Fixed composer lock

[corpsee]

Composer lock file file must be stored in the repository.
See https://blog.engineyard.com/2014/composer-its-all-about-the-lock-file, for example.

[alcaeus]

That holds true for an application. However, for a library composer.lock makes little to no sense as the contents of composer.lock are ignored when the library is included in a project.

[corpsee]

Library contributors may have problems because composer.lock missing. In addition, it is best practice.

[jmikola]

Thanks for the PR. I've incorporated your addition of PHPUnit as a development dependency to #184, where I've also updated Travis CI to use that binary.

Library contributors may have problems because composer.lock missing. In addition, it is best practice.

There were no package dependencies before the addition of PHPUnit, so I'm not sure how composer.lock's absence would affect contributors. The library's only dependencies are platform checks for PHP and the MongoDB extension.

As for best practices, @alcaeus is correct that it is not necessary for libraries; however, it is certainly advised for applications. This was most recently discussed here.