php-tuf / composer-stager

Stages Composer commands so they can be safely run on a codebase in production.
MIT License
16 stars 8 forks source link

Bump the all group with 3 updates #360

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 6 months ago

Bumps the all group with 3 updates: symfony/process, squizlabs/php_codesniffer and symfony/yaml.

Updates symfony/process from 6.4.4 to 6.4.7

Commits


Updates squizlabs/php_codesniffer from 3.9.1 to 3.9.2

Release notes

Sourced from squizlabs/php_codesniffer's releases.

3.9.2 - 2024-04-24

Changed

  • The Generic.ControlStructures.DisallowYodaConditions sniff no longer listens for the null coalesce operator. #458
  • Various housekeeping, including improvements to the tests and documentation.

Fixed

  • Fixed bug #381 : Squiz.Commenting.ClosingDeclarationComment could throw the wrong error when the close brace being examined is at the very end of a file.
  • Fixed bug #385 : Generic.CodeAnalysis.JumbledIncrementer improved handling of parse errors/live coding.
  • Fixed bug #394 : Generic.Functions.CallTimePassByReference was not flagging call-time pass-by-reference in anonymous class instantiations
  • Fixed bug #420 : PEAR.Functions.FunctionDeclaration could run into a blocking PHP notice while fixing code containing a parse error.
  • Fixed bug #421 : File::getMethodProperties() small performance improvement & more defensive coding.
  • Fixed bug #423 : PEAR.WhiteSpace.ScopeClosingBrace would have a fixer conflict with itself when a close tag was preceded by non-empty inline HTML.
  • Fixed bug #424 : PSR2.Classes.ClassDeclaration using namespace relative interface names in the extends/implements part of a class declaration would lead to a fixer conflict.
  • Fixed bug #427 : Squiz.Operators.OperatorSpacing would have a fixer conflict with itself when an operator was preceeded by a new line and the previous line ended in a comment.
  • Fixed bug #430 : Squiz.ControlStructures.ForLoopDeclaration: fixed potential undefined array index notice
  • Fixed bug #431 : PSR2.Classes.ClassDeclaration will no longer try to auto-fix multi-line interface implements statements if these are interlaced with comments on their own line. This prevents a potential fixer conflict.
  • Fixed bug #453 : Arrow function tokenization was broken when the return type was a stand-alone true or false; or contained true or false as part of a union type.

Other

  • ESLint 9.0 has been released and changes the supported configuration file format. The (deprecated) Generic.Debug.ESLint sniff only supports the "old" configuration file formats and when using the sniff to run ESLint, the ESLINT_USE_FLAT_CONFIG=false environment variable will need to be set when using ESLint >= 9.0. For more information, see #436.

Statistics

Closed: 0 issues Merged: 22 pull requests

If you like to stay informed about releases and more, follow @​phpcs on Mastodon or @​PHP_CodeSniffer on X.

If you like what you see, please consider funding the PHP_CodeSniffer project. If you already do so: thank you!

Changelog

Sourced from squizlabs/php_codesniffer's changelog.

[3.9.2] - 2024-04-24

Changed

  • The Generic.ControlStructures.DisallowYodaConditions sniff no longer listens for the null coalesce operator. #458
  • Various housekeeping, including improvements to the tests and documentation.

Fixed

  • Fixed bug #381 : Squiz.Commenting.ClosingDeclarationComment could throw the wrong error when the close brace being examined is at the very end of a file.
  • Fixed bug #385 : Generic.CodeAnalysis.JumbledIncrementer improved handling of parse errors/live coding.
  • Fixed bug #394 : Generic.Functions.CallTimePassByReference was not flagging call-time pass-by-reference in anonymous class instantiations
  • Fixed bug #420 : PEAR.Functions.FunctionDeclaration could run into a blocking PHP notice while fixing code containing a parse error.
    • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
  • Fixed bug #421 : File::getMethodProperties() small performance improvement & more defensive coding.
    • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
  • Fixed bug #423 : PEAR.WhiteSpace.ScopeClosingBrace would have a fixer conflict with itself when a close tag was preceded by non-empty inline HTML.
    • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
  • Fixed bug #424 : PSR2.Classes.ClassDeclaration using namespace relative interface names in the extends/implements part of a class declaration would lead to a fixer conflict.
    • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
  • Fixed bug #427 : Squiz.Operators.OperatorSpacing would have a fixer conflict with itself when an operator was preceeded by a new line and the previous line ended in a comment.
    • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
  • Fixed bug #430 : Squiz.ControlStructures.ForLoopDeclaration: fixed potential undefined array index notice
    • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
  • Fixed bug #431 : PSR2.Classes.ClassDeclaration will no longer try to auto-fix multi-line interface implements statements if these are interlaced with comments on their own line. This prevents a potential fixer conflict.
    • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
  • Fixed bug #453 : Arrow function tokenization was broken when the return type was a stand-alone true or false; or contained true or false as part of a union type.
    • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch

Other

  • ESLint 9.0 has been released and changes the supported configuration file format. The (deprecated) Generic.Debug.ESLint sniff only supports the "old" configuration file formats and when using the sniff to run ESLint, the ESLINT_USE_FLAT_CONFIG=false environment variable will need to be set when using ESLint >= 9.0. For more information, see #436.

#381: PHPCSStandards/PHP_CodeSniffer#381 #385: PHPCSStandards/PHP_CodeSniffer#385 #394: PHPCSStandards/PHP_CodeSniffer#394 #420: PHPCSStandards/PHP_CodeSniffer#420 #421: PHPCSStandards/PHP_CodeSniffer#421 #423: PHPCSStandards/PHP_CodeSniffer#423 #424: PHPCSStandards/PHP_CodeSniffer#424 #427: PHPCSStandards/PHP_CodeSniffer#427 #430: PHPCSStandards/PHP_CodeSniffer#430 #431: PHPCSStandards/PHP_CodeSniffer#431

... (truncated)

Commits
  • aac1f6f Merge pull request #459 from PHPCSStandards/feature/changelog-3.9.2
  • f076b63 Changelog for the 3.9.2 release
  • 83f3859 Merge pull request #460 from PHPCSStandards/feature/tests-arrow-functions-vs-...
  • 273959e Tokenizer/PHP: add tests for arrow functions with intersection types
  • b0d2d61 Merge pull request #453 from PHPCSStandards/feature/tokenizer-php-fix-bug-arr...
  • bd6356c Tokenizer/PHP: arrow function tokenization broken when true/false used in ret...
  • 46b883d BackfillFnTokenTest: use data providers when appropriate
  • 5f38ce0 Merge pull request #458 from rodrigoprimo/disallow-yoda-condition-drop-null-c...
  • e4d3743 Generic/DisallowYodaConditions: ?? should not trigger the sniff
  • 8d2363d Merge pull request #394 from rodrigoprimo/test-coverage-call-time-pass-by-ref...
  • Additional commits viewable in compare view


Updates symfony/yaml from 6.4.3 to 6.4.7

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions