7.8 KiB
7.8 KiB
Engineering Reference Manual Update Plan
Goal: bring docs/Engineering_Reference_Manual.md into alignment with the current
relationship-app codebase. Verify every claim, file path, function name,
collection name, and architectural fact. Never assume.
Approach
- Batch-based. Each batch covers one major section or a coherent set of subsections. One agent/turn per batch.
- Evidence-first. For every factual claim in the manual, verify against the repo (grep, read file, run build/test if needed).
- Log everything. Each batch updates this plan with findings and changes made.
- Ripley coordinates. Ripley does not code unless necessary; Bishop or subagents may verify builds/docs.
Batches
Batch 1 — Front matter + System overview + Repository layout
- Read:
## How to use this documentthrough### Shared configuration. - Verify all directory paths under
app/src/main/java/app/closer/,functions/src/,functions/dist/,res/drawable-*. - Flag missing or renamed directories/files.
- Update any stale paths or naming.
Batch 2 — Authentication, pairing, couples model
- Read:
## Authentication and pairing flowthrough### Key Cloud Functions. - Verify auth files, pairing flow files,
couplescollection fields, recovery phrase implementation. - Cross-check
firestore.rulesfor the rules described. - Update if code diverges from doc.
Batch 3 — E2EE model + Firestore data model
- Read:
## End-to-end encryption modeland## Firestore data model. - Verify crypto files, encryption versions, collection schemas, field names.
- Check
firestore.rulesregex helpers and invariants. - Update data model tables if collections/fields changed.
Batch 4 — Daily question lifecycle + Cloud Functions module
- Read:
## Daily question lifecycleand## Cloud Functions. - Verify function triggers, handlers, schedules, module responsibilities.
- Cross-check
functions/src/tree. - Update if functions were added/removed/renamed.
Batch 5 — Firestore security rules
- Read:
## Firestore security rules. - Line-by-line verify against
firestore.rules. - Note any rules in the file not documented, or documented rules not in file.
Batch 6 — Billing + Notifications
- Read:
## Billingand## Notifications. - Verify RevenueCat integration files, entitlement checks, webhook handler.
- Verify notification classes, quiet hours, deep-link routing.
- Update for quiet-hours server-side suppression if doc still says local-only.
Batch 7 — iOS-specific + Build and release
- Read:
## iOS-specific notesand## Build and release. - Verify iOS project state (is it still broken? still exists?).
- Verify build commands, secrets, ProGuard, Functions deploy commands.
- Update stale commands or iOS status.
Batch 8 — Known landmines and recent fixes (cross-cutting)
- Read:
## Known landmines and recent fixes. - Verify each listed issue ID and fix matches git history and current code.
- Add any missing recent landmines (e.g., theme scanner, quiet hours server-side).
- Prune obsolete entries.
Batch 9 — Final review, TOC update, formatting
- Update
## Table of Contentsif headings changed. - Run markdown lint / build check if applicable.
- Final pass for consistency.
Status tracking
| Batch | Status | Findings | Changes made |
|---|---|---|---|
| 1 | ✅ done | core/feature/ note inaccurate (dir doesn't exist); data/questions/ listed QuestionDao but it's in data/local/ |
Corrected core/feature/ note; moved QuestionDao to data/local/; kept QuestionJsonParser in data/questions/; updated older-description note. |
| 2 | ✅ done | No anonymous sign-in or account linking in code; Android uses legacy Google Sign-In SDK (idToken), not Credential Manager; encryptionMigrationUsers field does not exist |
Removed anonymous auth and account-linking claims; corrected Google Sign-In description; removed encryptionMigrationUsers from couples model and added note that encryptionVersion is always 2. |
| 3 | ✅ done | /users/{uid} model missing sex, partnerId, plan, lastActiveAt, notification prefs, quiet-hours, fcmToken; hasPremium is not a real root field (premium lives in /entitlements/premium); /couples/{coupleId} listed non-existent encryptionMigrationUsers; date plan fields wrong; date plan preference fields wrong; bucket list fields wrong; missing /answers/{userId}/secure/{doc} for schemaVersion 2 |
Updated /users/{uid} to full allowlist; removed hasPremium root field and added note about /entitlements/premium; removed encryptionMigrationUsers; corrected date plan, preference, and bucket list fields; added secure subdoc to daily-question model. |
| 4 | ✅ done | Handler table missing functions (syncEntitlement, sendDailyQuestionProactiveReminder, sendReengagementReminder, sendChallengeDayReminders, unlockDueMemoryCapsules, sendGentleReminderCallable, onEntitlementChanged, onAnswerRevealed, onCoupleLeave, leaveCoupleCallable, submitOutcomeCallable, scheduledOutcomesReminder, onGamePartFinished, notifyOnDateMatch); still listed removed health endpoint and old name createDateMatchOnMutualLove; webhook section said 200-ack-before-process (now process-before-ack); scheduledOutcomesReminder timezone wrong |
Removed health; added all current functions and corrected notifyOnDateMatch; updated module responsibilities; corrected webhook to process-before-ack with 500-on-failure; fixed schedule timezones (only assignDailyQuestion, sendDailyQuestionProactiveReminder, sendReengagementReminder use America/Chicago). |
| 5 | ✅ done | users/{uid} section still described non-existent hasPremium root field; couples/{coupleId} section said all client writes denied (create is shape-restricted but possible); helper paragraph listed non-existent isStartingEncryptionMigration/isCompletingOwnEncryptionMigration |
Updated users/{uid} to clarify plan is client-written and premium lives in /entitlements/premium; corrected couples create/update description; removed migration-helper references. |
| 6 | ✅ done | Billing Webhook flow still said "ack 200 then process" (process-before-ack was fixed in Batch 4 but Billing section had stale duplicate); missing CouplePremiumChecker; Notifications said quiet-hours server-side suppression not implemented (it is, via recipientInQuietHours); Notifications said notification_queue reads denied for clients (Android reads it for Together feed); onEntitlementChanged handler table description said it mirrors plan (it notifies partner instead) |
Updated Billing webhook flow; added CouplePremiumChecker note; corrected quiet-hours to server-side-implemented; corrected notification_queue read claim; fixed onEntitlementChanged description. |
| 7 | ✅ done | iOS E2EE gap paragraph said iOS create invite writes an invite with null E2EE fields (server now rejects empty data, so no invite is created); ProGuard section claimed Tink reflection paths are kept (they are not in current rules) | Updated iOS create-invite consequence to "rejected by server"; clarified ProGuard does not currently keep Tink. |
| 8 | ✅ done | Theme landmine entry said C-ART-EDGE-002 still open (R13 fixed it); missing the mandatory theme-scan.sh Pass C pre-check |
Updated theme landmine to mark C-ART-EDGE-002 closed and document scripts/theme-scan.sh as mandatory pre-check. |
| 9 | ✅ done | TOC incorrectly nested Premium-gated features under Notifications; broken anchor [iOS E2EE gap](#ios-e2ee-gap); Repository layout still claimed iOS creates v0 couples |
Removed misplaced TOC nesting; fixed broken anchor; corrected iOS Repository layout claim to "pairing fails". |
Notes
- If a section is found to be mostly correct, still spot-check a few claims.
- If a section is wildly out of date, rewrite it and note the divergence.
- Commit after each batch (per Git Discipline Rules).