# Testing, CI, and Release Compliance

## Testing Strategy

- Rust unit tests: frame parsing, NAT expiry, DNS policy, MTU calculations,
  replay windows, lease allocation.
- Rust fuzzing: malformed VSHP frames and packet parser inputs.
- Kotlin unit tests: domain state reducers, pairing expiry, VPN status mapping.
- Android instrumented tests: foreground service lifecycle, notification stop
  action, mDNS registration, LocalOnlyHotspot failure paths.
- Hardware integration tests: USB accessory sessions on physical Android
  devices and Windows/Linux/macOS hosts.
- E2E matrix: WireGuard, OpenVPN, Clash, V2Ray; IPv4-only, IPv6-capable,
  split-tunnel VPNs, VPN absent.

## CI Design

Required jobs:

- `rust`: `cargo fmt --check`, `cargo clippy --workspace -- -D warnings`,
  `cargo test --workspace`.
- `android`: Gradle unit tests, lint, assemble debug.
- `security`: dependency audit, CodeQL, license scan, SBOM generation.
- `docs`: markdown lint and Mermaid render smoke test.

Physical-device CI is required before release for USB, LocalOnlyHotspot, battery,
and vendor VPN compatibility.

## Play Store Review Checklist

- Store listing explains VPN Share is a network sharing tool.
- If Android client VPN mode is bundled, `VpnService` declaration is submitted.
- In-app disclosure is separate from privacy policy and requires affirmative
  action.
- No personal/sensitive traffic collection.
- No ad traffic manipulation.
- Foreground-service type declaration matches actual use.
- Target SDK follows current Play requirements at release time.

## Release Gates

- No known traffic leaks in VPN-active E2E tests.
- No crash loops on VPN revocation, USB disconnect, Wi-Fi change, or sleep.
- Packet parser fuzz corpus runs clean.
- Reproducible release build and signed SBOM.
- Third-party security review before public 1.0.