I think it would be useful to add composer audit somewhere in the CI pipeline to check vulnerabilities in dependencies.
To do that we could chance either .github/workflows/tests.yml or the test script in composer.json.
What do you think @MaximeThoonsen ?
I think it would be useful to add
composer audit
somewhere in the CI pipeline to check vulnerabilities in dependencies. To do that we could chance either.github/workflows/tests.yml
or thetest
script incomposer.json
. What do you think @MaximeThoonsen ?