From 17232e769831afe6e99cd85eb6b6d0ef81a7cc23 Mon Sep 17 00:00:00 2001 From: "Seshanth.S" <35675963+seshanthS@users.noreply.github.com> Date: Tue, 24 Mar 2026 02:52:12 +0530 Subject: [PATCH] docs: add BP-02 deferred backlog item for runtime bundle integrity (#1857) When CDN bundle loading lands, runtime checksum verification (SHA-256 manifest, fail-closed on mismatch) becomes a security boundary. This adds the backlog item and context so it's picked up at the right time. Co-authored-by: Claude Opus 4.6 --- .../projects/sdk/workstreams/build-pipeline/SPEC.md | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/specs/projects/sdk/workstreams/build-pipeline/SPEC.md b/specs/projects/sdk/workstreams/build-pipeline/SPEC.md index 70168795b..3e96ad502 100644 --- a/specs/projects/sdk/workstreams/build-pipeline/SPEC.md +++ b/specs/projects/sdk/workstreams/build-pipeline/SPEC.md @@ -43,9 +43,22 @@ | ID | Title | Status | Priority | Depends On | Plan | PR | |----|-------|--------|----------|------------|------|----| | BP-01 | WebView bundle build + copy script | Done | Medium | NSL-01, NSL-02 | [plans/BP-01-build-script.md](./plans/BP-01-build-script.md) | Complete on `feat/webview-sdk` | +| BP-02 | Runtime bundle integrity for CDN loading | Deferred | High | — | — | — | Allowed statuses: `Ready`, `In Progress`, `Blocked`, `Deferred`, `Done` +### BP-02 Context (Deferred) + +When the SDK moves to CDN-hosted bundles in production, runtime integrity verification becomes a security boundary. Scope: + +- Build step: generate a signed manifest (SHA-256 checksums of all bundle files) during `build-webview-bundle.sh` +- Android: Kotlin runtime check — verify downloaded bundle against manifest before loading into WebView +- iOS: Swift runtime check — same verification before `WKWebView.loadFileURL` +- Fail closed: refuse to load on any mismatch (missing file, checksum diff, missing manifest) +- The existing Gradle `validateWebViewBundle` task remains a dev-time guard; this is the prod-time counterpart + +Trigger: when remote/CDN bundle loading is implemented. + ## Active Plans | Plan | IDs | Status |