[GH-ISSUE #687] feat(metadata): canonical schema, strict decoding, and deterministic file I/O #186

Closed
opened 2026-02-26 21:33:56 +03:00 by kerem · 0 comments
Owner

Originally created by @rudrankriyam on GitHub (Feb 20, 2026).
Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/687

Parent

Summary

Build the shared metadata foundation used by pull, push, and validate so command behavior is deterministic, safe, and strict by default.

Why

Without a canonical model + strict parsing, higher-level metadata commands will drift, produce non-deterministic plans, and hide schema mistakes.

Scope

  • Define canonical metadata model for phase-1 fields:
    • Version localization: description, keywords, marketingUrl, promotionalText, supportUrl, whatsNew
    • App-info localization: name, subtitle, privacyPolicyUrl, privacyChoicesUrl, privacyPolicyText
  • Define canonical on-disk schema:
    • metadata/app-info/<locale>.json
    • metadata/version/<version>/<locale>.json
  • Implement strict JSON decoding with unknown-key rejection.
  • Implement deterministic JSON writing (stable field ordering + stable file ordering).
  • Implement safe file read/write wrappers for metadata paths (no symlink traversal / safe overwrite semantics).

Detailed Tasks

  • Add metadata model types under internal/cli/metadata (or equivalent package).
  • Add strict decoder helper using json.Decoder + DisallowUnknownFields.
  • Add validation helper for required vs optional fields per schema.
  • Add deterministic serializer used by pull and test fixtures.
  • Add safe path handling + secure writes using shared safe-write primitives.
  • Add reusable normalization helpers (trim/empty handling) used by planner and validator.

Test Plan (TDD)

  • Unit: unknown JSON keys fail with usage-oriented error text.
  • Unit: deterministic serialization remains byte-stable for same logical input.
  • Unit: locale/version path parsing rejects traversal/invalid layouts.
  • Unit: symlink paths are rejected for read/write.
  • Unit: required field rules are enforced per schema.

Acceptance Criteria

  • Foundation package compiles and is reusable by all metadata subcommands.
  • Strict unknown-key behavior is implemented and covered by tests.
  • Deterministic write behavior is implemented and covered by tests.
  • Safety constraints (no symlink traversal) are enforced and tested.

Out of Scope

  • CLI command wiring for metadata pull/push/validate (handled in follow-up issues).
Originally created by @rudrankriyam on GitHub (Feb 20, 2026). Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/687 ## Parent - #587 ## Summary Build the shared metadata foundation used by `pull`, `push`, and `validate` so command behavior is deterministic, safe, and strict by default. ## Why Without a canonical model + strict parsing, higher-level metadata commands will drift, produce non-deterministic plans, and hide schema mistakes. ## Scope - Define canonical metadata model for phase-1 fields: - Version localization: `description`, `keywords`, `marketingUrl`, `promotionalText`, `supportUrl`, `whatsNew` - App-info localization: `name`, `subtitle`, `privacyPolicyUrl`, `privacyChoicesUrl`, `privacyPolicyText` - Define canonical on-disk schema: - `metadata/app-info/<locale>.json` - `metadata/version/<version>/<locale>.json` - Implement strict JSON decoding with unknown-key rejection. - Implement deterministic JSON writing (stable field ordering + stable file ordering). - Implement safe file read/write wrappers for metadata paths (no symlink traversal / safe overwrite semantics). ## Detailed Tasks - [ ] Add metadata model types under `internal/cli/metadata` (or equivalent package). - [ ] Add strict decoder helper using `json.Decoder` + `DisallowUnknownFields`. - [ ] Add validation helper for required vs optional fields per schema. - [ ] Add deterministic serializer used by `pull` and test fixtures. - [ ] Add safe path handling + secure writes using shared safe-write primitives. - [ ] Add reusable normalization helpers (trim/empty handling) used by planner and validator. ## Test Plan (TDD) - [ ] Unit: unknown JSON keys fail with usage-oriented error text. - [ ] Unit: deterministic serialization remains byte-stable for same logical input. - [ ] Unit: locale/version path parsing rejects traversal/invalid layouts. - [ ] Unit: symlink paths are rejected for read/write. - [ ] Unit: required field rules are enforced per schema. ## Acceptance Criteria - [ ] Foundation package compiles and is reusable by all metadata subcommands. - [ ] Strict unknown-key behavior is implemented and covered by tests. - [ ] Deterministic write behavior is implemented and covered by tests. - [ ] Safety constraints (no symlink traversal) are enforced and tested. ## Out of Scope - CLI command wiring for `metadata pull/push/validate` (handled in follow-up issues).
kerem 2026-02-26 21:33:56 +03:00
Sign in to join this conversation.
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/App-Store-Connect-CLI#186
No description provided.