chore(deps-dev): update friendsofphp/php-cs-fixer requirement from 3.95.3 to 3.95.4

[dependabot]

Updates the requirements on friendsofphp/php-cs-fixer to permit the latest version.

Release notes

Sourced from friendsofphp/php-cs-fixer's releases.

v3.95.4 Adalbertus

What's Changed

• test: improve data providers return types by @​kubawerlos in PHP-CS-Fixer/PHP-CS-Fixer#9642
• chore: improve ArrayIndentationFixer by @​kubawerlos in PHP-CS-Fixer/PHP-CS-Fixer#9643
• deps: bump crate-ci/typos from 1.46.2 to 1.47.0 in /.github/workflows in the all group across 1 directory by @​dependabot[bot] in PHP-CS-Fixer/PHP-CS-Fixer#9639
• chore: improve ControlCaseStructuresAnalyzer by @​kubawerlos in PHP-CS-Fixer/PHP-CS-Fixer#9644
• chore: improve ClassDefinitionFixer by @​kubawerlos in PHP-CS-Fixer/PHP-CS-Fixer#9645
• chore: improve NoSuperfluousPhpdocTagsFixer by @​kubawerlos in PHP-CS-Fixer/PHP-CS-Fixer#9646
• chore: improve NoAliasFunctionsFixer by @​kubawerlos in PHP-CS-Fixer/PHP-CS-Fixer#9647
• chore: improve WorkerException by @​kubawerlos in PHP-CS-Fixer/PHP-CS-Fixer#9648
• chore: improve PhpUnitTestCaseStaticMethodCallsFixer by @​kubawerlos in PHP-CS-Fixer/PHP-CS-Fixer#9649
• chore: improve Token by @​kubawerlos in PHP-CS-Fixer/PHP-CS-Fixer#9650
• deps: bump PHPStan to 2.2.1 by @​kubawerlos in PHP-CS-Fixer/PHP-CS-Fixer#9635
• deps: minor upgrades of dev-tools by @​keradus in PHP-CS-Fixer/PHP-CS-Fixer#9653
• chore: minor updates around PHPStan by @​keradus in PHP-CS-Fixer/PHP-CS-Fixer#9651
• fix: Address credential exposure concern related to using ergebnis/agent-detector for detecting the presence of an AI agent by @​localheinz in PHP-CS-Fixer/PHP-CS-Fixer#9656

Full Changelog: PHP-CS-Fixer/PHP-CS-Fixer@v3.95.3...v3.95.4

Changelog

Sourced from friendsofphp/php-cs-fixer's changelog.

Changelog for v3.95.4

• chore: improve ArrayIndentationFixer (#9643)
• chore: improve ClassDefinitionFixer (#9645)
• chore: improve ControlCaseStructuresAnalyzer (#9644)
• chore: improve NoAliasFunctionsFixer (#9647)
• chore: improve NoSuperfluousPhpdocTagsFixer (#9646)
• chore: improve PhpUnitTestCaseStaticMethodCallsFixer (#9649)
• chore: improve Token (#9650)
• chore: improve WorkerException (#9648)
• chore: minor updates around PHPStan (#9651)
• deps: bump crate-ci/typos from 1.46.2 to 1.47.0 in /.github/workflows in the all group across 1 directory (#9639)
• deps: bump PHPStan to 2.2.1 (#9635)
• deps: minor upgrades of dev-tools (#9653)
• fix: Address credential exposure concern related to using ergebnis/agent-detector for detecting the presence of an AI agent (#9656)
• test: improve data providers return types (#9642)

Changelog for v3.95.3

• fix: MultilinePromotedPropertiesFixer - fix for new in initializers (#9619)
• fix: PhpdocLineSpanFixer - run after NoSuperfluousPhpdocTagsFixer (#9615)
• CI: add generic phpstan/phpstan-deprecation-rules, so usage of old deprecated constants is detected (#9636)
• CI: replace PHP 8.6snapshot with nightly in matrix (#9628)
• deps: bump crate-ci/typos from 1.46.0 to 1.46.1 in /.github/workflows in the all group across 1 directory (#9624)
• deps: bump crate-ci/typos from 1.46.1 to 1.46.2 in /.github/workflows in the all group across 1 directory (#9631)
• deps: bump ergebnis/composer-normalize from 2.51.0 to 2.52.0 in /dev-tools (#9627)
• deps: bump the phpstan group in /dev-tools with 2 updates (#9626)
• deps: upgrade misc deps (#9621)
• refactor: AttributeBlockNoSpacesFixer - no need for loop when we already know bracket indices (#9446)

Changelog for v3.95.2

• fix: MethodArgumentSpaceFixer - avoid collapsing multi-line arguments (#9559)
• fix: ModifierKeywordsFixer - do not break PHP syntax for closures in constant expressions (#9596)
• fix: NoRedundantReadonlyPropertyFixer - fix TypeError when trait contains anonymous class (#9457)
• fix: PhpUnitAttributesFixer - add missing handling of CoversMethod and naive handling of CoversTrait (#9588)
• fix: TextReporter - always show summary footer (#9595)
• deps: bump crate-ci/typos from 1.45.1 to 1.46.0 in /.github/workflows in the all group across 1 directory (#9605)
• deps: bump ergebnis/composer-normalize from 2.50.0 to 2.51.0 in /dev-tools (#9561)
• deps: bump phpstan/phpstan from 2.1.46 to 2.1.47 in /dev-tools in the phpstan group (#9560)
• deps: bump phpstan/phpstan from 2.1.51 to 2.1.52 in /dev-tools in the phpstan group (#9601)
• deps: bump PHPUnit patch versions (#9593)
• deps: bump shipmonk/dead-code-detector from 1.0.0 to 1.1.0 in /dev-tools in the shipmonk group across 1 directory (#9569)
• deps: bump the all group across 1 directory with 2 updates (#9570)
• deps: bump the phpstan group across 1 directory with 2 updates (#9608)
• deps: update facile-it/paraunit to ^2.11 (#9589)
• deps: upgrade PHPUnit in GitHub Actions (#9577)

... (truncated)

Commits

• 3f8f688 prepared the 3.95.4 release
• 3299804 fix: Address credential exposure concern related to using `ergebnis/agent-det...
• 43e87d4 chore: minor updates around PHPStan (#9651)
• 572faf8 deps: minor upgrades of dev-tools (#9653)
• 43a55d3 deps: bump PHPStan to 2.2.1 (#9635)
• 3707546 chore: improve Token (#9650)
• 4b1c35d chore: improve PhpUnitTestCaseStaticMethodCallsFixer (#9649)
• a46940c chore: improve WorkerException (#9648)
• 67a6eea chore: improve NoAliasFunctionsFixer (#9647)
• 35da246 chore: improve NoSuperfluousPhpdocTagsFixer (#9646)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (a8a6d23) to head (9c96a1c).
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@             Coverage Diff             @@
##                main       #77   +/-   ##
===========================================
  Coverage     100.00%   100.00%           
  Complexity        40        40           
===========================================
  Files              2         2           
  Lines             80        80           
===========================================
  Hits              80        80           

Flag	Coverage Δ
unittests	100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

[valbeat]

Automated Dependency Update Review

Summary

• Package: friendsofphp/php-cs-fixer
• Version Change: 3.95.3 → 3.95.4
• Update Type: patch

Review Notes

Standard patch update of a dev dependency. The diff only touches the version constraint in composer.json — no other files changed. All CI checks pass (the earlier "PHP 8.4 Tests" failure was a transient Codecov GPG verification issue, resolved by re-running the job).

Decision

This update has been reviewed and approved for auto-merge.

---

Reviewed by Claude Code

[valbeat]

LGTM - automated review by Claude