Bump org.owasp:dependency-check-maven from 12.0.1 to 12.1.0

[dependabot]

Bumps org.owasp:dependency-check-maven from 12.0.1 to 12.1.0.

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 12.1.0

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Version 12.0.2

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 12.1.0 (2025-02-16)

• build(deps): bump open-vulnerability-client to 7.2.2 (#7407)
  • resolves issue with downloading data from the NVD (#7406)
• fix: Improve thread safety issue #7338 alternative (#7367)
• feat: Implement Yarn Berry Analyser (#7319)

See the full listing of [changes](https://github.com/jeremylong/DependencyCheck/milestone/94?closed=1

Version 12.0.2 (2025-01-29)

• fix: correct JSON report error (#7350)
• fix: some compatability issues in the gitlab report (#7349)
• fix: ArtifactoryAnalyzer updated to use the HTTPClient5-based Downloader and skip unusable results (#7293)
• chore: allow messages via EngineVersionCheck (#7353)
• chore: switch from javax.json to jakarta.json (#7326)

See the full listing of changes.

Commits

• d55ddfc build: prepare release v12.1.0
• 06ba358 chore: prepare release 12.1.0
• d22a232 build(deps): bump open-vulnerability-client to 7.2.2 (#7407)
• 55ee6a7 build(deps): bump golang from 1.23.6-alpine to 1.24.0-alpine (#7401)
• 6cc0be1 build(deps): bump com.github.spotbugs:spotbugs-annotations from 4.9.0 to 4.9....
• cccba5b build(deps): bump org.apache.httpcomponents.client5:httpclient5 from 5.4.1 to...
• eb01cba build(deps-dev): bump io.netty:netty-codec-http from 4.1.117.Final to 4.1.118...
• 4aa1df1 build(deps): bump com.github.spotbugs:spotbugs-annotations
• a5f7501 build(deps): bump pnpm/action-setup from 4.0.0 to 4.1.0 (#7379)
• 1abd450 build(deps): bump golang from 1.23.5-alpine to 1.23.6-alpine (#7376)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)