Update dependency custom-composer to v2.9.3

[isle-buildkit-renovate]

This PR contains the following updates:

Package	Update	Change
custom-composer	patch	2.9.2 → 2.9.3

---

Release Notes

composer/composer (custom-composer)

v2.9.3

Compare Source

• Security: Fixed ANSI sequence injection (GHSA-59pp-r3rg-353g / CVE-2025-67746)
  • Fixed COMPOSER_NO_SECURITY_BLOCKING env var not being respected for updates done via the install command, and added --no-security-blocking flag to install as well (#​12677)
  • Fixed update --lock / update mirrors not working when locked packages contain vulnerabilities (#​12645)
  • Fixed client-certificate authentication implementation (#​12667)
  • Fixed php-ext schema not being validated in ValidatingArrayLoader (#​12694)
  • Fixed crash when --bump-after-update is used and the lock file is disabled (#​12660)
  • Fixed support for SecureTransport + LibreSSL on macOS (#​12615)
  • Fixed display of reasons for why advisories are ignored (#​12668)
  • Fixed compatibility issues when git has log.showSignature enabled (#​12666)
  • Fixed curl downloader not retrying when a timeout (err 28) failure occurs (#​12662)
  • Fixed EventDispatcher requiring a full Composer instance to function (#​12629)

---

Configuration

📅 Schedule: Branch creation - Between 10:00 AM and 10:59 AM, only on Wednesday ( * 10 * * 3 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.