chore(deps): bump symfony/security-bundle from 4.4.0 to 4.4.18

[dependabot-preview]

Bumps symfony/security-bundle from 4.4.0 to 4.4.18.

Release notes

Sourced from symfony/security-bundle's releases.

v4.4.18

Changelog (symfony/security-bundle@v4.4.17...v4.4.18)

• no changes

v4.4.17

Changelog (symfony/security-bundle@v4.4.16...v4.4.17)

• bug #38869 inject only compatible token storage implementations for usage tracking (xabbuh)

v4.4.16

Changelog (symfony/security-bundle@v4.4.15...v4.4.16)

• no changes

v4.4.15

Changelog (symfony/security-bundle@v4.4.14...v4.4.15)

• no changes

v4.4.14

Changelog (symfony/security-bundle@v4.4.13...v4.4.14)

• no changes

v4.4.13

Changelog (symfony/security-bundle@v4.4.12...v4.4.13)

• no changes

v4.4.12

Changelog (symfony/security-bundle@v4.4.11...v4.4.12)

• no changes

v4.4.11

Changelog (symfony/security-bundle@v4.4.10...v4.4.11)

• bug #37362 Drop cache.security_expression_language service if invalid (chalasr)

v4.4.10

Changelog (symfony/security-bundle@v4.4.9...v4.4.10)

• no changes

v4.4.9

Changelog (symfony/security-bundle@v4.4.8...v4.4.9)

• no changes

... (truncated)

Changelog

Sourced from symfony/security-bundle's changelog.

CHANGELOG

5.2.0

• Added FirewallListenerFactoryInterface, which can be implemented by security factories to add firewall listeners
• Added SortFirewallListenersPass to make the execution order of firewall listeners configurable by leveraging Symfony\Component\Security\Http\Firewall\FirewallListenerInterface
• Added ability to use comma separated ip address list for security.access_control
• [BC break] Removed EntryPointFactoryInterface, authenticators must now implement AuthenticationEntryPointInterface if they require autoregistration of a Security entry point.

5.1.0

• Added XSD for configuration
• Added security configuration for priority-based access decision strategy
• Marked the AnonymousFactory, FormLoginFactory, FormLoginLdapFactory, GuardAuthenticationFactory, HttpBasicFactory, HttpBasicLdapFactory, JsonLoginFactory, JsonLoginLdapFactory, RememberMeFactory, RemoteUserFactory and X509Factory as @internal
• Renamed method AbstractFactory#createEntryPoint() to AbstractFactory#createDefaultEntryPoint()

5.0.0

• The switch_user.stateless firewall option has been removed.
• Removed the ability to configure encoders using argon2i or bcrypt as algorithm, use auto instead
• The simple_form and simple_preauth authentication listeners have been removed, use Guard instead.
• The SimpleFormFactory and SimplePreAuthenticationFactory classes have been removed, use Guard instead.
• Removed LogoutUrlHelper and SecurityHelper templating helpers, use Twig instead
• Removed the logout_on_user_change firewall option
• Removed the threads encoder option
• Removed the security.authentication.trust_resolver.anonymous_class parameter
• Removed the security.authentication.trust_resolver.rememberme_class parameter
• Removed the security.user.provider.in_memory.user service.

Commits

• 3ca0178 Remove :void in test function signatures
• 9355c98 Remove void return type from test methods
• b3ca345 Apply "visibility_required" CS rule to constants
• 1a843d2 [SecurityBundle] Don't use the container as resource type in fixtures.
• c48bce6 Set constant visibility in tests to private where possible.
• 941a876 bug #38869 [SecurityBundle] inject only compatible token storage implementati...
• 1c5f7ee inject only compatible token storage implementations for usage tracking
• f1739a3 Use short array deconstruction syntax.
• fedaba9 Merge branch '3.4' into 4.4
• 8c23ac7 Remove branch-version (keep them for contracts only)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)