56 lines
2.7 KiB
Markdown
56 lines
2.7 KiB
Markdown
# Step 6 Audit Round 1 (P0/P1)
|
|
|
|
## Coverage
|
|
|
|
- Reviewed high-risk auth/session/network/watch files:
|
|
- `iphone/Werkout_ios/UserStore.swift`
|
|
- `iphone/Werkout_ios/Network/Network.swift`
|
|
- `iphone/Werkout_ios/BridgeModule+Watch.swift`
|
|
- `iphone/Werkout_watch Watch App/WatchMainViewModel.swift`
|
|
- `iphone/Werkout_watch Watch App/WatchMainViewModel+WCSessionDelegate.swift`
|
|
- `iphone/Werkout_ios/HealthKitHelper.swift`
|
|
- `iphone/Werkout_ios/CurrentWorkoutInfo.swift`
|
|
- Ran:
|
|
- `./scripts/smoke/smoke_all.sh`
|
|
- Added/ran regression tests in `SharedCore` for token lifecycle and watch payload validation.
|
|
|
|
## Findings And Fixes
|
|
|
|
1. `P1` Watch command loss during activation
|
|
- Evidence: `iphone/Werkout_watch Watch App/WatchMainViewModel+WCSessionDelegate.swift:40`
|
|
- Problem: payloads were dropped when `WCSession` was not activated.
|
|
- Fix: added bounded queue (`maxQueuedPayloads`), enqueue on inactive session, flush on activation.
|
|
|
|
2. `P1` Silent/unsafe watch payload decode failures
|
|
- Evidence: `iphone/Werkout_ios/BridgeModule+Watch.swift:73`
|
|
- Evidence: `iphone/Werkout_watch Watch App/WatchMainViewModel.swift:74`
|
|
- Problem: `try?` decode silently ignored malformed payloads.
|
|
- Fix: added shared `WatchPayloadValidation` with size checks and structured decode failures; both decode paths now reject+log bad payloads.
|
|
|
|
3. `P1` Auth token normalization gap for prefixed tokens
|
|
- Evidence: `SharedCore/Sources/SharedCore/TokenSecurity.swift:24`
|
|
- Problem: `"Token ..."` / `"Bearer ..."` values were not normalized.
|
|
- Fix: normalize known auth prefixes and reject bare prefix-only strings.
|
|
|
|
4. `P1` Network reliability/threading risk
|
|
- Evidence: `iphone/Werkout_ios/Network/Network.swift:12`
|
|
- Problem: infinite request timeouts and completion handlers returning on background threads.
|
|
- Fix: finite timeout (`30s`) and centralized main-thread completion delivery.
|
|
|
|
5. `P1` HealthKit helper shared mutable-state race
|
|
- Evidence: `iphone/Werkout_ios/HealthKitHelper.swift:20`
|
|
- Problem: mutable cross-request state (`completion`, counters, shared result object) could race and mis-route results.
|
|
- Fix: per-request aggregation via `DispatchGroup`, single UUID query (`limit: 1`), thread-safe aggregation queue, structured runtime logging.
|
|
|
|
6. `P2` Workout order inconsistency across helpers
|
|
- Evidence: `iphone/Werkout_ios/CurrentWorkoutInfo.swift:24`
|
|
- Problem: some paths used unsorted `workout.supersets` while others used sorted supersets.
|
|
- Fix: unified core navigation/lookup paths on sorted `superset` accessor and corrected bounds check.
|
|
|
|
## Validation
|
|
|
|
- Smoke suite passed after fixes:
|
|
- token scan
|
|
- SharedCore tests (including new regression tests)
|
|
- iOS/watchOS/tvOS builds
|