4.x: upgrade owasp dependency check plugin to 10.0.2 (helidon-io#8950)

* Remove duplicate helidon-webserver-testing-junit5 dependency * Upgrade owasp-dependency-check to 10.0.2 * Replace deprecated dependency check property with failBuildOnCVSS 0
arjav-desai · Jul 9, 2024 · 89caae9 · 89caae9
1 parent 3ab2ad3
commit 89caae9
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 7 deletions.
diff --git a/integrations/oci/oci/pom.xml b/integrations/oci/oci/pom.xml
@@ -98,11 +98,6 @@
             <artifactId>helidon-webserver</artifactId>
             <scope>test</scope>
         </dependency>
-        <dependency>
-            <groupId>io.helidon.webserver.testing.junit5</groupId>
-            <artifactId>helidon-webserver-testing-junit5</artifactId>
-            <scope>test</scope>
-        </dependency>
     </dependencies>
 
     <build>

diff --git a/pom.xml b/pom.xml
@@ -133,7 +133,7 @@
         <version.plugin.source>3.0.1</version.plugin.source>
         <version.plugin.spotbugs>4.7.3.5</version.plugin.spotbugs>
         <version.plugin.findsecbugs>1.12.0</version.plugin.findsecbugs>
-        <version.plugin.dependency-check>9.0.8</version.plugin.dependency-check>
+        <version.plugin.dependency-check>10.0.2</version.plugin.dependency-check>
         <version.plugin.surefire>3.1.0</version.plugin.surefire>
         <version.plugin.toolchains>1.1</version.plugin.toolchains>
         <version.plugin.version-plugin>2.3</version.plugin.version-plugin>
@@ -630,7 +630,7 @@
                     <configuration>
                         <skip>${dependency-check.skip}</skip>
                         <skipTestScope>true</skipTestScope>
-                        <failBuildOnAnyVulnerability>false</failBuildOnAnyVulnerability>
+                        <failBuildOnCVSS>0</failBuildOnCVSS>
                         <assemblyAnalyzerEnabled>false</assemblyAnalyzerEnabled>
                         <nvdApiKey>${nvd-api-key}</nvdApiKey>
                         <excludes>