Configure NVD API key for dependency check plugin (#841)

- Add nvdApiKey configuration to OWASP dependency-check-maven plugin
- Configure retry settings and API delay for better performance
- Update GitHub Actions workflow to pass NVD_API_KEY secret
- Resolves warning about missing NVD API key and improves scan performance

Without this, release shows a warning: An NVD API Key was not provided -
it is highly recommended to use an NVD API key as the update can take a
VERY long time without an API Key

Author: jayantsing-db

.github/workflows/release.yml

@@ -30,7 +30,7 @@ jobs:
           gpg-passphrase: GPG_PASSPHRASE
 
       - name: Publish to the Maven Central Repository
-        run: mvn -Prelease --batch-mode deploy
+        run: mvn -Prelease --batch-mode deploy -Dnvd.api.key=${{ secrets.NVD_API_KEY }}
         env:
           GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
           OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}

pom.xml

@@ -372,6 +372,9 @@
               This helps us identify and address significant security risks early in the development process.
            -->
           <failBuildOnCVSS>7</failBuildOnCVSS>
+          <nvdApiKey>${nvd.api.key}</nvdApiKey>
+          <nvdMaxRetryCount>10</nvdMaxRetryCount>
+          <nvdApiDelay>4000</nvdApiDelay>
         </configuration>
         <executions>
           <execution>