chore(deps): lock file maintenance

[renovate[bot]]

This PR contains the following updates:

Update	Change
lockFileMaintenance	All locks refreshed

🔧 This Pull Request updates lock files to use the latest dependency versions.

---

Configuration

📅 Schedule: Branch creation - "before 5am on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions[bot]]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
composer/felixfbecker/language-server-protocol	1.5.3	Unknown	Unknown
composer/nikic/php-parser	4.19.4	:green_circle: 4.7	Details Check Score Reason Code-Review :warning: 0 Found 2/30 approved changesets -- score normalized to 0 Maintained :green_circle: 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :warning: -1 no workflows found Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: -1 No tokens found Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: -1 no dependencies found Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Branch-Protection :green_circle: 3 branch protection is not maximal on development and all release branches SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
composer/phpstan/phpdoc-parser	1.32.0	:green_circle: 5.3	Details Check Score Reason Code-Review :warning: 1 Found 3/30 approved changesets -- score normalized to 1 Maintained :green_circle: 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found Packaging :warning: -1 packaging workflow not detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches Pinned-Dependencies :warning: -1 no dependencies found Binary-Artifacts :green_circle: 10 no binaries found in the repo Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Security-Policy :green_circle: 10 security policy file detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/@rollup/pluginutils	5.1.2	:green_circle: 3.9	Details Check Score Reason Code-Review :green_circle: 4 Found 14/30 approved changesets -- score normalized to 4 Maintained :green_circle: 10 30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Security-Policy :warning: 0 security policy file not detected Binary-Artifacts :green_circle: 7 binaries present in source code Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 0 13 existing vulnerabilities detected
npm/browserslist	4.24.0	:green_circle: 4.6	Details Check Score Reason Code-Review :warning: 2 Found 7/30 approved changesets -- score normalized to 2 Maintained :green_circle: 10 11 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Branch-Protection :warning: 0 branch protection not enabled on development/release branches Binary-Artifacts :green_circle: 10 no binaries found in the repo Security-Policy :warning: 0 security policy file not detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/caniuse-lite	1.0.30001664	:green_circle: 4.3	Details Check Score Reason Maintained :green_circle: 10 21 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 Code-Review :warning: 0 Found 0/28 approved changesets -- score normalized to 0 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches Security-Policy :warning: 0 security policy file not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 9 1 existing vulnerabilities detected
npm/electron-to-chromium	1.5.29	Unknown	Unknown
npm/eslint-module-utils	2.12.0	:green_circle: 5.9	Details Check Score Reason Code-Review :green_circle: 4 Found 12/29 approved changesets -- score normalized to 4 Maintained :green_circle: 10 29 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/eslint-plugin-react	7.37.0	:green_circle: 5.9	Details Check Score Reason Code-Review :green_circle: 4 Found 12/25 approved changesets -- score normalized to 4 Maintained :green_circle: 10 24 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy :green_circle: 10 security policy file detected Packaging :warning: -1 packaging workflow not detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0
npm/terser	5.34.1	:green_circle: 6.3	Details Check Score Reason Maintained :green_circle: 10 30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10 Code-Review :warning: 1 Found 3/29 approved changesets -- score normalized to 1 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Packaging :warning: -1 packaging workflow not detected Security-Policy :green_circle: 10 security policy file detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Branch-Protection :warning: 0 branch protection not enabled on development/release branches Pinned-Dependencies :green_circle: 5 dependency not pinned by hash detected -- score normalized to 5 SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Fuzzing :warning: 0 project is not fuzzed Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
npm/update-browserslist-db	1.1.1	:green_circle: 3.8	Details Check Score Reason Code-Review :warning: 2 Found 4/18 approved changesets -- score normalized to 2 Maintained :green_circle: 10 17 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Packaging :warning: -1 packaging workflow not detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Branch-Protection :warning: 0 branch protection not enabled on development/release branches Fuzzing :warning: 0 project is not fuzzed SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :warning: 2 8 existing vulnerabilities detected

Scanned Manifest Files

composer.lock

• felixfbecker/language-server-protocol@1.5.3
• nikic/php-parser@4.19.4
• phpstan/phpdoc-parser@1.32.0
• felixfbecker/language-server-protocol@1.5.2
• nikic/php-parser@4.19.2
• phpstan/phpdoc-parser@1.31.0

package-lock.json

• @rollup/pluginutils@5.1.2
• browserslist@4.24.0
• caniuse-lite@1.0.30001664
• electron-to-chromium@1.5.29
• eslint-module-utils@2.12.0
• eslint-plugin-react@7.37.0
• terser@5.34.1
• update-browserslist-db@1.1.1
• @rollup/pluginutils@5.1.1
• browserslist@4.23.3
• caniuse-lite@1.0.30001662
• electron-to-chromium@1.5.27
• eslint-module-utils@2.11.0
• eslint-plugin-react@7.36.1
• terser@5.33.0
• update-browserslist-db@1.1.0