From 26f2c01b33308c19a81e5d10422e8497f2086f03 Mon Sep 17 00:00:00 2001 From: Marco Walz Date: Mon, 11 May 2026 18:46:23 +0200 Subject: [PATCH] fix(security): apply sentence case to all page titles and improve descriptions - Apply sentence case to all security guide titles - Add sidebar.label: "Overview" to keep navbar label short - Rename decentralization.md to canister-control.md (better reflects content) - Remove "Security" prefix from individual page titles within the security section - Improve descriptions: endpoint verification, timer reinstatement after upgrades, mobile II integration --- .../security/{decentralization.md => canister-control.md} | 4 ++-- docs/guides/security/canister-upgrades.md | 4 ++-- docs/guides/security/data-integrity-and-authenticity.md | 2 +- docs/guides/security/data-storage.md | 2 +- docs/guides/security/dos-prevention.md | 2 +- docs/guides/security/formal-verification.md | 2 +- docs/guides/security/https-outcalls.md | 2 +- docs/guides/security/identity-and-access-management.mdx | 4 ++-- docs/guides/security/inter-canister-calls.md | 2 +- docs/guides/security/miscellaneous.md | 4 ++-- docs/guides/security/observability-and-monitoring.md | 2 +- docs/guides/security/overview.md | 3 ++- 12 files changed, 17 insertions(+), 16 deletions(-) rename docs/guides/security/{decentralization.md => canister-control.md} (97%) diff --git a/docs/guides/security/decentralization.md b/docs/guides/security/canister-control.md similarity index 97% rename from docs/guides/security/decentralization.md rename to docs/guides/security/canister-control.md index 672694b..e449bef 100644 --- a/docs/guides/security/decentralization.md +++ b/docs/guides/security/canister-control.md @@ -1,6 +1,6 @@ --- -title: "Decentralization" -description: "Security best practices for distributed canister control using the SNS, governance mechanisms, and reducing centralized trust." +title: "Canister control" +description: "Security best practices for canister control: using governance frameworks such as the SNS, verifying the trust level of canisters you depend on, and loading assets only from trusted domains." sidebar: order: 10 --- diff --git a/docs/guides/security/canister-upgrades.md b/docs/guides/security/canister-upgrades.md index 207b1c6..a224e7a 100644 --- a/docs/guides/security/canister-upgrades.md +++ b/docs/guides/security/canister-upgrades.md @@ -1,6 +1,6 @@ --- -title: "Canister Upgrade Security" -description: "Security best practices for canister upgrade hooks, panics during upgrades, and timer reinstatement." +title: "Canister upgrades" +description: "Security best practices for canister upgrade hooks, panics during upgrades, and timer reinstatement after upgrades." sidebar: order: 8 --- diff --git a/docs/guides/security/data-integrity-and-authenticity.md b/docs/guides/security/data-integrity-and-authenticity.md index 6dd332f..4bea795 100644 --- a/docs/guides/security/data-integrity-and-authenticity.md +++ b/docs/guides/security/data-integrity-and-authenticity.md @@ -1,5 +1,5 @@ --- -title: "Data Integrity and Authenticity" +title: "Data integrity and authenticity" description: "Security best practices for certified variables, asset certification, and protecting data authenticity on ICP." sidebar: order: 4 diff --git a/docs/guides/security/data-storage.md b/docs/guides/security/data-storage.md index 9bc44e9..3b01b52 100644 --- a/docs/guides/security/data-storage.md +++ b/docs/guides/security/data-storage.md @@ -1,5 +1,5 @@ --- -title: "Data Storage" +title: "Data storage" description: "Security best practices for canister data storage, stable memory, encryption of sensitive data, and backups." sidebar: order: 3 diff --git a/docs/guides/security/dos-prevention.md b/docs/guides/security/dos-prevention.md index 83a23b2..5723b5a 100644 --- a/docs/guides/security/dos-prevention.md +++ b/docs/guides/security/dos-prevention.md @@ -1,5 +1,5 @@ --- -title: "Denial of Service Prevention" +title: "DoS prevention" description: "Security best practices for protecting canisters against DoS and DDoS attacks, noisy neighbors, and expensive calls." sidebar: order: 7 diff --git a/docs/guides/security/formal-verification.md b/docs/guides/security/formal-verification.md index f7db503..07f788c 100644 --- a/docs/guides/security/formal-verification.md +++ b/docs/guides/security/formal-verification.md @@ -1,5 +1,5 @@ --- -title: "Formal Verification" +title: "Formal verification" description: "Applying formal verification and TLA+ model checking to find and prove the absence of security bugs in ICP canisters." sidebar: order: 12 diff --git a/docs/guides/security/https-outcalls.md b/docs/guides/security/https-outcalls.md index 57ae423..0d91ca3 100644 --- a/docs/guides/security/https-outcalls.md +++ b/docs/guides/security/https-outcalls.md @@ -1,5 +1,5 @@ --- -title: "HTTPS Outcall Security" +title: "HTTPS outcalls" description: "Security best practices for canister HTTPS outcalls: API keys, rate limits, idempotency, response consistency, and input validation." sidebar: order: 6 diff --git a/docs/guides/security/identity-and-access-management.mdx b/docs/guides/security/identity-and-access-management.mdx index 39c6774..91d7968 100644 --- a/docs/guides/security/identity-and-access-management.mdx +++ b/docs/guides/security/identity-and-access-management.mdx @@ -1,6 +1,6 @@ --- -title: "Identity and Access Management" -description: "Security best practices for authentication, anonymous principal rejection, ingress message inspection, and session management." +title: "Identity and access management" +description: "Security best practices for authentication, anonymous principal rejection, ingress message inspection, session management, and mobile Internet Identity integration." sidebar: order: 2 --- diff --git a/docs/guides/security/inter-canister-calls.md b/docs/guides/security/inter-canister-calls.md index 5bbfe9c..da6fa8a 100644 --- a/docs/guides/security/inter-canister-calls.md +++ b/docs/guides/security/inter-canister-calls.md @@ -1,5 +1,5 @@ --- -title: "Inter-Canister Call Security" +title: "Inter-canister calls" description: "Security best practices for handling traps in callbacks, message ordering, rejected calls, and untrustworthy canisters." sidebar: order: 5 diff --git a/docs/guides/security/miscellaneous.md b/docs/guides/security/miscellaneous.md index c0875bc..31fbe75 100644 --- a/docs/guides/security/miscellaneous.md +++ b/docs/guides/security/miscellaneous.md @@ -1,6 +1,6 @@ --- -title: "Miscellaneous Security Practices" -description: "Miscellaneous security best practices: data confidentiality, secure randomness, endpoint validation, testing, reproducible builds, monotonic time, and floating point." +title: "Miscellaneous practices" +description: "Miscellaneous security best practices: data confidentiality, secure randomness, endpoint verification, testing, reproducible builds, monotonic time, and floating point." sidebar: order: 11 --- diff --git a/docs/guides/security/observability-and-monitoring.md b/docs/guides/security/observability-and-monitoring.md index c67b684..436bd37 100644 --- a/docs/guides/security/observability-and-monitoring.md +++ b/docs/guides/security/observability-and-monitoring.md @@ -1,5 +1,5 @@ --- -title: "Observability and Monitoring" +title: "Observability and monitoring" description: "Security best practices for monitoring canister cycles, logs, and health indicators." sidebar: order: 9 diff --git a/docs/guides/security/overview.md b/docs/guides/security/overview.md index c5024d4..e5f6199 100644 --- a/docs/guides/security/overview.md +++ b/docs/guides/security/overview.md @@ -1,8 +1,9 @@ --- -title: "Security Overview" +title: "Security overview" description: "Introduction to the ICP security best practices for canister and web app developers." sidebar: order: 1 + label: "Overview" --- This section provides security best practices for developing canisters and web apps served by canisters on ICP. These best practices are mostly inspired by issues found in security reviews.