build(deps-dev): bump the dev-dependencies group with 5 updates

[dependabot]

Updates the requirements on phpstan/phpstan, phpstan/phpstan-strict-rules, phpunit/phpunit, shipmonk/composer-dependency-analyser and shipmonk/phpstan-rules to permit the latest version.
Updates phpstan/phpstan to 1.10.67

Release notes

Sourced from phpstan/phpstan's releases.

1.10.67

This is the last release, or one of the last releases, in 1.10.x series. The next one is going to be PHPStan 1.11, and it's going to be released at some point in May 2024.

Improvements 🔧

• Forbid PHPUnitPHAR prefixed classes (#3002), thanks @​staabm!
• Improve error messages on unnamed parameters (#3010), #10814, thanks @​takaram!

Bugfixes 🐛

• Improve date() return types (#2888), #10468, #6613, thanks @​zonuexe!
• Default value null does not make promoted property type nullable (phpstan/phpstan-src@b2177e3), #9839
• Fix socket_select array types after call (phpstan/phpstan-src@24c5249), `if-this-is` alternative? phpstan/phpstan#10285
• Fix conditional types in PHPDocs from stubs for native functions (phpstan/phpstan-src@8ae0b28)
• Fix env int key problem (phpstan/phpstan-src@e606fbe), #10833
• Fix false positives about uninitialized properties (#2897), #10523, #10822, thanks @​staabm!
• Incremented numeric-string should change to int/float (#2797), #10122, #10187, thanks @​staabm!
• Do not generalize big array when combined with empty array (#3003), #10834, thanks @​RobertMe!
• Fix string concatenation with benevolent union type (phpstan/phpstan-src@4a4c739), #10863
• Treat get_defined_vars() as using constructor arguments (#3012), #10865, thanks @​rvanvelzen!
• Allow undefined variables passed into by-ref parameters only if the type is nullable (phpstan/phpstan-src@7f8f9cc, phpstan/phpstan-src@7961f7a), #1916

Function signature fixes 🤖

• More precise gc_status() signature for PHP8.3+ (#2996), thanks @​staabm!
• Add object shape for mysqli_result::fetch_fields (#3005), thanks @​schlndh!

Internals 🔍

• composer-dependency-analyser: update to 1.5.0 (support functions) (#3011), thanks @​janedbal!

Commits

• 16ddbe7 PHPStan 1.10.67
• 7961f7a Updated PHPStan to commit 7961f7ae1fe815b0796e4d73717f1b117d4a7163
• 7f8f9cc Updated PHPStan to commit 7f8f9cce7f3903e505916c7afe04b7912570b5e2
• f71da02 Updated PHPStan to commit f71da02958da0dd6b40193c64fcb6da12daf7227
• 074de75 Updated PHPStan to commit 074de75ff3bffd32e554e3ce8b0dbbde003e471e
• 1453c3f Updated PHPStan to commit 1453c3f160075f299dc4fc3b3098e8b0b3739b85
• 4a4c739 Updated PHPStan to commit 4a4c739f9ff85b6c73659c21f8f3b8b7af8c82c9
• 28c5729 Updated PHPStan to commit 28c57296288b78707902fdb4cdf9313a60eff363
• a80cd8a Update Larastan
• 336ab5c Update baselines
• Additional commits viewable in compare view

Updates phpstan/phpstan-strict-rules to 1.5.5

Release notes

Sourced from phpstan/phpstan-strict-rules's releases.

1.5.5

• 2e193a0 - ArrayFilterStrictRule - get rid of different behavour with treatPhpDocTypesAsCertain: false

Commits

• 2e193a0 ArrayFilterStrictRule - get rid of different behavour with `treatPhpDocTypesA...
• 8afd4af Loosen up ArrayFilterStrictRule for unions with clearly truthy/falsey types
• 568210b Introduce strict array_filter call (require callback method)
• 4723149 Require PHPStan 1.10.60
• 2fc12e5 Fix UselessCastRuleTest.
• See full diff in compare view

Updates phpunit/phpunit to 10.5.20

Release notes

Sourced from phpunit/phpunit's releases.

PHPUnit 10.5.20

• #5771: JUnit XML logger may crash when test that is run in separate process exits unexpectedly
• #5819: Duplicate keys from different data providers are not handled properly

---

How to install or update PHPUnit

Changelog

Sourced from phpunit/phpunit's changelog.

[10.5.20] - 2024-04-24

• #5771: JUnit XML logger may crash when test that is run in separate process exits unexpectedly
• #5819: Duplicate keys from different data providers are not handled properly

[10.5.19] - 2024-04-17

Fixed

• #5818: Calling method() on a test stub created using createStubForIntersectionOfInterfaces() throws an unexpected exception

[10.5.18] - 2024-04-14

Deprecated

• #5812: Support for string array keys in data sets returned by data provider methods that do not match the parameter names of the test method(s) that use(s) them

Fixed

• #5795: Using @testWith annotation may generate PHP Warning: Uninitialized string offset 0

[10.5.17] - 2024-04-05

Changed

• The namespaces of dependencies are now prefixed with PHPUnitPHAR instead of just PHPUnit for the PHAR distribution of PHPUnit

[10.5.16] - 2024-03-28

Changed

• #5766: Do not use a shell in proc_open() if not really needed
• #5772: Cleanup process handling after dropping temp-file handling

Fixed

• #5570: Windows does not support exclusive locks on stdout

[10.5.15] - 2024-03-22

Fixed

• #5765: Be more forgiving with error handlers that do not respect error suppression

[10.5.14] - 2024-03-21

Changed

• #5747: Cache result of Groups::groups()
• #5748: Improve performance of NamePrettifier::prettifyTestMethodName()

... (truncated)

Commits

• 547d314 Prepare release
• 6da42ed Make this test work on Windows
• 371fc2c Update ChangeLog
• 77dc808 Use JUnit XML logfile as expectation instead of test runner output
• c722fb2 Do not crash when test run in child process ends unexpectedly and `--log-juni...
• b2b3555 Add --log-junit to test
• 94c00e3 Add test without --log-junit
• 9d1c41f Merge branch '9.6' into 10.5
• 33a0610 Merge branch '8.5' into 9.6
• 920716c Update tools
• Additional commits viewable in compare view

Updates shipmonk/composer-dependency-analyser to 1.5.3

Release notes

Sourced from shipmonk/composer-dependency-analyser's releases.

1.5.3

Fixes

• Ensure output of junit format is valid xml (#129)
• Check invalid cli options combinations (#131)

Commits

• 00b5023 Add balikobot to e2e (#132)
• d374d4b Check invalid cli options combination (#131)
• c55b7bc Readme: minor format typo (#130)
• d37bcd0 Ensure stdout is valid XML for junit format (#129)
• 701b485 Readme: improve, mainly config section (#127)
• 06ab7c6 Readme: mention ignoreUnknownFunctions (#126)
• f4001af cs: enforce array trailing commas (#125)
• 0501e73 Fix false positive in multi-attribute usages (#124)
• 2f65e4f Add PHP syntax checks for supported versions (#122)
• 82b9f82 UsedSymbolExtractor: fix incorrect detection of attribute (#121)
• Additional commits viewable in compare view

Updates shipmonk/phpstan-rules to 2.12.0

Release notes

Sourced from shipmonk/phpstan-rules's releases.

2.12.0

New features

• forbidNotNormalizedType: check invalid Parent|Child even in multi-catch and @throws (#231, #232)

Commits

• db342d8 Readme: whitelist what forbidNotNormalizedType supports (#233)
• a919257 ForbidNotNormalizedTypeRule: support also @​throws (#232)
• 7769c17 ForbidNotNormalizedTypeRule: check even multi-catch statements (#231)
• 32002c4 Bump the prod-dependencies group with 1 update (#230)
• 10afe5f Bump the dev-dependencies group with 4 updates (#229)
• e36bdd2 Bump the prod-dependencies group with 1 update (#228)
• 613df6f dependabot: use groups to avoid clutter (#227)
• 7738dab Readme: suggest reportAnyTypeWideningInVarTag along enforceListReturn (#226)
• 66c30cb Readme: link czech talk about checked exceptions (#225)
• 1814da4 Readme: mention reportAnyTypeWideningInVarTag extra strictness (#224)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions