From fec504a0247b3f4cdd83e16f92dd322f8a1a729c Mon Sep 17 00:00:00 2001
From: dotasek <david.otasek@smilecdr.com>
Date: Wed, 11 Dec 2024 13:54:49 -0500
Subject: [PATCH] Update owasp plugin to 11.1.1

---
 .github/workflows/owasp.yml | 10 ++++++++--
 pom.xml                     |  3 ++-
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/owasp.yml b/.github/workflows/owasp.yml
index 238b77a4a..8625e3162 100644
--- a/.github/workflows/owasp.yml
+++ b/.github/workflows/owasp.yml
@@ -17,10 +17,16 @@ jobs:
     - name: Checkout repository
       uses: actions/checkout@v4
 
-    - run: |
+    - env:
+        NVD_API_KEY:
+          ${{ secrets.NVD_API_KEY }}
+      run: |
         mvn -DskipTests install -P OWASP_CHECK
 
-    - run: |
+    - env:
+        NVD_API_KEY:
+          ${{ secrets.NVD_API_KEY }}
+      run: |
         mvn -DskipTests dependency-check:aggregate -P OWASP_CHECK
 
     - name: Upload SARIF file
diff --git a/pom.xml b/pom.xml
index 0af1a743c..8de072975 100644
--- a/pom.xml
+++ b/pom.xml
@@ -384,8 +384,9 @@
                 <plugin>
                     <groupId>org.owasp</groupId>
                     <artifactId>dependency-check-maven</artifactId>
-                    <version>8.2.1</version>
+                    <version>11.1.1</version>
                     <configuration>
+                        <nvdApiKeyEnvironmentVariable>NVD_API_KEY</nvdApiKeyEnvironmentVariable>
                         <suppressionFiles>
                             <suppressionFile>cve-suppression.xml</suppressionFile>
                         </suppressionFiles>