If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/X1a0He/Adobe-Downloader shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

WAIT — Slowing — last commit 5mo ago

• Last commit 5mo ago
• GPL-3.0 licensed
• ⚠ Slowing — last commit 5mo ago
• ⚠ Solo or near-solo (1 contributor active in recent commits)
• ⚠ GPL-3.0 is copyleft — check downstream compatibility
• ⚠ No CI workflows detected
• ⚠ No test directory detected

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live X1a0He/Adobe-Downloader repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/X1a0He/Adobe-Downloader.

What it runs against: a local clone of X1a0He/Adobe-Downloader — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in X1a0He/Adobe-Downloader | Confirms the artifact applies here, not a fork | | 2 | License is still GPL-3.0 | Catches relicense before you depend on it | | 3 | Default branch main exists | Catches branch renames | | 4 | Last commit ≤ 165 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of X1a0He/Adobe-Downloader. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/X1a0He/Adobe-Downloader.git
#   cd Adobe-Downloader
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of X1a0He/Adobe-Downloader and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "X1a0He/Adobe-Downloader(\\.git)?\\b" \\
  && ok "origin remote is X1a0He/Adobe-Downloader" \\
  || miss "origin remote is not X1a0He/Adobe-Downloader (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(GPL-3\\.0)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"GPL-3\\.0\"" package.json 2>/dev/null) \\
  && ok "license is GPL-3.0" \\
  || miss "license drift — was GPL-3.0 at generation time"

# 3. Default branch
git rev-parse --verify main >/dev/null 2>&1 \\
  && ok "default branch main exists" \\
  || miss "default branch main no longer exists"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 165 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~135d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/X1a0He/Adobe-Downloader"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

Adobe Downloader is a native macOS application (Swift + SwiftUI) that downloads and installs Adobe Creative Cloud applications directly from Adobe's official CDN, bypassing the Creative Cloud installer. It manages download tasks, handles Adobe's Setup component patching automatically to enable installation, and provides a cleaning utility to remove Adobe apps, preferences, caches, and licensing files. Single Xcode project (Adobe Downloader.xcodeproj/) with modular organization: /Commons/ (Enums, Statics, globals), /HelperManager/ (SMAppService + SMJobBless adapters), /Services/ (NewNetworkService for downloads), /Models/ (ViewModels + NewDownloadTask), /Storages/ (persistence). AppDelegate + ContentView.swift form the SwiftUI entry point; Python/Shell scripts in /Scripts/ handle system-level setup patching.

macOS users (13.0+) who want to selectively download and install individual Adobe apps without the overhead of Creative Cloud, or who need to cleanly uninstall Adobe products. Primarily self-serve users, not enterprise IT—the author explicitly does not accept PRs and supports via personal Telegram.

Active but single-maintainer: version 2.1.0 with recent updates (2025-12-25 log visible), supports macOS 13.0+ only (dropped 12.0 support in v2.1), has persistent task storage and multi-language UI (Chinese + English). No visible test suite or CI/CD pipeline in the file list, reducing confidence in stability across edge cases.

High single-maintainer risk (one author, no PR policy). The project performs privileged system modifications (Adobe Setup patching, service manipulation) requiring root via SMAppService Daemon Helper, which introduces security review burden. No public issue tracker visible; resolution depends on author's personal availability. Breaking API changes occurred between v1.3.0 and v2.1.0 (Helper mechanism redesign).

Recent focus on Helper system redesign: migrated from SMJobBless to SMAppService Daemon (v2.1), added HelperExecutionLogStore for debugging, fixed tab-switching state loss in cleanup UI, introduced Helper playground/settings UI to inspect privilege levels and execution results. Feature-complete for download/install/cleanup; no visible open development branches.

Check README for instructions.

Daily commands: Build in Xcode: xcodebuild -scheme 'Adobe Downloader' -configuration Debug. Run: open -a './Build/Products/Debug/Adobe Downloader.app' or directly from Xcode via Run button. No CLI mode; purely GUI-driven (SwiftUI ContentView.swift). First run requires Helper installation (user prompted); after that, download/install/cleanup work without password re-entry.

• [Adobe Downloader/HelperManager/SMAppServiceDaemonHelperManager.swift](https://github.com/X1a0He/Adobe-Downloader/blob/main/Adobe Downloader/HelperManager/SMAppServiceDaemonHelperManager.swift): Core privilege elevation mechanism via macOS SMAppService Daemon; handles XPC communication for root-level operations (Setup patching, service management). Critical for installation to work without password prompts.
• [Adobe Downloader/Services/NewNetworkService.swift](https://github.com/X1a0He/Adobe-Downloader/blob/main/Adobe Downloader/Services/NewNetworkService.swift): Orchestrates downloads from Adobe's CDN; manages concurrent downloads, progress tracking, and error handling for potentially multi-GB files.
• [Adobe Downloader/Models/NewDownloadTask.swift](https://github.com/X1a0He/Adobe-Downloader/blob/main/Adobe Downloader/Models/NewDownloadTask.swift): Persistence layer for download tasks; stores task state (URL, version, product, language) to enable resumption after app restart.
• [Adobe Downloader/ContentView.swift](https://github.com/X1a0He/Adobe-Downloader/blob/main/Adobe Downloader/ContentView.swift): Main SwiftUI view hierarchy; orchestrates download tab, install tab, cleanup tab, and settings. Entry point for understanding UI flow.
• [Adobe Downloader/Scripts/clean-config.sh](https://github.com/X1a0He/Adobe-Downloader/blob/main/Adobe Downloader/Scripts/clean-config.sh): Automatically patches Adobe's Setup component to disable license verification (removes 2700 error); critical for installation feature to function.
• [Adobe Downloader/Commons/Enums.swift](https://github.com/X1a0He/Adobe-Downloader/blob/main/Adobe Downloader/Commons/Enums.swift): Centralized error codes and app state enums; understanding these is essential for debugging installation failures and feature status.
• [Adobe Downloader/HelperManager/HelperExecutionLogStore.swift](https://github.com/X1a0He/Adobe-Downloader/blob/main/Adobe Downloader/HelperManager/HelperExecutionLogStore.swift): New in v2.1: logs all Helper (root) operations for debugging; required to understand what privileged actions actually executed.

Download logic: edit Services/NewNetworkService.swift (URL construction, retry) and Models/NewDownloadTask.swift (task state). UI: modify ContentView.swift (main view) and Models/CheckForUpdatesViewModel.swift (state). Privilege operations: change HelperManager/SMAppServiceDaemonHelperManager.swift or SMJobBlessHelperManager.swift (XPC calls). Cleanup: update cleanup file paths in Utils/ + Services/. Setup patching: edit Scripts/clean-config.sh if Adobe's format changes.

1. macOS 13.0+ hard requirement: v2.1 dropped 10.15–12.x support; SMAppService is unavailable on older OS. 2. Helper installation is one-time but persistent: users must manually uninstall helper if uninstalling the app, or it remains in system. 3. Setup component patching is lossy: clean-config.sh modifies Adobe's Setup binary in-place; no automatic rollback if patching corrupts it. 4. Download directory cannot be on external disks: README explicitly warns against USB/external HDD (permission issues); no code-level prevention, just documentation. 5. No sandboxing: app requires Full Disk Access + Network entitlements (Adobe Downloader.entitlements); will fail silently if not granted. 6. Python/shell scripts are not signed: if system blocks unsigned scripts, installation silently fails; no clear error message.

• macOS SMAppService Daemon — Adobe Downloader v2.1+ uses SMAppService to run privileged operations (Setup patching, service deletion) without repeated password prompts. Understanding this replaces older SMJobBless; critical for why the Helper system exists.
• XPC (Inter-Process Communication) — SMAppServiceDaemonHelperManager.swift communicates with the Helper daemon via XPC; understanding XPC protocol and message serialization is needed to debug privilege elevation failures.
• macOS Code Signing & Entitlements — Adobe Downloader.entitlements defines Full Disk Access and network entitlements; without proper signing, Helper installation fails silently. Essential for distribution and user installation.
• URLSession Concurrent Download Management — NewNetworkService.swift manages multiple parallel Adobe app downloads; understanding URLSessionDownloadDelegate, byte-range requests, and concurrent limits prevents memory exhaustion and network timeouts.
• Binary Patching & Mach-O Format — clean-config.sh patches Adobe's Setup executable to remove license checks; understanding Mach-O headers and section manipulation prevents corrupting the Setup binary and causing silent installation failures.
• SwiftUI Observable Objects & Published — CheckForUpdatesViewModel.swift and NewDownloadTask.swift use @Published and @ObservedObject for reactive state binding to the UI; core pattern for ContentView.swift reactivity.
• Adobe Setup Component Architecture — The entire installation feature depends on understanding Adobe's proprietary Setup binary format, license verification flow, and why the 2700 error occurs. Not documented publicly; reverse-engineered in this repo.

• QiuChenly/InjectLib — Direct dependency cited in README; provides the Setup component patching mechanism that enables installation without 2700 errors.
• dosdude1/adobe-patcher — Alternative macOS Adobe patcher; similar goal of bypassing Adobe setup validation, but older and less integrated with downloader workflow.
• adobe/cloud-sdk-samples — Official Adobe SDK samples; useful for understanding Adobe's product metadata APIs if you need to enhance version/language discovery logic.
• MacAdmins/Adobe-Deployment-Tool — Enterprise Adobe deployment tool for macOS; complementary approach using official Adobe APIs; relevant if adding batch/headless deployment features.
• gitstore/SwiftUI-MVVM — Reference architecture for SwiftUI + MVVM state management; Adobe Downloader's ViewModel pattern (CheckForUpdatesViewModel.swift) follows this model.

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add Unit Tests for NewJSONParser.swift and NewNetworkService.swift

The repo has critical data parsing and network communication logic in Adobe Downloader/Utils/NewJSONParser.swift and Adobe Downloader/Services/NewNetworkService.swift, but no visible test files. These are high-risk areas for bugs since they handle API responses from Adobe's servers. Adding XCTest cases would catch regressions in JSON parsing (especially for different Adobe product versions) and network error handling.

• [ ] Create Adobe DownloaderTests directory with JSONParserTests.swift
• [ ] Add test cases for NewJSONParser.swift covering valid/invalid JSON, missing fields, and version mismatches
• [ ] Create NetworkServiceTests.swift with mock URLSession tests for different HTTP responses
• [ ] Test error handling paths in NewNetworkService.swift (timeouts, 404s, SSL errors)
• [ ] Add tests to the Adobe Downloader.xcodeproj build scheme

Add GitHub Actions CI Workflow for macOS Build Verification

The repo contains an Xcode project (Adobe Downloader.xcodeproj) but has no visible CI workflow to catch build breakage. Since this is a macOS/Swift application with multiple build targets and schemes, automated xcodebuild verification would prevent contributors from introducing compile-time errors. A .github/workflows/macos-build.yml would ensure PR submissions stay buildable.

• [ ] Create .github/workflows/macos-build.yml with xcodebuild commands
• [ ] Configure workflow to build the 'Adobe Downloader' scheme for macOS 13.0+ deployment target
• [ ] Add linting step to catch Swift style issues (swift-format or SwiftLint)
• [ ] Test against macOS 13.0 and latest macOS SDK in the workflow
• [ ] Document build requirements in README or CONTRIBUTING.md

Refactor and Document PrivilegedHelperAdapter.swift and SMAppServiceDaemonHelperManager.swift Helper System

The HelperManager directory contains multiple helper implementations (SMJobBlessHelperManager.swift, SMAppServiceDaemonHelperManager.swift, PrivilegedHelperAdapter.swift) but the README mentions a major rewrite in v2.1 without technical documentation. The elevation/privilege system is complex and error-prone. Creating a HelperManager/README.md with architecture diagrams and refactoring the adapter pattern would improve maintainability and help contributors understand the privilege escalation flow.

• [ ] Create Adobe Downloader/HelperManager/README.md documenting the helper architecture, differences between SMAppService and SMJobBless approaches
• [ ] Add code comments to PrivilegedHelperAdapter.swift explaining the XPC communication protocol and entitlements requirements
• [ ] Extract common helper logic from SMAppServiceDaemonHelperManager.swift and SMJobBlessHelperManager.swift into a shared protocol/base class
• [ ] Document the relationship between Adobe Downloader.entitlements and helper manager selection
• [ ] Add inline documentation for error codes and HelperExecutionLogStore.swift log format

• Add unit tests for NewNetworkService.swift: currently no test files visible; add URLSession mocking tests for download retry logic, concurrent download limits, and progress callback accuracy.
• Improve error messaging in Models/CheckForUpdatesViewModel.swift: implement detailed error code → user message mapping (e.g., 2700 → 'Adobe Setup needs patching'; network timeout → 'check internet'). Currently buried in logs.
• Add download pause/resume UI controls: NewDownloadTask.swift has state model but ContentView.swift lacks UI buttons to pause in-flight downloads and resume from last byte-range; implement via URLSessionDownloadTask suspension.

• High · Privileged Helper Tool Without Proper Validation — Adobe Downloader/HelperManager/SMJobBlessHelperManager.swift, Adobe Downloader/HelperManager/SMAppServiceDaemonHelperManager.swift, AdobeDownloaderHelperTool/. The application uses a privileged helper tool (AdobeDownloaderHelperTool) that runs with elevated privileges. The presence of SMJobBlessHelperManager and SMAppServiceDaemonHelperManager suggests privilege escalation mechanisms. Without visible code review, there's risk of privilege escalation attacks if the helper doesn't properly validate incoming requests or has exploitable code paths. Fix: Implement strict input validation for all IPC communication with the helper tool. Use code signing verification, validate all parameters, implement rate limiting, and regularly audit the helper tool code for vulnerabilities. Consider using XPC service connections with proper entitlements.
• High · Automatic File Modification Without User Consent Tracking — Adobe Downloader/Utils/ModifySetup.swift, Adobe Downloader/Utils/InstallManager.swift. The ModifySetup.swift utility automatically modifies Adobe Setup programs. The README mentions 'the program modifies Adobe Setup programs automatically without user intervention'. This could be abused if an attacker compromises the application to inject malicious modifications into legitimate Adobe installers. Fix: Implement comprehensive logging of all modifications made to Adobe Setup files. Add a verification step showing users exactly what will be modified before proceeding. Implement file integrity checking and code signing verification of Setup files before and after modification.
• High · Network Communication Without Visible TLS/Security Validation — Adobe Downloader/Services/NewNetworkService.swift, Adobe Downloader/Utils/NetworkManager.swift, Adobe Downloader/Utils/ChunkedDownloadManager.swift. Multiple network-related files (NewNetworkService.swift, NetworkManager.swift, ChunkedDownloadManager.swift) handle downloading Adobe applications. Without visible code inspection, there's risk of man-in-the-middle attacks if TLS validation is not properly implemented or if certificate pinning is absent. Fix: Ensure all network requests use TLS 1.2+. Implement certificate pinning for Adobe's servers. Validate SSL/TLS certificates properly. Use URLSession with appropriate security policies. Log all network errors for auditing.
• Medium · Sensitive Data Persistence Without Encryption — Adobe Downloader/Storages/StorageData.swift, Adobe Downloader/Utils/TaskPersistenceManager.swift. StorageData.swift and TaskPersistenceManager.swift handle data persistence. There's no visible indication of encryption for stored sensitive data like download progress, task information, or credentials that might be cached. Fix: Encrypt all sensitive data at rest using Keychain (for credentials) and Data Protection API. Ensure proper file permissions are set. Use CryptoKit for encryption if required. Never store credentials in plain text.
• Medium · Helper Tool Entitlements May Be Over-Privileged — AdobeDownloaderHelperTool/AdobeDownloaderHelperTool.entitlements. The helper tool (AdobeDownloaderHelperTool.entitlements) is configured with privileges to run Adobe installers. Over-privileged entitlements can increase attack surface if the helper is compromised. Fix: Review and minimize entitlements to only what's strictly necessary. Use sandboxing where possible. Implement capability-based security. Document why each entitlement is required.
• Medium · No Visible Code Signing Verification — Adobe Downloader/Utils/InstallManager.swift, Adobe Downloader/Utils/NewDownloadUtils.swift. The application downloads and executes Adobe installers, but there's no visible verification of digital signatures or code signing of downloaded binaries in the provided file structure. Fix: Implement code signature verification for all downloaded Adobe installers using SecCode APIs. Verify that signatures match Adobe's official certificates. Implement checksum/hash verification as an additional layer.
• Medium · Insufficient Input Validation for Custom Downloads — Adobe Downloader/Views/NavigationCustomDownloadView.swift, Adobe Downloader/Views/Custom. NavigationCustomDownloadView.swift and CustomSettingsView.swift handle user input for custom downloads. Without visible validation, there's risk of path traversal or injection attacks. Fix: undefined

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.