security-checker icon indicating copy to clipboard operation
security-checker copied to clipboard

Published 20 hours ago verified publisher icon enlightn

Differences with composer audit

Open rodrigoaguilera opened this issue 11 months ago • 0 comments

I found a project that was using security-checker and composer audit in the same CI pipeline but security-checker was reporting the same Drupal core issue as composer audit.

If this project has additional features over composer audit I think they should be listed in the readme or some kind of docs.

So far I only found advantages for composer audit

  • Some CVEs can be ignored in the composer.json file as opposed to command line options
  • It reports abandoned packages

rodrigoaguilera avatar Mar 07 '24 10:03 rodrigoaguilera