upgrades core to php 8.3.29 including all php_win extensions

[N6REJ]

User description

We should do extensive testing on this since the php core version is critical throughout the application.

---

PR Type

Enhancement

---

Description

• Upgrades PHP core from 8.2.29 to 8.3.29

• Updates all PHP Windows extensions and dependencies

• Removes deprecated assert configuration options

• Adds new session and zend assertion configuration directives

---

Diagram Walkthrough

flowchart LR
  A["PHP 8.2.29"] -- "upgrade" --> B["PHP 8.3.29"]
  B -- "includes" --> C["Updated php_win extensions"]
  B -- "includes" --> D["ICU 72 libraries"]
  E["php.ini files"] -- "configuration updates" --> F["New directives added"]
  E -- "deprecated options removed" --> G["assert.* options removed"]

Loading

File Walkthrough

	Relevant files
Enhancement	pharcommand.phar Regenerated phar archive for PHP 8.3.29                                    core/libs/php/pharcommand.phar Updated phar archive with PHP 8.3.29 build Fixed typo: "serialized from" to "serialized form" Updated internal version hash identifier Binary content regenerated with new PHP version [link]    snapshot.txt Updated build snapshot for PHP 8.3.29                                        core/libs/php/snapshot.txt Updated version from 8.2.29 to 8.3.29 Updated build timestamp and path Upgraded ICU libraries from version 71 to 72 Updated module dependency information for intl extension +13/-13
Configuration changes	php.ini-development Updated configuration directives and removed deprecated options core/libs/php/php.ini-development Added session.sid_length configuration directive documentation Added zend.assertions configuration directive documentation Removed deprecated assert.active, assert.exception, assert.warning, assert.bail, and assert.callback options Updated assertion configuration comments with clearer guidance +12/-25  php.ini-production Updated configuration directives and removed deprecated options core/libs/php/php.ini-production Added session.sid_length configuration directive documentation Added zend.assertions configuration directive documentation Removed deprecated assert.active, assert.exception, assert.warning, assert.bail, and assert.callback options Updated assertion configuration comments with clearer guidance +12/-25
Dependencies	php8embed.lib Updated PHP 8.3 embed library                                                        core/libs/php/php8embed.lib Binary library file updated for PHP 8.3.29 [link]    php8ts.lib Updated PHP 8.3 thread-safe library                                            core/libs/php/dev/php8ts.lib Binary library file updated for PHP 8.3.29 [link]
Documentation	news.txt Updated PHP release notes                                                                core/libs/php/news.txt Updated release notes and changelog for PHP 8.3.29 +1999/-1894 README.md Updated README for PHP 8.3.29                                                        core/libs/php/README.md Updated documentation to reflect PHP 8.3.29 version +0/-1

---

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
High-level	This major version upgrade lacks impact analysis The suggestion recommends adding a comprehensive impact analysis to the PR for the PHP 8.2 to 8.3 upgrade. This analysis should detail backward compatibility breaks, deprecated features, and other significant changes to ensure a smooth transition. Examples: core/libs/php/news.txt [1-2567] PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 18 Dec 2025, PHP 8.3.29 - Core: . Sync all boost.context files with release 1.86.0. (mvorisek) . Fixed bug GH-20435 (SensitiveParameter doesn't work for named argument passing to variadic parameter). (ndossche) . Fixed bug GH-20286 (use-after-destroy during userland stream_close()). (ndossche, David Carlier) ... (clipped 2557 lines) core/libs/php/php.ini-development [1598-1607] ; -1: Do not compile at all ; 0: Jump over assertion at run-time ; 1: Execute assertions ; Changing from or to a negative value is only possible in php.ini! ; (For turning assertions on and off at run-time, toggle zend.assertions between the values 1 and 0) ; Default Value: 1 ; Development Value: 1 ; Production Value: -1 ; https://php.net/zend.assertions zend.assertions = 1 Solution Walkthrough: Before: PR Description: ### Description - Upgrades PHP core from 8.2.29 to 8.3.29 - Updates all PHP Windows extensions and dependencies - Removes deprecated assert configuration options - Adds new session and zend assertion configuration directives ### User description We should do extensive testing on this since the php core version is critical throughout the application. After: PR Description: ### Description - Upgrades PHP core from 8.2.29 to 8.3.29 ... ### Impact Analysis & Breaking Changes (PHP 8.2 -> 8.3) - **Deprecated Features Removed:** - `assert.*` ini directives are removed. Code relying on these must be updated to use `zend.assertions`. - **Function Signature Changes:** - `unserialize()` now emits `E_WARNING` for trailing bytes. - ... (other relevant changes) - **New Features/Exceptions:** - `json_validate()` function added. - New Date/Time exceptions are thrown instead of warnings. - **Potential Impact on Codebase:** - All calls to `assert()` might behave differently. - All `unserialize()` calls need to be checked for robustness. - ... Suggestion importance[1-10]: 9 __ Why: The suggestion correctly identifies the high risk of a PHP version upgrade and the need for a formal impact analysis, which is a critical step missing from the PR description to ensure application stability.	High
More