phpMyFAQ
diff --git a/‎.github/workflows/mobile-ci.yml‎
Lines changed: 116 additions & 0 deletions b/‎.github/workflows/mobile-ci.yml‎
Lines changed: 116 additions & 0 deletions
diff --git a/‎.github/workflows/mobile-openapi-sync.yml‎
Lines changed: 59 additions & 0 deletions b/‎.github/workflows/mobile-openapi-sync.yml‎
Lines changed: 59 additions & 0 deletions
diff --git a/‎.github/workflows/mobile-release.yml‎
Lines changed: 27 additions & 0 deletions b/‎.github/workflows/mobile-release.yml‎
Lines changed: 27 additions & 0 deletions
diff --git a/‎.gitignore‎
Lines changed: 42 additions & 0 deletions b/‎.gitignore‎
Lines changed: 42 additions & 0 deletions
diff --git a/‎CLAUDE.md‎
Lines changed: 62 additions & 0 deletions b/‎CLAUDE.md‎
Lines changed: 62 additions & 0 deletions
diff --git a/‎docs/mobile/architecture.md‎
Lines changed: 79 additions & 0 deletions b/‎docs/mobile/architecture.md‎
Lines changed: 79 additions & 0 deletions
@@ -0,0 +1,116 @@
+name: mobile-ci
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - 'mobile/**'
+      - '.github/workflows/mobile-*.yml'
+  pull_request:
+    paths:
+      - 'mobile/**'
+      - '.github/workflows/mobile-*.yml'
+
+concurrency:
+  group: mobile-ci-${{ github.ref }}
+  cancel-in-progress: true
+
+defaults:
+  run:
+    working-directory: mobile
+
+jobs:
+  lint:
+    name: Lint (ktlint + detekt)
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '17'
+      - uses: gradle/actions/setup-gradle@v4
+      - run: ./gradlew ktlintCheck detekt --stacktrace
+
+  shared-unit:
+    name: Shared unit tests
+    runs-on: ubuntu-latest
+    needs: lint
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '17'
+      - uses: gradle/actions/setup-gradle@v4
+      - run: ./gradlew :shared:testDebugUnitTest :shared:jvmTest --stacktrace
+      - uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: shared-unit-reports
+          path: mobile/shared/build/reports/tests/
+
+  android-build:
+    name: Android debug build
+    runs-on: ubuntu-latest
+    needs: shared-unit
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '17'
+      - uses: gradle/actions/setup-gradle@v4
+      - run: ./gradlew :androidApp:assembleDebug --stacktrace
+      - uses: actions/upload-artifact@v4
+        with:
+          name: androidApp-debug-apk
+          path: mobile/androidApp/build/outputs/apk/debug/*.apk
+
+  ios-build:
+    name: iOS simulator build
+    runs-on: macos-latest
+    needs: lint
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '17'
+      - uses: gradle/actions/setup-gradle@v4
+      - name: Install XcodeGen
+        run: brew install xcodegen
+      - name: Generate Xcode project
+        working-directory: mobile/iosApp
+        run: xcodegen generate
+      - name: Assemble shared XCFramework
+        run: ./gradlew :shared:assembleSharedDebugXCFramework --stacktrace
+      - name: Build iOS app
+        working-directory: mobile/iosApp
+        run: |
+          xcodebuild \
+            -project iosApp.xcodeproj \
+            -scheme iosApp \
+            -configuration Debug \
+            -destination 'generic/platform=iOS Simulator' \
+            -skipPackagePluginValidation \
+            CODE_SIGNING_ALLOWED=NO \
+            build
+
+  shared-ios-test:
+    name: Shared iOS simulator tests
+    runs-on: macos-latest
+    needs: shared-unit
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '17'
+      - uses: gradle/actions/setup-gradle@v4
+      - run: ./gradlew :shared:iosSimulatorArm64Test --stacktrace
+      - uses: actions/upload-artifact@v4
+        if: always()
+        with:
+          name: shared-ios-reports
+          path: mobile/shared/build/reports/tests/
@@ -0,0 +1,59 @@
+name: mobile-openapi-sync
+
+on:
+  workflow_dispatch:
+    inputs:
+      phpmyfaq_ref:
+        description: 'phpMyFAQ git ref (tag or branch) to pull the spec from'
+        required: true
+        default: '4.2.0'
+  repository_dispatch:
+    types: [phpmyfaq-release]
+
+jobs:
+  sync:
+    name: Regenerate API client
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Resolve phpMyFAQ ref
+        id: resolve
+        run: |
+          if [[ "${{ github.event_name }}" == "repository_dispatch" ]]; then
+            echo "ref=${{ github.event.client_payload.ref }}" >> "$GITHUB_OUTPUT"
+          else
+            echo "ref=${{ inputs.phpmyfaq_ref }}" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Download OpenAPI spec
+        run: |
+          curl -fsSL \
+            "https://raw.githubusercontent.com/thorsten/phpMyFAQ/${{ steps.resolve.outputs.ref }}/docs/openapi.yaml" \
+            -o mobile/spec/openapi/v3.2.yaml
+          echo "${{ steps.resolve.outputs.ref }}" > mobile/spec/openapi/VERSION
+
+      - uses: actions/setup-java@v4
+        with:
+          distribution: temurin
+          java-version: '17'
+
+      - name: Regenerate client
+        run: mobile/scripts/generate-api-client.sh
+
+      - name: Open pull request
+        uses: peter-evans/create-pull-request@v6
+        with:
+          branch: mobile/openapi-sync-${{ steps.resolve.outputs.ref }}
+          title: "mobile: regenerate API client for phpMyFAQ ${{ steps.resolve.outputs.ref }}"
+          commit-message: "mobile: regenerate API client for phpMyFAQ ${{ steps.resolve.outputs.ref }}"
+          body: |
+            Automated sync of the pinned OpenAPI spec and generated Kotlin client.
+
+            Source ref: `${{ steps.resolve.outputs.ref }}`
+
+            Review the diff carefully before merging — generator changes can
+            subtly shift serialization behaviour.
+          labels: mobile, openapi-sync
@@ -0,0 +1,27 @@
+name: mobile-release
+
+# Phase 0: committed but inactive. The first real use lands in Phase 1
+# once the `mobile-v0.1.0` tag is cut and signing secrets are added
+# to the repository.
+
+on:
+  push:
+    tags:
+      - 'mobile-v*'
+  workflow_dispatch:
+
+defaults:
+  run:
+    working-directory: mobile
+
+jobs:
+  placeholder:
+    name: Release pipeline placeholder
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Phase 0 notice
+        run: |
+          echo "Phase 0 release workflow is a placeholder."
+          echo "Signed artifact production lands in Phase 1."
+          exit 0
@@ -0,0 +1,42 @@
+# macOS
+.DS_Store
+
+# IDE
+.idea/
+*.iml
+.vscode/
+*.swp
+
+# Gradle / Kotlin
+mobile/.gradle/
+mobile/build/
+mobile/**/build/
+mobile/buildSrc/build/
+mobile/local.properties
+mobile/.kotlin/
+
+# Android
+mobile/**/captures/
+mobile/**/release/
+mobile/**/debug/
+*.apk
+*.aab
+
+# Xcode / iOS
+mobile/iosApp/iosApp.xcodeproj/
+mobile/iosApp/iosApp.xcworkspace/
+mobile/iosApp/Pods/
+mobile/iosApp/*.xcuserstate
+mobile/iosApp/DerivedData/
+xcuserdata/
+*.xcworkspace/xcuserdata/
+
+# Generated API client — kept under version control, but build outputs are not
+mobile/shared/build/generated/
+
+# Secrets
+*.keystore
+*.jks
+!debug.keystore
+google-services.json
+GoogleService-Info.plist
@@ -0,0 +1,62 @@
+# MyFAQ.app
+
+Native iOS + Android client for phpMyFAQ. Planning stage — no code yet, only `plans/mobile-app-plan.md`.
+
+## Status
+
+- Repo: `phpMyFAQ/MyFAQ` (this checkout). Current contents: `plans/`, `LICENSE`. Source tree lands in Phase 0.
+- App versions track phpMyFAQ minor versions (app `1.0.0` → phpMyFAQ `4.2.x`).
+
+## Locked decisions (do not re-open without deliberate revisit)
+
+- **Stack**: Kotlin Multiplatform shared module; SwiftUI (iOS); Jetpack Compose (Android).
+- **Brand**: MyFAQ.app, domain `https://myfaq.app`.
+- **Model**: freemium. Read + offline free forever. Writes (login, ask, comment, rate, register) behind Pro unlock in Phase 3.
+- **Minimum phpMyFAQ version**: `4.2.0`. No back-compat to `v3.1`. OpenAPI client generated from 4.2.x spec only.
+- **iOS bundle ID**: `app.myfaq.ios`. Irreversible in store.
+- **Marketing site**: `https://myfaq.app` is a single landing page with download badges at launch. No mirrored docs.
+
+## Scope guardrails
+
+- **v1 is read-only.** No writes, no auth prompts in free tier.
+- **No `admin/api/*`.** Session + CSRF not a fit for native client. App is not a second admin panel.
+- **No push in v1.** Server contract missing.
+- **Excluded entirely**: `faq/create|update`, `category` POST, `backup/{type}`.
+- API surface pinned to phpMyFAQ public `v3.2` (`docs/openapi.yaml` upstream).
+
+## Shared libs (locked)
+
+Ktor · kotlinx.serialization · SQLDelight (FTS5) · Koin · openapi-generator · WorkManager/BGTaskScheduler · Coil/SDWebImageSwiftUI · StoreKit 2 / Play Billing v7+.
+
+Secure storage: iOS Keychain + Android `androidx.security.crypto`. DB encrypted: SQLCipher (Android), Data Protection Class B (iOS). Credentials NEVER in SQLite.
+
+## Phases
+
+- **0** — foundations: CI, KMP scaffold, generated client, `Entitlements` stub returns `false`. Detailed plan: `plans/phase-0-foundations.md`.
+- **1** — read-only MVP online, server search, paywall shell non-functional.
+- **2** — offline: SQLite + FTS5 + background sync + attachments. Public v1.0.0, free tier only.
+- **3** — Pro: StoreKit 2 + Play Billing, login/OAuth2, ask/comment/rate, `pending_writes` queue. v2.0.0.
+- **4** — polish: a11y, l10n, telemetry scrub.
+- **5** — stretch: widgets, watch, iPad split-view, push (pending server).
+
+## Pro SKUs (to finalize before Phase 3)
+
+`pro_lifetime` (one-time) + `pro_annual` (~1/3 lifetime price). Tech plan supports either alone or both.
+
+## Open questions (see plan §"Open questions")
+
+1. Pro pricing model — before Phase 3.
+2. Push architecture — before Phase 5.
+
+## Server-side asks (nice-to-have, non-blocking)
+
+Filed as phpMyFAQ issues: tombstones (`faqs/deleted?since=`), ETag on list endpoints, OAuth discovery, push registration contract.
+
+**Already shipped upstream**: `GET /api/v3.2/meta` (single bootstrap call — version, title, language, available languages, features, logo URL, OAuth discovery). App uses it for instance selector + sync bootstrap; legacy `version`+`title`+`language` fan-out kept only as fallback for older installs.
+
+## Working on this repo
+
+- Primary doc: `plans/mobile-app-plan.md`. Treat as source of truth for architecture questions.
+- Phase 0 plan: `plans/phase-0-foundations.md`.
+- When editing the plan: preserve "Decided" / "Open questions" structure. Do not move locked items back to open without explicit user request.
+- Mobile app source tree will live in this same repo (`phpMyFAQ/MyFAQ`), not in a separate `myfaq-app` repo.
@@ -0,0 +1,79 @@
+# Mobile Architecture
+
+## Module diagram
+
+```
+┌──────────────┐      ┌──────────────┐
+│  androidApp  │      │    iosApp     │
+│  (Compose)   │      │  (SwiftUI)   │
+└──────┬───────┘      └──────┬───────┘
+       │                     │
+       └────────┬────────────┘
+                │
+       ┌────────▼────────┐
+       │     shared      │
+       │ (Kotlin/Multi-  │
+       │   platform)     │
+       └────────┬────────┘
+                │
+    ┌───────────┼───────────┐
+    │           │           │
+┌───▼──┐  ┌────▼───┐  ┌────▼───┐
+│ api/ │  │ data/  │  │ plat-  │
+│      │  │        │  │ form/  │
+└──────┘  └────────┘  └────────┘
+```
+
+## Boundaries
+
+- **`shared/commonMain`** — all business logic, DTOs, API client
+  wrapper, DAOs, `Entitlements` facade, Koin DI modules. Depends only
+  on Kotlin stdlib, Ktor, kotlinx.serialization, SQLDelight, and Koin.
+
+- **`shared/androidMain`** — `actual` implementations for:
+  - `SecureStore` (EncryptedSharedPreferences)
+  - `DatabaseDriverFactory` (SQLCipher + AndroidSqliteDriver)
+  - `EntitlementsPlatform` (stub; Phase 3 wires Play Billing)
+
+- **`shared/iosMain`** — `actual` implementations for:
+  - `SecureStore` (Keychain Services)
+  - `DatabaseDriverFactory` (NativeSqliteDriver + Data Protection)
+  - `EntitlementsPlatform` (stub; Phase 3 wires StoreKit 2)
+
+- **`androidApp`** — thin Jetpack Compose host. Depends on `shared`.
+  Contains only UI code and the Android `Application` subclass that
+  bootstraps Koin with the Android platform module.
+
+- **`iosApp`** — thin SwiftUI host. Consumes the `Shared.framework`
+  XCFramework produced by the KMP build. Contains only SwiftUI views
+  and the `@main` App struct that bootstraps Koin.
+
+## `expect` / `actual` surface
+
+```
+expect class SecureStore { put, get, remove, clear }
+expect class DatabaseDriverFactory { create(passphrase) }
+expect object EntitlementsPlatform { isPro() }
+```
+
+Nothing else is `expect`ed in Phase 0. Additional platform hooks
+(push, billing, biometrics) land in their owning phases.
+
+## Data flow (Phase 0)
+
+```
+App launch
+  ↓
+initKoin (platform module + shared module)
+  ↓
+MetaLoader.load()
+  ↓
+MyFaqApiImpl → HttpClient (MockEngine in Phase 0)
+  ↓
+Meta DTO deserialized via kotlinx.serialization
+  ↓
+UI renders version string
+```
+
+Phase 1 replaces MockEngine with real per-platform HTTP engines
+(OkHttp on Android, Darwin on iOS) and adds real network calls.