Refresh bilingual README#15
Conversation
There was a problem hiding this comment.
Code Review
This pull request restructures and updates the README.md to provide both English and Korean documentation, simplifying the setup instructions, adding benchmark results tables, and clarifying when the tool is effective. The review feedback focuses on improving the newly added Korean section by translating mixed-language sentences and completing missing parameter descriptions to ensure consistency and clarity.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
|
|
||
| `--redact-pii`는 `basic-contact-v1` 프로필을 적용합니다. 이메일, 한국 휴대폰 번호, 미국 전화번호를 다루지만 완전한 PII 탐지기는 아닙니다. | ||
|
|
||
| `--redact-secrets`는 `basic-secrets-v1` 프로필을 적용합니다. bearer tokens, API keys, webhook URLs, card-like values, secret-shaped JSON keys를 best-effort로 가립니다. Secret redaction is not included in --sensitive; 민감 문서에 비밀값이 들어갈 수 있으면 별도로 켜야 합니다. |
There was a problem hiding this comment.
In the Korean section, there is a mixed-language sentence: "Secret redaction is not included in --sensitive; 민감 문서에 비밀값이 들어갈 수 있으면 별도로 켜야 합니다." It would be much cleaner and more consistent to translate the English part to Korean.
| `--redact-secrets`는 `basic-secrets-v1` 프로필을 적용합니다. bearer tokens, API keys, webhook URLs, card-like values, secret-shaped JSON keys를 best-effort로 가립니다. Secret redaction is not included in --sensitive; 민감 문서에 비밀값이 들어갈 수 있으면 별도로 켜야 합니다. | |
| `--redact-secrets`는 `basic-secrets-v1` 프로필을 적용합니다. bearer tokens, API keys, webhook URLs, card-like values, secret-shaped JSON keys를 best-effort로 가립니다. 비밀값 제거(Secret redaction)는 --sensitive에 포함되지 않으므로, 민감 문서에 비밀값이 들어갈 수 있으면 별도로 활성화해야 합니다. |
| `--redact-secrets`는 `basic-secrets-v1` 프로필을 적용합니다. bearer tokens, API keys, webhook URLs, card-like values, secret-shaped JSON keys를 best-effort로 가립니다. Secret redaction is not included in --sensitive; 민감 문서에 비밀값이 들어갈 수 있으면 별도로 켜야 합니다. | ||
|
|
||
| ## Why store structured state instead of final paragraphs? | ||
| HMAC 서명은 tamper detection only, not encryption 입니다. 캐시 내용 자체를 숨겨야 한다면 encrypted storage, tmpfs, 또는 별도 암호화 저장소를 사용해야 합니다. |
There was a problem hiding this comment.
In the Korean section, the parameter --cache-hmac-secret-env is omitted, and the phrase "tamper detection only, not encryption" is left in English. Translating the phrase and adding the parameter name makes the documentation more complete and consistent.
| HMAC 서명은 tamper detection only, not encryption 입니다. 캐시 내용 자체를 숨겨야 한다면 encrypted storage, tmpfs, 또는 별도 암호화 저장소를 사용해야 합니다. | |
| `--cache-hmac-secret-env`는 캐시 봉투(envelope)에 HMAC-SHA256 서명을 적용합니다. HMAC 서명은 위변조 탐지용일 뿐 암호화가 아닙니다. 캐시 내용 자체를 숨겨야 한다면 encrypted storage, tmpfs, 또는 별도 암호화 저장소를 사용해야 합니다. |
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 18010395b9
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
|
||
| ```bash | ||
| python -m document_briefing_cache.cli cache stats --cache-dir .cache --json | ||
| python -m document_briefing_cache.cli cache prune --cache-dir .cache --older-than 30d --dry-run --json |
There was a problem hiding this comment.
Pass the HMAC secret when pruning signed caches
When a cache was written with --cache-hmac-secret-env, this maintenance example will scan but skip signed entries because JsonFileCache.prune() continues on unverifiable signed envelopes when no HMAC secret is configured (src/document_briefing_cache/cache.py:117-124, :238-239), and the prune subcommand only receives that secret if --cache-hmac-secret-env is passed (src/document_briefing_cache/cli.py:81-84, :303-310). That makes the README cleanup recipe fail to expire signed document/output caches in that scenario; include the same env flag or a caveat here.
Useful? React with 👍 / 👎.
Summary
skills/briefprintbundle.Validation
python -m pytest -q-> 157 passed, 2 skippedpython scripts\validate_skill.py --run-evals-> OKpython -m ruff check .-> All checks passed