Move security directory contents to utils (#4551)

.changeset/smooth-cougars-jump.md

@@ -0,0 +1,5 @@
+---
+'openzeppelin-solidity': major
+---
+
+`ReentrancyGuard`, `Pausable`: Moved to `utils` directory.

certora/harnesses/PausableHarness.sol

@@ -2,7 +2,7 @@
 
 pragma solidity ^0.8.20;
 
-import "../patched/security/Pausable.sol";
+import "../patched/utils/Pausable.sol";
 
 contract PausableHarness is Pausable {
     function pause() external {

contracts/mocks/PausableMock.sol

@@ -2,7 +2,7 @@
 
 pragma solidity ^0.8.20;
 
-import {Pausable} from "../security/Pausable.sol";
+import {Pausable} from "../utils/Pausable.sol";
 
 contract PausableMock is Pausable {
     bool public drasticMeasureTaken;

contracts/mocks/ReentrancyMock.sol

@@ -2,7 +2,7 @@
 
 pragma solidity ^0.8.20;
 
-import {ReentrancyGuard} from "../security/ReentrancyGuard.sol";
+import {ReentrancyGuard} from "../utils/ReentrancyGuard.sol";
 import {ReentrancyAttack} from "./ReentrancyAttack.sol";
 
 contract ReentrancyMock is ReentrancyGuard {

contracts/security/README.adoc

@@ -1,17 +0,0 @@
-= Security
-
-[.readme-notice]
-NOTE: This document is better viewed at https://docs.openzeppelin.com/contracts/api/security
-
-These contracts aim to cover common security practices.
-
-* {ReentrancyGuard}: A modifier that can prevent reentrancy during certain functions.
-* {Pausable}: A common emergency response mechanism that can pause functionality while a remediation is pending.
-
-TIP: For an overview on reentrancy and the possible mechanisms to prevent it, read our article https://blog.openzeppelin.com/reentrancy-after-istanbul/[Reentrancy After Istanbul].
-
-== Contracts
-
-{{ReentrancyGuard}}
-
-{{Pausable}}

contracts/token/ERC1155/extensions/ERC1155Pausable.sol

@@ -4,7 +4,7 @@
 pragma solidity ^0.8.20;
 
 import {ERC1155} from "../ERC1155.sol";
-import {Pausable} from "../../../security/Pausable.sol";
+import {Pausable} from "../../../utils/Pausable.sol";
 
 /**
  * @dev ERC1155 token with pausable token transfers, minting and burning.

contracts/token/ERC20/extensions/ERC20Pausable.sol

@@ -4,7 +4,7 @@
 pragma solidity ^0.8.20;
 
 import {ERC20} from "../ERC20.sol";
-import {Pausable} from "../../../security/Pausable.sol";
+import {Pausable} from "../../../utils/Pausable.sol";
 
 /**
  * @dev ERC20 token with pausable token transfers, minting and burning.

contracts/token/ERC721/extensions/ERC721Pausable.sol

@@ -4,7 +4,7 @@
 pragma solidity ^0.8.20;
 
 import {ERC721} from "../ERC721.sol";
-import {Pausable} from "../../../security/Pausable.sol";
+import {Pausable} from "../../../utils/Pausable.sol";
 
 /**
  * @dev ERC721 token with pausable token transfers, minting and burning.

contracts/utils/README.adoc

@@ -5,23 +5,20 @@ NOTE: This document is better viewed at https://docs.openzeppelin.com/contracts/
 
 Miscellaneous contracts and libraries containing utility functions you can use to improve security, work with new data types, or safely use low-level primitives.
 
-The {Address}, {Arrays}, {Base64} and {Strings} libraries provide more operations related to these native data types, while {SafeCast} adds ways to safely convert between the different signed and unsigned numeric types.
-{Multicall} provides a function to batch together multiple calls in a single external call.
-
-For new data types:
-
- * {EnumerableMap}: like Solidity's https://solidity.readthedocs.io/en/latest/types.html#mapping-types[`mapping`] type, but with key-value _enumeration_: this will let you know how many entries a mapping has, and iterate over them (which is not possible with `mapping`).
- * {EnumerableSet}: like {EnumerableMap}, but for https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets]. Can be used to store privileged accounts, issued IDs, etc.
+ * {ReentrancyGuard}: A modifier that can prevent reentrancy during certain functions.
+ * {Pausable}: A common emergency response mechanism that can pause functionality while a remediation is pending.
+ * {SafeCast}: Checked downcasting functions to avoid silent truncation.
+ * {Math}, {SignedMath}: Implementation of various arithmetic functions.
+ * {Multicall}: Simple way to batch together multiple calls in a single external call.
+ * {Create2}: Wrapper around the https://blog.openzeppelin.com/getting-the-most-out-of-create2/[`CREATE2` EVM opcode] for safe use without having to deal with low-level assembly.
+ * {EnumerableMap}: A type like Solidity's https://solidity.readthedocs.io/en/latest/types.html#mapping-types[`mapping`], but with key-value _enumeration_: this will let you know how many entries a mapping has, and iterate over them (which is not possible with `mapping`).
+ * {EnumerableSet}: Like {EnumerableMap}, but for https://en.wikipedia.org/wiki/Set_(abstract_data_type)[sets]. Can be used to store privileged accounts, issued IDs, etc.
 
 [NOTE]
 ====
 Because Solidity does not support generic types, {EnumerableMap} and {EnumerableSet} are specialized to a limited number of key-value types.
-
-As of v3.0, {EnumerableMap} supports `uint256 -> address` (`UintToAddressMap`), and {EnumerableSet} supports `address` and `uint256` (`AddressSet` and `UintSet`).
 ====
 
-Finally, {Create2} contains all necessary utilities to safely use the https://blog.openzeppelin.com/getting-the-most-out-of-create2/[`CREATE2` EVM opcode], without having to deal with low-level assembly.
-
 == Math
 
 {{Math}}
@@ -42,6 +39,12 @@ Finally, {Create2} contains all necessary utilities to safely use the https://bl
 
 {{EIP712}}
 
+== Security
+
+{{ReentrancyGuard}}
+
+{{Pausable}}
+
 == Introspection
 
 This set of interfaces and contracts deal with https://en.wikipedia.org/wiki/Type_introspection[type introspection] of contracts, that is, examining which functions can be called on them. This is usually referred to as a contract's _interface_.