Permalink
Browse files

bug #4746 Revert #4651 for 2.3 branch (xelaris)

This PR was merged into the 2.3 branch.

Discussion
----------

Revert #4651 for 2.3 branch

| Q             | A
| ------------- | ---
| Doc fix?      | yes
| New docs?     | no
| Applies to    |  2.3 (only)
| Fixed tickets |

#4651 was merged in 2.3 but should be 2.5 as mentioned in #4651 (comment). This PR reverts the changes for the 2.3 branch.

Commits
-------

f2d3223 Revert #4651 for 2.3 branch
  • Loading branch information...
weaverryan committed Jan 16, 2015
2 parents 528e8e1 + f2d3223 commit 9fee9eed5366a1a4408821cfc950a34ea4c7fbce
Showing with 0 additions and 49 deletions.
  1. +0 −12 book/installation.rst
  2. +0 −29 book/security.rst
  3. +0 −8 contributing/code/security.rst
@@ -288,18 +288,6 @@ them all at once:
Depending on the complexity of your project, this update process can take up to
several minutes to complete.
.. tip::
Symfony provides a command to check whether your project's dependencies
contain any know security vulnerability:
.. code-block:: bash
$ php app/console security:check
A good security practice is to execute this command regularly to be able to
update or replace compromised dependencies as soon as possible.
.. _installing-a-symfony2-distribution:
Installing a Symfony Distribution
@@ -1234,34 +1234,6 @@ cookie will be ever created by Symfony):
.. _book-security-checking-vulnerabilities:
Checking for Known Security Vulnerabilities in Dependencies
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. versionadded:: 2.5
The ``security:check`` command was introduced in Symfony 2.5. This command is
included in ``SensioDistributionBundle``, which has to be registered in your
application in order to use this command.
When using lots of dependencies in your Symfony projects, some of them may
contain security vulnerabilities. That's why Symfony includes a command called
``security:check`` that checks your ``composer.lock`` file to find any known
security vulnerability in your installed dependencies:
.. code-block:: bash
$ php app/console security:check
A good security practice is to execute this command regularly to be able to
update or replace compromised dependencies as soon as possible. Internally,
this command uses the public `security advisories database`_ published by the
FriendsOfPHP organization.
.. tip::
The ``security:check`` command terminates with a non-zero exit code if
any of your dependencies is affected by a known security vulnerability.
Therefore, you can easily integrate it in your build process.
Final Words
-----------
@@ -1290,4 +1262,3 @@ Learn more from the Cookbook
.. _`online tool`: https://www.dailycred.com/blog/12/bcrypt-calculator
.. _`frameworkextrabundle documentation`: http://symfony.com/doc/current/bundles/SensioFrameworkExtraBundle/index.html
.. _`security advisories database`: https://github.com/FriendsOfPHP/security-advisories
@@ -38,8 +38,6 @@ confirmed, the core-team works on a solution following these steps:
#. Publish the post on the official Symfony `blog`_ (it must also be added to
the "`Security Advisories`_" category);
#. Update the security advisory list (see below).
#. Update the public `security advisories database`_ maintained by the
FriendsOfPHP organization and which is used by the ``security:check`` command.
.. note::
@@ -95,11 +93,6 @@ of the downstream projects included in this process:
Security Advisories
-------------------
.. tip::
You can check your Symfony application for known security vulnerabilities
using the ``security:check`` command. See :ref:`book-security-checking-vulnerabilities`.
This section indexes security vulnerabilities that were fixed in Symfony
releases, starting from Symfony 1.0.0:
@@ -129,4 +122,3 @@ releases, starting from Symfony 1.0.0:
.. _Git repository: https://github.com/symfony/symfony
.. _blog: http://symfony.com/blog/
.. _Security Advisories: http://symfony.com/blog/category/security-advisories
.. _`security advisories database`: https://github.com/FriendsOfPHP/security-advisories

0 comments on commit 9fee9ee

Please sign in to comment.