docs(readme): surface exact password validation error messages

[github-actions]

The previous commit (#181) updated docs/handler/auth.md and docs/handler/password-reset.md to document the exact JSON error bodies returned for out-of-range passwords. The README was not updated at that time, leaving it with vaguer descriptions.

This PR mirrors the same information into README.md so that API clients reading the README (the most commonly consulted entry point) also see the exact error strings they will receive — and can display or localize them appropriately.

Changes

• README.md — AuthHandler section (line ~523): updated "Password constraints: 8–72 bytes. Bcrypt cost 12." to also include the exact error bodies:

  A password shorter than 8 bytes returns {"error": "password must be at least 8 bytes"}; a password longer than 72 bytes returns {"error": "password must be at most 72 bytes"}.

• README.md — PasswordResetHandler section (line ~1095): replaced the vague (same 8–72 byte password constraint as AuthHandler) cross-reference with the explicit error messages inline, keeping the section self-contained.

No code changes. No other docs were affected — the dedicated handler docs were already updated in #181.

Warning

⚠️ Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

• proxy.golang.org

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "proxy.golang.org"

See Network Configuration for more information.

Generated by Update Docs · ● 3M · ◷

To install this agentic workflow, run

gh aw add githubnext/agentics/workflows/update-docs.md@96b9d4c39aa22359c0b38265927eadb31dcf4e2a

Greptile Summary

This PR updates README.md to surface the exact JSON error bodies returned for out-of-range passwords in both the AuthHandler and PasswordResetHandler sections, mirroring changes already made to the dedicated handler docs in #181. The documented error strings ("password must be at least 8 bytes" / "password must be at most 72 bytes") and the {"error": "..."} envelope match the actual implementation in handler/helpers.go exactly.

Confidence Score: 5/5

Safe to merge — documentation-only change with no code modifications

The documented error strings, byte bounds (8–72), and JSON envelope format all match handler/helpers.go exactly. No code paths are affected.

No files require special attention

Important Files Changed

Filename	Overview
README.md	Documentation-only update; error strings, byte bounds, and JSON format verified accurate against handler/helpers.go

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Client sends password] --> B{len < 8 bytes?}
    B -->|Yes| C[HTTP 400 - password must be at least 8 bytes]
    B -->|No| D{len > 72 bytes?}
    D -->|Yes| E[HTTP 400 - password must be at most 72 bytes]
    D -->|No| F[bcrypt cost 12 - password accepted]

Loading

_{Reviews (1): Last reviewed commit: "docs(readme): surface exact password val..." | Re-trigger Greptile}

[Copilot]

Pull request overview

Updates the project’s primary documentation entry point (README.md) to explicitly document the exact JSON error bodies returned when password length validation fails, matching the handler-specific docs added in #181.

Changes:

• AuthHandler section: documents exact {"error": "password must be at least 8 bytes"} / {"error": "password must be at most 72 bytes"} responses alongside the 8–72 byte constraint (and bcrypt cost note).
• PasswordResetHandler section: replaces the cross-reference with the same explicit error messages inline to keep the section self-contained.

Show a summary per file

File	Description
README.md	Adds the exact password length validation error JSON bodies to the AuthHandler and PasswordResetHandler documentation sections.

Copilot's findings

Tip

Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

• Files reviewed: 1/1 changed files
• Comments generated: 0