build(deps-dev): bump carthage-software/mago from 1.2.2 to 1.3.0

[dependabot]

Bumps carthage-software/mago from 1.2.2 to 1.3.0.

Release notes

Sourced from carthage-software/mago's releases.

Mago 1.3.0

This release comes with significant performance improvements, bug fixes addressing false positives, and new formatter options. A massive thank you to everyone who reported issues and contributed!

✨ Features

Formatter

• always-next-line brace style: New always-next-line value for brace style options (method-brace-style, function-brace-style, closure-brace-style, classlike-brace-style, control-brace-style) that always places the opening brace on the next line, even for multiline signatures (#897)
• Drupal preset: Add Drupal coding standards preset (#905) by @​klausi

⚡ Performance

This release includes substantial performance optimizations:

• Reduced lock contention: Optimize empty atom handling to reduce lock contention (#956) by @​dotdash
• Faster lexer/parser: Reduce allocations in lexer and parser for faster parsing
• Optimized clause lookups: Use AtomSet instead of Vec for clause key lookups
• Template type improvements: Remove template_types clone and use HashMap for bounds
• Algebra optimizations: Use index-based tracking to avoid expensive clause cloning
• Faster context cloning: Use AtomMap and ControlActionSet bitfield for faster block context cloning
• Type combination thresholds: Add literal type combination thresholds to prevent O(n²) complexity (#939, #940)
• HashMap for constants: Use HashMap instead of IndexMap for constants and enum_cases where ordering is not required
• Deterministic method resolution: Use IndexMap for overridden_method_ids to ensure deterministic ordering (#907)

🐛 Bug Fixes

Analyzer

• Static return type resolution: Resolve static return types correctly in method chains across inheritance (#880, #949, #964)
• Docblock inheritance: Prevent incorrect docblock inheritance when child class narrows return type (#960, #962)
• Unused method false positives: Skip trait-overriding methods in unused method check (#945)
• Unused property false positives: Skip non-private overridden properties in unused property check (#941, #943)
• Type narrowing for mixed arrays: Preserve type narrowing for array elements when base type is mixed (#946, #947)
• Nested isset narrowing: Handle nested array access in isset() type narrowing (#900)
• defined()/function_exists() assertions: Propagate assertions through && operator (#912)
• Anonymous class constructors: Validate anonymous class constructor arguments (#958)
• Callable parameter inference: Make callable parameter type inference order-independent
• Never to string cast: Allow casting never to string
• Combiner thresholds: Use user-configured combiner thresholds instead of defaults

Formatter

• Pint preset accuracy: Update Pint preset to match actual Pint formatting (#920)

CLI

• NO_COLOR support: Respect NO_COLOR environment variable and --colors never flag globally across all output (#922)
• Baseline fix filtering: Filter out baseline issues before applying fixes (#910)

... (truncated)

Commits

• 5dc25ee chore: release 1.3.0
• 0a828fc refactor(codex): migrate template types from Vec to IndexMap with GenericTemp...
• 31314f3 perf(codex): use HashMap for constants and enum_cases where ordering is not r...
• 6479208 fix(codex): use IndexMap for overridden_method_ids to ensure deterministic me...
• 067869d fix(analyzer): use user-configured combiner thresholds instead of defaults
• b199ecf perf(analyzer): add literal type combination thresholds to prevent O(n²) comp...
• c1f7a6b fix(analyzer): allow casting never to string
• f83ab05 fix(formatter): update pint preset to match pint
• 978befb feat(formatter): add brace style option for consistent brace placement
• 287a743 fix(analyzer): handle nested array access in isset type narrowing
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}