You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Checking composer.json: WARNING
No license specified, it is recommended to do so. For closed-source software you may use "proprietary" as license.
require.czproject/git-php : exact version constraints (3.0) should be avoided if the package follows semantic versioning
Checking platform settings: OK
Checking git settings: OK git version 2.37.1
Checking http connectivity to packagist: OK
Checking https connectivity to packagist: OK
Checking github.com oauth access: OK
Checking disk free space: OK
Checking composer version: OK
Composer version: 2.5.1
PHP version: 8.2.0
PHP binary path: /opt/homebrew/Cellar/php/8.2.0/bin/php
OpenSSL version: OpenSSL 1.1.1s 1 Nov 2022
cURL version: 7.87.0 libz 1.2.11 ssl (SecureTransport) OpenSSL/1.1.1s
zip: extension present, unzip present, 7-Zip not available
When I run this command: composer audit -vvv
Running 2.5.1 (2022-12-22 15:33:54) with PHP 8.2.0 on Darwin / 21.6.0
Reading ./composer.json (***composer.json)
Loading config file ***config.json
Loading config file ***auth.json
Loading auth config from COMPOSER_AUTH
Loading config file ./composer.json (***composer.json)
Checked CA file ***: valid
Executing command (***): 'git' 'branch' '-a' '--no-color' '--no-abbrev' '-v'
Executing command (***): git describe --exact-match --tags
Executing command (CWD): git --version
Executing command (***): git log --pretty="%H" -n1 HEAD --no-show-signature
Executing command (***): hg branch
Executing command (***): fossil branch list
Executing command (***): fossil tag list
Executing command (***): svn info --xml
Failed to initialize global composer: Composer could not find the config file: ***/composer.json
Reading ./composer.lock (***/composer.lock)
Reading ***/installed.json
My
composer.json
:*foo -> I replaced with fake data
Output of
composer diagnose
:When I run this command: composer audit -vvv
** * -> removed my paths
I get the following output:
And I expected this to happen:
When I remove
"exclude": []
from "repositories" in composer.json it's working as intended I got vulnerability.Of corse in exclude I have some project so I need this, in this example I just left empty to prove the point.
Also on audit -vvv I see that is downloading security-advisories
The text was updated successfully, but these errors were encountered: