[Feature]: Allow for retrieval and enforcement mechanism (warning) for revoked dependencies #837
Description
What does the feature solve?
External dependencies may be unlisted, revoked because of security issues, or determined to have bugs and downstream consumers who are locked on a specific version will not be notified that an issue has been found. The plugin should allow a consumer to subscribe to a feed to get notified and warn a build if the dependency has been revoked.
Describe the solution
Plugin should download a revoked dependency list from the top of tree. Then compare that against the dependencies a platform is building against.
Have you considered any alternatives?
No response
Additional context
No response