From 796eabbc52e5be6b36fa03092ae2499023a045be Mon Sep 17 00:00:00 2001
From: Ihor Sviziev <ihor-sviziev@users.noreply.github.com>
Date: Fri, 28 Jul 2017 16:24:47 +0300
Subject: [PATCH 1/2] Use json instead of serialized array for lock file

serialize/unserialize methods use is not recommended
http://devdocs.magento.com/guides/v2.0/ext-best-practices/security/writing-secure-code.html#php-functions-to-avoid
---
 src/Migration/App/Progress/File.php | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/src/Migration/App/Progress/File.php b/src/Migration/App/Progress/File.php
index eb8dc326a..e191e9da3 100644
--- a/src/Migration/App/Progress/File.php
+++ b/src/Migration/App/Progress/File.php
@@ -52,7 +52,19 @@ public function __construct(
     public function getData()
     {
         if (empty($this->data)) {
-            $data = @unserialize($this->filesystemDriver->fileGetContents($this->getLockFile()));
+            $fileContents = $this->filesystemDriver->fileGetContents($this->getLockFile());
+            $isJson = (strpos($fileContents, '{') === 0);
+            
+            if ($isJson) {
+                $data = json_decode($fileContents, true);
+            } else {
+                $data = @unserialize($fileContents);
+                
+                if (is_array($data)) {
+                    $this->saveData($data);
+                }
+            }
+            
             if (is_array($data)) {
                 $this->data = $data;
             }

From abc30474020594a685c54981d80c7c276caac862 Mon Sep 17 00:00:00 2001
From: Ihor Sviziev <ihor-sviziev@users.noreply.github.com>
Date: Fri, 28 Jul 2017 16:26:44 +0300
Subject: [PATCH 2/2] Use json instead of serialized array for lock file

serialize/unserialize methods use is not recommended
http://devdocs.magento.com/guides/v2.0/ext-best-practices/security/writing-secure-code.html#php-functions-to-avoid
---
 src/Migration/App/Progress/File.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/Migration/App/Progress/File.php b/src/Migration/App/Progress/File.php
index e191e9da3..72ce3f94f 100644
--- a/src/Migration/App/Progress/File.php
+++ b/src/Migration/App/Progress/File.php
@@ -58,6 +58,7 @@ public function getData()
             if ($isJson) {
                 $data = json_decode($fileContents, true);
             } else {
+                //Convert file to JSON format
                 $data = @unserialize($fileContents);
                 
                 if (is_array($data)) {
@@ -81,7 +82,7 @@ public function getData()
     public function saveData($data)
     {
         if ($this->filesystemDriver->isExists($this->getLockFile())) {
-            $this->filesystemDriver->filePutContents($this->getLockFile(), serialize($data));
+            $this->filesystemDriver->filePutContents($this->getLockFile(), json_encode($data));
             $this->data = $data;
             return true;
         }