Update dependency org.owasp:dependency-check-maven to v12.2.1

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
org.owasp:dependency-check-maven (source)	12.2.0 → 12.2.1

---

Release Notes

dependency-check/DependencyCheck (org.owasp:dependency-check-maven)

v12.2.1

Compare Source

• build: improve GHA workflow experience for forks (#​8285)
• build: use maven jdk toolchains to build with Java 25; test against Java 11/17/21/25 (#​8292)
• chore: avoid use of parent pom and maven properties where unnecessary (#​8322)
• chore: bump java development to 25.0 (#​8365)
• chore: fix Charset warnings; preferring typed charsets (#​8326)
• chore: fix Maven scm tags after 12.2.1-SNAPSHOT bump (#​8265)
• chore: pin GitHub actions to specific SHAs rather than mutable tags (#​8381)
• chore: remove unused properties and schemas (#​8378)
• docs: define schema locations in XML examples (#​8254)
• docs: document external data sources and hostnames (#​8219)
• docs: ensure OSS Index URL override is consistently documented (#​8338)
• docs: fix minor typo in README (#​8246)
• fix(core): correct xml schema validation handling without needing external access (#​8272)
• fix(deps): upgrade slf4j and logback (#​8306)
• fix(test): disable pnpm analyzer during test (#​8305)
• fix: Correct published/hosted suppressions namespace header and indent (#​8258)
• fix: Suppress noisy WARN logging from Apache Lucene within Maven and Ant plugins (#​8248)
• fix: #​8140 AssemblyAnalyzer version resolution issue (#​8352)
• fix: #​8140 fix version resolution
• fix: #​8140 hint azure_identity_library_for_.net
• fix: #​8356 narrow down VersionFilterAnalyzer scope to JAR files (#​8358)
• fix: correct parsing for CVSSv4 strings with Provider Urgency (#​8377)
• fix: evidence source in Retire JS analyzer (#​8303)
• fix: exclude deprecations from Yarn Berry audit results (#​8380)
• fix: improve PEAnalyzer reliability by migrating to maintained PE/COFF 4J library fork (#​8245)
• fix: improve configuration consistency (casing) (#​8355)
• fix: improve logging of unexpected Java Errors during processing of NVD (#​8250)
• fix: raw type warning in ProcessReader (#​8324)
• fix: suppress false positives for zabbix-utils #​8087 (#​8218)
• fix: update docs (#​8405)
• fix: warn if deprecated configs are used (#​8366)
• test: Make tests locale independent (#​8328)
• test: #​8140 reproduce current behavior
• test: avoid polluting test classpaths with sample dependencies to be scanned (#​8267)

See the full listing of changes

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • On day 1 and 15 of the month (* * 1,15 * *)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.