Is your feature request related to a problem? Please describe.
We offer a security composer package which fixes security issues of our own dependencies for people who don't want to update completely yet. (they maybe have to fix breaking change whatever)

Therefore when that security package is installed, those CVE's are solved. We can ignore right now a list of CVE, I would like to ignore entire composer packages for this specific need. The CVE list can grow and is not maintainable for this purpose.

Describe the solution you'd like

{
"config": {
 "audit": {
    "ignore-packages": [ "shopware/core" ]
  }
}
}

Exclude entire Composer Packages from this checking

Describe alternatives you've considered

• Adding all CVE -> which is an hassle for users
• Telling Users to disable this, but that would disable it for all packages which we don't want to recommend users too
• Creating a Composer Plugin (we would like to contribute to composer itself instead of building something on our own)

Additional context

I am open to develop this, I just want feedback suggestion before I implement it and then it gets maybe rejected because unwanted 😅