From 90abc3060dc1aa8be404f76a62b77259a4edc0bd Mon Sep 17 00:00:00 2001
From: Clint Wylie <cwylie@apache.org>
Date: Tue, 14 Sep 2021 16:50:48 -0700
Subject: [PATCH] dependency check with inhert instead of aggregate

---
 .travis.yml | 2 +-
 pom.xml     | 4 ----
 2 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index d91aab260ed7..dc995cd55d11 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -725,7 +725,7 @@ jobs:
       stage: cron
       install: skip
       script: |-
-        ${MVN} dependency-check:purge dependency-check:aggregate -pl '!integration-tests' || { echo "
+        ${MVN} dependency-check:purge dependency-check:check || { echo "
 
         The OWASP dependency check has found security vulnerabilities. Please use a newer version
         of the dependency that does not have vulnerabilities. To see a report run
diff --git a/pom.xml b/pom.xml
index afbf9eb9c714..85789c7bbd04 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1493,7 +1493,6 @@
                 <groupId>org.owasp</groupId>
                 <artifactId>dependency-check-maven</artifactId>
                 <version>6.0.3</version>
-                <inherited>false</inherited>
                 <configuration>
                     <failBuildOnCVSS>7</failBuildOnCVSS>
                     <skipProvidedScope>true</skipProvidedScope>
@@ -1505,9 +1504,6 @@
                 </configuration>
                 <executions>
                     <execution>
-                        <goals>
-                            <goal>aggregate</goal>
-                        </goals>
                         <phase>none</phase>  <!-- TODO: Consider enabling so part of dev flow instead of just CI -->
                     </execution>
                 </executions>