This is the go/no-go checklist for a public App Notes release. Michael Ramos owns final product QA; Plannotator distributes the extension.
- Submit Chrome, Firefox, and Edge in parallel from one approved commit. Edge reuses the Chrome package.
- Treat Arc as a tested Chrome distribution, not a separate store submission. Arc installs Chrome Web Store extensions.
- Treat Safari as a separate release track. WXT produces the Safari web extension, but Apple requires a native app wrapper, signing, and App Store submission. App Notes falls back to an all-notes browser tab where the native side panel API is unavailable.
- Do the first store submissions manually. Store listings must exist before WXT can automate later submissions.
- While approvals are pending, keep the release commit frozen except for release-blocking fixes. Give technical testers unpacked builds; do not present unsigned packages as normal end-user installs.
Official references: WXT publishing, Chrome publishing, Firefox submission, Edge publishing, Safari web extensions, and Arc extensions.
- Chrome Web Store developer account exists, registration is paid, and two-step verification is enabled.
- Mozilla Add-ons developer account exists.
- Microsoft Partner Center account is enrolled for Edge extensions.
- Decide the Safari seller name before enrolling: publishing as “Plannotator” requires an eligible legal organization and Apple organization enrollment; otherwise Apple displays the individual account's legal name.
- Apple Developer Program membership is active if Safari ships in this release.
- Store recovery methods and credentials are held outside the repository.
- Every intended change is merged to
main. - Working tree is clean and GitHub
mainmatches the tested commit. -
package.jsonhas the intended version. Every rejected-and-resubmitted binary gets a higher version. -
README.md,LICENSE,TRADEMARKS.md,PRIVACY.md,SOURCE_CODE_REVIEW.md, and this checklist are accurate. - The public privacy-policy URL is
https://github.com/plannotator/app-notes/blob/main/PRIVACY.md. - Run
bun install --frozen-lockfilefrom a clean checkout. - Run
bun run release:verify. - Run the GitHub Release candidate workflow for an independently built artifact.
Use clean browser profiles. Record pass/fail, browser version, operating system, and the release commit in the release issue.
Test on Chrome Stable, Firefox Stable, Edge Stable, and current Arc. Test Safari on a packaged macOS app before including it in the release. Windows coverage is required for Edge; macOS coverage is required for Arc and Safari.
- App Notes starts disabled and does not intercept normal page clicks.
- Enabling annotations from the popup and keyboard shortcut works.
- Hovering shows the correct element outline and readable label.
- Clicking opens the note composer in a sensible position.
- Saving by button and
Cmd/Ctrl+Enterworks; blank notes cannot be saved. - Clicking away once says the draft is safe in plain language; clicking again discards it.
-
Escfollows the same guarded-draft behavior. - Existing markers restore after reload, browser restart, and extension restart.
- Editing and deleting individual notes work.
- Annotation mode can be disabled without removing saved markers.
- Notes survive normal navigation between multiple pages on the same site.
- Notes survive History API navigation in a single-page app.
- Reproduce the original Yahoo case: create notes across several routes, navigate again, and confirm every note remains.
- Open two tabs on one site, create notes quickly in both, and confirm neither write is lost or duplicated.
- Refresh or close immediately after saving, reopen, and confirm the note exists.
- Notes for different origins remain isolated.
- Corrupt or stale saved records do not break the extension UI.
- The native side panel opens in Chrome, Edge, Firefox, and Arc.
- The full-tab notes workspace opens on Safari or any browser without the side-panel API.
- Current-site notes include every annotated page and show useful page titles.
- All notes remains progressively disclosed and shows notes across every site.
- Opening a global note navigates to the correct page.
- Copying all site notes produces readable Markdown with useful selected/nearby text, not only selectors.
- Exporting downloads the same complete site-wide Markdown.
- Hacker News smoke test: annotate two story titles and confirm their titles appear in the export.
- Clearing site notes removes only that site's notes and requires confirmation.
- The badge count reflects only the current page.
- Test a conventional multi-page site, a React/Vue SPA, Yahoo, Hacker News, and a page with open Shadow DOM.
- On a blocked local HTML file in Chrome, choose Allow local files, approve Chrome's toggle, return to the file, and confirm App Notes reloads it automatically.
- Confirm local notes default to This file; switch to This folder and verify sibling-file notes appear while a different folder remains isolated.
- Restricted browser pages fail gracefully without broken controls.
- Switch the operating system/browser between light and dark appearance; popup, composer, toast, markers, and notes workspace update automatically and remain legible on both light and dark host pages.
- Keyboard focus order, visible focus, screen-reader labels, and 200% zoom are usable.
- Reduced-motion mode avoids unnecessary motion.
- No extension errors appear during the tested flows.
- The extension makes no unexpected network requests.
- Clipboard and download actions happen only after an explicit user action.
- No known data-loss, duplicate-write, security, privacy, install, or primary-flow bug remains.
- Chrome, Firefox, Edge, and Arc pass every core test.
- Safari either passes its own packaged-app QA or is explicitly held for the next release; it never silently ships with a broken notes workspace.
- Store permission and data-use answers match
PRIVACY.mdand the packaged manifests. - Michael gives an explicit go in the release issue.
bun run release:verify
bun run release:package
shasum -a 256 .output/app-notes-*.zipExpected web-store artifacts:
-
app-notes-<version>-chrome.zip— Chrome and Edge; also the Arc QA build. -
app-notes-<version>-firefox.zip— Firefox extension. -
app-notes-<version>-sources.zip— Firefox reviewer source. -
Unzip every artifact and inspect
manifest.json, icons, version, permissions, and package contents. -
Confirm no
.envfile, credential, development log, or unrelated handoff file is present. -
Rebuild the Firefox package from its source ZIP by following
SOURCE_CODE_REVIEW.md; compare contents and explain any nondeterministic metadata if necessary. -
Record SHA-256 hashes in the release issue and GitHub Release.
Safari packaging is a separate macOS step:
bun run package:safari- Open
.output/safari-project/App Notes/App Notes.xcodeprojin Xcode, set the signing team, set marketing version/build number to the release values, and archive the macOS app. - Validate the archive and upload it to App Store Connect.
- Keep iPhone/iPad distribution out of v0.1 unless it receives separate interaction and layout QA.
Apple reference: package a Safari web extension and upload builds.
- Final one-sentence summary and concise description.
- Support URL:
https://github.com/plannotator/app-notes/issues. - Privacy URL:
https://github.com/plannotator/app-notes/blob/main/PRIVACY.md. - Category, language, homepage, PolyForm Shield 1.0.0 license, and Michael Ramos attribution are consistent.
- At least one polished 1280×800 screenshot; aim for three: annotation composer, site notes, and all notes.
- Chrome small promo tile at 440×280.
- Store icon at 128×128 with sufficient transparent padding.
- Plain reviewer notes explain that all data is local, how to enable annotations, how to open notes, and how to test multi-page persistence.
- Permission explanations cover
storage,tabs,webNavigation, and Chrome'ssidePanel.
Chrome asset reference: supplying images. Edge listing reference: extension listing.
- Create the first listing manually, upload the Chrome ZIP, complete privacy/data disclosures, and submit for review.
- Use trusted testers before public publication if another external QA pass is useful.
- Expect variable review time; Chrome currently warns that elevated submission volume can extend reviews.
- Upload the Firefox ZIP as a listed add-on.
- Upload the matching sources ZIP and enter the exact build instructions from
SOURCE_CODE_REVIEW.md. - Choose a custom license, link the repository
LICENSE, complete listing/support fields, and submit. - If outside testers need a signed build before the listed release, use AMO's unlisted signing flow; do not distribute an unsigned XPI as the normal install.
- Create the listing in Partner Center and upload the exact Chrome ZIP.
- Complete privacy, permission, remote-code, and data-use declarations.
- Add reviewer notes and submit for certification.
- No separate submission. Install the Chrome Web Store listing in Arc and repeat the release smoke test after Chrome publishes.
- Create the App Store Connect record, attach the signed macOS build, complete privacy/listing information, and submit to App Review.
- Do not block the web-extension stores on Safari unless a coordinated same-day launch is commercially important.
- Publish one GitHub prerelease tied to the frozen commit and include hashes plus clear “technical testers” sideload instructions.
- Chrome, Edge, and Arc testers load the unpacked
.output/chrome-mv3directory. - Firefox developers use
about:debuggingfor a temporary install; broader testers use only an AMO-signed unlisted build. - Safari testers use the locally signed Xcode build.
- Accept only release-blocking fixes. For each fix: bump the version, rerun the full checklist, rebuild every package, and resubmit affected stores.
- Track each store's submission date, status, review message, listing ID, and public URL in the release issue.
- Publish independently as each approved listing is ready unless launch coordination has a concrete benefit.
- Tag the approved commit
v<version>and create a GitHub Release with hashes and short user-facing notes. - Replace the README's “coming soon” links with direct store URLs.
- Install each public store build and run a five-minute smoke test; store builds are the final artifact, not the local ZIP.
- Record store IDs and configure
wxt submit initplus encrypted GitHub secrets for future updates. - For later releases, use WXT submission automation for Chrome, Firefox, and Edge; keep Safari on its signed Xcode/App Store Connect workflow.
- Monitor issues and store crash/review feedback for 72 hours. Fix data loss or install failures immediately.