Audit installed packages against known vulnerabilities

[tlk]

Consider adding support for auditing packages against known vulnerabilities.

For inspiration:

• https://github.com/RetireJS/retire.js
• https://www.freebsd.org/cgi/man.cgi?query=pkg-audit&sektion=8

Perhaps an idea for another tool...

[madskristensen]

The extension could retrieve the JSON list from https://github.com/RetireJS/retire.js/blob/master/repository/jsrepository.json and use it directly from both the UI and the validator in the packman.json file.