From e7a233c12cf3bcd5b4655bf1197e5ec3b00b2949 Mon Sep 17 00:00:00 2001
From: ian <ian@nervos.org>
Date: Wed, 27 Nov 2019 15:33:26 +0800
Subject: [PATCH 1/3] doc: RPC compatability notice

---
 devtools/doc/rpc.py | 7 ++++++-
 rpc/README.md       | 2 ++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/devtools/doc/rpc.py b/devtools/doc/rpc.py
index 08794ce3ca..90d445e22c 100755
--- a/devtools/doc/rpc.py
+++ b/devtools/doc/rpc.py
@@ -3,6 +3,7 @@
 import sys
 import json
 
+
 def newline(n):
     for i in range(0, n):
         print("")
@@ -11,6 +12,7 @@ def newline(n):
 def sort_cases_by_module(cases):
     return sorted(cases, key=lambda case: case["module"])
 
+
 def print_title(case):
     print("### `{}`".format(case["method"]))
     newline(1)
@@ -29,7 +31,8 @@ def print_types(case):
     newline(1)
     for item in case["types"]:
         if len(item) != 1:
-            raise Exception("Invalid `types` format, expect one map for only one type: {}".format(item))
+            raise Exception(
+                "Invalid `types` format, expect one map for only one type: {}".format(item))
         for (key, val) in item.items():
             print("    {} - {}".format(key, val))
 
@@ -117,6 +120,8 @@ def main():
     print("# CKB JSON-RPC Protocols")
     newline(1)
     print("NOTE: This file is auto-generated. Please don't update this file directly; instead make changes to `rpc/json/rpc.json` and re-run `make gen-rpc-doc`")
+    newline(1)
+    print("The RPC interface shares the version of the node version, which is returned in `local_node_info`. The interface is fully compactible between patch versions, for example, a client for 0.25.0 should work with 0.25.x for any x.")
     newline(2)
 
     print_toc(cases)
diff --git a/rpc/README.md b/rpc/README.md
index 7ab606033a..b4f0eb4a64 100644
--- a/rpc/README.md
+++ b/rpc/README.md
@@ -2,6 +2,8 @@
 
 NOTE: This file is auto-generated. Please don't update this file directly; instead make changes to `rpc/json/rpc.json` and re-run `make gen-rpc-doc`
 
+The RPC interface shares the version of the node version, which is returned in `local_node_info`. The interface is fully compactible between patch versions, for example, a client for 0.25.0 should work with 0.25.x for any x.
+
 
 *   [`Chain`](#chain)
     *   [`get_tip_block_number`](#get_tip_block_number)

From dbd901447dadc461a4cc2f6d1ffcbc8737807b01 Mon Sep 17 00:00:00 2001
From: Xuejie Xiao <xxuejie@gmail.com>
Date: Thu, 28 Nov 2019 10:11:12 +0800
Subject: [PATCH 2/3] fix: Skip checksum for now when installing yasm

---
 devtools/azure/windows-dependencies.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devtools/azure/windows-dependencies.yml b/devtools/azure/windows-dependencies.yml
index 5578ed3f5a..bb1a71dc03 100644
--- a/devtools/azure/windows-dependencies.yml
+++ b/devtools/azure/windows-dependencies.yml
@@ -8,7 +8,7 @@ steps:
   displayName: Install LLVM
 - script: choco install -y msys2
   displayName: Install msys2
-- script: choco install -y yasm
+- script: choco install --allow-empty-checksums -y yasm
   displayName: Install yasm
 - script: |
     curl -sSf -o rustup-init.exe https://win.rustup.rs

From 152500544e0e0b584f4aa0b7a95320a5cd8576eb Mon Sep 17 00:00:00 2001
From: ian <ian@nervos.org>
Date: Thu, 28 Nov 2019 12:28:29 +0800
Subject: [PATCH 3/3] docs(rpc): add security notices

---
 devtools/doc/rpc.py | 4 ++++
 rpc/README.md       | 4 ++++
 2 files changed, 8 insertions(+)

diff --git a/devtools/doc/rpc.py b/devtools/doc/rpc.py
index 90d445e22c..8bfde4399d 100755
--- a/devtools/doc/rpc.py
+++ b/devtools/doc/rpc.py
@@ -122,6 +122,10 @@ def main():
     print("NOTE: This file is auto-generated. Please don't update this file directly; instead make changes to `rpc/json/rpc.json` and re-run `make gen-rpc-doc`")
     newline(1)
     print("The RPC interface shares the version of the node version, which is returned in `local_node_info`. The interface is fully compactible between patch versions, for example, a client for 0.25.0 should work with 0.25.x for any x.")
+    newline(1)
+    print("Allowing arbitrary machines to access the JSON-RPC port (using the `rpc.listen_address` configuration option) is **dangerous and strongly discouraged**. Please strictly limit the access to only trusted machines.")
+    newline(1)
+    print("CKB JSON-RPC only supports HTTP now. If you need SSL, please setup a proxy via Nginx or other HTTP servers.")
     newline(2)
 
     print_toc(cases)
diff --git a/rpc/README.md b/rpc/README.md
index b4f0eb4a64..c97b1f668f 100644
--- a/rpc/README.md
+++ b/rpc/README.md
@@ -4,6 +4,10 @@ NOTE: This file is auto-generated. Please don't update this file directly; inste
 
 The RPC interface shares the version of the node version, which is returned in `local_node_info`. The interface is fully compactible between patch versions, for example, a client for 0.25.0 should work with 0.25.x for any x.
 
+Allowing arbitrary machines to access the JSON-RPC port (using the `rpc.listen_address` configuration option) is **dangerous and strongly discouraged**. Please strictly limit the access to only trusted machines.
+
+CKB JSON-RPC only supports HTTP now. If you need SSL, please setup a proxy via Nginx or other HTTP servers.
+
 
 *   [`Chain`](#chain)
     *   [`get_tip_block_number`](#get_tip_block_number)