Update composer.lock on the PR'ed branch

[BusterNeece]

My automated test suite in my CI toolkit only uses composer install as is recommended, so that it does not change the composer dependencies that will be used by end users installing the product. Even with an updated composer.json file, the test suite will still pass using the old composer.lock dependencies, which does not actually indicate whether or not the new dependencies will succeed.

[m1guelpf]

@SlvrEagle23 Had a look at how Composer generates the lockfile, and it isn't currently possible to generate or modify it. Added a section on the PR body explaining this issue and how to fix it as a temporal solution.