fix: README line-by-line audit — internal consistency + accuracy#20
Merged
Conversation
Five fixes from a critical pass over the README: HIGH: - Sample punchline (line 30) said "done arguing about Rails 7 syntax on a Rails 8 app" — but the sample shows model cutoff 2026-01-31, by which point claude-opus-4-7 already knows Rails 8.x. The real gap the example demonstrates is 8.1.2 → 8.1.3 patch + CVE landed after cutoff. Reworded to match the data: "it sees the 8.1.3 patch and the CVE before it touches your code." - Sample CVE bullet (line 27) referenced version 8.0.2.1 alongside 8.1.x deltas, with a CVE-2025 stamp. Confusing in isolation. Replaced with a hypothetical 8.1.3 advisory + CVE-2026 stamp so the bullet fits the post-cutoff window the rest of the example uses. - "Why I built this" footer (line 114) had the same Rails-7-on-Rails-8 mismatch — model with current cutoff would not suggest Rails 7 methods on a Rails 8.1 app. Rewrote to a realistic patch-level scenario: "model confidently called an API the latest patch had quietly changed." - Community section (line 133) pointed users to "GitHub Discussions" but the repo has Discussions disabled (verified via gh repo view). Replaced with "Open an issue tagged `enhancement`, or send a PR." Enabling Discussions is a separate decision left to the maintainer. MEDIUM: - Roadmap line (line 128) said "adapter surface is small (~4 functions)" but the real contract is seven: a lockfile parser plus three local/HTTP function pairs (metadata, notes, advisories). Underselling contributor work invites a "wait, this is more than you said" reaction once they open the codebase. Reworded to be specific. No code changes. Tests untouched. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Second-pass codex review caught four things the first audit missed:
MEDIUM:
- Sample CVE bullet (line 27) had a fabricated GHSA-ID and CVE-ID
(GHSA-h4wq-7r2x-9j3p / CVE-2026-12104) introduced by the previous
fix to dodge the version-mismatch problem. A made-up but
real-looking advisory undermines the document's factual posture
more than the original mismatch did. Replaced with explicit
placeholder IDs (GHSA-xxxx-xxxx-xxxx, CVE-2026-XXXXX) so the
reader knows it is illustrative shape, not a real Rails advisory.
- GITHUB_TOKEN scope (line 109) overstated the token's reach. README
said "rate limit on registry/advisory calls" but the token is only
attached to GitHub API calls (releases + advisories) in
lib/core/github.sh. RubyGems registry calls in
lib/adapters/ruby/fetch.sh and lib/adapters/ruby/local.sh are
unauthenticated. Reworded to match the actual scope and to match
the CLI help text in bin/postcut.
LOW:
- Install one-liner (line 44) said "symlinks into PATH" without the
caveat from install.sh: when no writable bin dir is found on PATH,
the installer prints an `export PATH=...` hint instead. Added the
conditional and the alternative.
- Sample document (lines 18-21) omitted the two blockquote guidance
lines that lib/core/save.sh actually emits before the per-gem
sections ("Each section below describes..." and "Use the
post-cutoff version's API..."). Section is titled "What it
generates", which implies exact output — added the two lines.
No code changes. Tests untouched.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
Owner
Author
|
Second codex pass on the README (resumed prior thread, confronted with what it missed) — codex acknowledged the prior misses with a postmortem (reading-pass failure / assumption error / scope issue / verification failure / codebase-scope miss) and surfaced four follow-up findings, all addressed in commit
The pattern across both audit rounds: copy-driven inconsistencies were caught quickly; technical/factual claims required either grepping the codebase or running |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Five fixes from a critical line-by-line audit of the README — internal consistency between the sample document, the cutoff date, and the marketing punchlines.
Findings
gh repo view --json hasDiscussionsEnabledreturns false)enhancement, or send a PR"What I verified to ground the audit
RUBY_RAILS_SUBGEMSinlib/adapters/ruby/local.sh)bin/postcut:4confirmsVERSION="0.3.1"bin/postcutStats
Test plan
git diff --stat— only README.md, 5/5Open question for the maintainer
If you want GitHub Discussions instead of issue tags for "ideas / use cases", enable Discussions in repo Settings → Features and revert the line 133 edit. Otherwise this fix is the safer default.
🤖 Generated with Claude Code