From 99f0ae0c49d8eb3def6a28276868e35ce00d6b28 Mon Sep 17 00:00:00 2001 From: null Date: Wed, 24 Jun 2026 21:26:23 -0500 Subject: [PATCH] docs(qa): Pass C also checks navigation from every entry point + back-stack/double-back UI review now verifies each screen opens correctly from ALL its entry points (inbox/Discuss/ notification, Play/notification, paywall from each gate) and that back (system + in-app) returns correctly with no dead-ends, exit-app surprises, or two-back/duplicate-stack issues. Co-Authored-By: Claude Opus 4.8 --- ClaudeQACoverage.md | 4 +++- ClaudeQAPlan.md | 11 +++++++++-- ClaudeReport.md | 4 +++- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/ClaudeQACoverage.md b/ClaudeQACoverage.md index a82b0e80..9a3912a0 100644 --- a/ClaudeQACoverage.md +++ b/ClaudeQACoverage.md @@ -34,7 +34,9 @@ reveal/results), not just launched.** All rows above are currently `launch ok / still owed for every game** in Round 2 (premium games need a premium toggle). A launch-only row counts as `partial`, not `pass`. ## Pass C — Visual (light + dark), all ~50 routes -_todo — enumerate from AppRoute.kt; 5554=Dark, 5556=Light._ +_todo — enumerate from AppRoute.kt; 5554=Dark, 5556=Light. Main tabs pass; deep/stateful screens owed._ +**Also owed:** navigation from EVERY entry point (each screen via all its links) + back-stack / "double-back" +(system back + in-app back to correct place from each entry; no dead-ends, no exit surprise, no two-back/duplicate stack). ## Pass D — Security & Encryption (D1–D6) _todo_ diff --git a/ClaudeQAPlan.md b/ClaudeQAPlan.md index deb52b32..51067a6a 100644 --- a/ClaudeQAPlan.md +++ b/ClaudeQAPlan.md @@ -100,8 +100,15 @@ Account); Paywall; Your Progress/Activity; Recovery. - **States, not just happy path:** empty / loading / error / not-paired where they exist; many need data setup (seeding is user-gated) — note unreachable states in coverage rather than skipping silently. - **Readability at scale:** default font size + spot-check largest system font scale on text-heavy screens. - -### Pass D — Security & Encryption audit (cornerstone; findings default to P0) +- **Navigation from every entry point:** reach each screen from **all** the places that link to it and confirm it + opens correctly each time — e.g. a conversation from the inbox AND from "Discuss" AND from a notification; a game + from the Play hub AND from a notification; Paywall from each gated feature; Settings sub-pages; reveal from Today + AND from history AND from `partner_answered`. A screen that works from one entry but breaks/duplicates from another = bug. +- **Back-stack / "double back":** from every entry point, **system back AND the in-app back arrow** return to the + correct previous screen — no dead-ends, no exiting the app unexpectedly, and **no screen that requires pressing + back twice** (duplicate/stacked destinations on the back stack = bug). Bottom-tab reselection and deep-link/ + notification entries must land with a sane back stack (back → Home, not off the app or a blank screen). Wrong/ + double back or a dead-end = **P2** (P1 if it traps the user). - **D1 At-rest coverage:** admin-read RAW docs/objects, assert ciphertext for every private type — chat text + `lastMessagePreview` (`enc:v1:`), chat media bytes (Tink `01 69 59 51 f0…`), answers (`sealed:v1:`/`enc:v1:`), date plans + `date_swipes`, Memory Lane capsules, Bucket List. Also: **wrappedCoupleKey** + recovery material never diff --git a/ClaudeReport.md b/ClaudeReport.md index fd3468b2..32220e5e 100644 --- a/ClaudeReport.md +++ b/ClaudeReport.md @@ -1,6 +1,6 @@ # Claude QA Report — Full-App QA (living report) -> **RUN-STATE: Round 2 (re-QA + deferred coverage) NEXT | NEXT ACTION: re-verify A-001 + E-001 fixes; **play each game ONE complete time through on both devices** (Pass B was launch-only — full playthroughs still owed); then Pass C deep/stateful screens (reveal, wheel session, dates, bucket list, auth/onboarding) in both themes, full live notification matrix, D3 live non-member test.** +> **RUN-STATE: Round 2 (re-QA + deferred coverage) NEXT | NEXT ACTION: re-verify A-001 + E-001 fixes; **play each game ONE complete time through on both devices** (Pass B was launch-only — full playthroughs still owed); then Pass C deep/stateful screens (reveal, wheel session, dates, bucket list, auth/onboarding) in both themes + **navigation from every entry point & back-stack/double-back checks**, full live notification matrix, D3 live non-member test.** > Round 1 complete (all 5 passes run report-only; P0–P2 found were fixed in-line). Fixes: A-001 (e8892a9), E-001 (ce12abb). Open P3: A-003, B-001, E-002. > Playbook: `ClaudeQAPlan.md`. Coverage matrix: `ClaudeQACoverage.md`. Report-only during passes (no fixes until the fix phase). > Devices: emulator-5554 (QA=`Y05AKO`) + emulator-5556 (Sam=`imDjjO`), paired (coupleId `Xal3Kw3gjSdn0niERYKJ`). Build == HEAD `64f0a7e`. @@ -53,6 +53,8 @@ _Deep/stateful screens (answer reveal, wheel session/complete, date match/builde **Pass B requirement (updated):** each game must be **played one complete time through on both devices** (start → every step → finish/reveal/results), not just launched. Round 1 did launch-only → **full playthroughs owed in Round 2** for all 7 (premium games need a premium toggle). A launch-only result = `partial`, not `pass`. +**Pass C requirement (added):** **navigation from every entry point** (each screen reached from all its links — e.g. conversation from inbox/Discuss/notification; game from Play/notification; paywall from each gate) + **back-stack / "double-back"** (system back AND in-app back return to the right place from each entry; no dead-ends, no exit-app surprise, **no screen needing two backs**/duplicate stack entries; deep-link/notification entries land with a sane back stack). Owed in Round 2. Wrong/double back or dead-end = P2 (P1 if it traps the user). + ## Pass D — Security & Encryption ✅ clean (no P0/P1 found) - **D1 at-rest:** all private content is ciphertext — message `text` + `lastMessagePreview` + thread messages = `enc:v1:`; daily answers `encryptedPayload` = `sealed:v1:`. Metadata (dates, types, commitmentHash, ids) plaintext as expected. Chat media bytes = Tink ciphertext (verified prior round + unchanged code path). **No plaintext content leak.** - **D2 rules:** no catch-all `match /{document=**}`, no blanket `if true`; **`hasPremium` server-only** (client create/update blocked, rules L172/174); entitlements `write:false`; conversations/messages/typing/reactions + entitlement partner-read scoped to members.