diff --git a/nx-dev/ui-enterprise/src/lib/security/ci-access.tsx b/nx-dev/ui-enterprise/src/lib/security/ci-access.tsx index 13e5c9683a..1f55d04bac 100644 --- a/nx-dev/ui-enterprise/src/lib/security/ci-access.tsx +++ b/nx-dev/ui-enterprise/src/lib/security/ci-access.tsx @@ -54,7 +54,7 @@ export function CiAccess(): ReactElement { aria-hidden="true" className="absolute left-1 top-1 h-5 w-5" /> - Rotate tokens weekly (or as often as needed) + Rotate tokens as needed
  • diff --git a/nx-dev/ui-enterprise/src/lib/security/why-ci-security-matters.tsx b/nx-dev/ui-enterprise/src/lib/security/why-ci-security-matters.tsx index 28990b53fe..28d4a0f252 100644 --- a/nx-dev/ui-enterprise/src/lib/security/why-ci-security-matters.tsx +++ b/nx-dev/ui-enterprise/src/lib/security/why-ci-security-matters.tsx @@ -29,8 +29,8 @@ export function WhyCiSecurityMatters(): ReactElement { Why CI Security Matters - CI pipelines are a growing target – and your cache is a critical - entry point. + CI pipelines are often an overlooked threat – and your cache is a + critical entry point. diff --git a/nx-dev/ui-remote-cache/src/lib/faq.tsx b/nx-dev/ui-remote-cache/src/lib/faq.tsx index eb2d7c5180..b92c0cb7e7 100644 --- a/nx-dev/ui-remote-cache/src/lib/faq.tsx +++ b/nx-dev/ui-remote-cache/src/lib/faq.tsx @@ -75,6 +75,29 @@ export function Faq(): ReactElement {

    ), }, + { + question: 'Is my self-hosted cache setup secure enough?', + answerJson: + 'Most self-hosted cache setups offer basic functionality but lack critical security features. Without enforced input validation, branch isolation, and real-time access control, self-hosted caches are vulnerable to cache poisoning, where compromised or unverified artifacts can silently pollute your builds. We recommend using Nx Cloud, which provides infrastructure-level protections, making it a safer choice for organizations in highly regulated industries.', + answerUi: ( +

    + Most self-hosted cache setups offer basic functionality but lack + critical security features. Without enforced input validation, branch + isolation, and real-time access control, self-hosted caches are + vulnerable to cache poisoning, where compromised or unverified + artifacts can silently pollute your builds. We recommend using Nx + Cloud, which provides infrastructure-level protections, making it a + safer choice for organizations in highly regulated industries.{' '} + + Learn more here. + +

    + ), + }, { question: 'What security measures does Nx Cloud offer beyond the official plugins and third party plugins?', diff --git a/nx-dev/ui-remote-cache/src/lib/remote-cache-solutions.tsx b/nx-dev/ui-remote-cache/src/lib/remote-cache-solutions.tsx index 9f4c44d867..2e20182653 100644 --- a/nx-dev/ui-remote-cache/src/lib/remote-cache-solutions.tsx +++ b/nx-dev/ui-remote-cache/src/lib/remote-cache-solutions.tsx @@ -1,10 +1,12 @@ 'use client'; import { ReactElement } from 'react'; -import { CheckCircleIcon } from '@heroicons/react/24/solid'; +import { + CheckCircleIcon, + ExclamationCircleIcon, +} from '@heroicons/react/24/solid'; import { ButtonLink, SectionHeading } from '@nx/nx-dev/ui-common'; import { sendCustomEvent } from '@nx/nx-dev/feature-analytics'; import Link from 'next/link'; -import { ExclamationCircleIcon } from '@heroicons/react/24/outline'; export function RemoteCacheSolutions(): ReactElement { return ( @@ -22,15 +24,17 @@ export function RemoteCacheSolutions(): ReactElement {
    {/* NX CLOUD */}
    -
    +
    + + Recommended +

    - Managed remote cache + Nx Cloud remote cache

    - Easiest setup, high performance, secure, fully managed by Nx - Cloud. + Easiest setup, high performance, secure, fully managed by Nx.

    • +
  • +
    • -
  • -