Build(deps-dev): Bump vimeo/psalm from 3.9.5 to 3.10.0

[dependabot-preview]

Bumps vimeo/psalm from 3.9.5 to 3.10.0.

Release notes

Sourced from vimeo/psalm's releases.

Improve help messages

Features

Including links in issue output

Some of Psalm's error messages may not be immediately clear to the user. Psalm's default console output now includes links to help documents that provide more context (#2977, #2978):

ERROR: InvalidArgument - somefile.php:8:19 - Argument 1 of getAttribute expects string, int provided (see https://psalm.dev/004)

Other features

• @ArSn added support for customising Psalter output – by default it inserts two newlines between different docblock sections, but with --add-newline-between-docblock-annotations=false that behaviour is disabled.
• @ragboyjr added inner closure signature inference for functions that return a closure, allowing you to write fewer docblocks - see #2896 for more
• if ($expression_that_evaluates_to_true) and if ($expression_that_evaluates_to_false) are now flagged as errors
• @caugner and @yaegassy improved the documentation around Generator types and the LSP mode, respectively
• --diff mode now will look at file contents as well as modification time to determine whether it has changed - thanks @bendavies (#2991))
• @ShiraNai7 improved the return type for parse_url(), making it a little more safe (#2955)

Bugfixes

• Prevent breakages when analysing files with CRLF line endings (#2953)
• treat Exception::getMessage as mutation-free (#2956)
• prevent subclasses overriding final methods (#2958)
• fixed a couple of unreferenced var false-positives (#2970, #2954)
• detect assigning collections of mutable objects inside an immutable class (#2946)
• Don't emit TooManyArguments where one of a union accepts more than the other (#946, #1843)
• Do more to understand whether the current context has already exited (#2920)
• Improve handling of special arrray types like lists after passing into a function that unpacks array args (#2982)
• ignore MixedReturnTypeCoercion when a non-mixed Generator send param is given (#2987)
• fix erroneous InvalidStaticInvocation when @mixin implements same methods as a parent class (#2989)
• @LeSuisse improved the params for sodium_base642bin() (#2997)
• @kelunik added a better return type for Generator::throw and allowed Error to be extended (#3001, #3002)
• reset property types when analysing a closure defined in a class (#3004)

Commits

• 6058725 Add prototype for conditional return type
• 2669434 Fix unknown variable
• 6746f1c Fix #3004 - reset property types inside a closure defined in a class
• c986cdf Allow edge-case of by-reference assignment with unitiliazed property
• a7affbe Add \Error stub (#3002)
• dd9924e Fix Generator::throw return type (#3001)
• e557933 Add explanation for MixedMethodCall
• e6a0fe0 Add a better description to PossiblyInvalidArgument
• 4079b53 Fix typo (#2999)
• e49a5dd Add more docs
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once CI passes on it, as requested by @ergebnis-bot.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yaml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[codecov]

Codecov Report

Merging #212 into master will not change coverage by %.
The diff coverage is n/a.

@@             Coverage Diff             @@
##              master      #212   +/-   ##
===========================================
  Coverage     100.00%   100.00%           
  Complexity        41        41           
===========================================
  Files              4         4           
  Lines            159       159           
===========================================
  Hits             159       159           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 50db7e7...c9843ae. Read the comment docs.