Bump org.owasp:dependency-check-maven from 12.1.8 to 12.1.9

[dependabot[bot]]

Bumps org.owasp:dependency-check-maven from 12.1.8 to 12.1.9.

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 12.1.9

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 12.1.9 (2025-11-11)

• fix: correct bundle audit gem in Dockerfile (#8121)
• fix: normalization during comparisons (#8046)
• docs: document multiple configurations for gradle (#8111)
• docs: fix typos in some files (#8106)
• docs: Update SBT plugin link; fix dead report link (#8086)
• chore: Replace deprecated lucene methods (#8079)
• docs: fix #8076 - Error in documentation "Suppressing False Positives" (#8077)
• fix(fp): Improve false positive suppression for matches against golang web_project (#8059)
• fix(fp): Consolidate/update icu4j suppressions for false positives (#8062)
• fix(fp): Correct GRPC java suppressions for newer C/C++/native false positives (#8063)
• fix(fp): Suppress false positive CPEs for protobuf-java per #7854 (#8064)

See the full listing of changes

Commits

• c709ca1 build: prepare release v12.1.9
• 25e3f13 docs: release 12.1.9
• cd7e8ab fix: correct bundle audit gem in Dockerfile (#8121)
• a663aa2 build(deps): bump us.springett:cpe-parser from 3.0.0 to 3.0.1 (#8120)
• e553277 docs: document multiple configurations for gradle (#8111)
• 3adb7f5 build(deps): bump org.apache.maven.plugins:maven-release-plugin from 3.1.1 to...
• 5f6e74a build(deps): bump commons-io:commons-io from 2.20.0 to 2.21.0 (#8110)
• 3717a9a build(deps): bump commons-io:commons-io from 2.20.0 to 2.21.0
• f765457 build(deps): bump JamesIves/github-pages-deploy-action from 4.7.3 to 4.7.4 (#...
• 239e9bf build(deps): bump commons-codec:commons-codec from 1.19.0 to 1.20.0 (#8103)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)