fixes #63

src/Automatic/Automatic.php

@@ -46,13 +46,16 @@
 use Narrowspark\Automatic\Prefetcher\ParallelDownloader;
 use Narrowspark\Automatic\Prefetcher\Prefetcher;
 use Narrowspark\Automatic\Prefetcher\TruncatedComposerRepository;
+use Narrowspark\Automatic\Security\Command\AuditCommandProvider;
 use RecursiveDirectoryIterator;
 use RecursiveIteratorIterator;
 use ReflectionClass;
 use Symfony\Component\Console\Input\ArgvInput;
 use Symfony\Component\Console\Input\InputInterface;
+use Composer\Plugin\Capable;
+use Composer\Plugin\Capability\CommandProvider;
 
-class Automatic implements PluginInterface, EventSubscriberInterface
+class Automatic implements PluginInterface, EventSubscriberInterface, Capable
 {
     use ExpandTargetDirTrait;
     use GetGenericPropertyReaderTrait;
@@ -141,6 +144,16 @@ public static function getSubscribedEvents(): array
         ];
     }
 
+    /**
+     * {@inheritdoc}
+     */
+    public function getCapabilities(): array
+    {
+        return [
+            CommandProvider::class => AuditCommandProvider::class,
+        ];
+    }
+
     /**
      * {@inheritdoc}
      */

src/Automatic/Contract/Crawler.php

@@ -0,0 +1,32 @@
+<?php
+declare(strict_types=1);
+namespace Narrowspark\Automatic\Contract;
+
+/**
+ * @internal
+ */
+interface Crawler
+{
+    /**
+     * Checks a Composer lock file.
+     *
+     * @param string $lock The path to the composer.lock file
+     *
+     * @return array An array of two items: the number of vulnerabilities and an array of vulnerabilities
+     */
+    public function check(string $lock): array;
+
+    /**
+     * @param int $timeout
+     *
+     * @return void
+     */
+    public function setTimeout(int $timeout): void;
+
+    /**
+     * @param string $endPoint
+     *
+     * @return void
+     */
+    public function setEndPoint(string $endPoint): void;
+}

src/Automatic/Security/Checker/Checker.php

@@ -0,0 +1,11 @@
+<?php
+declare(strict_types=1);
+namespace Narrowspark\Automatic\Security\Checker;
+
+class Checker
+{
+    public function check(string $lock): array
+    {
+
+    }
+}

src/Automatic/Security/Command/AuditCommand.php

@@ -0,0 +1,41 @@
+<?php
+declare(strict_types=1);
+namespace Narrowspark\Automatic\Security\Command;
+
+use Composer\Command\BaseCommand;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class AuditCommand extends BaseCommand
+{
+    /**
+     * {@inheritdoc}
+     */
+    protected function configure(): void
+    {
+        $this
+            ->setName('audit')
+            ->setDefinition(array(
+                new InputOption('format', '', InputOption::VALUE_REQUIRED, 'The output format', 'text'),
+                new InputOption('endpoint', '', InputOption::VALUE_REQUIRED, 'The security checker server URL'),
+                new InputOption('timeout', '', InputOption::VALUE_REQUIRED, 'The HTTP timeout in seconds'),
+            ))
+            ->setDescription('Checks security issues in your project dependencies')
+            ->setHelp(<<<EOF
+The <info>%command.name%</info> command looks for security issues in the
+project dependencies:
+<info>%command.full_name%</info>
+EOF
+            )
+        ;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    protected function execute(InputInterface $input, OutputInterface $output)
+    {
+
+    }
+}

src/Automatic/Security/Command/AuditCommandProvider.php

@@ -0,0 +1,16 @@
+<?php
+declare(strict_types=1);
+namespace Narrowspark\Automatic\Security\Command;
+
+use Composer\Plugin\Capability\CommandProvider;
+
+class AuditCommandProvider implements CommandProvider
+{
+    /**
+     * {@inheritdoc}
+     */
+    public function getCommands(): array
+    {
+        return array(new AuditCommand());
+    }
+}

src/Automatic/Security/Crawler/BaseCrawler.php

@@ -0,0 +1,3 @@
+<?php
+declare(strict_types=1);
+namespace Narrowspark\Automatic\Security\Crawler;