fix CI due to https://github.com/advisories/GHSA-vvj3-c3rp-c85p #597
Description
GHSA-vvj3-c3rp-c85p caused https://github.com/CycloneDX/cyclonedx-php-library/actions/runs/21572576433/job/62154020486
No composer.lock file present. Updating dependencies to latest instead of installing from lock file. See https://getcomposer.org/install for more information.
Loading composer repositories with package information
Updating dependencies
Your requirements could not be resolved to an installable set of packages.Problem 1
- Root composer.json requires phpunit/phpunit 10.5.60||11.5.46||12.4.4, found phpunit/phpunit[10.5.60, 11.5.46, 12.4.4] but these were not loaded, because they are affected by security advisories ("PKSA-z3gr-8qht-p93v"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.Error: Your requirements could not be resolved to an installable set of packages.
Problem 1
- Root composer.json requires phpunit/phpunit 10.5.60||11.5.46||12.4.4, found phpunit/phpunit[10.5.60, 11.5.46, 12.4.4] but these were not loaded, because they are affected by security advisories ("PKSA-z3gr-8qht-p93v"). Go to https://packagist.org/security-advisories/ to find advisory details. To ignore the advisories, add them to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.