Merge branch '5.4' into 6.0

javiereguiluz · javiereguiluz · commit 152d4baeda04 · 2022-12-09T17:21:51.000+01:00
* 5.4:
  Update link to HAL specification
  Add SensitiveParameter attribute in the security hardening list
diff --git a/contributing/code/security.rst b/contributing/code/security.rst
@@ -22,8 +22,8 @@ email for confirmation):
   is set to ``true`` or ``APP_ENV`` set to anything but ``prod``);
 
 * Any fix that can be classified as **security hardening** like route
-  enumeration, login throttling bypasses, denial of service attacks, or timing
-  attacks.
+  enumeration, login throttling bypasses, denial of service attacks, timing
+  attacks, or lack of ``SensitiveParameter`` attributes.
 
 In any case, the core team has the final decision on which issues are
 considered security vulnerabilities.
diff --git a/serializer.rst b/serializer.rst
@@ -399,4 +399,4 @@ take a look at how this bundle works.
 .. _`OpenAPI`: https://www.openapis.org
 .. _`GraphQL`: https://graphql.org
 .. _`JSON:API`: https://jsonapi.org
-.. _`HAL`: http://stateless.co/hal_specification.html
+.. _`HAL`: https://stateless.group/hal_specification.html
