change typehint array -> iterable

* 7.2: (47 commits)
  Remove comment about AppVeyor in `phpunit`
  [Webhook][RemoteEvent] fix SendgridPayloadConverter category support
  Update old Appveyor skip conditions
  sync the Dutch translation file with changes from the 7.2 branch
  [Yaml] fix inline notation with inline comment
  clean up code for doctrine/persistence 2.x
  Generate missing translations using Gemini
  fix(property-info): make sure that SerializerExtractor returns null for invalid class metadata
  add translations for the Slug constraint
  [RemoteEvent][Webhook] fix SendgridRequestParser & SendgridPayloadConverter in case of missing sg_message_id
  [Messenger] Fix `TransportMessageIdStamp` not always added
  [DoctrineBridge] Fix compatibility to Doctrine persistence 2.5 in Doctrine Bridge 6.4 to avoid Projects stuck on 6.3
  [PropertyInfo] Fix add missing composer conflict
  [ErrorHandler] Don't trigger "internal" deprecations for anonymous LazyClosure instances
  [VarDumper] Fix displaying closure's "this" from anonymous classes
  [Doctrine][Messenger] Prevents multiple TransportMessageIdStamp being stored in envelope
  [HttpKernel] Don't override existing LoggerInterface autowiring alias in LoggerPass
  reject inline notations followed by invalid content
  Fix predis command error checking
  [Security] Fix triggering session tracking from ContextListener
  ...

* 7.2: (37 commits)
  fix dumped markup
  improve amqp connection issues
  [Serializer] [ObjectNormalizer] Filter int when using FILTER_BOOL
  Fix #53778
  Issue 59387-2: make check with prefix more robust
  [PropertyInfo] Add missing test
  fix tests
  [Security][Validators] Review translations.
  [validator] Updated Dutch translation
  [FrameworkBundle] Fix wiring ConsoleProfilerListener
  [HttpKernel] Fix link to php doc
  [Lock] Make sure RedisStore will also support Valkey
  [Validator] Update sr_Cyrl 120:This value is not a valid slug.
  [Validator] Update sr_Latn 120:This value is not a valid slug.
  6.4 Missing translations for Italian (it) #59419
  tests(notifier): avoid failing SNS test with local AWS configuration
  Fix typo ratio comment
  chore: PropertyAccess - fix typo in DocBlock
  [Validator] Missing translations for Brazilian Portuguese (pt_BR)
  fix(dependency-injection): reset env vars with kernel.reset
  ...

…EquatableInterface

* 7.2: (21 commits)
  [FrameworkBundle] Add missing `not-compromised-password` entry in XSD
  [AssetMapper] Fix CssCompiler matches url in comments
  Add support for doctrine/persistence 4
  fix(sweego): Fix channel parameter value to fixed value for Mailer and Notifier Transports
  Ensure TransportExceptionInterface populates stream debug data
  Fix typo in validators.sk.xlf
  [Mime] Fix body validity check in `Email` when using `Message::setBody()`
  Review Arabic translations for the validator
  Fixed mistakes in proper hebrew writing in the previous translation and confirmed the rest to be correct and in the same style.
  Review translation
  [Cache] Don't clear system caches on cache:clear
  [FrameworkBundle] Fix patching refs to the tmp warmup dir in files generated by optional cache warmers
  [Config] Add missing json_encode flag when creating .meta.json files
  Mark Czech Validator translation as reviewed
  [PropertyInfo] Fix `TypeTest` duplicated assert
  [Validator] Fix `Url` constraint attribute assertion
  convert legacy types to TypeInfo types if getType() is not implemented
  [HtmlSanitizer] Avoid accessing non existent array key when checking for hosts validity
  [Messenger ] Extract retry delay from nested `RecoverableExceptionInterface`
  Update validators.ar.xlf
  ...

… in the session

…r implements EquatableInterface (nicolas-grekas)

This PR was merged into the 7.3 branch.

Discussion
----------

[Security] Unset token roles when serializing it and user implements EquatableInterface

| Q             | A
| ------------- | ---
| Branch?       | 7.3
| Bug fix?      | no
| New feature?  | no
| Deprecations? | no
| Issues        | -
| License       | MIT

When the user object implement EquatableInterface, we never read the roles stored in the token object that wraps the user in the session storage.

This PR ensures we don't store these roles either - they're just wasting space.

Commits
-------

b7c55c87bcb [Security] Unset token roles when serializing it and user implements EquatableInterface

…ntials()`

…ing the user in the session

In addition to the excellent work of @vincentchalamon #48272, this PR allows getting the data from the OAuth2 Introspection Endpoint. This endpoint is defined in the [RFC7662](https://datatracker.ietf.org/doc/html/rfc7662). It returns the following information that is used to retrieve the user:

* If the access token is active
* A set of claims that are similar to the OIDC one, including the `sub` or the `username`.

* 7.2:
  Add Tagalog translations for security and validator components