From 83869d2bef56ea2fc30c8777726b3d42de493581 Mon Sep 17 00:00:00 2001 From: Ahmet Abdullah Gultekin Date: Sat, 6 Jun 2026 14:26:10 +0000 Subject: [PATCH] docs(v5.3.1): changelog [5.3.1] entry + CLAUDE.md release/retry-fix notes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - CHANGELOG: promote [Unreleased] → [5.3.1] - 2026-06-06; add the MFA transport/IO retry fix (#87, headline) and cross-device/session fixes (#86) that had landed post-5.3.0 without changelog entries; keep the #82/#83 items. - CLAUDE.md: refresh stale "Latest: v5.2.3 / versionCode 10" → "v5.3.1 / versionCode 13"; document the CI signed-build command (host has no keystore pw); add a "v5.3.1 — MFA stale-connection retry" section. Co-Authored-By: Claude Opus 4.8 (1M context) --- CHANGELOG.md | 20 ++++++++++++++++++++ CLAUDE.md | 19 +++++++++++++++++-- 2 files changed, 37 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 54552b9a..cf499e26 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,8 +4,28 @@ All notable changes to the FIVUCSAS client apps (Android, iOS, Desktop). ## [Unreleased] +## [5.3.1] - 2026-06-06 + +> Production-signed release over 5.3.0 (versionCode 13). Headline: the cross-device +> **MFA reliability fix that 5.3.0 shipped without**; also formalises the post-5.3.0 +> mobile fixes (#82/#83/#86) into a tagged, signed APK. Prod cert `CN=FIVUCSAS` +> (SHA-256 `5e403eca…`); upgrades in place over 5.3.0. Built via CI +> `android-build.yml` (`build_type=release`). + ### Fixed +- **MFA/auth requests now retry on transport/IO aborts (#87).** The identity + `HttpClient` installs Ktor `HttpRequestRetry` (maxRetries=2, exponential backoff) + that retries **only** on transport/IO exceptions (`IOException` / `SocketTimeout` / + `ConnectTimeout` / `ClosedReceiveChannelException`) — never on 4xx/5xx, so a consumed + MFA code is never resubmitted and the serialized request body is fully replayable. + Fixes the OkHttp HTTP/2 stale-connection abort the server logged as *"Malformed + request body: I/O error while reading input message"* (previously misdiagnosed as a + slow-uplink truncation). `shared/src/commonMain/kotlin/com/fivucsas/shared/di/NetworkModule.kt`. +- **Cross-device login & session robustness (#86).** QR / approve-login no longer + swallows a non-2xx response (the error surfaces instead of failing silently), + plus session-expiry handling, NFC fixes, and hiding the preview-only "Add card" action. + - **"My Invitations" no longer crashes.** The screen called `GET /api/v1/invites/received`, which has no backend endpoint; the 404 error body was decoded as a `List` and threw a raw kotlinx-serialization error diff --git a/CLAUDE.md b/CLAUDE.md index 150e0a86..ec4027a9 100644 --- a/CLAUDE.md +++ b/CLAUDE.md @@ -34,8 +34,23 @@ real flow. ## Releases Signed APK published per `docs/RELEASE.md` + `docs/SIGNING.md`. Keystore in `keystore/`. -**Latest: v5.2.3** (cert SHA-256 `5e403eca…`, versionCode 10). v5.2.x installs in place over -prior signed releases (same cert). +**Latest: v5.3.1** (cert SHA-256 `5e403eca…`, versionCode 13) — adds the MFA +stale-connection retry fix over v5.3.0. Same signing cert since v5.2.x, so releases +install in place over prior signed builds. +**Build a signed release** (host has no keystore password → build via CI, not locally): +`gh workflow run android-build.yml -R Rollingcat-Software/client-apps --ref main -f build_type=release` +→ downloadable `fivucsas-release-apk` artifact, prod-signed with the GitHub keystore secrets. + +## v5.3.1 — MFA stale-connection retry (PR #87, 2026-06-06) + +`NetworkModule.kt`'s identity `HttpClient` installs Ktor `HttpRequestRetry` +(maxRetries=2, `exponentialDelay()`) that retries **only** on transport/IO exceptions +(IOException / SocketTimeout / ConnectTimeout / ClosedReceiveChannelException) — never on +4xx/5xx, so a consumed MFA code is never resubmitted and the serialized body is fully +replayable. Fixes the OkHttp HTTP/2 stale-connection abort the server logged as +"Malformed request body: I/O error while reading input message" (previously misdiagnosed +as slow-uplink truncation). The fix had been stranded on an unmerged branch (absent from +v5.3.0); recovered → merged → shipped as v5.3.1 (versionCode 13). ## Login fixes (2026-05-30, v5.2.2 / v5.2.3)