppression rules that were deleted from the generatedSuppression branch (#8119)

• build: transition dependency to org.eclipse.parsson groupId (#8128)

• See the full listing of changes

Commits

• 909229e build: prepare release v12.2.0
• f6f3d76 chore: reset snapshot version and fix site
• 67d0d1a build: Release 12.2.0 (#8216)
• 6f46091 build: prepare for next development iteration
• 9ec772f build: prepare release v12.2.0
• e81b240 docs: prepare release 12.2.0
• 41f1cdf build(deps): bump junit.version from 5.14.1 to 5.14.2 (#8214)
• 26cfd65 build(deps): bump org.sonatype.central:central-publishing-maven-plugin from 0...
• f437aa0 fix(ant): resolve relative paths against basedir (#8202)
• 7f63b48 Merge branch 'main' into fix-7918-ant-relative-paths
• Additional commits viewable in compare view

Updates org.owasp:dependency-check-utils from 12.1.9 to 12.2.0

Release notes

Sourced from org.owasp:dependency-check-utils's releases.

Version 12.2.0

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-utils's changelog.

Version 12.2.0 (2026-01-09)

• feat: package and utilize generated suppression file (#8116)

• feat: override pnpm audit registry parameter (#8158)

• feat: support multiple cvssBelow thresholds per version (#2563) (#8024)

• feat: usage telemetry via scarf (#8066)

• feat: add new suppression xsd allowing grouping of suppressions (#7957)

• fix(ant): resolve relative paths against basedir (#8202)

• fix: add hint for Elastic APM Java agent CPE mapping (#8200)

• fix: Allow NVD data feed metadata downloads to fail on 1st Jan while logging correct errors (#8205)

• fix(ant): resolve paths relative to basedir for suppression and output

• fix: correct XML/JSON report CVSS field & HTML report URL mappings (#8156)

• fix: log GrokAssembly output when dotnet invocation fails (#8141)

• fix: correct reliability of Central etc (JCS cache) analyzers on Java 25/Docker by making CLI classpath deterministic (#8117)

• docs: Update & correct README (#8166)

• docs: update suppression schema version (#8136)

• docs: fix typos in some files (#8135)

• chore: remove duplicate suppression rules from base that are in the generated branch (#8138)

• chore: remove suppression rules that were deleted from the generatedSuppression branch (#8119)

• build: transition dependency to org.eclipse.parsson groupId (#8128)

• See the full listing of changes

Commits

• 909229e build: prepare release v12.2.0
• f6f3d76 chore: reset snapshot version and fix site
• 67d0d1a build: Release 12.2.0 (#8216)
• 6f46091 build: prepare for next development iteration
• 9ec772f build: prepare release v12.2.0
• e81b240 docs: prepare release 12.2.0
• 41f1cdf build(deps): bump junit.version from 5.14.1 to 5.14.2 (#8214)
• 26cfd65 build(deps): bump org.sonatype.central:central-publishing-maven-plugin from 0...
• f437aa0 fix(ant): resolve relative paths against basedir (#8202)
• 7f63b48 Merge branch 'main' into fix-7918-ant-relative-paths
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.