chore(deps): update dependency squizlabs/php_codesniffer to ~3.10.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
squizlabs/php_codesniffer	~3.8.0 -> ~3.10.0

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

Release Notes

PHPCSStandards/PHP_CodeSniffer (squizlabs/php_codesniffer)

v3.10.1

Compare Source

Added

• Documentation for the following sniffs:
  • Generic.Commenting.DocComment
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patch.

Changed

• The following have received efficiency improvements:
  • Type handling in the PHP Tokenizer
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch.
• Various housekeeping, including improvements to the tests and documentation.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for their contributions.

Fixed

• Fixed bug #​110, #​437, #​475: File::findStartOfStatement(): the start of statement/expression determination for tokens in parentheses/short array brackets/others scopes, nested within match expressions, was incorrect in most cases.
  The trickle down effect of the bug fixes made to the File::findStartOfStatement() method, is that the Generic.WhiteSpace.ScopeIndent and the PEAR.WhiteSpace.ScopeIndent sniffs should now be able to correctly determine and fix the indent for match expressions containing nested expressions.
  These fixes also fix an issue with the Squiz.Arrays.ArrayDeclaration sniff and possibly other, unreported bugs.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​504: The tokenizer could inadvertently mistake the last parameter in a function call using named arguments for a DNF type.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​508: Tokenizer/PHP: extra hardening against handling parse errors in the type handling layer.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch

v3.10.0

Compare Source

Added

• Tokenizer support for PHP 8.2 Disjunctive Normal Form (DNF) types. #​3731, #​387, #​461
  • Includes new T_TYPE_OPEN_PARENTHESIS and T_TYPE_CLOSE_PARENTHESIS tokens to represent the parentheses in DNF types.
  • These new tokens, like other parentheses, will have the parenthesis_opener and parenthesis_closer token array indexes set and the tokens between them will have the nested_parenthesis index.
  • The File::getMethodProperties(), File::getMethodParameters() and File::getMemberProperties() methods now all support DNF types. #​471, #​472, #​473
  • Additionally, the following sniff has been updated to support DNF types:
    • Generic.PHP.LowerCaseType #​478
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patches.
• Documentation for the following sniffs:
  • Squiz.WhiteSpace.FunctionClosingBraceSpace
  • Thanks to [Przemek Hernik][@​przemekhernik] for the patch.

Changed

• The help screens have received a face-lift for improved usability and readability. #​447
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch and thanks to [Colin Stewart][@​costdev], [Gary Jones][@​GaryJones] and [@​mbomb007] for reviewing.
• The Squiz.Commenting.ClosingDeclarationComment sniff will now also examine and flag closing comments for traits. #​442
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patch.
• The following sniff(s) have efficiency improvements:
  • Generic.Arrays.ArrayIndent
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patch.
• The autoloader will now always return a boolean value indicating whether it has loaded a class or not. #​479
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch.
• Various housekeeping, including improvements to the tests and documentation.
  • Thanks to [Dan Wallis][@​fredden], [Danny van der Sluijs][@​DannyvdSluijs], [Rodrigo Primo][@​rodrigoprimo] and [Juliette Reinders Folmer][@​jrfnl] for their contributions.

Fixed

• Fixed bug #​466 : Generic.Functions.CallTimePassByReference was not flagging call-time pass-by-reference in class instantiations using the self/parent/static keywords.
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patch.
• Fixed bug #​494 : edge case bug in tokenization of an empty block comment.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​494 : edge case bug in tokenization of an empty single-line DocBlock.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​499 : Generic.ControlStructures.InlineControlStructure now handles statements with a comment between else and if correctly.
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patch.

v3.9.2

Compare Source

Changed

• The Generic.ControlStructures.DisallowYodaConditions sniff no longer listens for the null coalesce operator. #​458
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patch.
• Various housekeeping, including improvements to the tests and documentation.
  • Thanks to [Dan Wallis][@​fredden], [Rodrigo Primo][@​rodrigoprimo] and [Juliette Reinders Folmer][@​jrfnl] for their contributions.

Fixed

• Fixed bug #​381 : Squiz.Commenting.ClosingDeclarationComment could throw the wrong error when the close brace being examined is at the very end of a file.
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patch.
• Fixed bug #​385 : Generic.CodeAnalysis.JumbledIncrementer improved handling of parse errors/live coding.
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patch.
• Fixed bug #​394 : Generic.Functions.CallTimePassByReference was not flagging call-time pass-by-reference in anonymous class instantiations
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patch.
• Fixed bug #​420 : PEAR.Functions.FunctionDeclaration could run into a blocking PHP notice while fixing code containing a parse error.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​421 : File::getMethodProperties() small performance improvement & more defensive coding.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​423 : PEAR.WhiteSpace.ScopeClosingBrace would have a fixer conflict with itself when a close tag was preceded by non-empty inline HTML.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​424 : PSR2.Classes.ClassDeclaration using namespace relative interface names in the extends/implements part of a class declaration would lead to a fixer conflict.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​427 : Squiz.Operators.OperatorSpacing would have a fixer conflict with itself when an operator was preceeded by a new line and the previous line ended in a comment.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​430 : Squiz.ControlStructures.ForLoopDeclaration: fixed potential undefined array index notice
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​431 : PSR2.Classes.ClassDeclaration will no longer try to auto-fix multi-line interface implements statements if these are interlaced with comments on their own line. This prevents a potential fixer conflict.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​453 : Arrow function tokenization was broken when the return type was a stand-alone true or false; or contained true or false as part of a union type.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch

Other

• ESLint 9.0 has been released and changes the supported configuration file format.
  The (deprecated) Generic.Debug.ESLint sniff only supports the "old" configuration file formats and when using the sniff to run ESLint, the ESLINT_USE_FLAT_CONFIG=false environment variable will need to be set when using ESLint >= 9.0.
  For more information, see #​436.

v3.9.1

Compare Source

Added

• Documentation for the following sniffs:
  • Generic.PHP.RequireStrictTypes
  • Squiz.WhiteSpace.MemberVarSpacing
  • Squiz.WhiteSpace.ScopeClosingBrace
  • Squiz.WhiteSpace.SuperfluousWhitespace
  • Thanks to [Jay McPartland][@​jonmcp] and [Rodrigo Primo][@​rodrigoprimo] for the patches.

Changed

• The following sniffs have received performance related improvements:
  • Generic.CodeAnalysis.UselessOverridingMethod
  • Generic.Files.ByteOrderMark
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patches.
• Performance improvement for the "Diff" report. Should be most notable for Windows users. #​355
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch.
• The test suite has received some performance improvements. Should be most notable contributors using Windows. #​351
  • External standards with sniff tests using the PHP_CodeSniffer native test framework will also benefit from these changes.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch.
• Various housekeeping, including improvements to the tests and documentation.
  • Thanks to [Jay McPartland][@​jonmcp], [João Pedro Oliveira][@​jpoliveira08], [Rodrigo Primo][@​rodrigoprimo] and [Juliette Reinders Folmer][@​jrfnl] for their contributions.

Fixed

• Fixed bug #​289 : Squiz.WhiteSpace.OperatorSpacing and PSR12.Operators.OperatorSpacing : improved fixer conflict protection by more strenuously avoiding handling operators in declare statements.
  • Thanks to [Dan Wallis][@​fredden] for the patch.
• Fixed bug #​366 : Generic.CodeAnalysis.UselessOverridingMethod : prevent false negative when the declared method name and the called method name do not use the same case.
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patch.
• Fixed bug #​368 : Squiz.Arrays.ArrayDeclaration fixer did not handle static closures correctly when moving array items to their own line.
  • Thanks to [Michał Bundyra][@​michalbundyra] for the patch.
• Fixed bug #​404 : Test framework : fixed PHP 8.4 deprecation notice.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch

v3.9.0

Compare Source

Added

• Tokenizer support for PHP 8.3 typed class constants. #​321
  • Additionally, the following sniffs have been updated to support typed class constants:
    • Generic.NamingConventions.UpperCaseConstantName #​332
    • Generic.PHP.LowerCaseConstant #​330
    • Generic.PHP.LowerCaseType #​331
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patches
• Tokenizer support for PHP 8.3 readonly anonymous classes. #​309
  • Additionally, the following sniffs have been updated to support readonly anonymous classes:
    • PSR12.Classes.ClassInstantiation #​324
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patches
• New PHP_CodeSniffer\Sniffs\DeprecatedSniff interface to allow for marking a sniff as deprecated. #​281
  • If a ruleset uses deprecated sniffs, deprecation notices will be shown to the end-user before the scan starts.
    When running in -q (quiet) mode, the deprecation notices will be hidden.
  • Deprecated sniffs will still run and using them will have no impact on the exit code for a scan.
  • In ruleset "explain"-mode (-e) an asterix * will show next to deprecated sniffs.
  • Sniff maintainers are advised to read through the PR description for full details on how to use this feature for their own (deprecated) sniffs.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• New Generic.CodeAnalysis.RequireExplicitBooleanOperatorPrecedence sniff. #​197
  • Forbid mixing different binary boolean operators within a single expression without making precedence clear using parentheses
  • Thanks to [Tim Düsterhus][@​TimWolla] for the contribution
• Squiz.PHP.EmbeddedPhp : the sniff will now also examine the formatting of embedded PHP statements using short open echo tags. #​27
  • Includes a new ShortOpenEchoNoSemicolon errorcode to allow for selectively ignoring missing semicolons in single line embedded PHP snippets within short open echo tags.
  • The other error codes are the same and do not distinguish between what type of open tag was used.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Documentation for the following sniffs:
  • Generic.WhiteSpace.IncrementDecrementSpacing
  • PSR12.ControlStructures.ControlStructureSpacing
  • PSR12.Files.ImportStatement
  • PSR12.Functions.ReturnTypeDeclaration
  • PSR12.Properties.ConstantVisibility
  • Thanks to [Denis Žoljom][@​dingo-d] and [Rodrigo Primo][@​rodrigoprimo] for the patches

Changed

• The Performance report can now also be used for a phpcbf run. #​308
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Sniff tests which extend the PHPCS native AbstractSniffUnitTest class will now show a (non-build-breaking) warning when test case files contain fixable errors/warnings, but there is no corresponding .fixed file available in the test suite to verify the fixes against. #​336
  • The warning is only displayed on PHPUnit 7.3.0 and higher.
  • The warning will be elevated to a test failure in PHPCS 4.0.
  • Thanks to [Dan Wallis][@​fredden] for the patch
• The following sniffs have received performance related improvements:
  • Squiz.PHP.EmbeddedPhp
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Various housekeeping, including improvements to the tests and documentation
  • Thanks to [Dan Wallis][@​fredden], [Joachim Noreiko][@​joachim-n], [Remi Collet][@​remicollet], [Rodrigo Primo][@​rodrigoprimo] and [Juliette Reinders Folmer][@​jrfnl] for their contributions

Deprecated

• Support for scanning JavaScript and CSS files. See #​2448.
  • This also means that all sniffs which are only aimed at JavaScript or CSS files are now deprecated.
  • The Javascript and CSS Tokenizers, all Javascript and CSS specific sniffs, and support for JS and CSS in select sniffs which support multiple file types, will be removed in version 4.0.0.
• The abstract PHP_CodeSniffer\Filters\ExactMatch::getBlacklist() and PHP_CodeSniffer\Filters\ExactMatch::getWhitelist() methods are deprecated and will be removed in the 4.0 release. See #​198.
  • In version 4.0, these methods will be replaced with abstract ExactMatch::getDisallowedFiles() and ExactMatch::getAllowedFiles() methods
  • To make Filters extending ExactMatch cross-version compatible with both PHP_CodeSniffer 3.9.0+ as well as 4.0+, implement the new getDisallowedFiles() and getAllowedFiles() methods.
    • When both the getDisallowedFiles() and getAllowedFiles() methods as well as the getBlacklist() and getWhitelist() are available, the new methods will take precedence over the old methods.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• The MySource standard and all sniffs in it. See #​2471.
  • The MySource standard and all sniffs in it will be removed in version 4.0.0.
• The Zend.Debug.CodeAnalyzer sniff. See #​277.
  • This sniff will be removed in version 4.0.0.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch

Fixed

• Fixed bug #​127 : Squiz.Commenting.FunctionComment : The MissingParamType error code will now be used instead of MissingParamName when a parameter name is provided, but not its type. Additionally, invalid type hint suggestions will no longer be provided in these cases.
  • Thanks to [Dan Wallis][@​fredden] for the patch
• Fixed bug #​196 : Squiz.PHP.EmbeddedPhp : fixer will no longer leave behind trailing whitespace when moving code to another line.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​196 : Squiz.PHP.EmbeddedPhp : will now determine the needed indent with higher precision in multiple situations.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​196 : Squiz.PHP.EmbeddedPhp : fixer will no longer insert a stray new line when the closer of a multi-line embedded PHP block and the opener of the next multi-line embedded PHP block would be on the same line.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​235 : Generic.CodeAnalysis.ForLoopWithTestFunctionCall : prevent a potential PHP 8.3 deprecation notice during live coding
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patch
• Fixed bug #​288 : Generic.WhiteSpace.IncrementDecrementSpacing : error message for post-in/decrement will now correctly inform about new lines found before the operator.
  • Thanks to [Rodrigo Primo][@​rodrigoprimo] for the patch
• Fixed bug #​296 : Generic.WhiteSpace.ArbitraryParenthesesSpacing : false positive for non-arbitrary parentheses when these follow the scope closer of a switch case.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​307 : PSR2.Classes.ClassDeclaration : space between a modifier keyword and the class keyword was not checked when the space included a new line or comment.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​325 : Squiz.Operators.IncrementDecrementUsage : the sniff was underreporting when there was (no) whitespace and/or comments in unexpected places.
  • Thanks to [Juliette Reinders Folmer][@​jrfnl] for the patch
• Fixed bug #​335 : PSR12.Files.DeclareStatement : bow out in a certain parse error situation to prevent incorrect auto-fixes from being made.
  • Thanks to [Dan Wallis][@​fredden] for the patch
• Fixed bug #​340 : Squiz.Commenting.ClosingDeclarationComment : no longer adds a stray newline when adding a missing comment.
  • Thanks to [Dan Wallis][@​fredden] for the patch

Other

• A "Community cc list" has been introduced to ping maintainers of external standards and integrators for input regarding change proposals for PHP_CodeSniffer which may impact them. #​227
  • For anyone who missed the discussion about this and is interested to be on this list, please feel invited to submit a PR to add yourself.
    The list is located in the .github folder.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud