Remove roave/security-advisories

[Copilot]

Composer's built-in security advisory checks now cover what roave/security-advisories previously provided, making the package redundant.

Changes

• composer.json: Drop roave/security-advisories from require-dev
• CHANGELOG.md: Add entry under 1.1.1 under development

Original prompt

---

This section details on the original issue you should resolve

<issue_title>Remove roave/security-advisories</issue_title>
<issue_description>### Description

roave/security-advisories is now handled well by Composer itself.

Package version

No response

PHP version

No response</issue_description>

<agent_instructions>Do it and don't forget to add a line for CHANGELOG</agent_instructions>

Comments on the Issue (you are @copilot in this section)

• Fixes Remove roave/security-advisories #441

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 76.96%. Comparing base (da346dc) to head (b0d1f9b).
⚠️ Report is 1 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff            @@
##             master     #442   +/-   ##
=========================================
  Coverage     76.96%   76.96%           
  Complexity       29       29           
=========================================
  Files            11       11           
  Lines           178      178           
=========================================
  Hits            137      137           
  Misses           41       41           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

This PR removes the roave/security-advisories package from development dependencies, as Composer now provides built-in security advisory checking that makes this package redundant. The change aligns with modern Composer features and simplifies the dependency tree.

Changes:

• Remove roave/security-advisories from require-dev in composer.json
• Add changelog entry documenting the removal

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File	Description
composer.json	Removed roave/security-advisories from require-dev dependencies
CHANGELOG.md	Added entry under version 1.1.1 documenting the package removal

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

There's a discrepancy between the issue number referenced here (#437) and the one in the PR description (Fixes #441). Please verify which issue number is correct and update accordingly to maintain accurate tracking.