Update phpunit/phpunit from 8.3.4 to 8.5.43

[violinist-bot]

If you have a high test coverage index, and your tests for this pull request are passing, it should be both safe and recommended to merge this update.

Updated packages

Some times an update also needs new or updated dependencies to be installed. Even if this branch is for updating one dependency, it might contain other installs or updates. All of the updates in this branch can be found here:

• phpdocumentor/reflection-common 1.0.1 (package was removed)
• phpdocumentor/reflection-docblock 4.3.1 (package was removed)
• phpdocumentor/type-resolver 0.4.0 (package was removed)
• phpspec/prophecy 1.8.1 (package was removed)
• webmozart/assert 1.4.0 (package was removed)
• doctrine/instantiator: 1.5.0 (updated from 1.2.0)
• myclabs/deep-copy: 1.13.4 (updated from 1.9.3)
• phar-io/manifest: 2.0.4 (updated from 1.0.3)
• phar-io/version: 3.2.1 (updated from 2.0.1)
• phpunit/php-code-coverage: 7.0.17 (updated from 7.0.7)
• phpunit/php-file-iterator: 2.0.6 (updated from 2.0.2)
• phpunit/php-timer: 2.1.4 (updated from 2.1.2)
• phpunit/php-token-stream: 3.1.3 (updated from 3.1.0)
• phpunit/phpunit: 8.5.43 (updated from 8.3.4)
• sebastian/code-unit-reverse-lookup: 1.0.3 (updated from 1.0.1)
• sebastian/comparator: 3.0.6 (updated from 3.0.2)
• sebastian/diff: 3.0.6 (updated from 3.0.2)
• sebastian/environment: 4.2.5 (updated from 4.2.2)
• sebastian/exporter: 3.1.6 (updated from 3.1.1)
• sebastian/global-state: 3.0.6 (updated from 3.0.0)
• sebastian/object-enumerator: 3.0.5 (updated from 3.0.3)
• sebastian/object-reflector: 1.1.3 (updated from 1.1.1)
• sebastian/recursion-context: 3.0.3 (updated from 3.0.0)
• sebastian/resource-operations: 2.0.3 (updated from 2.0.1)
• sebastian/type: 1.1.5 (updated from 1.1.3)
• theseer/tokenizer: 1.2.3 (updated from 1.1.3)

Working with this branch

If you find you need to update the codebase to be able to merge this branch (for example update some tests or rebuild some assets), please note that violinist will force push to this branch to keep it up to date. This means you should not work on this branch directly, since you might lose your work. Read more about branches created by violinist.io here.

---

This is an automated pull request from Violinist: Continuously and automatically monitor and update your composer dependencies. Have ideas on how to improve this message? All violinist messages are open-source, and can be improved here.

Summary by CodeRabbit

• Chores
  • Updated the version of the testing framework dependency to improve compatibility and stability.

[coderabbitai]

Walkthrough

The version requirement for the "phpunit/phpunit" development dependency in the composer.json file was updated from "8.3.4" to "8.5.43". No other dependencies or configurations were modified.

Changes

Cohort / File(s)	Change Summary
PHPUnit Version Update composer.json	Updated "phpunit/phpunit" version constraint from 8.3.4 to 8.5.43

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

A hop and a skip, a version anew,
PHPUnit’s numbers have grown by a few.
Composer’s garden, dependencies bloom,
With 8.5.43, tests will resume.
🐇✨

Happy coding, from this rabbit’s room!

Note

🔌 MCP (Model Context Protocol) integration is now available in Early Access!

Pro users can now connect to remote MCP servers under the Integrations page to get reviews and chat conversations that understand additional development context.

✨ Finishing Touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai generate unit tests to generate unit tests for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0041136 and 5b23da5.

⛔ Files ignored due to path filters (1)

• composer.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• composer.json (1 hunks)

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Prefer a non-pinned constraint and verify PHP/CI compatibility

• Pinned "8.5.43" blocks future 8.5.x patches. Consider "^8.5" (or "8.5.*") to receive bug/security fixes automatically.
• PHPUnit 8.5 requires PHP >= 7.2. If your CI or local dev uses PHP 7.1.x, installs/tests will fail. Consider declaring the PHP requirement to make this explicit.

Apply this inline change:

-        "phpunit/phpunit": "8.5.43",
+        "phpunit/phpunit": "^8.5",

Optionally, make the PHP runtime requirement explicit (outside the changed line range):

{
  "require": {
    "php": ">=7.2",
    "guzzlehttp/guzzle": "6.3.*",
    "symfony/dotenv": "4.3.*",
    "ext-json": "*"
  }
}

Run this script to confirm constraints and CI PHP versions:

---

🏁 Script executed:

#!/bin/bash
set -e

echo "composer.json PHP requirement:"
jq -r '.require.php // "(none declared)"' composer.json

echo "composer.json PHPUnit constraint:"
jq -r '.["require-dev"]["phpunit/phpunit"]' composer.json

if [ -f composer.lock ]; then
  echo "composer.lock PHPUnit resolved version:"
  jq -r '.["packages-dev"][]? | select(.name=="phpunit/phpunit") | .version' composer.lock
else
  echo "composer.lock not found (skipping lock verification)"
fi

echo ""
echo "Searching CI configs for PHP versions…"
for f in ".travis.yml" "azure-pipelines.yml" "circle.yml" "appveyor.yml"; do
  if fd -H -a -t f -p "$f" >/dev/null 2>&1; then
    fd -H -a -t f -p "$f" | while read -r file; do
      echo "--- $file ---"
      sed -n '1,200p' "$file" | sed 's/^/    /'
    done
  fi
done

if fd -H -a -t f -p ".github/workflows" >/dev/null 2>&1; then
  fd -H -a -t f -p ".github/workflows" | while read -r wf; do
    echo "--- $wf ---"
    sed -n '1,200p' "$wf" | sed 's/^/    /'
  done
fi

Length of output: 2153

---

Composer: Loosen PHPUnit constraint and declare PHP requirement

• Loosen the pinned PHPUnit version so you receive future 8.5.x patches:

-        "phpunit/phpunit": "8.5.43",
+        "phpunit/phpunit": "^8.5",

• Explicitly declare your PHP runtime baseline (PHPUnit 8.5 needs PHP ≥ 7.2; your Travis CI runs 7.2 & 7.3):

 {
   "require": {
-    // no PHP version declared
+    "php": ">=7.2",
     "guzzlehttp/guzzle": "6.3.*",
     "symfony/dotenv": "4.3.*",
     "ext-json": "*"
   }
 }

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents

In composer.json at line 23, the PHPUnit version is strictly pinned to 8.5.43,
which limits receiving future patch updates. Loosen the PHPUnit version
constraint to allow any 8.5.x version by changing it to "8.5.*". Additionally,
explicitly declare the PHP version requirement in the composer.json "require"
section to specify the minimum PHP version as 7.2, matching the PHPUnit 8.5
requirement and your CI environment.