Bump the dev-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the dev-dependencies group with 4 updates in the / directory: phpstan/phpstan, phpstan/phpstan-symfony, shipmonk/composer-dependency-analyser and vimeo/psalm.

Updates phpstan/phpstan from 1.10.57 to 1.12.3

Release notes

Sourced from phpstan/phpstan's releases.

1.12.3

Improvements 🔧

• PHPStan Pro: debug corrupted PHAR signature message (phpstan/phpstan-src@9815bbb)

Bugfixes 🐛

• Revert "Fix phar.yml workflow" (phpstan/phpstan-src@6973519), #11638
• Refactor ArrayFilterFunctionReturnTypeReturnTypeExtension and support first-class callable (#3329), #11337, thanks @​takaram!
• Prevent resolving conditional types in callable param/return types (#3405), #11472, thanks @​rvanvelzen!
• Fix wrongly convertion of list<T> to array{T} (#3412), #11642, thanks @​staabm!
• Fix internal error (phpstan/phpstan-src@052f6b1), #11649
• Missing typehints should be consistently checked on level 6 (phpstan/phpstan-src@e3e80f6), #11657

Function signature fixes 🤖

• Don't prevent checking for curl_init() false returns (#3409), #11640, thanks @​tscni!
• Update phpstorm-stubs and patch (#3393), thanks @​VincentLanglet!

Internals 🔍

• The COMPOSER_ROOT_VERSION hack should no longer be necessary (#3414)
• Add non regression test (#3416), #4960, thanks @​VincentLanglet!
• Add non regression test (#3415), #10499, thanks @​VincentLanglet!

1.12.2

Improvements 🔧

• PHP 8.4 - report deprecated implicitly nullable parameter types (phpstan/phpstan-src@9bd027c), #11413

Bugfixes 🐛

• Run @mixin class reflection extensions after all other class reflection extensions (phpstan/phpstan-src@c889baa), #11624, #11342, #10159, larastan/larastan#2032
• RegexArrayShapeMatcher - Don't optimize alternations with optional groups for tagged unions (#3395), #11604, thanks @​staabm!
• Narrow array on count() with positive-int (#3389), thanks @​staabm!
• Improve narrowing after string functions (#3390), thanks @​staabm!
• Add Type::reverseArray() (#3344), thanks @​herndlm!

Function signature fixes 🤖

... (truncated)

Commits

• 0fcbf19 PHPStan 1.12.3
• 9815bbb Updated PHPStan to commit 9815bbba4535b0605aef5b5cb9dd64a63bc44b1f
• e3e80f6 Updated PHPStan to commit e3e80f6c9c246d13e41188d508f0f4afb631b9af
• 052f6b1 Updated PHPStan to commit 052f6b130f53ad50f571b81d4d468b0b0026c2fd
• 5814c7e Updated PHPStan to commit 5814c7e3d71b31f74002912fe5b443efaaf2cd2f
• b3c99fb Updated PHPStan to commit b3c99fb1547fe43b60317550762becce39d516a6
• 3592cf0 Updated PHPStan to commit 3592cf021d99a8d60373c6fb720da541566e03e8
• c26886d Updated PHPStan to commit c26886d5caecf2c8a51abe8642ce98dcb694c182
• df1dfd0 Update baselines
• 3e52bb0 Updated PHPStan to commit 3e52bb081ddb530bbbd651b489b809b0d6c480e0
• Additional commits viewable in compare view

Updates phpstan/phpstan-symfony from 1.3.7 to 1.4.9

Release notes

Sourced from phpstan/phpstan-symfony's releases.

1.4.9

• 51ab243 - Require PHPStan 1.12
• 30d0886 - Pin build-cs
• 4279753 - Test newer PHP versions
• 3cf113f - Fix stubs

1.4.8

• 14eec8c - Add stub for AbstractController::createForm()

1.4.7

• ee88a01 - Fix internal error when DIC param map has > 256 items

1.4.6

• e909a07 - DiagnoseExtension

1.4.5

• 1bd7c33 - Also support command argument and initialize method

1.4.4

• bca27f1 - Fix interact method inference

1.4.3

• af6ae0f - Update getArgument return type in interact method

1.4.2

• 2c3d666 - Support for alias to inlined service

1.4.1

• d530cfe - Merge remote-tracking branch 'origin/1.3.x' into 1.4.x
• f4b9407 - Synchronize stub with symfony
• 3fbf634 - Synchronize stub with symfony
• 99848d8 - Add stub for Compound::getConstraints()

1.4.0

• 51183fe - Update lock-closed-issues.yml
• f4b9407 - Synchronize stub with symfony
• 3fbf634 - Synchronize stub with symfony
• 99848d8 - Add stub for Compound::getConstraints()
• 8148308 - Merge remote-tracking branch 'origin/1.3.x' into 1.4.x
• c9f5ceb - Merge remote-tracking branch 'origin/1.3.x' into 1.4.x
• 67e208d - Add documentation to load DI helper
• a0e0f1f - chore(deps): update metcalfc/changelog-generator action to v4.3.1
• b2ddd0f - chore(deps): update cbrgm/mastodon-github-action action to v2
• 3b3083d - Merge remote-tracking branch 'origin/1.3.x' into 1.4.x
• 4cc4788 - chore(deps): update metcalfc/changelog-generator action to v4.2.0
• 44b68dd - chore(deps): update dessant/lock-threads action to v5
• 5586faa - Merge branch '1.3.x' into 1.4.x
• b9e1ded - Merge remote-tracking branch 'origin/1.3.x' into 1.4.x
• ce3c258 - Error identifiers
• 6a0cefe - Require PHPStan 1.11

... (truncated)

Commits

• 51ab243 Require PHPStan 1.12
• 30d0886 Pin build-cs
• 4279753 Test newer PHP versions
• 3cf113f Fix stubs
• 14eec8c Add stub for AbstractController::createForm()
• ee88a01 Fix internal error when DIC param map has > 256 items
• e909a07 DiagnoseExtension
• 1bd7c33 Also support command argument and initialize method
• bca27f1 Fix interact method inference
• af6ae0f Update getArgument return type in interact method
• Additional commits viewable in compare view

Updates shipmonk/composer-dependency-analyser from 1.5.0 to 1.7.0

Release notes

Sourced from shipmonk/composer-dependency-analyser's releases.

1.7.0

New features:

• Support absolute paths in composer autoload sections (#171, @​VincentLanglet)
• Support even zero composer classloaders (#161)
• Print issue counts per error type (#175)
• Add --version cli option (#172, #176)

Fixes:

• Show all usages even when --show-all-usages is combined with --verbose (#160)
• Add missing --ignore-unknown-functions to --help (#159)
• Improve further processing of junit format (#164, #174)

1.6.1

Fixes

• Fix PHP warning with no composer classloader (#150)

1.6.0

New features:

• Read composer's exclude-from-classmap to exclude paths from analysis (#140 by @​LastDragon-ru )
• Support qualified names in global scope (#148)
  • Often used in bundles.php in Symfony applications (#146)

Fixes:

• More specific path has dev/prod mark priority (#142)
• Fix false positive with extension functions with uppercase characters (#144)

1.5.3

Fixes

• Ensure output of junit format is valid xml (#129)
• Check invalid cli options combinations (#131)

1.5.2

Fixes

• Fix unknown function false positive in multi-attribute usages (#124)

1.5.1

Fixes

• Fix wrong detection of attribute name when aliased import or FQN is used (#121)

Commits

• bca862b Add reference to --version (#176)
• a65295b Add --version cli option (#172)
• f61a643 ConsoleFormatter: display error counts per category (#175)
• 7feaa97 junit: eliminate newlines inside \<failure> (#174)
• 47ea1c8 Add oveleon/contao-cookiebar to e2e (#165)
• 6848c5a E2E: add twig-cs-fixer (#173)
• c11ae11 Support absolute paths in composer autoload sections (#171)
• e64aa7f Bump the dev-dependencies group with 2 updates (#170)
• db52364 JUnit format improvements (#164)
• 213c157 Support zero composer classloaders (#161)
• Additional commits viewable in compare view

Updates vimeo/psalm from 5.20.0 to 5.26.1

Release notes

Sourced from vimeo/psalm's releases.

5.26.1

What's Changed

Fixes

• Fix JSON formatter crashes with invalid UTF in error messages by @​weirdan in vimeo/psalm#11092

Full Changelog: vimeo/psalm@5.26.0...5.26.1

5.26.0

What's Changed

Features

• Add mysqli.execute-query as sink for TaintedSql by @​cgocast in vimeo/psalm#11021
• Add TaintedCallable sinks for 4 core generic functions by @​cgocast in vimeo/psalm#11090
• Improve mysql fetch_field* return type by @​MoonE in vimeo/psalm#11009
• Check for psalm.dist.xml as well by @​HypeMC in vimeo/psalm#11031

Fixes

• Change ReflectionParameter::getName() result type to non-empty-string by @​vjik in vimeo/psalm#11037
• Fix mysqli_real_escape_string stub by @​kamil-tekiela in vimeo/psalm#11078
• Fix mysqli_get_client_version by @​kamil-tekiela in vimeo/psalm#11074
• Up the minimum required version of nikic/php-parser to 4.17 by @​chesn0k in vimeo/psalm#10968
• Fix callable/lowercase strings coercion by @​weirdan in vimeo/psalm#11091
• Consistently emit issues for properties on classes with unknown mixins by @​issidorov in vimeo/psalm#11081

New Contributors

• @​chesn0k made their first contribution in vimeo/psalm#10968

Full Changelog: vimeo/psalm@5.25.0...5.26.0

5.25.0

What's Changed

Features

• Casting int-range should keep literals by @​kkmuffme in vimeo/psalm#10941
• Update help panel by @​llaville in vimeo/psalm#11000
• Add support for phpstan-pure by @​VincentLanglet in vimeo/psalm#10975
• Precise preg_match_all return type by @​VincentLanglet in vimeo/psalm#10969

Fixes

• Fix-GH-10933-And-GH-10951 by @​jack-worman in vimeo/psalm#10953
• redis: add possible types for Redis#auth method by @​boesing in vimeo/psalm#10934
• Avoid false positive about array which are non-callable by @​VincentLanglet in vimeo/psalm#10935
• Fix literal-string|non-empty-literal-string by @​VincentLanglet in vimeo/psalm#10930
• Fix signature of Locale::canonicalize. by @​ADmad in vimeo/psalm#11010

New Contributors

• @​llaville made their first contribution in vimeo/psalm#11000

... (truncated)

Commits

• d747f65 Merge pull request #11092 from weirdan/fix-invalid-utf8-output-in-json-reports
• bb57f39 Fix JSON formatter crashes with invalid UTF in error messages
• 4787eaf Merge pull request #11081 from issidorov/regression-tests-with-undefined-mixin
• 8b528ad Merge pull request #11091 from weirdan/callable-and-lowercase-strings-are-coe...
• b6cea6e Fix callable/lowercase strings coercion
• 2a64d1c Merge pull request #10968 from chesn0k/chesn0k-patch-1
• 3c13a5b Merge pull request #11031 from HypeMC/check-for-psalm.dist.xml-as-well
• c2bdb40 Merge pull request #11009 from MoonE/mysqli-fetch-field
• 10a987b Merge pull request #11074 from kamil-tekiela/mysqli_get_client_version
• 4324122 Merge pull request #11078 from kamil-tekiela/mysqli_real_escape_string
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

The following labels could not be found: dependencies.

[github-actions]

🏰 Composer Production Dependency changes 🏰

Prod Packages	Operation	Base	Target	Link
composer/pcre	Upgraded	3.1.4	3.3.1	Compare
doctrine/deprecations	Upgraded	1.1.2	1.1.3	Compare
phpstan/phpdoc-parser	Upgraded	1.25.0	1.30.1	Compare
psr/log	Upgraded	3.0.0	3.0.2	Compare
symfony/console	Upgraded	v6.4.8	v6.4.11	Compare
symfony/filesystem	Upgraded	v6.4.8	v6.4.9	Compare
symfony/polyfill-ctype	Upgraded	v1.29.0	v1.31.0	Compare
symfony/polyfill-intl-grapheme	Upgraded	v1.29.0	v1.31.0	Compare
symfony/polyfill-intl-normalizer	Upgraded	v1.29.0	v1.31.0	Compare
symfony/polyfill-mbstring	Upgraded	v1.29.0	v1.31.0	Compare
symfony/string	Upgraded	v6.4.8	v6.4.11	Compare

[github-actions]

🚧 Composer Development Dependency changes 🚧

Dev Packages	Operation	Base	Target	Link
amphp/amp	Upgraded	v2.6.2	v2.6.4	Compare
amphp/byte-stream	Upgraded	v1.8.1	v1.8.2	Compare
composer/semver	Upgraded	3.4.0	3.4.2	Compare
netresearch/jsonmapper	Upgraded	v4.2.0	v4.5.0	Compare
phpstan/phpstan	Upgraded	1.10.57	1.12.3	Compare
phpstan/phpstan-symfony	Upgraded	1.3.7	1.4.9	Compare
sebastian/diff	Upgraded	5.1.0	5.1.1	Compare
shipmonk/composer-dependency-analyser	Upgraded	1.5.0	1.7.0	Compare
spatie/array-to-xml	Upgraded	3.2.2	3.3.0	Compare
symfony/polyfill-php80	Upgraded	v1.29.0	v1.31.0	Compare
vimeo/psalm	Upgraded	5.20.0	5.26.1	Compare

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml