Improve Microsoft Store certification flow#53
Conversation
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 02fbd4d9c0
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| await syncLocalizations(token, targetVersionResource.id, sourceVersion, whatsNew); | ||
| await syncReviewDetail(token, targetVersionResource.id, sourceVersion); | ||
|
|
||
| const build = await waitForProcessedBuild(token, appId, targetVersion, args.waitMinutes); |
There was a problem hiding this comment.
Refresh App Store token during MAS processing wait
When App Store processing takes longer than the 20-minute JWT lifetime created by createToken(), this 90-minute polling path keeps reusing the original token, so a normal slow build processing run starts returning 401s and the new build-mas release job aborts before attaching/submitting the build. The workflow explicitly sets MAS_SUBMIT_WAIT_MINUTES: 90, so the polling code needs to regenerate the App Store Connect token during/after waitForProcessedBuild rather than carrying a single token through the whole submission.
Useful? React with 👍 / 👎.
| fallbackProcess.stdout?.on('data', (data: Buffer) => { | ||
| const chunk = data.toString('utf8'); | ||
| output += chunk; | ||
| console.log('[Codex default stdout]', chunk); | ||
| senderWindow?.webContents.send('codex:output', { type: 'stdout', data: chunk }); | ||
| }); |
There was a problem hiding this comment.
Reuse the normal Codex output parser on fallback retries
When the configured model is rejected and this fallback process runs, stdout is only appended and forwarded to the renderer, bypassing the main stdout handler that detects [PDS_REQUEST], [PDS_STORE], [BLOCKER], captcha, 2FA, and login-block patterns. In the exact model-fallback path this adds, any retried Codex task that asks for stored user data or hits a blocker will no longer notify the UI and can hang or silently miss the requested store operation.
Useful? React with 👍 / 👎.
Summary
release_mode=msstore-onlydispatch so an owner-approved Microsoft Store resubmission can run frommainwithout moving the existingv1.0.60tag.v1.0.60and package static login/about version display frompackage.json.What I inspected
10.1.2.10 Functionalitylogin/sign-up failure.CertificationFailed, emptynotesForCertification, package0.8.30.0.v1.0.60release tag, which points to the older MAS/export-compliance commit before this Store metadata fix.Files changed
.github/workflows/release.yml,.github/workflows/store-status-watch.ymlscripts/msstore-certification.js,scripts/build-ui.jssrc/ui/login.html,src/ui/components/CodexSidebar.tsx,src/ui/components/About.tsx,vite.config.tsREADME.md,AGENTS.md,docs/*Verification
node --check scripts/msstore-certification.js- passednode --check scripts/store-status-watch.js- passednode --check scripts/build-ui.js- passednode scripts/msstore-certification.js --write-notes $env:TEMP\gnunae-msstore-notes.txt --dry-run- passednode scripts/msstore-certification.js --patch-pending --submission-id 1152921505701360268 --verify-package-version --allow-version-mismatch --dry-run- passed locally after retry; confirmed current failed Store package is0.8.30.0while expected is1.0.60.0npm run build- passed locally after adding manual MS Store dispatch modeAppxManifest.xmlidentity version is1.0.60.0CIworkflow dispatch on branch - passed on Windows, macOS, and Linux: https://github.com/fkiller/GnuNae/actions/runs/28903706424Store Status Watchworkflow dispatch withcertification_dry_run=true- passed: https://github.com/fkiller/GnuNae/actions/runs/28903706494mainwithrelease_mode=msstore-only.Release and store impact
release.ymland adds manual dispatch support.msstore publish --noCommit, applies certification notes through Partner Center API, verifies the pending package version againstpackage.json, then runsmsstore submission publish.release_mode=msstore-onlyruns onlybuild-msstore; it does not rerun MAS, create a GitHub Release, or move an existing tag.MSSTORE_CERTIFICATION_TEST_ACCOUNT_NOTEcan be configured as a GitHub Actions secret for secure reviewer-account details.Native and Docker impact
Stale docs or conflicts found
notesForCertificationdespite repo certification notes describing ChatGPT Pro/Plus requirements.0.8.30.0; local packaging now verifies the current branch builds APPX version1.0.60.0.v1.0.60.Manual confirmation needed
release.ymlfrommainwithrelease_mode=msstore-onlyafter merge.MSSTORE_CERTIFICATION_TEST_ACCOUNT_NOTEin GitHub Actions secrets before resubmission.Recommended next Codex tasks
release.ymlwithrelease_mode=msstore-onlyfrommainand monitorbuild-msstorethrough certification.