reword

Author: mhils

index.html.jinja2

@@ -1,6 +1,6 @@
 {% extends "frame.html.jinja2" %}
 {% block head %}
-    <title>autofix.ci</title>
+    <title>autofix.ci: automatically fix pull requests</title>
 {% endblock %}
 {% block body %}
     <style>/* pygments */{{ pygments_css }}</style>
@@ -141,16 +141,16 @@
                 <h3 id="which-platforms-are-supported" class="fs-5">Which platforms are supported?</h3>
                 <ul>
                     <li>
-                        <strong>autofix.ci</strong> currently supports GitHub and GitHub Actions only.
+                        <strong>autofix.ci</strong> supports GitHub Actions only.
                     </li>
                 </ul>
 
                 <h3 id="does-it-work-for-all-commits" class="fs-5">Does it work for all commits?</h3>
                 <ul>
                     <li>
-                        For safety reasons, <strong>autofix.ci</strong> will not push for commits made by bots. This
-                        avoids
-                        infinite loops with bots continuously correcting each other.
+                        For safety reasons, <strong>autofix.ci</strong> will not apply patches if the last commit has
+                        been authored by a bot.
+                        This avoids infinite loops with bots continuously correcting each other.
                     </li>
                 </ul>
 
@@ -172,10 +172,10 @@
                 <h3 id="is-it-secure" class="fs-5">Is it secure?</h3>
                 <ul>
                     <li>
-                        Yes, because we keep the necessary GitHub authentication token away from potentially untrusted
-                        actions. By using autofix.ci, you only provide your autofix.ci workflow with the capability to
-                        update the pull request branch once. Please see <a href="/security">autofix.ci/security</a>
-                        for details.
+                        Yes, because we keep <strong>autofix.ci</strong>'s GitHub authentication token away from potentially untrusted
+                        actions. By using <strong>autofix.ci</strong>, you only provide your auto-fixing workflow with
+                        the capability to update the pull request branch once.
+                        Please see <a href="/security">autofix.ci/security</a> for details.
                     </li>
                 </ul>
 

security.html.jinja2

@@ -20,10 +20,6 @@
                         completely untrusted and potentially compromised. The autofix.ci API only enables the workflow
                         to update the current pull request once.
                     </li>
-                    <li>
-                        autofix.ci's hosted service is written in a memory-safe language that emphasizes correctness
-                        (Rust).
-                    </li>
                     <li>
                         autofix.ci minimizes untrusted input and data processing where possible. For example,
                         instead of using <samp>git checkout/apply/push</samp>, we have decided to use
@@ -34,6 +30,10 @@
                         instead of applying git commands on untrusted repositories (see e.g.
                         <a href="https://access.redhat.com/security/cve/cve-2021-21300">CVE-2021-21300</a>).
                     </li>
+                    <li>
+                        autofix.ci's hosted service is written in a memory-safe language that emphasizes correctness
+                        (Rust).
+                    </li>
                     <li>
                         autofix.ci's main author has extensive practical (building security software, organizing and
                         playing CTF security competitions) and theoretical security experience (CS PhD

setup.html.jinja2

@@ -1,6 +1,6 @@
 {% extends "frame.html.jinja2" %}
 {% block head %}
-    <title>autofix.ci: setup</title>
+    <title>Setup autofix.ci</title>
 {% endblock %}
 {% macro examplebox(filename) %}
     <div class="card mb-3">
@@ -73,8 +73,9 @@
                 <h2 id="python">Python</h2>
                 <p>
                     This example demonstrates the use of some of the most popular Python code fixing tools.
-                    We use the <a href="https://github.com/install-pinned/">@install-pinned</a> actions to keep things
-                    simple,
+                    We use the <a href="https://github.com/install-pinned/">@install-pinned</a> actions to securely
+                    install hardcoded versions of all tools, but you can also use an existing
+                    <code>requirements.txt</code> file, for example.
                 </p>
                 {{ examplebox("python.yml") }}
                 <p>
@@ -128,9 +129,9 @@
 
                 <h2 id="pre-commit">pre-commit hooks</h2>
                 <p>
-                    If your workflow is based on pre-commit hooks only,
-                    <a href="https://pre-commit.ci/">pre-commit.ci</a>
-                    offers a strong alternative to autofix.ci. Of course, you can also use pre-commit hooks in your
+                    If your existing workflow is based on pre-commit.com hooks, you should use
+                    <a href="https://pre-commit.ci/">pre-commit.ci</a> instead of autofix.ci.
+                    Of course, you can also integrate pre-commit hooks in your
                     autofix.ci workflow:
                 </p>
                 {{ examplebox("pre-commit.yml") }}