fix: prepare v0.2.2-beta keychain hotfix

[D1a0y1bb]

Summary

• bump local preview version and generated Xcode project to 0.2.2-beta build 28
• add v0.2.2-beta release notes for the audit assistant Keychain hotfix
• remove stale legacy audit assistant Keychain entries when a provider-specific key already exists
• add a regression test for stale legacy cleanup during migration checks

Validation

• git diff --check
• xcodegen generate --spec PitcherPlantApp/project.yml
• swift test --package-path PitcherPlantApp --filter keychainCredential
• swift test --package-path PitcherPlantApp
• xcodebuild -project PitcherPlantApp/PitcherPlantApp.xcodeproj -scheme PitcherPlantApp -configuration Debug -destination 'platform=macOS' build

Summary by CodeRabbit

• Bug Fixes
  • Improved API key cleanup to remove legacy keychain entries and stale duplicates during migration.
• Versioning
  • App updated to v0.2.2-beta (build version incremented).
• Tests
  • Added automated test ensuring legacy credentials are removed when a target credential already exists.
• Documentation
  • Updated release notes detailing beta-channel behavior and distribution notes.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 0eec51ab-9b18-4362-b792-a0c4212b88ce

📥 Commits

Reviewing files that changed from the base of the PR and between 6d48f44 and a1ca58f.

📒 Files selected for processing (1)

• PitcherPlantApp/Sources/PitcherPlantApp/Core/AuditAssistantService.swift

🚧 Files skipped from review as they are similar to previous changes (1)

• PitcherPlantApp/Sources/PitcherPlantApp/Core/AuditAssistantService.swift

---

📝 Walkthrough

Walkthrough

v0.2.2-beta updates Xcode/project project version fields, adjusts AuditAssistant credential-migration to remove stale legacy Keychain entries when the normalized target already exists, adds a test validating that behavior, and adds release notes for v0.2.2-beta.

Changes

v0.2.2-beta Hotfix Release

Layer / File(s)	Summary
Credential migration contract and existence checks PitcherPlantApp/Sources/PitcherPlantApp/Core/AuditAssistantService.swift	migrateLegacyDefaultCredentialIfNeeded(to:) now normalizes the provided id to derive targetID, separates checks for legacy presence and target absence, and deletes the legacy credential when the target credential already exists before returning false.
Behavioral test for stale-legacy cleanup PitcherPlantApp/Tests/PitcherPlantAppTests/AuditAssistantServiceTests.swift	New test keychainCredentialMigrationRemovesStaleLegacyWhenTargetExists sets up store with both target and legacy IDs, asserts the migration returns false, asserts the target value is preserved, and asserts the legacy credential was removed.
Versioning bump and release notes PitcherPlantApp/project.yml, PitcherPlantApp/PitcherPlantApp.xcodeproj/project.pbxproj, PitcherPlantApp/ReleaseNotes/v0.2.2-beta.md	CURRENT_PROJECT_VERSION incremented from 27 → 28 and MARKETING_VERSION bumped 0.2.1-beta → 0.2.2-beta in Debug and Release build configs; added v0.2.2-beta release notes describing the hotfix scope and distribution/validation notes.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• D1a0y1bb/PitcherPlant#11: Modifies migrateLegacyDefaultCredentialIfNeeded(to:) and related tests to ensure removal of legacy Keychain entries during migration.

Poem

🐰 I hopped through Keychain fields with nimble, careful feet,
I nudged a legacy key away and left the target neat.
Versions bumped, the tests agree — no stale keys to be found,
v0.2.2-beta hops along, all tidy and sound. 🎋

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix: prepare v0.2.2-beta keychain hotfix' is clear, specific, and accurately summarizes the main objective: preparing a hotfix release for v0.2.2-beta focused on Keychain credential cleanup.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch D1a0y1bb/release-v0.2.2-beta

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@PitcherPlantApp/Sources/PitcherPlantApp/Core/AuditAssistantService.swift`:
- Around line 509-518: The current branch in AuditAssistantService where the
target credential already exists uses try deleteIfPresent(id:
Self.legacyDefaultCredentialID) which can throw and block returning a valid
target; change this to a best-effort cleanup by invoking deleteIfPresent(id:)
inside a do-catch (or using try? ) so any error is swallowed or logged but not
rethrown, then still return false; update the code around
normalizedCredentialID, exists(id:), and deleteIfPresent(id:) to ensure deletion
failures do not propagate.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 25ae83ca-b25f-479d-878d-2d0152c7dc4e

📥 Commits

Reviewing files that changed from the base of the PR and between bca9e4a and 6d48f44.

📒 Files selected for processing (5)

• PitcherPlantApp/PitcherPlantApp.xcodeproj/project.pbxproj
• PitcherPlantApp/ReleaseNotes/v0.2.2-beta.md
• PitcherPlantApp/Sources/PitcherPlantApp/Core/AuditAssistantService.swift
• PitcherPlantApp/Tests/PitcherPlantAppTests/AuditAssistantServiceTests.swift
• PitcherPlantApp/project.yml