Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 558f725

Browse filesBrowse files
javiereguiluzjaviereguiluz
committed
Minor reword
1 parent ee707c0 commit 558f725
Copy full SHA for 558f725

File tree

Expand file treeCollapse file tree

1 file changed

+7
-18
lines changed
Filter options
Expand file treeCollapse file tree

1 file changed

+7
-18
lines changed

‎security/security_checker.rst

Copy file name to clipboardExpand all lines: security/security_checker.rst
+7-18Lines changed: 7 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -5,24 +5,19 @@ How to Check for Known Security Vulnerabilities in Your Dependencies
55
====================================================================
66

77
When using lots of dependencies in your Symfony projects, some of them may
8-
contain security vulnerabilities. That's why the Symfony client includes a
9-
command called ``security:check`` that checks your ``composer.lock`` file to
10-
find known security vulnerabilities in your installed dependencies:
8+
contain security vulnerabilities. That's why the :doc:`Symfony local server </setup/symfony_server>`
9+
includes a command called ``security:check`` that checks your ``composer.lock``
10+
file to find known security vulnerabilities in your installed dependencies:
1111

1212
.. code-block:: terminal
1313
1414
$ symfony security:check
1515
16-
.. tip::
17-
18-
The Symfony client is distributed as a free installable binary without any
19-
dependency and support for Linux, macOS and Windows. Go to `symfony.com/download`_
20-
and follow the instructions for your operating system.
21-
2216
A good security practice is to execute this command regularly to be able to
23-
update or replace compromised dependencies as soon as possible. Internally,
24-
this command uses the public `security advisories database`_ published by the
25-
FriendsOfPHP organization.
17+
update or replace compromised dependencies as soon as possible. The security
18+
check is done locally by cloning the `security advisories database`_ published
19+
by the FriendsOfPHP organization, so your ``composer.lock`` file is not sent on
20+
the network.
2621

2722
.. tip::
2823

@@ -31,10 +26,4 @@ FriendsOfPHP organization.
3126
This way you can add it to your project build process and your continuous
3227
integration workflows to make them fail when there are vulnerabilities.
3328

34-
.. tip::
35-
36-
The security check is done locally: the `security advisories database`_ is
37-
cloned and your ``composer.lock`` file is not sent on the network.
38-
39-
.. _`symfony.com/download`: https://symfony.com/download
4029
.. _`security advisories database`: https://github.com/FriendsOfPHP/security-advisories

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.