Skip to content

Commit 94ee17a

Browse files
committed
docs: add Self-Review Discipline section to CLAUDE.md
Honest retro from this PR: review bots (Codex, CodeRabbit) surfaced ~13 valid findings; my own self-reviews surfaced ~3–4. Bots aren't magic — they run adversarial checks consistently. The agent guidelines didn't tell future sessions to do the same. Adds a new "Self-Review Discipline" section between Principles and Port Rules, covering the six specific blindspots this PR kept hitting: 1. Adversarial input sweep — what inputs would break this regex/ substitution/tokenizer? 2. Emit/parse symmetry — does my parse accept every shape my emit produces? 3. Pass-interaction check — does my new pass compose cleanly with every existing pass in the pipeline? 4. Unforgeable sentinels — per-call nonce for any placeholder mapped back to structured data. 5. Divergence budget — enforce the 2-divergence-per-sync cap against myself, not just externally. 6. The Codex pre-ship question — "what would Codex find right now?" Also cross-links from UPSTREAM_SYNC.md "How to land a divergence" since divergence code is the highest-risk surface for these blindspots. https://claude.ai/code/session_01XE1bMoQ5BjCvgi1iLGKKhG
1 parent f9a925d commit 94ee17a

2 files changed

Lines changed: 48 additions & 0 deletions

File tree

CLAUDE.md

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -64,6 +64,50 @@ All thread IDs follow: `{adapter}:{channel}:{thread}`
6464
3. **No two tests should verify the same thing.** Duplicates inflate counts
6565
without catching more bugs.
6666

67+
## Self-Review Discipline
68+
69+
Review bots (Codex, CoderRabbit) outperformed agent self-review ~3× on recent
70+
PRs — not because they're magic, but because they run adversarial checks
71+
consistently. Run these yourself *before* declaring code ready. They target
72+
the specific blindspots that have cost us silent bugs.
73+
74+
1. **Adversarial input sweep.** For every regex, substitution, or tokenization
75+
pass you add, enumerate ~5 inputs that could break it:
76+
- empty input, single-char input
77+
- input containing the marker/sentinel your code produces (forgery)
78+
- input containing each delimiter your pattern uses
79+
- the pattern appearing in unintended contexts (code spans, quoted strings)
80+
- very long input, odd unicode, PUA code points
81+
82+
2. **Emit/parse symmetry.** If you add `X → Y` (emit), verify your `Y → X`
83+
(parse) accepts every `X` the emit might produce. Every URL scheme, every
84+
label shape, every edge case (empty / relative / None). Asymmetry between
85+
emit and parse is a common source of silent data loss.
86+
87+
3. **Pass-interaction check.** When inserting a new transformation pass into
88+
a pipeline (markdown parsing, stripping, rendering), walk through every
89+
existing pass: does yours break any? do any break yours? does ORDER
90+
matter? Example: a link-strip inserted after code-stripping corrupts code
91+
content containing link syntax.
92+
93+
4. **Unforgeable sentinels.** Any placeholder token that later code maps
94+
back to structured data must carry a per-call nonce
95+
(`secrets.token_hex(n)`). Fixed tokens like `\ue000LINK0\ue000` can be
96+
forged by user input. Also tolerate out-of-range / unrecognized
97+
sentinels without raising — fall back to literal text.
98+
99+
5. **Divergence budget.** `docs/UPSTREAM_SYNC.md` sets a max of **2
100+
divergences per sync**. Enforce this against yourself. A 3rd divergence
101+
= stop and ask whether this is still a sync or becoming a fork. Document
102+
every divergence in the non-parity table, add a breadcrumb at the code
103+
site, write a regression test that would fail if someone "fixes" the
104+
divergence back to upstream.
105+
106+
6. **The Codex pre-ship question.** Before declaring ready, ask yourself:
107+
"What would Codex find in this code right now?" Be adversarial. If the
108+
honest answer is "probably X," test X first. Don't wait for a bot to
109+
file it.
110+
67111
## Port Rules (TS → Python)
68112

69113
See docs/UPSTREAM_SYNC.md for the full 15-hazard guide. Key patterns:

docs/UPSTREAM_SYNC.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -111,6 +111,10 @@ the rules below before adding one.
111111
back to upstream's behavior. The test's docstring should cite the reason.
112112
5. **CHANGELOG entry** under a "Python-specific (divergence from upstream)"
113113
subsection.
114+
6. **Run the self-review adversarial checks** from
115+
[CLAUDE.md § Self-Review Discipline](../CLAUDE.md#self-review-discipline).
116+
Divergence code is exactly the kind of novel, Python-specific logic that
117+
bot reviewers consistently find bugs in — catch them yourself first.
114118

115119
### Review signal
116120

0 commit comments

Comments
 (0)