Bump squizlabs/php_codesniffer from 3.3.2 to 3.5.5

[dependabot-preview]

Bumps squizlabs/php_codesniffer from 3.3.2 to 3.5.5.

Release notes

Sourced from squizlabs/php_codesniffer's releases.

3.5.5

• The T_FN backfill now works more reliably so T_FN tokens only ever represent real arrow functions
  • Thanks to Juliette Reinders Folmer for the patch
• Fixed an issue where including sniffs using paths containing multiple dots would silently fail
• Generic.CodeAnalysis.EmptyPHPStatement now detects empty statements at the start of control structures
• Error wording in PEAR.Functions.FunctionCallSignature now always uses "parenthesis" instead of sometimes using "bracket"
  • Thanks to Vincent Langlet for the patch
• Fixed bug #2787 : Squiz.PHP.DisallowMultipleAssignments not ignoring typed property declarations
  • Thanks to Juliette Reinders Folmer for the patch
• Fixed bug #2810 : PHPCBF fails to fix file with empty statement at start on control structure
• Fixed bug #2812 : Squiz.Arrays.ArrayDeclaration not detecting some arrays with multiple arguments on the same line
  • Thanks to Jakub Chábek for the patch
• Fixed bug #2826 : Generic.WhiteSpace.ArbitraryParenthesesSpacing doesn't detect issues for statements directly after a control structure
  • Thanks to Vincent Langlet for the patch
• Fixed bug #2848 : PSR12.Files.FileHeader false positive for file with mixed PHP and HTML and no file header
• Fixed bug #2849 : Generic.WhiteSpace.ScopeIndent false positive with arrow function inside array
• Fixed bug #2850 : Generic.PHP.LowerCaseKeyword complains __HALT_COMPILER is uppercase
• Fixed bug #2853 : Undefined variable error when using Info report
  • Thanks to Juliette Reinders Folmer for the patch
• Fixed bug #2865 : Double arrow tokenized as T_STRING when placed after function named "fn"
• Fixed bug #2867 : Incorrect scope matching when arrow function used inside IF condition
• Fixed bug #2868 : phpcs:ignore annotation doesnt work inside a docblock
• Fixed bug #2878 : PSR12.Files.FileHeader conflicts with Generic.Files.LineEndings
• Fixed bug #2895 : PSR2.Methods.FunctionCallSignature.MultipleArguments false positive with arrow function argument

3.5.4

• The PHP 7.4 numeric separator backfill now works correctly for more float formats
  • Thanks to Juliette Reinders Folmer for the patch
• The PHP 7.4 numeric separator backfill is no longer run on PHP version 7.4.0 or greater
• File::getCondition() now accepts a 3rd argument that allows for the closest matching token to be returned
  • By default, it continues to return the first matched token found from the top of the file
• Fixed detection of array return types for arrow functions
• Added Generic.PHP.DisallowRequestSuperglobal to ban the use of the $_REQUEST superglobal
  • Thanks to Morerice for the contribution
• Generic.ControlStructures.InlineControlStructure no longer shows errors for while and for statements without a body
  • Previously it required these to have curly braces, but there were no statements to enclose in them
  • Thanks to Juliette Reinders Folmer for the patch
• PSR12.ControlStructures.BooleanOperatorPlacement can now be configured to enforce a specific operator position
  • By default, the sniff ensures that operators are all at the beginning or end of lines, but not a mix of both
  • Set the allowOnly property to first to enforce all boolean operators to be at the start of a line
  • Set the allowOnly property to last to enforce all boolean operators to be at the end of a line
  • Thanks to Vincent Langlet for the patch
• PSR12.Files.ImportStatement now auto-fixes import statements by removing the leading slash
  • Thanks to Michał Bundyra for the patch
• Squiz.ControlStructures.ForLoopDeclaration now has a setting to ignore newline characters
  • Default remains FALSE, so newlines are not allowed within for definitions
  • Override the ignoreNewlines setting in a ruleset.xml file to change
• Squiz.PHP.InnerFunctions now handles multiple nested anon classes correctly
• Fixed bug #2497 : Sniff properties not set when referencing a sniff using relative paths or non-native slashes
  • Thanks to Juliette Reinders Folmer for the patch

... (truncated)

Commits

• 73e2e7f Prepare for 3.5.5 release
• fb6dc4b Changelog for #2812
• 8b96c3f Merge branch 'fix-multiline-array' of https://github.com/grongor/PHP_CodeSniffer
• ff0cb00 Changelog for #2921 (ref #2825)
• 1dc58c1 Wording
• 7c406b7 Changelog for #2787 (ref #2788)
• c5eaed8 Merge branch 'feature/2787-squiz-disallowmultipleassignments-bugfix' of https...
• 27cbb66 Fixed bug #2867 : Incorrect scope matching when arrow function used inside IF...
• caddfde Changed debug message (ref #2903)
• cf81a2c Merge branch 'feature/php-tokenizer-add-missing-verbose-msg' of https://githu...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)