fix(deps): update dependency cweagans/composer-patches to v2

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
cweagans/composer-patches	1.7.3 -> 2.0.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

cweagans/composer-patches (cweagans/composer-patches)

v2.0.0

Compare Source

What's Changed

• Revamp testing framework by @​cweagans in #​162
• Exit on patch failure should use composer extra, not localPackage by @​kdebisschop in #​166
• Fixes #​148: Incompatible with Git 2.14+. by @​danepowell in #​165
• Use cweagans/composer-configurable-plugin by @​cweagans in #​164
• Add a patch value object + support a more verbose patch format by @​cweagans in #​211
• Split out patch resolution into Composer Capabilities by @​cweagans in #​212
• Remove patch report generation by @​cweagans in #​213
• Make sure that Patch and PatchCollection objects can be correctly serialized/deserialized by @​cweagans in #​214
• Add missing ext-json in composer.json. by @​drupol in #​248
• Use strict comparison. by @​drupol in #​249
• Add contributing section to readme. by @​ElijahLynn in #​264
• Use empty() instead of isset() to check for empty arrays in RootComposer (test coverage 100%) by @​ElijahLynn in #​265
• Remove dependency patch resolution by @​cweagans in #​267
• [docs] Fix grumphp command in readme. by @​ElijahLynn in #​269
• Retry failed downloads once by @​Berdir in #​282
• Use drupal/core instead of drupal/drupal in examples by @​geerlingguy in #​304
• Add support for Composer version 2 by @​Ayesh in #​309
• Add PHP 7.4 to Travis build matrix by @​kdambekalns in #​328
• Fix Travis config linter warnings by @​kdambekalns in #​327
• Fixes #​359: COMPOSER_EXIT_ON_PATCH_FAILURE doesn't do anything by @​grasmash in #​360
• Add support for Promises being returned by uninstall in Composer 2.1 by @​Seldaek in #​364
• Add note about installing patch by @​afilina in #​379
• Fix for outdated patch version on FreeBSD by @​pesc in #​334
• Add a method to tell if a package has been patched by @​phenaproxima in #​392
• Add automated tests, require PHP 8 by @​danepowell in #​428
• Fix automated tests by @​danepowell in #​429
• Add installedPatches property to fix PHP 8.2 deprecation by @​shyim in #​409
• Fix #​408: Support proxies by @​skyred in #​440
• Bump codeception/module-cli from 2.0.0 to 2.0.1 by @​dependabot[bot] in #​438
• Automatically merge dependency updates by @​danepowell in #​442
• Bump composer/composer from 2.5.0 to 2.5.1 by @​dependabot[bot] in #​430
• Bump phpro/grumphp from 1.14.0 to 1.15.0 by @​dependabot[bot] in #​431
• Issue #​433 - Codeception configuration by @​Sweetchuck in #​434
• Increase test coverage for Resolvers\PatchesFile by @​fredden in #​381
• Bump composer/composer from 2.5.1 to 2.5.2 by @​dependabot[bot] in #​448
• How to store links to issues in patch description by @​MurzNN in #​419
• 2.x WIP (don't merge yet) by @​cweagans in #​447
• Add funding.yml by @​cweagans in #​449
• Add test coverage for command provider by @​cweagans in #​450
• Add project-specific depth settings by @​cweagans in #​452
• Run all patchers in verbose mode by @​cweagans in #​454
• Add --dry-run to patchers by @​cweagans in #​455
• GitHub configuration updates by @​cweagans in #​456
• Add docs feedback template by @​cweagans in #​457
• Tweak template by @​cweagans in #​458
• Placeholder docs by @​cweagans in #​459
• Add some docs by @​cweagans in #​460
• Docs 3 by @​cweagans in #​461
• DRY up debug output by @​cweagans in #​462
• Add doctor command by @​cweagans in #​463
• fix status output by @​cweagans in #​464
• Docs 4 by @​cweagans in #​465
• more docs by @​cweagans in #​466
• fix title by @​cweagans in #​467
• Upgrade composer configurable plugin by @​cweagans in #​468
• Add composer and io to all events + emit event before throwing exception when patch does not apply by @​cweagans in #​470
• Bump composer/composer from 2.5.2 to 2.5.3 by @​dependabot[bot] in #​473
• Couple of small cleanups by @​cweagans in #​476
• Only have git patchers and freeform patcher? by @​cweagans in #​472
• Add new patcher: git 'init' patcher by @​cweagans in #​471
• Fix typo on docs homepage by @​anotherjames in #​481
• Bump composer/composer from 2.5.3 to 2.5.4 by @​dependabot[bot] in #​483
• Issue #​486 - Fix syntax errors and indentations in JSON examples by @​Sweetchuck in #​487
• Bump squizlabs/php_codesniffer from 3.7.1 to 3.7.2 by @​dependabot[bot] in #​488
• Rename patches.lock to patches.lock.json by @​cweagans in #​492
• Misc updates by @​cweagans in #​494
• Bump actions/checkout from 2 to 3 by @​dependabot[bot] in #​497
• Deduplicate patch collection as patches are added by @​cweagans in #​496
• Handle $COMPOSER environment variable by @​cweagans in #​493
• Bump composer/composer from 2.5.4 to 2.5.5 by @​dependabot[bot] in #​501
• Bump guzzlehttp/psr7 from 2.4.3 to 2.5.0 by @​dependabot[bot] in #​508
• Fix typo by @​pepijnolivier in #​504
• Bump phpro/grumphp from 1.15.0 to 1.16.0 by @​dependabot[bot] in #​509
• Bump composer/composer from 2.5.5 to 2.5.7 by @​dependabot[bot] in #​513
• Bump composer/composer from 2.5.7 to 2.5.8 by @​dependabot[bot] in #​515
• Bump php-coveralls/php-coveralls from 2.5.3 to 2.6.0 by @​dependabot[bot] in #​520
• Bump composer/composer from 2.5.8 to 2.6.2 by @​dependabot[bot] in #​523
• Bump actions/checkout from 3 to 4 by @​dependabot[bot] in #​524
• Bump composer/composer from 2.6.2 to 2.6.3 by @​dependabot[bot] in #​526
• Bump composer/composer from 2.6.3 to 2.6.4 by @​dependabot[bot] in #​527
• Bump composer/composer from 2.6.4 to 2.6.5 by @​dependabot[bot] in #​529
• Bump actions/github-script from 6 to 7 by @​dependabot[bot] in #​531
• Bump php-coveralls/php-coveralls from 2.6.0 to 2.7.0 by @​dependabot[bot] in #​532
• Bump composer/composer from 2.6.5 to 2.6.6 by @​dependabot[bot] in #​535
• Bump squizlabs/php_codesniffer from 3.7.2 to 3.8.0 by @​dependabot[bot] in #​536
• Bump squizlabs/php_codesniffer from 3.8.0 to 3.8.1 by @​dependabot[bot] in #​539
• Bump composer/composer from 2.6.6 to 2.7.0 by @​dependabot[bot] in #​544
• Bump composer/composer from 2.7.0 to 2.7.1 by @​dependabot[bot] in #​545
• Dependency patch resolution by @​cweagans in #​547
• Bump squizlabs/php_codesniffer from 3.8.1 to 3.9.0 by @​dependabot[bot] in #​552
• Add PHP 8.3 by @​cweagans in #​554
• Bump ramsey/composer-install from 2 to 3 by @​dependabot[bot] in #​555
• Bump composer/composer from 2.7.1 to 2.7.2 by @​dependabot[bot] in #​556
• Add information about enabling verbose output by @​cweagans in #​558
• Bump php-parallel-lint/php-parallel-lint from 1.3.2 to 1.4.0 by @​dependabot[bot] in #​565
• Bump squizlabs/php_codesniffer from 3.9.0 to 3.9.1 by @​dependabot[bot] in #​566
• Bump composer/composer from 2.7.2 to 2.7.3 by @​dependabot[bot] in #​570
• Bump composer/composer from 2.7.3 to 2.7.4 by @​dependabot[bot] in #​571
• Bump squizlabs/php_codesniffer from 3.9.1 to 3.9.2 by @​dependabot[bot] in #​572
• Bump composer/composer from 2.7.4 to 2.7.6 by @​dependabot[bot] in #​574
• Bump squizlabs/php_codesniffer from 3.9.2 to 3.10.0 by @​dependabot[bot] in #​576
• Bump squizlabs/php_codesniffer from 3.10.0 to 3.10.1 by @​dependabot[bot] in #​577
• Bump composer/composer from 2.7.6 to 2.7.7 by @​dependabot[bot] in #​580
• Bump squizlabs/php_codesniffer from 3.10.1 to 3.10.2 by @​dependabot[bot] in #​587
• Bump composer/composer from 2.7.7 to 2.7.8 by @​dependabot[bot] in #​589
• Bump composer/composer from 2.7.8 to 2.7.9 by @​dependabot[bot] in #​590
• Bump squizlabs/php_codesniffer from 3.10.2 to 3.10.3 by @​dependabot[bot] in #​593
• Bump composer/composer from 2.7.9 to 2.8.0 by @​dependabot[bot] in #​594
• Bump composer/composer from 2.8.0 to 2.8.1 by @​dependabot[bot] in #​595
• Bump composer/composer from 2.8.1 to 2.8.2 by @​dependabot[bot] in #​597
• Bump symfony/process from 5.4.45 to 5.4.46 by @​dependabot[bot] in #​600
• Bump squizlabs/php_codesniffer from 3.10.3 to 3.11.0 by @​dependabot[bot] in #​602
• Bump squizlabs/php_codesniffer from 3.11.0 to 3.11.1 by @​dependabot[bot] in #​604
• Bump composer/composer from 2.8.2 to 2.8.4 by @​dependabot[bot] in #​606
• Bump squizlabs/php_codesniffer from 3.11.1 to 3.11.2 by @​dependabot[bot] in #​607
• Patching fails when --no-cache is passed by @​cweagans in #​609
• Bump composer/composer from 2.8.4 to 2.8.5 by @​dependabot[bot] in #​610
• Bump squizlabs/php_codesniffer from 3.11.2 to 3.11.3 by @​dependabot[bot] in #​611
• Bump composer/composer from 2.8.5 to 2.8.6 by @​dependabot[bot] in #​614
• Bump squizlabs/php_codesniffer from 3.11.3 to 3.12.0 by @​dependabot[bot] in #​619
• Bump composer/composer from 2.8.6 to 2.8.7 by @​dependabot[bot] in #​622
• Bump squizlabs/php_codesniffer from 3.12.0 to 3.12.2 by @​dependabot[bot] in #​625
• Bump squizlabs/php_codesniffer from 3.12.2 to 3.13.1 by @​dependabot[bot] in #​632
• Bump squizlabs/php_codesniffer from 3.13.1 to 3.13.2 by @​dependabot[bot] in #​633
• Bump composer/composer from 2.8.7 to 2.8.10 by @​dependabot[bot] in #​635
• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in #​638
• Bump composer/composer from 2.8.10 to 2.8.11 by @​dependabot[bot] in #​639
• Bump squizlabs/php_codesniffer from 3.13.2 to 3.13.3 by @​dependabot[bot] in #​640
• Bump squizlabs/php_codesniffer from 3.13.3 to 3.13.4 by @​dependabot[bot] in #​641
• Bump actions/github-script from 7 to 8 by @​dependabot[bot] in #​642
• Bump squizlabs/php_codesniffer from 3.13.4 to 4.0.0 by @​dependabot[bot] in #​643
• Bump composer/composer from 2.8.11 to 2.8.12 by @​dependabot[bot] in #​644
• Update export-ignores by @​raphaelstolt in #​601
• Bump php-coveralls/php-coveralls from 2.7.0 to 2.8.0 by @​dependabot[bot] in #​629
• Fix freeform patcher applying patch during dry run by @​darrenoh in #​637

New Contributors

• @​cweagans made their first contribution in #​162
• @​kdebisschop made their first contribution in #​166
• @​drupol made their first contribution in #​248
• @​ElijahLynn made their first contribution in #​264
• @​geerlingguy made their first contribution in #​304
• @​Ayesh made their first contribution in #​309
• @​kdambekalns made their first contribution in #​328
• @​afilina made their first contribution in #​379
• @​pesc made their first contribution in #​334
• @​shyim made their first contribution in #​409
• @​skyred made their first contribution in #​440
• @​dependabot[bot] made their first contribution in #​438
• @​Sweetchuck made their first contribution in #​434
• @​MurzNN made their first contribution in #​419
• @​anotherjames made their first contribution in #​481
• @​pepijnolivier made their first contribution in #​504
• @​raphaelstolt made their first contribution in #​601
• @​darrenoh made their first contribution in #​637

Full Changelog: cweagans/composer-patches@1.7.3...2.0.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: api/composer.lock

Command failed: composer update cweagans/composer-patches:2.0.0 --with-dependencies --ignore-platform-req='ext-*' --ignore-platform-req='lib-*' --no-ansi --no-interaction --no-scripts --no-autoloader --no-plugins --minimal-changes
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Root composer.json requires api-platform/core 3.3.6 (exact version match: 3.3.6 or 3.3.6.0), found api-platform/core[v3.3.6] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-gs8r-6kz6-pp56", "PKSA-gnn4-pxdg-q76m") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 2
    - Root composer.json requires symfony/http-client 7.1.7 (exact version match: 7.1.7 or 7.1.7.0), found symfony/http-client[v7.1.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-4k7v-pfvw-nqvp") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 3
    - friendsofsymfony/http-cache-bundle is locked to version 3.1.1 and an update of this package was not requested.
    - friendsofsymfony/http-cache-bundle 3.1.1 requires symfony/http-foundation ^6.4 || ^7.0 -> found symfony/http-foundation[v6.4.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 4
    - knpuniversity/oauth2-client-bundle is locked to version v2.18.3 and an update of this package was not requested.
    - knpuniversity/oauth2-client-bundle v2.18.3 requires symfony/http-foundation ^5.4|^6.0|^7.0 -> found symfony/http-foundation[v5.4.0, ..., v5.4.50, v6.0.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 5
    - lexik/jwt-authentication-bundle is locked to version v3.1.1 and an update of this package was not requested.
    - lexik/jwt-authentication-bundle v3.1.1 requires symfony/http-foundation ^6.4|^7.0 -> found symfony/http-foundation[v6.4.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 6
    - sentry/sentry-symfony is locked to version 4.14.0 and an update of this package was not requested.
    - sentry/sentry-symfony 4.14.0 requires symfony/security-http ^4.4.20||^5.0.11||^6.0||^7.0 -> found symfony/security-http[v4.4.20, ..., v4.4.50, v5.0.11, ..., v5.4.47, v6.0.0, ..., v6.4.26, v7.0.0, ..., v7.3.5] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-rqvm-b18n-vg69") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 7
    - symfony/framework-bundle is locked to version v7.1.6 and an update of this package was not requested.
    - symfony/framework-bundle v7.1.6 requires symfony/http-foundation ^6.4|^7.0 -> found symfony/http-foundation[v6.4.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 8
    - symfony/security-bundle is locked to version v7.1.6 and an update of this package was not requested.
    - symfony/security-bundle v7.1.6 requires symfony/http-foundation ^6.4|^7.0 -> found symfony/http-foundation[v6.4.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 9
    - symfony/twig-bundle is locked to version v7.1.6 and an update of this package was not requested.
    - symfony/twig-bundle v7.1.6 requires symfony/http-foundation ^6.4|^7.0 -> found symfony/http-foundation[v6.4.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 10
    - symfony/web-profiler-bundle is locked to version v7.1.7 and an update of this package was not requested.
    - symfony/framework-bundle v7.1.6 requires symfony/http-foundation ^6.4|^7.0 -> found symfony/http-foundation[v6.4.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
    - symfony/web-profiler-bundle v7.1.7 requires symfony/framework-bundle ^6.4|^7.0 -> satisfiable by symfony/framework-bundle[v7.1.6].