Skip to content

build(deps): bump the composer group across 1 directory with 2 updates#89

Merged
BorschCode merged 1 commit into
mainfrom
dependabot/composer/composer-74d93ab80e
May 1, 2026
Merged

build(deps): bump the composer group across 1 directory with 2 updates#89
BorschCode merged 1 commit into
mainfrom
dependabot/composer/composer-74d93ab80e

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 1, 2026

Bumps the composer group with 2 updates in the / directory: phpunit/phpunit and psy/psysh.

Updates phpunit/phpunit from 11.5.43 to 11.5.50

Release notes

Sourced from phpunit/phpunit's releases.

PHPUnit 11.5.50

Changed

  • To prevent Poisoned Pipeline Execution (PPE) attacks using prepared .coverage files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs

Learn how to install or update PHPUnit 11.5 in the documentation.

Keep up to date with PHPUnit:

PHPUnit 11.5.49

Fixed

  • #6362: Manually instantiated test doubles are broken since PHPUnit 11.2
  • #6470: Infinite recursion in Count::getCountOf() for unusal implementations of Iterator or IteratorAggregate

Learn how to install or update PHPUnit 11.5 in the documentation.

Keep up to date with PHPUnit:

PHPUnit 11.5.48

Changed

Learn how to install or update PHPUnit 11.5 in the documentation.

Keep up to date with PHPUnit:

PHPUnit 11.5.47

Fixed

  • #6470: Mocking a class with a property hook setter accepting more types than the property results in a fatal error

... (truncated)

Changelog

Sourced from phpunit/phpunit's changelog.

[11.5.50] - 2026-01-27

Changed

  • To prevent Poisoned Pipeline Execution (PPE) attacks using prepared .coverage files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs

[11.5.49] - 2026-01-24

Fixed

  • #6362: Manually instantiated test doubles are broken since PHPUnit 11.2
  • #6470: Infinite recursion in Count::getCountOf() for unusal implementations of Iterator or IteratorAggregate

[11.5.48] - 2026-01-16

Changed

[11.5.47] - 2026-01-15

Changed

  • PHPUnit\Framework\MockObject exceptions are now subtypes of PHPUnit\Exception

Fixed

  • #6470: Mocking a class with a property hook setter accepting more types than the property results in a fatal error

[11.5.46] - 2025-12-06

  • No changes; phpunit.phar rebuilt with PHP 8.4 to work around PHP-Scoper issue #1139

[11.5.45] - 2025-12-01

Changed

  • Updated list of deprecated PHP configuration settings for PHP 8.6

Fixed

  • #6408: Exception in a data provider method leads to internal PHPUnit error
  • #6426: Fix migration of configuration without schema location

[11.5.44] - 2025-11-13

Fixed

  • #6402: Avoid reading from STDOUT when rewind() fails
Commits

Updates psy/psysh from 0.12.18 to 0.12.22

Release notes

Sourced from psy/psysh's releases.

PsySH v0.12.22

Runtime config and clipboard support

PsySH has a new config command for inspecting and updating runtime-configurable settings during the current session. You can tweak things like pager, theme, verbosity, useSuggestions, useSyntaxHighlighting, clipboardCommand, and semicolonsSuppressReturn without restarting the shell. Fixes #361

There’s also a new copy command for copying the last result ($_) or any expression to your clipboard. Works with system clipboard commands, or via OSC 52 for SSH and remote terminals.

Configure with clipboardCommand or useOsc52Clipboard in your config.

Semicolon-based return suppression

Optionally suppress return values by ending a statement with ;, similar to MATLAB/Octave behavior. Supports a 'double' mode requiring ;; for suppression (if requireSemicolons is also enabled, both true and 'double' require ;;).

'semicolonsSuppressReturn' => true,
'semicolonsSuppressReturn' => 'double', // Always require ;; to suppress

Output and exception display improvements

Strings are now valid PHP!

  • PsySH now preserves backslashes and other characters it previously mangled in a few cases. Fixes #351, #568
  • Multiline strings are rendered using heredoc-style output rather than triple-quoted strings """. The old format is available via useDeprecatedMultilineStrings until the next major release.

Providing an exceptionDetails callback via config renders additional context about exceptions (e.g. validation errors) alongside the error message. Fixes #648

A few other improvements:

  • More consistent compact (and non-compact) output spacing.
  • Responsive help layout adapts to terminal width.

Better completion for everyone

Legacy readline now shares PsySH’s newer completion engine, which brings much better parity between ext-readline/libedit and experimental interactive readline. Command argument completion, better multiline buffering, and a handful of command-dispatch edge cases now work much more consistently outside experimental readline too.

Commands can now define their own argument completions via CommandArgumentCompletionAware.

Interactive readline polish

New in the experimental interactive readline:

  • Live syntax highlighting — code is highlighted as you type. Can be disabled via useSyntaxHighlighting if you don't like colors, I guess.
  • Allman-style indenting — opening brackets on a new line get proper indentation.
  • Improved auto-dedent — closing brackets automatically reduce indentation.

psy\info() and --info also report more detail about readline and autocomplete state.

Run psysh with --experimental-readline and try it out. It's getting kind of awesome!

... (truncated)

Commits
  • 3be75d5 Merge branch 'release/v0.12.22'
  • 8042a8f Bump to v0.12.22
  • fd4cb69 Fix phan warning
  • 2b350a4 Fix throw special casing in really old php-parser versions
  • 193e149 Fix a code cleaner bug with throw new Exception in PHP 7.4
  • f583f74 Restore VarDumper hard-ref handling, suppress link-only markers
  • 1e6a0d6 Prefer use statements over FQNs
  • 484e600 Simplify theme identity, no-op updates when unchanged
  • f01e492 Standardize test temp dir creation and cleanup
  • 6f33aea Add token-based fallback for incomplete member completion
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump the composer group across 1 directory with 2 updates
a567c85 
Bumps the composer group with 2 updates in the / directory: [phpunit/phpunit](https://github.com/sebastianbergmann/phpunit) and [psy/psysh](https://github.com/bobthecow/psysh).


Updates `phpunit/phpunit` from 11.5.43 to 11.5.50
- [Release notes](https://github.com/sebastianbergmann/phpunit/releases)
- [Changelog](https://github.com/sebastianbergmann/phpunit/blob/11.5.50/ChangeLog-11.5.md)
- [Commits](sebastianbergmann/phpunit@11.5.43...11.5.50)

Updates `psy/psysh` from 0.12.18 to 0.12.22
- [Release notes](https://github.com/bobthecow/psysh/releases)
- [Commits](bobthecow/psysh@v0.12.18...v0.12.22)

---
updated-dependencies:
- dependency-name: phpunit/phpunit
  dependency-version: 11.5.50
  dependency-type: direct:development
  dependency-group: composer
- dependency-name: psy/psysh
  dependency-version: 0.12.22
  dependency-type: indirect
  dependency-group: composer
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file php Pull requests that update php code labels May 1, 2026
@BorschCode BorschCode merged commit e02508d into main May 1, 2026
2 checks passed
@dependabot dependabot Bot deleted the dependabot/composer/composer-74d93ab80e branch May 1, 2026 06:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file php Pull requests that update php code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@BorschCode