chore(deps): update dependency php-coveralls/php-coveralls to v2.9.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
php-coveralls/php-coveralls	2.7.0 -> 2.9.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

php-coveralls/php-coveralls (php-coveralls/php-coveralls)

v2.9.0

Compare Source

Maintenance release

Add support

• Add support for Symfony 8 (#​391)
• Add support for PHP 8.4 (#​392)
• Add support for psr/log:^3 (#​402)

Drop support

• Drop support for PHP 7.0-7.3 (#​393)
• Drop support for legacy Symfomny 2-3-4 (#​397)

Docs

• docs: update Parallel Build Webhook URL (#​374)
• docs: update phpunit.xml.dist examples for coverage, to match modern PHPUnit versions (#​401)

Miscellaneous

• CD: build command (#​388)
• CI: recover accidentally dropped 8.3 job (#​399)
• Fix autoload warnings (#​389)
• chore: remove phpcpd as abandoned (#​400)
• chore: update PHPUnit dev-deps to support v9-10-11 (#​394)
• chore: update phpspec/prophecy-phpunit to 2.4 (#​398)
• deps: bump dev-tools (#​396)
• deps: upgrade PHP CS Fixer (#​395)

v2.8.0

Compare Source

Miscellaneous

• Add .gitattributes (#​381)
• Create SECURITY.md
• Fix CI (#​379)
• Fix typos (#​372)
• Remove duplicated word "other" (#​380)
• Update SECURITY.md (#​383)
• chore: fix typo (#​384)
• chore: overcome prophecy warning (#​386)
• chore: upgrade SCA, run PHP CS Fixer (#​385)
• tests: update data provider to not use 'this' (#​387)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

Branch automerge failure

This PR was configured for branch automerge. However, this is not possible, so it has been raised as a PR instead.

---

• Branch has one or more failed status checks

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: api/composer.lock

Command failed: composer update php-coveralls/php-coveralls:2.9.0 --with-dependencies --ignore-platform-req='ext-*' --ignore-platform-req='lib-*' --no-ansi --no-interaction --no-scripts --no-autoloader --no-plugins --minimal-changes
Loading composer repositories with package information
Dependency guzzlehttp/guzzle is also a root requirement. Package has not been listed as an update argument, so keeping locked at old version. Use --with-all-dependencies (-W) to include root dependencies.
Dependency symfony/console is also a root requirement. Package has not been listed as an update argument, so keeping locked at old version. Use --with-all-dependencies (-W) to include root dependencies.
Dependency symfony/stopwatch is also a root requirement. Package has not been listed as an update argument, so keeping locked at old version. Use --with-all-dependencies (-W) to include root dependencies.
Dependency symfony/yaml is also a root requirement. Package has not been listed as an update argument, so keeping locked at old version. Use --with-all-dependencies (-W) to include root dependencies.
Updating dependencies
Your requirements could not be resolved to an installable set of packages.

  Problem 1
    - Root composer.json requires api-platform/core 3.3.6 (exact version match: 3.3.6 or 3.3.6.0), found api-platform/core[v3.3.6] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-gs8r-6kz6-pp56", "PKSA-gnn4-pxdg-q76m") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 2
    - Root composer.json requires symfony/http-client 7.1.7 (exact version match: 7.1.7 or 7.1.7.0), found symfony/http-client[v7.1.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-4k7v-pfvw-nqvp") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 3
    - friendsofsymfony/http-cache-bundle is locked to version 3.1.1 and an update of this package was not requested.
    - friendsofsymfony/http-cache-bundle 3.1.1 requires symfony/http-foundation ^6.4 || ^7.0 -> found symfony/http-foundation[v6.4.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 4
    - knpuniversity/oauth2-client-bundle is locked to version v2.18.3 and an update of this package was not requested.
    - knpuniversity/oauth2-client-bundle v2.18.3 requires symfony/http-foundation ^5.4|^6.0|^7.0 -> found symfony/http-foundation[v5.4.0, ..., v5.4.50, v6.0.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 5
    - lexik/jwt-authentication-bundle is locked to version v3.1.1 and an update of this package was not requested.
    - lexik/jwt-authentication-bundle v3.1.1 requires symfony/http-foundation ^6.4|^7.0 -> found symfony/http-foundation[v6.4.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 6
    - sentry/sentry-symfony is locked to version 4.14.0 and an update of this package was not requested.
    - sentry/sentry-symfony 4.14.0 requires symfony/security-http ^4.4.20||^5.0.11||^6.0||^7.0 -> found symfony/security-http[v4.4.20, ..., v4.4.50, v5.0.11, ..., v5.4.47, v6.0.0, ..., v6.4.26, v7.0.0, ..., v7.3.5] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-rqvm-b18n-vg69") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 7
    - symfony/framework-bundle is locked to version v7.1.6 and an update of this package was not requested.
    - symfony/framework-bundle v7.1.6 requires symfony/http-foundation ^6.4|^7.0 -> found symfony/http-foundation[v6.4.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 8
    - symfony/security-bundle is locked to version v7.1.6 and an update of this package was not requested.
    - symfony/security-bundle v7.1.6 requires symfony/http-foundation ^6.4|^7.0 -> found symfony/http-foundation[v6.4.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 9
    - symfony/twig-bundle is locked to version v7.1.6 and an update of this package was not requested.
    - symfony/twig-bundle v7.1.6 requires symfony/http-foundation ^6.4|^7.0 -> found symfony/http-foundation[v6.4.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
  Problem 10
    - symfony/web-profiler-bundle is locked to version v7.1.7 and an update of this package was not requested.
    - symfony/framework-bundle v7.1.6 requires symfony/http-foundation ^6.4|^7.0 -> found symfony/http-foundation[v6.4.0, ..., v6.4.29, v7.0.0, ..., v7.3.7] but these were not loaded, because they are affected by security advisories. To ignore the advisories, add ("PKSA-365x-2zjk-pt47") to the audit "ignore" config. To turn the feature off entirely, you can set "block-insecure" to false in your "audit" config.
    - symfony/web-profiler-bundle v7.1.7 requires symfony/framework-bundle ^6.4|^7.0 -> satisfiable by symfony/framework-bundle[v7.1.6].