Update to use 0.25.0 inapp sdk

[predatorx7]

Summary by CodeRabbit

• New Features

  • Locale option sent to backend; new verification flags to enable Reclaim's TEE+MPC protocol and TEE operator URLs
  • Support for launching app/deep links via provider scripts; API to update user agent from provider scripts
  • Exact backend error surfaced in session-expired exceptions
  • Expanded verification/configuration fields and timeouts exposed to provider integrations

• Chore

  • Bumped release to 0.25.0; dependency updates and iOS build script added XCFramework packaging steps

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Adds TEE operator support and locale flags; extends ClientFeatureOverrides with multiple timeout/interceptor/TEE fields; updates pigeon schema and generated bindings; swaps GNARK dependency for a TEE operator; wires new fields through the verifier module; adds XCFramework creation to the iOS build script.

Changes

Cohort / File(s)	Summary
Changelog CHANGELOG.md	Adds 0.25.0 release notes describing locale support, TEE+MPC verification option, allowed app links, backend error exposure, and updateUserAgent API.
Dependencies & Vendor pubspec.yaml, scripts/setup_vendor.sh	Bumps version to 0.25.0; replaces reclaim_gnark_zkoperator with reclaim_tee_operator_flutter; moves reclaim_inapp_sdk and reclaim_tee_operator_flutter to git sources; updates vendor override script to reference the TEE operator repo.
Pigeon schema pigeon/schema.dart	Extends ClientFeatureOverrides with useTEE, interceptorOptions, multiple timeout/debounce/screenshot fields, teeUrls; adds locale and useTeeOperator to ReclaimApiVerificationOptions (with docs).
Generated pigeon bindings lib/src/pigeon/messages.pigeon.dart	Adds new constructor fields, serialization/deserialization, and equality/hash updates to surface locale, useTeeOperator, and expanded ClientFeatureOverrides; includes formatting adjustments.
Verifier integration & API export lib/reclaim_verifier_module.dart	Replaces GNARK operator import with TEE operator and download helper; initializes and propagates new feature fields (locale, useTeeOperator, teeUrls, timeouts, interceptorOptions) in state and setOverrides; adds export 'src/pigeon/messages.pigeon.dart';.
iOS build script scripts/build_ios.sh	Adds create_xcframework function and a post-build loop converting .framework to .xcframework, removes originals, then continues signing/archiving steps.

Sequence Diagram(s)

(omitted)

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

• Review pigeon schema ↔ generated bindings for field ordering and serialization consistency (pigeon/schema.dart ↔ lib/src/pigeon/messages.pigeon.dart).
• Validate dependency/import replacements in lib/reclaim_verifier_module.dart and exported API (messages.pigeon.dart) alignment.
• Inspect scripts/build_ios.sh XCFramework creation loop for path/Info.plist assumptions and error handling.

Possibly related PRs

• reclaim-inapp-add-to-app-module#31 — Overlaps iOS build/packaging changes, including framework signing and packaging scripts.
• reclaim-inapp-add-to-app-module#26 — Related pigeon API surface and verifier module wiring changes.
• reclaim-inapp-add-to-app-module#32 — Adds/overlaps TEE/interceptor/timeout fields in pigeon/schema and verifier wiring.

Suggested reviewers

• ChinmayMhatre
• Karam19

Poem

🐇 I swapped a gnark for a shiny tee,
Locale flags hop into each header tree,
New fields scurry through bindings and state,
XCFrameworks bundle frameworks up neat,
I nibble bytes and celebrate — tiny hops, big change! 🥕✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: updating the module to use version 0.25.0 of the inapp SDK, which is reflected in the version bump in pubspec.yaml and corresponding dependency updates throughout the changeset.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch pre-0.25.0

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 7cf3f25 and fb78358.

📒 Files selected for processing (1)

• scripts/build_ios.sh (1 hunks)

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (3)

scripts/setup_vendor.sh (1)

16-19: Consider renaming the environment variable for clarity.

The variable OVERRIDE_GNARK_PROVER_GIT is now used to control the git ref for reclaim_tee_operator_flutter, but the name still references "GNARK_PROVER". Consider renaming it to OVERRIDE_TEE_OPERATOR_GIT or a more generic name like OVERRIDE_OPERATOR_GIT to better reflect its current purpose.

Apply this diff:

-if [[ -z "$OVERRIDE_GNARK_PROVER_GIT" ]]; then
-  OVERRIDE_GNARK_PROVER_GIT="main"
+if [[ -z "$OVERRIDE_TEE_OPERATOR_GIT" ]]; then
+  OVERRIDE_TEE_OPERATOR_GIT="main"
 fi
 if [[ -z "$OVERRIDE_RECLAIM_FLUTTER_SDK_GIT" ]]; then
   OVERRIDE_RECLAIM_FLUTTER_SDK_GIT="main"
 fi
 
 echo "OVERRIDE_RECLAIM_FLUTTER_SDK_GIT=$OVERRIDE_RECLAIM_FLUTTER_SDK_GIT"
-echo "OVERRIDE_GNARK_PROVER_GIT=$OVERRIDE_GNARK_PROVER_GIT"
+echo "OVERRIDE_TEE_OPERATOR_GIT=$OVERRIDE_TEE_OPERATOR_GIT"
 
 echo "dependency_overrides:
   reclaim_tee_operator_flutter:
     git:
       url: https://$PACKAGE_CLONE_USER:[email protected]/reclaimprotocol/reclaim-tee-operator-flutter.git
-      ref: $OVERRIDE_GNARK_PROVER_GIT
+      ref: $OVERRIDE_TEE_OPERATOR_GIT

pubspec.yaml (1)

32-40: Consider pinning git dependencies to specific commits or tags.

The git dependencies are currently pointing to the main branch without version pinning. This can lead to non-deterministic builds and make it difficult to reproduce issues, as different builds may pull different versions of the dependencies.

Consider using specific commit SHAs or version tags for better reproducibility:

  reclaim_inapp_sdk:
    git:
      url: [email protected]:reclaimprotocol/reclaim-inapp-sdk.git
      ref: <specific-commit-sha-or-tag>
  reclaim_tee_operator_flutter:
    git:
      url: [email protected]:reclaimprotocol/reclaim-tee-operator-flutter.git
      ref: <specific-commit-sha-or-tag>

lib/reclaim_verifier_module.dart (1)

12-14: Avoid using implementation imports from external packages.

The code imports from the internal src/common/download/download.dart path of reclaim_tee_operator_flutter. Accessing implementation details breaks encapsulation and makes the code fragile to upstream changes. If downloadWithHttp is needed by consumers, it should be exported publicly by the reclaim_tee_operator_flutter package.

Consider requesting that reclaim_tee_operator_flutter exports downloadWithHttp as part of its public API, or copy the required functionality into this module if the upstream maintainers don't intend to expose it publicly.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between f36054e and 2dfc9a6.

⛔ Files ignored due to path filters (5)

• generated/android/src/main/java/org/reclaimprotocol/inapp_sdk/Messages.kt is excluded by !**/generated/**
• generated/ios/Sources/ReclaimInAppSdk/Messages.h is excluded by !**/generated/**
• generated/ios/Sources/ReclaimInAppSdk/Messages.m is excluded by !**/generated/**
• generated/ios/Sources/ReclaimInAppSdk/Messages.swift is excluded by !**/generated/**
• pubspec.lock is excluded by !**/*.lock

📒 Files selected for processing (6)

• CHANGELOG.md (1 hunks)
• lib/reclaim_verifier_module.dart (4 hunks)
• lib/src/pigeon/messages.pigeon.dart (39 hunks)
• pigeon/schema.dart (3 hunks)
• pubspec.yaml (2 hunks)
• scripts/setup_vendor.sh (1 hunks)

🔇 Additional comments (7)

CHANGELOG.md (1)

1-8: LGTM!

The changelog entry accurately documents the new 0.25.0 features including locale support, TEE+MPC protocol integration, and expanded API surface.

lib/reclaim_verifier_module.dart (2)

454-460: LGTM!

The feature flag configuration correctly populates the new timeout and interceptor fields from the ClientFeatureOverrides model.

---

590-608: LGTM!

The verification options are correctly logged and propagated, including the new locale and useTeeOperator fields. The implementation properly handles the new configuration surface.

pigeon/schema.dart (2)

80-128: LGTM!

The ClientFeatureOverrides schema correctly expands the configuration surface with new optional timeout and interceptor fields. All fields are appropriately nullable with clear documentation.

---

187-232: LGTM!

The ReclaimApiVerificationOptions schema additions are well-documented. The useTeeOperator field clearly explains the three-state behavior (true/false/null) and the locale field provides clear guidance on localization.

lib/src/pigeon/messages.pigeon.dart (2)

278-387: LGTM!

The autogenerated code correctly implements the expanded ClientFeatureOverrides data model with proper serialization and deserialization for all new fields.

---

561-650: LGTM!

The autogenerated code correctly implements the expanded ReclaimApiVerificationOptions with locale and useTeeOperator fields, including proper serialization/deserialization logic.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

lib/reclaim_verifier_module.dart (2)

12-15: Internal import from reclaim_tee_operator_flutter is a stability trade-off

Using downloadWithHttp from src/common/download/download.dart (with // ignore: implementation_imports) is a deliberate dependency on internal package structure. This is fine short term, but any upstream refactor of internals can break this module without a version-constraint change; consider exposing this via the public API of reclaim_tee_operator_flutter longer term.

---

583-611: Verification options: propagation of new fields looks correct

Logging and copyWith now include claimCreationType, isCloseButtonVisible, locale, and useTeeOperator, with the enum converted via ClaimCreationTypeExtension. Given the schema defaults, these are non-null where required, and null is preserved for TEE/localization so backend/feature flags can still decide behavior.

If you anticipate adding more ClaimCreationTypeApi variants later, you might add a default branch in toClaimCreationType to avoid future compile errors when extending the enum.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2dfc9a6 and e2f1239.

⛔ Files ignored due to path filters (4)

• generated/android/src/main/java/org/reclaimprotocol/inapp_sdk/Messages.kt is excluded by !**/generated/**
• generated/ios/Sources/ReclaimInAppSdk/Messages.h is excluded by !**/generated/**
• generated/ios/Sources/ReclaimInAppSdk/Messages.m is excluded by !**/generated/**
• generated/ios/Sources/ReclaimInAppSdk/Messages.swift is excluded by !**/generated/**

📒 Files selected for processing (4)

• CHANGELOG.md (1 hunks)
• lib/reclaim_verifier_module.dart (4 hunks)
• lib/src/pigeon/messages.pigeon.dart (39 hunks)
• pigeon/schema.dart (3 hunks)

🔇 Additional comments (10)

CHANGELOG.md (1)

1-8: 0.25.0 entry aligns with the implemented API changes

The new changelog bullets correctly describe the added verification options (locale/useTeeOperator), TEE+MPC support, and script-facing APIs exposed in this PR; nothing blocking here.

lib/reclaim_verifier_module.dart (1)

443-463: New feature overrides are wired through cleanly

The additional fields on ClientFeatureOverrides (useTEE, interceptorOptions, timeout/debounce intervals, teeUrls) are passed straight into ReclaimFeatureFlagData, preserving nullability so feature flags/backend can decide behavior. This keeps the Dart-side thin and looks consistent with the existing overrides pattern.

pigeon/schema.dart (2)

80-134: ClientFeatureOverrides surface extension is coherent

The added fields (useTEE, interceptorOptions, various timeout/debounce intervals, teeUrls) are all nullable and documented, and their declaration order matches the generated ClientFeatureOverrides in messages.pigeon.dart, avoiding index-mismatch issues at the channel boundary.

---

193-238: ReclaimApiVerificationOptions: locale and TEE flag are well specified

Adding locale and useTeeOperator with clear semantics (forced locale vs backend-chosen, TEE+MPC vs proxy attestor vs feature-flag default) cleanly extends the API without breaking existing callers, since the new fields are nullable and default to backend behavior when omitted.

lib/src/pigeon/messages.pigeon.dart (6)

29-41: Deep equality helper looks correct but relies on Dart 3 features

_deepEquals handles List and Map recursively and falls back to == otherwise, which is appropriate for these Pigeon models. It uses List.indexed with record destructuring, so ensure your package’s environment.sdk constraint is set high enough (Dart 3.x) that all consumers can compile this.

Please double-check your pubspec.yaml has a Dart SDK lower bound compatible with List.indexed and record patterns.

---

278-380: ClientFeatureOverrides encode/decode ordering is consistent

The _toList() and decode() implementations agree on field order (0–16), covering the new fields (attestorBrowserRpcUrl through teeUrls) without gaps or mismatches. This should serialize cleanly across the Flutter ↔ host boundary.

---

571-660: ReclaimApiVerificationOptions encoding covers locale and useTeeOperator correctly

The new locale and useTeeOperator fields are appended to _toList() and read back at indices 5 and 6 in decode(), matching the constructor order. Equality/hashCode now also account for these fields via _toList(), so they participate properly in comparisons and collections.

---

799-901: Codec updates correctly register all custom types

The _PigeonCodec writes each custom enum/data class with a distinct type tag (129–144) and delegates to encode()/decode(). The corresponding readValueOfType branches line up with these tags, so there’s no obvious tag collision or missing case.

---

903-1216: ReclaimModuleApi.setUp: stronger argument checks and error wrapping

The regenerated setUp adds per-channel asserts for non-null messages/arguments and consistently wraps non-PlatformException errors into a generic PlatformException(code: 'error', message: e.toString()). This should make host-module integration failures surface more clearly without changing the happy path.

---

1219-1468: Host API wrappers match the updated protocol

ReclaimHostOverridesApi and ReclaimHostVerificationApi now construct channel names with messageChannelSuffix, send positional argument lists in the expected order, and validate replies (null/error/non-null) consistently. The signatures and argument ordering align with the schema, so these wrappers should interoperate correctly with the native side.

[coderabbitai]

Actionable comments posted: 2

🧹 Nitpick comments (1)

scripts/build_ios.sh (1)

69-82: Remove commented-out code.

The fat binary splitting logic (lines 69–82) is commented out and appears to be experimental or deprecated. Remove it to reduce cognitive load and avoid confusion during future maintenance.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e2f1239 and 1525481.

📒 Files selected for processing (1)

• scripts/build_ios.sh (1 hunks)

[coderabbitai]

Actionable comments posted: 2

♻️ Duplicate comments (1)

scripts/build_ios.sh (1)

98-105: Remove dead code: ONLY_RELEASE_TARGETS is hardcoded to true.

The ONLY_RELEASE_TARGETS variable is hardcoded to true, making the conditional at lines 101–102 dead code that will never execute. The recursive glob pattern (**) in line 102 also won't work without shopt -s globstar enabled.

Either remove the dead branch for clarity or enable the flag if you intend to support nested directories in the future.

+# Enable recursive glob if needed
+# shopt -s globstar

 ONLY_RELEASE_TARGETS=true

-FRAMEWORK_PATTERN=""
 if [ "$ONLY_RELEASE_TARGETS" != "true" ]; then
     FRAMEWORK_PATTERN="build/ios/ReclaimXCFrameworks/**/*.framework"
 else
     FRAMEWORK_PATTERN="build/ios/ReclaimXCFrameworks/*.framework"
 fi

Or, simplify by removing the dead branch:

 ONLY_RELEASE_TARGETS=true

-FRAMEWORK_PATTERN=""
-if [ "$ONLY_RELEASE_TARGETS" != "true" ]; then
-    FRAMEWORK_PATTERN="build/ios/ReclaimXCFrameworks/**/*.framework"
-else
-    FRAMEWORK_PATTERN="build/ios/ReclaimXCFrameworks/*.framework"
-fi
+FRAMEWORK_PATTERN="build/ios/ReclaimXCFrameworks/*.framework"

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1525481 and 7cf3f25.

📒 Files selected for processing (1)

• scripts/build_ios.sh (1 hunks)

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Add error handling and prevent destructive operations on the original framework.

The create_xcframework function has several critical issues:

1. Destructive operation on original: Line 64 removes the code signature from the original framework, and the function modifies it in-place before copying. If the function fails partway through, the original framework is corrupted.
2. No error handling: Lines 69, 72–74, 80 and 86–89 execute binary manipulation commands (lipo, vtool, xcodebuild) without checking for success. If any command fails, the script continues with broken binaries.
3. No validation: The function assumes $somepackage.framework/$somepackage exists without checking.

Refactor to:

• Work on copies only; do not modify the original framework.
• Check that the binary exists before calling lipo/vtool.
• Validate that each command succeeds before continuing.

create_xcframework() {
    local somepackage="$1"

    if [ -z "$somepackage" ]; then
        echo "Usage: create_xcframework <package_name>"
        return 1
    fi

+   # Validate source framework exists
+   if [ ! -d "$somepackage.framework" ]; then
+       echo "❌ Error: Framework not found: $somepackage.framework"
+       return 1
+   fi
+
+   if [ ! -f "$somepackage.framework/$somepackage" ]; then
+       echo "❌ Error: Binary not found: $somepackage.framework/$somepackage"
+       return 1
+   fi

    mkdir -p iphoneos
    mkdir -p iphonesimulator

-   rm -rf "$somepackage.framework/_CodeSignature"
-   cp -R "$somepackage.framework/" "iphoneos/$somepackage.framework"
-   cp -R "$somepackage.framework/" "iphonesimulator/$somepackage.framework"
+   # Work on copies only; preserve the original
+   cp -R "$somepackage.framework/" "iphoneos/$somepackage.framework"
+   cp -R "$somepackage.framework/" "iphonesimulator/$somepackage.framework"
+
+   rm -rf "iphoneos/$somepackage.framework/_CodeSignature"
+   rm -rf "iphonesimulator/$somepackage.framework/_CodeSignature"

    echo "Original framework architectures:"
-   xcrun lipo -info "$somepackage.framework/$somepackage"
+   xcrun lipo -info "$somepackage.framework/$somepackage" || {
+       echo "❌ Error: Failed to extract architecture info"
+       return 1
+   }

    # Create iphoneos version (remove x86_64, keep arm64)
-   xcrun lipo -remove x86_64 "./iphoneos/$somepackage.framework/$somepackage" -o "./iphoneos/$somepackage.framework/$somepackage"
-   vtool -set-build-version 2 14 26.1 -output "./iphoneos/$somepackage.framework/$somepackage" "./iphoneos/$somepackage.framework/$somepackage"
-   vtool -remove-build-version 7 -output "./iphoneos/$somepackage.framework/$somepackage" "./iphoneos/$somepackage.framework/$somepackage"
+   xcrun lipo -remove x86_64 "./iphoneos/$somepackage.framework/$somepackage" -o "./iphoneos/$somepackage.framework/$somepackage" || {
+       echo "❌ Error: Failed to slice iphoneos framework"
+       return 1
+   }
+   vtool -set-build-version 2 14 26.1 -output "./iphoneos/$somepackage.framework/$somepackage" "./iphoneos/$somepackage.framework/$somepackage" || {
+       echo "❌ Error: Failed to set iphoneos build version"
+       return 1
+   }
+   vtool -remove-build-version 7 -output "./iphoneos/$somepackage.framework/$somepackage" "./iphoneos/$somepackage.framework/$somepackage" || {
+       echo "❌ Error: Failed to remove build version from iphoneos"
+       return 1
+   }

    echo "iphoneos framework architectures:"
    xcrun lipo -info "iphoneos/$somepackage.framework/$somepackage"

    # Create iphonesimulator version (remove arm64, keep x86_64)
-   xcrun lipo -remove arm64 "./iphonesimulator/$somepackage.framework/$somepackage" -o "./iphonesimulator/$somepackage.framework/$somepackage"
+   xcrun lipo -remove arm64 "./iphonesimulator/$somepackage.framework/$somepackage" -o "./iphonesimulator/$somepackage.framework/$somepackage" || {
+       echo "❌ Error: Failed to slice iphonesimulator framework"
+       return 1
+   }

    echo "iphonesimulator framework architectures:"
    xcrun lipo -info "iphonesimulator/$somepackage.framework/$somepackage"

    # Create XCFramework
    xcodebuild -create-xcframework \
        -framework "iphoneos/$somepackage.framework/" \
        -framework "iphonesimulator/$somepackage.framework/" \
        -output "$somepackage.xcframework"
+   if [ $? -ne 0 ]; then
+       echo "❌ Error: Failed to create XCFramework"
+       return 1
+   fi

    rm -rf ./iphonesimulator;
    rm -rf ./iphoneos;
}

🤖 Prompt for AI Agents

In scripts/build_ios.sh around lines 51–93, the function currently mutates the
original framework, lacks existence checks, and doesn't validate command
success; refactor so the script first verifies "$somepackage.framework" and its
binary exist, then work only on copies (create temp dirs and copy the framework
there rather than removing _CodeSignature from the original), run each tool
(lipo, vtool, xcodebuild) against the copies, check each command's exit status
and abort with a clear error message if any step fails, and ensure proper
cleanup of temp directories on both success and failure to avoid leaving partial
artifacts.

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Quote all variables to prevent word splitting and globbing in critical contexts.

Unquoted variables in the loop create security and correctness issues, especially in the rm -rf command:

• Line 114: $framework_path in basename should be quoted to handle paths with spaces.
• Line 118: $(dirname $framework_path) should quote the argument.
• Line 120: $project_dir in cd should be quoted.
• Line 122: Critical: rm -rf $framework_path with an unquoted variable can expand to multiple paths or globs, causing unintended deletions.

-for framework_path in $FRAMEWORK_PATTERN; do
+for framework_path in $FRAMEWORK_PATTERN; do
     echo "Trying to make XCframework for $framework_path"
     if [ -d "$framework_path" ]; then
-        framework_name=$(basename $framework_path .framework)
+        framework_name=$(basename "$framework_path" .framework)

         echo "📦 Creating xcframework for $framework_name"

-        cd "$(dirname $framework_path)"
+        cd "$(dirname "$framework_path")" || {
+            echo "❌ Error: Failed to change directory to $(dirname "$framework_path")"
+            continue
+        }
-        create_xcframework $framework_name 
+        create_xcframework "$framework_name"
-        cd $project_dir;
+        cd "$project_dir" || {
+            echo "❌ Error: Failed to return to project directory"
+            exit 1
+        }

-        rm -rf $framework_path
+        rm -rf "$framework_path"
     fi
 done

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	for framework_path in $FRAMEWORK_PATTERN; do
	echo "Trying to make XCframework for $framework_path"
	if [ -d "$framework_path" ]; then
	framework_name=$(basename $framework_path .framework)
	echo "📦 Creating xcframework for $framework_name"
	cd "$(dirname $framework_path)"
	create_xcframework $framework_name
	cd $project_dir;
	rm -rf $framework_path
	fi
	done
	for framework_path in $FRAMEWORK_PATTERN; do
	echo "Trying to make XCframework for $framework_path"
	if [ -d "$framework_path" ]; then
	framework_name=$(basename "$framework_path" .framework)
	echo "📦 Creating xcframework for $framework_name"
	cd "$(dirname "$framework_path")" || {
	echo "❌ Error: Failed to change directory to $(dirname "$framework_path")"
	continue
	}
	create_xcframework "$framework_name"
	cd "$project_dir" || {
	echo "❌ Error: Failed to return to project directory"
	exit 1
	}
	rm -rf "$framework_path"
	fi
	done

🤖 Prompt for AI Agents

In scripts/build_ios.sh around lines 111-124, unquoted variables risk
word-splitting and glob expansion; update the loop to quote all variable
expansions: use "$(basename "$framework_path" .framework)" when computing
framework_name, use cd "$(dirname "$framework_path")" when changing dirs, use cd
"$project_dir" when returning, and make the deletion safe by using rm -rf --
"$framework_path" (and quote any other expansions like "$FRAMEWORK_PATTERN" if
used elsewhere) so paths with spaces or leading dashes are handled correctly.