Bump the composer-production-dependencies group across 1 directory with 6 updates

[dependabot]

Updates the requirements on monolog/monolog, open-telemetry/api, open-telemetry/sdk, open-telemetry/exporter-otlp, slim/psr7 and slim/slim to permit the latest version.
Updates monolog/monolog to 3.10.0

Release notes

Sourced from monolog/monolog's releases.

3.10.0

• Added automatic directory cleanup in RotatingFileHandler (#2000)
• Added timezone-aware file rotation to RotatingFileHandler (#1982)
• Added support for mongodb/mongodb 2.0+ (#1998)
• Added NoDiscard attribute to TestHandler methods to ensure the result is used (#2013)
• Fixed JsonFormatter crashing if __toString throws while normalizing data (#1968)
• Fixed PHP 8.5 deprecation warnings (#1997, #2009)
• Fixed DeduplicatingHandler collecting duplicate logs if the file cannot be locked (2e97231)
• Fixed GelfMessageFormatter to use integers instead of bool for gelf 1.1 support (#1973)
• Fixed empty stack traces being output anyway (#1979)
• Fixed StreamHandler not reopening the file if the inode changed (#1963)
• Fixed TelegramBotHandler sending empty messages (#1992)
• Fixed file paths in stack traces containing backslashes on windows, always using / now to unify logs (#1980)
• Fixed RotatingFileHandler unlink errors not being suppressed correctly (#1999)

Full Changelog: Seldaek/monolog@3.9.0...3.10.0

Changelog

Sourced from monolog/monolog's changelog.

3.10.0 (2026-01-02)

• Added automatic directory cleanup in RotatingFileHandler (#2000)
• Added timezone-aware file rotation to RotatingFileHandler (#1982)
• Added support for mongodb/mongodb 2.0+ (#1998)
• Added NoDiscard attribute to TestHandler methods to ensure the result is used (#2013)
• Fixed JsonFormatter crashing if __toString throws while normalizing data (#1968)
• Fixed PHP 8.5 deprecation warnings (#1997, #2009)
• Fixed DeduplicatingHandler collecting duplicate logs if the file cannot be locked (2e97231)
• Fixed GelfMessageFormatter to use integers instead of bool for gelf 1.1 support (#1973)
• Fixed empty stack traces being output anyway (#1979)
• Fixed StreamHandler not reopening the file if the inode changed (#1963)
• Fixed TelegramBotHandler sending empty messages (#1992)
• Fixed file paths in stack traces containing backslashes on windows, always using / now to unify logs (#1980)
• Fixed RotatingFileHandler unlink errors not being suppressed correctly (#1999)

3.9.0 (2025-03-24)

• BC Warning: Fixed SendGridHandler to use the V3 API as V2 is now shut down, but this requires a new API key (#1952)
• Deprecated Monolog\Test\TestCase in favor of Monolog\Test\MonologTestCase (#1953)
• Added extension point for NativeMailerHandler::mail (#1948)
• Added setHandler method to BufferHandler to modify the nested handler at runtime (#1946)
• Fixed date format in ElasticsearchFormatter to use +00:00 vs +0000 tz identifiers (#1942)
• Fixed GelfMessageFormatter handling numeric context/extra keys (#1932)

3.8.1 (2024-12-05)

• Deprecated Monolog\DateTimeImmutable in favor of Monolog\JsonSerializableDateTimeImmutable (#1928)
• Fixed gelf keys not being valid when context/extra data keys have spaces in them (#1927)
• Fixed empty lines appearing in the stack traces when a custom formatter returned null (#1925)

3.8.0 (2024-11-12)

• Added $fileOpenMode param to StreamHandler to define a custom fopen mode to open the log file (#1913)
• Fixed PHP 8.4 deprecation notices (#1903)
• Added ability to extend/override IntrospectionProcessor (#1899)
• Added $timeout param to ProcessHandler to configure the stream_select() timeout to avoid blocking too long (default is 1.0 sec) (#1916)
• Fixed JsonFormatter batch handling to normalize records individually to make sure they look the same as if they were handled one by one (#1906)
• Fixed StreamHandler handling of write failures so that it now closes/reopens the stream and retries the write once before failing (#1882)
• Fixed StreamHandler error handler causing issues if a stream handler triggers an error (#1866)
• Fixed StreamHandler::reset not closing the stream, so that it would fail to write in some cases with long running processes (#1862)
• Fixed RotatingFileHandler issue where rotation does not happen in some long running processes (#1905)
• Fixed JsonFormatter handling of incomplete classes (#1834)
• Fixed RotatingFileHandler bug where rotation could sometimes not happen correctly (#1905)

3.7.0 (2024-06-28)

• Added NormalizerFormatter->setBasePath(...) (and JsonFormatter by extension) that allows removing the project's path from the stack trace output (47e301d3e)
• Fixed JsonFormatter handling of incomplete classes (#1834)
• Fixed private error handlers causing problems with custom StreamHandler implementations (#1866)

... (truncated)

Commits

• b321dd6 Update changelog
• 3715fcc Bump actions/checkout from 6.0.0 to 6.0.1 (#2014)
• edf9cb6 Add NoDiscard attr, fixes #2012 (#2013)
• 5991e41 Fix build
• 0219dfd Bump ramsey/composer-install from 3.1.0 to 3.1.1 (#1971)
• 05c6b18 Fix json formatter does not catch to string exceptions (#1968)
• daa0aca Remove deprecated curl_close() calls for PHP 8.5 compatibility (#2009)
• 5bb7f31 Bump supercharge/mongodb-github-action from 1.12.0 to 1.12.1 (#2008)
• ed9fb78 Update baseline
• 43b79d1 Bump shivammathur/setup-php from 2.35.5 to 2.36.0 (#2007)
• Additional commits viewable in compare view

Updates open-telemetry/api to 1.7.1

Release notes

Sourced from open-telemetry/api's releases.

Release 1.7.1

What's Changed:

• Propagate Trace Context Level 2 random flag by @​Nevay in 1731
• Chore: fix docs url by @​pieterocp in 1730
• Make ResourceInfo available to component providers by @​Nevay in 1729

Full Changelog: opentelemetry-php/api@1.7.0...1.7.1

Commits

• 45bda7e Propagate Trace Context Level 2 random flag (#1731)
• 1121c04 Chore: fix docs url (#1730)
• 63d4d9c Make ResourceInfo available to component providers (#1729)
• See full diff in compare view

Updates open-telemetry/sdk to 1.10.0

Release notes

Sourced from open-telemetry/sdk's releases.

Release 1.10.0

What's Changed:

• feat: Implement onEnding interface of Span Processor in Trace SDK by @​jerrytfleung in 1785
• chore: Added comments to the duplicate event.name code in EventLogger by @​jerrytfleung in 1768
• fixing psalm and rector complaints by @​brettmc in 1732
• Propagate Trace Context Level 2 random flag by @​Nevay in 1731
• Chore: fix docs url by @​pieterocp in 1730

Full Changelog: opentelemetry-php/sdk@1.9.0...1.10.0

Commits

• 3dfc3d1 feat: Implement onEnding interface of Span Processor in Trace SDK (#1785)
• 36df650 chore: Added comments to the duplicate event.name code in EventLogger (#1768)
• 3e83c49 fixing psalm and rector complaints (#1732)
• 89b7166 Propagate Trace Context Level 2 random flag (#1731)
• 8a12f92 Chore: fix docs url (#1730)
• See full diff in compare view

Updates open-telemetry/exporter-otlp to 1.3.3

Release notes

Sourced from open-telemetry/exporter-otlp's releases.

Release 1.3.3

What's Changed:

• fix: send min and max histogram data by @​rachelyangdog in 1766
• Chore: fix docs url by @​pieterocp in 1730
• fixing CI complaints by @​brettmc in 1666

Full Changelog: opentelemetry-php/exporter-otlp@1.3.2...1.3.3

Commits

• 07b02bc fix: send min and max histogram data (#1766)
• 68eecd5 Chore: fix docs url (#1730)
• ddf9287 fixing CI complaints (#1666)
• See full diff in compare view

Updates slim/psr7 to 1.8.0

Release notes

Sourced from slim/psr7's releases.

1.8.0

What's Changed

• Update squizlabs/php_codesniffer requirement from ^3.10 to ^3.13 by @​dependabot[bot] in slimphp/Slim-Psr7#330
• Update symfony/polyfill-php80 requirement from ^1.29 to ^1.32 by @​dependabot[bot] in slimphp/Slim-Psr7#331
• Update phpspec/prophecy requirement from ^1.19 to ^1.22 by @​dependabot[bot] in slimphp/Slim-Psr7#332
• Update composer dependencies and CI workflow by @​akrabat in slimphp/Slim-Psr7#334
• Add missing PHPUnit PHP annotations by @​williamdes in slimphp/Slim-Psr7#337
• Support PHP 8.5 by @​akrabat in slimphp/Slim-Psr7#340
• Update php-http/psr7-integration-tests requirement from ^1.4 to ^1.5 by @​dependabot[bot] in slimphp/Slim-Psr7#341
• Correct cookie expiration date format by @​adammeyer in slimphp/Slim-Psr7#336

New Contributors

• @​adammeyer made their first contribution in slimphp/Slim-Psr7#336

Full Changelog: slimphp/Slim-Psr7@1.7.1...1.8.0

Commits

• 76e7e3b Correct cookie expiration date format (#336)
• 3b2fb2a Merge pull request #341 from slimphp/dependabot/composer/php-http/psr7-integr...
• 652c019 Update php-http/psr7-integration-tests requirement from ^1.4 to ^1.5
• 11ccdc9 Support PHP 8.5 (#340)
• cce9c0d Merge pull request #337 from williamdes/phpunit-12
• 3724f06 Add missing PHPUnit annotations
• 80aa3e1 Merge pull request #334 from akrabat/update-composer-dependencies
• 5b0886f Run analysis on PHP 8.4 in CI
• 054c5e9 Remove symfony/ppolyfill-php80
• a10f2b0 Update adriansuter/php-autoload-override constraints
• Additional commits viewable in compare view

Updates slim/slim to 4.15.1

Release notes

Sourced from slim/slim's releases.

4.15.1

Fixed

• Allow PHPUnit 10, 11 and 12 when testing Slim itself (#3411)

Added

• Add support for PHP 8.5 (#3415)

Full Changelog: slimphp/Slim@4.15.0...4.15.1

Changelog

Sourced from slim/slim's changelog.

4.15.1 - 2025-11-21

Fixed

• Allow PHPUnit 10, 11 and 12 when testing Slim itself (#3411)

Added

• Add support for PHP 8.5 (#3415)

Full Changelog: slimphp/Slim@4.15.0...4.15.1

4.15.0 - 2025-08-24

Fixed

• Fix DocBlocks for callable route handlers (#3389)
• Change class keyword to lowercase (#3346)
• Fix tests for PHP 8.3
• Fixes the build status badge in Readme (#3331)
• Fix text and eol attributes for * selector in .gitattributes (#3391)
• Deprecate setArgument/s (#3383)

Added

• Add support for PHP 8.4
• Add phpstan v2

Changed

• Update http urls in composer.json (#3399)

Full Changelog: slimphp/Slim@4.14.0...4.15.0

4.14.0 - 2024-06-13

Changed

• Do not HTML entity encode in PlainTextErrorRenderer by @​akrabat in slimphp/Slim#3319
• Only render tip to error log if plain text renderer is used by @​akrabat in slimphp/Slim#3321
• Add template generics for PSR-11 implementations in PHPStan and Psalm by @​limarkxx in slimphp/Slim#3322
• Update squizlabs/php_codesniffer requirement from ^3.9 to ^3.10 by @​dependabot in slimphp/Slim#3324
• Update phpstan/phpstan requirement from ^1.10 to ^1.11 by @​dependabot in slimphp/Slim#3325
• Update psr/http-factory requirement from ^1.0 to ^1.1 by @​dependabot in slimphp/Slim#3326

Type hinting with template generics

With the introduction of template generics, if you type-hint Slim\App instance variable using /** @var \Slim\App $app */, then you will need to change it to either:

• /** @var \Slim\App<null> $app */ if you are not using a DI container, or

... (truncated)

Commits

• 8878935 Merge pull request #3416 from akrabat/update-to-4.15.1
• f0ed67f Use Composer v2.8 in CI
• 612267e Update version to 4.15.1
• 1c75bcc Merge pull request #3415 from akrabat/support-php8.5
• e1fa9aa Add PHP 8.5 to composer.json
• c9240bf Fix risky test
• f0f5800 Only call setAccessible() if PHP < 8.1
• 2ece663 Add PHP 8.5 to CI
• 18d0fe0 Merge pull request #3411 from williamdes/phpunit-upgrades
• d2a9975 Do not export MAINTAINERS.md and psalm.xml
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}