IBX-11808: Configured composer audit for 3.3 nightly regressions

[alongosz]

Caution

• Drop TMP commit before merging

🎫 Issue	IBX-11808, IBX-11825

Related PRs:

• IBX-11717: [4.6] Configured ignoring unsolvable advisories on PHP 7.4 #137
• IBX-11797: [4.6] Added missing twig advisory and added ignoring on PHP 8.0 #138
• IBX-11808: [3.3] Run regressions against ci-script changes commerce#1836
• IBX-11808: [4.6] Run regressions against ci-script changes commerce#1837
• IBX-11825: [Composer Audit Ignore] Added new advisories from Twig v3.26.0 gh-workflows#102

Description:

1. Extracted composer audit ignore logic from the previous PRs and ec78428 release-time hotfix to a common function.
   Browser Tests download prepare_project_edition.sh script on-the-fly, so using normal bash include is not possible. Instead, downloading it via curl the same way as Browser Tests are doing.

2. Resolved also IBX-11825 while at it - there are 5 new advisories to be added.

For QA:

Review.

Regression:

• 🟢 3.3 IBX-11808: [3.3] Run regressions against ci-script changes commerce#1836
• 🖤 4.6 IBX-11808: [4.6] Run regressions against ci-script changes commerce#1837

Documentation:

No documentation required.

[ViniTou]

for 3.3 it seems that php7.3 was handled here
https://github.com/ibexa/ci-scripts/pull/140/changes#diff-cb5c522d3ee36f43a72ce86aab48e9740e4a50118ccdd1b8efd92bbc582ccc07L94

shouldnt new composer_audit_ignore.sh reflect that in anyway?

[alongosz]

for 3.3 it seems that php7.3 was handled here https://github.com/ibexa/ci-scripts/pull/140/changes#diff-cb5c522d3ee36f43a72ce86aab48e9740e4a50118ccdd1b8efd92bbc582ccc07L94

shouldnt new composer_audit_ignore.sh reflect that in anyway?

Good catch, added it via ac22ac4.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud