Skip to content

Commit 558f725

Browse files
javiereguiluzjaviereguiluz
committed
Minor reword
1 parent ee707c0 commit 558f725

File tree

1 file changed

+7
-18
lines changed

1 file changed

+7
-18
lines changed

security/security_checker.rst

Lines changed: 7 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -5,24 +5,19 @@ How to Check for Known Security Vulnerabilities in Your Dependencies
55
====================================================================
66

77
When using lots of dependencies in your Symfony projects, some of them may
8-
contain security vulnerabilities. That's why the Symfony client includes a
9-
command called ``security:check`` that checks your ``composer.lock`` file to
10-
find known security vulnerabilities in your installed dependencies:
8+
contain security vulnerabilities. That's why the :doc:`Symfony local server </setup/symfony_server>`
9+
includes a command called ``security:check`` that checks your ``composer.lock``
10+
file to find known security vulnerabilities in your installed dependencies:
1111

1212
.. code-block:: terminal
1313
1414
$ symfony security:check
1515
16-
.. tip::
17-
18-
The Symfony client is distributed as a free installable binary without any
19-
dependency and support for Linux, macOS and Windows. Go to `symfony.com/download`_
20-
and follow the instructions for your operating system.
21-
2216
A good security practice is to execute this command regularly to be able to
23-
update or replace compromised dependencies as soon as possible. Internally,
24-
this command uses the public `security advisories database`_ published by the
25-
FriendsOfPHP organization.
17+
update or replace compromised dependencies as soon as possible. The security
18+
check is done locally by cloning the `security advisories database`_ published
19+
by the FriendsOfPHP organization, so your ``composer.lock`` file is not sent on
20+
the network.
2621

2722
.. tip::
2823

@@ -31,10 +26,4 @@ FriendsOfPHP organization.
3126
This way you can add it to your project build process and your continuous
3227
integration workflows to make them fail when there are vulnerabilities.
3328

34-
.. tip::
35-
36-
The security check is done locally: the `security advisories database`_ is
37-
cloned and your ``composer.lock`` file is not sent on the network.
38-
39-
.. _`symfony.com/download`: https://symfony.com/download
4029
.. _`security advisories database`: https://github.com/FriendsOfPHP/security-advisories

0 commit comments

Comments
 (0)