diff --git a/.github/rm-invalid-lowest-lock-files.php b/.github/rm-invalid-lowest-lock-files.php
index c714632621..3105942a09 100644
--- a/.github/rm-invalid-lowest-lock-files.php
+++ b/.github/rm-invalid-lowest-lock-files.php
@@ -79,7 +79,7 @@ foreach ($composerJsons as list($dir, $lockedPackages)) {
             continue 2;
         }
 
-        if (isset($composerJsons[$name][2]['repositories']) && !isset($lockedJson[$key]['repositories'])) {
+        if (isset($composerJsons[$name][2]['repositories']) && !isset($lockedJson['repositories'])) {
             // the locked package has been patched locally but the lock references a commit,
             // which means the referencing package itself is not modified
             continue;
diff --git a/src/Symfony/Component/Security/Csrf/Tests/CsrfTokenManagerTest.php b/src/Symfony/Component/Security/Csrf/Tests/CsrfTokenManagerTest.php
index 214a189e99..2ec282144c 100644
--- a/src/Symfony/Component/Security/Csrf/Tests/CsrfTokenManagerTest.php
+++ b/src/Symfony/Component/Security/Csrf/Tests/CsrfTokenManagerTest.php
@@ -210,12 +210,12 @@ class CsrfTokenManagerTest extends TestCase
         );
     }
 
-    public function setUp()
+    protected function setUp()
     {
         $_SERVER['HTTPS'] = 'on';
     }
 
-    public function tearDown()
+    protected function tearDown()
     {
         parent::tearDown();