fix(deps): update all non-major dependencies

This MR contains the following updates:

Package	Type	Update	Change
api-platform/core (source)	require	minor	2.5.10 -> 2.6.3
phpstan/phpstan	require-dev	patch	0.12.82 -> 0.12.83
symfony/framework-bundle (source)	require	patch	4.4.20 -> 4.4.21
symfony/http-client (source)	require-dev	patch	4.4.20 -> 4.4.21
symfony/phpunit-bridge (source)	require-dev	patch	4.4.20 -> 4.4.21
vimeo/psalm	require-dev	minor	4.6.4 -> 4.7.0

---

Release Notes

api-platform/core

v2.6.3

Compare Source

• Identifiers: Re-allow POST operations even if no identifier is defined (#​4052)
• Hydra: Fix partial pagination which no longer returns the hydra:next property (#​4015)
• Security: Use a NullToken when using the new authenticator manager in the resource access checker (#​4067)
• Mercure: Do not use data in options when deleting (#​4056)
• Doctrine: Support for foreign identifiers (#​4042)
• Doctrine: Do not add join or lookup for search filter with empty value (#​3703)
• JSON Schema: Allow generating documentation when property and method start from "is" (property isActive and method isActive) (#​4064)
• OpenAPI: Fix missing 422 responses in the documentation (#​4086)
• OpenAPI: Fix error when schema is empty (#​4051)
• OpenAPI: Do not set scheme to oauth2 when generating securitySchemes (#​4073)
• OpenAPI: Fix missing $ref when no type is used in context (#​4076)
• OpenAPI: Fix response support via the openapi_context (#​4116)
• OpenAPI: Fix Link->requestBody default value (#​4116)
• GraphQL: Fix "Resource class cannot be determined." error when a null iterable field is returned (#​4092)
• Metadata: Check the output class when calculating serializer groups (#​3696)
• OpenAPI: Using an implicit flow is now valid, changes oauth configuration default values (#​4115)

v2.6.2

Compare Source

• Validation: properties regex pattern is now compliant with ECMA 262 (#​4027)
• OpenApi: normalizer is now backward compatible (#​4016), fix the name converter issue changing OpenApi properties (#​4019)
• Identifiers: Break after transforming the identifier (#​3985), use the identifiers context to transform with multiple classes (#​4029)
• JsonSchema: Revert ALLOW_EXTRA_ATTRIBUTE=false as it is a BC break and will be done in 3.0 instead see #​3881 (#​4007)
• Subresource: fix ApiSubresource maxDepth option (#​3986), recursive issue in the profiler (#​4023)
• OpenApi: Allow requestBody and parameters via the openapi_context (#​4001), make openapi_context work on subresources (#​4004), sort paths (#​4013)
• Config: Allow disabling OpenAPI and Swagger UI without loosing the schema (#​3968 and #​4018), fix pagination defaults (#​4011)
• DataPersister: context propagation fix (#​3983)

v2.6.1

Compare Source

• Fix defaults when using attributes (#​3978)

v2.6.0

Compare Source

• Cache: adds a max_header_length configuration (#​2865)
• Cache: support stale-while-revalidate and stale-if-error cache control headers (#​3439)
• Config: Add an option to set global default values (#​3151)
• DTO: Add ApiPlatform\Core\DataTransformer\DataTransformerInitializerInterface to pre-hydrate inputs (#​3701)
• DTO: Improve Input/Output support (#​3231)
• Data Persisters: Add previous_data to the context passed to persisters when available (#​3752)
• Data Persister: Add a ResumableDataPersisterInterface that allows to call multiple persisters (#​3912)
• Debug: Display API Platform's version in the debug bar (#​3235)
• Docs: Make asset_package configurable (#​3764)
• Doctrine: Allow searching on multiple values on every strategies (#​3786)
• Elasticsearch: The Paginator class constructor now receives the denormalization context to support denormalizing documents using serialization groups. This change may cause potential BC breaks for existing applications as denormalization was previously done without serialization groups.
• GraphQL: BC New syntax for the filters' arguments to preserve the order: order: [{foo: 'asc'}, {bar: 'desc'}] (#​3468)
• GraphQL: BC operation is now operationName to follow the standard (#​3568)
• GraphQL: BC paginationType is now pagination_type (#​3614)
• GraphQL: Add page-based pagination (#​3175, #​3517)
• GraphQL: Allow formatting GraphQL errors based on exceptions (#​3063)
• GraphQL: Errors thrown from the GraphQL library can now be handled (#​3632, #​3643)
• GraphQL: Possibility to add a custom description for queries, mutations and subscriptions (#​3477, #​3514)
• GraphQL: Subscription support with Mercure (#​3321)
• GraphQL: Support for field name conversion (serialized name) (#​3455, #​3516)
• Hydra: Sort entries in the API entrypoint (#​3091)
• Identifiers: Add Symfony Uid support (#​3715)
• IriConverter: BC Fix double encoding in IRIs - may cause breaking change as some characters no longer encoded in output (#​3552)
• JSON-LD: Add an iri_only attribute to simplify documents structure (useful when using Vulcain) (#​3275)
• Exception: Response error codes can be specified via the ApiPlatform\Core\Exception\ErrorCodeSerializableInterface (#​2922)
• Mercure: Add a normalization_context option in mercure attribute (#​3772)
• Messenger: Add a context stamp containing contextual data (#​3157)
• Metadata: Deprecate InheritedPropertyMetadataFactory (#​3273)
• Metadata: Improve and simplify identifiers management (#​3825)
• Metadata: Support the Symfony Serializer's @Ignore annotation (#​3820)
• Metadata: Support using annotations as PHP 8 attributes (#​3869, #​3868, #​3851)
• Metadata: Throw an error when no identifier is defined (#​3871)
• Metadata: Use id as default identifier if none provided (#​3874)
• MongoDB: Mercure support (#​3290)
• MongoDB: Possibility to add execute options (aggregate command fields) for a resource, like allowDiskUse (#​3144)
• OpenAPI: Add default values of PHP properties to the documentation (#​2386)
• OpenAPI: BC Replace all characters other than [a-zA-Z0-9\.\-_] to . in definition names to be compliant with OpenAPI 3.0 (#​3669)
• OpenAPI: Refactor OpenAPI v3 support, OpenAPI v2 (aka Swagger) is deprecated (#​3407)
• Order: Support default order for a specific custom operation (#​3784)
• PATCH: BC Support patching deep objects, previously new objects were created instead of updating current objects (#​3847)
• Router: UrlGenerator strategy configuration via url_generation_strategy (#​3198)
• Routing: Add stateless ApiResource attribute (#​3436)
• Security: Add support for access control rule on attributes (#​3503)
• Subresources: resourceClass can now be defined as a container parameter in XML and YAML definitions
• Symfony: improved 5.x support with fewer deprecations (#​3589)
• Symfony: Allow using ItemNormalizer without Symfony SecurityBundle (#​3801)
• Symfony: Lazy load all commands (#​3798)
• Tests: adds a method to retrieve the CookieJar in the test Client getCookieJar
• Tests: Fix the registration of the test.api_platform.client service when the FrameworkBundle bundle is registered after the ApiPlatformBundle bundle (#​3928)
• Validator: Add the violation code to the violation properties (#​3857)
• Validator: Allow customizing the validation error status code. BC Status code for validation errors is now 422, use exception_to_status to fallback to 400 if needed (#​3808)
• Validator: Autoconfiguration of validation groups generator via ApiPlatform\Core\Validator\ValidationGroupsGeneratorInterface
• Validator: Deprecate using a validation groups generator service not implementing ApiPlatform\Core\Bridge\Symfony\Validator\ValidationGroupsGeneratorInterface (#​3346)
• Validator: Property validation through OpenAPI (#​33329)
• Validator: Query filters and parameters are validated (#​1723)
• ExceptionInterface now extends \Throwable (#​3217)

phpstan/phpstan

v0.12.83

Compare Source

Improvements 🔧

• Precise try-catch-finally analysis (#​481), thanks @​rainbow-alex for the kick-off of this feature!
  • Learn more on PHPStan's blog
  • Fixes: #​1597, #​3617, #​778, #​2969, #​3004, #​3710, #​3822, #​505, #​1670, #​1219, #​3302
• Dependent types - understand truthy BooleanOr and falsey BooleanAnd scope (phpstan/phpstan-src@2c42ef1), #​4733, #​4326, #​987, #​4215, #​4695
• Dependent types - save conditional expression after variable assignment (phpstan/phpstan-src@56ae015), #​2977, #​3190

Bleeding edge 🔪

• Consistent remembering and forgetting returned values (phpstan/phpstan-src@d4edc59)
  • Learn more on PHPStan's blog
  • Fixes: #​2420, #​4588, #​3553, #​3382, #​4177, #​4091, #​2288, #​1157
• Report dead catch with exception that is not thrown in the try block - level 4 (phpstan/phpstan-src@ce9299c)
• Rule for detecting overwriting exit points in finally - level 4 (phpstan/phpstan-src@3f712be)

If you want to see the shape of things to come and adopt bleeding edge features early, you can include this config file in your project's phpstan.neon:

includes:
	- vendor/phpstan/phpstan/conf/bleedingEdge.neon

Of course, there are no backwards compatibility guarantees when you include this file. The behaviour and reported errors can change in minor versions with this file included. Learn more

Bugfixes 🐛

• Fixed detecting method signature compatibility (phpstan/phpstan-src@8f0150d), #​4729
• Fixed inferring template types from ThisType (phpstan/phpstan-src@a843d87), #​4725
• More robust PHPDoc parsing (phpstan/phpstan-src@5d37113), #​4731
• Support the $foo ?? false pattern when making sure variable exists (phpstan/phpstan-src@c4cc668), #​560
• mt_rand and rand are not pure (phpstan/phpstan-src@edc8446)
• random_int and random_bytes are not deterministic (phpstan/phpstan-src@f36fa71), #​4190
• Invalidate is_file() calls and similar only after clearstatcache() (phpstan/phpstan-src@bcc8d61)
• Invalidate object state after passing to impure function (phpstan/phpstan-src@f92b95e), #​3203
• BaselineNeonErrorFormatter: Sort output by file and pattern (#​483), thanks @​dktapps!
• Match expression - do not complain about void in arm body (phpstan/phpstan-src@90e49f7, phpstan/phpstan-src@2c0dda3), #​4292
• Fix merging scopes with narrowed constant types (phpstan/phpstan-src@42d0b36), #​4434
• Allow phpVersion up to 80099 (phpstan/phpstan-src@4db2e14), #​4762
• Fix Access to an undefined static property in Closure::bind (#​489), thanks @​VincentLanglet!
• Add array_sum() dynamic return type extension (#​490), thanks @​VincentLanglet!
• Fix NativeMethodReflection::hasSideEffects() (phpstan/phpstan-src@98fb540), #​4231, #​4287
• TypeSpecifier - support IntegerRangeType with count() (phpstan/phpstan-src@7b417c7), #​4700
• Improved performance (phpstan/phpstan-src@dbe08a6, phpstan/phpstan-src@626f72a, phpstan/phpstan-src@1463c57, phpstan/phpstan-src@91f477f), #​4723
• Fix problem with generics and inheritance, #​4008, #​3546
• Fix native static return typehint when entering class method (phpstan/phpstan-src@baa371e), #​4795

Function signature fixes 🤖

• Fix function-map for PDOStatement pass-by-reference functions (#​480), thanks @​jaylinski!
• Add uopz 6.x functions (#​482), thanks @​zonuexe!

symfony/framework-bundle

v4.4.21

Compare Source

Changelog (https://github.com/symfony/framework-bundle/compare/v4.4.20...v4.4.21)

• bug #​40178 Exclude unreadable files when executing About command (michaljusiega)
• bug #​40398 : Fix method name compare in ResolveControllerNameSubscriber (glensc)
• bug #​40373 Check if templating engine supports given view (fritzmg)
• bug #​40313 Fix PropertyAccess definition when not in debug (PedroTroller)

symfony/http-client

v4.4.21

Compare Source

Changelog (https://github.com/symfony/http-client/compare/v4.4.20...v4.4.21)

• bug [#&

---

Renovate configuration

📅 Schedule: "before 3am on Monday" (UTC).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This MR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.