Skip to content

fix: warning case #654

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 12 commits into
base: main
Choose a base branch
from
Draft

fix: warning case #654

wants to merge 12 commits into from
+133 −85

Conversation

skywardboundd
Copy link
Collaborator

@skywardboundd skywardboundd commented Oct 10, 2025
edited
Loading

Closes #653
Closes #657

@skywardboundd skywardboundd linked an issue Oct 10, 2025 that may be closed by this pull request
debug page doesn't open #653
Open
@skywardboundd skywardboundd marked this pull request as ready for review October 10, 2025 12:32
@github-actions GitHub Actions
Copy link

Thanks for the updates. I reviewed the changes between main and pr_head; I found no issues and no fixes are needed at this time.

@github-actions GitHub Actions
Copy link

To fix the formatting issues:

  1. Install necessary dependencies: npm ci
  2. Then, run this command:
npx remark -o --silent --silently-ignore ecosystem/node/mytonctrl/backups.mdx ecosystem/node/setup-mytonctrl.mdx ecosystem/tma/mate/hosting.mdx guidebook/debug.mdx guidebook/first-smart-contract.mdx pending/reference/new-smart-contracts/interactions/extra.mdx

@skywardboundd skywardboundd changed the title fix: debug page fix: warning case Oct 10, 2025
anton-trunov
anton-trunov requested changes Oct 10, 2025
View reviewed changes
@verytactical verytactical marked this pull request as draft October 10, 2025 15:36
@github-actions GitHub Actions
Copy link

To fix the formatting issues:

  1. Install necessary dependencies: npm ci
  2. Then, run this command:
npx remark -o --silent --silently-ignore ecosystem/node/mytonctrl/backups.mdx ecosystem/node/setup-mytonctrl.mdx ecosystem/tma/mate/hosting.mdx guidebook/debug.mdx guidebook/first-smart-contract.mdx pending/reference/new-smart-contracts/interactions/extra.mdx

@github-actions GitHub Actions
Copy link

To fix the formatting issues:

  1. Install necessary dependencies: npm ci
  2. Then, run this command:
npx remark -o --silent --silently-ignore ecosystem/node/mytonctrl/backups.mdx ecosystem/node/setup-mytonctrl.mdx ecosystem/tma/mate/hosting.mdx guidebook/debug.mdx guidebook/first-smart-contract.mdx

@github-actions GitHub Actions
Copy link

To fix the formatting issues:

  1. Install necessary dependencies: npm ci
  2. Then, run this command:
npx remark -o --silent --silently-ignore ecosystem/node/mytonctrl/backups.mdx ecosystem/node/setup-mytonctrl.mdx ecosystem/tma/mate/hosting.mdx guidebook/debug.mdx guidebook/first-smart-contract.mdx

@github-actions GitHub Actions
Copy link

To fix the formatting issues:

  1. Install necessary dependencies: npm ci
  2. Then, run this command:
npx remark -o --silent --silently-ignore ecosystem/node/mytonctrl/backups.mdx ecosystem/node/setup-mytonctrl.mdx ecosystem/tma/mate/hosting.mdx guidebook/debug.mdx guidebook/first-smart-contract.mdx

@github-actions GitHub Actions
Copy link

To fix the formatting issues:

  1. Install necessary dependencies: npm ci
  2. Then, run this command:
npx remark -o --silent --silently-ignore ecosystem/node/mytonctrl/backups.mdx ecosystem/node/setup-mytonctrl.mdx ecosystem/tma/mate/hosting.mdx guidebook/debug.mdx guidebook/first-smart-contract.mdx

@skywardboundd skywardboundd marked this pull request as ready for review October 13, 2025 10:07
@skywardboundd
Copy link
Collaborator Author

@anton-trunov review again pls, problem was with imports

@github-actions GitHub Actions
Copy link

Thanks for the updates across the node setup and backups docs. A few safety callouts need adjustments before this can merge.

Findings (3)

High (3)

[HIGH] Safety callout downgraded to caution for key exposure

Location:

mintlify-ton-docs/ecosystem/node/mytonctrl/backups.mdx

Line 8 in abbab3e

type="caution"

Description:
The backup admonition now uses type="caution", but it covers exposure of private keys and validator configuration. Per the style guide, security/funds/keys/validator risk requires a Warning-level callout. The rest of the callout already includes risk, scope, rollback, and environment details.

Suggestion:

-  type="caution"
+  type="warning"

[HIGH] Safety callout downgraded to caution on key handling

Location:

mintlify-ton-docs/ecosystem/node/setup-mytonctrl.mdx

Line 8 in abbab3e

<Aside type="caution">**Handle validator keys like production secrets.** Keep recovery phrases offline, restrict shell access, and rehearse new procedures on testnet before touching wallets that hold real stake.</Aside>

Description:
The top-of-page admonition about handling validator keys is using a Caution callout. Handling validator keys constitutes a security/keys-risk scenario that must use a Warning-level callout per the style guide.

Suggestion:

-<Aside type="caution">
+<Aside type="warning">

[HIGH] Safety callout missing required elements (risk, scope, rollback, environment)

Location:

mintlify-ton-docs/ecosystem/node/setup-mytonctrl.mdx

Line 8 in abbab3e

<Aside type="caution">**Handle validator keys like production secrets.** Keep recovery phrases offline, restrict shell access, and rehearse new procedures on testnet before touching wallets that hold real stake.</Aside>

Description:
The validator-keys callout warns about secrets handling but omits the required elements: risk, scope, rollback/mitigation, and environment label (testnet vs mainnet). For security- and keys-related content, safety callouts must include these four parts to prevent reader harm. See https://github.com/tact-lang/mintlify-ton-docs/blob/main/contribute/style-guide-extended.mdx?plain=1#L474-L479.

Suggestion:

-<Aside type="caution">**Handle validator keys like production secrets.** Keep recovery phrases offline, restrict shell access, and rehearse new procedures on testnet before touching wallets that hold real stake.</Aside>
+<Aside type="caution">
+**Handle validator keys like production secrets.** Keep recovery phrases offline, restrict shell access, and rehearse new procedures on testnet before touching wallets that hold real stake.
+Risk: key exposure enables account takeover; shell access escalation.
+Scope: validator keys and this node’s configuration.
+Rollback: rotate keys and restore from a known‑good backup.
+Environment: practice on TON Testnet before using TON Mainnet.
+</Aside>

@skywardboundd
Copy link
Collaborator Author

Out of scope in this PR

@skywardboundd skywardboundd marked this pull request as draft October 13, 2025 20:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@anton-trunov anton-trunov anton-trunov requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

We should replace <Warning> with <Aside type="caution"> for consistency debug page doesn't open

2 participants

@skywardboundd @anton-trunov