add owasp dependency check plugin (Azure#44010)

jairmyree · web-flow · commit 91682cbf0e0a · 2025-02-04T13:38:46.000-08:00
diff --git a/eng/versioning/external_dependencies.txt b/eng/versioning/external_dependencies.txt
@@ -209,6 +209,7 @@ org.jacoco:org.jacoco.agent;0.8.12
 org.mockito:mockito-core;4.11.0
 org.mockito:mockito-inline;4.11.0
 org.moditect:moditect-maven-plugin;1.0.0.RC1
+org.owasp:dependency-check-maven;11.1.1
 org.ow2.asm:asm;9.7
 org.revapi:revapi;0.14.4
 org.revapi:revapi-java;0.26.1
diff --git a/sdk/parents/azure-sdk-parent/pom.xml b/sdk/parents/azure-sdk-parent/pom.xml
@@ -283,6 +283,22 @@
           <artifactId>maven-install-plugin</artifactId>
           <version>3.1.3</version> <!-- {x-version-update;org.apache.maven.plugins:maven-install-plugin;external_dependency} -->
         </plugin>
+
+        <plugin>
+          <groupId>org.owasp</groupId>
+          <artifactId>dependency-check-maven</artifactId>
+          <version>11.1.1</version> <!-- {x-version-update;org.owasp:dependency-check-maven;external_dependency} -->
+          <configuration>
+            <skipProvidedScope>true</skipProvidedScope>
+          </configuration>
+          <executions>
+            <execution>
+              <goals>
+                <goal>check</goal>
+              </goals>
+            </execution>
+          </executions>
+        </plugin>
       </plugins>
     </pluginManagement>
   </build>
