composer-require-checker: 4.8.0 -> 4.13.0

upstream decided to no longer provide the composer.lock in their release artifacts, so use fetchgit to take it from there

pkgs/by-name/co/composer-require-checker/package.nix

@@ -1,20 +1,20 @@
 { lib
-, fetchFromGitHub
+, fetchgit
 , php
 }:
 
-php.buildComposerProject (finalAttrs: {
+php.buildComposerProject2 (finalAttrs: {
   pname = "composer-require-checker";
-  version = "4.8.0";
+  version = "4.13.0";
 
-  src = fetchFromGitHub {
-    owner = "maglnet";
-    repo = "ComposerRequireChecker";
-    rev = finalAttrs.version;
-    hash = "sha256-qCHUNaPunCPuWax/YUbYXaVh1JlJEwYvG/NmaSc1VpA=";
+  # Upstream no longer provides the composer.lock in their release artifact
+  src = fetchgit {
+    url = "https://github.com/maglnet/ComposerRequireChecker";
+    rev = "refs/tags/${finalAttrs.version}";
+    hash = "sha256-xq8W5SXwtmJ3uu5g26/rxL02jqBuxvEEQpwazPdCE5Y=";
   };
 
-  vendorHash = "sha256-B5w5n2S/mTF7vpsLuHtf2DGR5aPBfO9QGmodYGXE+Cg=";
+  vendorHash = "sha256-GGT/9kBpd7PU/pMJFWw1rrEW2QFUlrp3lljUCyo+/bw=";
 
   meta = {
     description = "CLI tool to check whether a specific composer package uses imported symbols that aren't part of its direct composer dependencies";