Skip to content

[PM-33571] llm: Add requirements refinement and planning skills #2445

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
SaintPatrck wants to merge 1 commit into
base: main
Choose a base branch
from
+242 βˆ’66
Draft

[PM-33571] llm: Add requirements refinement and planning skills #2445

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 7 additions & 66 deletions .claude/CLAUDE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,53 +29,13 @@ The app follows a layered architecture: Views send Actions/Effects to a Store, w

### Code Organization

```
β”œβ”€β”€ Bitwarden/ # Password Manager app target
β”‚ └── Application/
β”œβ”€β”€ Authenticator/ # Authenticator app target
β”‚ └── Application/
β”œβ”€β”€ BitwardenShared/ # Main PM shared framework
β”‚ β”œβ”€β”€ Core/ # Data & business logic
β”‚ β”‚ β”œβ”€β”€ Auth/ # Authentication domain
β”‚ β”‚ β”œβ”€β”€ Autofill/ # AutoFill domain
β”‚ β”‚ β”œβ”€β”€ Platform/ # Cross-cutting (services, stores, utilities)
β”‚ β”‚ β”œβ”€β”€ Tools/ # Generator, Send, Import/Export
β”‚ β”‚ └── Vault/ # Vault items domain
β”‚ β”œβ”€β”€ Sourcery/ # Mock generation config + output
β”‚ └── UI/ # UI layer (same subdirectories)
β”‚ β”œβ”€β”€ Auth/
β”‚ β”œβ”€β”€ Autofill/
β”‚ β”œβ”€β”€ Platform/
β”‚ β”œβ”€β”€ Tools/
β”‚ └── Vault/
β”œβ”€β”€ AuthenticatorShared/ # Authenticator shared framework
β”‚ β”œβ”€β”€ Core/ # Same structure as BitwardenShared
β”‚ β”œβ”€β”€ Sourcery/ # Mock generation config + output
β”‚ └── UI/
β”œβ”€β”€ BitwardenKit/ # Common functionality across both apps
β”‚ β”œβ”€β”€ Core/
β”‚ β”‚ └── Platform/Services/ # Has* protocols, ServiceContainer base
β”‚ β”œβ”€β”€ Sourcery/ # Mock generation config + output
β”‚ └── UI/
β”‚ └── Platform/Application/
β”‚ └── Utilities/ # Store, Processor, Coordinator, Alert
β”œβ”€β”€ BitwardenResources/ # Shared assets, fonts, localizations
β”œβ”€β”€ AuthenticatorBridgeKit/ # PM ↔ Authenticator communication
β”œβ”€β”€ Networking/ # URLSession-based networking (Swift package)
β”œβ”€β”€ BitwardenAutoFillExtension/ # AutoFill Credential Provider extension
β”œβ”€β”€ BitwardenActionExtension/ # Action extension (autofill via share sheet)
β”œβ”€β”€ BitwardenShareExtension/ # Share extension (create Sends)
β”œβ”€β”€ BitwardenWatchApp/ # watchOS companion
β”œβ”€β”€ GlobalTestHelpers/ # Shared test utilities
β”œβ”€β”€ Sourcery/Templates/ # Shared Sourcery Stencil templates
β”œβ”€β”€ Configs/ # xcconfig files (Debug/Release per target)
β”œβ”€β”€ Scripts/ # Build, bootstrap, CI scripts
β”œβ”€β”€ TestPlans/ # Xcode test plans
β”œβ”€β”€ Docs/ # Architecture.md, Testing.md
└── project-*.yml # XcodeGen project specs
```
`Bitwarden/`, `Authenticator/` β€” app targets
`BitwardenShared/`, `AuthenticatorShared/`, `BitwardenKit/` β€” shared frameworks; each has `Core/` + `UI/` with fixed subdirs: `Auth/`, `Autofill/`, `Platform/`, `Tools/`, `Vault/`
Copy link
Copy Markdown
Member

@fedemkr fedemkr Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⛏️ Add billing:

Suggested change
`BitwardenShared/`, `AuthenticatorShared/`, `BitwardenKit/` β€” shared frameworks; each has `Core/` + `UI/` with fixed subdirs: `Auth/`, `Autofill/`, `Platform/`, `Tools/`, `Vault/`
`BitwardenShared/`, `AuthenticatorShared/`, `BitwardenKit/` β€” shared frameworks; each has `Core/` + `UI/` with fixed subdirs: `Auth/`, `Autofill/`, `Billing/`, `Platform/`, `Tools/`, `Vault/`

`AuthenticatorBridgeKit/`, `BitwardenResources/`, `Networking/` β€” support frameworks
`BitwardenAutoFillExtension/`, `BitwardenActionExtension/`, `BitwardenShareExtension/`, `BitwardenWatchApp/` β€” extensions
`Docs/`, `Scripts/`, `TestPlans/`, `Configs/`, `Sourcery/Templates/`, `project-*.yml` β€” configuration

**CRITICAL**: Do NOT add new top-level subdirectories to `Core/` or `UI/`. The fixed subdirectories are: `Auth/`, `Autofill/`, `Platform/`, `Tools/`, `Vault/`.
**CRITICAL**: Do NOT add new top-level subdirectories to `Core/` or `UI/`. Fixed: `Auth/`, `Autofill/`, `Platform/`, `Tools/`, `Vault/`.
Copy link
Copy Markdown
Member

@fedemkr fedemkr Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⛏️ Add Billing:

Suggested change
**CRITICAL**: Do NOT add new top-level subdirectories to `Core/` or `UI/`. Fixed: `Auth/`, `Autofill/`, `Platform/`, `Tools/`, `Vault/`.
**CRITICAL**: Do NOT add new top-level subdirectories to `Core/` or `UI/`. Fixed: `Auth/`, `Autofill/`, `Billing/`, `Platform/`, `Tools/`, `Vault/`.


For key principles (unidirectional data flow, dependency injection, coordinator navigation, zero-knowledge), core patterns (Coordinator/Processor/State/View/Action/Effect files), adding new features, adding services/repositories, and common patterns, see `Docs/Architecture.md`.

Expand Down Expand Up @@ -103,32 +63,13 @@ Build configurations use xcconfig files in `Configs/` (Debug/Release per target)

Xcode version requirement: see `.xcode-version` file

### Authentication & Authorization

- **Login flows**: Email+password, SSO, SSO+TDE, passwordless (device approval), biometric unlock, PIN unlock
- **Key derivation**: PBKDF2 or Argon2id (configurable per account)
- **Token lifecycle**: Access tokens refreshed preemptively 5 minutes before expiry (`tokenRefreshThreshold`)
- **Biometric auth**: Touch ID / Face ID unlock via Keychain access control flags
- **Multi-account**: Up to 5 accounts with per-user data isolation (CoreData `userId` scoping)

## Testing

**You MUST follow testing guidelines in `Docs/Testing.md`** (authoritative source for test structure, naming, templates, decision matrix, running tests, and simulator configuration). Snapshot tests are currently disabled β€” prefix function names with `disable`.

## Code Style & Standards

### Core Directives

**You MUST follow these directives at all times:**

1. **Adhere to Architecture**: All code modifications MUST follow patterns in `Docs/Architecture.md`
2. **Follow Code Style**: ALWAYS follow https://contributing.bitwarden.com/contributing/code-style/swift
3. **Follow Testing Guidelines**: Tests MUST follow guidelines in `Docs/Testing.md`
4. **Best Practices**: Follow Swift / SwiftUI best practices (value over reference types, guard clauses, extensions, protocol-oriented programming)
5. **Document Everything**: All code requires DocC documentation except protocol property/function implementations (docs live in the protocol) and mocks
6. **Dependency Management**: Use `ServiceContainer` as established in the project
7. **Use Established Patterns**: Leverage existing components before creating new ones
8. **File References**: Use `file_path:line_number` format when referencing code
Architecture and testing rules are in `Docs/Architecture.md` and `Docs/Testing.md` (authoritative). Key style rules are inline below.

### Formatting

Expand Down
38 changes: 38 additions & 0 deletions .claude/commands/plan-ios-work.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
---
description: Plan implementation for a Bitwarden iOS Jira ticket or task description. Fetches requirements, performs gap analysis, designs the implementation approach, and saves a design doc to .claude/outputs/plans/.
argument-hint: <PM-XXXXX ticket ID or task description>
---

# Plan iOS Work: $ARGUMENTS

## Phase 1: Ingest Requirements

If `$ARGUMENTS` looks like a Jira ticket ID (e.g., `PM-12345` or `BWA-456`):
- Fetch the ticket: `mcp__plugin_bitwarden-atlassian-tools_bitwarden-atlassian__get_issue`
- Fetch comments for context: `mcp__plugin_bitwarden-atlassian-tools_bitwarden-atlassian__get_issue_comments`

If `$ARGUMENTS` is a description, use it directly as the requirements source.

## Phase 2: Refine Requirements

Invoke the `refining-ios-requirements` skill to:
- Extract structured requirements and acceptance criteria
- Perform gap analysis (error states, edge cases, extensions, accessibility)
- Map to iOS domain (Auth/Autofill/Platform/Tools/Vault)
Copy link
Copy Markdown
Member

@fedemkr fedemkr Mar 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎨 Billing is being added as well.

Suggested change
- Map to iOS domain (Auth/Autofill/Platform/Tools/Vault)
- Map to iOS domain (Auth/Autofill/Billing/Platform/Tools/Vault)


**Pause here**: Present requirements to user and confirm accuracy before proceeding.

## Phase 3: Plan Implementation

Once requirements are confirmed, invoke the `planning-ios-implementation` skill to:
- Classify the change type
Copy link
Copy Markdown
Member

@fedemkr fedemkr Mar 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❓ Maybe it's defined in another place but which would be the possible change types? Or is it just general for the LLM to figure out?

- Explore existing similar patterns in the codebase
- List all files to create/modify with domain placement
- Order implementation into dependency-ordered phases
- Assess risks (security, extensions, multi-account, SDK)

## Phase 4: Save Design Doc

Save the complete plan to `.claude/outputs/plans/<ticket-id>.md`.

**Final output**: "Plan saved to `.claude/outputs/plans/<ticket-id>.md`. Ready to implement with `/work-on-ios <ticket-id>`."
98 changes: 98 additions & 0 deletions .claude/skills/planning-ios-implementation/SKILL.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
---
name: planning-ios-implementation
description: Plan implementation, design an approach, or create an architecture plan for a Bitwarden iOS feature. Use when asked to "plan implementation", "design approach", "architecture plan", "how should I implement", "what files do I need", or to create a design doc before writing code.
---

# Planning iOS Implementation

Use this skill to design a complete implementation plan before writing code. Output is saved as a design document.

## Prerequisites

- Requirements must be clear. If not, invoke `refining-ios-requirements` first.
- Read `Docs/Architecture.md` before proceeding β€” it is the authoritative source for all patterns.

Comment on lines +10 to +14
Copy link
Copy Markdown
Member

@fedemkr fedemkr Mar 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

πŸ€” Should it also read the Testing.md file as prerequisite? As sometimes having the structure to be testable changes how it's implemented.

## Step 1: Classify the Change

Determine what type of change this is:
- **New feature** (new screen + full file-set): Coordinator, Processor, State, Action, Effect, View, Route
- **Enhancement** (modify existing screen): Identify which existing files change
- **New service/repository**: Protocol + Default implementation + Has* protocol + Mock
- **Bug fix**: Identify root cause file(s)
- **Data model change**: CoreData schema + migration if needed

## Step 2: Explore Existing Patterns

Search the codebase for similar existing implementations to follow:
- Find a similar existing feature in the same domain
- Identify which services/repositories it uses
- Note how its Coordinator, Processor, and View are structured
- Check if `BitwardenKit/UI/` has reusable components for the new UI

## Step 3: List Files to Create/Modify

For each file, specify path, action (create/modify), domain placement, and purpose. Group by layer:

```
### New Files (Create)

#### Core Layer
- `BitwardenShared/Core/<Domain>/<Feature>/Services/<Feature>Service.swift`
- Protocol + Default<Feature>Service + Has<Feature>Service

#### UI Layer
- `BitwardenShared/UI/<Domain>/<Feature>/<Feature>Coordinator.swift`
- `BitwardenShared/UI/<Domain>/<Feature>/<Feature>Processor.swift`
- `BitwardenShared/UI/<Domain>/<Feature>/<Feature>State.swift`
- `BitwardenShared/UI/<Domain>/<Feature>/<Feature>Action.swift`
- `BitwardenShared/UI/<Domain>/<Feature>/<Feature>Effect.swift`
- `BitwardenShared/UI/<Domain>/<Feature>/<Feature>View.swift`

#### Tests (co-located with implementation)
- `BitwardenShared/UI/<Domain>/<Feature>/<Feature>ProcessorTests.swift`
- `BitwardenShared/Core/<Domain>/<Feature>/Services/<Feature>ServiceTests.swift`

### Modified Files
- `BitwardenShared/Core/Platform/Services/ServiceContainer.swift` β€” Add new service
- `<Existing>Coordinator.swift` β€” Add new route
```

## Step 4: Dependency-Ordered Implementation Phases

Order phases so each builds on the previous:

```
### Phase 1: Data / Core Layer
Models, CoreData entities (if needed), service protocols, repository protocols

### Phase 2: Service/Repository Implementations
Default<Name>Service/Repository β€” business logic, SDK calls, network

### Phase 3: Processor + State
StateProcessor subclass, State struct, Action enum, Effect enum

### Phase 4: View + Coordinator
SwiftUI View with store.binding, Coordinator with routes, navigation wiring

### Phase 5: DI Wiring
ServiceContainer extensions, Has* protocol additions
Comment on lines +71 to +78
Copy link
Copy Markdown
Member

@fedemkr fedemkr Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⛏️ I would put DI Wiring as Phase 3 and then continue with the order established here as processors may need from the Has protocols.

Suggested change
### Phase 3: Processor + State
StateProcessor subclass, State struct, Action enum, Effect enum
### Phase 4: View + Coordinator
SwiftUI View with store.binding, Coordinator with routes, navigation wiring
### Phase 5: DI Wiring
ServiceContainer extensions, Has* protocol additions
### Phase 3: DI Wiring
ServiceContainer extensions, Has* protocol additions
### Phase 4: Processor + State
StateProcessor subclass, State struct, Action enum, Effect enum
### Phase 5: View + Coordinator
SwiftUI View with store.binding, Coordinator with routes, navigation wiring


### Phase 6: Tests
ProcessorTests (action/effect paths), ServiceTests (business logic), ViewTests (snapshots if UI)
```

## Step 5: Risk Assessment

Identify risks and mitigations:
- **Security**: Does this touch vault data, auth tokens, or Keychain? β†’ Security review required
- **Extensions**: Does this affect AutoFill/Action extensions? β†’ Memory limit check needed
Copy link
Copy Markdown
Member

@fedemkr fedemkr Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⛏️ Also Share extension should be included.

Suggested change
- **Extensions**: Does this affect AutoFill/Action extensions? β†’ Memory limit check needed
- **Extensions**: Does this affect AutoFill/Action/Share extensions? β†’ Memory limit check needed

- **Multi-account**: Does this need per-account isolation? β†’ CoreData userId scoping
- **SDK dependency**: Does this require BitwardenSdk changes? β†’ Coordinate with SDK team

## Step 6: Save Design Document

Save the plan to `.claude/outputs/plans/<ticket-id>.md`.

## Confirm Before Proceeding

Present the plan to the user and ask: "Here is the implementation plan. Should I proceed with implementation?"
99 changes: 99 additions & 0 deletions .claude/skills/refining-ios-requirements/SKILL.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
---
name: refining-ios-requirements
description: Refine requirements, analyze a ticket, perform gap analysis, or clarify what a Jira/Confluence ticket is asking before coding in Bitwarden iOS. Use when asked to "refine requirements", "analyze ticket", "gap analysis", "clarify ticket", "what does this ticket mean", or to understand scope before implementation begins.
---

# Refining iOS Requirements

Use this skill to analyze a Jira or Confluence ticket and produce structured, implementation-ready requirements before writing any code.

## Step 1: Ingest the Ticket

If a ticket ID or URL is provided, fetch it via MCP:
- Use `mcp__plugin_bitwarden-atlassian-tools_bitwarden-atlassian__get_issue` for Jira tickets
- Use `mcp__plugin_bitwarden-atlassian-tools_bitwarden-atlassian__get_issue_comments` for additional context
- Use `mcp__plugin_bitwarden-atlassian-tools_bitwarden-atlassian__get_confluence_page` for Confluence specs

If no ticket is provided, ask for a description of the requirements.

## Step 2: Extract Requirements

Identify and list:
1. **Core functionality**: What must this feature/fix do?
2. **Acceptance criteria**: What defines "done"?
3. **Out of scope**: What is explicitly excluded?
4. **Dependencies**: Other tickets, SDK changes, API endpoints needed?

## Step 3: Gap Analysis

Identify unstated requirements the ticket may have missed:

**Error states**
- Network errors, timeout, server errors
- Validation failures, empty states
- SDK errors (encryption/decryption failures)

**Edge cases**
- Multi-account scenarios (up to 5 accounts)
Copy link
Copy Markdown
Member

@fedemkr fedemkr Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⛏️ Is it actually needed to state there are a maximum of 5 accounts here?

- Account switching during the operation
- Locked vs unlocked vault state
- Empty vault / first-time user

**Platform concerns**
- App extension impact (AutoFill, Action, Share β€” memory limits apply)
- watchOS companion impact (if vault data is involved)
Copy link
Copy Markdown
Member

@fedemkr fedemkr Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⛏️ Particularly TOTP.

Suggested change
- watchOS companion impact (if vault data is involved)
- watchOS companion impact (if vault data is involved, specially TOTP data)

- Offline mode behavior

**Accessibility**
- VoiceOver labels for new UI elements
- Dynamic Type support
- Keyboard navigation

## Step 4: Map to iOS Domain

Determine which Bitwarden iOS domain(s) are involved:
- **Auth/**: Authentication, login, unlock, key derivation
- **Autofill/**: Credential provider, autofill flows
- **Platform/**: Cross-cutting concerns, services, utilities
- **Tools/**: Generator, Send, Import/Export
- **Vault/**: Cipher management, folders, collections
Comment on lines +54 to +59
Copy link
Copy Markdown
Member

@fedemkr fedemkr Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎨 Include Billing as well.

Suggested change
Determine which Bitwarden iOS domain(s) are involved:
- **Auth/**: Authentication, login, unlock, key derivation
- **Autofill/**: Credential provider, autofill flows
- **Platform/**: Cross-cutting concerns, services, utilities
- **Tools/**: Generator, Send, Import/Export
- **Vault/**: Cipher management, folders, collections
Determine which Bitwarden iOS domain(s) are involved:
- **Auth/**: Authentication, login, unlock, key derivation
- **Autofill/**: Credential provider, autofill flows
- **Billing/**: Billing flows
- **Platform/**: Cross-cutting concerns, services, utilities
- **Tools/**: Generator, Send, Import/Export
- **Vault/**: Cipher management, folders, collections


Determine which app(s) are affected:
- **BitwardenShared**: Password Manager
- **AuthenticatorShared**: Authenticator
- **Both**: If the feature touches shared components

## Step 5: Output Structured Requirements

```markdown
## Ticket: [PM-XXXXX] β€” [Title]

### What
[1-2 sentence summary of what needs to be built]

### Why
[Business/user reason for the change]

### Acceptance Criteria
1. [Criterion 1]
2. [Criterion 2]

### Gap Analysis
**Unstated requirements identified:**
- [ ] Error state: [description]
- [ ] Edge case: [description]
- [ ] Platform concern: [description]

**Clarifying questions (if any):**
1. [Question for product/design]

### Scope
- **Domain**: [Auth / Autofill / Platform / Tools / Vault]
Copy link
Copy Markdown
Member

@fedemkr fedemkr Mar 30, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⛏️ Add billing:

Suggested change
- **Domain**: [Auth / Autofill / Platform / Tools / Vault]
- **Domain**: [Auth / Autofill / Billing / Platform / Tools / Vault]

- **App(s)**: [Password Manager / Authenticator / Both]
- **Extensions affected**: [AutoFill / Action / Share / Watch / None]
- **Out of scope**: [explicit exclusions]
```

## Confirm Before Proceeding

Present the structured requirements to the user and ask: "Are these requirements accurate? Should I proceed with planning the implementation?"
Loading