Don't run OWASP dependency check twice

The OWASP Dependency Check is bound to the verify phase and runs in the Run Tests and Static Code Analysis stages. To speed up the pipeline, the OWASP Dependency Check doesn't run when the QA profile is used.

A future optimization of the pipeline is to have all static code analysis _before_ the Run Test phase, and have them produce their XML reports which can then be consumed by SonarQube

QA-7800

Author: amedee

pom.xml

@@ -708,6 +708,13 @@
               <failOnError>false</failOnError>
             </configuration>
           </plugin>
+          <plugin>
+            <groupId>org.owasp</groupId>
+            <artifactId>dependency-check-maven</artifactId>
+            <configuration>
+              <skip>true</skip>
+            </configuration>
+          </plugin>
           <plugin>
             <groupId>org.revapi</groupId>
             <artifactId>revapi-maven-plugin</artifactId>