v1.21.0

Changed

• GitHub Actions(deps): Bump peter-evans/create-pull-request from 7 to 8 (#181)
• GitHub Actions(deps): Bump marocchino/sticky-pull-request-comment from 2 to 3 (#182)
• GitHub Actions(deps): Bump actions/github-script from 8 to 9 (#183)
• Auto-create and push minimal changelog entries for same-repository Dependabot pull requests before changelog validation reruns (#186)
• Resolve Dependabot changelog fallback state from the actual PR head branch and report already-present, auto-created, or missing in the workflow summary so rebased PRs cannot pass on inherited Unreleased entries alone (#191)

Fixed

• Preserve literal angle brackets around maintainer emails when generating LICENSE files from composer metadata (#179)
• Keep packaged .agents payloads exportable and synchronize packaged skills and agents with repository-relative symlink targets so consumer repositories no longer receive broken absolute machine paths (#188)
• Rewrite drifted Git hooks by removing the previous target first, restore the intended 0o755 executable mode, and report unwritable hook replacements cleanly when .git/hooks stays locked (#190)
• Keep Composer plugin command discovery compatible with consumer environments by moving unsupported Symfony Console named parameters out of command metadata/configuration and by decoupling the custom filesystem wrapper from Composer's bundled Symfony Filesystem signatures (#185)
• Keep Composer autoload, Rector, and ECS from traversing nested fixture vendor directories when the composer-plugin consumer fixture has installed dependencies (#179)
• Skip LICENSE generation cleanly when a consumer composer manifest omits or leaves the license field empty (#227)
• Run nested DevTools subprocesses without forcing PTY, fixing aggregate commands in non-interactive environments (#171)