From c1993e8e73922d8f06ef25a025ad8f7006759316 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Tibensk=C3=BD?=
 <ttibensky@users.noreply.github.com>
Date: Sun, 10 Apr 2022 14:23:47 +0200
Subject: [PATCH 1/2] Fix invalid interface mention in security.rst

SerializableInterface doesn't exist, I assume it was meant to be https://www.php.net/manual/en/class.serializable.php, the motivation behind this change is described here https://stackoverflow.com/questions/42074225/symfony-userinterface-is-serializing-the-entire-massive-user-entity/71816482#71816482
---
 security.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/security.rst b/security.rst
index d29f1480f78..e04a67e41a6 100644
--- a/security.rst
+++ b/security.rst
@@ -2503,9 +2503,9 @@ However, in some cases, this process can cause unexpected authentication problem
 If you're having problems authenticating, it could be that you *are* authenticating
 successfully, but you immediately lose authentication after the first redirect.
 
-In that case, review the serialization logic (e.g. ``SerializableInterface``) on
+In that case, review the serialization logic (e.g. ``\Serializable`` interface) on
 you user class (if you have any) to make sure that all the fields necessary are
-serialized.
+serialized and also exclude all the fields not necessary to be serialized (relations).
 
 Comparing Users Manually with EquatableInterface
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

From 6e7b827d77a83bb606dc644eae78e31b2c374406 Mon Sep 17 00:00:00 2001
From: Wouter de Jong <wouter@wouterj.nl>
Date: Thu, 21 Apr 2022 14:06:12 +0200
Subject: [PATCH 2/2] No longer mention a deprecated interface

---
 security.rst | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/security.rst b/security.rst
index e04a67e41a6..3db9857f17a 100644
--- a/security.rst
+++ b/security.rst
@@ -2503,9 +2503,10 @@ However, in some cases, this process can cause unexpected authentication problem
 If you're having problems authenticating, it could be that you *are* authenticating
 successfully, but you immediately lose authentication after the first redirect.
 
-In that case, review the serialization logic (e.g. ``\Serializable`` interface) on
-you user class (if you have any) to make sure that all the fields necessary are
-serialized and also exclude all the fields not necessary to be serialized (relations).
+In that case, review the serialization logic (e.g. the ``__serialize()`` or
+``serialize()`` methods) on you user class (if you have any) to make sure
+that all the fields necessary are serialized and also exclude all the
+fields not necessary to be serialized (e.g. Doctrine relations).
 
 Comparing Users Manually with EquatableInterface
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~