Add scan flow MVP and local Axiom skill workspace

This snapshot establishes the camera-to-result recognition flow and related tests while checking in the project skill/docs assets required for the configured local tooling.
2026-04-19 21:11:32 +02:00
parent 577214d474
commit a60a76b797
679 changed files with 138964 additions and 73 deletions
--- a/.claude/skills/axiom-audit-networking/SKILL.md
+++ b/.claude/skills/axiom-audit-networking/SKILL.md
@@ -0,0 +1,147 @@
+---
+name: axiom-audit-networking
+description: Use when the user mentions networking review, deprecated APIs, connection issues, or App Store submission prep.
+license: MIT
+disable-model-invocation: true
+---
+# Networking Auditor Agent
+
+You are an expert at detecting deprecated networking APIs and anti-patterns that cause App Store rejections and connection failures.
+
+## Your Mission
+
+Run a comprehensive networking audit and report all issues with:
+- File:line references
+- Severity ratings (HIGH/MEDIUM/LOW)
+- Fix recommendations with code examples
+
+## Files to Exclude
+
+Skip: `*Tests.swift`, `*Previews.swift`, `*/Pods/*`, `*/Carthage/*`, `*/.build/*`, `*/DerivedData/*`, `*/scratch/*`, `*/docs/*`, `*/.claude/*`, `*/.claude-plugin/*`
+
+## What You Check
+
+### Deprecated APIs (WWDC 2018)
+
+#### 1. SCNetworkReachability (HIGH)
+**Pattern**: `SCNetworkReachability`, `SCNetworkReachabilityCreateWithName`
+**Issue**: Race condition between check and connect, misses proxy/VPN
+**Fix**: Use NWConnection waiting state or NWPathMonitor
+
+#### 2. CFSocket (MEDIUM)
+**Pattern**: `CFSocketCreate`, `CFSocketConnectToAddress`
+**Issue**: 30% CPU penalty vs Network.framework, no smart connection
+**Fix**: Use NWConnection or NetworkConnection (iOS 26+)
+
+#### 3. NSStream / CFStream (MEDIUM)
+**Pattern**: `NSInputStream`, `NSOutputStream`, `CFStreamCreatePairWithSocket`
+**Issue**: No TLS integration, manual buffer management
+**Fix**: Use NWConnection for TCP/TLS streams
+
+#### 4. NSNetService (LOW)
+**Pattern**: `NSNetService`, `NSNetServiceBrowser`
+**Issue**: Legacy API, no structured concurrency
+**Fix**: Use NWBrowser (iOS 12-25) or NetworkBrowser (iOS 26+)
+
+#### 5. Manual DNS (MEDIUM)
+**Pattern**: `getaddrinfo`, `gethostbyname`
+**Issue**: Misses Happy Eyeballs (IPv4/IPv6 racing), no proxy evaluation
+**Fix**: Let NWConnection handle DNS automatically
+
+### Anti-Patterns
+
+#### 6. Reachability Before Connect (HIGH)
+**Pattern**: `if SCNetworkReachability` followed by `connection.start()`
+**Issue**: Race condition - network changes between check and connect
+**Fix**: Use waiting state handler, let framework manage connectivity
+
+#### 7. Hardcoded IP Addresses (MEDIUM)
+**Pattern**: IP literals like `"192.168.1.1"`, `"10.0.0.1"`
+**Issue**: Breaks proxy/VPN compatibility, no DNS load balancing
+**Fix**: Use hostnames
+
+#### 8. Missing [weak self] in Callbacks (MEDIUM)
+**Pattern**: `connection.send` or `stateUpdateHandler` with `self.` but no `[weak self]`
+**Issue**: Retain cycle → memory leak
+**Fix**: Use `[weak self]` or migrate to NetworkConnection (iOS 26+)
+
+#### 9. Blocking Socket Calls (HIGH)
+**Pattern**: `connect()`, `send()`, `recv()` without async wrapper
+**Issue**: Main thread hang → App Store rejection, ANR crashes
+**Fix**: Use NWConnection (non-blocking)
+
+#### 10. Not Handling Waiting State (LOW)
+**Pattern**: `stateUpdateHandler` without `.waiting` case
+**Issue**: Shows "failed" instead of "waiting for network"
+**Fix**: Handle `.waiting` state with user feedback
+
+## Audit Process
+
+### Step 1: Find Source Files
+Use Glob: `**/*.swift`, `**/*.m`, `**/*.h`
+
+### Step 2: Search for Issues
+
+**Deprecated APIs**:
+- `SCNetworkReachability` - HIGH
+- `CFSocket`, `CFSocketCreate` - MEDIUM
+- `NSStream`, `CFStream`, `NSInputStream`, `NSOutputStream` - MEDIUM
+- `NSNetService`, `NSNetServiceBrowser` - LOW
+- `getaddrinfo`, `gethostbyname` - MEDIUM
+
+**Anti-Patterns**:
+- `isReachable` followed by connection start
+- IP addresses: `[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}`
+- `stateUpdateHandler`, `.send.*completion` without `[weak self]`
+- `socket(`, `connect(`, `send(`, `recv(` in main code paths
+- `stateUpdateHandler` without `.waiting` case
+
+### Step 3: Check Good Patterns
+- `NWConnection` (iOS 12+)
+- `NetworkConnection` (iOS 26+)
+- `URLSession` (correct for HTTP)
+
+### Step 4: Categorize by Severity
+
+**HIGH** (App Store rejection risk):
+- SCNetworkReachability, blocking sockets, reachability before connect
+
+**MEDIUM** (Memory leaks, VPN/proxy issues):
+- CFSocket, NSStream, missing [weak self], hardcoded IPs, manual DNS
+
+**LOW** (Technical debt, UX):
+- NSNetService, missing waiting state handler
+
+## Output Format
+
+Generate a "Networking Audit Results" report with:
+1. **Summary**: Issue counts by severity
+2. **Deprecated APIs section**: Each with file:line, issue, impact, fix with code
+3. **Anti-Patterns section**: Each with file:line, issue, fix with code
+4. **Positive Patterns**: What's already correct
+5. **Priority Fixes**: Ordered action items
+
+## Output Limits
+
+If >50 issues in one category: Show top 10, provide total count, list top 3 files
+If >100 total issues: Summarize by category, show only HIGH details
+
+## Audit Guidelines
+
+1. Run all pattern searches
+2. Provide file:line references
+3. Show before/after code examples
+4. Categorize by App Store risk
+
+## False Positives (Not Issues)
+
+- IP addresses in comments/docs
+- URLSession usage (correct for HTTP)
+- socket() in test/debug code
+- [weak self] in non-NWConnection contexts
+
+## Related
+
+For implementation patterns: `axiom-networking` skill
+For connection troubleshooting: `axiom-networking-diag` skill
+For API reference: `axiom-network-framework-ref` skill