Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the dependencies group with 2 updates #1577

Merged
merged 3 commits into from
Aug 16, 2023
Merged

Bump the dependencies group with 2 updates #1577

merged 3 commits into from
Aug 16, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 14, 2023

Bumps the dependencies group with 2 updates: dominikb/composer-license-checker and phpstan/phpstan.

Updates dominikb/composer-license-checker from 2.4.1 to 2.4.2

Release notes

Sourced from dominikb/composer-license-checker's releases.

2.4.2 - 2023-08-13

Change

  • Update integration with tldrlegal to work with their new website.
Changelog

Sourced from dominikb/composer-license-checker's changelog.

2.4.2 - 2023-08-13

Change

  • Update integration with tldrlegal to work with their new website.
Commits

Updates phpstan/phpstan from 1.10.27 to 1.10.29

Release notes

Sourced from phpstan/phpstan's releases.

1.10.29

Improvements 🔧

  • Update nikic/php-parser to v4.17.1
    • PHP 8.3 features are no longer parse errors. Full-fledged PHP 8.3 support is coming later this year.
  • Update BetterReflection to 6.12.0

Bugfixes 🐛

Function signature fixes 🤖

1.10.28

Improvements 🔧

Bugfixes 🐛

Internals 🔍

Commits
  • ee5d8f2 PHPStan 1.10.29
  • 7c80750 Updated PHPStan to commit 7c8075089ae70a63637e8e77ba52cd41152bbb30
  • 8632ccf Updated PHPStan to commit 8632ccf13d9af658e6f8b49589826672e2f07416
  • 8102c4e Updated PHPStan to commit 8102c4ea57c9a09906f25458c3fa94ac4734694f
  • 3673f33 Updated PHPStan to commit 3673f332ccb735eb4cb56f86fdb51a9a2f3bd472
  • 7028469 Updated PHPStan to commit 70284695660ad04ff3d1b87be464d0dbcb0abea3
  • a32d15b Updated PHPStan to commit a32d15bd4005337227946d668802c64a3b9c5833
  • 5113389 Updated PHPStan to commit 511338926d57797f6a6fb855d971f95a298c25eb
  • be637c2 Updated PHPStan to commit be637c28c6d03f88e09e7a634e5f02fb60b82d73
  • 34fc187 Updated PHPStan to commit 34fc18758aa8d55788d994df32b023e03d77c0e5
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> dependency will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> dependency will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the dependencies group with 2 updates
49de5c0 
Bumps the dependencies group with 2 updates: [dominikb/composer-license-checker](https://github.com/dominikb/composer-license-checker) and [phpstan/phpstan](https://github.com/phpstan/phpstan).


Updates `dominikb/composer-license-checker` from 2.4.1 to 2.4.2
- [Release notes](https://github.com/dominikb/composer-license-checker/releases)
- [Changelog](https://github.com/dominikb/composer-license-checker/blob/master/CHANGELOG.md)
- [Commits](dominikb/composer-license-checker@2.4.1...2.4.2)

Updates `phpstan/phpstan` from 1.10.27 to 1.10.29
- [Release notes](https://github.com/phpstan/phpstan/releases)
- [Changelog](https://github.com/phpstan/phpstan/blob/1.11.x/CHANGELOG.md)
- [Commits](phpstan/phpstan@1.10.27...1.10.29)

---
updated-dependencies:
- dependency-name: dominikb/composer-license-checker
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: phpstan/phpstan
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Aug 14, 2023
@danepowell
Copy link
Contributor

danepowell commented Aug 16, 2023
edited
Loading

Test failures are an awful confluence of issues. react/promise 3 was just released. Composer 2.x-dev supports that, but 2.5.8 still supports react/promise 2. Composer chose to move to 2.x-dev instead of staying on an older release of react/promise.

The problem is this triggered a Composer bug causing the phpstan rule to be missing: composer/composer#11586

I manually tweaked composer.lock to keep a stable Composer release for now. That may be reset next time an update runs, but hopefully the Composer bug is fixed before then. Ideally there'd be some way to tell Composer to prefer a stable releases over new ones.

@codecov
Copy link

codecov bot commented Aug 16, 2023

Codecov Report

Patch and project coverage have no change.

Comparison is base (4e678f9) 91.76% compared to head (3fa93ad) 91.76%.

Additional details and impacted files 
@@            Coverage Diff            @@
##               main    #1577   +/-   ##
=========================================
  Coverage     91.76%   91.76%           
  Complexity     1809     1809           
=========================================
  Files           124      124           
  Lines          6470     6470           
=========================================
  Hits           5937     5937           
  Misses          533      533

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@danepowell danepowell mentioned this pull request Aug 16, 2023
Merged
@danepowell danepowell merged commit 2c39d52 into main Aug 16, 2023
12 checks passed
@dependabot dependabot bot deleted the dependabot/composer/dependencies-2d13beaef7 branch August 16, 2023 18:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@danepowell