Symfony version(s) affected: >=3.4

PasswordEncoderInterface has, in both methods, string for the type-hinting (in phpDoc) of $salt parameter.
This is wrong and should be string|null: as a matter of fact, newer encoders don't require a salt.

I found this with phpstan:

Parameter 2 $salt of method Symfony\Component\Security\Core\Encoder\PasswordEncoderInterface::encodePassword() expects string, null given.