native-update 2.0.0 → 3.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (258) hide show
  1. package/Readme.md +28 -14
  2. package/android/manifest-additions.xml +28 -0
  3. package/android/src/main/AndroidManifest.xml +3 -7
  4. package/android/src/main/java/com/aoneahsan/nativeupdate/BackgroundNotificationManager.kt +21 -13
  5. package/android/src/main/java/com/aoneahsan/nativeupdate/LiveUpdatePlugin.kt +196 -29
  6. package/android/src/main/java/com/aoneahsan/nativeupdate/NativeUpdatePlugin.kt +21 -36
  7. package/cli/AGENTS.md +15 -1
  8. package/cli/CLAUDE.md +15 -1
  9. package/cli/commands/backend-create.js +56 -15
  10. package/cli/commands/bundle-create.js +39 -7
  11. package/cli/commands/monitor.js +72 -51
  12. package/cli/index.js +10 -24
  13. package/cli/package.json +11 -3
  14. package/dist/esm/app-review/app-review-manager.js +0 -1
  15. package/dist/esm/app-review/index.js +0 -1
  16. package/dist/esm/app-review/platform-review-handler.js +0 -1
  17. package/dist/esm/app-review/review-conditions-checker.js +0 -1
  18. package/dist/esm/app-review/review-rate-limiter.js +0 -1
  19. package/dist/esm/app-review/types.js +0 -1
  20. package/dist/esm/app-update/app-update-checker.js +0 -1
  21. package/dist/esm/app-update/app-update-installer.d.ts +1 -0
  22. package/dist/esm/app-update/app-update-installer.js +19 -8
  23. package/dist/esm/app-update/app-update-manager.js +0 -1
  24. package/dist/esm/app-update/app-update-notifier.js +0 -1
  25. package/dist/esm/app-update/index.js +0 -1
  26. package/dist/esm/app-update/platform-app-update.js +12 -3
  27. package/dist/esm/app-update/types.js +0 -1
  28. package/dist/esm/background-update/background-scheduler.js +0 -1
  29. package/dist/esm/background-update/index.js +0 -1
  30. package/dist/esm/background-update/notification-manager.js +0 -1
  31. package/dist/esm/config/support.js +0 -1
  32. package/dist/esm/core/analytics.d.ts +13 -0
  33. package/dist/esm/core/analytics.js +15 -1
  34. package/dist/esm/core/cache-manager.js +0 -1
  35. package/dist/esm/core/config.d.ts +0 -15
  36. package/dist/esm/core/config.js +0 -4
  37. package/dist/esm/core/errors.d.ts +1 -0
  38. package/dist/esm/core/errors.js +1 -1
  39. package/dist/esm/core/event-emitter.d.ts +0 -3
  40. package/dist/esm/core/event-emitter.js +8 -3
  41. package/dist/esm/core/logger.js +0 -1
  42. package/dist/esm/core/performance.js +0 -1
  43. package/dist/esm/core/plugin-manager.js +3 -1
  44. package/dist/esm/core/security.d.ts +11 -0
  45. package/dist/esm/core/security.js +27 -1
  46. package/dist/esm/definitions.d.ts +0 -11
  47. package/dist/esm/definitions.js +0 -1
  48. package/dist/esm/index.d.ts +3 -2
  49. package/dist/esm/index.js +3 -1
  50. package/dist/esm/live-update/bundle-manager.d.ts +8 -0
  51. package/dist/esm/live-update/bundle-manager.js +20 -1
  52. package/dist/esm/live-update/certificate-pinning.js +0 -1
  53. package/dist/esm/live-update/delta-processor.d.ts +1 -1
  54. package/dist/esm/live-update/delta-processor.js +3 -1
  55. package/dist/esm/live-update/download-manager.js +9 -2
  56. package/dist/esm/live-update/rollout-checker.d.ts +1 -1
  57. package/dist/esm/live-update/rollout-checker.js +5 -6
  58. package/dist/esm/live-update/update-manager.js +0 -1
  59. package/dist/esm/live-update/version-manager.d.ts +0 -12
  60. package/dist/esm/live-update/version-manager.js +0 -68
  61. package/dist/esm/plugin.js +69 -43
  62. package/dist/esm/security/crypto.js +11 -7
  63. package/dist/esm/security/validator.js +0 -1
  64. package/dist/esm/types/rollout.d.ts +85 -0
  65. package/dist/esm/types/rollout.js +25 -0
  66. package/dist/esm/web.d.ts +8 -0
  67. package/dist/esm/web.js +148 -54
  68. package/dist/plugin.cjs.js +1 -2
  69. package/dist/plugin.esm.js +1 -2
  70. package/dist/plugin.js +2 -3
  71. package/docs/CHANGELOG.md +124 -0
  72. package/docs/CLAUDE.md +1 -1
  73. package/docs/MANUAL-TASKS.md +17 -0
  74. package/docs/MARKETING_WEBSITE_TRACKER.md +18 -2
  75. package/docs/MIGRATION.md +83 -0
  76. package/docs/PACKAGES.md +167 -0
  77. package/docs/PERFORMANCE.md +110 -0
  78. package/docs/PROJECT_COMPLETION_TRACKER.md +4 -35
  79. package/docs/README.md +0 -1
  80. package/docs/REMAINING_FEATURES.md +123 -76
  81. package/docs/ROADMAP.md +200 -120
  82. package/docs/SECURITY-IF-REPO-PUBLIC.md +232 -0
  83. package/docs/TESTING_REQUIREMENTS.md +1 -112
  84. package/docs/ai-knowledge-base/00-project-profile.md +38 -0
  85. package/docs/ai-knowledge-base/01-features.md +46 -0
  86. package/docs/ai-knowledge-base/02-routes.md +72 -0
  87. package/docs/ai-knowledge-base/03-tech-stack.md +57 -0
  88. package/docs/ai-knowledge-base/README.md +23 -0
  89. package/docs/analytics-tracking.md +37 -0
  90. package/docs/capacitor-official-plugins.md +46 -0
  91. package/docs/capawesome-plugins.md +29 -0
  92. package/docs/deployment/HOSTINGER_DEPLOY.md +75 -34
  93. package/docs/deployment/PRODUCTION-DEPLOY-CHECKLIST.md +184 -0
  94. package/docs/docs-site/plan.md +201 -0
  95. package/docs/docs-site/scope.md +127 -0
  96. package/docs/docs-site/tracker.json +235 -0
  97. package/docs/error-handling-tracking.md +37 -0
  98. package/docs/guides/testing-guide.md +15 -41
  99. package/docs/package-audit.md +41 -0
  100. package/docs/play-store/ASO-METADATA.md +5 -0
  101. package/docs/play-store/DATA-SAFETY.md +5 -0
  102. package/docs/play-store/DECLARATIONS.md +5 -0
  103. package/docs/play-store/README.md +27 -0
  104. package/docs/play-store/RELEASE-NOTES.md +99 -0
  105. package/docs/play-store/RELEASE-STEPS.md +6 -0
  106. package/docs/play-store/STORE-LISTING.md +7 -0
  107. package/docs/play-store/SUBMISSION-CHECKLIST.md +5 -0
  108. package/docs/production-readiness.md +1 -1
  109. package/docs/project-audit/2026-05-16/00-FINALIZATION-PLAN.md +123 -0
  110. package/docs/project-audit/2026-05-16/01-BATCH-PLAN.md +227 -0
  111. package/docs/project-audit/2026-05-16/02-AUDIT-FINDINGS.md +144 -0
  112. package/docs/project-audit/2026-05-16/sessions/batch-01.md +42 -0
  113. package/docs/project-audit/2026-05-16/sessions/batch-02.md +74 -0
  114. package/docs/project-audit/2026-05-16/sessions/batch-03.md +71 -0
  115. package/docs/project-audit/2026-05-16/sessions/batch-04.md +88 -0
  116. package/docs/project-audit/2026-05-16/sessions/batch-05.md +63 -0
  117. package/docs/project-audit/2026-05-16/sessions/batch-06.md +103 -0
  118. package/docs/project-audit/2026-05-16/sessions/batch-07.md +61 -0
  119. package/docs/project-audit/2026-05-16/sessions/batch-08.md +101 -0
  120. package/docs/project-audit/2026-05-16/sessions/batch-09.md +105 -0
  121. package/docs/project-audit/2026-05-16/sessions/batch-10.md +102 -0
  122. package/docs/project-audit/AUDIT-HISTORY.md +74 -0
  123. package/docs/project-audit/BATCH-PLAN.md +168 -0
  124. package/docs/project-audit/MARKETING-WEBSITE-FINDINGS-2026-05-11.md +73 -0
  125. package/docs/project-audit/PRODUCTION-READINESS-AUDIT-2026-05-08.md +275 -0
  126. package/docs/project-finalization/00-tracker.json +60 -0
  127. package/docs/project-knowledge-base/01-system-overview.md +39 -30
  128. package/docs/project-knowledge-base/02-routes-pages-forms-users.md +87 -81
  129. package/docs/project-knowledge-base/03-tech-stack-modules-services.md +140 -108
  130. package/docs/project-knowledge-base/04-data-models-integrations.md +191 -254
  131. package/docs/project-knowledge-base/05-docs-corpus-inventory.md +83 -20
  132. package/docs/project-knowledge-base/06-operations-testing-legal-content.md +67 -29
  133. package/docs/project-knowledge-base/README.md +27 -14
  134. package/docs/project-profiles/native-update-capacitor-update-platform-project-profile-last-updated-2026-05-19.md +81 -0
  135. package/docs/rules-tracker.md +102 -0
  136. package/docs/security/PRE-LAUNCH-PENTEST-CHECKLIST.md +116 -0
  137. package/docs/social-media-marketing/README.md +81 -0
  138. package/docs/social-media-marketing/posts-batch-01.md +613 -0
  139. package/docs/social-media-marketing/posts-batch-02.md +528 -0
  140. package/docs/social-media-marketing/whatsapp-messages-batch-01.md +458 -0
  141. package/docs/social-media-marketing/whatsapp-status-batch-01.md +355 -0
  142. package/docs/tracking/finalization-2026-05-16-tracker.json +346 -0
  143. package/docs/tracking/full-audit-tracker.json +121 -0
  144. package/docs/tracking/production-readiness-audit-tracker.json +429 -0
  145. package/ios/Plugin/BackgroundUpdate/BackgroundUpdatePlugin.swift +16 -3
  146. package/ios/Plugin/LiveUpdate/LiveUpdatePlugin.swift +71 -47
  147. package/ios/Plugin/NativeUpdatePlugin.swift +14 -9
  148. package/package.json +29 -29
  149. package/cli/node_modules/.yarn-integrity +0 -16
  150. package/cli/node_modules/commander/LICENSE +0 -22
  151. package/cli/node_modules/commander/Readme.md +0 -1148
  152. package/cli/node_modules/commander/esm.mjs +0 -16
  153. package/cli/node_modules/commander/index.js +0 -26
  154. package/cli/node_modules/commander/lib/argument.js +0 -145
  155. package/cli/node_modules/commander/lib/command.js +0 -2179
  156. package/cli/node_modules/commander/lib/error.js +0 -43
  157. package/cli/node_modules/commander/lib/help.js +0 -462
  158. package/cli/node_modules/commander/lib/option.js +0 -329
  159. package/cli/node_modules/commander/lib/suggestSimilar.js +0 -100
  160. package/cli/node_modules/commander/package-support.json +0 -16
  161. package/cli/node_modules/commander/package.json +0 -80
  162. package/cli/node_modules/commander/typings/esm.d.mts +0 -3
  163. package/cli/node_modules/commander/typings/index.d.ts +0 -884
  164. package/cli/yarn.lock +0 -8
  165. package/dist/esm/__tests__/bundle-manager.test.d.ts +0 -1
  166. package/dist/esm/__tests__/bundle-manager.test.js +0 -151
  167. package/dist/esm/__tests__/bundle-manager.test.js.map +0 -1
  168. package/dist/esm/__tests__/config.test.d.ts +0 -1
  169. package/dist/esm/__tests__/config.test.js +0 -70
  170. package/dist/esm/__tests__/config.test.js.map +0 -1
  171. package/dist/esm/__tests__/delta-processor.test.d.ts +0 -1
  172. package/dist/esm/__tests__/delta-processor.test.js +0 -77
  173. package/dist/esm/__tests__/delta-processor.test.js.map +0 -1
  174. package/dist/esm/__tests__/firestore-schema.test.d.ts +0 -1
  175. package/dist/esm/__tests__/firestore-schema.test.js +0 -74
  176. package/dist/esm/__tests__/firestore-schema.test.js.map +0 -1
  177. package/dist/esm/__tests__/integration.test.d.ts +0 -1
  178. package/dist/esm/__tests__/integration.test.js +0 -78
  179. package/dist/esm/__tests__/integration.test.js.map +0 -1
  180. package/dist/esm/__tests__/manifest-reader.test.d.ts +0 -1
  181. package/dist/esm/__tests__/manifest-reader.test.js +0 -271
  182. package/dist/esm/__tests__/manifest-reader.test.js.map +0 -1
  183. package/dist/esm/__tests__/rollout-checker.test.d.ts +0 -1
  184. package/dist/esm/__tests__/rollout-checker.test.js +0 -210
  185. package/dist/esm/__tests__/rollout-checker.test.js.map +0 -1
  186. package/dist/esm/__tests__/security-enforcement.test.d.ts +0 -1
  187. package/dist/esm/__tests__/security-enforcement.test.js +0 -95
  188. package/dist/esm/__tests__/security-enforcement.test.js.map +0 -1
  189. package/dist/esm/__tests__/security.test.d.ts +0 -1
  190. package/dist/esm/__tests__/security.test.js +0 -54
  191. package/dist/esm/__tests__/security.test.js.map +0 -1
  192. package/dist/esm/__tests__/version-manager.test.d.ts +0 -1
  193. package/dist/esm/__tests__/version-manager.test.js +0 -45
  194. package/dist/esm/__tests__/version-manager.test.js.map +0 -1
  195. package/dist/esm/app-review/app-review-manager.js.map +0 -1
  196. package/dist/esm/app-review/index.js.map +0 -1
  197. package/dist/esm/app-review/platform-review-handler.js.map +0 -1
  198. package/dist/esm/app-review/review-conditions-checker.js.map +0 -1
  199. package/dist/esm/app-review/review-rate-limiter.js.map +0 -1
  200. package/dist/esm/app-review/types.js.map +0 -1
  201. package/dist/esm/app-update/app-update-checker.js.map +0 -1
  202. package/dist/esm/app-update/app-update-installer.js.map +0 -1
  203. package/dist/esm/app-update/app-update-manager.js.map +0 -1
  204. package/dist/esm/app-update/app-update-notifier.js.map +0 -1
  205. package/dist/esm/app-update/index.js.map +0 -1
  206. package/dist/esm/app-update/platform-app-update.js.map +0 -1
  207. package/dist/esm/app-update/types.js.map +0 -1
  208. package/dist/esm/background-update/background-scheduler.js.map +0 -1
  209. package/dist/esm/background-update/index.js.map +0 -1
  210. package/dist/esm/background-update/notification-manager.js.map +0 -1
  211. package/dist/esm/config/support.js.map +0 -1
  212. package/dist/esm/core/analytics.js.map +0 -1
  213. package/dist/esm/core/cache-manager.js.map +0 -1
  214. package/dist/esm/core/config.js.map +0 -1
  215. package/dist/esm/core/errors.js.map +0 -1
  216. package/dist/esm/core/event-emitter.js.map +0 -1
  217. package/dist/esm/core/logger.js.map +0 -1
  218. package/dist/esm/core/performance.js.map +0 -1
  219. package/dist/esm/core/plugin-manager.js.map +0 -1
  220. package/dist/esm/core/security.js.map +0 -1
  221. package/dist/esm/definitions.js.map +0 -1
  222. package/dist/esm/firestore/firestore-client.d.ts +0 -109
  223. package/dist/esm/firestore/firestore-client.js +0 -264
  224. package/dist/esm/firestore/firestore-client.js.map +0 -1
  225. package/dist/esm/firestore/index.d.ts +0 -11
  226. package/dist/esm/firestore/index.js +0 -11
  227. package/dist/esm/firestore/index.js.map +0 -1
  228. package/dist/esm/firestore/manifest-reader.d.ts +0 -87
  229. package/dist/esm/firestore/manifest-reader.js +0 -294
  230. package/dist/esm/firestore/manifest-reader.js.map +0 -1
  231. package/dist/esm/firestore/schema.d.ts +0 -507
  232. package/dist/esm/firestore/schema.js +0 -73
  233. package/dist/esm/firestore/schema.js.map +0 -1
  234. package/dist/esm/index.js.map +0 -1
  235. package/dist/esm/live-update/bundle-manager.js.map +0 -1
  236. package/dist/esm/live-update/certificate-pinning.js.map +0 -1
  237. package/dist/esm/live-update/delta-processor.js.map +0 -1
  238. package/dist/esm/live-update/download-manager.js.map +0 -1
  239. package/dist/esm/live-update/rollout-checker.js.map +0 -1
  240. package/dist/esm/live-update/update-manager.js.map +0 -1
  241. package/dist/esm/live-update/version-manager.js.map +0 -1
  242. package/dist/esm/plugin.js.map +0 -1
  243. package/dist/esm/security/crypto.js.map +0 -1
  244. package/dist/esm/security/validator.js.map +0 -1
  245. package/dist/esm/web.js.map +0 -1
  246. package/dist/plugin.cjs.js.map +0 -1
  247. package/dist/plugin.esm.js.map +0 -1
  248. package/dist/plugin.js.map +0 -1
  249. package/docs/FIREBASE_INTEGRATION_TRACKER.md +0 -321
  250. package/docs/FIREBASE_QUERIES_AND_INDEXES_AUDIT.md +0 -221
  251. package/docs/examples/firebase-backend-example.md +0 -27
  252. package/docs/features/laravel-nova-backend/credentials.ignore.md +0 -34
  253. package/docs/guides/no-cost-backend-implementation-plan.md +0 -77
  254. package/docs/guides/no-cost-firestore-google-drive-backend.md +0 -60
  255. package/docs/project-profiles/native-update-capacitor-update-platform-project-profile-last-updated-2026-03-16.md +0 -454
  256. package/docs/project-profiles/native-update-capacitor-update-platform-project-profile-last-updated-2026-03-24.md +0 -66
  257. package/docs/project-profiles/native-update-capacitor-update-platform-project-profile-last-updated-2026-03-25.md +0 -67
  258. /package/docs/{MARKETING_WEBSITE_PLAN.md → archive/MARKETING_WEBSITE_PLAN.md} +0 -0
@@ -0,0 +1,27 @@
1
+ # Play Store Docs — Native Update
2
+
3
+ Start here. Every Play Store submission file is linked below.
4
+
5
+ **App:** Native Update · `com.aoneahsan.nativeupdate` · v3.0.1
6
+ **Play Store:** https://play.google.com/store/apps/details?id=com.aoneahsan.nativeupdate
7
+ **Full spec:** `~/.claude/rules/play-store-submission.md`
8
+
9
+ ---
10
+
11
+ ## Files in this folder
12
+
13
+ | File | Purpose |
14
+ |------|---------|
15
+ | [RELEASE-NOTES.md](./RELEASE-NOTES.md) | **Play Store "What's New" — open this first.** Per-version release notes, latest-first. Copy the latest entry into Play Console. |
16
+ | [STORE-LISTING.md](./STORE-LISTING.md) | App title, short description, full description. |
17
+ | [DECLARATIONS.md](./DECLARATIONS.md) | All 10 Play "App content" declarations (answer key). |
18
+ | [DATA-SAFETY.md](./DATA-SAFETY.md) | Data Safety form answers. |
19
+ | [RELEASE-STEPS.md](./RELEASE-STEPS.md) | User-only build + Play Console upload steps. |
20
+ | [SUBMISSION-CHECKLIST.md](./SUBMISSION-CHECKLIST.md) | Pre-upload checklist. |
21
+ | [ASO-METADATA.md](./ASO-METADATA.md) | Internal brand/ASO reference (not store-facing). |
22
+
23
+ ## Related
24
+
25
+ - **Raw image assets:** `app-publish-assets/` (icons, feature graphics, screenshots) — _not yet created; see `~/.claude/rules/play-store-submission.md` Phase 5._
26
+ - **Resumable tracker:** `docs/features/play-store-submission/00-tracker.json` — _not yet created._
27
+ - **Developer changelog:** [docs/CHANGELOG.md](../CHANGELOG.md)
@@ -0,0 +1,99 @@
1
+ # Release Notes — Native Update (Play Store "What's New")
2
+
3
+ Per-version Play Store release notes, latest-first.
4
+ Single source of truth — copy the latest entry into the Play Console "What's New" field (≤500 chars).
5
+
6
+ Related: developer changelog at [docs/CHANGELOG.md](../CHANGELOG.md).
7
+
8
+ ---
9
+
10
+ ## v3.1.0 — July 2026
11
+
12
+ - Faster update checks: server hot path optimized (deferred analytics writes, cached build lookup, covering index).
13
+ - Web platform no longer re-downloads a bundle to validate it after download.
14
+ - Modern package exports map — cleaner imports in every bundler, deep imports still work.
15
+ - Faster website landing page (animation engine now loads in the background).
16
+ - Maintenance: analytics data pruning, dependency/config cleanup, documentation fixes.
17
+
18
+ ---
19
+
20
+ ## v3.0.1 — May 2026
21
+
22
+ - New public documentation site at docs.nativeupdate.aoneahsan.com (58 pages: SDK reference, CLI, backend, tutorials).
23
+ - Security checklist and performance benchmark docs added.
24
+ - CI workflow now builds, signs, and publishes an example OTA bundle on every GitHub Release.
25
+ - Example app demonstrates App Update, App Review, and Background Update features.
26
+ - Minor website fix: removed a stale example card that linked to a deleted directory.
27
+
28
+ ---
29
+
30
+ ## v3.0.0 — May 2026
31
+
32
+ - Backend simplified: Firestore backend removed. Plugin now speaks HTTP to a single backend (serverUrl + apiKey).
33
+ - Breaking: apps using the Firestore branch must migrate to serverUrl — see MIGRATION.md.
34
+ - Website dashboard auth migrated to Laravel Socialite (Google OAuth) + Sanctum bearer tokens.
35
+
36
+ ---
37
+
38
+ ## v2.0.0 — April 2026
39
+
40
+ - Boot-time bundle re-verification: on every cold start the plugin re-hashes the active OTA bundle. Mismatch triggers automatic rollback.
41
+ - Channel-based encryption removed; signature + checksum verification is the integrity model.
42
+ - setUpdateUrl() deprecated (no-op); pass serverUrl to initialize() instead.
43
+
44
+ ---
45
+
46
+ ## v1.4.9 — March 2026
47
+
48
+ - Firestore-backed manifest reads via backendType: 'firestore'.
49
+ - Secure manifest lookup via apiKeys/{apiKey}/manifests/{channel}.
50
+ - No-cost backend guide: website + Firestore + Google Drive.
51
+
52
+ ---
53
+
54
+ ## v1.4.5 — February 2026
55
+
56
+ - All dependencies updated to latest versions.
57
+ - Full verification suite passing (81 tests, 0 lint warnings).
58
+ - Android Gradle build verified. Release-ready state confirmed.
59
+
60
+ ---
61
+
62
+ ## v1.0.7 — January 2025
63
+
64
+ - Fixed critical Android build issues: Google Play app-update library version pinned to 2.1.0.
65
+ - Resolved kotlinVersion resolution errors.
66
+ - All Google Play Services dependencies now use explicit versions.
67
+
68
+ ---
69
+
70
+ ## v1.0.6 — January 2025
71
+
72
+ - Android build fixes: corrected Play app-update library version, fixed kotlinVersion MissingPropertyException.
73
+ - Documentation corrections: API method signatures, event names, and broken links fixed.
74
+
75
+ ---
76
+
77
+ ## v1.4.0 — January 2025
78
+
79
+ - Complete TypeScript rewrite with strict typing and modular architecture.
80
+ - Comprehensive error handling, security validation framework, and bundle management.
81
+ - Background update support. Plugin initialization system.
82
+
83
+ ---
84
+
85
+ ## v0.0.2 — December 2024
86
+
87
+ - Bundle signing and security utilities.
88
+ - CI/CD pipeline with GitHub Actions.
89
+ - Example update-server implementation. TypeScript strict mode. ESLint v9 flat config.
90
+
91
+ ---
92
+
93
+ ## v0.0.1 — January 2024
94
+
95
+ - Initial release.
96
+ - Live/OTA update: download, bundle management, update strategies (immediate, background, manual), delta updates, automatic rollback, update channels, end-to-end encryption, SHA-256/512 checksums.
97
+ - Native app update: Play Store version checking, immediate and flexible update flows, direct app store navigation.
98
+ - In-app review: native review prompts with smart triggering and rate limiting.
99
+ - iOS (Swift) and Android (Kotlin) implementations. Web fallback.
@@ -0,0 +1,6 @@
1
+ # Release Steps — Native Update (User-Only)
2
+
3
+ Populate via `~/.claude/rules/play-store-submission.md` (Phase 6) when preparing a release.
4
+
5
+ This file lists user-only build + Play Console upload steps (commands and clicks, not release-note text).
6
+ The agent prepares all data, copy, and assets; the user performs the signed AAB build + Play Console upload.
@@ -0,0 +1,7 @@
1
+ # Store Listing — Native Update
2
+
3
+ Populate via `~/.claude/rules/play-store-submission.md` (Phase 3) when preparing a release.
4
+
5
+ Includes: app name (≤30 chars), short description (≤80 chars), full description, and a link to RELEASE-NOTES.md for "What's New".
6
+
7
+ See [RELEASE-NOTES.md](./RELEASE-NOTES.md) for the latest "What's New" entry.
@@ -0,0 +1,5 @@
1
+ # Submission Checklist — Native Update
2
+
3
+ Populate via `~/.claude/rules/play-store-submission.md` (Phase 7) when preparing a release.
4
+
5
+ Pre-upload checklist covering: permissions, store listing, declarations, assets, legal pages, and release build.
@@ -29,7 +29,7 @@
29
29
  > - Private key management (for bundle signing)
30
30
  > - Encryption key management (for encrypted bundles)
31
31
  >
32
- > **GETTING STARTED**: See the example backends in `/example-apps/node-express` and `/example-apps/firebase-backend` for reference implementations.
32
+ > **GETTING STARTED**: For reference implementations see [`/example-apps/node-express`](../example-apps/node-express) (lean Node.js / Express reference) and [`/backend`](../backend) (Laravel 13 + Nova canonical SaaS backend powering the hosted Native Update service — usable as managed or self-hosted).
33
33
 
34
34
  This comprehensive checklist ensures your Capacitor Native Update implementation is ready for production deployment. Follow these guidelines to deliver a secure, reliable, and performant update system.
35
35
 
@@ -0,0 +1,123 @@
1
+ # Native Update — Project Finalization Plan
2
+
3
+ **Date opened:** 2026-05-16
4
+ **Goal:** Get the Native Update repo (plugin + website + backend + Android wrap) production-ready for a fresh Google Play Store listing of the website wrapped via Capacitor, with the marketing site live, the Laravel SaaS backend deploy-ready, and the NPM plugin shippable.
5
+
6
+ **Audit owner:** Claude (Opus 4.7) in continuous-batch mode under the user's `01-code` workspace rules.
7
+
8
+ ---
9
+
10
+ ## What the user asked for
11
+
12
+ 1. **Audit the entire project**, ignoring the previous audit's 7-day cooldown.
13
+ 2. **Fix everything** that's wrong, missing, or partial — no TODOs, no "coming soon", no deferred items.
14
+ 3. **Complete every feature** end-to-end across web, Android, backend, and plugin.
15
+ 4. **Polish UI/UX** for the website + admin/dashboard so the Android wrap feels native.
16
+ 5. **Confirm SEO/AEO** + static content quality on the marketing site.
17
+ 6. **Comply with the Generic Project Rules master prompt** at `~/Documents/ahsan-notebook/static/assets/txt-files-important/generic-project-rules.md` where they apply to this project.
18
+ 7. **Batch the work** at 40–60 minutes per batch with 1–3 tasks each, validation + verification + commit + push per batch.
19
+ 8. **Resume-safe** with markdown plans + JSON tracker + per-batch session reports.
20
+ 9. **Use the right skills** at every batch boundary (planning, working, validating).
21
+
22
+ ## Key user-confirmed constraints
23
+
24
+ | Constraint | Value |
25
+ |---|---|
26
+ | Android publish target | **The website wrapped via Capacitor** (NEW Play Store listing, fresh keystore). NOT example-apps. |
27
+ | Backend deployment | **Deploy-ready only** — code complete, runbook clean, user does the actual deploy. |
28
+ | Auth verification | **First batch** — Google OAuth + Sanctum + Spatie RBAC was just swapped (commit 8eaf4de, 2026-05-11). Verify end-to-end. |
29
+ | Play Console state | **Fresh listing** — no existing keystore reuse. |
30
+
31
+ ---
32
+
33
+ ## Scope: what's in / out
34
+
35
+ ### IN scope this run
36
+
37
+ - **`backend/`** (Laravel 11 + Nova 5 + Sanctum + Spatie + Socialite) — deploy-readiness fixes, tests for the new auth, FormRequest consistency, stale Firebase reference cleanup.
38
+ - **`website/`** (React + Vite + Radix + TanStack Query + Capacitor 8.3.1) — ESLint hooks-rules fixes, Capacitor Preferences token storage, admin page TanStack-Query migration, console.* cleanup, Play-Store metadata cleanup, signing config + ProGuard, branded icons, SEO date refresh, legal page refresh.
39
+ - **Root plugin (`src/`, `android/`, `ios/`)** — integration test localStorage fix, version + JSON-LD sync.
40
+ - **Play Store launch assets** under `website/app-publish-assets/` — Firestore references purged, screenshots-capture runbook documented.
41
+ - **Master CLAUDE.md + AGENTS.md** synchronisation at root and `website/`.
42
+
43
+ ### OUT of scope this run
44
+
45
+ - Actual `firebase deploy` of the website (user does it after batches close).
46
+ - Actual production-host SSH deploy of Laravel (deploy-ready only).
47
+ - Generating real screenshot PNGs (user captures from a running emulator/device).
48
+ - Generating a release keystore file (user does that locally with `keytool`).
49
+ - iOS publishing (Android is the only platform requested this session).
50
+ - Docs site at `native-update-docs/` (closed-out 2026-05-11, separate cooldown).
51
+
52
+ ---
53
+
54
+ ## Batch summary
55
+
56
+ 10 batches, each 40–60 min, 1–4 concrete tasks. Full task list with file paths in [`01-BATCH-PLAN.md`](./01-BATCH-PLAN.md).
57
+
58
+ | # | Batch | Focus | Verification |
59
+ |---|---|---|---|
60
+ | 1 | Auth + critical backend fixes | Sanctum expiry, `/me` gating, LOG_LEVEL, stale Firebase comments | `php artisan test` green |
61
+ | 2 | Website build fixes | 4 ESLint hooks-rules errors + 9 plugin test failures | `yarn build` + `yarn lint` + `yarn test:run` green |
62
+ | 3 | Auth token via Capacitor Preferences | Token storage swap, 401 auto-redirect | yarn typecheck + manual auth walkthrough |
63
+ | 4 | Backend coverage tests | OAuth, Sanctum, Roles tests + UpdateBuildRequest FormRequest | `php artisan test` higher count, all green |
64
+ | 5 | Admin pages → TanStack Query | 3 admin pages + 2 dashboard pages | yarn build clean, query keys consistent |
65
+ | 6 | Console.* cleanup | 2 ExamplesPage call sites + Firebase comment sweep | grep proves zero real violations |
66
+ | 7 | Play Store metadata + legal pages | Strip Firestore refs, refresh Privacy/Terms/Cookies/Security | grep zero "firestore" in metadata + legal |
67
+ | 8 | Android signing + ProGuard + build guide | build.gradle signing block, minifyEnabled, BUILD_FOR_PLAY_STORE.md | `./gradlew assembleDebug` clean |
68
+ | 9 | App icons + splash + screenshot guide | Branded mipmap-* icons, splash bg, screenshot capture runbook | `cap sync` + visual check |
69
+ | 10 | SEO refresh + final verification + audit closure | Dates bump, JSON-LD version sync, sitemap regen, CLAUDE.md update | All 3 build commands green |
70
+
71
+ ---
72
+
73
+ ## Skills invoked per phase
74
+
75
+ Per RULE #0 (highest priority), the matching skill is invoked **before** any code edits in each phase:
76
+
77
+ | Phase | Skills |
78
+ |---|---|
79
+ | Planning (this doc) | `writing-plans`, `stack-audit` |
80
+ | Batch 1 — auth + backend | `laravel-specialist`, `firebase-auth-basics` (legacy ref check), `security-best-practices` |
81
+ | Batch 2 — build fixes | `react-best-practices`, `react-19` (rules-of-hooks), `vitest` |
82
+ | Batch 3 — Capacitor Preferences | `capacitor-best-practices`, `capacitor-plugins`, `capacitor-offline-first` |
83
+ | Batch 4 — backend tests | `laravel-specialist`, `security-best-practices` |
84
+ | Batch 5 — TanStack migration | `tanstack-query-best-practices`, `react-best-practices` |
85
+ | Batch 6 — console cleanup | (trivial — covered by file-edit pre-check) |
86
+ | Batch 7 — metadata + legal | `copywriting`, `web-design-guidelines` |
87
+ | Batch 8 — Android signing | `capacitor-app-store`, `capacitor-android`, `security-best-practices` |
88
+ | Batch 9 — icons + splash | `capacitor-splash-screen`, `frontend-design` |
89
+ | Batch 10 — SEO closure | `ai-seo`, `seo`, `stack-audit` |
90
+
91
+ ---
92
+
93
+ ## Resume contract
94
+
95
+ If this conversation is compacted or restarted:
96
+
97
+ 1. Read `docs/tracking/finalization-2026-05-16-tracker.json` (single source of truth for resume state).
98
+ 2. Find the lowest-numbered batch with `status != "completed"` in `batches[]`. That's where we resume.
99
+ 3. Read this plan (`00-FINALIZATION-PLAN.md`) + the batch plan (`01-BATCH-PLAN.md`) + the matching session report under `sessions/`.
100
+ 4. Invoke the matching skills for the batch domain (per the table above).
101
+ 5. Apply the batch's fixes per `01-BATCH-PLAN.md`.
102
+ 6. Run that batch's verification command list.
103
+ 7. ONE commit per batch with the message specified in the batch plan.
104
+ 8. Update the tracker (`status: "completed"`, `completed_at: today`, append `runHistory[]` row with commit SHA + 2–3 line summary).
105
+ 9. Write the session report under `docs/project-audit/2026-05-16/sessions/batch-NN.md`.
106
+
107
+ Do **NOT** redo batches that are already `status: "completed"`. The tracker is authoritative — trust it.
108
+
109
+ ---
110
+
111
+ ## Definition of done (whole audit)
112
+
113
+ - All 10 batches `status: "completed"` in the tracker
114
+ - `yarn build` (root + website) returns exit 0 with no warnings beyond the documented 3rd-party suppressions
115
+ - `yarn lint` (root + website) returns exit 0
116
+ - `yarn test:run` (root) returns all-green
117
+ - `php artisan test` (backend) returns all-green with strictly more tests than the baseline
118
+ - `./gradlew assembleDebug` (website/android) returns success
119
+ - A signed `app-release.aab` can be produced by following `website/BUILD_FOR_PLAY_STORE.md` (user runs this step)
120
+ - Zero `console.*` calls outside `src/utils/logger.ts` / `src/lib/logger.ts` (excluding doc code blocks)
121
+ - Zero `Firestore` / `Firebase Auth` references in `app-publish-assets/` and current legal pages
122
+ - Updated portfolio info file, CLAUDE.md + AGENTS.md, and tracker close-out
123
+ - ONE commit per batch, all pushed to `main`
@@ -0,0 +1,227 @@
1
+ # Batch Plan — 2026-05-16 Finalization
2
+
3
+ Each batch: 40–60 min, 1–4 tasks, one commit, verification commands, session report under `sessions/batch-NN.md`.
4
+
5
+ ---
6
+
7
+ ## Batch 1: Auth + critical backend fixes
8
+
9
+ **Skills:** `laravel-specialist`, `security-best-practices`
10
+
11
+ | # | File | Change |
12
+ |---|---|---|
13
+ | 1.1 | `backend/config/sanctum.php:53` | `'expiration' => null` → `'expiration' => env('SANCTUM_TOKEN_EXPIRATION', 10080)` |
14
+ | 1.2 | `backend/routes/api.php:119` | Verify `/api/dashboard/me` GET intentionally has no `can:` gate (any authenticated user reads own profile) — add inline comment documenting this is by design |
15
+ | 1.3 | `backend/config/logging.php:64,71` | Default log level `'debug'` → `env('LOG_LEVEL', 'warning')` for both `single` and `daily` channels |
16
+ | 1.4 | `backend/app/Http/Controllers/Admin/AdminController.php:8` | Replace "Firebase `admin: true` claim" docblock with "Spatie super-admin role via spatie/laravel-permission" |
17
+ | 1.5 | `backend/app/Policies/AppPolicy.php:11` + `backend/app/Policies/BuildPolicy.php:4` | Same Firebase → Spatie docblock fix |
18
+ | 1.6 | `backend/app/Policies/AppPolicy.php:15` | Add `?bool` return type to `before(User $user, string $ability)` |
19
+ | 1.7 | `backend/.env.example` | Add inline comments above `ADMIN_EMAILS=` explaining first-signer auto-promotion behaviour |
20
+ | 1.8 | `docs/deployment/PRODUCTION-DEPLOY-CHECKLIST.md:34–35, 137` | Replace Firebase env var references with `GOOGLE_CLIENT_ID`/`GOOGLE_CLIENT_SECRET`/`GOOGLE_REDIRECT_URI`/`ADMIN_EMAILS` |
21
+
22
+ **Verify:** `cd backend && php artisan test --without-tty` — all green (baseline 110/110). Then `php artisan config:clear && php artisan route:list` to confirm no booted-config errors.
23
+
24
+ **Commit:** `fix(backend): Batch 1 — Sanctum expiration, LOG_LEVEL, Firebase reference cleanup`
25
+
26
+ ---
27
+
28
+ ## Batch 2: Website build + plugin test fixes
29
+
30
+ **Skills:** `react-best-practices`, `react-19`, `vitest`
31
+
32
+ | # | File | Change |
33
+ |---|---|---|
34
+ | 2.1 | `website/src/pages/dashboard/ConfigPage.tsx:~43` | Move async `loadApps()` declaration above the `useEffect` that calls it OR wrap in `useCallback` and add to deps array properly |
35
+ | 2.2 | `website/src/pages/dashboard/GoogleDrivePage.tsx:~37` | Same pattern fix for `loadData()` |
36
+ | 2.3 | `website/src/pages/dashboard/SettingsPage.tsx:~72` | Same pattern fix for `loadUserData()` |
37
+ | 2.4 | `website/src/pages/dashboard/UploadPage.tsx:~363` | Fix ref usage — don't pass a ref-created callback into `handleSubmit()` during render; declare the submit handler with `useCallback` or hoist it |
38
+ | 2.5 | `src/__tests__/integration.test.ts` (root plugin) | Add `beforeEach` localStorage polyfill OR move `loadStoredData()` out of constructor / make it idempotent / guard `typeof window === 'undefined'` |
39
+
40
+ **Verify:**
41
+ - `cd website && yarn lint` → exit 0 (currently 11 errors)
42
+ - `cd website && yarn typecheck` → exit 0
43
+ - `cd website && yarn build` → exit 0
44
+ - `yarn test:run` (root) → 62/62 passing (currently 53/62)
45
+
46
+ **Commit:** `fix(build): Batch 2 — rules-of-hooks fixes + plugin test localStorage polyfill`
47
+
48
+ ---
49
+
50
+ ## Batch 3: Auth token via Capacitor Preferences
51
+
52
+ **Skills:** `capacitor-best-practices`, `capacitor-plugins`, `capacitor-offline-first`
53
+
54
+ | # | File | Change |
55
+ |---|---|---|
56
+ | 3.1 | `website/src/lib/auth-token.ts` | Refactor to async API backed by `@capacitor/preferences` with `localStorage` fallback on web. Replace synchronous getters with async or boot-time hydrated cache. |
57
+ | 3.2 | `website/src/lib/api.ts` | Update axios/fetch interceptor to read token from new async helper; cache token in memory for sync access during requests |
58
+ | 3.3 | `website/src/context/AuthContext.tsx` | On boot, hydrate token from Preferences before flipping `loading=false` so the BootLoader keeps showing |
59
+ | 3.4 | `website/src/pages/auth/CallbackPage.tsx` | Write token via new async helper, await before navigating |
60
+ | 3.5 | `website/src/lib/api.ts` (401 handler) | On 401, clear token + push a global event/store flag that `AuthContext` listens to → redirect to `/login` automatically |
61
+
62
+ **Verify:**
63
+ - `cd website && yarn typecheck && yarn build` → clean
64
+ - Read-only manual review: trace the login → callback → API → 401 path for completeness
65
+
66
+ **Commit:** `feat(auth): Batch 3 — Capacitor Preferences token storage + 401 auto-redirect`
67
+
68
+ ---
69
+
70
+ ## Batch 4: Backend OAuth/Sanctum/Roles tests + FormRequest
71
+
72
+ **Skills:** `laravel-specialist`, `security-best-practices`
73
+
74
+ | # | File | Change |
75
+ |---|---|---|
76
+ | 4.1 | `backend/tests/Feature/OAuthControllerTest.php` (new) | Test cases: redirect issues correct Socialite URL; callback creates new user with `user` role; callback assigns `super-admin` if email in `ADMIN_EMAILS`; callback returns redirect to frontend with `?token=...`; existing user re-login refreshes attributes; token has expected abilities |
77
+ | 4.2 | `backend/tests/Feature/SanctumTokenTest.php` (new) | Test cases: protected route rejects no token; protected route accepts valid token; expired token is rejected (use `Carbon::setTestNow`); abilities are honoured; `tokenCan()` works correctly |
78
+ | 4.3 | `backend/tests/Feature/RolesPermissionsTest.php` (new) | Test cases: seeder is idempotent (run twice → same state); super-admin bypass works via Gate::before; admin cannot bypass; user lacks admin permissions |
79
+ | 4.4 | `backend/app/Http/Requests/UpdateBuildRequest.php` (new) | Extract validation from `BuildController@update` into FormRequest |
80
+ | 4.5 | `backend/app/Http/Controllers/Dashboard/BuildController.php` | Replace inline `$request->validate(...)` with `UpdateBuildRequest $request` |
81
+
82
+ **Verify:** `cd backend && php artisan test --without-tty` — strictly more tests than baseline 110, all green.
83
+
84
+ **Commit:** `test(backend): Batch 4 — OAuth/Sanctum/Roles coverage + UpdateBuildRequest`
85
+
86
+ ---
87
+
88
+ ## Batch 5: Admin pages → TanStack Query
89
+
90
+ **Skills:** `tanstack-query-best-practices`, `react-best-practices`
91
+
92
+ | # | File | Change |
93
+ |---|---|---|
94
+ | 5.1 | `website/src/pages/admin/AdminUsersPage.tsx:29–46` | Replace `useEffect`+`useState` with `useQuery` (queryKey `['admin','users',page,perPage,q]`), URL-state pagination, optimistic invalidation on role-change mutation |
95
+ | 5.2 | `website/src/pages/admin/AdminAppsPage.tsx:24–41` | Same pattern: `useQuery` with `['admin','apps',page,perPage]` |
96
+ | 5.3 | `website/src/pages/admin/AdminBuildsPage.tsx:24–41` | Same pattern: `useQuery` with `['admin','builds',page,perPage,status]` |
97
+ | 5.4 | `website/src/pages/dashboard/DashboardOverview.tsx:20–34` | Replace `fetchRecentBuilds` raw Promise.all with `useQuery` |
98
+ | 5.5 | `website/src/pages/dashboard/UploadPage.tsx:49–63` | Replace raw apps-list fetch with `useQuery` |
99
+
100
+ **Verify:**
101
+ - `cd website && yarn typecheck && yarn lint && yarn build` clean
102
+ - Confirm React Query Devtools (already wired) show consistent query keys
103
+
104
+ **Commit:** `refactor(admin): Batch 5 — admin + overview pages on TanStack Query`
105
+
106
+ ---
107
+
108
+ ## Batch 6: console.* cleanup + Firebase comment sweep
109
+
110
+ **Skills:** (trivial pre-check sufficient)
111
+
112
+ | # | File | Change |
113
+ |---|---|---|
114
+ | 6.1 | `website/src/pages/ExamplesPage.tsx:63,67` | Replace `console.*` with `logger.debug/error` |
115
+ | 6.2 | `website/src/pages/dashboard/SettingsPage.tsx:78–87` | Remove stale Firebase terminology in comments |
116
+ | 6.3 | `website/src/pages/dashboard/ConfigPage.tsx` | Remove stale Firebase comment headers / unused imports |
117
+ | 6.4 | `website/src/lib/env.ts` | Drop `VITE_FIREBASE_*` keys (Firebase Auth removed per CLAUDE.md). Keep only what code still consumes. |
118
+ | 6.5 | `website/.env.example` | Sync `.env.example` with `env.ts` — remove VITE_FIREBASE_* rows |
119
+ | 6.6 | `website/src/vite-env.d.ts` | Drop VITE_FIREBASE_* type declarations |
120
+
121
+ **Verify:**
122
+ - `grep -rEn "\\bconsole\\.(log|info|debug|trace|warn|error|table|time|timeEnd|group|groupCollapsed|groupEnd)\\(" website/src --include="*.ts" --include="*.tsx" | grep -v "/lib/logger.ts" | grep -v "/pages/DocsPage.tsx"` → zero matches
123
+ - `grep -rEn "firebase|firestore" website/src --include="*.ts" --include="*.tsx" -i | grep -v "// historical"` → zero non-historical matches
124
+
125
+ **Commit:** `chore(website): Batch 6 — console.* via logger + Firebase reference cleanup`
126
+
127
+ ---
128
+
129
+ ## Batch 7: Play Store metadata + legal pages cleanup
130
+
131
+ **Skills:** `copywriting`, `web-design-guidelines`
132
+
133
+ | # | File | Change |
134
+ |---|---|---|
135
+ | 7.1 | `website/app-publish-assets/metadata/full-description.md` | Replace "Firestore project" prose with accurate "self-hosted Laravel + Sanctum backend (or our managed SaaS)" description |
136
+ | 7.2 | `website/app-publish-assets/metadata/data-safety.md` | Strip Firestore reference (line 34); declare Laravel backend + Google Drive + FilesHub storage truthfully |
137
+ | 7.3 | `website/app-publish-assets/metadata/listing-notes.md` | Refresh; remove Firebase Auth language; describe Google OAuth flow accurately |
138
+ | 7.4 | `website/src/pages/PrivacyPage.tsx` | Update content + lastUpdated date to 2026-05-16; describe Google OAuth + Sanctum + Spatie correctly; remove Firebase Auth references |
139
+ | 7.5 | `website/src/pages/TermsPage.tsx` | Update lastUpdated to 2026-05-16; minor content refresh |
140
+ | 7.6 | `website/src/pages/CookiePolicyPage.tsx` | Update lastUpdated; verify cookies list is accurate (no Firebase cookies anymore) |
141
+ | 7.7 | `website/src/pages/SecurityPage.tsx` | Update lastUpdated; verify security architecture description matches current backend |
142
+
143
+ **Verify:**
144
+ - `grep -rEn -i "firestore" website/app-publish-assets/` → zero matches
145
+ - `grep -rEn -i "firebase auth|firebase.auth" website/src/pages/PrivacyPage.tsx website/src/pages/TermsPage.tsx` → zero matches
146
+
147
+ **Commit:** `docs(legal): Batch 7 — Play Store metadata + Privacy/Terms refresh for Laravel backend`
148
+
149
+ ---
150
+
151
+ ## Batch 8: Android signing + ProGuard + build guide
152
+
153
+ **Skills:** `capacitor-app-store`, `capacitor-android`, `security-best-practices`
154
+
155
+ | # | File | Change |
156
+ |---|---|---|
157
+ | 8.1 | `website/android/keystore.properties.example` (new) | Template file showing required keys: `storeFile`, `storePassword`, `keyAlias`, `keyPassword` |
158
+ | 8.2 | `website/android/.gitignore` | Ensure `keystore.properties` and `*.keystore` / `*.jks` are excluded |
159
+ | 8.3 | `website/android/app/build.gradle` | Add `signingConfigs.release` block reading from `../keystore.properties` if present, falling back to debug keystore for dev; reference it from `buildTypes.release` |
160
+ | 8.4 | `website/android/app/build.gradle:21` | `minifyEnabled false` → `minifyEnabled true` for release; add `shrinkResources true` |
161
+ | 8.5 | `website/android/app/proguard-rules.pro` | Verify Capacitor + WebView rules are present (add `-keep class com.getcapacitor.** { *; }` and similar baseline rules) |
162
+ | 8.6 | `website/android/app/src/main/res/xml/network_security_config.xml` (new) | Production-friendly config; allows cleartext only on debug for localhost ranges |
163
+ | 8.7 | `website/android/app/src/main/AndroidManifest.xml` | Reference network_security_config + ensure `android:usesCleartextTraffic="false"` on application |
164
+ | 8.8 | `website/BUILD_FOR_PLAY_STORE.md` (new) | Full runbook: keytool keystore generation, keystore.properties setup, `yarn build && cap sync && ./gradlew bundleRelease` walkthrough, where to find AAB, signing-key backup advice |
165
+
166
+ **Verify:**
167
+ - `cd website/android && ./gradlew assembleDebug` → BUILD SUCCESSFUL
168
+ - `git check-ignore website/android/keystore.properties` → file ignored (path returned)
169
+ - AAB build is documented but NOT run (requires user-provided keystore)
170
+
171
+ **Commit:** `feat(android): Batch 8 — signing config + ProGuard + Play Store build runbook`
172
+
173
+ ---
174
+
175
+ ## Batch 9: App icons + splash + screenshot guide
176
+
177
+ **Skills:** `capacitor-splash-screen`, `frontend-design`
178
+
179
+ | # | File | Change |
180
+ |---|---|---|
181
+ | 9.1 | `website/app-publish-assets/icons/icon-1024.png` (new) | Render 1024×1024 from `icon-512.svg` (use a Node script with `sharp` OR document the user-side ImageMagick command) |
182
+ | 9.2 | `website/android/app/src/main/res/mipmap-*/ic_launcher*.png` | Replace default Capacitor icons with rendered native-update branding across all densities (mdpi/hdpi/xhdpi/xxhdpi/xxxhdpi) |
183
+ | 9.3 | `website/android/app/src/main/res/drawable*/splash.png` (or vector equivalent) | Replace splash with branded splash matching `#0A0F1A` BG + logo |
184
+ | 9.4 | `website/capacitor.config.ts` | Verify SplashScreen plugin config — `backgroundColor`, `launchShowDuration` set correctly |
185
+ | 9.5 | `website/app-publish-assets/screenshots/CAPTURE-GUIDE.md` (new) | Step-by-step user runbook: run app on emulator → capture 4–8 screenshots (login, dashboard overview, apps list, upload form, bundle detail, settings, theme customizer, sitemap page) at 1080×1920 minimum |
186
+
187
+ **Verify:**
188
+ - `cd website && yarn build && npx cap sync android` → success
189
+ - `find website/android/app/src/main/res/mipmap-* -name "*.png" -exec ls -la {} \;` → all branded, non-zero sizes
190
+ - Visual eyeball of `mipmap-xxxhdpi/ic_launcher.png` confirms branding
191
+
192
+ **Commit:** `feat(android): Batch 9 — branded icons + splash + screenshot capture guide`
193
+
194
+ ---
195
+
196
+ ## Batch 10: SEO refresh + final verification + audit closure
197
+
198
+ **Skills:** `ai-seo`, `seo`, `stack-audit`
199
+
200
+ | # | File | Change |
201
+ |---|---|---|
202
+ | 10.1 | `website/postbuild-seo.ts:17` | `PAGE_LAST_UPDATED` → `'2026-05-16'` |
203
+ | 10.2 | `website/postbuild-seo.ts:431` | `softwareVersion: '2.0.0'` → `'3.0.1'` |
204
+ | 10.3 | `website/src/pages/AboutPage.tsx`, `FeaturesPage.tsx`, `PricingPage.tsx` | Bump visible `Last updated` date strings to 2026-05-16 |
205
+ | 10.4 | `website/public/sitemap.xml` | Regenerate or hand-edit `<lastmod>` for refreshed routes (legal, features, pricing, about, sitemap, feed, home) to `2026-05-16` |
206
+ | 10.5 | `website/public/feed.xml` | Bump `<lastBuildDate>` to current date (postbuild-seo.ts may already do this — verify) |
207
+ | 10.6 | `docs/tracking/finalization-2026-05-16-tracker.json` | Mark all 10 batches `completed`, set top-level `last_run.status=complete`, `completed_at=2026-05-16`, `next_allowed_run_after=2026-05-23` |
208
+ | 10.7 | `CLAUDE.md` + `AGENTS.md` (root) | Append new audit record row + bump `Last Updated` |
209
+ | 10.8 | `website/CLAUDE.md` + `website/AGENTS.md` | Same |
210
+ | 10.9 | `docs/rules-tracker.md` | Bump Generic Project Rules apply dates for rules that were re-verified during this audit |
211
+ | 10.10 | `docs/project-audit/2026-05-16/sessions/batch-10.md` (new) | Session report |
212
+
213
+ **Verify (final gate):**
214
+ - `cd backend && php artisan test --without-tty` → green
215
+ - `yarn build && yarn lint && yarn test:run` (root plugin) → green
216
+ - `cd website && yarn typecheck && yarn lint && yarn build` → green
217
+ - `cd website/android && ./gradlew assembleDebug` → BUILD SUCCESSFUL
218
+ - `grep -rEn -i "firestore" website/app-publish-assets/` → zero
219
+ - `git status` → clean after final commit + push
220
+
221
+ **Commit:** `chore(release): Batch 10 — SEO date refresh + audit closure (next allowed run 2026-05-23)`
222
+
223
+ ---
224
+
225
+ ## Override conditions
226
+
227
+ If something blocks a batch (test failure, missing file, dependency that needs `yarn install`), STOP at that batch and surface the blocker in the session report. Do not skip ahead. The user prefers visible blockers to silent skips.