diff --git a/CHANGELOG.md b/CHANGELOG.md index bd870f48..dc63c2a9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), For a full diff see [`2.35.0...main`][2.35.0...main]. +### Changed + +- Updated `schema.json` ([#1155]), by [@ergebnis-bot] + ## [`2.35.0`][2.35.0] For a full diff see [`2.34.0...2.35.0`][2.34.0...2.35.0]. @@ -1099,6 +1103,7 @@ For a full diff see [`81bc3a8...0.1.0`][81bc3a8...0.1.0]. [#1127]: https://github.com/ergebnis/composer-normalize/pull/1127 [#1136]: https://github.com/ergebnis/composer-normalize/pull/1136 [#1141]: https://github.com/ergebnis/composer-normalize/pull/1141 +[#1155]: https://github.com/ergebnis/composer-normalize/pull/1155 [@core23]: https://github.com/core23 [@dependabot]: https://github.com/dependabot diff --git a/resource/schema.json b/resource/schema.json index 59ca3bc9..91223928 100644 --- a/resource/schema.json +++ b/resource/schema.json @@ -399,12 +399,26 @@ "type": "object", "description": "Security audit configuration options", "properties": { - "ignored": { - "type": "array", - "description": "A set of advisory ids, remote ids or CVE ids that should be ignored and not reported as part of an audit.", - "items": { - "type": "string" - } + "ignore": { + "anyOf": [ + { + "type": "object", + "description": "A list of advisory ids, remote ids or CVE ids (keys) and the explanations (values) for why they're being ignored. The listed items are reported but let the audit command pass.", + "additionalProperties": { + "type": [ + "string", + "string" + ] + } + }, + { + "type": "array", + "description": "A set of advisory ids, remote ids or CVE ids that are reported but let the audit command pass.", + "items": { + "type": "string" + } + } + ] } } },