Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Is there a test package with a test advisory so that an advisory reporting pipeline can be tested? I'm thinking of something along the lines of the EICAR test virus signature to test a malware detection pipeline.
The advisory would have a unique tag and/or category so that it can be unambiguously identified as a test for which no action needs to be taken. (Or maybe there could be multiple test advisories with different properties but sharing the same unambiguous "this is a test" marker.)
I could use a real package with a real advisory, but I'd be concerned that it would interfere with other dependencies, and it wouldn't be clear that it was just there for a test.