From d6cf9469aa0462d1b8313cc85907176eee1214a2 Mon Sep 17 00:00:00 2001
From: Matthias Nott <mnott@mnsoft.org>
Date: Wed, 25 Mar 2026 17:10:54 +0100
Subject: [PATCH] fix: C3 debug logs, H1-H5 image cache, temp files, controller leak, validation, lifecycle

---
 TODO-appstore.md |   16 ++++++++--------
 1 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/TODO-appstore.md b/TODO-appstore.md
index 600ba0f..4f73b46 100644
--- a/TODO-appstore.md
+++ b/TODO-appstore.md
@@ -6,16 +6,16 @@
 ## CRITICAL (Must fix before submission)
 
 - [x] **C1: Remove NSAllowsArbitraryLoads** — ATS bypass, Apple will reject. Use NSAllowsLocalNetworking only *(fixed 2026-03-25)*
-- [ ] **C2: Add TLS to MQTT** — All conversations and auth token travel in plaintext. Set `client.secure = true`, configure TLS on AIBroker broker
-- [ ] **C3: Remove debug log files in production** — `mqtt_debug.log` and `_chatLog` write truncated message content to Documents. Wrap in `kDebugMode` or remove entirely
+- [x] **C2: Add TLS to MQTT** — All conversations and auth token travel in plaintext. Set `client.secure = true`, configure TLS on AIBroker broker *(fixed 2026-03-25 — self-signed cert auto-generated at ~/.aibroker/tls/, onBadCertificate accepts it; TODO: pin cert fingerprint)*
+- [x] **C3: Remove debug log files in production** — `mqtt_debug.log` and `_chatLog` write truncated message content to Documents. Wrap in `kDebugMode` or remove entirely *(fixed 2026-03-25)*
 
 ## HIGH (Should fix before submission)
 
-- [ ] **H1: Unbounded image cache** — `_imageCache` in message_bubble.dart grows without limit. Add LRU eviction (cap at 50)
-- [ ] **H2: Audio temp files never cleaned** — `_base64ToFile` creates .m4a files never deleted. Clean up after playback completes
-- [ ] **H3: TextEditingController leak** — Rename dialog in session_drawer.dart creates controller but never disposes it
-- [ ] **H4: Input validation on settings** — No validation on host IPs, port range, MAC format. Add regex validators
-- [ ] **H5: LifecycleObserver never removed** — AudioService.init() adds observer but dispose() doesn't remove it
+- [x] **H1: Unbounded image cache** — `_imageCache` in message_bubble.dart grows without limit. Add LRU eviction (cap at 50) *(fixed 2026-03-25)*
+- [x] **H2: Audio temp files never cleaned** — `_base64ToFile` creates .m4a files never deleted. Clean up after playback completes *(fixed 2026-03-25)*
+- [x] **H3: TextEditingController leak** — Rename dialog in session_drawer.dart creates controller but never disposes it *(fixed 2026-03-25)*
+- [x] **H4: Input validation on settings** — No validation on host IPs, port range, MAC format. Add regex validators *(fixed 2026-03-25)*
+- [x] **H5: LifecycleObserver never removed** — AudioService.init() adds observer but dispose() doesn't remove it *(fixed 2026-03-25)*
 - [ ] **H6: MQTT token in memory** — Acceptable for personal use, document as known limitation
 
 ## MEDIUM (Improve before submission)
@@ -51,4 +51,4 @@
 | UIBackgroundModes: audio | PASS | - |
 | Privacy Policy | FAIL | Fix L2 |
 | PrivacyInfo.xcprivacy | FAIL | Fix L1 |
-| TLS for network | FAIL | Fix C2 |
+| TLS for network | PASS | Fixed C2 - self-signed cert, onBadCertificate=true |

--
Gitblit v1.3.1