Skip to content

composer(deps-dev): bump the development-dependencies group with 3 updates#530

Merged
github-actions[bot] merged 2 commits into
masterfrom
dependabot/composer/master/development-dependencies-f5aa9aa4e6
Sep 20, 2025
Merged

composer(deps-dev): bump the development-dependencies group with 3 updates#530
github-actions[bot] merged 2 commits into
masterfrom
dependabot/composer/master/development-dependencies-f5aa9aa4e6

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Sep 20, 2025

Copy link
Copy Markdown
Contributor

Updates the requirements on mimmi20/coding-standard, phpstan/phpstan and phpunit/phpunit to permit the latest version.
Updates mimmi20/coding-standard to 6.2.0

Release notes

Sourced from mimmi20/coding-standard's releases.

use phpcs 4

What's Changed

🕸 Dependencies:

Full Changelog: mimmi20/coding-standard@6.1.14...6.2.0

Commits
  • b306fc2 Merge pull request #818 from mimmi20/updates
  • d8145a3 fix issue
  • 7417619 fix issues
  • 629c027 use phpcs 4
  • 2a6e2a6 Merge pull request #819 from mimmi20/dependabot/github_actions/master/product...
  • 8ce8efe github-actions (master): bump shivammathur/setup-php
  • 2f91077 Merge pull request #816 from mimmi20/dependabot/composer/master/development-d...
  • 6e42b15 composer (master)(deps-dev): update phpstan/phpstan requirement
  • 17a4767 Merge pull request #815 from mimmi20/dependabot/composer/master/development-d...
  • b23b9b5 composer (master)(deps-dev): update phpstan/phpstan requirement
  • Additional commits viewable in compare view

Updates phpstan/phpstan to 2.1.28

Release notes

Sourced from phpstan/phpstan's releases.

2.1.28

Improvements 🔧

Bugfixes 🐛

Internals 🔍

Commits
  • 578fa29 PHPStan 2.1.28
  • 8996d39 Updated PHPStan to commit 8996d39488b978cf569d96f07514d240a5b414fb
  • dde71d0 Update errors identifiers
  • f8ad453 Updated PHPStan to commit f8ad45368ae360bfdf8a88f5bd6d79bc3715f333
  • 5772b1a Updated PHPStan to commit 5772b1a89cd724f893388ffefabb721c829842ce
  • cd5a411 Update BACKERS.md
  • b50ac58 Updated PHPStan to commit b50ac581ef6d88ef3235287ba6f39572b310d643
  • 17c4fe5 Updated PHPStan to commit 17c4fe5b7cd942ea85338819a5ea3bb26cd998c8
  • 086ee29 Updated PHPStan to commit 086ee29b78a49bdc0b11aea3cb93062eba458d83
  • bb3fa41 Update baselines
  • Additional commits viewable in compare view

Updates phpunit/phpunit to 12.3.11

Release notes

Sourced from phpunit/phpunit's releases.

PHPUnit 12.3.11

Changed

  • #6366: Exclude __sleep() and __wakeup() from test double code generation on PHP >= 8.5

Learn how to install or update PHPUnit 12.3 in the documentation.

Keep up to date with PHPUnit:

Changelog

Sourced from phpunit/phpunit's changelog.

[12.3.11] - 2025-09-14

Changed

  • #6366: Exclude __sleep() and __wakeup() from test double code generation on PHP >= 8.5

[12.3.10] - 2025-09-11

Changed

  • #6353: Disable performance optimization for tests requiring Xdebug
  • #6357: Also collect E_DEPRECATED issues when building the test suite

[12.3.9] - 2025-09-11

Changed

  • Do not use __sleep() method (which will be deprecated in PHP 8.5)

[12.3.8] - 2025-09-03

Fixed

  • #6340: Implicitly enabled display of deprecation details is not disabled when it should be

[12.3.7] - 2025-08-28

Changed

  • #[IgnorePhpunitDeprecations] is now considered for test runner deprecations (where applicable)

[12.3.6] - 2025-08-20

Changed

  • Do not configure report_memleaks setting (which will be deprecated in PHP 8.5) for PHPT processes

[12.3.5] - 2025-08-16

Changed

  • #6319: Detect premature end of PHPUnit's main PHP process
  • #6321: Allow error_reporting=E_ALL for --check-php-configuration

Fixed

  • #5863: TestDox printer does not show previous exception
  • #6102: expectUserDeprecationMessage*() fails when test is run in separate process

[12.3.4] - 2025-08-12

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…dates

Updates the requirements on [mimmi20/coding-standard](https://github.com/mimmi20/coding-standard), [phpstan/phpstan](https://github.com/phpstan/phpstan) and [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) to permit the latest version.

Updates `mimmi20/coding-standard` to 6.2.0
- [Release notes](https://github.com/mimmi20/coding-standard/releases)
- [Commits](mimmi20/coding-standard@6.1.13...6.2.0)

Updates `phpstan/phpstan` to 2.1.28
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/2.1.x/CHANGELOG.md)
- [Commits](phpstan/phpstan@2.1.25...2.1.28)

Updates `phpunit/phpunit` to 12.3.11
- [Release notes](https://github.com/sebastianbergmann/phpunit/releases)
- [Changelog](https://github.com/sebastianbergmann/phpunit/blob/12.3.11/ChangeLog-12.3.md)
- [Commits](sebastianbergmann/phpunit@12.3.10...12.3.11)

---
updated-dependencies:
- dependency-name: mimmi20/coding-standard
  dependency-version: 6.2.0
  dependency-type: direct:development
  dependency-group: development-dependencies
- dependency-name: phpstan/phpstan
  dependency-version: 2.1.28
  dependency-type: direct:development
  dependency-group: development-dependencies
- dependency-name: phpunit/phpunit
  dependency-version: 12.3.11
  dependency-type: direct:development
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Sep 20, 2025
@dependabot dependabot Bot requested a review from mimmi20 as a code owner September 20, 2025 02:02
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Sep 20, 2025
@github-actions

github-actions Bot commented Sep 20, 2025

Copy link
Copy Markdown
Contributor

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
composer/mimmi20/coding-standard >= 6.2.0, < 7.0.0 UnknownUnknown
composer/phpstan/phpstan >= 2.1.28, < 3.0.0 🟢 5.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 0/26 approved changesets -- score normalized to 0
Dangerous-Workflow⚠️ -1no workflows found
Binary-Artifacts🟢 10no binaries found in the repo
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ -1No tokens found
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
Pinned-Dependencies⚠️ -1no dependencies found
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Signed-Releases🟢 85 out of the last 5 releases have a total of 5 signed artifacts.
Security-Policy🟢 10security policy file detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
composer/phpunit/phpunit >= 12.3.11, < 13.0.0 🟢 5.2
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow⚠️ -1no workflows found
Token-Permissions⚠️ -1No tokens found
Security-Policy🟢 10security policy file detected
Code-Review⚠️ 0Found 2/28 approved changesets -- score normalized to 0
Maintained🟢 1030 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ -1no dependencies found
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Branch-Protection⚠️ 0branch protection not enabled on development/release branches

Scanned Files

  • .github/workflows/auto-approve.yml
  • .github/workflows/auto-merge.yml
  • .github/workflows/renovate-config-validator.yml
  • composer.json

github-actions[bot]
github-actions Bot previously approved these changes Sep 20, 2025
@github-actions github-actions Bot enabled auto-merge September 20, 2025 02:03
mimmi20
mimmi20 previously approved these changes Sep 20, 2025
@mimmi20 mimmi20 dismissed stale reviews from github-actions[bot] and themself via 293cb03 September 20, 2025 11:14
@github-actions github-actions Bot merged commit 950869b into master Sep 20, 2025
71 checks passed
@github-actions github-actions Bot deleted the dependabot/composer/master/development-dependencies-f5aa9aa4e6 branch September 20, 2025 11:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file security

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant