Update all non-major dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
actions/cache	action	minor	v3.3.1 → v3.5.0
codecov/codecov-action	action	patch	v3.1.1 → v3.1.6
infection/infection	require-dev	minor	^0.26.19 → ^0.32.0
laminas/laminas-diactoros (source)	require-dev	minor	2.24.2 → 2.26.0
lcobucci/content-negotiation-middleware	require	minor	3.1.0 → 3.2.0
middlewares/negotiation	require	minor	2.1.0 → 2.2.0
php	require	minor	~8.1.0 || ~8.2.0 → ~8.1.0 || ~8.2.0 || ~8.5.0
psr/http-factory	require	minor	1.0.1 → 1.1.0
psr/http-message	require	minor	1.0.1 → 1.1
psr/http-server-handler	require	patch	1.0.1 → 1.0.2
psr/http-server-middleware	require	patch	1.0.1 → 1.0.2
shivammathur/setup-php	action	minor	2.24.0 → 2.37.0

---

Release Notes

actions/cache (actions/cache)

v3.5.0

Compare Source

• Bump actions/cache to v4.1.0

Full Changelog: actions/cache@v3...v3.5.0

v3.4.3

Compare Source

What's Changed

• Bump @​actions/cache to v4.0.2 by @​robherley

Full Changelog: actions/cache@v3.4.2...v3.4.3

v3.4.2

Compare Source

What's Changed

[!IMPORTANT]
As a reminder, there were important backend changes to release v3.4.0, see those release notes and the announcement for more details.

• Bump @​actions/cache to v4.0.1 by @​robherley in #​1554

Full Changelog: actions/cache@v3.4.0...v3.4.2

v3.4.1

Compare Source

[!WARNING]
This version was incorrectly released using a SHA pointing to a newer version for immutable actions only. Please use v3.4.2 (or v3) instead.

v3.4.0

Compare Source

⚠️ Important Changes

The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

Read more about the change & access the migration guide: reference to the announcement.

Minor changes

Minor and patch version updates for these dependencies:

• @​actions/core: 1.11.1
• @​actions/io: 1.1.3
• @​vercel/ncc: 0.38.3

Full Changelog: actions/cache@v3.3.3...v3.4.0

v3.3.3

Compare Source

What's Changed

• Cache v3.3.3 by @​robherley in #​1302

New Contributors

• @​robherley made their first contribution in #​1302

Full Changelog: actions/cache@v3...v3.3.3

v3.3.2

Compare Source

What's Changed

• Fixed readme with new segment timeout values by @​kotewar in #​1133
• Readme fixes by @​kotewar in #​1134
• Updated description of the lookup-only input for main action by @​kotewar in #​1130
• Change two new actions mention as quoted text by @​bishal-pdMSFT in #​1131
• Update Cross-OS Caching tips by @​pdotl in #​1122
• Bazel example (Take #​2️⃣) by @​vorburger in #​1132
• Remove actions to add new PRs and issues to a project board by @​jorendorff in #​1187
• Consume latest toolkit and fix dangling promise bug by @​chkimes in #​1217
• Bump action version to 3.3.2 by @​bethanyj28 in #​1236

New Contributors

• @​vorburger made their first contribution in #​1132
• @​jorendorff made their first contribution in #​1187
• @​chkimes made their first contribution in #​1217
• @​bethanyj28 made their first contribution in #​1236

Full Changelog: actions/cache@v3...v3.3.2

codecov/codecov-action (codecov/codecov-action)

v3.1.6

Compare Source

#Full Changelog: codecov/codecov-action@v3.1.5...v3.1.6

v3.1.5

Compare Source

What's Changed

• action.yml: Update to Node.js 20 by @​hallabro in #​1228

v3.1.4: 3.1.4

Compare Source

What's Changed

• build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3 by @​dependabot in #​970
• Fix typo in README.md by @​hisaac in #​967
• fix: add back in working dir by @​thomasrockhu-codecov in #​971
• fix: CLI option names for uploader by @​kleisauke in #​969
• build(deps-dev): bump @​types/node from 18.16.3 to 20.1.0 by @​dependabot in #​975
• build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2 by @​dependabot in #​979
• build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4 by @​dependabot in #​981
• release: 3.1.4 by @​thomasrockhu-codecov in #​983

New Contributors

• @​hisaac made their first contribution in #​967
• @​kleisauke made their first contribution in #​969

Full Changelog: codecov/codecov-action@v3.1.3...v3.1.4

v3.1.3: 3.1.3

Compare Source

What's Changed

• build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0 by @​dependabot in #​957
• build(deps): bump openpgp from 5.7.0 to 5.8.0 by @​dependabot in #​958
• build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12 by @​dependabot in #​959
• fix: allow for aarch64 build by @​thomasrockhu-codecov in #​960
• chore(release): bump to 3.1.3 by @​thomasrockhu-codecov in #​961

Full Changelog: codecov/codecov-action@v3.1.2...v3.1.3

v3.1.2: 3.1.2

Compare Source

What's Changed

• build(deps): bump node-fetch from 3.2.4 to 3.2.10 by @​dependabot in #​835
• build(deps-dev): bump @​types/node from 16.11.40 to 18.13.0 by @​dependabot in #​911
• build(deps-dev): bump @​vercel/ncc from 0.34.0 to 0.36.1 by @​dependabot in #​900
• build(deps-dev): bump typescript from 4.7.4 to 4.9.5 by @​dependabot in #​905
• Update README.md by @​stefanomunarini in #​718
• build(deps): bump openpgp from 5.4.0 to 5.5.0 by @​dependabot in #​819
• build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4 by @​dependabot in #​840
• build(deps): bump @​actions/core from 1.9.1 to 1.10.0 by @​dependabot in #​841
• build(deps): bump @​actions/github from 5.0.3 to 5.1.1 by @​dependabot in #​843
• build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2 by @​dependabot in #​896
• build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0 by @​dependabot in #​872
• build(deps): bump node-fetch from 3.2.10 to 3.3.0 by @​dependabot in #​869
• build(deps): bump decode-uri-component from 0.2.0 to 0.2.2 by @​dependabot in #​879
• build(deps): bump json5 from 2.2.1 to 2.2.3 by @​dependabot in #​895
• codeql-analysis.yml by @​minumulasri in #​898
• build(deps): bump ossf/scorecard-action from 1.1.1 to 2.1.2 by @​dependabot in #​889
• build(deps-dev): bump @​types/node from 18.13.0 to 18.14.0 by @​dependabot in #​922
• build(deps): bump openpgp from 5.5.0 to 5.7.0 by @​dependabot in #​924
• build(deps-dev): bump @​types/node from 18.14.0 to 18.14.2 by @​dependabot in #​927
• Remove unsupported path_to_write_report argument by @​jsoref in #​851
• Update README to contain correct information - inputs and negate feature by @​moshe-azaria-sage in #​901
• build(deps-dev): bump @​types/node from 18.14.2 to 18.14.6 by @​dependabot in #​933
• build(deps-dev): bump @​types/node from 18.14.6 to 18.15.0 by @​dependabot in #​937
• build(deps-dev): bump @​types/node from 18.15.0 to 18.15.5 by @​dependabot in #​945
• build(deps): bump node-fetch from 3.3.0 to 3.3.1 by @​dependabot in #​938
• build(deps-dev): bump @​types/node from 18.15.5 to 18.15.6 by @​dependabot in #​946
• build(deps-dev): bump @​types/node from 18.15.6 to 18.15.10 by @​dependabot in #​947
• build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @​dependabot in #​951
• fix: add in all the extra arguments for uploader by @​thomasrockhu-codecov in #​955
• chore(release): bump to 3.1.2 by @​thomasrockhu-codecov in #​956

New Contributors

• @​stefanomunarini made their first contribution in #​718
• @​minumulasri made their first contribution in #​898
• @​jsoref made their first contribution in #​851
• @​moshe-azaria-sage made their first contribution in #​901

Full Changelog: codecov/codecov-action@v3.1.1...v3.1.2

infection/infection (infection/infection)

v0.32.6

Compare Source

Fixed:

• fix(testing): Ensure BaseMutatorTestCase handles custom mutator names by @​to-mo-ki in #​2992

New Contributors

• @​to-mo-ki made their first contribution in #​2992

Full Changelog: infection/infection@0.32.5...0.32.6

v0.32.5

Compare Source

Fixed:

• Fix logical or mutator failing on sigil comparison by @​BackEndTea in #​2976

Full Changelog: infection/infection@0.32.4...0.32.5

v0.32.4

Compare Source

Added:

• • feat: add support for sebastian/diff v8 by @​darthf1 in #​2950

Internal:

• Do not allow new timed-out mutants for PRs thanks to --max-timeouts=0 by @​maks-rafalko in #​2845
• feat: Add performance metrics collection workflow by @​sanmai in #​2804
• Update CI badges in README.md by @​sanmai in #​2852
• feat(teamcity): Add the mutation ID to the TeamCity messages by @​theofidry in #​2909
• test: Use the same differ as configured for the application for DifferTest by @​theofidry in #​2921
• feat(teamcity): Add a debug command by @​theofidry in #​2868
• refactor(reporter): Rename the "loggers" to reporters by @​theofidry in #​2932

Full Changelog: infection/infection@0.32.3...0.32.4

v0.32.3

Compare Source

Added:

• Add --with-timeouts and --max-timeouts options by @​sanmai in #​2817
• feat: Add --logger-summary-json CLI option by @​sanmai in #​2825

Internal:

• perf: Do not fetch the file contents multiple times by @​theofidry in #​2788
• ci: Enable OPcache for mutation testing workflow by @​sanmai in #​2810
• [Conductor] Update sanmai/pipeline to 7.7 by @​private-packagist[bot] in #​2818
• ci: Merge MT workflow jobs to reduce runner overhead by @​sanmai in #​2819
• refactor: Reduce the coupling of the coverage report on the filesystem by @​theofidry in #​2820
• refactor: Reduce the coupling of the coverage report on the filesystem by @​theofidry in #​2821
• test: Fix flaky git base test by accepting both valid formats by @​sanmai in #​2824
• test: Relocate specific coverage fixtures by @​theofidry in #​2823
• refactor: Add getStringOption to RunCommandHelper by @​sanmai in #​2826
• test: Improve the quality of the code coverage for the PHPUnit e2e tests by @​theofidry in #​2822
• refactor: Remove dependency on FinderSplFileInfo by @​theofidry in #​2812
• cs: Fix trailing whitespace check of a fixture file by @​theofidry in #​2828
• test: Remove obsolete fixture files by @​theofidry in #​2830
• test: Restructure the coverage tests to leverage more data providers by @​theofidry in #​2827
• refactor(test): Ensure we use the same traverse as infection for the mutator tests by @​theofidry in #​2831
• build: Make the check trailing whitespaces script fail on non-existent files by @​theofidry in #​2829
• ci: Use var/coverage instead of var/logs for coverage files by @​sanmai in #​2834
• test: Mark the TracerProvider integration test as part of the integration group by @​theofidry in #​2836

Full Changelog: infection/infection@0.32.2...0.32.3

v0.32.2

Compare Source

Fixed:

• fix: Properly isolate function bodies in NextConnectingVisitor by @​sanmai in #​2796

Full Changelog: infection/infection@0.32.1...0.32.2

v0.32.1

Compare Source

Added:

• Implement array_first() and array_last() mutators for PHP 8.5 by @​Copilot in #​2756

Fixed:

• Fix the tracing adapter service for Widows by @​theofidry in #​2790
• Fix InitialTestsRunnerTest flakiness by @​sanmai in #​2786

Full Changelog: infection/infection@0.32.0...0.32.1

v0.32.0

Compare Source

Fixed:

• [BC BREAK!] The relative paths of the sources (source.directories in the Infection configuration file) are no longer relative to the current working directory but instead to the location of the configuration file.

v0.31.9: Support PHPStan-dev version in PHPStanAdapter

Compare Source

Changed:

• Support PHPStan-dev version in PHPStanAdapter by @​staabm #​2495

Full Changelog: infection/infection@0.31.8...0.31.9

v0.31.8

Compare Source

Changed:

• Support PHPStan dev-versions by @​staabm #​2492

Full Changelog: infection/infection@0.31.7...0.31.8

v0.31.7: Show uncovered mutants to output when --with-uncovered is used

Compare Source

Fixed:

• Show uncovered mutants to output when --with-uncovered is used by @​maks-rafalko in #​2443
• Update description of --dry-run by @​maks-rafalko in #​2436

Full Changelog: infection/infection@0.31.6...0.31.7

v0.31.6: Introduce --logger-text option

Compare Source

Added:

• Introduce --logger-text option to enforce text logger file path by @​romm in #​2438

Full Changelog: infection/infection@0.31.5...0.31.6

v0.31.5

Compare Source

Fixed:

• Fix --dry-run option using DryRunProcess wrapper (alternative approach) by @​sanmai in #​2435

Changed:

• Use/Suggest executionOrder="defects,random" for phpunit.xml by @​staabm in #​2267
• Get rid of custom CloneVisitor and use native CloningVisitor from php-parser by @​maks-rafalko in #​2430

Full Changelog: infection/infection@0.31.4...0.31.5

v0.31.4

Compare Source

Changed:

• PHPStan integration: drop --fail-without-result-cache by @​staabm in #​2429

Internal:

• Fix escaping mutation in FilterBuilder by @​sanmai in #​2428

Full Changelog: infection/infection@0.31.3...0.31.4

v0.31.3: PHPStan running out of memory when attempting --static-analysis-tool=phpstan

Compare Source

Fixed:

• Fix PHPStan running out of memory during initial static analysis by @​sanmai in #​2427
• fix: Drop PHPUnit filters when they are too long by @​theofidry in #​2415

Changed:

• Removed mention of Pest by @​sasezaki in #​2423
• perf: Optimize the PHPUnit filters by @​theofidry in #​2407
• README.md - Bump PHP version to 8.2 by @​sasezaki in #​2422
• Improve the source filtering messages by @​theofidry in #​2394

Internal:

• test: Leverage the PHPUnit assertIsList by @​theofidry in #​2385
• test: Move the SourceFileCollector fixtures next to its test case by @​theofidry in #​2384
• fix: Rename the exclude parameter of the SourceFileCollector by @​theofidry in #​2383
• test: Fix issues reported by PHPStan for SourceFileCollectorTest by @​theofidry in #​2386
• fix: Make the source file collector yield a list by @​theofidry in #​2392
• refactor: Minor tweaks to FilterBuidler by @​theofidry in #​2410
• Fix bugs identified by PHPStan 2.1.30 by @​sanmai in #​2419

Full Changelog: infection/infection@0.31.2...0.31.3

v0.31.2: --static-analysis-tool-options and no MSI shown by default for non-covered code

Compare Source

Added:

• Remove Mutation Score Indicator (MSI) from default output, show only with --with-uncovered by @​Copilot in #​2378

Changed:

• Add --static-analysis-tool-options CLI option with proper multiple options support by @​Copilot in #​2374

Internal:

• Fixed mutator list for E2E fixtures by @​sanmai in #​2359
• Kill mutant found in #​2361 by @​maks-rafalko in #​2362
• Fix "Method ReflectionProperty::setAccessible() is deprecated since 8.5, as it has no effect" by @​staabm in #​2364
• Remove lower-bound composer constraints by @​staabm in #​2366
• Fix PHPUnit 9.x compatibility by @​staabm in #​2368
• ✨ Add Copilot instructions for Infection mutation testing framework by @​Copilot in #​2376
• Add copilot-setup-steps.yml by @​maks-rafalko in #​2377

New Contributors

• @​Copilot made their first contribution in #​2376

Full Changelog: infection/infection@0.31.1...0.31.2

v0.31.1: Cleanup old PHPUnit cache files in Infection tmp directory

Compare Source

Added:

• Cleanup PHPUnit result-cache files older than 30 days by @​staabm in #​2349

Internal:

• DiffColorizerTest: Add multi byte tests by @​staabm in #​2354
• Kill timed out mutants in DiffColorizer by @​staabm in #​2353
• CI: Added PHP 8.5 setup by @​staabm in #​2348
• [Conductor] Update all of phpstan by @​private-packagist[bot] in #​2340
• [Conductor] Update all of sanmai by @​private-packagist[bot] in #​2345
• [Conductor] Update nikic/php-parser to v5.6.0 by @​private-packagist[bot] in #​2346
• [Conductor] Update sidz/phpstan-rules to 0.5.2 by @​private-packagist[bot] in #​2347
• [Conductor] Update phpunit/phpunit to 11.5.28 by @​private-packagist[bot] in #​2351
• [Conductor] Update myclabs/deep-copy to 1.13.4 by @​private-packagist[bot] in #​2352
• [Conductor] Update sanmai/di-container to 0.1.5 by @​private-packagist[bot] in #​2355

Full Changelog: infection/infection@0.31.0...0.31.1

v0.31.0

Compare Source

Changed:

• [BR BREAK!] Remove --only-covered; Introduce --with-uncovered instead by @​staabm in #​2336
• Directly enqueue follow-up processes by @​sanmai in #​2322
• Use executionOrder="defects,random" for phpunit.xml by @​staabm in #​2328

Fixed:

• Fix CLI output rendering for diffs which contain symfony-style like text by @​staabm in #​2338

Internal:

• Update the pipeline library to version 7 by @​sanmai in #​2342
• Switch to sanmai/di-container by @​sanmai in #​2343

Backward Compatibility Break

This version introduces BC Break. Do the following:

1. If you used Infection for all the code, including uncovered, like bin/infection, now you need to add --with-uncovered, because by default, Infection doesn't mutate uncovered code anymore

- bin/infection
+ bin/infection --with-uncovered

2. If you used Infection for the only code covered by tests, like bin/infection --only-covered, you need to remove this option because now this is a default behavior and this options has been removed

- bin/infection --only-covered
+ bin/infection

3. If you used Infection for all the code, including uncovered, but now you want to mutated only covered code, do nothing (default behavior has been changed)

# continue using
bin/infection

Full Changelog: infection/infection@0.30.3...0.31.0

v0.30.3

Compare Source

Changed:

• [BR BREAK!] Remove --only-covered; Introduce --with-uncovered instead by @​staabm in #​2336
• Directly enqueue follow-up processes by @​sanmai in #​2322
• Use executionOrder="defects,random" for phpunit.xml by @​staabm in #​2328

Fixed:

• Fix CLI output rendering for diffs which contain symfony-style like text by @​staabm in #​2338

Internal:

• Update the pipeline library to version 7 by @​sanmai in #​2342
• Switch to sanmai/di-container by @​sanmai in #​2343

Backward Compatibility Break

This version introduces BC Break. Do the following:

1. If you used Infection for all the code, including uncovered, like bin/infection, now you need to add --with-uncovered, because by default, Infection doesn't mutate uncovered code anymore

- bin/infection
+ bin/infection --with-uncovered

2. If you used Infection for the only code covered by tests, like bin/infection --only-covered, you need to remove this option because now this is a default behavior and this options has been removed

- bin/infection --only-covered
+ bin/infection

3. If you used Infection for all the code, including uncovered, but now you want to mutated only covered code, do nothing (default behavior has been changed)

# continue using
bin/infection

Full Changelog: infection/infection@0.30.3...0.31.0

v0.30.2

Compare Source

Added:

• [new mutator] Add ReturnRemoval mutator by @​sanmai in #​2296

Changed:

• Don't show 0 metrics in result summary by @​staabm in #​2311

Fixed:

• Do not report unmatched ignored errors for PHPStan killer for a mutant by @​maks-rafalko in #​2326

Internal:

• Replace array-by-reference with a SplQueue object by @​sanmai in #​2321

Full Changelog: infection/infection@0.30.2...0.30.3

v0.30.1

Compare Source

Changed:

• [performance] Smarter LogicalNot mutator by @​staabm in #​2283
• [performance] MutationProcess timeout is based on test-execution time by @​staabm in #​2300
• DX: Automatically determine git reference branch by @​staabm in #​2289
• Support NullSafe PropertyFetch/MethodCall in ArrayItem mutator by @​staabm in #​2294
• Make ArrayItem mutator less evil by @​sanmai in #​2299
• Remove IdenticalEqual by @​sanmai in #​2248
• Allow setting static analysis tool in config file by @​maks-rafalko in #​2301

Internal:

• Cleanup composer.json conflict rules with phpunit/php-code-coverage by @​staabm in #​2288
• Test forgotten PhpStan value object by @​maks-rafalko in #​2302
• Finally, fix the worst and the most unmaintainable test ever by @​maks-rafalko in #​2304
• Rename functions of ReflectionVisitor.php by @​maks-rafalko in #​2308
• Add threads=max to infection.json5 by @​maks-rafalko in #​2307
• Improve ParallelProcessRunner to guard against ReturnRemoval mutator by @​sanmai in #​2310
• Refactor SchemaConfigurationTest by @​sanmai in #​2305

Full Changelog: infection/infection@0.30.1...0.30.2

v0.30.0

Compare Source

Changed:

• TextFileLogger: add hints about different logfile options by @​staabm in #​2278
• [performance] Smarter TrueValue/FalseValue mutator by @​staabm in #​2280

Fixed:

• Fix HTML report with --static-analysis-tool=phpstan by @​maks-rafalko in #​2284

Internal:

• Fix a MethodCallRemoval test by @​staabm in #​2282

Full Changelog

v0.29.14

Compare Source

Full Changelog

Added:

• Add --threads to the config file under threads key by @​maks-rafalko in #​2158
• Support --show-mutations=int|max to support non-bool values by @​staabm in #​2216
• Introduce --id=<mutant-hash> to run the only one Mutant for killing it by @​maks-rafalko in #​2226
• Implement perMutator timings by @​staabm in #​2164
• Render process-limit into perMutator logger table header by @​staabm in #​2175
• Introduce a nomenclature by @​theofidry in #​1428
• Kill mutants by Static Analysis (PHPStan `--static-analysis-to

[renovate]

Branch automerge failure

This PR was configured for branch automerge. However, this is not possible, so it has been raised as a PR instead.

---

• Branch has one or more failed status checks

[renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: composer.lock

Command failed: composer update infection/infection:0.28.1 laminas/laminas-diactoros:2.26.0 lcobucci/content-negotiation-middleware:3.2.0 middlewares/negotiation:2.1.1 phpstan/extension-installer:1.3.1 psr/http-factory:1.0.2 psr/http-message:1.1 psr/http-server-handler:1.0.2 psr/http-server-middleware:1.0.2 --with-dependencies --ignore-platform-req='ext-*' --ignore-platform-req='lib-*' --no-ansi --no-interaction --no-scripts --no-autoloader --no-plugins
Loading composer repositories with package information
Dependency fig/http-message-util is also a root requirement. Package has not been listed as an update argument, so keeping locked at old version. Use --with-all-dependencies (-W) to include root dependencies.
Dependency phpstan/phpstan is also a root requirement. Package has not been listed as an update argument, so keeping locked at old version. Use --with-all-dependencies (-W) to include root dependencies.
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Root composer.json requires infection/infection ^0.28.0 -> satisfiable by infection/infection[0.28.1].
    - infection/infection 0.28.1 requires nikic/php-parser ^5.0 -> found nikic/php-parser[v5.0.0, v5.0.1, v5.0.2] but these were not loaded, likely because it conflicts with another require.

Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: composer.lock

Command failed: composer update infection/infection:0.32.6 laminas/laminas-diactoros:2.26.0 lcobucci/content-negotiation-middleware:3.2.0 middlewares/negotiation:2.2.0 php:8.5.4 psr/http-factory:1.1.0 psr/http-message:1.1 psr/http-server-handler:1.0.2 psr/http-server-middleware:1.0.2 --with-dependencies --ignore-platform-req=ext-* --ignore-platform-req=lib-* --no-ansi --no-interaction --no-scripts --no-autoloader --no-plugins --minimal-changes
Loading composer repositories with package information
Pattern "php" listed for update matches platform packages, but these cannot be updated by Composer.
Dependency fig/http-message-util is also a root requirement. Package has not been listed as an update argument, so keeping locked at old version. Use --with-all-dependencies (-W) to include root dependencies.
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - chimera/foundation is locked to version 1.0.x-dev and an update of this package was not requested.
    - chimera/foundation 1.0.x-dev requires php ~8.1.0 || ~8.2.0 -> your php version (8.5.4) does not satisfy that requirement.
  Problem 2
    - Root composer.json requires lcobucci/content-negotiation-middleware ^3.1 -> satisfiable by lcobucci/content-negotiation-middleware[3.2.0].
    - lcobucci/content-negotiation-middleware 3.2.0 requires php ~8.1.0 || ~8.2.0 || ~8.3.0 -> your php version (8.5.4) does not satisfy that requirement.
  Problem 3
    - Root composer.json requires infection/infection ^0.32.0 -> satisfiable by infection/infection[0.32.6].
    - infection/infection 0.32.6 requires nikic/php-parser ^5.6.2 -> found nikic/php-parser[v5.6.2, v5.7.0] but these were not loaded, likely because it conflicts with another require.
  Problem 4
    - Root composer.json requires laminas/laminas-diactoros ^2.24.2 -> satisfiable by laminas/laminas-diactoros[2.26.0].
    - laminas/laminas-diactoros 2.26.0 requires php ~8.0.0 || ~8.1.0 || ~8.2.0 || ~8.3.0 -> your php version (8.5.4) does not satisfy that requirement.

Use the option --with-all-dependencies (-W) to allow upgrades, downgrades and removals for packages currently locked to specific versions.