From 70a24dd34e2e63f358c7670da2b676ecd24940fc Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Mon, 6 Jul 2026 16:31:02 +0200
Subject: [PATCH 01/16] Add security_advisories.md
---
.../security/security_advisories.md | 77 +++++++++++++++++++
mkdocs.yml | 1 +
2 files changed, 78 insertions(+)
create mode 100644 docs/infrastructure_and_maintenance/security/security_advisories.md
diff --git a/docs/infrastructure_and_maintenance/security/security_advisories.md b/docs/infrastructure_and_maintenance/security/security_advisories.md
new file mode 100644
index 0000000000..487d3d4428
--- /dev/null
+++ b/docs/infrastructure_and_maintenance/security/security_advisories.md
@@ -0,0 +1,77 @@
+---
+description: TODO.
+---
+
+# Security advisories
+
+## Ibexa security advisories
+
+Ibexa security advisories are released via [your Service portal](https://support.ibexa.co/), or via [Security advisories](https://developers.ibexa.co/security-advisories) if you're not a subscriber.
+
+## Package security advisories
+
+Overall, it's recommended to keep your Composer packages up to date.
+
+You can run the following command to check for available updates without installing them:
+
+```bash
+composer update --dry-run
+```
+
+When a security issue is discovered on a Composer package, a security advisory is emitted, and the disrecommended affected versions of the package can't be installed without action.
+
+When installing or updating, Composer avoids the installation of packages that are affected by security advisories.
+But there might be some constraint issues making the installation or update impossible.
+For example, security fixes might not be deployed for [unsupported PHP versions](https://www.php.net/supported-versions.php).
+
+Example of a Composer output about a package with security issues when trying to install:
+
+```text
+- Root composer.json requires twig/cssinliner-extra v3.11.0 (exact version match), found twig/cssinliner-extra[v3.11.0] but these were not loaded, because they are affected by security advisories ("PKSA-fs5b-x5k4-1h39").
+```
+
+Composer output isn't always as verbose about security advisories blocking installation or update.
+
+For example, imagine this error appeared recently when trying to install Ibexa DXP 4.6 on PHP 7.4:
+
+```text
+- ibexa/user[v4.6.0, ..., v4.6.31] require twig/twig ^3.0 -> satisfiable by twig/twig[v3.27.0, v3.27.1, v3.28.0].
+- twig/twig[v3.27.0, ..., v3.28.0] require php >=8.1.0 -> your php version (7.4.33) does not satisfy that requirement.
+```
+
+It was working before. You can check about the package on packagist.org, or on an already running Ibexa DXP what version of this package was previously accepted.
+
+In this example, [`twig/twig` v3.11.3](https://packagist.org/packages/twig/twig#v3.11.3) matches the constraints.
+```terminal
+% composer require twig/twig:3.11.3
+Your requirements could not be resolved to an installable set of packages.
+
+ Problem 1
+ - Root composer.json requires twig/twig 3.11.3 (exact version match: 3.11.3 or 3.11.3.0), found twig/twig[v3.11.3] but these were not loaded, because they are affected by security advisories ("PKSA-8zx5-v2nz-58pb").
+```
+
+It's highly recommended to not install affected package and meet the requirements of the fixed versions.
+
+You can use https://packagist.org/security-advisories/ resource to know more about a security advisory, like the affected packages and versions, detailed issue, or the other possible reference IDs for the advisory - PKSA (Packagist Security Advisory), GHSA (GitHub Security Advisories), CVE (Common Vulnerabilities and Exposures)
+
+If you need to, upgrade PHP, and migrate custom code to be compatible with higher version of PHP, for example by using [Rector](https://github.com/rectorphp/rector).
+
+If updating the affected package isn't possible, review the security issues carefully and assess the danger.
+If you choose to implement countermeasures without upgrading requirements, you can ignore the security advisory.
+We recommand to use Composer [config.policy.advisories.ignore-id](https://getcomposer.org/doc/06-config.md#ignore-id) setting with for each entry the reason why you allow yourself to ignore it.
+This way, if a package is affected by a new security advisory, you are warned.
+
+```json
+{
+ "config": {
+ "policy": {
+ "advisories": {
+ "ignore-id": {
+ "PKSA-fs5b-x5k4-1h39": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
+ "PKSA-8zx5-v2nz-58pb": "Description of the countermeasures you've implemented causing this one to be safe to ignore."
+ }
+ }
+ }
+ }
+}
+```
diff --git a/mkdocs.yml b/mkdocs.yml
index 898287276d..cab9dfca9e 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -855,6 +855,7 @@ nav:
- Development security: infrastructure_and_maintenance/security/development_security.md
- Security checklist: infrastructure_and_maintenance/security/security_checklist.md
- Reporting issues: infrastructure_and_maintenance/security/reporting_issues.md
+ - Security advisories: infrastructure_and_maintenance/security/security_advisories.md
- Support and maintenance FAQ: infrastructure_and_maintenance/support_and_maintenance_faq.md
- Update and migration:
- Update Ibexa DXP: update_and_migration/update_ibexa_dxp.md
From 0956f0a1342d9bf7299406154e4cf1fe130f5b97 Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Mon, 6 Jul 2026 16:31:13 +0200
Subject: [PATCH 02/16] Use security_advisories.md
---
docs/getting_started/install_ibexa_dxp.md | 28 ++++++++++---
.../security/security_checklist.md | 5 ++-
.../from_4.6/update_from_4.6.md | 41 ++++---------------
3 files changed, 33 insertions(+), 41 deletions(-)
diff --git a/docs/getting_started/install_ibexa_dxp.md b/docs/getting_started/install_ibexa_dxp.md
index 57e7c6c93a..fe451a1e57 100644
--- a/docs/getting_started/install_ibexa_dxp.md
+++ b/docs/getting_started/install_ibexa_dxp.md
@@ -160,11 +160,20 @@ To use Composer to instantly create a project in the current folder with all the
composer update
```
+!!! caution "Deprecation messages on PHP 8.2 and newer"
+
+ To avoid deprecations when using PHP 8.2, 8.3, or 8.4, run the following commands:
+
+ ``` bash
+ composer config extra.runtime.error_handler "\\Ibexa\\Contracts\\Core\\MVC\\Symfony\\ErrorHandler\\Php82HideDeprecationsErrorHandler"
+ composer dump-autoload
+ ```
+
!!! tip "Authentication token"
If you added credentials to the `COMPOSER_AUTH` variable, at this point add this variable to `auth.json` (for example, by running `echo $COMPOSER_AUTH > auth.json`).
-!!! tip
+!!! tip "Version constraint"
You can set [different version constraints](https://getcomposer.org/doc/articles/versions.md), for example, specific tag (`[[= latest_tag_4_6 =]]`), version range (`~4.6.10`), or stability (`^4.6@rc`):
@@ -267,10 +276,19 @@ You may choose to replace the [default search engine](legacy_search_overview.md)
Install [[= product_name =]] and create a database with:
-``` bash
-php bin/console ibexa:install
-php bin/console ibexa:graphql:generate-schema
-```
+=== "PHP 8.4"
+
+ ``` bash
+ php -d error_reporting=`php -r 'echo E_ALL & ~E_DEPRECATED;'` bin/console ibexa:install
+ php bin/console ibexa:graphql:generate-schema
+ ```
+
+=== "PHP 8.3 and older"
+
+ ``` bash
+ php bin/console ibexa:install
+ php bin/console ibexa:graphql:generate-schema
+ ```
Before executing the command make sure that the database user has sufficient permissions.
diff --git a/docs/infrastructure_and_maintenance/security/security_checklist.md b/docs/infrastructure_and_maintenance/security/security_checklist.md
index 1f34f7efc6..399ee04949 100644
--- a/docs/infrastructure_and_maintenance/security/security_checklist.md
+++ b/docs/infrastructure_and_maintenance/security/security_checklist.md
@@ -8,7 +8,7 @@ When getting ready to go live with your project for the first time, or when re-l
!!! caution
- Security is an ongoing process. After going live, you should pay attention to security advisories released via [your Service portal](https://support.ibexa.co/), or via [Security advisories](https://developers.ibexa.co/security-advisories) if you're not a subscriber.
+ Security is an ongoing process. After going live, you should pay attention to Ibexa security advisories released via [your Service portal](https://support.ibexa.co/), or via [Security advisories](https://developers.ibexa.co/security-advisories) if you're not a subscriber.
## [[= product_name =]]
@@ -16,7 +16,7 @@ When getting ready to go live with your project for the first time, or when re-l
Make sure Admin users and other privileged users who have access to System Information and setup in the back end are vetted and fully trustworthy.
-As administrator you have access to full information about the system through the `setup/system_info` policy, and also to user data, role editing, and many other critical aspects.
+As administrator, you have access to full information about the system through the `setup/system_info` policy, and also to user data, role editing, and many other critical aspects.
The users in your organization who have backend access must be kept up-to-date.
Any user leaving the organization must be disabled without delay.
@@ -316,6 +316,7 @@ Those steps aren't needed when using [[= product_name_cloud =]], where the provi
- Run servers on a recent operating system and install security patches for dependencies.
- Configure servers to alert you about security updates from vendors. Pay special attention to dependencies used by your project directly, or by PHP. The provider of the operating system usually has a service for this.
+- Update Composer packages regulary. Try to not ignore [package security advisories](security_advisories.md#package-security-advisories). Update dependencies to be able to install fixed versions.
- Enable [GitHub Dependabot](https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)
to receive notifications when a security fix is released in a GitHub-hosted dependency.
- If you're not using GitHub for your project, you can create a dummy project on GitHub with the same dependencies as your real project, and enable Dependabot notifications for that.
diff --git a/docs/update_and_migration/from_4.6/update_from_4.6.md b/docs/update_and_migration/from_4.6/update_from_4.6.md
index fc233f61f0..69f4af4ff3 100644
--- a/docs/update_and_migration/from_4.6/update_from_4.6.md
+++ b/docs/update_and_migration/from_4.6/update_from_4.6.md
@@ -32,7 +32,7 @@ First, run:
Then execute the instructions below starting from the version you're upgrading from.
-!!! caution
+!!! caution "Deprecation messages on PHP 8.2 and newer"
To avoid deprecations when using PHP 8.2, 8.3, or 8.4, run the following commands:
@@ -43,6 +43,10 @@ Then execute the instructions below starting from the version you're upgrading f
+!!! caution "Security advisories"
+
+ If you encounter security advisories that prevent the update, see [Package security advisories](security_advisories.md#package-security-advisories).
+
## v4.6.1
No additional steps needed.
@@ -714,39 +718,8 @@ Then, update Ibexa DXP.
If updating the Twig packages isn't possible, for example, because the project is using PHP 7.4 or 8.0 where the fixes are not available, review the security issues carefully and assess the danger.
-If you choose to implement countermeasures without upgrading PHP and updating Twig, you can silence the advisories in `composer.json`:
-
-```json
-"config": {
- "audit": {
- "ignore": {
- "PKSA-fbvq-z33h-r2np": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-g9zw-qxh8-pq8w": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-yd6k-t2gh-1m43": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-1tmc-rt7x-12w6": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-xx6c-6d96-db2w": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-5k7f-wvjj-jrgw": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-sjvz-tbbr-vwth": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-h8hf-ytnd-5t9q": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-wwb1-81rc-pd65": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-hgmw-wn4d-hpcy": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-kvv6-36cr-fkzb": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-n14z-jjjg-g8vd": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-3mcc-k66d-pydb": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-gw7n-z4yx-7xjt": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-dpx1-78wg-1kqs": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-21g2-dzjv-sky5": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-yhcn-xrg3-68b1": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-2wrf-1xmk-1pky": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-6319-ffpf-gx66": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-n7sg-8f52-pqtf": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-8kk8-h2xr-h5nx": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-2rbx-bjdx-4d4d": "Description of the countermeasures you've implemented causing this one to be safe to ignore.",
- "PKSA-fs5b-x5k4-1h39": "Description of the countermeasures you've implemented causing this one to be safe to ignore."
- }
- }
-}
-```
+If you choose to implement countermeasures without upgrading PHP and updating Twig, you can silence the advisories in `composer.json`.
+For more information, see [Package security advisories](security_advisories.md#package-security-advisories).
In addition, consider upgrading your project to one of [the actively supported PHP versions](requirements.md#php).
From 188b48aa2e078f26de341c84857e79f29a73c4c5 Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Tue, 7 Jul 2026 11:10:42 +0200
Subject: [PATCH 03/16] security_advisories.md: Rework English
---
.../security/security_advisories.md | 28 +++++++++----------
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/docs/infrastructure_and_maintenance/security/security_advisories.md b/docs/infrastructure_and_maintenance/security/security_advisories.md
index 487d3d4428..da8f0eaf81 100644
--- a/docs/infrastructure_and_maintenance/security/security_advisories.md
+++ b/docs/infrastructure_and_maintenance/security/security_advisories.md
@@ -18,11 +18,11 @@ You can run the following command to check for available updates without install
composer update --dry-run
```
-When a security issue is discovered on a Composer package, a security advisory is emitted, and the disrecommended affected versions of the package can't be installed without action.
+When a security issue is discovered in a Composer package, a security advisory is issued, and the affected versions of the package become blocked from installation unless you take action.
-When installing or updating, Composer avoids the installation of packages that are affected by security advisories.
-But there might be some constraint issues making the installation or update impossible.
-For example, security fixes might not be deployed for [unsupported PHP versions](https://www.php.net/supported-versions.php).
+When installing or updating, Composer avoids installing packages that are affected by security advisories.
+However, this can create constraint issues that make installation or updates impossible.
+For example, security fixes might not be available for [unsupported PHP versions](https://www.php.net/supported-versions.php).
Example of a Composer output about a package with security issues when trying to install:
@@ -30,7 +30,7 @@ Example of a Composer output about a package with security issues when trying to
- Root composer.json requires twig/cssinliner-extra v3.11.0 (exact version match), found twig/cssinliner-extra[v3.11.0] but these were not loaded, because they are affected by security advisories ("PKSA-fs5b-x5k4-1h39").
```
-Composer output isn't always as verbose about security advisories blocking installation or update.
+Composer's output isn't always this verbose about security advisories blocking installation or updates.
For example, imagine this error appeared recently when trying to install Ibexa DXP 4.6 on PHP 7.4:
@@ -39,9 +39,9 @@ For example, imagine this error appeared recently when trying to install Ibexa D
- twig/twig[v3.27.0, ..., v3.28.0] require php >=8.1.0 -> your php version (7.4.33) does not satisfy that requirement.
```
-It was working before. You can check about the package on packagist.org, or on an already running Ibexa DXP what version of this package was previously accepted.
+It worked before. You can check packagist.org, or an already running instance of Ibexa DXP, to see which version of this package was previously accepted.
-In this example, [`twig/twig` v3.11.3](https://packagist.org/packages/twig/twig#v3.11.3) matches the constraints.
+In this example, [`twig/twig` v3.11.3](https://packagist.org/packages/twig/twig#v3.11.3) matches the constraints `^3.0` and PHP 7.4 `>=7.2.5`.
```terminal
% composer require twig/twig:3.11.3
Your requirements could not be resolved to an installable set of packages.
@@ -50,16 +50,16 @@ Your requirements could not be resolved to an installable set of packages.
- Root composer.json requires twig/twig 3.11.3 (exact version match: 3.11.3 or 3.11.3.0), found twig/twig[v3.11.3] but these were not loaded, because they are affected by security advisories ("PKSA-8zx5-v2nz-58pb").
```
-It's highly recommended to not install affected package and meet the requirements of the fixed versions.
+It's highly recommended that you not install the affected package, and instead meet the requirements of the fixed version.
-You can use https://packagist.org/security-advisories/ resource to know more about a security advisory, like the affected packages and versions, detailed issue, or the other possible reference IDs for the advisory - PKSA (Packagist Security Advisory), GHSA (GitHub Security Advisories), CVE (Common Vulnerabilities and Exposures)
+You can use the https://packagist.org/security-advisories/ resource to learn more about a security advisory, such as the affected packages and versions, a detailed description of the issue, and other possible reference IDs for the advisory: PKSA (Packagist Security Advisory), GHSA (GitHub Security Advisories), and CVE (Common Vulnerabilities and Exposures).
-If you need to, upgrade PHP, and migrate custom code to be compatible with higher version of PHP, for example by using [Rector](https://github.com/rectorphp/rector).
+If you need to, upgrade PHP and migrate your custom code to be compatible with the newer PHP version, for example by using [Rector](https://github.com/rectorphp/rector).
-If updating the affected package isn't possible, review the security issues carefully and assess the danger.
-If you choose to implement countermeasures without upgrading requirements, you can ignore the security advisory.
-We recommand to use Composer [config.policy.advisories.ignore-id](https://getcomposer.org/doc/06-config.md#ignore-id) setting with for each entry the reason why you allow yourself to ignore it.
-This way, if a package is affected by a new security advisory, you are warned.
+If updating the affected package isn't possible, carefully review the security issue and assess the risk.
+If you choose to implement countermeasures instead of upgrading, you can ignore the security advisory.
+We recommend using Composer's [`config.policy.advisories.ignore-id`](https://getcomposer.org/doc/06-config.md#ignore-id) setting, providing for each entry the reason why you consider it safe to ignore.
+This way, you'll still be warned if the package is affected by a new security advisory.
```json
{
From 388702e64bfc279c7d8e03697afb014bfba18221 Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Tue, 7 Jul 2026 11:40:43 +0200
Subject: [PATCH 04/16] Update
docs/infrastructure_and_maintenance/security/security_checklist.md
---
.../security/security_checklist.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/infrastructure_and_maintenance/security/security_checklist.md b/docs/infrastructure_and_maintenance/security/security_checklist.md
index 399ee04949..75096454fb 100644
--- a/docs/infrastructure_and_maintenance/security/security_checklist.md
+++ b/docs/infrastructure_and_maintenance/security/security_checklist.md
@@ -316,7 +316,7 @@ Those steps aren't needed when using [[= product_name_cloud =]], where the provi
- Run servers on a recent operating system and install security patches for dependencies.
- Configure servers to alert you about security updates from vendors. Pay special attention to dependencies used by your project directly, or by PHP. The provider of the operating system usually has a service for this.
-- Update Composer packages regulary. Try to not ignore [package security advisories](security_advisories.md#package-security-advisories). Update dependencies to be able to install fixed versions.
+- Update Composer packages regulary. Don't underestimate [package security advisories](security_advisories.md#package-security-advisories). Update dependencies to be able to install fixed versions.
- Enable [GitHub Dependabot](https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)
to receive notifications when a security fix is released in a GitHub-hosted dependency.
- If you're not using GitHub for your project, you can create a dummy project on GitHub with the same dependencies as your real project, and enable Dependabot notifications for that.
From 7affb5d1e884f639e811622637fd43bc2dd436a1 Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Tue, 7 Jul 2026 11:42:20 +0200
Subject: [PATCH 05/16] security_advisories.md: Rework English
---
.../security/security_checklist.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/infrastructure_and_maintenance/security/security_checklist.md b/docs/infrastructure_and_maintenance/security/security_checklist.md
index 75096454fb..44c0b51b4c 100644
--- a/docs/infrastructure_and_maintenance/security/security_checklist.md
+++ b/docs/infrastructure_and_maintenance/security/security_checklist.md
@@ -316,7 +316,7 @@ Those steps aren't needed when using [[= product_name_cloud =]], where the provi
- Run servers on a recent operating system and install security patches for dependencies.
- Configure servers to alert you about security updates from vendors. Pay special attention to dependencies used by your project directly, or by PHP. The provider of the operating system usually has a service for this.
-- Update Composer packages regulary. Don't underestimate [package security advisories](security_advisories.md#package-security-advisories). Update dependencies to be able to install fixed versions.
+- Update Composer packages regularly. Don't underestimate [package security advisories](security_advisories.md#package-security-advisories). Update dependencies to be able to install fixed versions.
- Enable [GitHub Dependabot](https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)
to receive notifications when a security fix is released in a GitHub-hosted dependency.
- If you're not using GitHub for your project, you can create a dummy project on GitHub with the same dependencies as your real project, and enable Dependabot notifications for that.
From 382ae2248820ab5b6b042761ed54cbda9234e869 Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Tue, 7 Jul 2026 13:44:25 +0200
Subject: [PATCH 06/16] install_ibexa_dxp.md: Rm
Php82HideDeprecationsErrorHandler
Added by default since 4.6.8
https://github.com/ibexa/commerce-skeleton/blob/v4.6.8/composer.json#L70-L72
---
docs/getting_started/install_ibexa_dxp.md | 9 ---------
1 file changed, 9 deletions(-)
diff --git a/docs/getting_started/install_ibexa_dxp.md b/docs/getting_started/install_ibexa_dxp.md
index fe451a1e57..6f6b6d412e 100644
--- a/docs/getting_started/install_ibexa_dxp.md
+++ b/docs/getting_started/install_ibexa_dxp.md
@@ -160,15 +160,6 @@ To use Composer to instantly create a project in the current folder with all the
composer update
```
-!!! caution "Deprecation messages on PHP 8.2 and newer"
-
- To avoid deprecations when using PHP 8.2, 8.3, or 8.4, run the following commands:
-
- ``` bash
- composer config extra.runtime.error_handler "\\Ibexa\\Contracts\\Core\\MVC\\Symfony\\ErrorHandler\\Php82HideDeprecationsErrorHandler"
- composer dump-autoload
- ```
-
!!! tip "Authentication token"
If you added credentials to the `COMPOSER_AUTH` variable, at this point add this variable to `auth.json` (for example, by running `echo $COMPOSER_AUTH > auth.json`).
From 194b0e9c4d82fc43c82a8ffface3fba7c9b9357a Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Tue, 7 Jul 2026 14:12:17 +0200
Subject: [PATCH 07/16] install_ibexa_dxp.md: Why ~E_DEPRECATED
---
docs/getting_started/install_ibexa_dxp.md | 2 ++
1 file changed, 2 insertions(+)
diff --git a/docs/getting_started/install_ibexa_dxp.md b/docs/getting_started/install_ibexa_dxp.md
index 6f6b6d412e..b6c02c93e7 100644
--- a/docs/getting_started/install_ibexa_dxp.md
+++ b/docs/getting_started/install_ibexa_dxp.md
@@ -269,6 +269,8 @@ Install [[= product_name =]] and create a database with:
=== "PHP 8.4"
+ Deprecation warnings must be suppressed when using PHP 8.4, otherwise the installation will fail due to some errors like "headers have already been sent".
+
``` bash
php -d error_reporting=`php -r 'echo E_ALL & ~E_DEPRECATED;'` bin/console ibexa:install
php bin/console ibexa:graphql:generate-schema
From cb2d037be491658245beb662f16e49576b992b9c Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Tue, 7 Jul 2026 14:19:13 +0200
Subject: [PATCH 08/16] install_ibexa_dxp.md: Why ~E_DEPRECATED
---
docs/getting_started/install_ibexa_dxp.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/getting_started/install_ibexa_dxp.md b/docs/getting_started/install_ibexa_dxp.md
index b6c02c93e7..5c3b2f8a5b 100644
--- a/docs/getting_started/install_ibexa_dxp.md
+++ b/docs/getting_started/install_ibexa_dxp.md
@@ -269,7 +269,7 @@ Install [[= product_name =]] and create a database with:
=== "PHP 8.4"
- Deprecation warnings must be suppressed when using PHP 8.4, otherwise the installation will fail due to some errors like "headers have already been sent".
+ Deprecation warnings must be suppressed when using PHP 8.4, otherwise the installation fails due to errors such as "headers have already been sent".
``` bash
php -d error_reporting=`php -r 'echo E_ALL & ~E_DEPRECATED;'` bin/console ibexa:install
From 8ab2448c5eccbd602986f9cf198f0360e117b071 Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Tue, 7 Jul 2026 14:27:04 +0200
Subject: [PATCH 09/16] install_ibexa_dxp.md: Few rewording from Claude
---
docs/getting_started/install_ibexa_dxp.md | 36 +++++++++++------------
1 file changed, 18 insertions(+), 18 deletions(-)
diff --git a/docs/getting_started/install_ibexa_dxp.md b/docs/getting_started/install_ibexa_dxp.md
index 5c3b2f8a5b..414262fbde 100644
--- a/docs/getting_started/install_ibexa_dxp.md
+++ b/docs/getting_started/install_ibexa_dxp.md
@@ -13,7 +13,7 @@ month_change: true
!!! note "Installing [[= product_name_oss =]]"
- This installation guide shows in details how to install [[= product_name =]] for users who have a subscription agreement with [[= product_name_base =]].
+ This installation guide shows in detail how to install [[= product_name =]] for users who have a subscription agreement with [[= product_name_base =]].
If you want to install [[= product_name_oss =]], you don't need authentication tokens or an account on updates.ibexa.co, but must adapt the steps shown here to the product edition and the `ibexa/oss-skeleton` repository.
## Prepare work environment
@@ -29,7 +29,7 @@ Additional requirements:
For production, you need to [configure an HTTP server](#configure-an-http-server), Apache or nginx (Apache is used as an example below).
-Before getting started, make sure you review other [requirements](requirements.md) to see the systems that is supported and used for testing.
+Before getting started, make sure you review other [requirements](requirements.md) to see the systems that are supported and used for testing.
### Get Composer
@@ -68,12 +68,12 @@ Log in to your Service portal on [support.ibexa.co](https://support.ibexa.co/),
1. Select **Create token** (this requires the **Portal administrator** access level).
2. Fill in a label describing the use of the token.
This allows you to revoke access later.
-3. Save the password, **you aren't able to access it again**.
+3. Save the password. **You won't be able to access it again**.
!!! tip "Save the authentication token in `auth.json` to avoid re-typing it"
Composer asks whether you want to save the token every time you perform an update.
- If you prefer, you can decline and create an `auth.json` file globally in [`COMPOSER_HOME`](https://getcomposer.org/doc/03-cli.md#composer-home) directory for machine-wide use:
+ If you prefer, you can decline and create an `auth.json` file globally in the [`COMPOSER_HOME`](https://getcomposer.org/doc/03-cli.md#composer-home) directory for machine-wide use:
``` bash
composer config --global http-basic.updates.ibexa.co
@@ -193,7 +193,7 @@ git init; git add . > /dev/null; git commit -m "init" > /dev/null
### Change installation parameters
-At this point configure your database via the `DATABASE_URL` in the `.env` file, depending of the database you're using:
+At this point, configure your database via the `DATABASE_URL` in the `.env` file, depending on the database you're using:
`DATABASE_URL=mysql://user:password@host:port/database_name`.
@@ -217,7 +217,7 @@ It's used by Symfony when generating [CSRF tokens]([[= symfony_doc =]]/security/
The app secret is crucial to the security of your installation.
Be careful about how you generate it, and how you store it.
- Here's one way to generate a 64 characters long, secure random string as your secret, from command line:
+ Here's one way to generate a secure random string of 64 characters as your secret, from the command line:
``` bash
php -r "print bin2hex(random_bytes(32));"
@@ -227,13 +227,13 @@ It's used by Symfony when generating [CSRF tokens]([[= symfony_doc =]]/security/
If you have any suspicion that the secret may have been exposed, replace it with a new one.
The same goes for other secrets, like database password, Varnish invalidate token, JWT passphrase, and more.
- After changing the app secret, make sure that you clear the application cache and log out all the users.
+ After changing the app secret, make sure that you clear the application cache and log out all users.
For more information, see [Symfony documentation]([[= symfony_doc =]]/reference/configuration/framework.html#secret).
- It's recommended to store the database credentials in your `.env.local` file and not commit it to the Version Control System.
+ It's recommended that you store the database credentials in your `.env.local` file, and not commit that file to the Version Control System.
-In `DATABASE_VERSION` you can also configure the database server version (for a MariaDB database, prefix the value with `mariadb-`).
+In `DATABASE_VERSION`, you can also configure the database server version (for a MariaDB database, prefix the value with `mariadb-`).
!!! tip "Using PostgreSQL"
@@ -283,7 +283,7 @@ Install [[= product_name =]] and create a database with:
php bin/console ibexa:graphql:generate-schema
```
-Before executing the command make sure that the database user has sufficient permissions.
+Before executing the command, make sure that the database user has sufficient permissions.
### Run post-installation script
@@ -301,7 +301,7 @@ For development you can use the built-in PHP server.
php -S 127.0.0.1:8000 -t public
```
-Your PHP web server is accessible at `http://127.0.0.1:8000`
+Your PHP web server is accessible at `http://127.0.0.1:8000`.
You can also use [Symfony CLI](https://symfony.com/download):
@@ -311,7 +311,7 @@ symfony serve
## Prepare installation for development
-Consider adding the Symfony DebugBundle which fixes memory outage when dumping objects with circular references.
+Consider adding the Symfony DebugBundle, which prevents running out of memory when dumping objects with circular references.
The DebugBundle contains the [VarDumper]([[= symfony_doc =]]/components/var_dumper.html) and [its Twig integration]([[= symfony_doc =]]/components/var_dumper.html#debugbundle-and-twig-integration).
``` bash
@@ -324,7 +324,7 @@ For detailed information about request treatment, you can also install [Symfony
composer require --dev symfony/profiler-pack
```
-To get both features in one go use:
+To get both features in one go, use:
``` bash
composer require --dev symfony/debug-pack
@@ -336,7 +336,7 @@ To use [[= product_name =]] with an HTTP server, you need to [set up directory p
### Set up permissions
-For development needs, the web user can be made the owner of all your files (for example with the `www-data` web user):
+For development needs, the web user can be made the owner of all your files (for example, with the `www-data` web user):
``` bash
chown -R www-data:www-data
@@ -347,7 +347,7 @@ Future files and directories created by these two users need to inherit those pe
!!! caution
- For security reasons, in production, the web server cannot have write access to other directories than `var`.
+ For security reasons, in production, the web server mustn't have write access to any directory other than `var`.
Skip the step above and follow the link below for production needs instead.
You must also make sure that the web server cannot interpret the files in the `var` directory through PHP.
@@ -381,7 +381,7 @@ Prepare a [virtual host configuration](https://en.wikipedia.org/wiki/Virtual_hos
Finally, restart the Apache server.
The command may vary depending on your Linux distribution.
- For example, on Ubuntu use:
+ For example, on Ubuntu, use:
``` bash
service apache2 restart
@@ -389,10 +389,10 @@ Prepare a [virtual host configuration](https://en.wikipedia.org/wiki/Virtual_hos
=== "nginx"
- You can use [this example vhost file](https://raw.githubusercontent.com/ibexa/post-install/main/resources/templates/nginx/vhost.template) and modify it to fit your project. You also need the `ibexa_params.d` files that should reside in a subdirectory below where the main file is, [as is shown here](https://github.com/ibexa/post-install/tree/main/resources/templates/nginx).
+ You can use [this example vhost file](https://raw.githubusercontent.com/ibexa/post-install/main/resources/templates/nginx/vhost.template) and modify it to fit your project. You also need the `ibexa_params.d` files, which should reside in a subdirectory below the main file, [as shown here](https://github.com/ibexa/post-install/tree/main/resources/templates/nginx).
Specify `//public` as the `root`, or ensure `BASEDIR` is set in the environment.
- Ensure `APP_ENV` is set to `prod` or `dev` in the environment, depending on the environment that you're configuring, and uncomment the line that starts with `#if[APP_ENV`.
+ Ensure `APP_ENV` is set to `prod` or `dev` in the environment, depending on which environment you're configuring, and uncomment the line that starts with `#if [APP_ENV]`.
When the virtual host file is ready, enable the virtual host and disable the default.
Finally, restart the nginx server.
From 3606f377c20a5aaa7a916888e2f3914a38cef0bd Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Tue, 7 Jul 2026 14:43:21 +0200
Subject: [PATCH 10/16] security_advisories.md: Description
---
.../security/security_advisories.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/infrastructure_and_maintenance/security/security_advisories.md b/docs/infrastructure_and_maintenance/security/security_advisories.md
index da8f0eaf81..bec0979f76 100644
--- a/docs/infrastructure_and_maintenance/security/security_advisories.md
+++ b/docs/infrastructure_and_maintenance/security/security_advisories.md
@@ -1,5 +1,5 @@
---
-description: TODO.
+description: Find Ibexa security advisories, and learn how to handle Composer package security advisories.
---
# Security advisories
From 6d61d8a7523058a5345731384571eb2aa68ba6c2 Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Tue, 7 Jul 2026 14:45:04 +0200
Subject: [PATCH 11/16] security_advisories.md: [Ibexa.VariablesGlobal]
---
.../security/security_advisories.md | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/docs/infrastructure_and_maintenance/security/security_advisories.md b/docs/infrastructure_and_maintenance/security/security_advisories.md
index bec0979f76..912a43d105 100644
--- a/docs/infrastructure_and_maintenance/security/security_advisories.md
+++ b/docs/infrastructure_and_maintenance/security/security_advisories.md
@@ -1,12 +1,12 @@
---
-description: Find Ibexa security advisories, and learn how to handle Composer package security advisories.
+description: Find [[= product_name_base =]] security advisories, and learn how to handle Composer package security advisories.
---
# Security advisories
-## Ibexa security advisories
+## [[= product_name_base =]] security advisories
-Ibexa security advisories are released via [your Service portal](https://support.ibexa.co/), or via [Security advisories](https://developers.ibexa.co/security-advisories) if you're not a subscriber.
+[[= product_name_base =]] security advisories are released via [your Service portal](https://support.ibexa.co/), or via [Security advisories](https://developers.ibexa.co/security-advisories) if you're not a subscriber.
## Package security advisories
@@ -32,14 +32,14 @@ Example of a Composer output about a package with security issues when trying to
Composer's output isn't always this verbose about security advisories blocking installation or updates.
-For example, imagine this error appeared recently when trying to install Ibexa DXP 4.6 on PHP 7.4:
+For example, imagine this error appeared recently when trying to install [[= product_name =]] 4.6 on PHP 7.4:
```text
- ibexa/user[v4.6.0, ..., v4.6.31] require twig/twig ^3.0 -> satisfiable by twig/twig[v3.27.0, v3.27.1, v3.28.0].
- twig/twig[v3.27.0, ..., v3.28.0] require php >=8.1.0 -> your php version (7.4.33) does not satisfy that requirement.
```
-It worked before. You can check packagist.org, or an already running instance of Ibexa DXP, to see which version of this package was previously accepted.
+It worked before. You can check packagist.org, or an already running instance of [[= product_name =]], to see which version of this package was previously accepted.
In this example, [`twig/twig` v3.11.3](https://packagist.org/packages/twig/twig#v3.11.3) matches the constraints `^3.0` and PHP 7.4 `>=7.2.5`.
```terminal
From 447a9a88bc438114f9fda0f076c3338de75ec323 Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Tue, 7 Jul 2026 15:02:47 +0200
Subject: [PATCH 12/16] code_samples.yaml: mv to
config.policy.advisories.ignore-id
---
.github/workflows/code_samples.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/code_samples.yaml b/.github/workflows/code_samples.yaml
index b0f1e22e2d..5f89e949ac 100644
--- a/.github/workflows/code_samples.yaml
+++ b/.github/workflows/code_samples.yaml
@@ -49,7 +49,7 @@ jobs:
- name: Ignore audit advisory for PHP 7.4
if: matrix.php == '7.4'
run: |
- composer config audit.ignore --json '{
+ composer config policy.advisories.ignore-id --json '{
"GHSA-68jq-c3rv-pcrr": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
"GHSA-fc86-6rv6-2jpm": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
"GHSA-r7cg-qjjm-xhqq": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
@@ -81,7 +81,7 @@ jobs:
- name: Ignore audit advisory for PHP 8.2
if: matrix.php == '8.2'
run: |
- composer config audit.ignore --json '{
+ composer config policy.advisories.ignore-id --json '{
"PKSA-fs5b-x5k4-1h39": "As this is for code quality tests and not to run a production DXP, this can be ignored."
}'
From 1a23ac631c4c5f537c7198a069695bfc2bded556 Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Tue, 7 Jul 2026 15:04:28 +0200
Subject: [PATCH 13/16] code_samples.yaml: update SA list
---
.github/workflows/code_samples.yaml | 33 +++++++++++++++--------------
1 file changed, 17 insertions(+), 16 deletions(-)
diff --git a/.github/workflows/code_samples.yaml b/.github/workflows/code_samples.yaml
index 5f89e949ac..6e16df9b83 100644
--- a/.github/workflows/code_samples.yaml
+++ b/.github/workflows/code_samples.yaml
@@ -53,29 +53,30 @@ jobs:
"GHSA-68jq-c3rv-pcrr": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
"GHSA-fc86-6rv6-2jpm": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
"GHSA-r7cg-qjjm-xhqq": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-5k7f-wvjj-jrgw": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-sjvz-tbbr-vwth": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-h8hf-ytnd-5t9q": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-wwb1-81rc-pd65": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-hgmw-wn4d-hpcy": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-kvv6-36cr-fkzb": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-n14z-jjjg-g8vd": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-3mcc-k66d-pydb": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-gw7n-z4yx-7xjt": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-dpx1-78wg-1kqs": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-1tmc-rt7x-12w6": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
"PKSA-21g2-dzjv-sky5": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-yhcn-xrg3-68b1": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-2rbx-bjdx-4d4d": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
"PKSA-2wrf-1xmk-1pky": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-3mcc-k66d-pydb": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-5k7f-wvjj-jrgw": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
"PKSA-6319-ffpf-gx66": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-n7sg-8f52-pqtf": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
"PKSA-8kk8-h2xr-h5nx": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-2rbx-bjdx-4d4d": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-fs5b-x5k4-1h39": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-8zx5-v2nz-58pb": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-dpx1-78wg-1kqs": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
"PKSA-fbvq-z33h-r2np": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-fs5b-x5k4-1h39": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
"PKSA-g9zw-qxh8-pq8w": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-gw7n-z4yx-7xjt": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-h8hf-ytnd-5t9q": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-hgmw-wn4d-hpcy": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-kvv6-36cr-fkzb": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-n14z-jjjg-g8vd": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-n7sg-8f52-pqtf": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-sjvz-tbbr-vwth": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-wwb1-81rc-pd65": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
+ "PKSA-xx6c-6d96-db2w": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
"PKSA-yd6k-t2gh-1m43": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-1tmc-rt7x-12w6": "As this is for code quality tests and not to run a production DXP, this can be ignored.",
- "PKSA-xx6c-6d96-db2w": "As this is for code quality tests and not to run a production DXP, this can be ignored."
+ "PKSA-yhcn-xrg3-68b1": "As this is for code quality tests and not to run a production DXP, this can be ignored."
}'
- name: Ignore audit advisory for PHP 8.2
From c245949918c9040eeb19ed5048acb9ed830e58ea Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Tue, 7 Jul 2026 15:43:31 +0200
Subject: [PATCH 14/16] install_ibexa_dxp.md: About SA
---
docs/getting_started/install_ibexa_dxp.md | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/docs/getting_started/install_ibexa_dxp.md b/docs/getting_started/install_ibexa_dxp.md
index 414262fbde..6ba67b3b8a 100644
--- a/docs/getting_started/install_ibexa_dxp.md
+++ b/docs/getting_started/install_ibexa_dxp.md
@@ -164,6 +164,10 @@ To use Composer to instantly create a project in the current folder with all the
If you added credentials to the `COMPOSER_AUTH` variable, at this point add this variable to `auth.json` (for example, by running `echo $COMPOSER_AUTH > auth.json`).
+!!! caution "Security advisories"
+
+ If you encounter security advisories that prevent the install, see [Package security advisories](security_advisories.md#package-security-advisories).
+
!!! tip "Version constraint"
You can set [different version constraints](https://getcomposer.org/doc/articles/versions.md), for example, specific tag (`[[= latest_tag_4_6 =]]`), version range (`~4.6.10`), or stability (`^4.6@rc`):
From 973cdbe8e0378a3895ba890bbb1e71fc3a73aa9b Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Wed, 8 Jul 2026 09:39:44 +0200
Subject: [PATCH 15/16] Apply suggestion from @glye
Co-authored-by: Gunnstein Lye <289744+glye@users.noreply.github.com>
---
.../security/security_advisories.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/infrastructure_and_maintenance/security/security_advisories.md b/docs/infrastructure_and_maintenance/security/security_advisories.md
index 912a43d105..9e25bc0a30 100644
--- a/docs/infrastructure_and_maintenance/security/security_advisories.md
+++ b/docs/infrastructure_and_maintenance/security/security_advisories.md
@@ -6,7 +6,7 @@ description: Find [[= product_name_base =]] security advisories, and learn how t
## [[= product_name_base =]] security advisories
-[[= product_name_base =]] security advisories are released via [your Service portal](https://support.ibexa.co/), or via [Security advisories](https://developers.ibexa.co/security-advisories) if you're not a subscriber.
+[[= product_name_base =]] security advisories are released via [your Service portal](https://support.ibexa.co/), and via [Security advisories](https://developers.ibexa.co/security-advisories). The latter is available to non-subscribers.
## Package security advisories
From 963fad296ba8d7d30824b338b8e2d69e707d2a89 Mon Sep 17 00:00:00 2001
From: Adrien Dupuis <61695653+adriendupuis@users.noreply.github.com>
Date: Fri, 10 Jul 2026 09:39:49 +0200
Subject: [PATCH 16/16] Apply suggestion from @adriendupuis
---
.../security/security_advisories.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/docs/infrastructure_and_maintenance/security/security_advisories.md b/docs/infrastructure_and_maintenance/security/security_advisories.md
index 9e25bc0a30..d01e5b6fab 100644
--- a/docs/infrastructure_and_maintenance/security/security_advisories.md
+++ b/docs/infrastructure_and_maintenance/security/security_advisories.md
@@ -72,6 +72,6 @@ This way, you'll still be warned if the package is affected by a new security ad
}
}
}
- }
+ }
}
```