Remove abandoned dependency composer/package-versions-deprecated

[reydajp]

Hi,

This package requires composer/package-versions-deprecated, which is now reported as an abandoned package.

This causes CI pipelines that run composer audit to fail, even when there are no security vulnerability advisories.

thecodingmachine/graphqlite v8.3.0
└── requires composer/package-versions-deprecated ^1.8

No security vulnerability advisories found.
Found 1 abandoned package:

composer/package-versions-deprecated

Process completed with exit code 1.

Would it be possible to remove the dependency on composer/package-versions-deprecated,
or replace it with a non-abandoned alternative?

[oojacoboo]

It can be removed, I believe. That's for Composer 1.x support - right? I don't see any reason to hang onto that, if you'd like to submit a PR.

[reydajp]

@oojacoboo
Yes, exactly. Composer 1.x support no longer seems relevant here,
so I opened a PR: #810.

I kept the existing behavior and replaced the deprecated method with \Composer\InstalledVersions::getVersion() from composer-runtime-api, which provides the same package-version lookup through Composer 2’s runtime API.

Thanks for confirming.