Add roave/security-advisories as a development dependency.

schlessera · schlessera · commit cc50a006251e · 2017-03-08T12:13:17.000+01:00
This prevents adding Composer dependencies with known security vulnerabilities.

Resolves #3842
diff --git a/composer.json b/composer.json
@@ -38,7 +38,8 @@
 	},
 	"require-dev": {
 		"phpunit/phpunit": "3.7.*",
-		"behat/behat": "2.5.*"
+		"behat/behat": "2.5.*",
+		"roave/security-advisories": "dev-master"
 	},
 	"suggest": {
 		"psy/psysh": "Enhanced `wp shell` functionality"
