Open
Description
The below method could be enhanced to collect more metadata about the project status and contributors.
https://github.com/CycloneDX/cdxgen/blob/master/utils.js#L3487
We could enhance the appsec profile to make it useful for use cases such as:
- identifying some stats about the project contributors, issues, pull requests
- more importantly whether the project is archived
Further, the below two api could be enhanced to collect deprecation status and other risk related metadata (similar to depscan)
https://github.com/CycloneDX/cdxgen/blob/master/utils.js#L488
https://github.com/CycloneDX/cdxgen/blob/master/utils.js#L2745