Bump org.owasp:dependency-check-maven from 12.1.3 to 12.1.5

[dependabot]

Bumps org.owasp:dependency-check-maven from 12.1.3 to 12.1.5.

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 12.1.5

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 12.1.5 (2025-09-20)

• fix: Update to support OSS Index Authentication Requirements (#7920)
  • Note: OSS Index will require authentication starting 9/22/2025. Users must configure a free account to continue using the OSS Index Analyzer. See https://ossindex.sonatype.org/doc/auth-required.
• fix: add CVSSv4 to suppressed entries in JSON report (#7900)
• fix: correctly utilize CVSSv4 from ossindex (#7899)
• fix: npe when processing cve with empty configuration (#7888)
• fix: Return unsorted vulnerabilities in new HashSet, avoiding CoMod (#7848)
• fix: Return unsorted vulnerabilities in new HashSet, avoiding CoMod
• fix: class loading problem with fat jars (#7786) (#7787)
• fix: Improve Artifactory handler log message (#7838)
• fix: classloading problem with fat jars (#7786)
• fix: Add null checking when parsing the license json in AbstractNpmAnalyzer. (#7784)
• fix(fp): resolves several false positives related to CVE-2021-41033 (#7736)
• docs: Clarify format of exclude patterns (#7879)
• docs: Document poetry-based analysis behaviour in Python analyzer (#7855)
• docs: request FP reporters use the latest version of ODC. (#7820)
• docs: update development pre-reqs (#7792)
• docs: fix minor typos in false positive issue template (#7763)

See the full listing of changes

Commits

• 71e0fd8 build: prepare release v12.1.5
• d5198d5 chore: bump project to 12.1.5
• ed80987 chore: revert failed release (#7932)
• 045e428 chore: revert failed release
• af34748 build: release 12.1.4 (#7931)
• 3220b96 build: prepare for next development iteration
• dcfcc10 build: prepare release v12.1.4
• 1d15a2d docs: update changelog for release 12.1.4
• baf281b build(deps): bump actions/setup-dotnet from 4.3.1 to 5.0.0 (#7908)
• 8ddda01 build(deps): bump actions/setup-node from 4.4.0 to 5.0.0 (#7910)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

☀️   Quality Monitor

Tests

     Unit Tests: 100% successful (86 passed, 2 skipped)
   ⛔   Architecture Tests: 100% successful (17 passed, 2 skipped)

Code Coverage

   〰️   Line Coverage: 92% (61 missed lines)
   ➰   Branch Coverage: 90% (21 missed branches)

Mutation Coverage

     Mutation Coverage: 80% (80 survived mutations)
   💪   Test Strength: 85% (59 survived mutations in tested code)

Style

     CheckStyle: No warnings
     PMD: No warnings
   ☕   Java Compiler: No warnings

Bugs

     SpotBugs: No bugs
   🐛   Error Prone: No bugs

API Problems

   🚫   Revapi: No warnings

Vulnerabilities

   🛡️   OWASP Dependency Check: No vulnerabilities

Software Metrics

   🌀   Cyclomatic Complexity: 377 (total)
   💭   Cognitive Complexity: 174 (total)
   ➿   N-Path Complexity: 341 (total)
   📏   Lines of Code: 4282 (total)
   📝   Non Commenting Source Statements: 1261 (total)
   🔗   Class Cohesion: 71.43% (maximum)
   ⚖️   Weight of Class: 100.00% (maximum)

🚦 Quality Gates

Overall Status: ✅ SUCCESS

✅ Passed Gates

• ✅ Tests Success Rate: 100.00 >= 100.00
• ✅ Line Coverage: 92.00 >= 80.00
• ✅ Branch Coverage: 90.00 >= 80.00
• ✅ Potential Bugs: 0.00 <= 0.00
• ✅ Style Violations: 0.00 <= 0.00

---

Created by Quality Monitor v3.3.0 (#12e0cf0). More details are shown in the GitHub Checks Result.