Support Composer 2.9.0 Automatic Security Blocking #2125
Description
Composer 2.9 added automated security blocking when installing or updating packages.
For backwards compatiblity, we need to disable this in root composer.json with:
"config":{
"audit": {
"abandoned": "report",
"block-insecure": true
},
}
We also need to update the Composer section in the Vortex own docs (.vortex/docs) to describe:
- The new composer behaviour
- The possible values this can take and how to decide which option to use as a site owner
We need to update docs/faqs.md to include a short message about what to do when a security blocking does not allow to install packages and link it to the Vortex composer page.