build(deps-dev): bump the dev-dependencies group with 4 updates

[dependabot]

Updates the requirements on phpstan/phpstan, phpunit/phpunit, shipmonk/composer-dependency-analyser and shipmonk/phpstan-rules to permit the latest version.
Updates phpstan/phpstan to 1.11.8

Release notes

Sourced from phpstan/phpstan's releases.

1.11.8

Bleeding edge 🔪

• Report useless return values of function calls like var_export without $return=true (#3225), #11320, thanks @​staabm!
• Check mixed in binary operator (#3231), #7538, #10440, thanks @​schlndh!
• Check vprintf/vsprintf arguments against placeholder count (#3126), thanks @​staabm!
• Check mixed in unary operator (#3253), thanks @​schlndh!
• Report "missing return" error closer to where the return is missing (phpstan/phpstan-src@04f8636)
• Stricter ++/-- operator check (#3255), thanks @​schlndh!
• Check preg_quote delimiter sanity (#3252), #11338, thanks @​staabm!

If you want to see the shape of things to come and adopt bleeding edge features early, you can include this config file in your project's phpstan.neon:

includes:
	- vendor/phpstan/phpstan/conf/bleedingEdge.neon

Of course, there are no backwards compatibility guarantees when you include this file. The behaviour and reported errors can change in minor versions with this file included. Learn more

Improvements 🔧

• Precise array shape for $matches from preg_match() improvements:
  • RegexArrayShapeMatcher - trailling groups are not optional when PREG_UNMATCHED_AS_NULL (#3219), #11311, thanks @​staabm!
  • Fix preg_match named capturing groups (#3228), #11323, thanks @​staabm!
  • RegexArrayShapeMatcher - Fix optional groups with PREG_UNMATCHED_AS_NULL (#3229), thanks @​staabm!
  • Allow overriding the PHP 7.2 support for PREG_UNMATCHED_AS_NULL (#3226), thanks @​Seldaek!
  • RegexArrayShapeMatcher - Fix PREG_UNMATCHED_AS_NULL with optional leading groups (#3234), #11331, thanks @​staabm!
  • RegexArrayShapeMatcher - Support preg_quote()'d patterns (#3233), #11332, thanks @​staabm!
  • RegexArrayShapeMatcher - Fix PREG_UNMATCHED_AS_NULL with top level alternation (#3238), thanks @​staabm!
  • RegexArrayShapeMatcher - More precise non-empty-string and numeric-string (#3249), thanks @​staabm!
  • Fix regex parsing by completing the grammar (#3244), thanks @​Seldaek!
  • RegexArrayShapeMatcher - (\d*) can be empty-string (#3257), thanks @​staabm!
• Add diagnose command to run DiagnoseExtensions (phpstan/phpstan-src@22c84d2)
• Diagnose extension: Info about extensions installed via extension-installer (phpstan/phpstan-src@db71f04)
• Diagnose extension - where is PHPStan running from (phpstan/phpstan-src@76464ee)
• Parallel scheduler becomes DiagnoseExtension (phpstan/phpstan-src@c7c9689)
• ResultCacheManager: output restore time in debug mode (#3224), thanks @​janedbal!
• Add hint as to what might be wrong when invalid identifiers are used (#3230), thanks @​Seldaek!
• Optimize array_map with many arrays (phpstan/phpstan-src@09fbc92), #11297
• Improved sprintf() inference (#3232), thanks @​staabm!
• Print elapsed analysis time with -v (#3239, #3242), thanks @​janedbal!
• More precise sprintf() format arg-based return type (#3192), #11248, #10493, thanks @​staabm!

Bugfixes 🐛

• Fix return type of round/ceil/floor in non strict type environment (#3223), #11319, thanks @​BackEndTea!

... (truncated)

Commits

• 6adbd11 PHPStan 1.11.8
• c4c0269 Updated PHPStan to commit c4c02698414934def38e0e1a4a002a2c139d9242
• c9a6d2e Updated PHPStan to commit c9a6d2e61edfad189a765df3c3a06674a10d4fb5
• 101467d Updated PHPStan to commit 101467d47d75cc793baaec89abf858342436e25a
• 7c2d8b4 Updated PHPStan to commit 7c2d8b45c30bc1a445be34d736b286f876805e4f
• 4a0ffab Updated PHPStan to commit 4a0ffab348f87b874d80ac7d8289213d419fb860
• fec3501 Update baselines
• 9db34df Updated PHPStan to commit 9db34dfbdffb2442ca21d6765b0fbfeb0154745d
• 2223dd9 Updated PHPStan to commit 2223dd9623522c223357c556189e7ec5280dba59
• a1e697b Updated PHPStan to commit a1e697b6949371b02bba5a2164ccc2ded020dd5e
• Additional commits viewable in compare view

Updates phpunit/phpunit to 11.2.9

Release notes

Sourced from phpunit/phpunit's releases.

PHPUnit 11.2.9

Fixed

• #5887: Issue baseline generator does not correctly handle ignoring suppressed issues
• #5908: --list-tests and --list-tests-xml CLI options do not report error when data provider method throws exception

---

How to install or update PHPUnit

Changelog

Sourced from phpunit/phpunit's changelog.

[11.2.9] - 2024-07-30

Fixed

• #5887: Issue baseline generator does not correctly handle ignoring suppressed issues
• #5908: --list-tests and --list-tests-xml CLI options do not report error when data provider method throws exception

[11.2.8] - 2024-07-18

Fixed

• #5898: Test\Passed event is not emitted for PHPT tests
• --coverage-filter CLI option could not be used multiple times

[11.2.7] - 2024-07-10

Changed

• Updated dependencies (so that users that install using Composer's --prefer-lowest CLI option also get recent versions)

Fixed

• #5892: Errors during write of phpunit.xml are not handled correctly when --generate-configuration is used

[11.2.6] - 2024-07-03

Changed

• #5880: Add hints to CLI parameter deprecation messages

[11.2.5] - 2024-06-20

Changed

• #5877: Use array_pop() instead of array_shift() for processing Test objects in TestSuite::run() and optimize TestSuite::isEmpty()

[11.2.4] - 2024-06-20

Changed

• #5875: Also destruct TestCase objects early that use a data provider

[11.2.3] - 2024-06-19

Changed

• #5870: Do not collect unnecessary information using debug_backtrace()

[11.2.2] - 2024-06-15

... (truncated)

Commits

• c197bba Prepare release
• 8fdb955 Merge branch '10.5' into 11.2
• 9399322 We do not need the result collected from events here
• a7c7ae4 Use different test fixture
• 1cacb78 Merge branch '10.5' into 11.2
• 8f432cf Closes #5908
• 68a4fff Merge branch '10.5' into 11.2
• 98cbd0f Fix path
• aecc307 Merge branch '10.5' into 11.2
• 1519750 Parameter names are not covered by the backward compatibility promise (this i...
• Additional commits viewable in compare view

Updates shipmonk/composer-dependency-analyser to 1.6.1

Release notes

Sourced from shipmonk/composer-dependency-analyser's releases.

1.6.1

Fixes

• Fix PHP warning with no composer classloader (#150)

Commits

• 9252ee5 Fix PHP warning with no composer classloader (#150)
• 6bbe1d0 Support qualified names in global scope (#148)
• b63a9ac Fix detection of non-lowercase extension functions (#144)
• af14c65 exclude-from-classmap support (#140)
• 98bceac Analyser: more specific path has dev/prod mark priority (#142)
• 2a45e4e Bump the dev-dependencies group with 3 updates (#139)
• bb93bfd Bump the dev-dependencies group with 3 updates (#135)
• d9ddcef e2e: add tomasvotruba/unused-public (#134)
• 76a81d2 CI: run checks with PHP 8.3 (#133)
• See full diff in compare view

Updates shipmonk/phpstan-rules to 3.1.0

Release notes

Sourced from shipmonk/phpstan-rules's releases.

3.1.0

New features:

• forbidUnsafeArrayKey: allow only int|string in array keys (deny null, bool, float etc) (#254)

Commits

• 8ace7ea ForbidUnsafeArrayKeyRule (#254)
• e517483 Bump the dev-dependencies group with 2 updates (#253)
• 25439e1 Bump phpstan/phpstan from 1.11.3 to 1.11.5 in the prod-dependencies group (#252)
• 7088eff RuleTestCase: fix order of errors for long testcases (#251)
• d8584cc Bump phpstan/phpstan from 1.11.1 to 1.11.3 in the prod-dependencies group (#250)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[janedbal]

Looks like our "dont update major versions" ignore is not working: https://github.com/shipmonk-rnd/doctrine-hint-driven-sql-walker/blob/master/.github/dependabot.yml#L14

[janedbal]

@dependabot recreate

[dependabot]

Looks like these dependencies are no longer updatable, so this is no longer needed.