chore(deps-dev): Bump squizlabs/php_codesniffer from 3.4.2 to 3.5.4

[dependabot-preview]

Bumps squizlabs/php_codesniffer from 3.4.2 to 3.5.4.

Release notes

Sourced from squizlabs/php_codesniffer's releases.

3.5.4

• The PHP 7.4 numeric separator backfill now works correctly for more float formats
  • Thanks to Juliette Reinders Folmer for the patch
• The PHP 7.4 numeric separator backfill is no longer run on PHP version 7.4.0 or greater
• File::getCondition() now accepts a 3rd argument that allows for the closest matching token to be returned
  • By default, it continues to return the first matched token found from the top of the file
• Fixed detection of array return types for arrow functions
• Added Generic.PHP.DisallowRequestSuperglobal to ban the use of the $_REQUEST superglobal
  • Thanks to Morerice for the contribution
• Generic.ControlStructures.InlineControlStructure no longer shows errors for while and for statements without a body
  • Previously it required these to have curly braces, but there were no statements to enclose in them
  • Thanks to Juliette Reinders Folmer for the patch
• PSR12.ControlStructures.BooleanOperatorPlacement can now be configured to enforce a specific operator position
  • By default, the sniff ensures that operators are all at the beginning or end of lines, but not a mix of both
  • Set the allowOnly property to first to enforce all boolean operators to be at the start of a line
  • Set the allowOnly property to last to enforce all boolean operators to be at the end of a line
  • Thanks to Vincent Langlet for the patch
• PSR12.Files.ImportStatement now auto-fixes import statements by removing the leading slash
  • Thanks to Michał Bundyra for the patch
• Squiz.ControlStructures.ForLoopDeclaration now has a setting to ignore newline characters
  • Default remains FALSE, so newlines are not allowed within for definitions
  • Override the ignoreNewlines setting in a ruleset.xml file to change
• Squiz.PHP.InnerFunctions now handles multiple nested anon classes correctly
• Fixed bug #2497 : Sniff properties not set when referencing a sniff using relative paths or non-native slashes
  • Thanks to Juliette Reinders Folmer for the patch
• Fixed bug #2657 : Squiz.WhiteSpace.FunctionSpacing can remove spaces between comment and first/last method during auto-fixing
  • Thanks to Juliette Reinders Folmer for the patch
• Fixed bug #2688 : Case statements not tokenized correctly when switch is contained within ternary
• Fixed bug #2698 : PHPCS throws errors determining auto report width when shell_exec is disabled
  • Thanks to Matthew Peveler for the patch
• Fixed bug #2730 : PSR12.ControlStructures.ControlStructureSpacing does not ignore comments between conditions
  • Thanks to Juliette Reinders Folmer for the patch
• Fixed bug #2732 : PSR12.Files.FileHeader misidentifies file header in mixed content file
• Fixed bug #2745 : AbstractArraySniff wrong indices when mixed coalesce and ternary values
  • Thanks to Michał Bundyra for the patch
• Fixed bug #2748 : Wrong end of statement for fn closures
  • Thanks to Michał Bundyra for the patch
• Fixed bug #2751 : Autoload relative paths first to avoid confusion with files from the global include path
  • Thanks to Klaus Purer for the patch
• Fixed bug #2763 : PSR12 standard reports errors for multi-line FOR definitions
• Fixed bug #2768 : Generic.Files.LineLength false positive for non-breakable strings at exactly the soft limit
  • Thanks to Alex Miles for the patch
• Fixed bug #2773 : PSR2.Methods.FunctionCallSignature false positive when arrow function has array return type
• Fixed bug #2790 : PSR12.Traits.UseDeclaration ignores block comments
  • Thanks to Vincent Langlet for the patch
• Fixed bug #2791 : PSR12.Functions.NullableTypeDeclaration false positive when ternary operator used with instanceof
  • Thanks to Juliette Reinders Folmer for the patch
• Fixed bug #2802 : Can't specify a report file path using the tilde shortcut
• Fixed bug #2804 : PHP4-style typed properties not tokenized correctly
  • Thanks to Juliette Reinders Folmer for the patch

... (truncated)

Commits

• dceec07 Prepare for 3.5.4 release
• 91fa3b6 Skip tests when running in a PEAR install due to file path differences
• 86712a1 Added cspell config
• 428be2c Changelog for #2805
• 0874e3b Merge branch 'feature/tokenizer-bug-php-74-arrow-functions' of https://github...
• f8a1cbb Changelog for #2827 (ref #2822)
• 1141cb8 Merge branch 'feature/2822-generic-inlinecontrolstructures-bug-fix' of https:...
• 952426c Fixed spelling in comment
• 85e7612 Changelog for #2843
• 979cad3 Merge branch 'feature/tokenizer-declare-alternative-syntax' of https://github...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)