@daemux/store-automator 0.10.94 → 0.10.95

package/.claude-plugin/marketplace.json

@@ -5,14 +5,14 @@
   },
   "metadata": {
     "description": "App Store & Google Play automation for Flutter apps",
-    "version": "0.10.94"
+    "version": "0.10.95"
   },
   "plugins": [
     {
       "name": "store-automator",
       "source": "./plugins/store-automator",
       "description": "3 agents for app store publishing: reviewer, meta-creator, media-designer",
-      "version": "0.10.94",
+      "version": "0.10.95",
       "keywords": [
         "flutter",
         "app-store",

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@daemux/store-automator",
-  "version": "0.10.94",
+  "version": "0.10.95",
   "description": "Full App Store & Google Play automation for Flutter apps with Claude Code agents",
   "type": "module",
   "bin": {

package/plugins/store-automator/.claude-plugin/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "store-automator",
-  "version": "0.10.94",
+  "version": "0.10.95",
   "description": "App Store & Google Play automation agents for Flutter app publishing",
   "author": {
     "name": "Daemux"

package/templates/scripts/ci/ios-native/autoupdate_check.sh

@@ -69,5 +69,51 @@ git config user.email >/dev/null 2>&1 || \
 # modifying its own triggers). Consumer-side deploy.yml updates require
 # manual `npx --yes @daemux/swift-app-ci` by the user. Document this in
 # the action README and changelog when shipping a deploy.yml schema change.
-git add -A .github/actions/swift-app/ 2>/dev/null || true
-echo "autoupdate: staged refreshed action files (deploy.yml not staged — see comment)"
+
+# Stage everything under the vendored action dir EXCEPT Python bytecode
+# caches. The action's own scripts run during this CI job and Python
+# generates `__pycache__/*.pyc` files inside scripts/ as a side effect of
+# importing them. Those caches are build artifacts of *this* run, not part
+# of the action distribution -- sweeping them into the autoupdate bot
+# commit is benign but noisy (every clean run emits a "refresh
+# __pycache__" diff). `git ls-files -mo` enumerates modified+other
+# (untracked) paths under the directory; we filter out anything matching
+# `/__pycache__/` or ending in `.pyc`, then feed the rest to `git add -f`.
+#
+# We deliberately do NOT pass `--exclude-standard`: that flag would make
+# ls-files honor the consumer's .gitignore at discovery time. If a
+# consumer ignores e.g. `.daemux-version` or any other autoupdate-managed
+# path, ls-files would silently drop it and the bot commit would never
+# refresh that file -- defeating the autoupdate. The matching `-f` on
+# `git add` already overrides .gitignore at staging time, so the only
+# files we want to filter are the bytecode caches above, which our
+# explicit grep handles deterministically.
+#
+# Empty-input guard: BSD xargs (default on macos-15 runners) does NOT
+# support `-r`/`--no-run-if-empty`, so on a clean tree where the grep
+# filter strips everything, piping an empty stream into `xargs git add`
+# would invoke `git add -f --` with no positional arguments. That exits
+# 129 ("Nothing specified, nothing added"), which `set -euo pipefail`
+# treats as fatal even though it's the no-op case we want. Capture to a
+# variable first and skip the xargs call when empty -- portable across
+# both BSD and GNU xargs.
+#
+# We deliberately do NOT pass `--directory`: with that flag, `git ls-files`
+# collapses any *new* untracked directory to a single entry (the directory
+# path itself), e.g. it would emit `.github/actions/swift-app/scripts/`
+# instead of enumerating its files. If such a collapsed parent contains
+# `__pycache__/` children, our grep would NOT match `__pycache__/` against
+# the parent path -- the directory entry would slip past the filter and
+# `git add -f <dir>` would recurse into it, dragging the bytecode caches
+# in with everything else. Without `--directory`, ls-files enumerates
+# every individual untracked file path so the grep filter sees each
+# `__pycache__/...` and `*.pyc` entry by name and strips it
+# deterministically.
+files="$(git ls-files -mo .github/actions/swift-app/ \
+  | grep -v -E '(/__pycache__/|\.pyc$)' || true)"
+if [[ -n "$files" ]]; then
+  printf '%s\n' "$files" \
+    | tr '\n' '\0' \
+    | xargs -0 git add -f -- 2>/dev/null || true
+fi
+echo "autoupdate: staged refreshed action files (deploy.yml not staged — see comment; __pycache__ excluded)"

package/templates/scripts/ci/ios-native/set_app_store_whats_new.py

@@ -78,29 +78,24 @@ def _log(msg: str) -> None:
     print(msg, file=sys.stderr)
 
 
+# Apple's 409 STATE_ERROR detail string for the known-benign case where
+# the per-localization slot is locked because the parent version is
+# transitioning between states. Substring match (not regex / equality) so
+# we don't break if Apple appends or reformats surrounding context.
+_WHATSNEW_LOCKED_DETAIL = "cannot be edited at this time"
+
+
 def _patch_localization(
     token: str, localization_id: str, whats_new: str
 ) -> bool:
     """PATCH a single localization's whatsNew. Returns True on success,
     False when Apple reports the localization is locked (409 STATE_ERROR).
 
-    Apple returns 409 STATE_ERROR ("Attribute 'whatsNew' cannot be edited
-    at this time") on individual localizations even when the parent
-    appStoreVersion's appStoreState is in the editable allow-list checked
-    upstream. This happens when the per-localization state is locked
-    independently (e.g. submitted, in-review at the localization level,
-    or transitioning) -- a race the version-level state check at the top
-    of main() cannot see.
-
-    Without this allow-list, asc_common.request() raises SystemExit on
-    the 409, which the script's top-level try/except cannot swallow
-    (SystemExit is explicitly re-raised). The whole CI run then fails
-    at exit code 1 even though the IPA upload already succeeded.
-
-    Other non-2xx statuses (auth, 5xx, malformed payloads, real ASC
-    outages) are NOT in the allow-list and continue to fail loud --
-    asc_common.request() retries 5xx automatically and SystemExits on
-    everything else.
+    See _handle_localization_409 for the rationale behind allow_status={409}
+    and the benign-lock vs unexpected-409 routing. Other non-2xx statuses
+    (auth, 5xx, malformed payloads, real ASC outages) are NOT in the
+    allow-list and continue to fail loud -- asc_common.request() retries
+    5xx automatically and SystemExits on everything else.
     """
     resp = request(
         "PATCH",
@@ -116,16 +111,75 @@ def _patch_localization(
         allow_status={409},
     )
     if resp.status_code == 409:
-        _warn(
-            f"appStoreVersionLocalization {localization_id} returned 409 "
-            f"STATE_ERROR (locked); whatsNew not patched for this "
-            f"localization. Other localizations and the rest of the run "
-            f"continue."
-        )
+        _handle_localization_409(localization_id, resp)
         return False
     return True
 
 
+def _handle_localization_409(localization_id: str, resp) -> None:
+    """Route an ASC 409 STATE_ERROR on a localization PATCH to the right
+    log channel based on the response detail.
+
+    Apple returns 409 STATE_ERROR ("Attribute 'whatsNew' cannot be edited
+    at this time") on individual localizations even when the parent
+    appStoreVersion's appStoreState is in the editable allow-list checked
+    upstream. This happens when the per-localization state is locked
+    independently (e.g. submitted, in-review at the localization level,
+    or transitioning) -- a race the version-level state check at the top
+    of main() cannot see.
+
+    Without an allow_status={409} entry in the request, asc_common.request()
+    raises SystemExit on the 409, which the script's top-level try/except
+    cannot swallow (SystemExit is explicitly re-raised). The whole CI run
+    then fails at exit code 1 even though the IPA upload already succeeded.
+
+    The benign-lock detail is logged plain -- it's the expected,
+    non-actionable case and emitting `::warning::` annotations every clean
+    run produces noise in the GH workflow summary. Any OTHER 409 detail
+    (genuinely unexpected) is still surfaced as `::warning::`.
+    """
+    detail = _extract_409_detail(resp)
+    if _WHATSNEW_LOCKED_DETAIL in detail:
+        _log(
+            f"[whatsNew] localization {localization_id} is currently "
+            f"locked, skipping (detail: {detail!r})"
+        )
+        return
+    _warn(
+        f"appStoreVersionLocalization {localization_id} returned 409 "
+        f"with unexpected detail {detail!r}; whatsNew not patched for "
+        f"this localization. Other localizations and the rest of the "
+        f"run continue."
+    )
+
+
+def _extract_409_detail(resp) -> str:
+    """Pull the human-readable detail string out of an ASC 409 response.
+
+    ASC error envelope: {"errors": [{"status": "409", "code": "STATE_ERROR",
+    "title": "...", "detail": "Attribute 'whatsNew' cannot be edited at this
+    time"}]}. We collapse all error details into a single string so the
+    benign-lock substring match survives Apple returning multiple errors
+    in one response. Falls back to raw response text if JSON parsing fails
+    (defensive -- Apple's error envelopes have been stable for years but
+    the network layer occasionally returns HTML on infrastructure faults).
+    """
+    try:
+        body = resp.json()
+    except ValueError:
+        return resp.text or ""
+    errors = body.get("errors") if isinstance(body, dict) else None
+    if not errors:
+        return ""
+    parts = []
+    for err in errors:
+        if isinstance(err, dict):
+            detail = err.get("detail") or err.get("title") or ""
+            if detail:
+                parts.append(detail)
+    return " | ".join(parts)
+
+
 def _create_localization(
     token: str, version_id: str, locale: str, whats_new: str
 ) -> str:
@@ -204,10 +258,13 @@ def _update_all_localizations(
         else:
             skipped += 1
     if skipped:
-        _log(
-            f"whatsNew skipped for {skipped} locked localization(s) "
-            f"(see warnings above)"
-        )
+        # Per-localization detail (lock state, unexpected 409, etc.) was
+        # already emitted above by _patch_localization -- this is just the
+        # rollup count so the workflow log shows a single summary line.
+        # We deliberately avoid "see warnings above": for the benign-lock
+        # case _patch_localization emits plain _log entries (no ::warning::),
+        # so a "warnings above" pointer would mislead the reader.
+        _log(f"whatsNew skipped for {skipped} locked localization(s)")
     return count