Chore(deps-dev): Update phpunit/phpunit requirement from ~9 to ~12 in /tests/integration

[dependabot]

Updates the requirements on phpunit/phpunit to permit the latest version.

Release notes

Sourced from phpunit/phpunit's releases.

PHPUnit 12.2.7

Fixed

• #6254: defects,randomconfiguration is supported by implementation, but it is not allowed by the XML configuration file schema
• #6259: Order of tests which use data from data providers is not affected by test sorting
• #6266: Superfluous whitespace in TestDox output when test method name has a number after the test prefix

---

How to install or update PHPUnit

Changelog

Sourced from phpunit/phpunit's changelog.

[12.2.7] - 2025-07-11

Fixed

• #6254: defects,randomconfiguration is supported by implementation, but it is not allowed by the XML configuration file schema
• #6259: Order of tests which use data from data providers is not affected by test sorting
• #6266: Superfluous whitespace in TestDox output when test method name has a number after the test prefix

[12.2.6] - 2025-07-04

Fixed

• #6104: Test with dependencies and data provider fails
• #6163: @no-named-arguments leads to static analysis errors for variadic arguments

[12.2.5] - 2025-06-27

Fixed

• #6249: No meaningful error when <testsuite> element is missing required name attribute

[12.2.4] - 2025-06-26

Changed

• Including information about the Git repository (such as the commit hash and branch name) in the Open Test Reporting XML format is now an opt-in feature that can be enabled via the --include-git-information CLI option or the includeGitInformation attribute in the XML configuration file

Fixed

• If Git information is included in the Open Test Reporting XML format (see above), any credentials that may be configured as part the remote.origin.url setting in Git were written to the originUrl attribute of <git:repository> elements. For example, when cloning a GitHub repository using a URL like https://username:password@github.com/organization/repository.git both username and password were included in the XML report. Since this report may be shared, published, or archived (for example, on a CI server) while including this information, this was reported as a potential security vulnerability (CVE-2025-53103). Any credentials are now removed before writing them to the XML report.

[12.2.3] - 2025-06-20

Added

• #6236: failOnPhpunitWarning attribute on the <phpunit> element of the XML configuration file and --fail-on-phpunit-warning CLI option for controlling whether PHPUnit should fail on PHPUnit warnings (default: true)
• #6239: --do-not-fail-on-deprecation, --do-not-fail-on-phpunit-warning, --do-not-fail-on-phpunit-deprecation, --do-not-fail-on-empty-test-suite, --do-not-fail-on-incomplete, --do-not-fail-on-notice, --do-not-fail-on-risky, --do-not-fail-on-skipped, and --do-not-fail-on-warning CLI options
• --do-not-report-useless-tests CLI option as a replacement for --dont-report-useless-tests

Deprecated

• #6240: --dont-report-useless-tests CLI option (use --do-not-report-useless-tests instead)

Fixed

• #6243: Constraints cannot be implemented without using internal class ExpectationFailedException

[12.2.2] - 2025-06-13

Fixed

... (truncated)

Commits

• 8b1348b Prepare release
• 39f739a Merge branch '11.5' into 12.2
• 446d438 Prepare release
• 26e3b10 Merge branch '10.5' into 11.5
• 6e0a2bc Prepare release
• 64dea84 Merge branch '11.5' into 12.2
• 7587997 Closes #6266
• 4acdb58 Merge branch '11.5' into 12.2
• de5d027 Merge branch '10.5' into 11.5
• f5133b2 Merge branch '9.6' into 10.5
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Reviewers

The following users could not be added as reviewers: juliushaertl. Either the username does not exist or it does not have the correct permissions to be added as a reviewer.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

The reviewers field in the dependabot.yml file will be removed soon. Please use the code owners file to specify reviewers for Dependabot PRs. For more information, see this blog post.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.