Update OWASP dependency check plugin to version 9.0.4 using NVD API Key

siemens · Dec 15, 2023 · f5ab1e4 · f5ab1e4
1 parent 5756a33
commit f5ab1e4
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml
@@ -39,6 +39,7 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          NVD_API_KEY: ${{ secrets.NVD_TOKEN }}
         # note that we deliberately turn off the OWASP dependency checker here, it will run in a separate job,
         # such that its results can be viewed independently of what Sonar has to say
         run: |

diff --git a/pom.xml b/pom.xml
@@ -130,7 +130,7 @@
 			<plugin>
 				<groupId>org.owasp</groupId>
 				<artifactId>dependency-check-maven</artifactId>
-				<version>8.4.3</version>
+				<version>9.0.4</version>
 				<executions>
 					<execution>
 						<goals>