Update Composer dependencies for 11.1.0-beta1

$ composer-lock-diff --no-links
+----------------------+-------+-------+
| Production Changes   | From  | To    |
+----------------------+-------+-------+
| doctrine/annotations | 2.0.1 | 2.0.2 |
| guzzlehttp/promises  | 2.0.3 | 2.0.4 |
+----------------------+-------+-------+

+-----------------------------------+---------+---------+
| Dev Changes                       | From    | To      |
+-----------------------------------+---------+---------+
| composer/ca-bundle                | 1.5.2   | 1.5.3   |
| composer/composer                 | 2.8.1   | 2.8.2   |
| drupal/coder                      | 8.3.24  | 8.3.25  |
| lullabot/mink-selenium2-driver    | v1.7.3  | v1.7.4  |
| lullabot/php-webdriver            | v2.0.5  | v2.0.6  |
| mglaman/phpstan-drupal            | 1.2.12  | 1.3.1   |
| myclabs/deep-copy                 | 1.12.0  | 1.12.1  |
| nikic/php-parser                  | v5.1.0  | v5.3.1  |
| php-http/httplug                  | 2.4.0   | 2.4.1   |
| phpdocumentor/reflection-docblock | 5.4.1   | 5.5.1   |
| phpdocumentor/type-resolver       | 1.8.2   | 1.10.0  |
| phpstan/extension-installer       | 1.4.1   | 1.4.3   |
| phpstan/phpdoc-parser             | 1.29.1  | 1.33.0  |
| phpstan/phpstan                   | 1.12.4  | 1.12.10 |
| phpstan/phpstan-deprecation-rules | 1.2.0   | 1.2.1   |
| phpunit/phpunit                   | 10.5.35 | 10.5.38 |
| sebastian/comparator              | 5.0.2   | 5.0.3   |
| squizlabs/php_codesniffer         | 3.10.2  | 3.10.3  |
+-----------------------------------+---------+---------+

So

1) There are some new dev-dependencies, which is why 2 additions to the cspell dictionary are present.
2) One of these new dev-dependencies, tbachert/spi, needs permission to be in allow-plugins.

Besides tbachert/spi, I see four more new dev-dependencies:

1) brick/math:

$ composer why brick/math
ramsey/uuid 4.7.6 requires brick/math (^0.8.8 || ^0.9 || ^0.10 || ^0.11 || ^0.12)

2) nyholm/psr7-server:

$ composer why nyholm/psr7-server
open-telemetry/sdk 1.1.2 requires nyholm/psr7-server (^1.1)

3) ramsey/collection:

$ composer why ramsey/collection
ramsey/uuid 4.7.6 requires ramsey/collection (^1.2 || ^2.0)

4) ramsey/uuid

$ composer why ramsey/uuid
open-telemetry/sdk 1.1.2 requires ramsey/uuid (^3.0 || ^4.0)
ramsey/uuid        4.7.6 replaces rhumsaa/uuid (self.version)

So every one of the five new dev-dependencies come from open-telemetry/sdk.

Do we need to document this/all of the dependencies individually/ignore this completely?

EDIT: Hmmm, looking at https://www.drupal.org/about/core/policies/core-dependency-policies-and-... we:
a) are hopelessly behind on our current documentation.
b) trying to document all 5(?) current branches is going to be a slight nightmare.
c) also seem to have JS dependencies in that page (PostCSS)
d) seem to only document our direct dev-dependencies.

If d) is true, there won't be a need to document the new sub-dependencies IMHO.

Rebased after #3486184: Update to Symfony 7.2.0-BETA2 landed.

edit: crossposted, but this still applied cleanly even after the other issue landed.

Rebased a while before I commented, in between that and your commit was first forgetting about and then frantically rerunning failed tests to get green again.
It all worked out just fine :)

Rebased and updated #4.