Composer: update to PHPCSDevCS 1.2.0

PHPCSDevCS now allows for PHPCS 4.0 and includes PHPCompatibility 10.0.0-alpha1 and a range of sniffs from PHPCSExtra.

This also means that we can now scan files without a file extension (if explicitly requested), so the bin script can now be scanned.

Includes minor documentation update in the ruleset.
Includes adding one selective exclusion to the ruleset.
Includes various small CS fixes.

Refs:

• https://github.com/PHPCSStandards/PHPCSDevCS/releases/tag/1.2.0
• How to add single file without extension to check? squizlabs/PHP_CodeSniffer#2916
• Filter: files without extension are no longer ignored if the path is passed in directly PHPCSStandards/PHP_CodeSniffer#1022

GH Actions: run CS check against PHPCS 4.x dev

Dependabot: remove composer ecosystem

Dependabot has basically never submitted any useful PRs updating the dependencies managed via Composer.

In most cases, it wouldn't be able to anyway as the "widen" strategy only really causes update PRs when a new major of a dependency is released and with a new major of a dependency, we'll generally need to do a managed update, so wouldn't be able to use the Dependabot PR anyhow.

On top of that, it appears to be completely impossible to set any environment variables for the running of Dependabot via GH Actions.

This is problematic as we will have a circular dependency via the phpcsstandards/phpcsdevcs package once this update to PHPCSDevCS 1.2.0 would be merged and the only way to get round that is to set a COMPOSER_ROOT_VERSION environment variable.

In practice, this means that updating to PHPCSDevCS 1.2.0 will cause the action runs for Dependabot to fail, which is not useful.

All in all, I see no upside to continue to have Dependabot enabled for the Composer packages.