Bump org.owasp:dependency-check-maven from 12.1.1 to 12.1.2 in the plugins group (#2137)

Author: dependabot[bot]

build-tools/owasp/suppressions.xml

@@ -8,6 +8,27 @@
     <packageUrl regex="true">^pkg:maven/com\.inrupt\.client/inrupt\-client\-openid@.*$</packageUrl>
     <cpe>cpe:/a:openid:openid</cpe>
   </suppress>
+  <suppress>
+    <notes><![CDATA[
+        This suppresses a false positive CPE match
+    ]]></notes>
+    <packageUrl regex="true">^pkg:maven/org\.roaringbitmap/RoaringBitmap@.*$</packageUrl>
+    <cpe>cpe:/a:bitmap_project:bitmap</cpe>
+  </suppress>
+  <suppress>
+    <notes><![CDATA[
+        The json-java artifact is not a dependency of this project.
+    ]]></notes>
+    <packageUrl regex="true">^pkg:maven/(com\.inrupt\.client/inrupt\-client\-jsonb|com\.github\.jsonld\-java/jsonld\-java|net\.javacrumbs\.json\-unit/json\-unit\-core)@.*$</packageUrl>
+    <cve>CVE-2023-5072</cve>
+  </suppress>
+  <suppress>
+    <notes><![CDATA[
+        The json-java artifact is not a dependency of this project.
+    ]]></notes>
+    <packageUrl regex="true">^pkg:maven/(com\.inrupt\.client/inrupt\-client\-jsonb|com\.github\.jsonld\-java/jsonld\-java|net\.javacrumbs\.json\-unit/json\-unit\-core)@.*$</packageUrl>
+    <cve>CVE-2022-45688</cve>
+  </suppress>
 
   <!-- Suppressed vulnerabilities. These need monthly review. -->
   <suppress until="2025-08-10Z">

pom.xml

@@ -57,7 +57,7 @@
     <javadoc.plugin.version>3.11.2</javadoc.plugin.version>
     <license.plugin.version>5.0.0</license.plugin.version>
     <nexus.plugin.version>1.7.0</nexus.plugin.version>
-    <owasp.plugin.version>12.1.1</owasp.plugin.version>
+    <owasp.plugin.version>12.1.2</owasp.plugin.version>
     <projectinfo.plugin.version>3.9.0</projectinfo.plugin.version>
     <pmd.plugin.version>3.26.0</pmd.plugin.version>
     <site.plugin.version>3.21.0</site.plugin.version>