Composer 2.9 Brings Automatic Security Blocking and New Repository Commands
Composer 2.9 adds default automatic blocking of insecure packages, a new CLI repository command, lock‑file conflict recovery, a minimal‑changes flag, Forgejo support, and performance enhancements, providing developers with stronger security and smoother dependency management.
