Skip to content

chore: bump the dependencies group with 3 updates#96

Merged
indy2kro merged 1 commit into
mainfrom
dependabot/composer/dependencies-de3a5dd743
Jul 7, 2026
Merged

chore: bump the dependencies group with 3 updates#96
indy2kro merged 1 commit into
mainfrom
dependabot/composer/dependencies-de3a5dd743

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the dependencies group with 3 updates: phpstan/phpstan, phpstan/phpstan-phpunit and rector/rector.

Updates phpstan/phpstan from 2.2.2 to 2.2.5

Commits

Updates phpstan/phpstan-phpunit from 2.0.16 to 2.0.18

Release notes

Sourced from phpstan/phpstan-phpunit's releases.

2.0.18

  • f5dc20f - Fix #[RequiresPhpunit] version requirement being evaluated against PHP version (#313)
  • 1e573d3 - AttributeVersionRequirementHelper: add defaults to bool parameters (#312)

2.0.17

  • c2f9775 - Update actions/cache action to v6 (#311)
  • 933f682 - Update actions/cache action to v5.1.0 (#310)
  • 8ec191f - Check #[RequiresPhpunit] in the same way we check #[RequiresPhp] (#308)
  • d138088 - Implement ClassAttributeRequiresPhpVersionRule (#305)
  • caada62 - Update github-actions to v7 (#307)
  • 611a216 - Update github-actions to v3.0.1 (#306)
  • 2312495 - Extract AttributeVersionRequirementHelper (#304)
  • 952d0ee - Warn about incomplete versions in #[RequiresPhp] (#303)
  • bf910b5 - Sanity check #[RequiresPhp] value and range (#269)
  • d309858 - Update github-actions to f3e473d (#301)
  • 4a8e26f - Update github-actions (#300)
  • 2c07f22 - Replace deprecated actions/create-release with softprops/action-gh-release
  • 67c9d57 - Bump GitHub Actions across major versions
  • a7baf3b - Bump GitHub Actions within their current majors
  • 3ea20e6 - Update github-actions
  • 53357ab - Update github-actions
  • 6760e77 - latest infection does not support PHP 8.2 (#296)
  • ecfa568 - Update release-toot.yml (#295)
  • 21ea2e9 - name-collision-detector (#294)
  • 6851172 - Update test assertions
  • e2c6207 - Fix build (#287)
  • db27c1f - Delete .github/workflows/claude-react-on-comment.yml
  • 1c9e1df - Refactor build workflow to use GITHUB_BASE_REF
  • 53c1301 - Lint workflows
  • fca9e3a - [StepSecurity] ci: Harden GitHub Actions
  • bfdcb62 - Remove PHPSTAN_BOT_TOKEN from checkout step
  • bb6479c - React on issues opened and fall back to issue body
  • 10e8509 - Add CLAUDE.md to export-ignore in .gitattributes
  • 2202890 - Add CLAUDE.md with project documentation for AI assistants
  • ffd7013 - Add Claude React on Comment workflow
Commits
  • f5dc20f Fix #[RequiresPhpunit] version requirement being evaluated against PHP vers...
  • 1e573d3 AttributeVersionRequirementHelper: add defaults to bool parameters (#312)
  • c2f9775 Update actions/cache action to v6 (#311)
  • 933f682 Update actions/cache action to v5.1.0 (#310)
  • 8ec191f Check #[RequiresPhpunit] in the same way we check #[RequiresPhp] (#308)
  • d138088 Implement ClassAttributeRequiresPhpVersionRule (#305)
  • caada62 Update github-actions to v7 (#307)
  • 611a216 Update github-actions to v3.0.1 (#306)
  • 2312495 Extract AttributeVersionRequirementHelper (#304)
  • 952d0ee Warn about incomplete versions in #[RequiresPhp] (#303)
  • Additional commits viewable in compare view

Updates rector/rector from 2.5.2 to 2.5.4

Release notes

Sourced from rector/rector's releases.

Released Rector 2.5.4

New Features 🥳

  • [TypeDeclaration] Add ReturnTypeFromGetRepositoryDocblockRector (#8146)

Bugfixes 🐛

  • [DeadCode] Keep generic @ var/@ return self<...> narrowing annotations (#8147)
  • [TypeDeclaration] Handle getRepository() return via local variable in ReturnTypeFromGetRepositoryDocblockRector (#8148)

Released Rector 2.5.3

New Features 🥳

withTypeGuardedClasses()

Are you an open-source project or package used by others? Do you want to make type changes, but keep BC?

Guard the listed classes and their non-final descendants against method signature changes - e.g. adding a return type or a param type — that would break child classes (#8135)

return RectorConfig::configure()
    ->withTypeGuardedClasses([SomeContract::class]);

New Rules 🎉

NegatedAndsToPositiveOrsRector

(CodeQuality) — simplify a negated "and" to "or" via de Morgan (#8082)

 $a = 5;
 $b = 10;
-$result = !($a > 20 && $b <= 50);
+$result = $a <= 20 || $b > 50;

ExplicitAttributeNamedArgsRector

(CodeQuality) — positional attribute args → named args (#8079), Thanks @​DaveLiddament!

-#[SomeAttribute(SomeClass::class, null, ['home'])]
+#[SomeAttribute(value: SomeClass::class, only: null, except: ['home'])]
 class SomeClass
</tr></table> 

... (truncated)

Commits
  • adaa18d Rector 2.5.4
  • 0f317ec Updated Rector to commit 0ff467c73e34a3dac3fe982e5bb34fe39f588b4e
  • 330031f Updated Rector to commit 909090d68bd4a522c7986459c038c7c46a926948
  • c531f9b Updated Rector to commit 9ca6fae0e4ed28519c8e942971e3e347bf74229b
  • 3d3577a Rector 2.5.3
  • 0c7c402 Updated Rector to commit 4a1bd1209069775e773ffa3948bccf8207a3fa3b
  • 9ebd51d Updated Rector to commit a3e6be70886edcd0e7dfa2147714018daf27f7e8
  • d7de43f Updated Rector to commit 96ff0040b16e3fc1405af69b98b1edc75d85024d
  • 40c7216 Updated Rector to commit eb3eb215f7594accf81a5c673c267770fbd5a8d0
  • c8fdb53 Updated Rector to commit eb3eb215f7594accf81a5c673c267770fbd5a8d0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 3 updates: [phpstan/phpstan](https://github.com/phpstan/phpstan-phar-composer-source), [phpstan/phpstan-phpunit](https://github.com/phpstan/phpstan-phpunit) and [rector/rector](https://github.com/rectorphp/rector).


Updates `phpstan/phpstan` from 2.2.2 to 2.2.5
- [Commits](https://github.com/phpstan/phpstan-phar-composer-source/commits)

Updates `phpstan/phpstan-phpunit` from 2.0.16 to 2.0.18
- [Release notes](https://github.com/phpstan/phpstan-phpunit/releases)
- [Commits](phpstan/phpstan-phpunit@2.0.16...2.0.18)

Updates `rector/rector` from 2.5.2 to 2.5.4
- [Release notes](https://github.com/rectorphp/rector/releases)
- [Commits](rectorphp/rector@2.5.2...2.5.4)

---
updated-dependencies:
- dependency-name: phpstan/phpstan
  dependency-version: 2.2.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: phpstan/phpstan-phpunit
  dependency-version: 2.0.18
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: rector/rector
  dependency-version: 2.5.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file php Pull requests that update php code labels Jul 6, 2026
@codacy-production

Copy link
Copy Markdown

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

🟢 Metrics 0 duplication

Metric Results
Duplication 0

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

@indy2kro indy2kro merged commit d531bf1 into main Jul 7, 2026
5 checks passed
@dependabot dependabot Bot deleted the dependabot/composer/dependencies-de3a5dd743 branch July 7, 2026 05:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file php Pull requests that update php code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant