Rewrite onboarding prose to a neutral voice

2026-04-26 12:26:19 -04:00
parent a591cd21f2
commit e27c8a2bd6
16 changed files with 69 additions and 70 deletions
--- a/tests/test_forge_auth_integration.py
+++ b/tests/test_forge_auth_integration.py
@@ -4,7 +4,7 @@ Covers the full PKCE login flow (authorize → callback → token
 exchange → userinfo → persist), transparent refresh, logout, and
 the idempotent "already authenticated" short-circuit.

-No real network calls. No browser required: we simulate the
+No real network calls. No browser required: the test simulates the
 browser by doing an HTTP GET to the authorize endpoint; the mock
 server 302-redirects to the loopback callback, which
 `forge_auth.run_login` is already listening on.
@@ -44,14 +44,14 @@ def _free_loopback_port() -> int:
 class _MockBrowser:
    """Drive the authorize endpoint on a worker thread.

-    We wait a fraction of a second for `run_login` to bind its
+    The worker waits a fraction of a second for `run_login` to bind its
    loopback callback server, then GET the authorize URL. The mock
-    server redirects us to the callback; following the redirect
+    server redirects to the callback; following the redirect
    causes `run_login`'s callback handler to fire, and the auth flow
    completes.

    urllib's default opener follows redirects automatically, which is
-    exactly what we want here: one GET, one automatic redirect, done.
+    the required behavior here: one GET, one automatic redirect, done.
    """

    def __init__(self, authorize_url: str, delay_seconds: float = 0.2) -> None:
@@ -111,14 +111,14 @@ class ForgeAuthIntegrationTests(unittest.TestCase):
    # Helpers
    # -----------------------------------------------------------------
    def _login(self) -> fa.AuthFile:
-        """Run run_login() with an auto-browser that does the GET for us."""
+        """Run run_login() with an auto-browser issuing the authorize GET."""
        with mock.patch.dict(os.environ, self.env, clear=True):
            config = fa.ForgeAuthConfig.from_env()

-            # We need to start the mock "browser" AFTER run_login
+            # The mock browser starts AFTER run_login
            # prints the authorize URL but BEFORE it blocks on the
            # loopback server. Since run_login prints then blocks
-            # synchronously, we can intercept webbrowser.open to
+            # synchronously, the code intercepts webbrowser.open to
            # kick off the GET at exactly the right moment.
            browser_holder: dict[str, _MockBrowser] = {}

@@ -240,8 +240,8 @@ class ForgeAuthIntegrationTests(unittest.TestCase):
    def test_callback_state_csrf_mismatch_raises(self) -> None:
        """A tampered state on the callback must raise.

-        We cannot easily tamper with the real PKCE flow end-to-end,
-        so we exercise verify_state directly: the `run_login` path
+        The real PKCE flow is not easily tampered end-to-end here,
+        so the test exercises verify_state directly: the `run_login` path
        wires it straight through.
        """
        key = b"\x01" * 32