Update vimeo/psalm requirement from ^4.18 to ^5.0

[dependabot[bot]]

Updates the requirements on vimeo/psalm to permit the latest version.

Release notes

Sourced from vimeo/psalm's releases.

Psalm 5

Welcome to Psalm 5!

There's an accompanying post on psalm.dev, written by @​muglug & the current maintainers of Psalm.

• read in English
• read in Ukrainian (translated by @​weirdan)
• read in French (translated by @​orklah)
• read in Italian (translated by @​danog)

What's Changed

Removed

• Php version consistency by @​orklah in vimeo/psalm#6898
• Removed TEmpty by @​orklah in vimeo/psalm#6662
• remove support for allowPhpstormGenerics by @​orklah in vimeo/psalm#6705
• remove exitFunctions for Psalm5 by @​orklah in vimeo/psalm#6808
• Drop legacy procedural files by @​weirdan in vimeo/psalm#7270
• Dropped removed config entries by @​weirdan in vimeo/psalm#7272
• Dropped legacy plugin API by @​weirdan in vimeo/psalm#7275
• Dropped deprecated CodeIssue methods by @​weirdan in vimeo/psalm#7276
• Dropped deprecated DocComment methods by @​weirdan in vimeo/psalm#7278
• Dropped THtmlEscapedString by @​weirdan in vimeo/psalm#7285
• Drop orphaned token by @​weirdan in vimeo/psalm#7290
• Bump PHP version to 7.4 by @​weirdan in vimeo/psalm#7291
• Remove forbidEcho by @​orklah in vimeo/psalm#7420
• remove TPositiveInt by @​orklah in vimeo/psalm#7473
• Lock event classes by @​weirdan in vimeo/psalm#7491
• [TASK] Add AfterFunctionLikeAnalysisEvent::getFunctionlikeStorage by @​ohader in vimeo/psalm#7526
• Finalize (and internalize) more classes by @​weirdan in vimeo/psalm#7578
• Finalize issues by @​weirdan in vimeo/psalm#7595
• Finalize storages by @​weirdan in vimeo/psalm#7597
• Finalize virtual nodes by @​weirdan in vimeo/psalm#7598
• Finalize types nodes by @​weirdan in vimeo/psalm#7623
• remove totallyTyped by @​orklah in vimeo/psalm#7651

Features

• Support PHPStan notation for empty-arrays by @​orklah in vimeo/psalm#7312
• Try to provide literal int types when possible (fixes #6966) by @​ricardoboss in vimeo/psalm#7071
• Allow config to define thread count by @​M1ke in vimeo/psalm#7442
• Contextual type inference for high order function arg by @​klimick in vimeo/psalm#7417
• feat: Handle native intersection types by @​petewalker in vimeo/psalm#7454
• improve support for enum_exists by @​orklah in vimeo/psalm#7404
• Support type annotations for class consts (fixes #942). by @​AndrolGenhald in vimeo/psalm#7123
• Improve class constant static analysis by @​AndrolGenhald in vimeo/psalm#7154
• Add support for references and improve UnusedVariable checks (fixes #7254). by @​AndrolGenhald in vimeo/psalm#7339
• InternalTaintSinkMap: Add getimagesize as SSRF sink by @​mal-tee in vimeo/psalm#7504
• Enable extensions based on composer.json instead of those loaded at runtime (fixes #5482). by @​AndrolGenhald in vimeo/psalm#7107
• Dynamic function storage provider by @​klimick in vimeo/psalm#7471
• ❗Allow plugins to modify Config::$fileExtensions early by @​ohader in vimeo/psalm#6789
• [FEATURE] Introduce BeforeStatementAnalysisEvent by @​ohader in vimeo/psalm#7535
• [FEATURE] Allow to intercept adding issue in IssueBuffer by @​ohader in vimeo/psalm#7530

... (truncated)

Commits

• 4e177bf Merge pull request #8790 from malarzm/patch-1
• 7877570 Remove CallMapTest.php from Psalm self-analysis
• 28188d1 Remove unfinished sentence
• 6fff6df Merge pull request #8788 from weirdan/fix-xml-report-crashes-on-8.1
• 874eb7d Fix crashes when XML report is used on PHP 8.1
• 9d597cf Merge pull request #8782 from weirdan/check-runtime-requirements
• 94dac9f Merge pull request #8783 from weirdan/bump-slevomat-coding-standard
• ed36f2c Bump slevomat/coding-standard
• 8fa35c2 Variables should outlive namespaces (#8779)
• 05b8e0e Replace all references to static variables when moving class (#8780)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)