starred/App-Store-Connect-CLI

Fork 0

mirror of https://github.com/rudrankriyam/App-Store-Connect-CLI.git synced 2026-04-25 23:55:51 +03:00

[GH-ISSUE #774] Add web review-submissions listing (incl. UNRESOLVED_ISSUES) #211

New issue

Closed

opened 2026-02-26 21:34:01 +03:00 by kerem · 2 comments

kerem commented

2026-02-26 21:34:01 +03:00

Owner

Originally created by @rudrankriyam on GitHub (Feb 25, 2026).
Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/774

Problem

asc needs first-class visibility into App Store review submission lifecycle via web/iris endpoints, especially to surface UNRESOLVED_ISSUES and related states in a scriptable way.

Today, this is only visible in ASC UI and is hard to automate for triage/reporting.

Scope

Add read-only commands that list review submissions for an app and expose submission state, submission timestamp, and high-level item context.

Endpoint Contract (Observed)

List submissions for app:

GET /iris/v1/apps/{appId}/reviewSubmissions?include=appStoreVersionForReview,items,lastUpdatedByActor,submittedByActor,createdByActor&limit=2000&limit[items]=0

Fetch one submission:

GET /iris/v1/reviewSubmissions/{reviewSubmissionId}?include=appStoreVersionForReview,items,lastUpdatedByActor,submittedByActor,createdByActor&limit[items]=0

Fetch submission items:

GET /iris/v1/reviewSubmissions/{reviewSubmissionId}/items?include=appCustomProductPageVersion,appEvent,appStoreVersion,appStoreVersionExperiment,backgroundAssetVersion,gameCenterAchievementVersion,gameCenterLeaderboardVersion,gameCenterLeaderboardSetVersion,gameCenterChallengeVersion,gameCenterActivityVersion&limit=200

States To Support

At minimum:

READY_FOR_REVIEW
WAITING_FOR_REVIEW
IN_REVIEW
UNRESOLVED_ISSUES
CANCELING
COMPLETING
COMPLETE

Proposed Command UX

asc web submissions list --app <app-id>
asc web submissions list --app <app-id> --state <csv>
asc web submissions show --id <review-submission-id>
asc web submissions items --id <review-submission-id>

Output behavior:

default: minified JSON
optional: --output table and --output markdown

Output Schema Expectations

For list:

id
state
submittedDate
platform (when derivable)
appStoreVersionForReview.id/version/platform (if included)
submittedByActor / lastUpdatedByActor (if available)

For items:

item.id
related entity type (appStoreVersion, appEvent, etc.)
related resource id(s)

Error Handling / Edge Cases

401/403 web-session auth failures -> clear action message (asc web auth login)
empty data should return exit 0 with []
unknown state filters should fail with exit code 2 and explicit validation error
missing/invalid app id should fail with exit code 2

Auth / Security Notes

This is web-session (iris) mode; not standard API-key ASC REST flow.
Avoid logging cookies or session headers in debug output.

Implementation Notes

Add web client methods for submissions list/get/items.
Reuse existing web auth/session plumbing.
Keep command wiring in internal/cli/web and registration in internal/cli/registry/registry.go.

Test Plan (RED -> GREEN)

cmdtest: list --app happy path returns expected JSON fields.
cmdtest: list --state UNRESOLVED_ISSUES filters output.
cmdtest: invalid --state exits 2 with stderr assertion.
cmdtest: auth/session error returns actionable error text.
unit tests: response normalization for optional relationships.
cmdtest: show --id and items --id parse include-heavy payloads.

Definition of Done

Commands above implemented and documented in --help and docs.
JSON/table/markdown output verified.
ASC_BYPASS_KEYCHAIN=1 make test includes new coverage.
No regression in existing web command set.

Originally created by @rudrankriyam on GitHub (Feb 25, 2026). Original GitHub issue: https://github.com/rudrankriyam/App-Store-Connect-CLI/issues/774 ## Problem `asc` needs first-class visibility into App Store review submission lifecycle via web/iris endpoints, especially to surface `UNRESOLVED_ISSUES` and related states in a scriptable way. Today, this is only visible in ASC UI and is hard to automate for triage/reporting. ## Scope Add read-only commands that list review submissions for an app and expose submission state, submission timestamp, and high-level item context. ## Endpoint Contract (Observed) 1) List submissions for app: - `GET /iris/v1/apps/{appId}/reviewSubmissions?include=appStoreVersionForReview,items,lastUpdatedByActor,submittedByActor,createdByActor&limit=2000&limit[items]=0` 2) Fetch one submission: - `GET /iris/v1/reviewSubmissions/{reviewSubmissionId}?include=appStoreVersionForReview,items,lastUpdatedByActor,submittedByActor,createdByActor&limit[items]=0` 3) Fetch submission items: - `GET /iris/v1/reviewSubmissions/{reviewSubmissionId}/items?include=appCustomProductPageVersion,appEvent,appStoreVersion,appStoreVersionExperiment,backgroundAssetVersion,gameCenterAchievementVersion,gameCenterLeaderboardVersion,gameCenterLeaderboardSetVersion,gameCenterChallengeVersion,gameCenterActivityVersion&limit=200` ## States To Support At minimum: - `READY_FOR_REVIEW` - `WAITING_FOR_REVIEW` - `IN_REVIEW` - `UNRESOLVED_ISSUES` - `CANCELING` - `COMPLETING` - `COMPLETE` ## Proposed Command UX - `asc web submissions list --app <app-id>` - `asc web submissions list --app <app-id> --state <csv>` - `asc web submissions show --id <review-submission-id>` - `asc web submissions items --id <review-submission-id>` Output behavior: - default: minified JSON - optional: `--output table` and `--output markdown` ## Output Schema Expectations For `list`: - `id` - `state` - `submittedDate` - `platform` (when derivable) - `appStoreVersionForReview.id/version/platform` (if included) - `submittedByActor` / `lastUpdatedByActor` (if available) For `items`: - `item.id` - related entity type (`appStoreVersion`, `appEvent`, etc.) - related resource id(s) ## Error Handling / Edge Cases - 401/403 web-session auth failures -> clear action message (`asc web auth login`) - empty data should return exit 0 with `[]` - unknown state filters should fail with exit code 2 and explicit validation error - missing/invalid app id should fail with exit code 2 ## Auth / Security Notes - This is web-session (`iris`) mode; not standard API-key ASC REST flow. - Avoid logging cookies or session headers in debug output. ## Implementation Notes - Add web client methods for submissions list/get/items. - Reuse existing web auth/session plumbing. - Keep command wiring in `internal/cli/web` and registration in `internal/cli/registry/registry.go`. ## Test Plan (RED -> GREEN) 1) cmdtest: `list --app` happy path returns expected JSON fields. 2) cmdtest: `list --state UNRESOLVED_ISSUES` filters output. 3) cmdtest: invalid `--state` exits 2 with stderr assertion. 4) cmdtest: auth/session error returns actionable error text. 5) unit tests: response normalization for optional relationships. 6) cmdtest: `show --id` and `items --id` parse include-heavy payloads. ## Definition of Done - Commands above implemented and documented in `--help` and docs. - JSON/table/markdown output verified. - `ASC_BYPASS_KEYCHAIN=1 make test` includes new coverage. - No regression in existing `web` command set.

kerem closed this issue

2026-02-26 21:34:02 +03:00

kerem commented

2026-02-26 21:34:02 +03:00

Author

Owner

@rudrankriyam commented on GitHub (Feb 25, 2026):

Closing this issue to keep scope focused on genuinely non-OpenAPI endpoints. is already present in our OpenAPI snapshot (, , ), so follow-up work should target Resolution Center/rejection attachment web-only surfaces instead.

@rudrankriyam commented on GitHub (Feb 25, 2026): Closing this issue to keep scope focused on genuinely non-OpenAPI endpoints. is already present in our OpenAPI snapshot (, , ), so follow-up work should target Resolution Center/rejection attachment web-only surfaces instead.

kerem commented

2026-02-26 21:34:02 +03:00

Author

Owner

@rudrankriyam commented on GitHub (Feb 25, 2026):

Closing rationale: this issue overlaps endpoints already present in our OpenAPI snapshot.

Spec-backed endpoints already covered:

/v1/apps/{id}/reviewSubmissions
/v1/reviewSubmissions/{id}
/v1/reviewSubmissions/{id}/items

To keep scope clean, follow-up work should focus on genuinely non-OpenAPI surfaces (Resolution Center threads/messages/rejections and rejection attachments/screenshots).

@rudrankriyam commented on GitHub (Feb 25, 2026): Closing rationale: this issue overlaps endpoints already present in our OpenAPI snapshot. Spec-backed endpoints already covered: - /v1/apps/{id}/reviewSubmissions - /v1/reviewSubmissions/{id} - /v1/reviewSubmissions/{id}/items To keep scope clean, follow-up work should focus on genuinely non-OpenAPI surfaces (Resolution Center threads/messages/rejections and rejection attachments/screenshots).

kerem referenced this issue

2026-02-26 21:34:45 +03:00

[PR #211] [CLOSED] Subscription group JSON key #356