Bump wimg/php-compatibility from 9.1.1 to 9.3.1

[dependabot-preview]

Bumps wimg/php-compatibility from 9.1.1 to 9.3.1.

Release notes

Sourced from wimg/php-compatibility's releases.

PHPCompatibility 9.3.1

See all related issues and PRs in the 9.3.1 milestone.

Changed

• ♻️ A whole slew of code documentation fixes. #892, #895, #896, #897, #898, #899, #900
• 🔧 Travis: minor tweaks to the build script. #893

Fixed

• 🐛 PHPCompatibility.ParameterValues.RemovedImplodeFlexibleParamOrder: false positive when an array item in the second parameter contained a ternary. #891. Fixes #890
• 🐛 PHPCompatibility.ParameterValues.RemovedImplodeFlexibleParamOrder: will now take array casts into account when determining which parameter is $pieces. #891.
• 🐛 PHPCompatibility.ParameterValues.RemovedImplodeFlexibleParamOrder: hardening of the logic to not examine the second parameter when the first is just and only a text string ($glue). #891.

PHPCompatibility 9.3.0

See all related issues and PRs in the 9.3.0 milestone.

To keep informed of the progress of covering "everything PHP 7.4" in PHPCompatibility, please subscribe to issue #808.

Changes expected in PHPCompatibility 10.0.0

The next version of PHPCompatibility is expected to include a new external dependency.

In this same release, support for PHP < 5.4 and PHP_CodeSniffer < 2.6.0 will be dropped.

The 10.0.0 release is expected around the same time as the release of PHP 7.4 - end of November/beginning of December 2019.

Added

• 🌟 New PHPCompatibility.Miscellaneous.NewPHPOpenTagEOF sniff to detect a stand-alone PHP open tag at the end of a file, without trailing newline, as will be supported as of PHP 7.4. #843
• 🌟 New PHPCompatibility.ParameterValues.ForbiddenStripTagsSelfClosingXHTML sniff to detect calls to strip_tags() passing self-closing XHTML tags in the $allowable_tags parameter. This has not been supported since PHP 5.3.4. #866
• 🌟 New PHPCompatibility.ParameterValues.NewHTMLEntitiesEncodingDefault sniff to detect calls to html_entity_decode(), htmlentities() and htmlspecialchars() which are impacted by the change to the default value of the $encoding parameter in PHP 5.4. #862
• 🌟 New PHPCompatibility.ParameterValues.NewIconvMbstringCharsetDefault sniff to detect code impacted by the change in the default_charset value in PHP 5.6. #864 Fixes #839
• 🌟 New PHPCompatibility.ParameterValues.NewIDNVariantDefault sniff to detect calls to idn_to_ascii() and idn_to_utf8() impacted by the PHP 7.4 change in the default value for the $variant parameter. #861
• 🌟 New PHPCompatibility.ParameterValues.NewPasswordAlgoConstantValues sniff to detect calls to password_hash() and password_needs_rehash() impacted by the changed value of the PASSWORD_DEFAULT, PASSWORD_BCRYPT, PASSWORD_ARGON2I and PASSWORD_ARGON2ID constants in PHP 7.4. #865
• 🌟 New PHPCompatibility.ParameterValues.NewProcOpenCmdArray sniff to detect calls to proc_open() passing an array for the $cmd parameter as supported as of PHP 7.4. #869
• 🌟 New PHPCompatibility.ParameterValues.NewStripTagsAllowableTagsArray sniff to detect calls to strip_tags() passing an array for the $allowable_tags parameter as will be supported as of PHP 7.4. #867
• 🌟 New PHPCompatibility.ParameterValues.RemovedImplodeFlexibleParamOrder sniff to detect implode() being called with $glue and $pieces in reverse order from the documented argument order. This was previously allowed for historical reasons, but will be deprecated in PHP 7.4. #846
• 🌟 New PHPCompatibility.ParameterValues.RemovedMbStrrposEncodingThirdParam sniff to detect the $encoding being passed as the third, instead of the fourth parameter, to mb_strrpos() as has been soft deprecated since PHP 5.2 and will be hard deprecated as of PHP 7.4. #860
• 🌟 New PHPCompatibility.Syntax.RemovedCurlyBraceArrayAccess sniff to detect array and string offset access using curly braces as will be deprecated as of PHP 7.4. #855
  • In contrast to any other sniff in the PHPCompatibility standard, this sniff contains an auto-fixer.
• 🌟 New PHPCompatibility.TextStrings.NewUnicodeEscapeSequence sniff to detect use of the PHP 7.0+ unicode codepoint escape sequences and issues with invalid sequences. #856
• 🌟 New PHPCompatibility.Upgrade.LowPHP sniff to give users of old PHP versions advance warning when support will be dropped in the near future. #838
  At this moment, the intention is to drop support for PHP 5.3 by the end of this year.
• ⭐ PHPCompatibility.Classes.NewClasses sniff: recognize the new WeakReference class as introduced in PHP 7.4. #857
• ⭐ PHPCompatibility.Constants.NewConstants sniff: detection of new Curl constants as introduced in PHP 7.3.5. #878
• ⭐ PHPCompatibility.Constants.NewConstants sniff: detection of the revived T_BAD_CHARACTER constant as re-introduced in PHP 7.4. #882
• ⭐ PHPCompatibility.Constants.NewConstants sniff: detection of the new IMG_FILTER_SCATTER and PASSWORD_ARGON2_PROVIDER constants as introduced in PHP 7.4. #887
• ⭐ PHPCompatibility.Constants.RemovedConstants sniff: detection of use of the CURLPIPE_HTTP1 constant which will be deprecated in PHP 7.4. #879
• ⭐ PHPCompatibility.Constants.RemovedConstants sniff: detection of use of the FILTER_SANITIZE_MAGIC_QUOTES constant which will be deprecated in PHP 7.4. #845
• ⭐ PHPCompatibility.Constants.RemovedConstants sniff: detection of use of the T_CHARACTER and T_BAD_CHARACTER constants which were removed in PHP 7.0. #882
• ⭐ PHPCompatibility.FunctionDeclarations.NewMagicMethods sniff: recognize the new __serialize() and __unserialize() magic methods as introduced in PHP 7.4. #868
• ⭐ PHPCompatibility.FunctionDeclarations.NewMagicMethods sniff: recognize the PHP 5.0 __construct() and __destruct() magic methods. #884
• ⭐ PHPCompatibility.FunctionDeclarations.NonStaticMagicMethods sniff: recognize the new __serialize() and __unserialize() magic methods as introduced in PHP 7.4. #868

... (truncated)

Changelog

Sourced from wimg/php-compatibility's changelog.

[9.3.1] - 2019-09-06

See all related issues and PRs in the [9.3.1 milestone].

Changed

• ♻️ A whole slew of code documentation fixes. #892, #895, #896, #897, #898, #899, #900
• 🔧 Travis: minor tweaks to the build script. #893

Fixed

• 🐛 PHPCompatibility.ParameterValues.RemovedImplodeFlexibleParamOrder: false positive when an array item in the second parameter contained a ternary. #891. Fixes #890
• 🐛 PHPCompatibility.ParameterValues.RemovedImplodeFlexibleParamOrder: will now take array casts into account when determining which parameter is $pieces. #891.
• 🐛 PHPCompatibility.ParameterValues.RemovedImplodeFlexibleParamOrder: hardening of the logic to not examine the second parameter when the first is just and only a text string ($glue). #891.

[9.3.0] - 2019-08-29

See all related issues and PRs in the [9.3.0 milestone].

To keep informed of the progress of covering "everything PHP 7.4" in PHPCompatibility, please subscribe to issue #808.

Changes expected in PHPCompatibility 10.0.0

The next version of PHPCompatibility is expected to include a new external dependency.

In this same release, support for PHP < 5.4 and PHP_CodeSniffer < 2.6.0 will be dropped.

The 10.0.0 release is expected around the same time as the release of PHP 7.4 - end of November/beginning of December 2019.

Added

• 🌟 New PHPCompatibility.Miscellaneous.NewPHPOpenTagEOF sniff to detect a stand-alone PHP open tag at the end of a file, without trailing newline, as will be supported as of PHP 7.4. #843
• 🌟 New PHPCompatibility.ParameterValues.ForbiddenStripTagsSelfClosingXHTML sniff to detect calls to strip_tags() passing self-closing XHTML tags in the $allowable_tags parameter. This has not been supported since PHP 5.3.4. #866
• 🌟 New PHPCompatibility.ParameterValues.NewHTMLEntitiesEncodingDefault sniff to detect calls to html_entity_decode(), htmlentities() and htmlspecialchars() which are impacted by the change to the default value of the $encoding parameter in PHP 5.4. #862
• 🌟 New PHPCompatibility.ParameterValues.NewIconvMbstringCharsetDefault sniff to detect code impacted by the change in the default_charset value in PHP 5.6. #864 Fixes #839
• 🌟 New PHPCompatibility.ParameterValues.NewIDNVariantDefault sniff to detect calls to idn_to_ascii() and idn_to_utf8() impacted by the PHP 7.4 change in the default value for the $variant parameter. #861
• 🌟 New PHPCompatibility.ParameterValues.NewPasswordAlgoConstantValues sniff to detect calls to password_hash() and password_needs_rehash() impacted by the changed value of the PASSWORD_DEFAULT, PASSWORD_BCRYPT, PASSWORD_ARGON2I and PASSWORD_ARGON2ID constants in PHP 7.4. #865
• 🌟 New PHPCompatibility.ParameterValues.NewProcOpenCmdArray sniff to detect calls to proc_open() passing an array for the $cmd parameter as supported as of PHP 7.4. #869
• 🌟 New PHPCompatibility.ParameterValues.NewStripTagsAllowableTagsArray sniff to detect calls to strip_tags() passing an array for the $allowable_tags parameter as will be supported as of PHP 7.4. #867
• 🌟 New PHPCompatibility.ParameterValues.RemovedImplodeFlexibleParamOrder sniff to detect implode() being called with $glue and $pieces in reverse order from the documented argument order. This was previously allowed for historical reasons, but will be deprecated in PHP 7.4. #846
• 🌟 New PHPCompatibility.ParameterValues.RemovedMbStrrposEncodingThirdParam sniff to detect the $encoding being passed as the third, instead of the fourth parameter, to mb_strrpos() as has been soft deprecated since PHP 5.2 and will be hard deprecated as of PHP 7.4. #860
• 🌟 New PHPCompatibility.Syntax.RemovedCurlyBraceArrayAccess sniff to detect array and string offset access using curly braces as will be deprecated as of PHP 7.4. #855
  • In contrast to any other sniff in the PHPCompatibility standard, this sniff contains an auto-fixer.
• 🌟 New PHPCompatibility.TextStrings.NewUnicodeEscapeSequence sniff to detect use of the PHP 7.0+ unicode codepoint escape sequences and issues with invalid sequences. #856
• 🌟 New PHPCompatibility.Upgrade.LowPHP sniff to give users of old PHP versions advance warning when support will be dropped in the near future. #838
  At this moment, the intention is to drop support for PHP 5.3 by the end of this year.
• ⭐ PHPCompatibility.Classes.NewClasses sniff: recognize the new WeakReference class as introduced in PHP 7.4. #857
• ⭐ PHPCompatibility.Constants.NewConstants sniff: detection of new Curl constants as introduced in PHP 7.3.5. #878
• ⭐ PHPCompatibility.Constants.NewConstants sniff: detection of the revived T_BAD_CHARACTER constant as re-introduced in PHP 7.4. #882
• ⭐ PHPCompatibility.Constants.NewConstants sniff: detection of the new IMG_FILTER_SCATTER and PASSWORD_ARGON2_PROVIDER constants as introduced in PHP 7.4. #887
• ⭐ PHPCompatibility.Constants.RemovedConstants sniff: detection of use of the CURLPIPE_HTTP1 constant which will be deprecated in PHP 7.4. #879
• ⭐ PHPCompatibility.Constants.RemovedConstants sniff: detection of use of the FILTER_SANITIZE_MAGIC_QUOTES constant which will be deprecated in PHP 7.4. #845
• ⭐ PHPCompatibility.Constants.RemovedConstants sniff: detection of use of the T_CHARACTER and T_BAD_CHARACTER constants which were removed in PHP 7.0. #882

... (truncated)

Commits

• 9999344 Merge pull request #902 from PHPCompatibility/develop
• 739086c Merge pull request #901 from PHPCompatibility/feature/changelog-9.3.1
• 37ad1b4 Changelog for PHPCompatibility 9.3.1
• 7421124 Merge pull request #893 from PHPCompatibility/feature/travis-allow-for-develo...
• 3ff247e Merge pull request #891 from PHPCompatibility/feature/890-implode-order-bug
• db5e306 RemovedImplodeFlexibleParamOrder: fix two bugs + one enhancement
• d1a0162 Merge pull request #899 from PHPCompatibility/feature/docs-add-missing-const-...
• 312b03c Merge pull request #900 from PHPCompatibility/feature/docs-fix-file-docblocks
• 894ab94 Merge pull request #892 from PHPCompatibility/docs/fix-incorrect-property-var...
• 7eb103e Merge pull request #895 from PHPCompatibility/feature/docs-fix-incorrect-retu...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

[dependabot-preview]

Superseded by #40.