|
| 1 | +# Issue 460 Content Category and UGC Audit Plan |
| 2 | + |
| 3 | +## Goal |
| 4 | + |
| 5 | +Confirm whether the current OnTime release exposes user-created content to other |
| 6 | +users, document the release checklist result, and confirm the app is not in a |
| 7 | +restricted content category before Play submission. |
| 8 | + |
| 9 | +## Context |
| 10 | + |
| 11 | +- Parent release track: #466, Store listing and content. |
| 12 | +- Sub-issue: #460, Audit content category and UGC exposure. |
| 13 | +- #460 is labeled `codex-ready`, has no prerequisites, and asks for a scoped |
| 14 | + audit only. |
| 15 | +- The source issue references `plans/release_app_todos.md`, but that file is not |
| 16 | + present in this checkout. |
| 17 | +- Current app scope from `README.md` and `pubspec.yaml`: schedule preparation, |
| 18 | + alarms, reminders, and arrival-time planning. |
| 19 | +- Audited endpoint and data-source surfaces include authentication, user profile, |
| 20 | + feedback, schedules, preparations, FCM token registration, alarm settings, |
| 21 | + device registration, alarm windows, and alarm status reporting. |
| 22 | + |
| 23 | +## Decisions |
| 24 | + |
| 25 | +- Treat this as a documentation and release-readiness audit, not a product-code |
| 26 | + change. No app behavior is required when the audit finds no UGC exposure. |
| 27 | +- Use `docs/Release-Checklist.md` as the release checklist artifact requested by |
| 28 | + the acceptance criteria. |
| 29 | +- Do not create report, block, or moderation issues unless the audit finds |
| 30 | + user-created content visible to other users. |
| 31 | +- Keep restricted-category confirmation limited to the current repository |
| 32 | + surface; future feature work must re-audit before store submission. |
| 33 | + |
| 34 | +## Steps |
| 35 | + |
| 36 | +1. Inspect #466 and #460 metadata, labels, prerequisites, and comments. |
| 37 | +2. Confirm the active branch is `codexd/460-audit-content-category-ugc`. |
| 38 | +3. Audit source endpoints, remote data sources, entities, and public docs for |
| 39 | + social sharing, public profiles, feeds, comments, chat, uploads, report/block |
| 40 | + controls, and restricted-category signals. |
| 41 | +4. Update `docs/Release-Checklist.md` with the current no-UGC result, |
| 42 | + restricted-category result, and explicit re-audit requirements. |
| 43 | +5. Review the diff and verify the added documentation answers each #460 |
| 44 | + acceptance criterion. |
| 45 | +6. Commit only #460-related files, push the branch, and open a draft PR that |
| 46 | + closes #460 and references #466. |
| 47 | + |
| 48 | +## Validation |
| 49 | + |
| 50 | +- `git diff --check` |
| 51 | +- `git diff -- docs/Release-Checklist.md plans/460-audit-content-category-ugc-plan.md` |
| 52 | +- Source audit searches over `lib`, `docs`, `README.md`, and `pubspec.yaml` for |
| 53 | + UGC, sharing, moderation, and restricted-category terms. |
| 54 | + |
| 55 | +## Open Questions |
| 56 | + |
| 57 | +None. Human Play Console category selection still needs normal release-owner |
| 58 | +confirmation during store submission, but it does not block documenting this |
| 59 | +repository audit. |
0 commit comments