From b28e47cfaeef0165082ef87c8dd0ef829cd3cdcf Mon Sep 17 00:00:00 2001
From: Justintime50 <39606064+Justintime50@users.noreply.github.com>
Date: Mon, 20 Oct 2025 14:46:40 -0600
Subject: [PATCH] chore: remove dependency-check-maven

---
 .github/workflows/ci.yml | 23 -----------------------
 Makefile                 |  6 +-----
 pom.xml                  | 17 -----------------
 3 files changed, 1 insertion(+), 45 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index fe66f63..205aef8 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -83,26 +83,3 @@ jobs:
           fail_on_error: true
           checkstyle_config: easypost_java_style.xml
           tool_name: "style_enforcer"
-  security:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-      - name: Set up JDK for compilation
-        uses: actions/setup-java@v4
-        with:
-          distribution: "zulu"
-          java-version: "23" # Always use the latest JDK for building
-      - name: Load Maven dependencies and CVE database cache
-        uses: actions/cache@v3
-        with:
-          path: ~/.m2/repository # The CVE database is included in the Maven repository folder
-          key: ${{ runner.os }}-maven-security-${{ hashFiles('**/pom.xml') }}
-          restore-keys: |
-            ${{ runner.os }}-maven-
-      - name: Run security analysis
-        run: make scan
-      - name: Upload Test results
-        uses: actions/upload-artifact@master
-        with:
-          name: DependencyCheck report
-          path: ${{github.workspace}}/target/dependency-check-report.html
diff --git a/Makefile b/Makefile
index 66459fe..df510db 100644
--- a/Makefile
+++ b/Makefile
@@ -45,12 +45,8 @@ publish-dry:
 release:
 	gh release create ${tag} target/*.jar target/*.asc target/*.pom
 
-## scan - Scan the project for serious security issues
-scan:
-	mvn verify -DskipTests=true -Dgpg.skip=true -Dcheckstyle.skip=true -Djavadoc.skip=true -Ddependency-check.failBuildOnCVSS=0 -Ddependency-check.junitFailOnCVSS=0
-
 ## test - Test the project
 test:
 	mvn surefire:test
 
-.PHONY: help build clean coverage install-checkstyle install lint publish publish-dry release scan test
+.PHONY: help build clean coverage install-checkstyle install lint publish publish-dry release test
diff --git a/pom.xml b/pom.xml
index 68e472d..29be8fc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -258,23 +258,6 @@
                     </execution>
                 </executions>
             </plugin>
-            <plugin>
-                <groupId>org.owasp</groupId>
-                <artifactId>dependency-check-maven</artifactId>
-                <version>7.4.4</version>
-                <configuration>
-                    <failBuildOnCVSS>7</failBuildOnCVSS>
-                    <junitFailOnCVSS>7</junitFailOnCVSS>
-                </configuration>
-                <executions>
-                    <execution>
-                        <goals>
-                            <goal>check</goal>
-                        </goals>
-                    </execution>
-                </executions>
-            </plugin>
         </plugins>
     </build>
-
 </project>