Validate tvOS bundle identifiers

[jsdavid278-cyber]

Fixes #590.

Changes:

• validate tv-tvos bundleId as a reverse-DNS identifier before planning build or ship
• use the normalized bundleId for generated artifact/archive paths and real ship IDs
• add regression tests for invalid bundleId values in build and ship flows

Validation:

• vitest run packages/targets/tv-tvos/src/index.test.ts
• tsc -p packages/targets/tv-tvos/tsconfig.json --noEmit

[greptile-apps]

Greptile Summary

This PR adds a requireBundleId helper that validates the tvOS bundleId against a reverse-DNS pattern before any build or ship work begins, and threads the trimmed/validated value through buildPlan so artifact and archive paths are derived from the clean string. Two regression tests cover path-traversal and slash-containing identifiers.

• BUNDLE_ID_PATTERN rejects identifiers with path separators, slashes, or non-letter leading characters; the validated value is now the source of truth for artifact names and ship IDs.
• The ship dry-run meta.bundleId still returns the raw config.bundleId rather than plan.bundleId, diverging from the real-ship path and from the PR's own normalization intent.
• The build log line similarly uses config.bundleId instead of plan.bundleId, leaving a minor inconsistency in observability output.

Confidence Score: 3/5

The validation logic is correct but the dry-run ship path returns the raw, un-normalized bundleId while the real ship path uses the trimmed value — callers relying on dry-run output to preview the exact ID used in production will see a different string if the input had surrounding whitespace.

The ship dry-run meta.bundleId field was left pointing at config.bundleId rather than plan.bundleId, which is the opposite of what every other changed reference in this PR does. A trimmed-whitespace input would cause the dry-run response to diverge from the real ship result, and the existing test doesn't catch it because it uses a clean input string.

packages/targets/tv-tvos/src/index.ts — specifically the ship dry-run return block (line 93) and the build log statement (line 74).

Important Files Changed

Filename	Overview
packages/targets/tv-tvos/src/index.ts	Adds bundleId validation via requireBundleId/BUNDLE_ID_PATTERN and threads the normalized value through buildPlan; two spots still reference the raw config.bundleId — the build log (minor) and the ship dry-run meta.bundleId (inconsistent with the real-ship path).
packages/targets/tv-tvos/src/index.test.ts	Adds two regression tests for invalid bundleId values (../AcmeTV and com.acme/tvos) in build and ship flows; coverage is adequate for the happy path but doesn't exercise the trim-normalization edge case that exposes the dry-run inconsistency.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[build / ship called] --> B[buildPlan]
    B --> C[requireBundleId]
    C --> D{bundleId present?}
    D -- no --> E[throw: tv-tvos requires bundleId]
    D -- yes --> F{matches BUNDLE_ID_PATTERN?}
    F -- no --> G[throw: must be valid reverse-DNS identifier]
    F -- yes --> H[return trimmed bundleId]
    H --> I[artifactPath uses plan.bundleId ✓]
    H --> J[archivePath uses plan.bundleId ✓]
    H --> K[plan.bundleId in buildPlan result ✓]
    K --> L{dryRun?}
    L -- yes --> M["meta.bundleId: config.bundleId ⚠️ raw value"]
    L -- no --> N["id: plan.bundleId@version ✓"]
    K --> O["build log: config.bundleId ⚠️ raw value"]

Loading

Comments Outside Diff (2)

1. packages/targets/tv-tvos/src/index.ts, line 93 (link)

   Dry-run meta.bundleId should use the normalized value from plan for the same reason the log and real-ship ID were updated in this PR.

2. packages/targets/tv-tvos/src/index.ts, line 74 (link)

   The build log uses the raw config.bundleId rather than the trimmed/validated plan.bundleId. If the incoming value had surrounding whitespace that was stripped by requireBundleId, the log would show the un-normalized string while the plan file and artifact paths use the clean one.

_{Reviews (1): Last reviewed commit: "Validate tvOS bundle identifiers" | Re-trigger Greptile}

[greptile-apps]

Dry-run meta returns raw, un-normalized bundleId

The ship dry-run block returns bundleId: config.bundleId (line 93) while the actual-ship path returns plan.bundleId (line 101). plan.bundleId is the trimmed, validated value produced by requireBundleId. If a caller passes a bundleId with surrounding whitespace (e.g. " com.acme.tvos"), buildPlan will successfully validate and trim it, but the dry-run response will echo back the pre-trim value — diverging from the real ship result. The rest of this PR explicitly switched to plan.bundleId for the log and return ID; this one spot was missed.