Skip to content

chore(deps): lockfile maintenance#563

Merged
CybotTM merged 2 commits into
mainfrom
chore/lockfile-maintenance
Jul 5, 2026
Merged

chore(deps): lockfile maintenance#563
CybotTM merged 2 commits into
mainfrom
chore/lockfile-maintenance

Conversation

@CybotTM

@CybotTM CybotTM commented Jul 5, 2026

Copy link
Copy Markdown
Member

Routine lockfile refresh — latest versions allowed by the existing constraints, no composer.json/package.json changes.

  • composer.lock: mostly Symfony components v8.1.0 → v8.1.1 (26 pkgs) plus a few patch/minor bumps within range.
  • bun.lock: already current (no changes).

Verified locally: PHPStan L10 clean, php-cs-fixer clean, full suite 2185 tests green.

Refresh composer.lock to the latest versions allowed by the existing constraints
(mostly Symfony components v8.1.0 -> v8.1.1). No composer.json constraint changes;
bun.lock already current. Full suite (2185 tests), PHPStan L10, and cs-check green.

Signed-off-by: Sebastian Mendel <info@sebastianmendel.de>
Copilot AI review requested due to automatic review settings July 5, 2026 14:23

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot wasn't able to review any files in this pull request.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates various PHP dependencies in composer.lock, including Guzzle, Sentry, Twig, PHP-CS-Fixer, PHP-Parser, PHPStan, PHPUnit, Rector, and several Symfony components, to their latest versions. I have no feedback to provide as there are no review comments and the changes consist solely of standard dependency updates.

Important

The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.

@codecov

codecov Bot commented Jul 5, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 84.53%. Comparing base (b35bf47) to head (31e7fc6).

Additional details and impacted files
@@             Coverage Diff              @@
##               main     #563      +/-   ##
============================================
- Coverage     84.75%   84.53%   -0.23%     
  Complexity     3286     3286              
============================================
  Files           229      229              
  Lines          8934     8934              
============================================
- Hits           7572     7552      -20     
- Misses         1362     1382      +20     
Flag Coverage Δ
integration 55.61% <ø> (-0.23%) ⬇️
unit 48.04% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Pin rector/rector to 2.4.5 (was ^2.1). 2.4.6+ misfires a rule that renames
User::eraseCredentials() to serialize() — wrong for a security-interface method,
and it breaks PHPStan (and would break auth at runtime). Holding 2.4.5 keeps the
Rector dry-run gate clean; the rector upgrade is deferred as a separate task.

phpstan/phpstan still refreshed (2.2.2 -> 2.2.5) along with the runtime patches.

Signed-off-by: Sebastian Mendel <info@sebastianmendel.de>
@sonarqubecloud

sonarqubecloud Bot commented Jul 5, 2026

Copy link
Copy Markdown

@CybotTM CybotTM merged commit 9f955b6 into main Jul 5, 2026
26 checks passed
@CybotTM CybotTM deleted the chore/lockfile-maintenance branch July 5, 2026 14:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants