composer(deps-dev): bump the version-updates group with 2 updates

[dependabot]

Updates the requirements on phpstan/phpstan and rector/rector to permit the latest version.
Updates phpstan/phpstan to 1.12.7

Release notes

Sourced from phpstan/phpstan's releases.

1.12.7

Major new features 🚀

• Implement template default types (#3457), #4801, thanks @​jiripudil!
  • See https://x.com/OndrejMirtes/status/1843920480342057154

Improvements 🔧

• Move result cache output from debug (-vvv) to very verbose (-vv) mode (#3345), thanks @​janedbal!
• Support for non-empty-array and non-empty-list array shape kind (phpstan/phpstan-src@107a7e3)
• Improve lowercase string verbosity level (#3567), thanks @​VincentLanglet!
• Show TypeResult reasons in StrictComparisonOfDifferentTypesRule (phpstan/phpstan-src@34bacd7)
• Decorate reasons when comparing ConstantArrayType (phpstan/phpstan-src@dc5d8f4), #11799, #10421

Bugfixes 🐛

• Fix nextAutoIndexes in array coming from ArrayCombineFunctionReturnTypeExtension (phpstan/phpstan-src@c4ba434), #11819
• Fix return type of array_reverse() with optional keys (#3406), #11549, thanks @​herndlm!
• Try to quit the child process only after internal errors were accounted for (phpstan/phpstan-src@dcd69eb), #11826
• react/http PHP 8.4 patch (phpstan/phpstan-src@40e461d)

Function signature fixes 🤖

• functionMap: more precise get_defined_vars() (#3546), thanks @​janedbal!
• Reflection getAttributes returns list (#3548), thanks @​ManuelHu!
• More precise md5/sha1 return type (#3541), thanks @​staabm!
• Improve return type of token_name() and PhpToken::getTokenName() (#3558), #11808, thanks @​zonuexe!

Internals 🔍

• Fix typo (phpstan/phpstan-src@5b43d50)
• Introduce isSuperTypeOfWithReason (#3538), thanks @​VincentLanglet!
• Add function PHPStan\dumpPhpDocType() (#3559), #11561, thanks @​zonuexe!
• Introduce TypeResult (phpstan/phpstan-src@a815d57)

Commits

• dc2b997 PHPStan 1.12.7
• 247ae64 Updated PHPStan to commit 247ae64eaa4126e6fd9bca563d71ac95080392cf
• e802b85 Updated PHPStan to commit e802b85aa2cecf243410c41464e632ca58eaa658
• dc5d8f4 Updated PHPStan to commit dc5d8f4d3eef18b1d80b8ffb3a1adfe8de6d7268
• 40e461d Updated PHPStan to commit 40e461d2e8dff171cdf588e380eb20e782e94eb1
• 3128f26 Updated PHPStan to commit 3128f266461cdcb559672e8519db7643666c669a
• 107a7e3 Updated PHPStan to commit 107a7e38e2173d8b8b4f18e5d592fc8ead02b96a
• 856208a Updated PHPStan to commit 856208a53b3b1c4eada01f7e4892573d756cdf3f
• ff75213 Updated PHPStan to commit ff7521302711c2eca765d47f8606179f0ca0d19b
• 66664bb Updated PHPStan to commit 66664bb612b4cfb4e8a870f5d11f5af731f5e21a
• Additional commits viewable in compare view

Updates rector/rector to 1.2.8

Release notes

Sourced from rector/rector's releases.

Released Rector 1.2.8

Bugfixes 🐛

• [UnusedImport] Fix removing multiple uses (#6376), Thanks @​jorgsowa!
• [PostRector] Clean up variables and conditional usage on UnusedImportRemovingPostRector (#6378)
• [PostRector] Reduce repetitive toString() on loop on UnusedImportRemovingPostRector (#6379)
• [CodeQuality] Skip no @ property doc on DynamicDocBlockPropertyToNativePropertyRector (#6380)
• [CodeQuality] Handle with other attributes on DynamicDocBlockPropertyToNativePropertyRector (#6381)
• [CodeQuality] Use existing PhpAttributeAnalyzer service instead of AttributeFinder from Doctrine package on DynamicDocBlockPropertyToNativePropertyRector (#6382)
• Fix duplicated register ContinueToBreakInSwitchRector in php52.php and php73.php (#6385)
• [AutoImport] Fix missing @ in deep annotation auto import (#6386)
• [DeadCode] Skip non FullyQualified property type on RemoveTypedPropertyNonMockDocblockRector (#6383)

New Features 🥳

• [CodeQuality] Add DynamicDocBlockPropertyToNativePropertyRector (#5691)
• [DX] [Experimental] Add withPhpLevel() to raise PHP level one rule at a time (#6261)

Commits

• 05755bf Rector 1.2.8
• ca3b59b Updated Rector to commit 3ca9d0d7c27b9c538cba410f11c1f084c47de59c
• 5864fb0 Updated Rector to commit cdeea08b786337dc6f537c9cac0ac9dc80a2da8d
• 82270e5 Updated Rector to commit 7be438b5fc0f91a9dc9b70a0b6a38a6bf1e906b2
• adf15bb Updated Rector to commit 61016bf5307b804df5babb81db27cacbccb12efa
• 1a957f8 Updated Rector to commit 61016bf5307b804df5babb81db27cacbccb12efa
• 80d5259 Updated Rector to commit 385d423d4f2b5577bfb5d70f6e41e09f3460a057
• 254c38f Updated Rector to commit d180b8d7363f508a4e9c6931c327c65aed5ff6ee
• 8388edb Updated Rector to commit 684f23d165407e0461a48d2c1fd289834a492876
• 8defa24 Updated Rector to commit d7bfc24bedc11374868f5a7ff3066eb847e80a8c
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
composer/phpstan/phpstan	>= 1.12.7, < 2.0.0	🟢 6.3	Details Check Score Reason Code-Review ⚠️ 0 Found 0/26 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases 🟢 8 5 out of the last 5 releases have a total of 5 signed artifacts. Branch-Protection ⚠️ -1 internal error: error during GetBranch(1.12.x): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow ⚠️ -1 no workflows found Token-Permissions ⚠️ -1 No tokens found Binary-Artifacts 🟢 10 no binaries found in the repo SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies ⚠️ -1 no dependencies found Security-Policy 🟢 10 security policy file detected
composer/rector/rector	>= 1.2.8, < 2.0.0	🟢 4.8	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow ⚠️ -1 no workflows found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ -1 No tokens found Security-Policy ⚠️ 0 security policy file not detected Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 no SAST tool detected Binary-Artifacts 🟢 9 binaries present in source code Pinned-Dependencies ⚠️ -1 no dependencies found Vulnerabilities 🟢 10 0 existing vulnerabilities detected

Scanned Manifest Files

composer.json

• phpstan/phpstan@>= 1.12.7, < 2.0.0
• rector/rector@>= 1.2.8, < 2.0.0
• phpstan/phpstan@>= 1.12.6, < 2.0.0
• rector/rector@>= 1.2.7, < 2.0.0

[codeclimate]

Code Climate has analyzed commit ebf64da and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 100.0% (0.0% change).

View more on Code Climate.