Bump the composer group with 3 updates

[dependabot]

Bumps the composer group with 3 updates: nunomaduro/collision, psalm/plugin-phpunit and vimeo/psalm.

Updates nunomaduro/collision from 8.1.0 to 8.1.1

Changelog

Sourced from nunomaduro/collision's changelog.

v8.2.0 (2024-03-06)

Chore

• Bumps dependencies

Commits

• 13e5d53 docs: updates changelog
• 77f650a chore: bumps dependencies
• 3836d2d docs: version compatibility
• c011e23 docs: updates changelog
• See full diff in compare view

Updates psalm/plugin-phpunit from 0.18.4 to 0.19.0

Release notes

Sourced from psalm/plugin-phpunit's releases.

Add Psalm 6 support, drop Psalm 4 support

This release adds support for Psalm 6, dropping support for Psalm 4.

What's Changed

• Update README.md by @​sander-bol in psalm/psalm-plugin-phpunit#128
• Replace deprecated ::set-output by @​weirdan in psalm/psalm-plugin-phpunit#132
• Dependabot updates for GH actions by @​weirdan in psalm/psalm-plugin-phpunit#133
• Bump actions/checkout from 2 to 3 by @​dependabot in psalm/psalm-plugin-phpunit#134
• Bump actions/cache from 2 to 3 by @​dependabot in psalm/psalm-plugin-phpunit#135
• Switch to MixedReturnStatement, drop Psalm 4 support by @​danog in psalm/psalm-plugin-phpunit#142

New Contributors

• @​sander-bol made their first contribution in psalm/psalm-plugin-phpunit#128
• @​dependabot made their first contribution in psalm/psalm-plugin-phpunit#134

Full Changelog: psalm/psalm-plugin-phpunit@0.18.4...0.19.0

Commits

• e344eaa Merge pull request #142 from nicelocal/master
• 455d96a Hotfix ordering
• 8b6465d Fixup
• 9732c24 Fixup
• 0b108f9 Fixup
• 69d2c9b Bump
• d024ab2 Switch to MixedReturnStatement
• ad94880 Merge pull request #135 from psalm/dependabot/github_actions/actions/cache-3
• 2405edf Merge pull request #134 from psalm/dependabot/github_actions/actions/checkout-3
• 4578a85 Bump actions/cache from 2 to 3
• Additional commits viewable in compare view

Updates vimeo/psalm from 5.22.2 to 5.23.1

Release notes

Sourced from vimeo/psalm's releases.

5.23.1

What's Changed

Fixes

• Fixed analysis of existing static methods if the __callStatic() method exists by @​issidorov in vimeo/psalm#10812

Full Changelog: vimeo/psalm@5.23.0...5.23.1

5.23.0

What's Changed

Features

• Update PHP 8.2 stubs to include SensitiveParameterValue by @​gsteel in vimeo/psalm#10726
• Add list of statements to BeforeFileAnalysisEvent by @​ohader in vimeo/psalm#10728
• Forbid iterating over generators with non-nullable send() by @​weirdan in vimeo/psalm#10697
• Initial support for named parameters for callables by @​weirdan in vimeo/psalm#10772

Fixes

• Improve randomizer stubs by @​danog in vimeo/psalm#10709
• Fix detecting magic static methods by @​issidorov in vimeo/psalm#10704
• Fix non-empty-lowercase-string handling with literal non-lowercase strings by @​kkmuffme in vimeo/psalm#10722
• Fix RiskyTruthyFalsyComparison irrelevant errors when there is no explicit truthy/falsy type by @​kkmuffme in vimeo/psalm#10733
• Allow Override attribute to be used in pure contexts by @​weirdan in vimeo/psalm#10734
• Revert "Allow tainted numerics except for 'html' and 'has_quotes'" by @​ohader in vimeo/psalm#10729
• Fix loading stubs from phar file on Windows by @​weirdan in vimeo/psalm#10748
• Fix a false flag issue with InvalidConstantAssignmentValue by @​MelechMizrachi in vimeo/psalm#10738
• Set inside_isset false when analyzing ArrayDimFetch index by @​edsrzf in vimeo/psalm#10752
• Set inside_isset = false when analyzing arguments by @​edsrzf in vimeo/psalm#10753
• Fix PHP notice - crash on invalid taint-escape by @​kkmuffme in vimeo/psalm#10760
• Fix version comparison for @since by @​weirdan in vimeo/psalm#10764
• Since annotations outside phpstub should not infer php version by @​kkmuffme in vimeo/psalm#10769
• Backport WeakMap iterator fix from master by @​weirdan in vimeo/psalm#10778
• Namespace anonymous classes by @​weirdan in vimeo/psalm#10779
• Update CallMap for sqlsrv_connect and sqlsrv_errors to match reflection by @​theodorejb in vimeo/psalm#10781
• $resource parameter of mkdir() is nullable since PHP 7.3 by @​weirdan in vimeo/psalm#10802
• Use wider class-string when combining class strings with intersections by @​weirdan in vimeo/psalm#10800

Internal changes

• Use TaintKind/TaintKindGroup constants instead of string values by @​ohader in vimeo/psalm#10746
• Skip symlink test on Windows by @​weirdan in vimeo/psalm#10749
• Avoid duplicating code for RiskyTruthyFalsyComparison by @​theodorejb in vimeo/psalm#10765
• fix PHP 8 tests running with wrong --php-version=/phpVersion= if not explicitly specified by @​kkmuffme in vimeo/psalm#10776
• CS fix by @​weirdan in vimeo/psalm#10801

New Contributors

• @​MelechMizrachi made their first contribution in vimeo/psalm#10738

Full Changelog: vimeo/psalm@5.22.2...5.23.0

Commits

• 8471a89 Merge pull request #10812 from issidorov/bug-10807
• fe42e88 Resolve fail test #10807
• 2a91bd6 Added test for #10807
• 005e318 Merge pull request #10800 from weirdan/10799-use-wider-classstring
• 739d87d Use wider class-string when combining class strings with intersections
• 87f7101 Merge pull request #10802 from weirdan/10796-nullable-resource-for-mkdir
• 5c780c7 $resource parameter of mkdir() is nullable since PHP 7.3
• 02b58a5 Merge pull request #10801 from weirdan/fix-trailing-commas-after-anon-functions
• 8e1aa46 CS fix
• dca888c Merge pull request #10781 from theodorejb/fix-sqlsrv-callmap
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.