Add dependency tree audit for F-Droid submission

[wksantiago]

Summary by CodeRabbit

• Documentation
  • Added release dependency audit documentation and Gradle dependency tree reference materials for internal tracking and compliance purposes.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: f5bfd166-f650-4a1e-a63b-d277961a7f31

📥 Commits

Reviewing files that changed from the base of the PR and between 013c6e8 and 85fc9d7.

📒 Files selected for processing (2)

• docs/audit/dependency-audit.md
• docs/audit/release-dependencies.txt

---

Walkthrough

Two new documentation files added to record a release dependency audit: a detailed audit report analyzing the releaseRuntimeClasspath configuration, identifying Google proprietary dependencies and listing OSS components, plus a Gradle dependency tree snapshot capturing resolved and constrained transitive dependencies with reproducibility metadata.

Changes

Cohort / File(s)	Summary
Dependency Audit Documentation docs/audit/dependency-audit.md, docs/audit/release-dependencies.txt	Added audit report documenting release classpath analysis, including dependency metrics, identified proprietary components (ML Kit and Play Services artifacts), OSS inventory, and recommended follow-up actions for dependency replacement and CI checks. Includes raw Gradle dependency tree snapshot for reproducibility.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Poem

🐰 Hop hop, the audit's done with care,
Dependencies mapped everywhere,
Google's relics now laid bare,
ZXing awaits with open air,
A cleaner classpath, fresh and fair! 🌟

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: adding dependency audit documentation for F-Droid submission, which directly reflects the two new audit files added.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch Audit-dependency-tree

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[kwsantiago]

Closing without merge. The audit on this branch was a pre-swap snapshot. PR #248 (merged to main) resolved all 17 flagged artifacts by replacing ML Kit with ZXing, so the audit document on this branch is now stale. Remaining follow-ups tracked in #250 (exodus scan) and #251 (CI guard).