Add CI Check for CVEs in Newly Added Maven Dependencies

### Description

To improve Presto’s security posture, we should add an automated CI step that scans only newly introduced Maven dependencies in pull requests for known CVEs, and we could prevent merges if high-severity vulnerabilities are detected.

### Motivation

- Prevent introducing dependencies with known security vulnerabilities into the codebase.
- Provide fast feedback to contributors before code is merged.

Use the [OWASP Dependency-Check Maven plugin](https://jeremylong.github.io/DependencyCheck/dependency-check-maven/) (or similar tool).

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Add CI Check for CVEs in Newly Added Maven Dependencies #25757

Description

Motivation

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add CI Check for CVEs in Newly Added Maven Dependencies #25757

Description

Description

Motivation

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions