[DEPS]: Bump composer/composer from 2.5.5 to 2.5.8

[dependabot]

Bumps composer/composer from 2.5.5 to 2.5.8.

Release notes

Sourced from composer/composer's releases.

2.5.8

• Fixed regression in edge cases where root package gets added to a repository already during the install process (#11495)
• Fixed EventDispatcher on windows picking bat files when using @php binary (#11490)
• Fixed ICU CDLR version parsing failing the whole process when ICU cannot initialize the resource bundle (#11492)
• Fixed type declarations on ClassLoader (#11500)

2.5.7

• Fixed regression preventing autoloading the dependencies of metapackages when running --no-dev (#11481)

2.5.6

• BC Warning: Installers and InstallationManager::getInstallPath will now return null instead of an empty string for metapackages' paths. This may have adverse effects on plugin code using this expecting always a string but it is unlikely (#11455)
• Fixed metapackages showing their install path as the root package's path instead of empty (#11455)
• Fixed lock file verification on install to deal better with replace/provide (#11475)
• Fixed lock file having a more recent modification time than the vendor dir when require guesses the constraint after resolution (#11405)
• Fixed numeric default branches with a v prefix being treated as non-numeric ones and receiving an alias like e.g. dev-main would (e51d755a08)
• Fixed binary proxies not being transparent when included by another PHP process and returning a value (#11454)
• Fixed support for plugin classes being marked as readonly (#11404)
• Fixed getmypid being required as it is not always available (#11401)
• Fixed authentication issue when downloading several files from private Bitbucket in parallel (#11464)

Changelog

Sourced from composer/composer's changelog.

[2.5.8] 2023-06-09

• Fixed regression in edge cases where root package gets added to a repository already during the install process (#11495)
• Fixed EventDispatcher on windows picking bat files when using "@​php binary" (#11490)
• Fixed ICU CDLR version parsing failing the whole process when ICU cannot initialize the resource bundle (#11492)
• Fixed type declarations on ClassLoader (#11500)

[2.5.7] 2023-05-24

• Fixed regression preventing autoloading the dependencies of metapackages when running --no-dev (#11481)

[2.5.6] 2023-05-24

• BC Warning: Installers and InstallationManager::getInstallPath will now return null instead of an empty string for metapackages' paths. This may have adverse effects on plugin code using this expecting always a string but it is unlikely (#11455)
• Fixed metapackages showing their install path as the root package's path instead of empty (#11455)
• Fixed lock file verification on install to deal better with replace/provide (#11475)
• Fixed lock file having a more recent modification time than the vendor dir when require guesses the constraint after resolution (#11405)
• Fixed numeric default branches with a v prefix being treated as non-numeric ones and receiving an alias like e.g. dev-main would (e51d755a08)
• Fixed binary proxies not being transparent when included by another PHP process and returning a value (#11454)
• Fixed support for plugin classes being marked as readonly (#11404)
• Fixed getmypid being required as it is not always available (#11401)
• Fixed authentication issue when downloading several files from private Bitbucket in parallel (#11464)

Commits

• 4c51614 Release 2.5.8
• 3f385d4 Update types some more, refs #11500
• 45368a5 Update types some more, refs #11500
• c12b551 Update type declarations on ClassLoader, fixes #11482 (#11500)
• 7f6de36 Fix typo
• ff67cdf Ignore ICU CDLR version fetching when ICU cannot initialize the resource bund...
• 3ae662f Fix EventDispatcher on windows picking bat files when using "@​php binary", fi...
• 902a153 Fix regression in edge cases where root package gets added to a repository al...
• 7d6c76e Reverting release version changes
• d477018 Release 2.5.7
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.