From 18c2adf0f46a9d2abfd0256c52d519c3dea5c274 Mon Sep 17 00:00:00 2001 From: Shrey Puranik Date: Tue, 12 Mar 2019 09:26:31 +0000 Subject: [PATCH 1/2] Update security_checker.rst Adding a small note advising users to always use the latest version of the command, as old versions will now break existing build plans because change of composer.lock checking tool. --- security/security_checker.rst | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/security/security_checker.rst b/security/security_checker.rst index fd22a4c25ec..a6189dbbc79 100644 --- a/security/security_checker.rst +++ b/security/security_checker.rst @@ -25,6 +25,13 @@ FriendsOfPHP organization. This way you can add it to your project build process and your continuous integration workflows to make them fail when there are vulnerabilities. +.. tip:: + + Earlier versions of this command used a tool hosted at a now deprecated URL, + with the tool having since been moved to a new location, which has been + reflected in newer versions of the bundle. Use the latest version of the + command to avoid getting exit code zero and breaking existing build plans. + .. note:: To enable the ``security:check`` command, make sure the From cd7297583e3338990ec5dd09201d9d77a815da3b Mon Sep 17 00:00:00 2001 From: Shrey Puranik Date: Tue, 12 Mar 2019 09:54:40 +0000 Subject: [PATCH 2/2] Update security_checker.rst --- security/security_checker.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/security/security_checker.rst b/security/security_checker.rst index a6189dbbc79..25195547ca5 100644 --- a/security/security_checker.rst +++ b/security/security_checker.rst @@ -30,7 +30,8 @@ FriendsOfPHP organization. Earlier versions of this command used a tool hosted at a now deprecated URL, with the tool having since been moved to a new location, which has been reflected in newer versions of the bundle. Use the latest version of the - command to avoid getting exit code zero and breaking existing build plans. + command to avoid getting exit code zero and breaking existing build plans + if the command has been integrated into project build process. .. note::