Security Note
Security Note
Security-specific callout with info, warning, and critical severity levels
Security Note
API keys are scoped to your workspace. Rotate them every 90 days.
Token Storage
Never store access tokens in localStorage. Use httpOnly cookies or a secure server-side session.
Private Key Handling
Never commit private keys to version control. Revoke and rotate immediately if exposed.
Installation
npx docsui-cli@latest add security-noteUsage
import { SecurityNote } from "@/components/mdx/security-note";
<SecurityNote severity="warning" title="OTP Fuse Burn">
QFPROM fuse values are permanent once written. Ensure correct values before
provisioning production devices.
</SecurityNote>;Examples
Security Note
API keys are scoped to your workspace. Rotate them every 90 days.
Token Storage
Never store access tokens in localStorage. Use httpOnly cookies or a secure server-side session.
Private Key Handling
Never commit private keys to version control. Revoke and rotate immediately if exposed.
Info — general security note
<SecurityNote>
All API requests must include a signed JWT in the Authorization header. Tokens
expire after 15 minutes.
</SecurityNote>Warning — important caveat
<SecurityNote severity="warning" title="Key Storage">
Never store private keys in non-volatile memory outside of the Secure
Execution Environment (SEE). Use the QFPROM-backed secure storage API.
</SecurityNote>Critical — irreversible action
<SecurityNote severity="critical" title="Irreversible Operation">
Burning OTP fuses is permanent and cannot be undone. Incorrect fuse values
will brick the device. Test on an engineering sample before production.
</SecurityNote>Custom title
<SecurityNote severity="warning" title="JTAG Disabled in Production">
JTAG access is disabled by OTP fuse in production builds. Debugging requires a
signed debug certificate from Qualcomm.
</SecurityNote>Props
| Prop | Type | Default | Description |
|---|---|---|---|
severity | "info" | "warning" | "critical" | "info" | Visual severity — controls icon and colour scheme |
title | string | Auto | Custom title; defaults to "Security Note", "Security Warning", or "Critical Security Advisory" |
children | React.ReactNode | — | Body content (required) |
className | string | — | Additional CSS classes |