Add allow-list functionality to securitychecker_enlightn

doc/tasks/securitychecker/enlightn.md

@@ -19,6 +19,10 @@ grumphp:
         securitychecker_enlightn:
             lockfile: ./composer.lock
             run_always: false
+            allow_list:
+                - CVE-2018-15133
+                - CVE-2024-51755
+                - CVE-2024-45411
 ```
 
 **lockfile**

src/Task/SecurityCheckerEnlightn.php

@@ -24,10 +24,12 @@ public static function getConfigurableOptions(): ConfigOptionsResolver
         $resolver->setDefaults([
             'lockfile' => './composer.lock',
             'run_always' => false,
+            'allow_list' => []
         ]);
 
         $resolver->addAllowedTypes('lockfile', ['string']);
         $resolver->addAllowedTypes('run_always', ['bool']);
+        $resolver->addAllowedTypes('allow_list', ['array']);
 
         return ConfigOptionsResolver::fromOptionsResolver($resolver);
     }
@@ -50,6 +52,7 @@ public function run(ContextInterface $context): TaskResultInterface
         $arguments = $this->processBuilder->createArgumentsForCommand('security-checker');
         $arguments->add('security:check');
         $arguments->addOptionalArgument('%s', $config['lockfile']);
+        $arguments->addArgumentArrayWithSeparatedValue('--allow-list', $config['allow_list'] ?? []);
 
         $process = $this->processBuilder->buildProcess($arguments);
         $process->run();

test/Unit/Task/SecurityCheckerEnlightnTest.php

@@ -107,5 +107,16 @@ public function provideExternalTaskRuns(): iterable
                 './composer.lock',
             ]
         ];
+
+        yield 'with_allow_list' => [
+            ['allow_list' => ['allow_advisory_1', 'allow_advisory_2']],
+            $this->mockContext(RunContext::class, ['composer.lock']),
+            'security-checker',
+            [
+                'security:check',
+                './composer.lock',
+                '--allow-list=allow_advisory_1,allow_advisory_2'
+            ]
+        ];
     }
 }