trent_larson/daily-notification-plugin
4
0
Fork 0
Code Issues Pull Requests 2 Projects Releases Wiki Activity

docs: apply pin-point delta edits for correctness and polish

Browse Source 
Analysis doc improvements:
- Add exact-alarm clarifier box: SCHEDULE_EXACT_ALARM is special app-op, not runtime permission
- Add WAKE_LOCK usage tip: typically unnecessary with AlarmManager/WorkManager
- Guard Cordova compat dependency: use debug/releaseImplementation with transitive=false
- Add exported defaults reminder to manifest excerpt
- Add asset path wording clarification: webDir → src/main/assets/public/
- Clarify POST_NOTIFICATIONS scope: required on Android 13+, ignored on lower APIs

Implementation plan improvements:
- Add Doze/Idle acceptance signal to Phase 1 DoD: UI surfaces 'Degraded timing (Doze)'
- Add receiver export policy to PR checklist: only BootReceiver exported
- Add ProGuard/R8 keep rules: prevent Capacitor annotations from being stripped
- Enhance diagnostics payload: include appId, version, device info, API level, timezone, config, status fields, event IDs
- Add negative schema case to Test Matrix: catches drift at JS boundary
- Add channel invariants to acceptance criteria: missing/disabled channel returns proper errors
- Add boot reschedule duplicate shield: unique key with UPSERT semantics
- Add network client hard limits to AC: HTTPS-only, timeouts ≤ 30s, content ≤ 1MB

All changes maintain existing structure with surgical precision edits.
This commit is contained in:
Matthew Raymer
2025-10-24 10:52:01 +00:00
parent 6eb5d63107
commit eb2ab62a58
2 changed files with 33 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
docs/android-app-improvement-plan.md
View File

@@ -400,6 +400,20 @@ public class ScheduleDailyTest {
## Security Hardening
### 0. ProGuard/R8 Keep Rules (minify-safe plugin)
**Purpose**: Prevent Capacitor annotations and plugin methods from being stripped
**Implementation**: Add keep rules to proguard-rules.pro
```pro
# Keep Capacitor Plugin annotations & your plugin facade
-keep class com.getcapacitor.** { *; }
-keep @com.getcapacitor.annotation.CapacitorPlugin class * { *; }
-keepclassmembers class ** {
@com.getcapacitor.annotation.PluginMethod *;
}
```
### 1. Bridge Input Validation
**Purpose**: Validate all inputs before native processing
@@ -863,12 +877,15 @@ interface ScheduleResponse {
- [ ] Maps native exceptions to canonical errors
- [ ] Provides user-friendly error messages
- [ ] Rejects unknown keys with single joined message
- [ ] Channel policy enforced: missing/disabled channel returns `E_CHANNEL_MISSING` or `E_CHANNEL_DISABLED` with "Open Channel Settings" CTA
- [ ] HTTPS-only; connect/read timeouts ≤ 30s; content-length hard cap ≤ 1 MB; oversize → `E_RESPONSE_TOO_LARGE`
### Reliability
- [ ] Reboot scenarios reliably deliver notifications
- [ ] Doze scenarios degrade gracefully
- [ ] Clear logs explain system behavior
- [ ] User-visible reasoning for failures
- [ ] Rescheduler uses unique key `(requestCode|channelId|time)` and **UPSERT** semantics; log `EVT_BOOT_REHYDRATE_DONE(count=n)`
### Testing
- [ ] Test UI modularized into scenarios
@@ -919,6 +936,9 @@ By following this plan, the test app will become more maintainable, reliable, an
- @PluginMethod bodies ≤ 25 LOC, delegate to use-cases.
- "Copy Diagnostics (JSON)" button functional.
**Diagnostics MUST include:** appId, versionName/code, manufacturer/model, API level, timezone, `capacitor.config.json` plugin section echo, five status fields, last 50 event IDs.
- If exact alarm is denied/quota-limited, UI surfaces **"Degraded timing (Doze)"** and logs `EVT_DOZE_FALLBACK_TAKEN`.
### Phase 2 DoD
- Test UI split into modular scenarios with fixtures.
- Instrumentation tests cover channel disabled and exact alarm denied paths.
@@ -945,6 +965,7 @@ By following this plan, the test app will become more maintainable, reliable, an
- [ ] Status Matrix field(s) updated if capability changed
- [ ] Runbooks section touched if behavior changed
- [ ] No new events without ID (keeps logs grep-able)
- [ ] AndroidManifest receivers reviewed: only BootReceiver is exported; others remain `exported="false"`.
## Test Matrix
@@ -955,6 +976,7 @@ By following this plan, the test app will become more maintainable, reliable, an
| Exact alarm denied path | openExactAlarmSettings | Revoke exact alarm | Fallback path taken; logged `DOZE_FALLBACK` |
| Boot reschedule | BootReceiver | Reboot emulator | One (not duplicate) schedule restored |
| Doze idle window | scheduleDailyNotification | Device in idle | Fallback path taken; logged `EVT_DOZE_FALLBACK_TAKEN`; no crash |
| Bad schema rejects | bridge.ts + schema-validation.ts | Add unknown key / oversize title | Canonical `E_BAD_CONFIG` with single joined message |
## Error Codes (canonical)