Build(deps-dev): Bump vimeo/psalm from 3.9.5 to 3.10.1

[dependabot-preview]

Bumps vimeo/psalm from 3.9.5 to 3.10.1.

Release notes

Sourced from vimeo/psalm's releases.

Fix astract method call false positive

A newly-introduced check caused a false-positive with perfectly valid code, so this is a small release to bump (#3007)

Improve help messages

Features

Including links in issue output

Some of Psalm's error messages may not be immediately clear to the user. Psalm's default console output now includes links to help documents that provide more context (#2977, #2978):

ERROR: InvalidArgument - somefile.php:8:19 - Argument 1 of getAttribute expects string, int provided (see https://psalm.dev/004)

Other features

• @ArSn added support for customising Psalter output – by default it inserts two newlines between different docblock sections, but with --add-newline-between-docblock-annotations=false that behaviour is disabled.
• @ragboyjr added inner closure signature inference for functions that return a closure, allowing you to write fewer docblocks - see #2896 for more
• if ($expression_that_evaluates_to_true) and if ($expression_that_evaluates_to_false) are now flagged as errors
• @caugner and @yaegassy improved the documentation around Generator types and the LSP mode, respectively
• --diff mode now will look at file contents as well as modification time to determine whether it has changed - thanks @bendavies (#2991))
• @ShiraNai7 improved the return type for parse_url(), making it a little more safe (#2955)

Bugfixes

• Prevent breakages when analysing files with CRLF line endings (#2953)
• treat Exception::getMessage as mutation-free (#2956)
• prevent subclasses overriding final methods (#2958)
• fixed a couple of unreferenced var false-positives (#2970, #2954)
• detect assigning collections of mutable objects inside an immutable class (#2946)
• Don't emit TooManyArguments where one of a union accepts more than the other (#946, #1843)
• Do more to understand whether the current context has already exited (#2920)
• Improve handling of special arrray types like lists after passing into a function that unpacks array args (#2982)
• ignore MixedReturnTypeCoercion when a non-mixed Generator send param is given (#2987)
• fix erroneous InvalidStaticInvocation when @mixin implements same methods as a parent class (#2989)
• @LeSuisse improved the params for sodium_base642bin() (#2997)
• @kelunik added a better return type for Generator::throw and allowed Error to be extended (#3001, #3002)
• reset property types when analysing a closure defined in a class (#3004)

Commits

• eeed5ec Only prevent AbstractMethodCall on direct calls
• 2043e85 Increase header weight
• 6058725 Add prototype for conditional return type
• 2669434 Fix unknown variable
• 6746f1c Fix #3004 - reset property types inside a closure defined in a class
• c986cdf Allow edge-case of by-reference assignment with unitiliazed property
• a7affbe Add \Error stub (#3002)
• dd9924e Fix Generator::throw return type (#3001)
• e557933 Add explanation for MixedMethodCall
• e6a0fe0 Add a better description to PossiblyInvalidArgument
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

If all status checks pass Dependabot will automatically merge this pull request.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in the .dependabot/config.yml file in this repo:

• Update frequency
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[dependabot-preview]

The following labels could not be found: dependency.

[codecov]

Codecov Report

Merging #179 into master will not change coverage by %.
The diff coverage is n/a.

@@           Coverage Diff            @@
##             master    #179   +/-   ##
========================================
  Coverage      8.57%   8.57%           
  Complexity       77      77           
========================================
  Files            12      12           
  Lines           338     338           
========================================
  Hits             29      29           
  Misses          309     309           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e2637e5...70fc887. Read the comment docs.

[dependabot-preview]

One of your CI runs failed on this pull request, so Dependabot won't merge it.

• Static Code Analysis (7.4, locked)

Dependabot will still automatically merge this pull request if you amend it and your tests pass.

[dependabot-preview]

Superseded by #192.