[GH-ISSUE #687] feat(metadata): canonical schema, strict decoding, and deterministic file I/O #186

New issue

Closed

opened 2026-02-26 21:33:56 +03:00 by kerem · 0 comments

kerem commented

2026-02-26 21:33:56 +03:00

Owner

Copy link

Originally created by @rudrankriyam on GitHub (Feb 20, 2026).
Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/687

Parent

#587

Summary

Build the shared metadata foundation used by pull, push, and validate so command behavior is deterministic, safe, and strict by default.

Why

Without a canonical model + strict parsing, higher-level metadata commands will drift, produce non-deterministic plans, and hide schema mistakes.

Scope

Define canonical metadata model for phase-1 fields:
- Version localization: description, keywords, marketingUrl, promotionalText, supportUrl, whatsNew
- App-info localization: name, subtitle, privacyPolicyUrl, privacyChoicesUrl, privacyPolicyText
Define canonical on-disk schema:
- metadata/app-info/<locale>.json
- metadata/version/<version>/<locale>.json
Implement strict JSON decoding with unknown-key rejection.
Implement deterministic JSON writing (stable field ordering + stable file ordering).
Implement safe file read/write wrappers for metadata paths (no symlink traversal / safe overwrite semantics).

Detailed Tasks

Add metadata model types under internal/cli/metadata (or equivalent package).
Add strict decoder helper using json.Decoder + DisallowUnknownFields.
Add validation helper for required vs optional fields per schema.
Add deterministic serializer used by pull and test fixtures.
Add safe path handling + secure writes using shared safe-write primitives.
Add reusable normalization helpers (trim/empty handling) used by planner and validator.

Test Plan (TDD)

Unit: unknown JSON keys fail with usage-oriented error text.
Unit: deterministic serialization remains byte-stable for same logical input.
Unit: locale/version path parsing rejects traversal/invalid layouts.
Unit: symlink paths are rejected for read/write.
Unit: required field rules are enforced per schema.

Acceptance Criteria

Foundation package compiles and is reusable by all metadata subcommands.
Strict unknown-key behavior is implemented and covered by tests.
Deterministic write behavior is implemented and covered by tests.
Safety constraints (no symlink traversal) are enforced and tested.

Out of Scope

CLI command wiring for metadata pull/push/validate (handled in follow-up issues).

Originally created by @rudrankriyam on GitHub (Feb 20, 2026). Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/687 ## Parent - #587 ## Summary Build the shared metadata foundation used by `pull`, `push`, and `validate` so command behavior is deterministic, safe, and strict by default. ## Why Without a canonical model + strict parsing, higher-level metadata commands will drift, produce non-deterministic plans, and hide schema mistakes. ## Scope - Define canonical metadata model for phase-1 fields: - Version localization: `description`, `keywords`, `marketingUrl`, `promotionalText`, `supportUrl`, `whatsNew` - App-info localization: `name`, `subtitle`, `privacyPolicyUrl`, `privacyChoicesUrl`, `privacyPolicyText` - Define canonical on-disk schema: - `metadata/app-info/<locale>.json` - `metadata/version/<version>/<locale>.json` - Implement strict JSON decoding with unknown-key rejection. - Implement deterministic JSON writing (stable field ordering + stable file ordering). - Implement safe file read/write wrappers for metadata paths (no symlink traversal / safe overwrite semantics). ## Detailed Tasks - [ ] Add metadata model types under `internal/cli/metadata` (or equivalent package). - [ ] Add strict decoder helper using `json.Decoder` + `DisallowUnknownFields`. - [ ] Add validation helper for required vs optional fields per schema. - [ ] Add deterministic serializer used by `pull` and test fixtures. - [ ] Add safe path handling + secure writes using shared safe-write primitives. - [ ] Add reusable normalization helpers (trim/empty handling) used by planner and validator. ## Test Plan (TDD) - [ ] Unit: unknown JSON keys fail with usage-oriented error text. - [ ] Unit: deterministic serialization remains byte-stable for same logical input. - [ ] Unit: locale/version path parsing rejects traversal/invalid layouts. - [ ] Unit: symlink paths are rejected for read/write. - [ ] Unit: required field rules are enforced per schema. ## Acceptance Criteria - [ ] Foundation package compiles and is reusable by all metadata subcommands. - [ ] Strict unknown-key behavior is implemented and covered by tests. - [ ] Deterministic write behavior is implemented and covered by tests. - [ ] Safety constraints (no symlink traversal) are enforced and tested. ## Out of Scope - CLI command wiring for `metadata pull/push/validate` (handled in follow-up issues).

kerem

2026-02-26 21:33:56 +03:00

closed this issue
added the
enhancement
label

kerem referenced this issue

2026-02-26 21:34:41 +03:00

[PR #186] [MERGED] Credential default flag reconciliation #347

No Branch/Tag specified

main

1.2.6

1.2.5

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.1

1.1.0

1.0.1

1.0.0

0.49.1

0.49.0

0.48.1

0.48.0

0.47.1

0.47.0

0.46.2

0.46.1

0.46.0

0.45.4

0.45.3

0.45.2

0.45.1

0.45.0

0.44.2

0.44.1

0.44.0

0.43.0

0.42.0

0.41.4

0.41.3

0.41.2

0.41.1

0.41.0

0.40.1

0.40.0

0.39.1

0.39.0

0.38.3

0.38.2

0.38.1

0.38.0

0.37.3

0.37.2

0.37.1

0.37.0

0.36.3

0.36.2

0.36.1

0.36.0

0.35.3

0.35.2

0.35.1

0.35.0

0.34.1

0.34.0

0.33.2

0.33.1

0.33.0

0.32.0

0.31.3

0.31.2

0.31.1

0.31.0

0.30.0

0.29.3

0.29.2

0.29.1

0.29.0

0.28.14

0.28.13

0.28.12

0.28.11

0.28.10

0.28.9

0.28.8

0.28.7

0.28.6

0.28.5

0.28.4

0.28.3

0.28.2

0.28.1

0.28.0

0.27.0

0.26.4

0.26.3

0.26.2

0.26.1

0.26.0

0.25.4

0.25.3

0.25.1

0.25.0

0.24.3

0.24.2

0.24.1

0.24.0

0.23.5

0.23.4

0.23.3

0.23.2

0.23.1

0.23.0

0.22.1

0.22.0

0.21.0

0.20.2

0.20.1

0.20.0

0.19.3

0.19.2

0.19.1

0.19.0

0.18.2

0.18.1

0.18.0

0.17.0

0.16.0

0.15.0

0.14.0

0.13.0

0.12.4

0.12.3

0.12.2

0.12.1

0.12.0

0.11.0

0.10.2

0.10.1

0.10.0

0.9.0

0.8.1

0.8.0

0.7.0

0.6.0

0.5.0

0.3.1

0.3.0

0.2.0

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Labels

Clear labels

Mirrored from GitHub Pull Request

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/App-Store-Connect-CLI#186

Reference in a new issue

Repository

starred/App-Store-Connect-CLI

Title

Body

No description provided.

Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?

Rows
Columns