[2.x] fix(package-manager): reject extensions incompatible with current Flarum major version

[imorland]

Fixes #4408

Summary

Extensions with "flarum/core": "*" (or other overly broad constraints like "^1.0") pass Composer's resolver on 2.x — because * technically satisfies ^2.0 — but the extension code was written for 1.x and breaks at runtime.

This adds a pre-install compatibility check via the Packagist p2 API before handing off to Composer:

1. Fetch repo.packagist.org/p2/{package}.json to get the latest stable release's composer.json metadata.
2. Check the flarum/core constraint using Composer\Semver:
   • Constraints that satisfy both 1.0.0 and 2.0.0 (e.g. *, >=1.0) are treated as too permissive and rejected — an extension genuinely targeting 2.x would use ^2.0.
   • Constraints that don't satisfy the running Flarum version (e.g. ^1.0) are rejected.
3. Fails open — if Packagist is unreachable, the package has no stable releases, or there's no flarum/core requirement, the install proceeds and Composer's own resolver is the final gate.

The frontend already has a translation string for extension_incompatible_with_instance; the error handler is updated to catch the new KnownError type and display it as an alert.

Changes

• RequireExtensionHandler — injects GuzzleHttp\Client, runs assertFlarumCompatibility() before Composer
• ExtensionIncompatibleWithFlarumException — new KnownError with type extension_incompatible_with_instance
• errorHandler.ts — handles extension_incompatible_with_instance directly (shows alert, closes modal)
• RequireExtensionCompatibilityTest — 11 unit tests using GuzzleHttp\Handler\MockHandler, covering all constraint scenarios and fail-open cases

Test plan

• Try installing a 1.x-only extension ("flarum/core": "^1.0") → error alert appears immediately, Composer never runs
• Try installing an extension with "flarum/core": "*" → same result
• Try installing a valid 2.x extension → installs normally
• Run composer test:unit → all 11 unit tests green

🤖 Generated with Claude Code