fabpot
commented
7 years ago @Ocramius Done
Closed Ocramius closed 7 years ago
fabpot
commented
7 years ago @Ocramius Done
Ocramius
commented
7 years ago :+1: thanks!
Ocramius
commented
7 years ago Hmm, we could do that, but it is tricky
On 25 Oct 2017 08:48, "James Titcumb" notifications@github.com wrote:
@asgrim approved this pull request.
LGTM; only query I have is that the build is rather "light".. it appears we just do a composer up but never checking one that conflicts with known insecure packages; shouldn't we be testing that here? Or is that now the responsibility of Roave/SecurityAdvisoriesBuilder as well? Otherwise 👍 from me.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/Roave/SecurityAdvisories/pull/38#pullrequestreview-71755374, or mute the thread https://github.com/notifications/unsubscribe-auth/AAJakDTN5OBNeX3G5ai66qURGRkpCvycks5svtm1gaJpZM4QFVIO .
Ocramius
commented
7 years ago Shipping for now - conflict testing to be added can be indeed added later on.
Depends on Roave/SecurityAdvisoriesBuilder#1
@fabpot before merging this particular one, I'd need you to point your git hook to https://roave-security-advisories.herokuapp.com/ whenever you have time.