Back to Details

release-review

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Release Review for Apple Platforms

Apple平台应用发布评审

Performs a comprehensive pre-release audit of macOS and iOS applications from a senior developer's perspective. Identifies critical issues that could cause rejection, security vulnerabilities, privacy concerns, and UX problems—with actionable fixes.
从资深开发者的视角,对macOS和iOS应用进行全面的预发布审计。识别可能导致审核被拒、安全漏洞、隐私问题及用户体验缺陷的关键问题,并提供可执行的修复方案。

When This Skill Activates

触发场景

Use this skill when the user:
  • Says "review for release", "release review", or "pre-release audit"
  • Asks for "senior developer review" or "critical review"
  • Mentions preparing for "App Store", "TestFlight", or "notarization"
  • Wants to know what "power users might complain about"
  • Asks to "review before shipping" or "check before release"
当用户有以下需求时,激活此Skill:
  • 提及“发布评审”“release review”或“预发布审计”
  • 请求“资深开发者评审”或“严格评审”
  • 提到为“App Store”“TestFlight”或“公证(notarization)”做准备
  • 想了解“高级用户可能会抱怨的问题”
  • 请求“发布前评审”或“发布前检查”

Review Process

评审流程

Phase 1: Project Discovery

第一阶段:项目调研

First, understand the project:
bash
undefined
首先,了解项目信息:
bash
undefined

Find project type

识别项目类型

Glob: **/.xcodeproj or **/.xcworkspace Glob: **/Info.plist Glob: **/project.pbxproj

Identify:
- Platform (macOS, iOS, or both)
- App type (standard app, menu bar app, widget, extension)
- Distribution method (App Store, direct download, TestFlight)
Glob: **/.xcodeproj or **/.xcworkspace Glob: **/Info.plist Glob: **/project.pbxproj

确认以下信息:
- 平台(macOS、iOS或双平台)
- 应用类型(标准应用、菜单栏应用、小组件、扩展)
- 分发方式(App Store、直接下载、TestFlight)

Phase 2: Security Review

第二阶段:安全评审

Load and apply: security-checklist.md
Key areas:
  • Credential storage (Keychain patterns, no hardcoded secrets)
  • Data transmission (HTTPS, certificate validation)
  • Input validation (injection prevention)
  • Entitlements audit
  • Hardened runtime (macOS)
加载并应用:security-checklist.md
核心检查领域:
  • 凭证存储(Keychain使用规范、无硬编码密钥)
  • 数据传输(HTTPS、证书验证)
  • 输入验证(注入攻击防护)
  • 权限(Entitlements)审计
  • 强化运行时(macOS)

Phase 3: Privacy Review

第三阶段:隐私评审

Load and apply: privacy-checklist.md
Key areas:
  • Data collection transparency
  • Privacy manifest (iOS 17+)
  • User consent flows
  • Third-party SDK disclosure
  • GDPR compliance basics
加载并应用:privacy-checklist.md
核心检查领域:
  • 数据收集透明度
  • 隐私清单(iOS 17+)
  • 用户授权流程
  • 第三方SDK披露
  • GDPR基础合规性

Phase 4: UX Polish Review

第四阶段:UX优化评审

Load and apply: ux-polish-checklist.md
Key areas:
  • First launch / onboarding
  • Empty states and error handling
  • Loading states
  • Text truncation and accessibility
  • Platform-specific UX patterns
加载并应用:ux-polish-checklist.md
核心检查领域:
  • 首次启动/引导流程
  • 空状态与错误处理
  • 加载状态
  • 文本截断与无障碍访问
  • 平台专属UX设计规范

Phase 5: Distribution Review

第五阶段:分发评审

Load and apply: distribution-checklist.md
Key areas:
  • Bundle identifier format
  • Code signing configuration
  • Info.plist completeness
  • App icons
  • Platform-specific requirements (notarization, App Store)
加载并应用:distribution-checklist.md
核心检查领域:
  • Bundle标识符格式
  • 代码签名配置
  • Info.plist完整性
  • 应用图标
  • 平台专属要求(公证、App Store)

Phase 6: API Design Review

第六阶段:API设计评审

Load and apply: api-design-checklist.md
Key areas:
  • User-Agent headers (honest identification)
  • Error handling patterns
  • Token expiration handling
  • Rate limiting
  • Offline handling
加载并应用:api-design-checklist.md
核心检查领域:
  • User-Agent请求头(真实身份标识)
  • 错误处理规范
  • Token过期处理
  • 请求频率限制
  • 离线处理机制

Output Format

输出格式

Present findings in this structure:
markdown
undefined
按照以下结构呈现评审结果:
markdown
undefined

Release Review: [App Name]

发布评审:[应用名称]

Platform: macOS / iOS / Universal Distribution: App Store / Direct Download / TestFlight Review Date: [Date]
平台:macOS / iOS / 通用平台 分发方式:App Store / 直接下载 / TestFlight 评审日期:[日期]

Summary

摘要

PriorityCount
CriticalX
HighX
MediumX
LowX
优先级数量
🔴 关键X
🟠 高X
🟡 中X
🟢 低X

🔴 Critical Issues (Must Fix)

🔴 关键问题(必须修复)

Issues that will cause rejection, crashes, or security vulnerabilities.
可能导致审核被拒、崩溃或安全漏洞的问题。

[Category]: [Issue Title]

[分类]:[问题标题]

File: 
path/to/file.swift:123
Impact: [Why this matters]
Current Code:
swift
// problematic code
Suggested Fix:
swift
// fixed code
文件
path/to/file.swift:123
影响:[问题严重性说明]
当前代码
swift
// 存在问题的代码
建议修复方案
swift
// 修复后的代码

🟠 High Priority (Should Fix)

🟠 高优先级问题(建议修复)

Issues that significantly impact user experience or trust.
[Same format as above]
对用户体验或信任度有显著影响的问题。
[格式同上]

🟡 Medium Priority (Fix Soon)

🟡 中优先级问题(尽快修复)

Issues that should be addressed but won't block release.
[Same format as above]
需要处理但不影响发布的问题。
[格式同上]

🟢 Low Priority / Suggestions

🟢 低优先级/建议项

Nice-to-have improvements and polish.
[Same format as above]
锦上添花的优化与改进。
[格式同上]

✅ Strengths

✅ 优势亮点

What the app does well:
  • [Strength 1]
  • [Strength 2]
  • [Strength 3]
应用的出色之处:
  • [亮点1]
  • [亮点2]
  • [亮点3]

Recommended Action Plan

推荐修复计划

  1. [Critical] [First thing to fix]
  2. [Critical] [Second thing to fix]
  3. [High] [Third thing to fix] ...
undefined
  1. [关键] [首要修复项]
  2. [关键] [次要修复项]
  3. [高] [第三修复项] ...
undefined

Priority Classification

优先级定义

🔴 Critical

🔴 关键

  • Security vulnerabilities (credential exposure, injection)
  • Crashes or data loss scenarios
  • App Store rejection causes
  • Privacy violations
  • Hardcoded secrets or spoofed identifiers
  • 安全漏洞(凭证泄露、注入攻击)
  • 崩溃或数据丢失场景
  • 导致App Store审核被拒的问题
  • 隐私违规
  • 硬编码密钥或伪造标识符

🟠 High

🟠 高

  • Poor error handling (silent failures)
  • Missing user consent or transparency
  • Accessibility blockers
  • Missing required Info.plist keys
  • Broken functionality
  • 错误处理不佳(静默失败)
  • 缺失用户授权或透明度声明
  • 无障碍访问障碍
  • 缺失必填Info.plist字段
  • 功能损坏

🟡 Medium

🟡 中

  • Incomplete onboarding
  • Suboptimal UX patterns
  • Missing empty states
  • Performance concerns
  • Minor accessibility issues
  • 引导流程不完整
  • UX设计规范不符合最优标准
  • 缺失空状态页面
  • 性能问题
  • 轻微无障碍访问缺陷

🟢 Low

🟢 低

  • Code style improvements
  • Additional features
  • Polish and refinement
  • Documentation improvements
  • 代码风格优化
  • 新增功能建议
  • 细节打磨与优化
  • 文档改进

Platform-Specific Considerations

平台专属注意事项

macOS

macOS

  • Menu bar app window activation (
    NSApp.activate
    )
  • Sandbox exceptions justification
  • Notarization requirements
  • Hardened runtime
  • Developer ID signing
  • DMG/installer considerations
  • 菜单栏应用窗口激活(
    NSApp.activate
  • 沙箱例外的合理性说明
  • 公证要求
  • 强化运行时
  • Developer ID签名
  • DMG/安装包相关考虑

iOS

iOS

  • App Tracking Transparency
  • Privacy nutrition labels
  • Launch screen requirements
  • Export compliance
  • In-app purchase requirements
  • TestFlight configuration
  • 应用跟踪透明度(App Tracking Transparency)
  • 隐私营养标签
  • 启动页要求
  • 出口合规性
  • 内购项目要求
  • TestFlight配置

References

参考文档

  • security-checklist.md - Detailed security review items
  • privacy-checklist.md - Privacy and data handling
  • ux-polish-checklist.md - User experience review
  • distribution-checklist.md - Release and distribution
  • api-design-checklist.md - Network and API patterns
  • security-checklist.md - 详细安全评审项
  • privacy-checklist.md - 隐私与数据处理规范
  • ux-polish-checklist.md - 用户体验评审项
  • distribution-checklist.md - 发布与分发规范
  • api-design-checklist.md - 网络与API设计规范