feat: implement new security config

[fraxken]

No description provided.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 53bff6d

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[fraxken]

@lirantal do you have any recommandation for a default usage of lockfile-lint-api ? I have taken inspiration of the configuration you seem to apply in your OSS surface.

[lirantal]

Yep, mostly that. I haven't put it yet to work in other ways. Though, I had some ideas back then to create a custom GitHub Action for the lockfile linting but haven't got around to do it yet (but you can 😅).

were you thinking of anything specifically? I can try to look a bit more into it

[fraxken]

@lirantal Thanks! No, I just wanted your feedback/opinion on what was the best default configuration. The idea here is that we are creating a configuration package to run multiple security checks so we can use it easily across a hundred packages that we are maintaining.