App Store Preflight Compliance
Run Greenlight checks, fix findings, and repeat until the project reaches GREENLIT status.
Workflow
- •Run
greenlight preflightat the project root. - •Triage findings by severity (
CRITICAL, thenWARN, thenINFO). - •Apply concrete code/configuration fixes.
- •Re-run and continue until no
CRITICALfindings remain.
Step 1: Run Scan
bash
greenlight preflight .
If an IPA is available:
bash
greenlight preflight . --ipa /path/to/build.ipa
If greenlight is missing, install it:
bash
# Homebrew (macOS) brew install revylai/tap/greenlight # Go go install github.com/RevylAI/greenlight/cmd/greenlight@latest # Build from source git clone https://github.com/RevylAI/greenlight.git cd greenlight && make build
Step 2: Fix Findings
Fix in order:
- •
CRITICAL: must fix before submission. - •
WARN: high rejection risk, strongly recommended to fix. - •
INFO: best-practice improvements.
Common fixes:
- •Move hardcoded secrets to environment variables.
- •Replace external payment flows for digital goods with StoreKit/IAP.
- •Add Sign in with Apple when social login exists.
- •Add account deletion when account creation exists.
- •Remove references to competing platforms.
- •Replace placeholder text (
Lorem ipsum,TBD,Coming soon). - •Rewrite vague purpose strings with concrete app behavior.
- •Replace hardcoded IPs with hostnames.
- •Replace
http://URLs withhttps://. - •Remove debug logs or gate them behind development flags.
- •Add missing privacy policy URL and required App Store metadata.
Step 3: Re-Run Until GREENLIT
bash
greenlight preflight .
Continue until output reports GREENLIT (zero CRITICAL findings).
Useful Commands
bash
greenlight codescan . greenlight privacy . greenlight ipa /path/to/build.ipa greenlight scan --app-id <ID> greenlight guidelines search "privacy"
Attribution
Original project and workflow: RevylAI/greenlight.
Credit to Lanseer and the Revyl team for creating Greenlight. This package is a Codex-native adaptation for the same workflow.