Merge branch 'master' into 'master'

| Name                  | description                            | default value     |

| --------------------- | -------------------------------------- | ----------------- |

| `MAVEN_DEPENDENCY_CHECK_DISABLED` | Set to `true` to disable this job | _none_ |

| `MAVEN_DEPENDENCY_CHECK_ARGS` | Maven arguments for Dependency Check job | `org.owasp:dependency-check-maven:check -DretireJsAnalyzerEnabled=false -DassemblyAnalyzerEnabled=false` |

A Dependency Check is a quite long operation and therefore the job is configured to be ran __manually__ by default.

However, if you want to enable an automatic Dependency-Check scan, you will have to override the `rules` keyword for the `mvn-dependency-check` job.

      "id": "dependency-check",

      "name": "Dependency-Check",

      "description": "[Dependency-Check](https://jeremylong.github.io/DependencyCheck/dependency-check-maven/configuration.html) analysis",

      "disable_with": "MAVEN_DEPENDENCY_CHECK_DISABLED",

      "variables": [

        {

          "name": "MAVEN_DEPENDENCY_CHECK_ARGS",

      "id": "forbid-snapshot-dependencies",

      "name": "Snapshot dependencies verification",

      "description": "This job verifies your project has no _snapshot_ dependencies. Failure is allowed in feature branches.",

      "variables": [

        {

          "name": "MVN_FORBID_SNAPSHOT_DEPENDENCIES_DISABLED",

          "description": "Disable the job",

          "type": "boolean"

        }

      ]

      "disable_with": "MVN_FORBID_SNAPSHOT_DEPENDENCIES_DISABLED"

    },

    {

      "id": "publish",

    paths:

      - "${MAVEN_PROJECT_DIR}/**/target/dependency-check-report.*"

  rules:

    # exclude if disable

    - if: '$MAVEN_DEPENDENCY_CHECK_DISABLED == "true"'

      when: never

    # on schedule: auto

    - if: '$CI_PIPELINE_SOURCE == "schedule"'

      allow_failure: true