Warning in gen-DSA if package cannot be found for a given CVE
requested to merge opal/security-tracker:30-improve-gen-dsa-by-checking-cves-related-to-package into master
Introduced a new bin/check-package-cves script that check whether CVE(s) are related to a package. If not, a list of CVEs not matching the package is printed and exit with error code 1. If all CVEs match the package nothing is printed and exit with 0.
The main CVE list is checked and in addition to that the extra lists if applicable.
bin/gen-DSA is also updated to call this new script and if an exit code != 0 is returned print a warning for the CVEs and ask the user if it should proceed.
For more information see: lts-team/lts-extra-tasks#61
Closes #30