npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

app-launch-guard

v0.1.0

Published

Open-source CLI and GitHub Action that scans iOS apps for App Store submission risks.

Readme

AppLaunchGuard

CI License: MIT

An open-source CLI and GitHub Action that helps iOS developers catch App Store submission risks before review.

What it does

AppLaunchGuard statically scans an iOS project and produces terminal, JSON, Markdown, or HTML reports for common App Store submission risk areas:

  • iOS project detection
  • Info.plist permission usage descriptions
  • PrivacyInfo.xcprivacy coverage
  • App Tracking Transparency mismatches
  • RevenueCat, StoreKit, paywall, and subscription signals
  • Analytics, crash, ads, and attribution SDK signals
  • App icons, screenshots, fastlane metadata, and iPad screenshot evidence
  • Exposed secrets (masked in reports)
  • Mental health, therapy, medical, and crisis language review notes
  • Privacy policy, terms, and support URL evidence

Why it exists

Many App Store Review issues are avoidable but easy to miss: privacy metadata, tracking confusion, unclear subscriptions, missing screenshots, or sensitive app wording. AppLaunchGuard turns that checklist into a local, testable tool for indie iOS developers and small teams.

Installation

Local development:

npm install
npm run build
node dist/index.js scan .

Linked local CLI:

npm link
app-launch-guard scan .

After npm publish:

npm install -g app-launch-guard
app-launch-guard scan .

Quick start

app-launch-guard scan .

CLI usage

app-launch-guard scan
app-launch-guard scan .
app-launch-guard scan /path/to/ios/project
app-launch-guard scan --json
app-launch-guard scan --markdown
app-launch-guard scan --output report.md
app-launch-guard scan --output report.json
app-launch-guard scan --html
app-launch-guard scan --html --output report.html
app-launch-guard scan --html --open
app-launch-guard scan --html --serve --open
app-launch-guard scan --html --serve --port 4174
app-launch-guard scan --fail-on critical
app-launch-guard scan --fail-on warning
app-launch-guard scan --fail-on none
app-launch-guard scan --include-docs
app-launch-guard scan --include-all
app-launch-guard scan --no-color
app-launch-guard --help
app-launch-guard scan --help

Scan scope

By default, AppLaunchGuard focuses on iOS source and config files plus app-facing metadata:

  • iOS source and config files (Swift, plist, privacy manifests, Xcode project files)
  • App assets and configuration evidence
  • README.md, docs/, and fastlane metadata

SDK detection stays in source and config files, while README/docs/fastlane are used for metadata and disclaimer checks.

It ignores noisy AI/dev folders and transcript files by default, including .claude, .cursor, .windsurf, .openai, .codex, conversation.md, logs, node_modules, build outputs, and .git. This prevents false positives from AI assistant transcripts, notes, and random logs.

Use --include-docs to scan broader documentation files, or --include-all to scan all text files except dependency, build, and git folders.

Reports

AppLaunchGuard can output reports in four formats:

  • Terminal output for quick local scans
  • Markdown output for PR comments or artifacts
  • JSON output for automation or dashboards
  • HTML output for a local browser dashboard

Examples:

app-launch-guard scan . --markdown --output report.md
app-launch-guard scan . --json --output report.json
app-launch-guard scan . --html --output report.html

Local dashboard

AppLaunchGuard can generate a local browser report for reviewing scan results visually. The report is fully local, self-contained, and does not send project data anywhere.

app-launch-guard scan . --html
app-launch-guard scan . --html --open
app-launch-guard scan . --html --serve --open
app-launch-guard scan . --html --serve --port 4174

GitHub Action usage

name: AppLaunchGuard

on:
  pull_request:
  push:
    branches: [main]

jobs:
  app-launch-guard:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: momenbuilds/app-launch-guard@v1
        with:
          path: "."
          output: "markdown"
          fail-on: "critical"

If you are using the action before a tagged v1 release, reference main:

- uses: momenbuilds/app-launch-guard@main

Action inputs: path, output, fail-on, no-color, include-docs, include-all.

Example output

AppLaunchGuard

Project
✓ iOS project detected
Root: /Users/example/MyApp
Confidence: 92/100

Risk Summary
Risk level: Medium
Risk score: 48/100
Critical: 1
Warnings: 4
Manual review: 3

Critical Issues
✗ Missing NSUserTrackingUsageDescription
  AppTrackingTransparency usage was detected, but Info.plist does not include NSUserTrackingUsageDescription.
  Suggested fix: Add NSUserTrackingUsageDescription to Info.plist with a clear user-facing reason.

What AppLaunchGuard checks

  • Permission APIs used without matching Info.plist usage descriptions
  • Privacy manifest presence, parseability, and key coverage
  • ATT API usage without NSUserTrackingUsageDescription
  • Tracking usage description without obvious ATT code
  • RevenueCat and StoreKit subscription configuration signals
  • Common analytics, crash, ads, attribution, push, and paywall SDK signals
  • App icon, screenshot, iPad screenshot, and fastlane metadata evidence
  • Common exposed secret patterns, with masked output
  • Mental health, therapy, medical, crisis, and AI companion language
  • Privacy policy, terms, support, and subscription copy evidence

What it does not do

AppLaunchGuard does not:

  • Guarantee App Store approval or rejection
  • Replace Apple guidelines, legal review, or App Store Connect privacy answers
  • Connect to App Store Connect
  • Upload your code
  • Use telemetry
  • Make external network calls during scans
  • Use AI in v1

Exit codes and fail-on behavior

--fail-on supports:

  • none: always exit 0 unless the scan has an internal error
  • critical: exit 1 if critical issues exist
  • warning: exit 1 if warning or critical issues exist

The default is --fail-on none for the CLI. The GitHub Action defaults to fail-on: critical.

Common use cases

  • Preflight App Store submissions before release
  • Catch missing privacy manifests or ATT text before review
  • Validate subscription, paywall, and metadata copy
  • Produce Markdown reports for PRs
  • Keep App Store assets and screenshots checklist visible

Contributing

See CONTRIBUTING.md for setup, testing, and contribution guidelines.

Support the project

If AppLaunchGuard helped you catch a review issue or saved you time, a GitHub star helps more developers find it. You can also support development through PayPal: https://paypal.me/mxcenterprise.

Contributions, issues, and feedback are welcome.

Disclaimer

AppLaunchGuard helps reduce review risk, but it does not guarantee App Store approval. Developers are responsible for reviewing Apple’s latest guidelines, App Store Connect privacy answers, and legal requirements.

License

MIT

Development

npm install
npm run typecheck
npm test
npm run lint
npm run build

Fixture scans:

node dist/index.js scan test/fixtures/ios-basic --no-color
node dist/index.js scan test/fixtures/ios-bad --no-color
node dist/index.js scan test/fixtures/ios-doc-noise --no-color
node dist/index.js scan test/fixtures/ios-doc-noise --include-all --no-color