@buivietphi/skill-mobile-mt 2.0.0

package/shared/ci-cd.md

@@ -0,0 +1,423 @@
+# CI/CD Pipelines — GitHub Actions for Mobile
+
+> Automate: test → build → distribute. Never ship without CI.
+
+---
+
+## React Native — CI Pipeline
+
+```yaml
+# .github/workflows/rn-ci.yml
+name: React Native CI
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'yarn'           # or npm, pnpm
+
+      - name: Install dependencies
+        run: yarn install --frozen-lockfile
+
+      - name: TypeScript check
+        run: yarn tsc --noEmit
+
+      - name: Lint
+        run: yarn lint
+
+      - name: Unit tests
+        run: yarn test --ci --coverage --maxWorkers=2
+
+      - name: Upload coverage
+        uses: codecov/codecov-action@v4
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+  build-android:
+    runs-on: ubuntu-latest
+    needs: test
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'yarn'
+
+      - uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+
+      - name: Cache Gradle
+        uses: actions/cache@v4
+        with:
+          path: |
+            ~/.gradle/caches
+            ~/.gradle/wrapper
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*') }}
+
+      - name: Install dependencies
+        run: yarn install --frozen-lockfile
+
+      - name: Build Android APK (debug)
+        run: cd android && ./gradlew assembleDebug
+
+      - name: Upload APK
+        uses: actions/upload-artifact@v4
+        with:
+          name: app-debug.apk
+          path: android/app/build/outputs/apk/debug/app-debug.apk
+
+  build-ios:
+    runs-on: macos-15
+    needs: test
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'yarn'
+
+      - name: Cache CocoaPods
+        uses: actions/cache@v4
+        with:
+          path: ios/Pods
+          key: ${{ runner.os }}-pods-${{ hashFiles('ios/Podfile.lock') }}
+
+      - name: Install dependencies
+        run: yarn install --frozen-lockfile && cd ios && pod install
+
+      - name: Build iOS (simulator)
+        run: |
+          xcodebuild -workspace ios/MyApp.xcworkspace \
+            -scheme MyApp \
+            -sdk iphonesimulator \
+            -configuration Debug \
+            -derivedDataPath ios/build \
+            CODE_SIGN_IDENTITY="" CODE_SIGNING_REQUIRED=NO
+```
+
+---
+
+## React Native — E2E with Detox
+
+```yaml
+# .github/workflows/rn-e2e.yml
+name: E2E Tests (Detox)
+
+on:
+  push:
+    branches: [main]
+
+jobs:
+  e2e-ios:
+    runs-on: macos-15
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'yarn'
+
+      - name: Install dependencies
+        run: yarn install --frozen-lockfile && cd ios && pod install
+
+      - name: Install Detox CLI
+        run: npm install -g detox-cli
+
+      - name: Build for Detox
+        run: detox build --configuration ios.sim.debug
+
+      - name: Run E2E tests
+        run: detox test --configuration ios.sim.debug --headless
+
+      - name: Upload Detox artifacts on failure
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: detox-artifacts
+          path: artifacts/
+```
+
+---
+
+## Flutter — CI Pipeline
+
+```yaml
+# .github/workflows/flutter-ci.yml
+name: Flutter CI
+
+on:
+  push:
+    branches: [main, develop]
+  pull_request:
+    branches: [main]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: subosito/flutter-action@v2
+        with:
+          flutter-version: '3.27.x'
+          cache: true
+
+      - name: Install dependencies
+        run: flutter pub get
+
+      - name: Analyze
+        run: flutter analyze
+
+      - name: Unit + Widget tests
+        run: flutter test --coverage
+
+      - name: Upload coverage
+        uses: codecov/codecov-action@v4
+
+  build-android:
+    runs-on: ubuntu-latest
+    needs: test
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+
+      - uses: subosito/flutter-action@v2
+        with:
+          flutter-version: '3.27.x'
+          cache: true
+
+      - name: Install dependencies
+        run: flutter pub get
+
+      - name: Build APK
+        run: flutter build apk --debug
+
+      - name: Upload APK
+        uses: actions/upload-artifact@v4
+        with:
+          name: flutter-debug.apk
+          path: build/app/outputs/flutter-apk/app-debug.apk
+
+  build-ios:
+    runs-on: macos-15
+    needs: test
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: subosito/flutter-action@v2
+        with:
+          flutter-version: '3.27.x'
+          cache: true
+
+      - name: Install dependencies
+        run: flutter pub get
+
+      - name: Build iOS (no codesign)
+        run: flutter build ios --debug --no-codesign
+```
+
+---
+
+## iOS — Release to TestFlight (Fastlane)
+
+```yaml
+# .github/workflows/ios-release.yml
+name: iOS Release
+
+on:
+  push:
+    tags: ['v*']
+
+jobs:
+  release:
+    runs-on: macos-15
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'yarn'
+
+      - name: Install dependencies
+        run: yarn install --frozen-lockfile && cd ios && pod install
+
+      - name: Setup certificates
+        uses: apple-actions/import-codesign-certs@v2
+        with:
+          p12-file-base64: ${{ secrets.CERTIFICATES_P12 }}
+          p12-password: ${{ secrets.CERTIFICATES_P12_PASSWORD }}
+
+      - name: Setup provisioning profile
+        uses: apple-actions/download-provisioning-profiles@v1
+        with:
+          bundle-id: com.myapp
+          issuer-id: ${{ secrets.APPSTORE_ISSUER_ID }}
+          api-key-id: ${{ secrets.APPSTORE_KEY_ID }}
+          api-private-key: ${{ secrets.APPSTORE_PRIVATE_KEY }}
+
+      - name: Deploy to TestFlight
+        run: bundle exec fastlane ios beta
+        env:
+          APP_STORE_CONNECT_API_KEY_KEY_ID: ${{ secrets.APPSTORE_KEY_ID }}
+          APP_STORE_CONNECT_API_KEY_ISSUER_ID: ${{ secrets.APPSTORE_ISSUER_ID }}
+          APP_STORE_CONNECT_API_KEY_KEY: ${{ secrets.APPSTORE_PRIVATE_KEY }}
+```
+
+```ruby
+# ios/Fastfile
+lane :beta do
+  build_app(
+    workspace: "MyApp.xcworkspace",
+    scheme: "MyApp",
+    configuration: "Release",
+    export_method: "app-store"
+  )
+  upload_to_testflight(skip_waiting_for_build_processing: true)
+end
+```
+
+---
+
+## Android — Release to Play Store (Fastlane)
+
+```yaml
+# .github/workflows/android-release.yml
+name: Android Release
+
+on:
+  push:
+    tags: ['v*']
+
+jobs:
+  release:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'yarn'
+
+      - name: Install dependencies
+        run: yarn install --frozen-lockfile
+
+      - name: Decode keystore
+        run: echo "${{ secrets.KEYSTORE_BASE64 }}" | base64 -d > android/app/release.keystore
+
+      - name: Build release AAB
+        run: cd android && ./gradlew bundleRelease
+        env:
+          KEYSTORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }}
+          KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
+          KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}
+
+      - name: Deploy to Play Store
+        uses: r0adkll/upload-google-play@v1
+        with:
+          serviceAccountJsonPlainText: ${{ secrets.PLAY_STORE_SERVICE_ACCOUNT_JSON }}
+          packageName: com.myapp
+          releaseFiles: android/app/build/outputs/bundle/release/*.aab
+          track: internal
+```
+
+---
+
+## Required GitHub Secrets
+
+```
+# iOS
+CERTIFICATES_P12             ← base64-encoded .p12 file
+CERTIFICATES_P12_PASSWORD    ← password for .p12
+APPSTORE_KEY_ID              ← App Store Connect API key ID
+APPSTORE_ISSUER_ID           ← App Store Connect issuer ID
+APPSTORE_PRIVATE_KEY         ← App Store Connect private key (.p8 contents)
+
+# Android
+KEYSTORE_BASE64              ← base64-encoded release.keystore
+KEYSTORE_PASSWORD            ← keystore password
+KEY_ALIAS                    ← key alias
+KEY_PASSWORD                 ← key password
+PLAY_STORE_SERVICE_ACCOUNT_JSON  ← GCP service account JSON
+
+# Shared
+CODECOV_TOKEN                ← coverage reporting
+MAESTRO_API_KEY              ← Maestro Cloud E2E (optional)
+```
+
+---
+
+## Caching Strategy
+
+```yaml
+# Node modules — hash package-lock or yarn.lock
+- uses: actions/cache@v4
+  with:
+    path: node_modules
+    key: ${{ runner.os }}-node-${{ hashFiles('**/yarn.lock') }}
+    restore-keys: ${{ runner.os }}-node-
+
+# Gradle — hash .gradle files
+- uses: actions/cache@v4
+  with:
+    path: |
+      ~/.gradle/caches
+      ~/.gradle/wrapper
+    key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+
+# CocoaPods — hash Podfile.lock
+- uses: actions/cache@v4
+  with:
+    path: ios/Pods
+    key: ${{ runner.os }}-pods-${{ hashFiles('ios/Podfile.lock') }}
+
+# Flutter pub — hash pubspec.lock
+- uses: actions/cache@v4
+  with:
+    path: ~/.pub-cache
+    key: ${{ runner.os }}-pub-${{ hashFiles('**/pubspec.lock') }}
+```
+
+---
+
+## Anti-Patterns
+
+```
+❌ Committing signing credentials to repo
+❌ Running E2E on every PR (too slow — run on main only)
+❌ No caching (3x slower builds)
+❌ Skipping unit tests before build jobs
+❌ Building on push to every branch
+
+✅ Store all secrets in GitHub Secrets
+✅ Cache node_modules + Gradle + CocoaPods + pub-cache
+✅ Unit tests on PR, E2E on merge to main
+✅ needs: test before build jobs
+✅ Upload build artifacts for download/QA
+```

package/shared/claude-md-template.md

@@ -0,0 +1,125 @@
+# CLAUDE.md Template for Mobile Projects
+
+> Copy this file to your project root as `CLAUDE.md`.
+> Claude Code reads it automatically every session — no invocation needed.
+
+---
+
+## How to use
+
+1. Copy this file to your project: `cp CLAUDE.md.template CLAUDE.md`
+2. Edit the sections marked with `[FILL IN]`
+3. Claude will follow these rules automatically in every conversation
+
+---
+
+## Template (copy below this line)
+
+---
+
+# Project: [FILL IN: Your App Name]
+
+## Stack
+
+- **Framework:** [React Native CLI / Expo SDK XX / Flutter X.X / iOS / Android]
+- **Language:** [TypeScript / JavaScript / Dart / Swift / Kotlin]
+- **State:** [Redux Toolkit / Zustand / Riverpod / BLoC / StateFlow]
+- **Navigation:** [React Navigation v6 / Expo Router / GoRouter / UIKit / Jetpack]
+- **API:** [axios / fetch / Dio / Firebase / GraphQL]
+- **Package Manager:** [yarn / npm / pnpm / bun / flutter pub]
+
+## Project Structure
+
+```
+[FILL IN: paste your src/ or lib/ tree here]
+src/
+├── features/
+│   ├── auth/
+│   └── home/
+├── shared/
+│   ├── components/
+│   └── utils/
+```
+
+## Conventions
+
+- **Naming:** [PascalCase screens, camelCase hooks/services]
+- **Imports:** [absolute @/ aliases / relative paths]
+- **Styling:** [StyleSheet / NativeWind / styled-components / Compose / SwiftUI]
+
+## Auto-Check Rules (apply after EVERY code change)
+
+Before saying "done" on any task, automatically verify:
+
+```
+□ No console.log / print / NSLog in production code
+□ No hardcoded secrets, API keys, or tokens
+□ No token storage in AsyncStorage / SharedPreferences / UserDefaults
+□ All async operations wrapped in try/catch
+□ All 4 states handled: loading / error / empty / success
+□ useEffect / dispose / viewModelScope has cleanup
+□ FlatList (not ScrollView) for lists > 20 items
+□ No force unwrap (! / !! / as!) without null check
+□ TypeScript: no implicit 'any'
+□ New screens registered in navigator
+□ Imports resolve (no broken paths)
+```
+
+If ANY check fails → fix it before marking done.
+
+## Performance Rules (apply when building lists, animations, heavy screens)
+
+```
+□ FlatList with keyExtractor + getItemLayout (if fixed height)
+□ React.memo on list item components
+□ useCallback on handlers passed to list items
+□ Images: use FastImage / expo-image, specify width+height
+□ Animations: use react-native-reanimated (not Animated API)
+□ No heavy computation on main thread (use InteractionManager)
+```
+
+## Security Rules (non-negotiable)
+
+```
+□ Tokens → SecureStore / Keychain / EncryptedSharedPreferences ONLY
+□ Deep link params → validate before use
+□ API calls → HTTPS only
+□ Sensitive data → never in logs
+□ User input → sanitize before display (XSS)
+```
+
+## What NOT to do
+
+```
+□ NEVER suggest migrating to a different framework/architecture
+□ NEVER change state management library
+□ NEVER add packages without checking SDK compatibility first
+□ NEVER mix package managers (yarn + npm)
+□ NEVER create new files for one-off operations
+□ NEVER add comments to code you didn't change
+```
+
+## Preferred Commands
+
+```bash
+# Install
+[yarn install / npm install / flutter pub get / pod install]
+
+# Run
+[yarn ios / yarn android / flutter run / xcodebuild / ./gradlew]
+
+# Test
+[yarn test / flutter test / xcodebuild test]
+
+# Lint
+[yarn lint / flutter analyze / swiftlint]
+```
+
+## Notes
+
+[FILL IN: any project-specific quirks, known issues, or important context]
+
+Example:
+- Auth uses custom JWT refresh logic in src/services/auth/tokenManager.ts
+- Push notifications require manual certificate setup (see docs/push-setup.md)
+- Android flavor: 'staging' points to staging API, 'production' to prod

package/shared/code-review.md

@@ -0,0 +1,133 @@
+# Code Review — Senior Protocol
+
+> 🔴 Always loaded. All platforms.
+
+---
+
+## Checklist
+
+### Architecture
+- [ ] Single responsibility per file (max 300 lines)
+- [ ] Dependencies flow inward (UI → Domain → Data)
+- [ ] Follows existing project patterns
+- [ ] New files in correct directory
+
+### Correctness
+- [ ] All states handled: loading, success, error, empty
+- [ ] Edge cases: null, empty, timeout, concurrent
+- [ ] Async errors caught with meaningful handling
+- [ ] Cleanup on unmount/dispose (listeners, timers, subscriptions)
+- [ ] No race conditions (double-tap, concurrent API calls)
+
+### Performance
+- [ ] Lists virtualized (FlatList / ListView.builder / LazyColumn)
+- [ ] Memoized where needed (memo / const / remember)
+- [ ] No inline functions in render/build
+- [ ] Images cached and resized
+- [ ] No main thread blocking
+
+### Security
+- [ ] No hardcoded secrets
+- [ ] Secure storage for tokens (Keychain / EncryptedSharedPreferences)
+- [ ] Input validated and sanitized
+- [ ] Deep links validated before navigation
+- [ ] No sensitive data in logs
+
+### Platform
+- [ ] Both iOS + Android tested (if cross-platform)
+- [ ] Safe areas / notch handled
+- [ ] Keyboard handled (dismiss, avoidance)
+- [ ] Back button handled (Android)
+- [ ] Accessibility labels on interactive elements
+
+---
+
+## Severity
+
+| Level | Action | Example |
+|-------|--------|---------|
+| 🔴 CRITICAL | Must fix before merge | Crash, security hole, data loss |
+| 🟠 HIGH | Should fix before merge | Memory leak, missing error state, race condition |
+| 🟡 MEDIUM | Fix in follow-up | Naming inconsistency, missing memoization |
+| 🔵 LOW | Nice to have | Minor style, comment improvement |
+
+---
+
+## Auto-Fail
+
+**Any of these → block merge immediately:**
+
+```
+❌ console.log / print in production code
+❌ Hardcoded secrets or API keys
+❌ Force unwrap without null check (! / !! / as!)
+❌ Empty catch blocks (error silently swallowed)
+❌ 500+ line files
+❌ Network call in render / build / Composable
+❌ Index as list key
+❌ Missing loading / error / empty state (blank screen)
+```
+
+### Grounding Auto-Fail (AI-generated code)
+
+**If the code was generated by AI, also check:**
+
+```
+❌ Import from a package NOT in package.json / pubspec.yaml
+❌ Function/method call that doesn't exist in the codebase
+❌ API endpoint or response shape not verified from actual service code
+❌ Library version syntax that doesn't match installed version
+❌ Platform API that doesn't exist in the project's min SDK
+```
+
+---
+
+## Review Comment Templates
+
+```
+🔴 CRITICAL — [file:line]
+Issue: [description]
+Impact: [what breaks]
+Fix: [specific code change]
+
+🟠 HIGH — [file:line]
+Issue: [description]
+Fix: [suggestion]
+
+🟡 MEDIUM — [file:line]
+Suggestion: [improvement]
+```
+
+---
+
+## Example Issues
+
+### Before (Bad)
+```typescript
+// ❌ No error handling, no loading state, index as key
+function ProductList() {
+  const [data, setData] = useState([]);
+  useEffect(() => { api.get('/products').then(r => setData(r.data)); }, []);
+  return data.map((item, i) => <ProductCard key={i} item={item} />);
+}
+```
+
+### After (Good)
+```typescript
+// ✅ All states, cleanup, stable key, error handling
+function ProductList() {
+  const [state, setState] = useState({ data: [], loading: true, error: null });
+  useEffect(() => {
+    let cancelled = false;
+    api.get('/products')
+      .then(r => { if (!cancelled) setState({ data: r.data, loading: false, error: null }); })
+      .catch(e => { if (!cancelled) setState({ data: [], loading: false, error: e.message }); });
+    return () => { cancelled = true; };
+  }, []);
+
+  if (state.loading) return <LoadingSkeleton />;
+  if (state.error) return <ErrorView message={state.error} onRetry={refresh} />;
+  if (!state.data.length) return <EmptyState />;
+  return <FlatList data={state.data} keyExtractor={item => item.id} renderItem={...} />;
+}
+```