This is only low priority in Ibexa DXP because 1) we use it in dev installs only (which should never be live), 2) we don't expose the vendor folder, and 3) due to higher requirements of other dependencies we don't install the affected phpunit versions in any case. So the main goal of this is just to close a Dependabot warning.
This is only low priority in Ibexa DXP because 1) we use it in dev installs only (which should never be live), 2) we don't expose the vendor folder, and 3) due to higher requirements of other dependencies we don't install the affected phpunit versions in any case. So the main goal of this is just to close a Dependabot warning.