php-mozart - php-mozart

Age	Commit message (Collapse)	Author
2026-05-10	refactor(advisory): split advisory.rs into focused submodules	nsfisis
	Move AuditConfig, AuditFormat/AbandonedHandling enums, and stub types (SecurityAdvisory, PartialSecurityAdvisory, IgnoredSecurityAdvisory) into their own files under advisory/. Public API is preserved via wildcard re-exports. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-08	refactor(advisory): fix clippy warnings	nsfisis
	Implement std::str::FromStr for AuditFormat and AbandonedHandling instead of ad-hoc from_str methods (resolves should_implement_trait). Group Auditor::audit() parameters into AuditOptions to resolve too_many_arguments.
2026-05-08	fix(audit): align with Composer's AuditCommand pipeline	nsfisis
	- Add mozart-core::advisory::{AuditFormat, AbandonedHandling, AuditConfig} mirroring Composer\Advisory\AuditConfig; reads audit.ignore, audit.ignore-severity, audit.ignore-abandoned, audit.abandoned, audit.block-insecure, audit.block-abandoned, audit.ignore-unreachable from composer.json config with full apply-scope support - Add mozart-registry::advisory::Auditor mirroring Composer\Advisory\Auditor; process_advisories() filters by package name, advisory ID, CVE, source remote ID, and severity; filter_abandoned_packages() respects ignore-abandoned - Add RepositorySet::get_matching_security_advisories() wrapping fetch_security_advisories with version-matching and unreachable-repo tracking - JSON output now includes ignored-advisories and unreachable-repositories keys - --abandoned falls back to audit.abandoned config (was hardcoded to "fail") - --ignore-severity merges with audit.ignore-severity config - --ignore-unreachable ORs with audit.ignore-unreachable config - Move normalize_or_separator into repository/mod.rs alongside version matching Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>