Document remaining AGENTS gaps
This commit is contained in:
@@ -341,3 +341,51 @@ Do not treat the product as complete until all of the following are true:
|
||||
- Build and run instructions exist for desktop, and packaging guidance exists for Android.
|
||||
- `go test ./...` passes.
|
||||
- `go tool golangci-lint run ./...` passes.
|
||||
|
||||
## Remaining Gaps Against AGENTS.md
|
||||
|
||||
This section tracks requirements from `AGENTS.md` that are not fully satisfied by the current landed code, even if the segment work and tests are green.
|
||||
|
||||
### 1. KDBX Security Settings Are Only Preserved, Not Fully Product-Configurable
|
||||
|
||||
Evidence:
|
||||
- `docs/kdbx-compatibility.md` states that KeePassGO preserves the original opened vault's cipher and KDF selection during save.
|
||||
- The same document also states:
|
||||
- KeePassGO does not yet provide a UI for editing cipher or KDF parameters directly.
|
||||
- New vault creation still uses library default KDBX header settings.
|
||||
|
||||
Why this is still a gap:
|
||||
- `AGENTS.md` requires support for the major KeePass-style encryption and KDF configuration choices represented in KDBX databases.
|
||||
- Preserving existing settings is good, but it is weaker than allowing the product user to choose those settings for new vaults or change them explicitly for existing vaults.
|
||||
|
||||
Remaining work:
|
||||
- Expose major KDBX cipher/KDF choices in the product UI for vault creation.
|
||||
- Expose supported security-setting changes for an existing unlocked vault.
|
||||
- Add behavior tests covering explicit user selection of supported cipher/KDF options.
|
||||
- Update `docs/kdbx-compatibility.md` once those product-facing controls exist.
|
||||
|
||||
Exit criteria for this gap:
|
||||
- A user can create a vault with a selected supported cipher/KDF combination through the product.
|
||||
- A user can change supported cipher/KDF settings for an existing vault through the product, where the underlying library supports it.
|
||||
- Tests cover those choices end to end.
|
||||
|
||||
### 2. Accessibility Requirement Needs Explicit Screen-Reader Review
|
||||
|
||||
Evidence:
|
||||
- Keyboard-first behavior and focus handling exist in the landed code.
|
||||
- Accessibility labels exist in `ui_accessibility.go`.
|
||||
- The repository does not currently contain a documented review of what screen-reader-conscious behavior Gio can and cannot provide on the supported desktop targets.
|
||||
|
||||
Why this is still a gap:
|
||||
- `AGENTS.md` explicitly calls for screen-reader-conscious design, not only keyboard shortcuts and focus states.
|
||||
- The current code suggests intent, but the repo does not yet document a concrete accessibility support boundary or validation result.
|
||||
|
||||
Remaining work:
|
||||
- Audit the current Gio accessibility surface on Linux and Windows for the controls used by KeePassGO.
|
||||
- Document what is currently exposed, what is intentionally labeled, and what remains limited by the toolkit.
|
||||
- Add targeted tests for any label/focus mapping that can be verified in-repo.
|
||||
|
||||
Exit criteria for this gap:
|
||||
- The repo includes a documented accessibility review for current desktop targets.
|
||||
- Screen-reader-conscious behavior is explicitly described rather than implied.
|
||||
- Any in-repo verifiable accessibility mappings have tests.
|
||||
|
||||
Reference in New Issue
Block a user