gplay compliance datasafety set

Push the canonical Data Safety CSV (--file, default ./compliance/data-safety.csv) to Google as the app's Data Safety declaration. The declaration is write-only and replaces the whole document — a direct POST outside the Edits model (ADR-0014). gplay cannot read it back; only this POST validates the contents.

set runs validate implicitly first, so a structurally invalid CSV never reaches the network. Use --dry-run to rehearse the write — it validates the CSV, resolves the target package and Account, and reports "would POST N bytes / N rows to <package>" without any network call (and without needing --confirm).

The real write requires --confirm (a stale or wrong declaration can block releases or misstate your data practices); without it set refuses, exits 2, and points here. CI=true does NOT auto-confirm. --output json passes the API response through verbatim (or, when the API returns an empty body, a gplay-shaped success object).

Usage

  gplay compliance datasafety set [flags]

Flags

Flag	Description
--confirm	authorize the real write (replaces the live Data Safety declaration)
--dry-run	rehearse the write (validate + resolve target + report size) without any HTTP call
--file string	path to the canonical Data Safety CSV to push (default "./compliance/data-safety.csv")
--output string	output format: table, json, or markdown (default: auto — table on TTY, json in pipes/CI)
--package string	Android package name (overrides .gplay/config.json pin)

Global flags

Flag	Description
--account string	name of a stored Account to use (overrides env and active Account)
--retry int	retry transient failures (transport errors, 5xx, 429) up to N times with exponential backoff (default: 0, no retry)
--service-account string	path to a service-account JSON, or inline JSON content (overrides --account, env, and active Account)
--timeout duration	per-request API timeout, e.g. 30s or 2m (default: 60s for control-plane calls, none for uploads)
-v, --verbose	log flow steps to stderr (info level)