chore(deps): update dependency org.owasp:dependency-check-maven to v7.4.4

This MR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.owasp:dependency-check-maven	7.1.0 -> 7.4.4

---

Release Notes

jeremylong/DependencyCheck

v7.4.4

Compare Source

Fixed

• Resolved issue processing NVD CVE data due to column width (#​5229)

See the full listing of changes.

v7.4.3

Compare Source

Fixed

• Fixed NPE when analyzing version ranges in NPM (#​5158 & #​5190)
• Resolved several FP (#​5191)

See the full listing of changes.

v7.4.2

Compare Source

Fixed

• Fixes maven 3.1 compatibility issue (#​5152)
• Fixed issue with invalid node_module paths in some scans (#​5135)
• Fixed missing option to disable the Poetry Analyzer in the CLI (#​5160)
• Fixed missing option to configure the OSS Index URL in the CLI (#​5180)
• Fixed NPE when analyzing version ranges in NPM (#​5158)
• Fixed issue with non-proxy host in the gradle plugin (https://github.com/dependency-check/dependency-check-gradle/pull/298)
• Resolved several FP

See the full listing of changes.

v7.4.1

Compare Source

Fixed

• Fixed bug when setting the proxy port in gradle (#​5123)
• Fixed issue with invalid node_module paths in some scans (#​5127)
• Resolved several FP

See the full listing of changes.

v7.4.0

Compare Source

Added

• Add support for npm package lock v2 and v3 (#​5078)
• Added experimental support for Python Poetry (#​5025)
• Added a vanilla HTML report for use in Jenkins (#​5053)

Changed

• Renamed RELEASE_NOTES.md to CHANGELOG.md to be more conventional
• Optimized checksum calculation to improve performance (#​5112)
• Added support for scanning .NET assemblies when only the dotnet runtime is installed (#​5087)
• Bumped several dependencies

Fixed

• Fixed bug when setting the proxy port (#​5076)
• Resolved several FP and FN

See the full listing of changes.

v7.3.2

Compare Source

Changed

• Automated release of 7.3.1 failed and only published to Central; 7.3.2 is a re-release of 7.3.1.
• Resolved several false positives and false negatives.
• Use Jackson Afterburner if still on Java 8 (#​4966).
• Exclude node_modules from the Maven plugin's scan path (#​4974).

See the full listing of changes.

v7.3.1

Compare Source

Changed

• Resolved several false positives and false negatives.
• Use Jackson Afterburner if still on Java 8 (#​4966).
• Exclude node_modules from the Maven plugin's scan path (#​4974).

See the full listing of changes.

v7.3.0

Compare Source

Added

• Added an experimental Dart analyzer (#​4869).

Changed

• Migrated from Jackson Afterburner to Blackbird (#​4905).

Fixed

• Fixed issue with the Maven plugin that caused concurrent modification exceptions (#​4935).

See the full listing of changes.

v7.2.1

Compare Source

Fixed

• Fixed logging issue (#​4846).

See the full listing of changes.

v7.2.0

Compare Source

Changed

• Add support for Bazel's pinned maven_install.json (#​4772).
• Fixed bug preventing the use of custom report templates (#​4800).
• Updated several dependencies including upgrades for dependencies with CVEs.
• Several bug fixes made and suppression rules were added.

See the full listing of changes.

v7.1.2

Compare Source

Changed

• The maven plugin now includes pnpm and yarn lock files in the scan by default (#​4753).
• If a suppression rule is no longer used a log entry will be written (#​4685).
• Several bug fixes made and suppression rules added.

See the full listing of changes.

v7.1.1

Compare Source

Fixed

• Minor bug fixes.
• Resolved several false positives.

See the full listing of changes.

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

---

• If you want to rebase/retry this MR, click this checkbox.

---

This MR has been generated by Renovate Bot.