Skip to content

Docs: fix broken examples and fill documentation gaps#12

Merged
shivamsn97 merged 1 commit into
mainfrom
docs/qa-example-fixes
Jul 7, 2026
Merged

Docs: fix broken examples and fill documentation gaps#12
shivamsn97 merged 1 commit into
mainfrom
docs/qa-example-fixes

Conversation

@shivamsn97

@shivamsn97 shivamsn97 commented Jul 7, 2026

Copy link
Copy Markdown
Member

Fixes several documentation issues found while testing the guides end-to-end:

  1. The WebSockets guide's first example passed window.location.pathname to useWebSocket() — evaluated during server rendering, where window doesn't exist, so copy-pasting the example failed the page. It now derives the socket path from route data, with a callout explaining that hook arguments are evaluated during SSR.
  2. A pyxle-db example subscripted request.json without awaiting it (it's an async method); now uses body = await request.json(), consistent with the Server Actions page.
  3. The pyxle-auth credential endpoints (/auth/login, /auth/signup, /auth/logout) are CSRF-protected like every state-changing POST, but the page never said so — a new CSRF subsection explains the double-submit flow with a working curl sequence, and notes useAuth() handles it automatically.
  4. New "Where accounts live" section: the SQLite database auto-created at data/app.db, and how to point at a production database.
  5. Honest scope note on pyxle check: a green check validates syntax and semantics; runtime-only mistakes (like a component reading a loader key that doesn't exist) surface when the page loads.
  6. Prerequisites (Python 3.10+, Node.js 18+) now stated on the Introduction page; stale hardcoded version lines removed.

- websockets: the flagship first example used
  useWebSocket(window.location.pathname) — window is evaluated during
  SSR, so copy-pasting the guide's opening example 500'd the page.
  Now uses the SSR-safe route-param form, with a callout explaining
  hook arguments evaluate during SSR.
- pyxle-db: the end-to-end example read request.json["title"]
  (request.json is an async method -> 500 "'method' object is not
  subscriptable"); now awaits it, consistent with Server Actions.
- pyxle-auth: documents that /auth/* POST endpoints are
  CSRF-protected (cookie + X-CSRF-Token header, useAuth() handles it
  automatically) with a working curl example, and that a SQLite DB
  auto-creates at data/app.db on first run + how to point at a
  production database.
- cli: honest scope caveat for 'pyxle check' (validates syntax and
  semantics; does not prove a page renders) + note that the JSX check
  ships by default as of 0.7.0.
- introduction: Prerequisites callout (Python 3.10+, Node 18+); stale
  hardcoded 'Current version: 0.5.0' lines removed from
  introduction/README (drift trap — changelog carries the version).

Suite: 2183 passed, coverage 96.49%. Adversarially reviewed (approve).
@shivamsn97 shivamsn97 merged commit 2b46803 into main Jul 7, 2026
5 checks passed
@shivamsn97 shivamsn97 changed the title docs: fix every example black-box QA proved broken (QA #4–6, #13, #16, #19) Docs: fix broken examples and fill documentation gaps Jul 7, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant