Invalid parsing of commits constraints
vitman opened this issue · 1 comments
vitman commented
Hi there,
It seems like checker do not parse constraints like this one "robrichards/xmlseclibs": "2.0.x-dev#1369dd1" properly.
It should be covered by https://github.com/FriendsOfPHP/security-advisories/blob/master/robrichards/xmlseclibs/CVE-2019-3465.yaml this rule but checker ignores it and tells that everything is fine.
Could you please advice?
fabpot commented
dev versions are not covered anyway.