composer: update kint-php/kint requirement from ^4.0 to ^6.0

[dependabot]

Updates the requirements on kint-php/kint to permit the latest version.

Release notes

Sourced from kint-php/kint's releases.

6.0.1

• Expand minitrace when dump is expanded
• New SVG icons for buttons
• Performance improvements (Including a massive performance bug in chrome)
• Misc Bugfixes

Commits

• 2bd133b DomPlugin: Add outerHTML for PHP 8.5
• 2fb169b CSS: Use inlined SVG masks for button icons instead of htmlentities
• 39c0a5f JS: Performance fix for chrome
• 39da434 CSS: Set contain on kint dumps to help client side performance
• 9d3a86b Parser::noRecurseCall: Simplify logic
• 9fa1184 MethodValue::getFullyQualifiedDisplayName
• 089ee13 Plain: Set normal line-height
• c7874df IteratorPlugin: Relax type hint for blacklist
• fe7be9d AssetRendererTrait: Bugfix wrong return type with non-existent theme file
• 5766ba6 Parser: Use try/finally to unset recursion stacks
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Upgraded the kint-php/kint runtime dependency to the latest major version (v6), aligning the app with current ecosystem standards.
  • Enhances stability, compatibility, and potential security posture of debugging features without introducing user-facing functionality changes.
  • Installation environments may need to meet updated dependency constraints; please ensure your PHP/composer setup is current.
  • No changes to behavior, settings, or workflows are expected for end users.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Walkthrough

Updated composer.json to change the kint-php/kint dependency constraint from ^4.0 to ^6.0. No other files or sections were modified.

Changes

Cohort / File(s)	Summary
Dependency version bump composer.json	Updated require constraint for kint-php/kint from ^4.0 to ^6.0

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

I nudge the dial from four to six,
A carrot-twist of version tricks.
Composer hums, the garden’s neat—
New Kint sprouts up, dependency sweet.
Thump-thump! I hop, the change is small,
Yet tidy rows delight us all.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Support

Need help? Join our Discord community for assistance with any issues or questions.

CodeRabbit Commands (Invoked using PR/Issue comments)

Type @coderabbitai help to get the list of available commands.

Other keywords and placeholders

• Add @coderabbitai ignore or @coderabbit ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Status, Documentation and Community

• Visit our Status Page to check the current availability of CodeRabbit.
• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[Vitexus]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (4)

composer.json (4)

18-27: Add an explicit PHP requirement to avoid accidental incompatible installs

composer.json lacks a "php" constraint. Without it, Composer may resolve dependencies (including Kint v6) to versions incompatible with your production PHP runtime.

Apply a constraint that matches your supported runtime(s). Example (adjust as needed):

   "require": {
+    "php": "^8.1",
     "vitexsoftware/ease-twbootstrap5": "^1.2",
     "league/oauth2-client": "^2.8",
     "vitexsoftware/ease-core": "^1.48",
     "vitexsoftware/ease-fluentpdo": "^1.4",
     "vitexsoftware/ease-html-widgets": "^1.0",
     "spojenet/csas-accountsapi": "^0.7",
     "kint-php/kint": "^6.0"
   },

Optionally, you can also pin the platform to ensure consistent resolution across environments:

   "config": {
+    "platform": {
+      "php": "8.1.0"
+    },
     "allow-plugins": {
       "ergebnis/composer-normalize": true
     }
   }

---

26-26: Consider moving Kint to require-dev if it’s only used for debugging

Kint is typically a developer tool. If it’s not needed in production runtime (e.g., not referenced in shipped code or UI), placing it in require-dev reduces your production attack surface and install size.

Proposed change (verify your codebase doesn’t rely on Kint at runtime before applying):

   "require": {
     "vitexsoftware/ease-twbootstrap5": "^1.2",
     "league/oauth2-client": "^2.8",
     "vitexsoftware/ease-core": "^1.48",
     "vitexsoftware/ease-fluentpdo": "^1.4",
     "vitexsoftware/ease-html-widgets": "^1.0",
     "spojenet/csas-accountsapi": "^0.7",
-    "kint-php/kint": "^6.0"
+    // (moved to require-dev)
   },
   "require-dev": {
     "robmorgan/phinx": "^0.16",
     "phpunit/phpunit": "*",
     "phpstan/phpstan": "*",
     "friendsofphp/php-cs-fixer": "^3.86",
     "ergebnis/composer-normalize": "^2.47",
-    "ergebnis/php-cs-fixer-config": "^6.52"
+    "ergebnis/php-cs-fixer-config": "^6.52",
+    "kint-php/kint": "^6.0"
   },

---

18-18: Minimum stability is dev: consider enabling prefer-stable or revisiting stability policy

With "minimum-stability": "dev", Composer may resolve dev releases across your tree. If that’s intentional, consider at least adding "prefer-stable": true to bias towards stable releases. Otherwise, consider removing "dev" minimum stability to reduce risk.

Example:

   "minimum-stability": "dev",
+  "prefer-stable": true,

Also applies to: 36-40

---

28-35: Pin dev tools instead of using wildcards to reduce breakage

Using "*" for phpunit/phpunit and phpstan/phpstan makes CI susceptible to sudden upstream breaking changes. Recommend pinning major/minor ranges (e.g., caret or tilde) aligned with your PHP version and toolchain.

If you want, I can propose compatible version ranges based on your target PHP version and current CI matrix.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

💡 Knowledge Base configuration:

• MCP integration is disabled by default for public repositories
• Jira integration is disabled by default for public repositories
• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between e1ce898 and 89ac645.

📒 Files selected for processing (1)

• composer.json (1 hunks)

🔇 Additional comments (1)

composer.json (1)

26-26: LGTM on the dependency constraint update

Using caret ^6.0 is appropriate to receive compatible 6.x bugfixes and improvements without jumping to a future 7.x.

[coderabbitai]

💡 Verification agent

🧩 Analysis chain

Version bump to Kint ^6: check runtime PHP compatibility and BC changes

Upgrading Kint to major version 6 can introduce runtime requirements and subtle behavior changes. Ensure:

• Your runtime PHP version meets Kint v6’s minimum requirement.
• All usages (e.g., Kint::dump(), Kint::$enabled, d(), dd(), s()) continue to work as expected.

Run this script to quickly locate Kint usages and verify the presence of a PHP platform constraint:

---

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "==> Checking composer.json for PHP constraint"
jq -r '.require.php // "MISSING_PHP_CONSTRAINT"' composer.json

echo
echo "==> Searching for Kint usages in the codebase"
# Common Kint usage patterns: static calls and helper functions
rg -nP --type=php -C2 '\bKint::|\bd\(|\bdd\(|\bs\(|\bKint\b' || true

echo
echo "==> If PHP constraint is missing, consider adding one that matches your production PHP version."

Length of output: 1285

---

🌐 Web query:

What is the minimum PHP version requirement for kint-php/kint version 6.0?

💡 Result:

The minimum PHP version required for kint-php/kint version 6.0 is PHP 7.4 or greater[1].

The official package specification for kint-php/kint—including version 6.0 and its immediate releases—lists

Requires

• php: >=7.4
  as its core requirement[1].

No search results indicate any higher requirement for kint-php/kint 6.0, nor is there evidence that versions subsequent to 6.0 raised this threshold.

Additional relevant detail:

• While PHP 7.4 is the minimum, using newer PHP versions (such as PHP 8.x) is likely to improve performance and security but is not strictly required for compatibility with kint-php/kint 6.0[1].
• For development dependencies (like phpunit or PHP CS Fixer), more recent PHP versions may sometimes be required, but these do not affect the runtime minimum for core Kint usage[1].

In summary, if your environment runs PHP 7.4 or newer, kint-php/kint version 6.0 will function as intended.

Citations:

• 1: https://packagist.org/packages/kint-php/kint
• 2: https://codeigniter.com/user_guide/installation/upgrade_430.html
• 3: https://wordpress.org/about/requirements/
• 4: https://letswp.justifiedgrid.com/kint-debugging-php-wordpress/
• 5: https://kint-php.github.io/kint/
• 6: https://www.drupal.org/project/kint/issues/3541375
• 7: https://forum.codeigniter.com/thread-86936-lastpost.html
• 8: https://notes.enovision.net/slim/composer-package-documentation/kint-php_kint
• 9: https://www.drupal.org/project/devel_kint_extras/issues/3277126
• 10: https://www.drupal.org/docs/getting-started/system-requirements/php-requirements

---

Add PHP ≥7.4 constraint for Kint v6 compatibility

composer.json doesn’t currently specify a PHP runtime requirement, but kint-php/kint v6 requires PHP 7.4 or greater. Without this constraint, Composer may install the package on unsupported PHP versions.

• In composer.json, under "require", add:

"php": ">=7.4",
"kint-php/kint": "^6.0"

• Confirm your production and CI environments run PHP 7.4+.
• Verify existing Kint usages (e.g. in src/token.php) continue to work as expected.

🤖 Prompt for AI Agents

In composer.json around line 26, the project lacks a PHP runtime constraint but
kint-php/kint v6 requires PHP >=7.4; update the "require" section to add a php
constraint of ">=7.4" alongside the existing "kint-php/kint": "^6.0", then run
composer update/validate to ensure Composer honors the platform requirement and
confirm CI/production PHP versions are 7.4+ and that existing Kint usages (e.g.,
src/token.php) still work.