From ac45c0cd625c69ed5ff5489f775447bbf16e6caa Mon Sep 17 00:00:00 2001
From: Alexandre Daubois <alex.daubois@gmail.com>
Date: Sun, 17 Dec 2023 20:21:10 +0100
Subject: [PATCH] Mutate some `cautions` to `dangers`

---
 components/http_foundation.rst    | 2 +-
 components/lock.rst               | 6 +++---
 components/process.rst            | 2 +-
 components/yaml.rst               | 2 +-
 configuration.rst                 | 2 +-
 configuration/secrets.rst         | 2 +-
 controller.rst                    | 2 +-
 deployment/proxies.rst            | 2 +-
 http_cache/cache_invalidation.rst | 2 +-
 http_cache/ssi.rst                | 2 +-
 profiler.rst                      | 2 +-
 rate_limiter.rst                  | 2 +-
 reference/configuration/twig.rst  | 2 +-
 security.rst                      | 2 +-
 serializer.rst                    | 2 +-
 session.rst                       | 2 +-
 16 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/components/http_foundation.rst b/components/http_foundation.rst
index 68d686ff21..e5d8be12b2 100644
--- a/components/http_foundation.rst
+++ b/components/http_foundation.rst
@@ -718,7 +718,7 @@ class, which can make this even easier::
 The ``JsonResponse`` class sets the ``Content-Type`` header to
 ``application/json`` and encodes your data to JSON when needed.
 
-.. caution::
+.. danger::
 
     To avoid XSSI `JSON Hijacking`_, you should pass an associative array
     as the outermost array to ``JsonResponse`` and not an indexed array so
diff --git a/components/lock.rst b/components/lock.rst
index 14c787e16c..bac1f835b9 100644
--- a/components/lock.rst
+++ b/components/lock.rst
@@ -843,7 +843,7 @@ instance, to clean up the ``/tmp`` directory or after a reboot of the machine
 when a directory uses ``tmpfs``. It's not an issue if the lock is released when
 the process ended, but it is in case of ``Lock`` reused between requests.
 
-.. caution::
+.. danger::
 
     Do not store locks on a volatile file system if they have to be reused in
     several requests.
@@ -876,7 +876,7 @@ When the Memcached service is shared and used for multiple usage, Locks could be
 removed by mistake. For instance some implementation of the PSR-6 ``clear()``
 method uses the Memcached's ``flush()`` method which purges and removes everything.
 
-.. caution::
+.. danger::
 
     The method ``flush()`` must not be called, or locks should be stored in a
     dedicated Memcached service away from Cache.
@@ -984,7 +984,7 @@ be lost without notifying the running processes.
 When the Redis service is shared and used for multiple usages, locks could be
 removed by mistake.
 
-.. caution::
+.. danger::
 
     The command ``FLUSHDB`` must not be called, or locks should be stored in a
     dedicated Redis service away from Cache.
diff --git a/components/process.rst b/components/process.rst
index 12ee096df4..d11618cb11 100644
--- a/components/process.rst
+++ b/components/process.rst
@@ -251,7 +251,7 @@ are done doing other stuff::
     **synchronously** inside this event. Be aware that ``kernel.terminate``
     is called only if you use PHP-FPM.
 
-.. caution::
+.. danger::
 
     Beware also that if you do that, the said PHP-FPM process will not be
     available to serve any new request until the subprocess is finished. This
diff --git a/components/yaml.rst b/components/yaml.rst
index 0f4f76ef05..e9e1607328 100644
--- a/components/yaml.rst
+++ b/components/yaml.rst
@@ -239,7 +239,7 @@ And parse them by using the ``PARSE_OBJECT`` flag::
 The YAML component uses PHP's ``serialize()`` method to generate a string
 representation of the object.
 
-.. caution::
+.. danger::
 
     Object serialization is specific to this implementation, other PHP YAML
     parsers will likely not recognize the ``php/object`` tag and non-PHP
diff --git a/configuration.rst b/configuration.rst
index ba35e868df..7c6090b098 100644
--- a/configuration.rst
+++ b/configuration.rst
@@ -737,7 +737,7 @@ To do so, define a parameter with the same name as the env var using this syntax
     always exists, because its value will be ``null`` when the related env var
     is not defined.
 
-.. caution::
+.. danger::
 
     Beware that dumping the contents of the ``$_SERVER`` and ``$_ENV`` variables
     or outputting the ``phpinfo()`` contents will display the values of the
diff --git a/configuration/secrets.rst b/configuration/secrets.rst
index 56270b75ca..3927fa6161 100644
--- a/configuration/secrets.rst
+++ b/configuration/secrets.rst
@@ -50,7 +50,7 @@ running:
 This will generate ``config/secrets/prod/prod.encrypt.public.php`` and
 ``config/secrets/prod/prod.decrypt.private.php``.
 
-.. caution::
+.. danger::
 
     The ``prod.decrypt.private.php`` file is highly sensitive. Your team of developers
     and even Continuous Integration services don't need that key. If the
diff --git a/controller.rst b/controller.rst
index c3a11e99a6..7866a97818 100644
--- a/controller.rst
+++ b/controller.rst
@@ -146,7 +146,7 @@ and ``redirect()`` methods::
         return $this->redirect('http://symfony.com/doc');
     }
 
-.. caution::
+.. danger::
 
     The ``redirect()`` method does not check its destination in any way. If you
     redirect to a URL provided by end-users, your application may be open
diff --git a/deployment/proxies.rst b/deployment/proxies.rst
index 416039ee04..38141df17d 100644
--- a/deployment/proxies.rst
+++ b/deployment/proxies.rst
@@ -104,7 +104,7 @@ and what headers your reverse proxy uses to send information:
             # ...
             trusted_proxies: '%env(TRUSTED_PROXIES)%'
 
-.. caution::
+.. danger::
 
     Enabling the ``Request::HEADER_X_FORWARDED_HOST`` option exposes the
     application to `HTTP Host header attacks`_. Make sure the proxy really
diff --git a/http_cache/cache_invalidation.rst b/http_cache/cache_invalidation.rst
index 76c13ab975..8e0b022a5a 100644
--- a/http_cache/cache_invalidation.rst
+++ b/http_cache/cache_invalidation.rst
@@ -136,7 +136,7 @@ Then, register the class as a service that :doc:`decorates </service_container/s
             ;
         };
 
-.. caution::
+.. danger::
 
     You must protect the ``PURGE`` HTTP method somehow to avoid random people
     purging your cached data.
diff --git a/http_cache/ssi.rst b/http_cache/ssi.rst
index 3db2a98632..34faeefd0c 100644
--- a/http_cache/ssi.rst
+++ b/http_cache/ssi.rst
@@ -27,7 +27,7 @@ The SSI instructions are done via HTML comments:
 There are some other `available directives`_ but
 Symfony manages only the ``#include virtual`` one.
 
-.. caution::
+.. danger::
 
     Be careful with SSI, your website may fall victim to injections.
     Please read this `OWASP article`_ first!
diff --git a/profiler.rst b/profiler.rst
index bc564efcbb..3da11a5bab 100644
--- a/profiler.rst
+++ b/profiler.rst
@@ -4,7 +4,7 @@ Profiler
 The profiler is a powerful **development tool** that gives detailed information
 about the execution of any request.
 
-.. caution::
+.. danger::
 
     **Never** enable the profiler in production environments
     as it will lead to major security vulnerabilities in your project.
diff --git a/rate_limiter.rst b/rate_limiter.rst
index 3cc7e28ea2..0d349e2f13 100644
--- a/rate_limiter.rst
+++ b/rate_limiter.rst
@@ -15,7 +15,7 @@ Symfony uses these rate limiters in built-in features like :ref:`login throttlin
 which limits how many failed login attempts a user can make in a given period of
 time, but you can use them for your own features too.
 
-.. caution::
+.. danger::
 
     By definition, the Symfony rate limiters require Symfony to be booted
     in a PHP process. This makes them not useful to protect against `DoS attacks`_.
diff --git a/reference/configuration/twig.rst b/reference/configuration/twig.rst
index 1153846f35..75a3b7ddf4 100644
--- a/reference/configuration/twig.rst
+++ b/reference/configuration/twig.rst
@@ -41,7 +41,7 @@ autoescape
 If set to ``false``, automatic escaping is disabled (you can still escape each content
 individually in the templates).
 
-.. caution::
+.. danger::
 
     Setting this option to ``false`` is dangerous and it will make your
     application vulnerable to `XSS attacks`_ because most third-party bundles
diff --git a/security.rst b/security.rst
index 105c7d3756..426555070f 100644
--- a/security.rst
+++ b/security.rst
@@ -827,7 +827,7 @@ The form can look like anything, but it usually follows some conventions:
     Actually, all of this can be configured under the ``form_login`` key. See
     :ref:`reference-security-firewall-form-login` for more details.
 
-.. caution::
+.. danger::
 
     This login form is currently not protected against CSRF attacks. Read
     :ref:`form_login-csrf` on how to protect your login form.
diff --git a/serializer.rst b/serializer.rst
index 32140aa1e6..54a7e28b4c 100644
--- a/serializer.rst
+++ b/serializer.rst
@@ -90,7 +90,7 @@ custom normalizers and/or encoders can also be loaded by tagging them as
 :ref:`serializer.encoder <reference-dic-tags-serializer-encoder>`. It's also
 possible to set the priority of the tag in order to decide the matching order.
 
-.. caution::
+.. danger::
 
     Always make sure to load the ``DateTimeNormalizer`` when serializing the
     ``DateTime`` or ``DateTimeImmutable`` classes to avoid excessive memory
diff --git a/session.rst b/session.rst
index 6d685244a7..d112e9acfb 100644
--- a/session.rst
+++ b/session.rst
@@ -1573,7 +1573,7 @@ Then, register the ``SodiumMarshaller`` service using this key:
                 ]);
         };
 
-.. caution::
+.. danger::
 
     This will encrypt the values of the cache items, but not the cache keys. Be
     careful not to leak sensitive data in the keys.