Skip to content

Update the security guidance#35865

Merged
guardrex merged 4 commits intomainfrom
guardrex-patch-1
Jul 30, 2025
Merged

Update the security guidance#35865
guardrex merged 4 commits intomainfrom
guardrex-patch-1

Conversation

@guardrex
Copy link
Copy Markdown
Collaborator

@guardrex guardrex commented Jul 30, 2025
edited by github-actions Bot
Loading

Fixes #35747

Tom, Wade ... Just need a single review on this one, too.

Originally, I planned to add a section on how to grab a Key Vault certificate's private and public keys for this, but there's just no time. I'm booked for several months between 10.0 and 'Blazorfy It!'™ issues. I don't even want to keep a backlog issue on this because I wouldn't reach it until at least 2026. However, I did make a tracking entry on #34434 to consider it next year.

After trying a few different approaches, I've settled on ...

  • Use some AI-generated content that I like for the Establish public and private keys section.
  • Use my original CAUTION note with modification in the Send a notification section.

Internal previews

📄 File 🔗 Preview link
aspnetcore/blazor/progressive-web-app/push-notifications.md aspnetcore/blazor/progressive-web-app/push-notifications

@guardrex guardrex self-assigned this Jul 30, 2025
@guardrex guardrex requested a review from Copilot July 30, 2025 16:45

This comment was marked as outdated.

Sign in to view

guardrex and others added 2 commits July 30, 2025 12:49
@guardrex
Update aspnetcore/blazor/progressive-web-app/push-notifications.md
b42af11 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@guardrex
Updates
7fcec45
@guardrex guardrex requested a review from Copilot July 30, 2025 17:48
Copilot AI reviewed Jul 30, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates the push notifications documentation to improve security guidance and standardize security warnings. The changes implement a consistent approach to handling private keys in ASP.NET Core applications by replacing custom security warnings with a standardized include file.

  • Adds AI-usage metadata and updates the document date
  • Replaces custom security warning text with a standardized include file reference
  • Enhances security guidance with additional cryptographic best practices

Comment thread aspnetcore/blazor/progressive-web-app/push-notifications.md
Comment thread aspnetcore/blazor/progressive-web-app/push-notifications.md Outdated
@guardrex guardrex changed the title Default to security warning INCLUDE Update the security guidance Jul 30, 2025
@guardrex guardrex merged commit 5468978 into main Jul 30, 2025
3 checks passed
@guardrex guardrex deleted the guardrex-patch-1 branch July 30, 2025 18:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@tdykstra tdykstra tdykstra approved these changes

Assignees

@guardrex guardrex

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Manage crypto keys with AKV in the PWA Push Notifications article

3 participants

@guardrex @tdykstra