Leon Boot

I'm glad the thought of possible issues with UDP popped into my head early on when I hit this snag. Googling it quickly led me to this issue :-) I...

I was wondering if this issue has been looked into yet. It prevents us from using the new SSH executor and SCP file copier, and thus using modern SSH key...

I've been looking into this the past week, and another format to consider may be the Trivy format, which is also a JSON format: https://aquasecurity.github.io/trivy/v0.22.0/vulnerability/examples/report/ The provided example report seems...

I've been working on a concept, using `trivy` as a new format option, just like @stof suggests. But I ran into something I would value others' opinion on! The Trivy...

@tijsverkoyen I agree adding as less extra code to a tool like composer as possible makes sense. I've also been looking into writing a separate composer package that leverages Composer's...

I've created a PR in my fork to show anyone interested in the proposed solution: https://github.com/nedbase/composer/pull/1 Based on the suggestion of @Seldaek on how to handle abandoned packages, I've decided...

I've published a repository to show the other approach (adding an extra command to composer) I've mentioned in my previous comment: https://github.com/nedbase/composer-audit-junit-plugin For its functionality, I decided to extend the...

Oh well, there goes my chance of becoming a Composer contributer ;-) Nonetheless, thanks for your input and considering my proposal.

I just wanted to let anyone interested in this thread know I've released the first version of the Common Report Formats Composer plug-in: https://github.com/nedbase/composer-audit-common-report-formats-plugin. It is available on Packagist. It...

Hi @obriat! I've taken the liberty of creating a new issue on the plugin repository for your suggestion!