Prevents installation of composer packages with known security vulnerabilities: no API, simply require it
composer require "roave/security-advisories:dev-latest"