composer: update friendsofphp/php-cs-fixer requirement from ^3.89 to ^3.91

[dependabot]

Updates the requirements on friendsofphp/php-cs-fixer to permit the latest version.

Release notes

Sourced from friendsofphp/php-cs-fixer's releases.

v3.91.1 Folding Bike

What's Changed

• refactor: memoize fixer names by @​mlocati in PHP-CS-Fixer/PHP-CS-Fixer#9219
• refactor: don't expose internal commands/rules by @​keradus in PHP-CS-Fixer/PHP-CS-Fixer#9245
• test: show that describe command works well for custom sets by @​keradus in PHP-CS-Fixer/PHP-CS-Fixer#9246
• refactor: use custom set for internal rules by @​keradus in PHP-CS-Fixer/PHP-CS-Fixer#9247
• docs: unify rule/ruleset doc tags by @​keradus in PHP-CS-Fixer/PHP-CS-Fixer#9250
• UX: show warning on PHP-mismatch only for 'fix' and 'check' commands by @​keradus in PHP-CS-Fixer/PHP-CS-Fixer#9243

Full Changelog: PHP-CS-Fixer/PHP-CS-Fixer@v3.91.0...v3.91.1

Changelog

Sourced from friendsofphp/php-cs-fixer's changelog.

Changelog for v3.91.1

• UX: show warning on PHP-mismatch only for 'fix' and 'check' commands (#9243)
• docs: unify rule/ruleset doc tags (#9250)
• refactor: don't expose internal commands/rules (#9245)
• refactor: memoize fixer names (#9219)
• refactor: use custom set for internal rules (#9247)
• test: show that describe command works well for custom sets (#9246)

Changelog for v3.91.0

• UX: init command (#9215)
• feat: PHP 8.5 compatibility support (#9234)
• feat: Add StringableForToStringFixer (#9218)
• feat: support call-site generic variance (#9212)
• feat: Symfony - add stringable_for_to_string to set (#9235)
• chore: do not mark NamespaceAnalysis as internal, because it's part of public API interface (#9193)
• chore: ExampleRuleset - improve test fixture name (#9214)
• chore: traits - require interfaces or base classes (#9086)
• CI: Add PHPStan rule to validate public API surface completeness (#9196)
• CI: auto-select PHP_MAX for special jobs (#9231)
• CI: drop duplicated PHP 8.4 jobs (#9229)
• CI: fix SCA after Symfony 7.4.0 release (#9226)
• CI: no more need for solving PHP 8.4 deprecations in /vendor/ anymore (#9230)
• CI: switch trivial jobs to ubuntu-slim (#9232)
• CI: upgrade .php-cs-fixer.php-highest.php to fully reflect PHP 8.4 (#9233)
• deps: bump actions/checkout from 5 to 6 (#9210)
• deps: bump crate-ci/typos from 1.39.2 to 1.40.0 (#9237)
• deps: bump shipmonk/composer-dependency-analyser from 1.8.3 to 1.8.4 in /dev-tools (#9238)
• deps: bump shipmonk/dead-code-detector from 0.13.5 to 0.14.0 in /dev-tools (#9239)
• deps: bump Symfony v8 to RC (#9221)
• deps: bump Symfony v8 to stable (#9222)
• deps: update xdebug (#9228)
• fix: move config template to non-excluded folder (#9241)
• fix: DeclareStrictTypesFixer - do not duplicate strict_types if it is already present, with other directive (#9225)
• fix: FullyQualifiedStrictTypesFixer - fix crash on T_OPEN_TAG_WITH_ECHO (#9217)
• test: allow CI to define both, numeric and non-numeric PHP versions/builds (#9236)
• test: do not allow to fail PHP 8.5 job (#9224)
• test: let's not dance on the edge of the JIT stack limit (#9211)
• test: run smoke tests on any OS (#9242)
• tests: update PHP 8.5 compatibility test (#9223)

Changelog for v3.90.0

• feat: always have @PHPXxYMigration(:risky) sets for supported PHP versions (#9207)
• feat: Finder to find dot-files by default in v4/future-mode (#9187)
• fix: manage the space between operator and version on Composer JSON reader (#9203)

... (truncated)

Commits

• b075d84 prepared the 3.91.1 release
• 05c1815 UX: show warning on PHP-mismatch only for 'fix' and 'check' commands (#9243)
• ba3a0a9 docs: unify rule/ruleset doc tags (#9250)
• 8556ba3 refactor: use custom set for internal rules (#9247)
• 8cc0eb4 test: show that describe command works well for custom sets (#9246)
• 23af531 refactor: don't expose internal commands/rules (#9245)
• 053d01a refactor: memoize fixer names (#9219)
• a1846ee bumped version
• c4a25f2 prepared the 3.91.0 release
• 5454b7a test: run smoke tests on any OS (#9242)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}