From 6f78111df258b296756c28f6e210533273c2ed41 Mon Sep 17 00:00:00 2001
From: "electron-website-docs-updater[bot]"
 <166660481+electron-website-docs-updater[bot]@users.noreply.github.com>
Date: Wed, 29 Jan 2025 20:45:32 +0000
Subject: [PATCH] =?UTF-8?q?chore:=20update=20ref=20to=20docs=20(?=
 =?UTF-8?q?=F0=9F=A4=96)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 docs/latest/.sha                |  2 +-
 docs/latest/api/ipc-renderer.md | 12 ++++++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

diff --git a/docs/latest/.sha b/docs/latest/.sha
index ea44e135c..7af31a582 100644
--- a/docs/latest/.sha
+++ b/docs/latest/.sha
@@ -1 +1 @@
-600551766d0de3afe880c566dfce21ae03db6cd6
\ No newline at end of file
+1472c5b090a58c9169ed11cdbd794dabd4fb7d64
\ No newline at end of file
diff --git a/docs/latest/api/ipc-renderer.md b/docs/latest/api/ipc-renderer.md
index 1a5b53486..983849f9c 100644
--- a/docs/latest/api/ipc-renderer.md
+++ b/docs/latest/api/ipc-renderer.md
@@ -39,6 +39,18 @@ The `ipcRenderer` module has the following method to listen for events and send
 Listens to `channel`, when a new message arrives `listener` would be called with
 `listener(event, args...)`.
 
+:::warning
+
+Do not expose the `event` argument to the renderer for security reasons! Wrap any
+callback that you receive from the renderer in another function like this:
+`ipcRenderer.on('my-channel', (event, ...args) => callback(...args))`.
+Not wrapping the callback in such a function would expose dangerous Electron APIs
+to the renderer process. See the
+[security guide](../tutorial/security.md#20-do-not-expose-electron-apis-to-untrusted-web-content)
+for more info.
+
+:::
+
 ### `ipcRenderer.off(channel, listener)`
 
 * `channel` string