Make Composer advisories configurable to only notify for production vulnerabilities
Add a setting to change the Composer warning advisories to only trigger on production vulnerabilities, so that non installed dev dependencies don't trigger warnings
3
votes

Thank you for your input! We will consider this functionality in upcoming releases if it becomes popular.
Everyone, please continue voting for this feature if you consider it important.
-- SH