edsger 0.35.2 → 0.36.0

package/dist/commands/build/index.js

@@ -0,0 +1,519 @@
+import { execFileSync, execSync, spawn } from 'child_process';
+import { existsSync, mkdirSync, readdirSync, rmSync, statSync, writeFileSync, } from 'fs';
+import { homedir } from 'os';
+import { dirname, join, relative } from 'path';
+import { getAppStoreConfigs, updateBuildConfig, } from '../../api/app-store.js';
+import { getGitHubConfigByProduct } from '../../api/github.js';
+import { logInfo, logSuccess, logWarning } from '../../utils/logger.js';
+import { cloneFeatureRepo, ensureWorkspaceDir, } from '../../workspace/workspace-manager.js';
+/** Default (real) implementations of all dependencies. */
+export function createDefaultDeps() {
+    return {
+        fetchConfigs: getAppStoreConfigs,
+        fetchGitHub: getGitHubConfigByProduct,
+        cloneRepo: (workspaceRoot, dirName, owner, repo, token) => cloneFeatureRepo(workspaceRoot, dirName, owner, repo, token),
+        getWorkspaceRoot: ensureWorkspaceDir,
+        saveBuildConfig: updateBuildConfig,
+        checkoutDefaultBranch: checkoutDefaultBranchImpl,
+        findProjects: findXcodeProjects,
+        findSchemes: discoverSchemes,
+        runCommand: spawnAsync,
+        isXcodeAvailable: isXcodebuildAvailable,
+    };
+}
+// ── Async spawn helper ─────────────────────────────────────────────
+/**
+ * Active child process — killed on SIGTERM for graceful cancellation.
+ * Only one build can run at a time; concurrent calls are rejected.
+ */
+let activeChild = null;
+/**
+ * Spawn a command asynchronously, stream output to stdout/stderr, and
+ * return a promise that resolves on success or rejects on failure.
+ * The spawned process is stored in `activeChild` so the desktop app's
+ * "Stop Build" button (which sends SIGTERM to the CLI) cascades to it.
+ * Rejects if another subprocess is already running (concurrency guard).
+ */
+function spawnAsync(cmd, args, opts = {}) {
+    return new Promise((resolve, reject) => {
+        if (activeChild && activeChild.exitCode === null) {
+            reject(new Error('A build subprocess is already running'));
+            return;
+        }
+        const child = spawn(cmd, args, {
+            cwd: opts.cwd,
+            stdio: ['ignore', 'pipe', 'pipe'],
+            env: opts.env ?? process.env,
+        });
+        activeChild = child;
+        child.stdout?.on('data', (chunk) => process.stdout.write(chunk));
+        child.stderr?.on('data', (chunk) => process.stderr.write(chunk));
+        let timer;
+        if (opts.timeout) {
+            timer = setTimeout(() => {
+                child.kill('SIGTERM');
+                reject(new Error(`Command timed out after ${opts.timeout / 1000}s`));
+            }, opts.timeout);
+        }
+        child.on('close', (code) => {
+            if (timer)
+                clearTimeout(timer);
+            activeChild = null;
+            if (code === 0) {
+                resolve();
+            }
+            else {
+                reject(new Error(`${cmd} exited with code ${code}`));
+            }
+        });
+        child.on('error', (err) => {
+            if (timer)
+                clearTimeout(timer);
+            activeChild = null;
+            reject(err);
+        });
+    });
+}
+// ── Signal forwarding (scoped to runBuild) ─────────────────────────
+function forwardSignal(signal) {
+    if (activeChild && activeChild.exitCode === null) {
+        activeChild.kill(signal);
+    }
+}
+function installSignalHandlers() {
+    const onTerm = () => forwardSignal('SIGTERM');
+    const onInt = () => forwardSignal('SIGINT');
+    process.on('SIGTERM', onTerm);
+    process.on('SIGINT', onInt);
+    return () => {
+        process.removeListener('SIGTERM', onTerm);
+        process.removeListener('SIGINT', onInt);
+    };
+}
+// ── Pre-flight checks ──────────────────────────────────────────────
+function isXcodebuildAvailable() {
+    try {
+        execSync('xcodebuild -version', { stdio: 'pipe' });
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+// ── Git helpers ────────────────────────────────────────────────────
+function checkoutDefaultBranchImpl(repoPath) {
+    try {
+        const defaultBranch = execFileSync('git', ['symbolic-ref', 'refs/remotes/origin/HEAD'], { cwd: repoPath, stdio: 'pipe' })
+            .toString()
+            .trim()
+            .replace('refs/remotes/origin/', '');
+        execFileSync('git', ['checkout', defaultBranch], {
+            cwd: repoPath,
+            stdio: 'pipe',
+        });
+        execFileSync('git', ['pull', 'origin', defaultBranch], {
+            cwd: repoPath,
+            stdio: 'pipe',
+        });
+        logInfo(`On branch: ${defaultBranch}`);
+    }
+    catch {
+        logWarning('Could not switch to default branch, using current state');
+    }
+}
+// ── Xcode project discovery ────────────────────────────────────────
+const EXCLUDED_DIRS = new Set([
+    'Pods',
+    '.build',
+    'node_modules',
+    'DerivedData',
+    'build',
+    '.git',
+    'Carthage',
+]);
+export function findXcodeProjects(rootDir) {
+    const results = [];
+    function walk(dir, depth) {
+        if (depth > 4)
+            return;
+        let entries;
+        try {
+            entries = readdirSync(dir);
+        }
+        catch {
+            return;
+        }
+        for (const entry of entries) {
+            if (EXCLUDED_DIRS.has(entry))
+                continue;
+            const fullPath = join(dir, entry);
+            if (entry.endsWith('.xcworkspace')) {
+                results.push({ path: relative(rootDir, fullPath), type: 'workspace' });
+            }
+            else if (entry.endsWith('.xcodeproj')) {
+                results.push({ path: relative(rootDir, fullPath), type: 'project' });
+            }
+            else {
+                try {
+                    if (statSync(fullPath).isDirectory()) {
+                        walk(fullPath, depth + 1);
+                    }
+                }
+                catch {
+                    // skip inaccessible
+                }
+            }
+        }
+    }
+    walk(rootDir, 0);
+    // Workspaces first, then by shallowest path
+    return results.sort((a, b) => {
+        if (a.type !== b.type)
+            return a.type === 'workspace' ? -1 : 1;
+        return a.path.length - b.path.length;
+    });
+}
+// ── Scheme discovery ───────────────────────────────────────────────
+export function discoverSchemes(repoPath, projectPath, projectType) {
+    const flag = projectType === 'workspace' ? '-workspace' : '-project';
+    const fullProjectPath = join(repoPath, projectPath);
+    try {
+        const output = execFileSync('xcodebuild', [flag, fullProjectPath, '-list'], { stdio: 'pipe', timeout: 30_000 }).toString();
+        const schemesMatch = output.match(/Schemes:\s*\n([\s\S]*?)(?:\n\n|$)/);
+        if (!schemesMatch)
+            return [];
+        return schemesMatch[1]
+            .split('\n')
+            .map((s) => s.trim())
+            .filter((s) => s.length > 0 &&
+            !s.endsWith('Tests') &&
+            !s.endsWith('UITests') &&
+            !s.includes('Test'));
+    }
+    catch {
+        return [];
+    }
+}
+// ── ExportOptions.plist generation ─────────────────────────────────
+/** Escape XML special characters to prevent injection in plist values. */
+function escapeXml(str) {
+    return str
+        .replace(/&/g, '&')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;')
+        .replace(/"/g, '&quot;')
+        .replace(/'/g, '&apos;');
+}
+export function generateExportOptionsPlist(teamId, exportMethod) {
+    const safeTeamId = escapeXml(teamId);
+    const safeMethod = escapeXml(exportMethod);
+    return `<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+  <key>method</key>
+  <string>${safeMethod}</string>
+  <key>teamID</key>
+  <string>${safeTeamId}</string>
+  <key>uploadSymbols</key>
+  <true/>
+  <key>signingStyle</key>
+  <string>automatic</string>
+</dict>
+</plist>`;
+}
+// ── API Key file management ────────────────────────────────────────
+function getApiKeyDir() {
+    return join(homedir(), '.edsger', 'keys');
+}
+/** Validate keyId is alphanumeric to prevent path traversal. */
+function validateKeyId(keyId) {
+    if (!/^[A-Za-z0-9_-]+$/.test(keyId)) {
+        throw new Error(`Invalid API key ID: ${keyId}`);
+    }
+}
+export function writeApiKeyFile(keyId, privateKey) {
+    validateKeyId(keyId);
+    const keyDir = getApiKeyDir();
+    mkdirSync(keyDir, { recursive: true });
+    const keyPath = join(keyDir, `AuthKey_${keyId}.p8`);
+    writeFileSync(keyPath, privateKey, { mode: 0o600 });
+    return keyPath;
+}
+export function cleanupApiKeyFile(keyId) {
+    try {
+        validateKeyId(keyId);
+        rmSync(join(getApiKeyDir(), `AuthKey_${keyId}.p8`), { force: true });
+    }
+    catch {
+        // best effort
+    }
+}
+// ── Platform → destination mapping ─────────────────────────────────
+export function destinationForPlatform(platform) {
+    if (platform === 'macos') {
+        return 'generic/platform=macOS';
+    }
+    return 'generic/platform=iOS';
+}
+// ── Main build command ─────────────────────────────────────────────
+/**
+ * Run the full build pipeline. Accepts an optional `deps` parameter
+ * for dependency injection in tests; falls back to real implementations.
+ */
+// eslint-disable-next-line complexity -- orchestration function, sequential steps are intentional
+export async function runBuild(options, deps = createDefaultDeps()) {
+    const { buildProductId: productId, verbose } = options;
+    // 1. Pre-flight
+    if (!deps.isXcodeAvailable()) {
+        throw new Error('xcodebuild is not available. Please install Xcode and Xcode Command Line Tools.\n\n' +
+            '  xcode-select --install\n');
+    }
+    // Install signal handlers for the duration of this build
+    const removeSignalHandlers = installSignalHandlers();
+    try {
+        logInfo(`Starting build for product: ${productId}`);
+        // 2. Fetch app store config
+        const configs = await deps.fetchConfigs(productId, verbose);
+        const appleConfig = configs.find((c) => c.store_type === 'apple_app_store');
+        if (!appleConfig) {
+            throw new Error('No Apple App Store configuration found. Add one in the App Store tab first.');
+        }
+        const buildConfig = appleConfig.build_config || {};
+        const shouldReselect = options.reselect || false;
+        // 3. Clone / update repo
+        const github = await deps.fetchGitHub(productId, verbose);
+        if (!github.configured || !github.token || !github.owner || !github.repo) {
+            throw new Error(`GitHub not configured: ${github.message || 'Connect a repository to this product.'}`);
+        }
+        const workspaceRoot = deps.getWorkspaceRoot();
+        const { repoPath } = deps.cloneRepo(workspaceRoot, `build-${productId}`, github.owner, github.repo, github.token);
+        deps.checkoutDefaultBranch(repoPath);
+        // 4. Resolve Xcode project path
+        let projectPath = options.project || buildConfig.project_path;
+        let projectType = 'workspace';
+        if (!projectPath || shouldReselect) {
+            const projects = deps.findProjects(repoPath);
+            if (projects.length === 0) {
+                throw new Error(`No Xcode projects found in ${repoPath}.\n` +
+                    'Ensure the repository contains a .xcworkspace or .xcodeproj file.');
+            }
+            if (projects.length === 1) {
+                projectPath = projects[0].path;
+                projectType = projects[0].type;
+                logInfo(`Found Xcode project: ${projectPath}`);
+            }
+            else {
+                logInfo(`Found ${projects.length} Xcode projects:`);
+                for (let i = 0; i < projects.length; i++) {
+                    logInfo(`  [${i + 1}] ${projects[i].path} (${projects[i].type})`);
+                }
+                projectPath = projects[0].path;
+                projectType = projects[0].type;
+                logInfo(`Auto-selected: ${projectPath}`);
+            }
+        }
+        else {
+            projectType = projectPath.endsWith('.xcworkspace')
+                ? 'workspace'
+                : 'project';
+        }
+        // 5. Resolve scheme
+        let scheme = options.scheme || buildConfig.scheme;
+        if (!scheme || shouldReselect) {
+            const schemes = deps.findSchemes(repoPath, projectPath, projectType);
+            if (schemes.length === 0) {
+                throw new Error(`No schemes found in ${projectPath}. Specify one with --scheme.`);
+            }
+            if (schemes.length === 1) {
+                scheme = schemes[0];
+                logInfo(`Using scheme: ${scheme}`);
+            }
+            else {
+                logInfo(`Found schemes: ${schemes.join(', ')}`);
+                scheme = schemes[0];
+                logInfo(`Auto-selected scheme: ${scheme}`);
+            }
+        }
+        // 6. Build settings
+        const configuration = options.configuration || buildConfig.configuration || 'Release';
+        const teamId = buildConfig.team_id;
+        const exportMethod = buildConfig.export_method || 'app-store';
+        const platform = options.platform || 'ios';
+        // 7. Persist discovered build config
+        const newBuildConfig = {
+            project_path: projectPath,
+            scheme,
+            configuration,
+            team_id: teamId,
+            export_method: exportMethod,
+        };
+        if (newBuildConfig.project_path !== buildConfig.project_path ||
+            newBuildConfig.scheme !== buildConfig.scheme ||
+            newBuildConfig.configuration !== buildConfig.configuration) {
+            logInfo('Saving build configuration...');
+            await deps.saveBuildConfig(appleConfig.id, newBuildConfig, verbose);
+        }
+        // 8. Install dependencies (CocoaPods)
+        const projectDir = projectPath.includes('/')
+            ? join(repoPath, dirname(projectPath))
+            : repoPath;
+        for (const podfile of [
+            join(projectDir, 'Podfile'),
+            join(repoPath, 'Podfile'),
+        ]) {
+            if (existsSync(podfile)) {
+                logInfo('Installing CocoaPods dependencies...');
+                try {
+                    await deps.runCommand('pod', ['install'], {
+                        cwd: dirname(podfile),
+                        timeout: 300_000,
+                    });
+                    logSuccess('CocoaPods installed');
+                }
+                catch {
+                    logWarning('pod install failed — continuing anyway');
+                }
+                break;
+            }
+        }
+        if (!options.skipArchive && !options.ipa) {
+            // 9. Archive (async, cancellable)
+            const archivePath = join(repoPath, 'build', `${scheme}.xcarchive`);
+            const projectFlag = projectType === 'workspace' ? '-workspace' : '-project';
+            const fullProjectPath = join(repoPath, projectPath);
+            logInfo(`Archiving ${scheme} (${configuration}, ${platform})...`);
+            const archiveArgs = [
+                projectFlag,
+                fullProjectPath,
+                '-scheme',
+                scheme,
+                '-configuration',
+                configuration,
+                '-destination',
+                destinationForPlatform(platform),
+                '-archivePath',
+                archivePath,
+                'archive',
+                '-allowProvisioningUpdates',
+            ];
+            if (teamId) {
+                archiveArgs.push(`DEVELOPMENT_TEAM=${teamId}`);
+            }
+            await deps.runCommand('xcodebuild', archiveArgs, {
+                cwd: repoPath,
+                timeout: 1_200_000,
+            });
+            logSuccess('Archive created successfully');
+            // 10. Export IPA / .app
+            if (!teamId) {
+                logWarning('team_id not configured — skipping export. Set it in build settings.');
+                return;
+            }
+            const exportPath = join(repoPath, 'build', 'export');
+            mkdirSync(exportPath, { recursive: true });
+            const plistPath = join(repoPath, 'build', 'ExportOptions.plist');
+            writeFileSync(plistPath, generateExportOptionsPlist(teamId, exportMethod));
+            logInfo('Exporting archive...');
+            await deps.runCommand('xcodebuild', [
+                '-exportArchive',
+                '-archivePath',
+                archivePath,
+                '-exportOptionsPlist',
+                plistPath,
+                '-exportPath',
+                exportPath,
+                '-allowProvisioningUpdates',
+            ], { cwd: repoPath, timeout: 300_000 });
+            logSuccess('Export completed');
+            const ipaFiles = readdirSync(exportPath).filter((f) => f.endsWith('.ipa'));
+            if (ipaFiles.length === 0) {
+                throw new Error('No IPA file found after export');
+            }
+            const ipaPath = join(exportPath, ipaFiles[0]);
+            logSuccess(`IPA ready: ${ipaPath}`);
+            if (options.upload) {
+                await uploadIpa(ipaPath, appleConfig, platform, deps);
+            }
+            else {
+                logInfo('Build complete. Use --upload to also upload to App Store Connect.');
+            }
+        }
+        else if (options.ipa) {
+            if (!existsSync(options.ipa)) {
+                throw new Error(`IPA file not found: ${options.ipa}`);
+            }
+            await uploadIpa(options.ipa, appleConfig, platform, deps);
+        }
+    }
+    finally {
+        removeSignalHandlers();
+    }
+}
+// ── Upload IPA to App Store Connect ────────────────────────────────
+//
+// Uses `xcrun notarytool submit` for macOS apps and
+// `xcrun altool --upload-app` for iOS (altool is deprecated but
+// notarytool does not support iOS App Store uploads).
+// When altool is removed in a future Xcode, migrate to the
+// App Store Connect API upload protocol (iTMSTransporter).
+async function uploadIpa(ipaPath, appleConfig, platform, deps) {
+    const credentials = appleConfig.credentials;
+    if (!credentials?.key_id ||
+        !credentials?.issuer_id ||
+        !credentials?.private_key) {
+        throw new Error('Apple App Store Connect API credentials not configured.\n' +
+            'Set key_id, issuer_id, and private_key in the App Store tab settings.');
+    }
+    logInfo('Uploading to App Store Connect...');
+    const keyId = credentials.key_id;
+    writeApiKeyFile(keyId, credentials.private_key);
+    const cleanup = () => cleanupApiKeyFile(keyId);
+    process.on('exit', cleanup);
+    try {
+        if (platform === 'macos') {
+            logInfo('Using xcrun notarytool for macOS submission...');
+            await deps.runCommand('xcrun', [
+                'notarytool',
+                'submit',
+                ipaPath,
+                '--key',
+                join(getApiKeyDir(), `AuthKey_${keyId}.p8`),
+                '--key-id',
+                keyId,
+                '--issuer',
+                credentials.issuer_id,
+                '--wait',
+            ], { timeout: 1_200_000 });
+        }
+        else {
+            // iOS: altool is the only CLI path for App Store uploads.
+            // Apple deprecated altool but has not yet provided a replacement
+            // CLI for iOS App Store uploads. When they do, switch here.
+            logInfo('Using xcrun altool for iOS upload (note: altool is deprecated by Apple)...');
+            await deps.runCommand('xcrun', [
+                'altool',
+                '--upload-app',
+                '-f',
+                ipaPath,
+                '-t',
+                'ios',
+                '--apiKey',
+                keyId,
+                '--apiIssuer',
+                credentials.issuer_id,
+            ], {
+                timeout: 1_200_000,
+                env: {
+                    ...process.env,
+                    API_PRIVATE_KEYS_DIR: getApiKeyDir(),
+                },
+            });
+        }
+        logSuccess('Upload to App Store Connect completed!');
+    }
+    finally {
+        cleanup();
+        process.removeListener('exit', cleanup);
+    }
+}

package/dist/index.js

@@ -9,6 +9,7 @@ import { runLogin, runLogout, runStatus } from './auth/login.js';
 import { runAgentWorkflow } from './commands/agent-workflow/index.js';
 import { runAnalyzeLogs } from './commands/analyze-logs/index.js';
 import { runAppStoreGeneration } from './commands/app-store/index.js';
+import { runBuild } from './commands/build/index.js';
 import { runChecklists } from './commands/checklists/index.js';
 import { runCodeReview } from './commands/code-review/index.js';
 import { runConfigGet, runConfigList, runConfigSet, runConfigUnset, } from './commands/config/index.js';
@@ -158,6 +159,41 @@ program
     }
 });
 // ============================================================
+// Subcommand: edsger build <productId>
+// ============================================================
+program
+    .command('build <productId>')
+    .description('Build iOS/macOS app and optionally upload to App Store Connect')
+    .option('-v, --verbose', 'Verbose output')
+    .option('--scheme <name>', 'Xcode scheme (auto-detected if omitted)')
+    .option('--project <path>', 'Path to .xcworkspace or .xcodeproj (relative to repo root)')
+    .option('--configuration <name>', 'Build configuration (default: Release)', 'Release')
+    .option('--platform <platform>', 'Target platform: ios or macos (default: ios)', 'ios')
+    .option('--upload', 'Upload IPA to App Store Connect after building')
+    .option('--reselect', 'Re-discover project and scheme (ignore saved config)')
+    .option('--skip-archive', 'Skip build, only upload existing IPA')
+    .option('--ipa <path>', 'Upload a specific IPA file directly')
+    .action(async (productId, opts) => {
+    try {
+        await runBuild({
+            buildProductId: productId,
+            verbose: opts.verbose,
+            scheme: opts.scheme,
+            project: opts.project,
+            configuration: opts.configuration,
+            platform: opts.platform,
+            upload: opts.upload,
+            reselect: opts.reselect,
+            skipArchive: opts.skipArchive,
+            ipa: opts.ipa,
+        });
+    }
+    catch (error) {
+        logError(error instanceof Error ? error.message : String(error));
+        process.exit(1);
+    }
+});
+// ============================================================
 // Subcommand: edsger checklists <productId>
 // ============================================================
 program

package/dist/phases/app-store-generation/agent.js

@@ -1,4 +1,4 @@
-import { readFileSync, readdirSync } from 'node:fs';
+import { readdirSync, readFileSync } from 'node:fs';
 import { join } from 'node:path';
 import { query } from '@anthropic-ai/claude-agent-sdk';
 import { DEFAULT_MODEL } from '../../constants.js';
@@ -11,7 +11,9 @@ function parseAppStoreResult(responseText) {
         // eslint-disable-next-line @typescript-eslint/no-explicit-any
         let jsonResult = null;
         // Try to extract JSON from markdown code block (check all occurrences, prefer last)
-        const jsonBlockMatches = [...responseText.matchAll(/```json\s*\n([\s\S]*?)\n\s*```/g)];
+        const jsonBlockMatches = [
+            ...responseText.matchAll(/```json\s*\n([\s\S]*?)\n\s*```/g),
+        ];
         for (let i = jsonBlockMatches.length - 1; i >= 0; i--) {
             try {
                 const candidate = JSON.parse(jsonBlockMatches[i][1]);
@@ -25,8 +27,8 @@ function parseAppStoreResult(responseText) {
             }
         }
         if (!jsonResult) {
-            // Try to find a JSON object containing "app_store" anywhere in the text
-            const appStoreMatch = responseText.match(/\{[\s\S]*"app_store"\s*:\s*\{[\s\S]*\}/);
+            // Try to find a JSON object containing "app_store" anywhere in the text (non-greedy)
+            const appStoreMatch = responseText.match(/\{[\s\S]*?"app_store"\s*:\s*\{[\s\S]*?\}\s*\}/);
             if (appStoreMatch) {
                 try {
                     jsonResult = JSON.parse(appStoreMatch[0]);
@@ -102,26 +104,23 @@ export async function executeAppStoreQuery(currentPrompt, systemPrompt, config,
                 logInfo(`\nAI generation completed after ${turnCount} turns, parsing results...`);
                 const responseText = message.result || lastAssistantResponse;
                 const parsed = parseAppStoreResult(responseText);
-                if (parsed.error) {
+                if (!parsed.error) {
+                    structuredResult = parsed.appStore;
+                }
+                else if (lastAssistantResponse &&
+                    responseText !== lastAssistantResponse) {
                     // Fallback: try accumulated assistant responses (may contain JSON code blocks)
-                    if (lastAssistantResponse && responseText !== lastAssistantResponse) {
-                        const fallback = parseAppStoreResult(lastAssistantResponse);
-                        if (!fallback.error) {
-                            logInfo('Parsed result from accumulated responses');
-                            structuredResult = fallback.appStore;
-                        }
-                        else {
-                            logError(`Failed to parse result: ${parsed.error}`);
-                            structuredResult = null;
-                        }
+                    const fallback = parseAppStoreResult(lastAssistantResponse);
+                    if (!fallback.error) {
+                        logInfo('Parsed result from accumulated responses');
+                        structuredResult = fallback.appStore;
                     }
                     else {
                         logError(`Failed to parse result: ${parsed.error}`);
-                        structuredResult = null;
                     }
                 }
                 else {
-                    structuredResult = parsed.appStore;
+                    logError(`Failed to parse result: ${parsed.error}`);
                 }
             }
             else {
@@ -145,11 +144,18 @@ export async function executeAppStoreQuery(currentPrompt, systemPrompt, config,
     return structuredResult;
 }
 /**
- * Search for JSON files in the given directory that contain an app_store key.
+ * Search for known output JSON files in the given directory that contain an app_store key.
+ * Only reads files matching safe patterns to avoid parsing arbitrary repo files.
  */
+const SAFE_JSON_PATTERNS = [
+    /^app[-_]?store[-_]?result/i,
+    /^app[-_]?store[-_]?output/i,
+    /^output\.json$/i,
+    /^result\.json$/i,
+];
 function tryParseJsonFilesInDir(dir) {
     try {
-        const files = readdirSync(dir).filter((f) => f.endsWith('.json'));
+        const files = readdirSync(dir).filter((f) => f.endsWith('.json') && SAFE_JSON_PATTERNS.some((p) => p.test(f)));
         for (const file of files) {
             try {
                 const content = readFileSync(join(dir, file), 'utf-8');

package/dist/phases/app-store-generation/index.js

@@ -53,8 +53,25 @@ export const generateAppStoreAssets = async (options, config
         if (!aiResult) {
             throw new Error('No results received from AI');
         }
-        const listings = (aiResult.listings ||
+        const rawListings = (aiResult.listings ||
             {});
+        // Enforce Apple field limits on AI-generated content
+        const listings = {};
+        for (const [loc, listing] of Object.entries(rawListings)) {
+            listings[loc] = {
+                ...listing,
+                app_name: listing.app_name?.slice(0, 30) ?? '',
+                subtitle: listing.subtitle?.slice(0, 30),
+                promotional_text: listing.promotional_text?.slice(0, 170),
+                short_description: listing.short_description?.slice(0, 80),
+                description: listing.description?.slice(0, 4000) ?? '',
+                keywords: listing.keywords
+                    ? listing.keywords.length > 100
+                        ? listing.keywords.slice(0, 100).replace(/,[^,]*$/, '')
+                        : listing.keywords
+                    : undefined,
+            };
+        }
         const screenshotSpecs = (aiResult.screenshots || []);
         logInfo(`AI generated: ${Object.keys(listings).length} locale(s), ${screenshotSpecs.length} screenshot spec(s)`);
         // Ensure store configs exist