diff --git a/composer.json b/composer.json
index a635ac17c582bbf03da58e77f612e7dfbb386298..d9e8c9abee878e082fe3c040fbbff259ca8be58b 100644
--- a/composer.json
+++ b/composer.json
@@ -63,11 +63,7 @@
     "require-dev": {
         "ext-curl": "*",
         "mikey179/vfsstream": "~1.6",
-        "phpunit/phpunit": "~8.5",
-        "sensiolabs/security-checker": "^5.0.3",
-        "simplesamlphp/simplesamlphp-test-framework": "^0.1.0",
-        "squizlabs/php_codesniffer": "^3.5",
-        "vimeo/psalm": "^3.8"
+        "simplesamlphp/simplesamlphp-test-framework": "^0.1.3"
     },
     "suggest": {
         "predis/predis": "Needed if a Redis server is used to store session information",
diff --git a/lib/SimpleSAML/Metadata/SAMLBuilder.php b/lib/SimpleSAML/Metadata/SAMLBuilder.php
index 5c95059cab2ddf77f7e91f025c8c56be495b96be..319f7800182b359cd946063cf5b1422e7be793bb 100644
--- a/lib/SimpleSAML/Metadata/SAMLBuilder.php
+++ b/lib/SimpleSAML/Metadata/SAMLBuilder.php
@@ -153,7 +153,7 @@ class SAMLBuilder
         $metadata = Configuration::loadFromArray($metadata, $metadata['entityid']);
         $defaultEndpoint = $metadata->getDefaultEndpoint('SingleSignOnService');
 
-        /** @psalm-suppress UndefinedClass */
+        /** @psalm-var \SAML2\XML\md\RoleDescriptor $e */
         $e = new SecurityTokenServiceType();
         $e->setLocation($defaultEndpoint['Location']);
 
diff --git a/lib/SimpleSAML/Session.php b/lib/SimpleSAML/Session.php
index 0ed152012592d240c8b07bde3609a02bb35d9b8e..635b88b7e09c062a3a69139364673b1062f1c094 100644
--- a/lib/SimpleSAML/Session.php
+++ b/lib/SimpleSAML/Session.php
@@ -48,8 +48,10 @@ class Session implements \Serializable, Utils\ClearableState
      * This variable holds the instance of the session - Singleton approach.
      *
      * Warning: do not set the instance manually, call Session::load() instead.
+     *
+     * @var \SimpleSAML\Session|null
      */
-    private static $instance;
+    private static $instance = null;
 
     /**
      * The global configuration.
diff --git a/lib/SimpleSAML/SessionHandlerPHP.php b/lib/SimpleSAML/SessionHandlerPHP.php
index fd59a25a7acff33d6b79a8ea3f2af7bc0e4214a7..0a646c58a16833c76bf90de03348861dfd92903a 100644
--- a/lib/SimpleSAML/SessionHandlerPHP.php
+++ b/lib/SimpleSAML/SessionHandlerPHP.php
@@ -81,6 +81,7 @@ class SessionHandlerPHP extends SessionHandler
 
         if (!headers_sent()) {
             if (version_compare(PHP_VERSION, '7.3.0', '>=')) {
+                /** @psalm-suppress InvalidArgument */
                 session_set_cookie_params([
                     'lifetime' => $params['lifetime'],
                     'path' => $params['path'],
@@ -360,6 +361,7 @@ class SessionHandlerPHP extends SessionHandler
         }
 
         if (version_compare(PHP_VERSION, '7.3.0', '>=')) {
+            /** @psalm-suppress InvalidArgument */
             session_set_cookie_params($cookieParams);
         } else {
             session_set_cookie_params(
diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php
index cdf1ba72285dba2114c3fce2a3ef8640d2a9b19e..18605b8c56d20539aaf75413847b9a67b4d665c0 100644
--- a/lib/SimpleSAML/Utils/HTTP.php
+++ b/lib/SimpleSAML/Utils/HTTP.php
@@ -1153,6 +1153,7 @@ class HTTP
         if (version_compare(PHP_VERSION, '7.3.0', '>=')) {
             /* use the new options array for PHP >= 7.3 */
             if ($params['raw']) {
+                /** @psalm-suppress InvalidArgument */
                 $success = @setrawcookie(
                     $name,
                     $value,
@@ -1166,6 +1167,7 @@ class HTTP
                     ]
                 );
             } else {
+                /** @psalm-suppress InvalidArgument */
                 $success = @setcookie(
                     $name,
                     $value,