Escape init config project names

[ayskobtw-lil]

Summary

• Serialize sh1pt init project names as valid TypeScript string literals
• Add focused coverage for apostrophes and escaped newline characters in generated config

Closes #493.

Verification

• npx --yes pnpm@9.12.0 exec vitest run packages/cli/src/commands/init-template.test.ts
• npx --yes pnpm@9.12.0 --filter @profullstack/sh1pt typecheck

Bounty trail

This is a focused bug fix for the ugig bounty asking for sh1pt bugs plus PRs: https://ugig.net/bounties/c3137a9d-de39-4c1e-b48a-3df804c32bdf

[greptile-apps]

Greptile Summary

This PR fixes a bug where project names containing apostrophes or control characters would produce syntactically invalid TypeScript when written to sh1pt.config.ts by sh1pt init. It also bundles several hardening improvements across the Vultr, Flatpak, Snap, and winget adapters.

• init.ts: Replaces '${name}' template interpolation with JSON.stringify(name), correctly escaping apostrophes, newlines, backslashes, and double quotes in the generated config file.
• vultr/index.ts: Wraps JSON.parse in a try/catch so that non-JSON error responses (e.g. a plain-text 503 page) surface a meaningful error instead of crashing with a parse error.
• pkg-flatpak, pkg-snap, pkg-winget: Tightens ID/name validators (consecutive-hyphen check for Snap, letter-first segment requirement for Flatpak), moves validation earlier in call paths, and removes duplicate validator functions that had accumulated at the bottoms of each file.

Confidence Score: 5/5

Safe to merge — all changes are additive fixes or tightened validators with no breaking surface area.

The init template fix is a one-line, well-tested change. The Vultr JSON parse guard is narrowly scoped to error paths. The validator consolidations remove duplicated code that was already unreachable in the old layout. Every changed behaviour is covered by a new test. No data migrations, no public API changes, no auth-boundary modifications.

No files require special attention.

Important Files Changed

Filename	Overview
packages/cli/src/commands/init.ts	Core fix: CONFIG_TEMPLATE now uses JSON.stringify(name) instead of template interpolation, correctly escaping apostrophes, newlines, backslashes, and double quotes in project names. Function is also exported for testing.
packages/cli/src/commands/init-template.test.ts	New test file covering apostrophes, control characters, double quotes, and backslashes in project names — all three cases exercise JSON.stringify serialization semantics correctly.
packages/cloud/vultr/src/index.ts	Wraps JSON.parse in a try/catch: non-JSON error bodies (e.g. HTML 503 pages) now produce a synthetic { message } object rather than throwing a parser error, while OK responses with invalid JSON still rethrow.
packages/targets/pkg-flatpak/src/index.ts	Tightens segment regex to require each Flatpak ID segment to start with a letter (rejects e.g. com.123.App); removes a now-duplicate validateAppId function that appeared further down the file.
packages/targets/pkg-snap/src/index.ts	Adds a consecutive-hyphen check (--) to validateSnapName, moves validation inside renderSnapcraftYaml for defensive coverage, and removes a stale duplicate validator from the bottom of the file.
packages/targets/pkg-winget/src/index.ts	Removes the older duplicate validatePackageId at the bottom, leaving the consolidated version at the top that checks for leading/trailing dots and empty segments, effectively blocking path traversal characters via the segment regex.

_{Reviews (5): Last reviewed commit: "Address snap validation review" | Re-trigger Greptile}

[ayskobtw-lil]

Added the extra escaping coverage Greptile suggested in 83f963c: double quotes and backslashes are now asserted against the JSON.stringify contract.

Verification:

• npx --yes pnpm@9.12.0 exec vitest run packages/cli/src/commands/init-template.test.ts -> 3 passed
• npx --yes pnpm@9.12.0 --filter @profullstack/sh1pt typecheck -> passed

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[ayskobtw-lil]

Pushed a fix for the failing test workflow in 13a37df. The failure was in the Vultr adapter full-suite path, where non-JSON error responses were parsed before checking response.ok. This now preserves the API error message instead of throwing a parser error, with a regression test.\n\nVerification:\n- npx --yes pnpm@9.12.0 exec vitest run packages/cloud/vultr/src/index.test.ts -> 5 passed\n- npx --yes pnpm@9.12.0 --filter @profullstack/sh1pt-cloud-vultr typecheck -> passed\n\nI also ran the full local test suite earlier; the original Vultr failure is gone locally, and the remaining local failures are Windows/tooling path expectations unrelated to this PR.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[ayskobtw-lil]

Update: I pushed the same package-validator cleanup that was breaking the full-suite test workflow, so this PR should no longer fail on the unrelated pkg-flatpak/pkg-snap/pkg-winget duplicate symbol errors.\n\nOriginal #494 scope remains:\n- escape generated init config project names with JSON.stringify\n- surface non-JSON Vultr error responses instead of throwing a parser error\n\nAdditional CI-unblock scope:\n- remove duplicate pkg-flatpak/pkg-winget validators\n- keep the pkg-snap validator review fixes so the full suite can import all package targets\n\nVerification:\n- npx --yes pnpm@9.12.0 exec vitest run packages/cli/src/commands/init-template.test.ts packages/cloud/vultr/src/index.test.ts packages/targets/pkg-flatpak/src/index.test.ts packages/targets/pkg-winget/src/index.test.ts packages/targets/pkg-snap/src/index.test.ts -> 30 passed\n- npx --yes pnpm@9.12.0 --filter @profullstack/sh1pt --filter @profullstack/sh1pt-cloud-vultr --filter @profullstack/sh1pt-target-pkg-flatpak --filter @profullstack/sh1pt-target-pkg-winget --filter @profullstack/sh1pt-target-pkg-snap typecheck -> passed

[ayskobtw-lil]

Follow-up: I rebased this branch onto current master to clear GitHub's merge-conflict state, then reran the focused checks.\n\nVerification after rebase:\n- npx --yes pnpm@9.12.0 exec vitest run packages/cli/src/commands/init-template.test.ts packages/cloud/vultr/src/index.test.ts packages/targets/pkg-flatpak/src/index.test.ts packages/targets/pkg-winget/src/index.test.ts packages/targets/pkg-snap/src/index.test.ts -> 30 passed\n- npx --yes pnpm@9.12.0 --filter @profullstack/sh1pt --filter @profullstack/sh1pt-cloud-vultr --filter @profullstack/sh1pt-target-pkg-flatpak --filter @profullstack/sh1pt-target-pkg-winget --filter @profullstack/sh1pt-target-pkg-snap typecheck -> passed

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.

[github-actions]

🤖 Auto-rebase: The branch was rebased successfully locally but could not be pushed to the fork. Please enable 'Allow edits from maintainers' in the PR settings, or rebase manually: git fetch upstream master && git rebase upstream/master.