chore(deps): bump the php-dependencies group across 1 directory with 3 updates

[dependabot[bot]]

Bumps the php-dependencies group with 3 updates in the / directory: mopa/bootstrap-bundle, nelmio/security-bundle and friends-of-behat/symfony-extension.

Updates mopa/bootstrap-bundle from 3.4.2 to 3.5.0

Release notes

Sourced from mopa/bootstrap-bundle's releases.

3.5.0

include sf 7

Commits

• af62c63 Support Symfony 7 (#1284)
• See full diff in compare view

Updates nelmio/security-bundle from 3.3.0 to 3.4.0

Release notes

Sourced from nelmio/security-bundle's releases.

v3.4.0

What's Changed

• Deprecated X-Xss-Protection by @​maxhelias in nelmio/NelmioSecurityBundle#342
• Deprecated the default signed cookie algorithm by @​martijnc in nelmio/NelmioSecurityBundle#355
• Added legacy_hash_algo to support backward-compatible hash_algo changes in signed cookies by @​martijnc in nelmio/NelmioSecurityBundle#351
• Added ability to set a custom CSP request matcher to define exactly which requests should receive CSP headers by @​ihmels in nelmio/NelmioSecurityBundle#241
• Fixed DI Extension class deprecation with Symfony 7.1 by @​norkunas in nelmio/NelmioSecurityBundle#350
• Fixed compatibility with twig 3.9 and yielding by @​jderusse in nelmio/NelmioSecurityBundle#344 & nelmio/NelmioSecurityBundle#353

Full Changelog: https://github.com/nelmio/NelmioSecurityBundle/compare/v3.3.0...v3.4.0

Changelog

Sourced from nelmio/security-bundle's changelog.

3.4.0 (xxxx-xx-xx)

• Added csp > request_matcher option to allow the use of a custom request matcher (Symfony\Component\HttpFoundation\RequestMatcherInterface) (#241)
• Deprecated X-Xss-Protection header, use CSP instead (#342)
• Fixed Symfony 7.1 deprecation warning (#350)
• Fixed Twig 3.9 compatibility with yielding extensions (#344)

Commits

• de34d69 Merge pull request #354 from martijnc/restore-default-xss-confg
• 2958114 Merge pull request #355 from martijnc/feature/deprecate-sha256-default
• 1a35093 Merge branch 'master' into feature/deprecate-sha256-default
• 7de9ce4 Merge pull request #351 from martijnc/feature/cookie-algo-upgrade-path
• 1b7cfe4 Simplify code
• 2731d70 Deprecate the default signed cookie algorithm
• 4d4351b Restore deprecated XSS default configuration values
• 15ce1d6 Add legacy_hash_algo to support backward-compatible hash_algo changes
• 6a12626 Merge pull request #353 from jderusse/yield-deprec
• f1a3b73 Fix deprecation with CSPNode yield
• Additional commits viewable in compare view

Updates friends-of-behat/symfony-extension from 2.5.0 to 2.6.0

Release notes

Sourced from friends-of-behat/symfony-extension's releases.

2.6.0

What's Changed

• Remove usage of the deprecated Http Kernel DI Extension by @​soyuka in FriendsOfBehat/SymfonyExtension#212

New Contributors

• @​soyuka made their first contribution in FriendsOfBehat/SymfonyExtension#212

Full Changelog: https://github.com/FriendsOfBehat/SymfonyExtension/compare/v2.5.0...v2.6.0

Commits

• dfb1c9c Merge pull request #212 from soyuka/patch-1
• ef60e3d Http Kernel DI Extension is deprecated
• 67408ca Merge pull request #207 from lchrusciel/upgrade-improvement
• 6376400 [README] Mention library change in upgrade file
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[sonarcloud[bot]]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud