From a7c4193af2953f6dce24e1248d5199f524915fff Mon Sep 17 00:00:00 2001
From: Thomas Landauer <thomas@landauer.at>
Date: Tue, 4 Nov 2025 15:52:00 +0100
Subject: [PATCH] [Security]: Updating for new recipe

Page: https://symfony.com/doc/7.4/security.html

* I changed the regex to match the new recipe after https://github.com/symfony/recipes/pull/1395
* I added the longer explanatory comment, as suggested at https://github.com/symfony/recipes/pull/1395#discussion_r2490074105
---
 security.rst | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/security.rst b/security.rst
index 0c3df87de10..254cd90601d 100644
--- a/security.rst
+++ b/security.rst
@@ -31,7 +31,9 @@ creates a ``security.yaml`` configuration file for you:
             users_in_memory: { memory: null }
         firewalls:
             dev:
-                pattern: ^/(_(profiler|wdt)|css|images|js)/
+                # 'assets/' is for AssetMapper, 'build/' for Webpack Encore.
+                # (Note: no regex delimiters needed; Symfony adds `{}` automatically.)
+                pattern: ^/(_profiler|_wdt|assets|build)/
                 security: false
             main:
                 lazy: true