From git init to v1.17.0 in 70 days: an honest ThumbGate build log
On March 3, the first commit on this repo was three words: chore: initialize repository. Today the live build at thumbgate.ai/health reports "version":"1.17.0". In between, 70 days, 112 commits on the visible branch, 60+ tagged releases, ~6,000 npm downloads, and one expensive lesson: shipping is not the same as selling.
This is the unedited build log — the architecture choices that held, the ones that didn't, and the part where revenue is still zero.
The hypothesis
AI coding agents (Claude Code, Cursor, Codex, Aider, Cline) burn money making the same mistake twice. Force-pushing to main. Editing .env without checking what's already in it. Claiming "deployed" without curling the health endpoint. Calling shell with un-escaped user input.
If you've watched an agent retry the same broken patch four times in a row, you know exactly what I mean.
The hypothesis: capture the moment of failure, distill it into a rule, and gate the next attempt before the tool call fires. Not a linter (those run too late). Not a post-action review (the damage is done). A pre-action gate with an opinion.
The timeline
bootstrap OSS RLHF feedback system.The original framing was "RLHF for coding agents." It was wrong — what I was actually building was context engineering plus enforcement. The pivot took weeks.
SQLite + FTS5 for the lesson database (because it ships in the npm package and survives no-network installs). LanceDB for vectors. Thompson Sampling for which gates to fire when. ContextFS for context assembly. The agent harness pattern as the mental model.
thumbgate.The same day, v1.1.0 lands the HuggingFace export. The cadence is "release on green CI, don't wait."
That spike was a Reddit post, not paid traffic. Organic interest exists. Conversion to paid does not, yet.
Active outbound moved to Reddit, LinkedIn, Threads, Bluesky, Instagram, YouTube. All routed through one social-publishing layer (Zernio) so I'm not maintaining six token rotations.
The hard wall on the free tier was killing habit formation. Daily-use lane is now open; Pro gates the dashboard, recall, lesson search, and DPO export.
What's running in production
- npm package
thumbgate— the public shell. CLI, hook installer, adapter configs, JSON schemas. Node ≥18.18, MIT. - Railway-hosted API at
thumbgate.ai— health, dashboard, checkout intent, billing summary. Docker rebuild on every push tomain(2–5 min). Verified post-deploy by curling/healthand grepping the version string. - Stripe — 15 active products (Pro $19/mo + $149/yr; Team $49/seat/mo; plus 13 funnel/diagnostic SKUs from $1 to $1,500). All carry the canonical ThumbGate logo. Checkout sessions verified to mint live
cs_live_IDs. - SQLite + FTS5 lesson DB — ships in the package, runs on-device, never phones home.
- LanceDB vector index — for semantic lesson recall.
- Plausible analytics — privacy-respecting, no cookie banner, no IP logging.
- Two-repo split: public
ThumbGate(this) is the thin shell;ThumbGate-Core(private) holds the ranking, synthesis, billing intelligence, and org-wide telemetry. Wire protocol between them, neverrequire().
Five lessons I'd give my March-3 self
/health after merge" for weeks. It didn't stick. The fix was a hard rule in CLAUDE.md that blocks the words "done", "deployed", "live", or "shipped" until two grep commands return non-empty output. The day that gate landed was the day I stopped lying to myself about ship status.
gh pr view output before claiming done. The middle ground does not exist.
CLAUDE.md, also update the lesson DB entry or prevention rule that contradicts it. Otherwise the agent follows stale memory over the new instruction. Memory always wins ties.
scroll-snap-type: none on mobile cost me a full afternoon of CI minutes and trust.
The part that's still broken
This is honest because pretending otherwise would be the exact kind of "live revenue claim" the deploy-verification gate exists to stop. The product works. The funnel doesn't yet. That's a distribution problem, not a product-doesn't-work problem — but it's still a problem.
The next 30 days are about three things:
- Friction-free first-gate-fires. If
npx thumbgate initdoesn't surface a real, named gate inside 60 seconds on a real codebase, install-to-aha is broken. Measuring this with anonymous telemetry on the install flow. - Story-driven distribution. Build logs (like this one) and gate-of-the-week posts. Specific war stories beat feature lists. Verified by Plausible referrer reports, not vibes.
- Refund-rate triage on the funnel SKUs. The $1, $5, $19, $49 quick-read tier exists to validate willingness-to-pay at low friction. If those convert, the $1,500 Workflow Hardening Sprint becomes a real consulting funnel.
The tools I shipped this on
Solo founder, no team. Stack: Claude Code as the primary engineer (CTO mode, autonomous PR/merge/deploy when CI is green); Cursor for ad-hoc edits; Railway for hosting; Stripe for billing; Resend for transactional email; Plausible for analytics; Zernio for cross-platform social publishing.
The single highest-ROI choice was treating Claude Code as a CTO with a strict CLAUDE.md contract — branch from main, push, PR, wait for green CI, merge, verify, deploy. The model handles the work; the gate file handles the discipline.
Try it
One-line install:
npx thumbgate initYou'll have a working pre-action gate in your AI coding agent inside 60 seconds, or the install is broken and I want to hear about it.
If you've been burned by an AI agent doing something it shouldn't have, the Pro tier is $19/mo and adds the dashboard, recall, and lesson search. Or just install the free version, get a feel for it, and decide later. The whole thing is MIT.
I'll write the next build log at v2.0.0 — or when the first cold-traffic customer pays, whichever comes first.