Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

composer(deps-dev): bump the version-updates group with 3 updates #356

Merged
merged 1 commit into from
Sep 3, 2024
Merged

composer(deps-dev): bump the version-updates group with 3 updates #356

merged 1 commit into from
Sep 3, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 3, 2024

Updates the requirements on mimmi20/coding-standard, phpstan/phpstan and tomasvotruba/unused-public to permit the latest version.
Updates mimmi20/coding-standard to 5.2.42

Commits
  • 65eec70 Merge pull request #546 from mimmi20/dependabot/composer/master/friendsofphp/...
  • 68d904d composer(deps): update friendsofphp/php-cs-fixer requirement
  • 3b063bb Merge pull request #545 from mimmi20/dependabot/composer/master/version-updat...
  • e01b153 composer(deps-dev): update phpstan/phpstan requirement
  • dda35fa Merge pull request #544 from mimmi20/dependabot/composer/master/friendsofphp/...
  • 5a1e1df composer(deps): update friendsofphp/php-cs-fixer requirement
  • 6045d61 Merge pull request #543 from mimmi20/dependabot/composer/master/version-updat...
  • e7e7910 composer(deps-dev): update phpstan/extension-installer requirement
  • a4a491c Merge pull request #542 from mimmi20/dependabot/composer/master/version-updat...
  • 7748f23 composer(deps-dev): update symplify/phpstan-rules requirement
  • Additional commits viewable in compare view

Updates phpstan/phpstan to 1.12.0

Release notes

Sourced from phpstan/phpstan's releases.

1.12.0

Read all about PHPStan 1.12 on phpstan.org »

Major new features 🚀

  • Precise type for $matches from preg_match generally available, out of bleeding edge (phpstan/phpstan-src@bd2cec1)
  • PHP 8.4 runtime support
    • PHPStan runs on PHP 8.4 without emitting deprecation notices
    • Full support for PHP 8.4 including new syntax and rules is coming later, after PHPStan 2.0 release

Bleeding edge 🔪

If you want to see the shape of things to come and adopt bleeding edge features early, you can include this config file in your project's phpstan.neon:

includes:
	- vendor/phpstan/phpstan/conf/bleedingEdge.neon

Of course, there are no backwards compatibility guarantees when you include this file. The behaviour and reported errors can change in minor versions with this file included. Learn more

Improvements 🔧

... (truncated)

Commits
  • 384af96 PHPStan 1.12.0
  • e4f6dbc Update config-reference.md
  • 4f7beff Updated PHPStan to commit 4f7beffdf4c30c49d7ece03f7131f0cb0518d4ab
  • d3b4c7b Fix build
  • 7d85a3a Updated PHPStan to commit 7d85a3aabd641f4d7d8295a7006cdaca478931c7
  • 5957367 Playground - test on PHP 8.4
  • bb4fdfc Updated PHPStan to commit bb4fdfcd7004d0532e13f5f6b9615bacf05fe7bf
  • 8b5a27a Updated PHPStan to commit 8b5a27a79bf621413798aa0afd486264f17a48a0
  • 46d2822 Update errors identifiers
  • 2671bb6 Updated PHPStan to commit 2671bb64ab2037f7429bf335f20b48947c3b527a
  • Additional commits viewable in compare view

Updates tomasvotruba/unused-public to 0.3.11

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
composer(deps-dev): bump the version-updates group with 3 updates
6d4a3ca 
Updates the requirements on [mimmi20/coding-standard](https://github.com/mimmi20/coding-standard), [phpstan/phpstan](https://github.com/phpstan/phpstan) and [tomasvotruba/unused-public](https://github.com/TomasVotruba/unused-public) to permit the latest version.

Updates `mimmi20/coding-standard` to 5.2.42
- [Release notes](https://github.com/mimmi20/coding-standard/releases)
- [Commits](mimmi20/coding-standard@5.2.40...5.2.42)

Updates `phpstan/phpstan` to 1.12.0
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/1.12.x/CHANGELOG.md)
- [Commits](phpstan/phpstan@1.11.11...1.12.0)

Updates `tomasvotruba/unused-public` to 0.3.11
- [Commits](TomasVotruba/unused-public@0.3.10...0.3.11)

---
updated-dependencies:
- dependency-name: mimmi20/coding-standard
  dependency-type: direct:development
  dependency-group: version-updates
- dependency-name: phpstan/phpstan
  dependency-type: direct:development
  dependency-group: version-updates
- dependency-name: tomasvotruba/unused-public
  dependency-type: direct:development
  dependency-group: version-updates
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from mimmi20 as a code owner September 3, 2024 02:38
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Sep 3, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 3, 2024

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
composer/mimmi20/coding-standard >= 5.2.42, < 6.0.0 UnknownUnknown
composer/phpstan/phpstan >= 1.12.0, < 2.0.0 🟢 6.4
Details
CheckScoreReason
Code-Review⚠️ 1Found 3/28 approved changesets -- score normalized to 1
Maintained🟢 1030 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases🟢 85 out of the last 5 releases have a total of 5 signed artifacts.
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ -1No tokens found
Dangerous-Workflow⚠️ -1no workflows found
Binary-Artifacts🟢 10no binaries found in the repo
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
Pinned-Dependencies⚠️ -1no dependencies found
Security-Policy🟢 10security policy file detected
composer/tomasvotruba/unused-public >= 0.3.11, < 0.4.0 UnknownUnknown

Scanned Manifest Files

composer.json
  • mimmi20/coding-standard@>= 5.2.42, < 6.0.0
  • phpstan/phpstan@>= 1.12.0, < 2.0.0
  • tomasvotruba/unused-public@>= 0.3.11, < 0.4.0
  • mimmi20/coding-standard@>= 5.2.40, < 6.0.0
  • phpstan/phpstan@>= 1.11.11, < 2.0.0
  • tomasvotruba/unused-public@>= 0.3.10, < 0.4.0

@codeclimate CodeClimate
Copy link

codeclimate bot commented Sep 3, 2024

Code Climate has analyzed commit 6d4a3ca and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 100.0% (0.0% change).

View more on Code Climate.

@mimmi20 mimmi20 merged commit a19a960 into master Sep 3, 2024
129 checks passed
@mimmi20 mimmi20 deleted the dependabot/composer/master/version-updates-7d6049094a branch September 3, 2024 06:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mimmi20 mimmi20 mimmi20 approved these changes

Assignees

@mimmi20 mimmi20

Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mimmi20