@capgo/capacitor-updater 7.23.3 → 7.24.0

package/android/src/main/java/ee/forgr/capacitor_updater/CapacitorUpdaterPlugin.java

@@ -71,7 +71,7 @@ public class CapacitorUpdaterPlugin extends Plugin {
     private static final String[] BREAKING_EVENT_NAMES = { "breakingAvailable", "majorAvailable" };
     private static final String LAST_FAILED_BUNDLE_PREF_KEY = "CapacitorUpdater.lastFailedBundle";
 
-    private final String PLUGIN_VERSION = "7.23.3";
+    private final String pluginVersion = "7.24.0";
     private static final String DELAY_CONDITION_PREFERENCES = "";
 
     private SharedPreferences.Editor editor;
@@ -81,7 +81,6 @@ public class CapacitorUpdaterPlugin extends Plugin {
     private Boolean persistModifyUrl = false;
 
     private Integer appReadyTimeout = 10000;
-    private Integer counterActivityCreate = 0;
     private Integer periodCheckDelay = 0;
     private Boolean autoDeleteFailed = true;
     private Boolean autoDeletePrevious = true;
@@ -190,7 +189,6 @@ public class CapacitorUpdaterPlugin extends Plugin {
     @Override
     public void load() {
         super.load();
-        this.counterActivityCreate++;
         this.prefs = this.getContext().getSharedPreferences(WebView.WEBVIEW_PREFS_NAME, Activity.MODE_PRIVATE);
         this.editor = this.prefs.edit();
 
@@ -221,7 +219,7 @@ public class CapacitorUpdaterPlugin extends Plugin {
             this.implementation.activity = this.getActivity();
             this.implementation.versionBuild = this.getConfig().getString("version", pInfo.versionName);
             this.implementation.CAP_SERVER_PATH = WebView.CAP_SERVER_PATH;
-            this.implementation.PLUGIN_VERSION = this.PLUGIN_VERSION;
+            this.implementation.pluginVersion = this.pluginVersion;
             this.implementation.versionCode = Integer.toString(pInfo.versionCode);
             // Removed unused OkHttpClient creation - using shared client in DownloadService instead
             // Handle directUpdate configuration - support string values and backward compatibility
@@ -310,12 +308,11 @@ public class CapacitorUpdaterPlugin extends Plugin {
         this.implementation.prefs = this.prefs;
         this.implementation.editor = this.editor;
         this.implementation.versionOs = Build.VERSION.RELEASE;
-        this.implementation.deviceID = this.prefs.getString("appUUID", UUID.randomUUID().toString()).toLowerCase();
-        this.editor.putString("appUUID", this.implementation.deviceID);
-        this.editor.apply();
+        // Use DeviceIdHelper to get or create device ID that persists across reinstalls
+        this.implementation.deviceID = DeviceIdHelper.getOrCreateDeviceId(this.getContext(), this.prefs);
 
         // Update User-Agent for shared OkHttpClient with OS version
-        DownloadService.updateUserAgent(this.implementation.appId, this.PLUGIN_VERSION, this.implementation.versionOs);
+        DownloadService.updateUserAgent(this.implementation.appId, this.pluginVersion, this.implementation.versionOs);
 
         if (Boolean.TRUE.equals(this.persistCustomId)) {
             final String storedCustomId = this.prefs.getString(CUSTOM_ID_PREF_KEY, "");
@@ -358,6 +355,11 @@ public class CapacitorUpdaterPlugin extends Plugin {
         if (resetWhenUpdate) {
             this.cleanupObsoleteVersions();
         }
+
+        // Check for 'kill' delay condition on app launch
+        // This handles cases where the app was killed by the system (onDestroy is not reliable)
+        this.delayUpdateUtils.checkCancelDelay(DelayUpdateUtils.CancelDelaySource.KILLED);
+
         this.checkForUpdateAfterDelay();
     }
 
@@ -807,7 +809,7 @@ public class CapacitorUpdaterPlugin extends Plugin {
     public void getPluginVersion(final PluginCall call) {
         try {
             final JSObject ret = new JSObject();
-            ret.put("version", this.PLUGIN_VERSION);
+            ret.put("version", this.pluginVersion);
             call.resolve(ret);
         } catch (final Exception e) {
             logger.error("Could not get plugin version " + e.getMessage());
@@ -1911,6 +1913,11 @@ public class CapacitorUpdaterPlugin extends Plugin {
         ) {
             this.backgroundDownloadTask = this.backgroundDownload();
         } else {
+            final CapConfig config = CapConfig.loadDefault(this.getActivity());
+            String serverUrl = config.getServerUrl();
+            if (serverUrl != null && !serverUrl.isEmpty()) {
+                CapacitorUpdaterPlugin.this.implementation.sendStats("blocked_by_server_url", current.getVersionName());
+            }
             logger.info("Auto update is disabled");
             this.sendReadyToJs(current, "disabled");
         }
@@ -1981,11 +1988,6 @@ public class CapacitorUpdaterPlugin extends Plugin {
         }
     }
 
-    private void appKilled() {
-        logger.debug("onActivityDestroyed: all activity destroyed");
-        this.delayUpdateUtils.checkCancelDelay(DelayUpdateUtils.CancelDelaySource.KILLED);
-    }
-
     @Override
     public void handleOnStart() {
         try {
@@ -2049,10 +2051,6 @@ public class CapacitorUpdaterPlugin extends Plugin {
         try {
             logger.info("onActivityDestroyed " + getActivity().getClass().getName());
             this.implementation.activity = getActivity();
-            counterActivityCreate--;
-            if (counterActivityCreate == 0) {
-                this.appKilled();
-            }
 
             // Clean up shake menu
             if (shakeMenu != null) {

package/android/src/main/java/ee/forgr/capacitor_updater/CapgoUpdater.java

@@ -66,7 +66,7 @@ public class CapgoUpdater {
     public File documentsDir;
     public Boolean directUpdate = false;
     public Activity activity;
-    public String PLUGIN_VERSION = "";
+    public String pluginVersion = "";
     public String versionBuild = "";
     public String versionCode = "";
     public String versionOs = "";
@@ -81,6 +81,12 @@ public class CapgoUpdater {
     public String deviceID = "";
     public int timeout = 20000;
 
+    // Flag to track if we received a 429 response - stops requests until app restart
+    private static volatile boolean rateLimitExceeded = false;
+
+    // Flag to track if we've already sent the rate limit statistic - prevents infinite loop
+    private static volatile boolean rateLimitStatisticSent = false;
+
     private final Map<String, CompletableFuture<BundleInfo>> downloadFutures = new ConcurrentHashMap<>();
     private final ExecutorService io = Executors.newSingleThreadExecutor();
 
@@ -347,7 +353,7 @@ public class CapgoUpdater {
             manifest != null,
             this.isEmulator(),
             this.appId,
-            this.PLUGIN_VERSION
+            this.pluginVersion
         );
 
         if (manifest != null) {
@@ -769,13 +775,66 @@ public class CapgoUpdater {
         json.put("version_code", this.versionCode);
         json.put("version_os", this.versionOs);
         json.put("version_name", this.getCurrentBundle().getVersionName());
-        json.put("plugin_version", this.PLUGIN_VERSION);
+        json.put("plugin_version", this.pluginVersion);
         json.put("is_emulator", this.isEmulator());
         json.put("is_prod", this.isProd());
         json.put("defaultChannel", this.defaultChannel);
         return json;
     }
 
+    /**
+     * Check if a 429 (Too Many Requests) response was received and set the flag
+     */
+    private boolean checkAndHandleRateLimitResponse(Response response) {
+        if (response.code() == 429) {
+            // Send a statistic about the rate limit BEFORE setting the flag
+            // Only send once to prevent infinite loop if the stat request itself gets rate limited
+            if (!rateLimitExceeded && !rateLimitStatisticSent) {
+                rateLimitStatisticSent = true;
+                sendRateLimitStatistic();
+            }
+            rateLimitExceeded = true;
+            logger.warn("Rate limit exceeded (429). Stopping all stats and channel requests until app restart.");
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * Send a synchronous statistic about rate limiting
+     */
+    private void sendRateLimitStatistic() {
+        String statsUrl = this.statsUrl;
+        if (statsUrl == null || statsUrl.isEmpty()) {
+            return;
+        }
+
+        try {
+            BundleInfo current = this.getCurrentBundle();
+            JSONObject json = this.createInfoObject();
+            json.put("version_name", current.getVersionName());
+            json.put("old_version_name", "");
+            json.put("action", "rate_limit_reached");
+
+            Request request = new Request.Builder()
+                .url(statsUrl)
+                .post(RequestBody.create(json.toString(), MediaType.get("application/json")))
+                .build();
+
+            // Send synchronously to ensure it goes out before the flag is set
+            // User-Agent header is automatically added by DownloadService.sharedClient interceptor
+            try (Response response = DownloadService.sharedClient.newCall(request).execute()) {
+                if (response.isSuccessful()) {
+                    logger.info("Rate limit statistic sent");
+                } else {
+                    logger.error("Error sending rate limit statistic: " + response.code());
+                }
+            }
+        } catch (final Exception e) {
+            logger.error("Failed to send rate limit statistic: " + e.getMessage());
+        }
+    }
+
     private void makeJsonRequest(String url, JSONObject jsonBody, Callback callback) {
         MediaType JSON = MediaType.get("application/json; charset=utf-8");
         RequestBody body = RequestBody.create(jsonBody.toString(), JSON);
@@ -797,6 +856,15 @@ public class CapgoUpdater {
                     @Override
                     public void onResponse(@NonNull Call call, @NonNull Response response) throws IOException {
                         try (ResponseBody responseBody = response.body()) {
+                            // Check for 429 rate limit
+                            if (checkAndHandleRateLimitResponse(response)) {
+                                Map<String, Object> retError = new HashMap<>();
+                                retError.put("message", "Rate limit exceeded");
+                                retError.put("error", "rate_limit_exceeded");
+                                callback.callback(retError);
+                                return;
+                            }
+
                             if (!response.isSuccessful()) {
                                 Map<String, Object> retError = new HashMap<>();
                                 retError.put("message", "Server error: " + response.code());
@@ -865,6 +933,16 @@ public class CapgoUpdater {
     }
 
     public void unsetChannel(final Callback callback) {
+        // Check if rate limit was exceeded
+        if (rateLimitExceeded) {
+            logger.debug("Skipping unsetChannel due to rate limit (429). Requests will resume after app restart.");
+            final Map<String, Object> retError = new HashMap<>();
+            retError.put("message", "Rate limit exceeded");
+            retError.put("error", "rate_limit_exceeded");
+            callback.callback(retError);
+            return;
+        }
+
         String channelUrl = this.channelUrl;
         if (channelUrl == null || channelUrl.isEmpty()) {
             logger.error("Channel URL is not set");
@@ -906,6 +984,15 @@ public class CapgoUpdater {
                     @Override
                     public void onResponse(@NonNull Call call, @NonNull Response response) throws IOException {
                         try (ResponseBody responseBody = response.body()) {
+                            // Check for 429 rate limit
+                            if (checkAndHandleRateLimitResponse(response)) {
+                                Map<String, Object> retError = new HashMap<>();
+                                retError.put("message", "Rate limit exceeded");
+                                retError.put("error", "rate_limit_exceeded");
+                                callback.callback(retError);
+                                return;
+                            }
+
                             if (!response.isSuccessful()) {
                                 Map<String, Object> retError = new HashMap<>();
                                 retError.put("message", "Server error: " + response.code());
@@ -950,6 +1037,16 @@ public class CapgoUpdater {
     }
 
     public void setChannel(final String channel, final Callback callback) {
+        // Check if rate limit was exceeded
+        if (rateLimitExceeded) {
+            logger.debug("Skipping setChannel due to rate limit (429). Requests will resume after app restart.");
+            final Map<String, Object> retError = new HashMap<>();
+            retError.put("message", "Rate limit exceeded");
+            retError.put("error", "rate_limit_exceeded");
+            callback.callback(retError);
+            return;
+        }
+
         String channelUrl = this.channelUrl;
         if (channelUrl == null || channelUrl.isEmpty()) {
             logger.error("Channel URL is not set");
@@ -976,6 +1073,16 @@ public class CapgoUpdater {
     }
 
     public void getChannel(final Callback callback) {
+        // Check if rate limit was exceeded
+        if (rateLimitExceeded) {
+            logger.debug("Skipping getChannel due to rate limit (429). Requests will resume after app restart.");
+            final Map<String, Object> retError = new HashMap<>();
+            retError.put("message", "Rate limit exceeded");
+            retError.put("error", "rate_limit_exceeded");
+            callback.callback(retError);
+            return;
+        }
+
         String channelUrl = this.channelUrl;
         if (channelUrl == null || channelUrl.isEmpty()) {
             logger.error("Channel URL is not set");
@@ -1017,6 +1124,15 @@ public class CapgoUpdater {
                     @Override
                     public void onResponse(@NonNull Call call, @NonNull Response response) throws IOException {
                         try (ResponseBody responseBody = response.body()) {
+                            // Check for 429 rate limit
+                            if (checkAndHandleRateLimitResponse(response)) {
+                                Map<String, Object> retError = new HashMap<>();
+                                retError.put("message", "Rate limit exceeded");
+                                retError.put("error", "rate_limit_exceeded");
+                                callback.callback(retError);
+                                return;
+                            }
+
                             if (response.code() == 400) {
                                 assert responseBody != null;
                                 String data = responseBody.string();
@@ -1074,6 +1190,16 @@ public class CapgoUpdater {
     }
 
     public void listChannels(final Callback callback) {
+        // Check if rate limit was exceeded
+        if (rateLimitExceeded) {
+            logger.debug("Skipping listChannels due to rate limit (429). Requests will resume after app restart.");
+            final Map<String, Object> retError = new HashMap<>();
+            retError.put("message", "Rate limit exceeded");
+            retError.put("error", "rate_limit_exceeded");
+            callback.callback(retError);
+            return;
+        }
+
         String channelUrl = this.channelUrl;
         if (channelUrl == null || channelUrl.isEmpty()) {
             logger.error("Channel URL is not set");
@@ -1114,6 +1240,15 @@ public class CapgoUpdater {
                     @Override
                     public void onResponse(@NonNull Call call, @NonNull Response response) throws IOException {
                         try (ResponseBody responseBody = response.body()) {
+                            // Check for 429 rate limit
+                            if (checkAndHandleRateLimitResponse(response)) {
+                                Map<String, Object> retError = new HashMap<>();
+                                retError.put("message", "Rate limit exceeded");
+                                retError.put("error", "rate_limit_exceeded");
+                                callback.callback(retError);
+                                return;
+                            }
+
                             if (!response.isSuccessful()) {
                                 Map<String, Object> retError = new HashMap<>();
                                 retError.put("message", "Server error: " + response.code());
@@ -1185,6 +1320,12 @@ public class CapgoUpdater {
     }
 
     public void sendStats(final String action, final String versionName, final String oldVersionName) {
+        // Check if rate limit was exceeded
+        if (rateLimitExceeded) {
+            logger.debug("Skipping sendStats due to rate limit (429). Stats will resume after app restart.");
+            return;
+        }
+
         String statsUrl = this.statsUrl;
         if (statsUrl == null || statsUrl.isEmpty()) {
             return;
@@ -1217,6 +1358,11 @@ public class CapgoUpdater {
                     @Override
                     public void onResponse(@NonNull Call call, @NonNull Response response) throws IOException {
                         try (ResponseBody responseBody = response.body()) {
+                            // Check for 429 rate limit
+                            if (checkAndHandleRateLimitResponse(response)) {
+                                return;
+                            }
+
                             if (response.isSuccessful()) {
                                 logger.info("Stats send for \"" + action + "\", version " + versionName);
                             } else {

package/android/src/main/java/ee/forgr/capacitor_updater/DeviceIdHelper.java

@@ -0,0 +1,221 @@
+/*
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at https://mozilla.org/MPL/2.0/.
+ */
+
+package ee.forgr.capacitor_updater;
+
+import android.content.Context;
+import android.content.SharedPreferences;
+import android.os.Build;
+import android.security.keystore.KeyGenParameterSpec;
+import android.security.keystore.KeyProperties;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.UnrecoverableEntryException;
+import java.security.cert.CertificateException;
+import java.util.UUID;
+import javax.crypto.Cipher;
+import javax.crypto.KeyGenerator;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.GCMParameterSpec;
+
+/**
+ * Helper class to manage device ID persistence across app installations.
+ * Uses Android Keystore to persist the device ID across reinstalls.
+ *
+ * The device ID is a random UUID stored in the Android Keystore, which persists
+ * even after app uninstall/reinstall on Android 6.0+ (API 23+).
+ */
+public class DeviceIdHelper {
+
+    private static final String KEYSTORE_ALIAS = "capgo_device_id_key";
+    private static final String ANDROID_KEYSTORE = "AndroidKeyStore";
+    private static final String LEGACY_PREFS_KEY = "appUUID";
+    private static final String DEVICE_ID_PREFS = "capgo_device_id";
+    private static final String DEVICE_ID_KEY = "deviceId";
+    private static final String IV_KEY = "iv";
+    private static final int GCM_TAG_LENGTH = 128;
+
+    /**
+     * Gets or creates a device ID that persists across reinstalls.
+     *
+     * This method:
+     * 1. First checks for an existing ID in Keystore-encrypted storage (persists across reinstalls)
+     * 2. Falls back to legacy SharedPreferences (for migration)
+     * 3. Generates a new UUID if neither exists
+     * 4. Stores the ID in Keystore-encrypted storage for future use
+     *
+     * @param context Application context
+     * @param legacyPrefs Legacy SharedPreferences (for migration)
+     * @return Device ID as a lowercase UUID string
+     */
+    public static String getOrCreateDeviceId(Context context, SharedPreferences legacyPrefs) {
+        // API 23+ required for Android Keystore
+        if (Build.VERSION.SDK_INT < Build.VERSION_CODES.M) {
+            return getFallbackDeviceId(legacyPrefs);
+        }
+
+        try {
+            // Try to get device ID from Keystore storage
+            String deviceId = getDeviceIdFromKeystore(context);
+
+            if (deviceId != null && !deviceId.isEmpty()) {
+                return deviceId.toLowerCase();
+            }
+
+            // Migration: Check legacy SharedPreferences for existing device ID
+            deviceId = legacyPrefs.getString(LEGACY_PREFS_KEY, null);
+
+            if (deviceId == null || deviceId.isEmpty()) {
+                // Generate new device ID if none exists
+                deviceId = UUID.randomUUID().toString();
+            }
+
+            // Ensure lowercase for consistency
+            deviceId = deviceId.toLowerCase();
+
+            // Save to Keystore storage
+            saveDeviceIdToKeystore(context, deviceId);
+
+            return deviceId;
+        } catch (Exception e) {
+            // Fallback to legacy method if Keystore fails
+            return getFallbackDeviceId(legacyPrefs);
+        }
+    }
+
+    /**
+     * Retrieves the device ID from Keystore-encrypted storage.
+     *
+     * @param context Application context
+     * @return Device ID string or null if not found
+     */
+    private static String getDeviceIdFromKeystore(Context context) throws Exception {
+        SharedPreferences prefs = context.getSharedPreferences(DEVICE_ID_PREFS, Context.MODE_PRIVATE);
+        String encryptedDeviceId = prefs.getString(DEVICE_ID_KEY, null);
+        String ivString = prefs.getString(IV_KEY, null);
+
+        if (encryptedDeviceId == null || ivString == null) {
+            return null;
+        }
+
+        // Get the encryption key from Keystore
+        SecretKey key = getOrCreateKey();
+        if (key == null) {
+            return null;
+        }
+
+        // Decrypt the device ID
+        byte[] encryptedBytes = android.util.Base64.decode(encryptedDeviceId, android.util.Base64.DEFAULT);
+        byte[] iv = android.util.Base64.decode(ivString, android.util.Base64.DEFAULT);
+
+        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
+        GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_LENGTH, iv);
+        cipher.init(Cipher.DECRYPT_MODE, key, spec);
+
+        byte[] decryptedBytes = cipher.doFinal(encryptedBytes);
+        return new String(decryptedBytes, StandardCharsets.UTF_8);
+    }
+
+    /**
+     * Saves the device ID to Keystore-encrypted storage.
+     *
+     * The device ID is encrypted using AES/GCM with a key stored in Android Keystore.
+     * The Keystore key persists across reinstalls on Android 6.0+ (API 23+).
+     *
+     * @param context Application context
+     * @param deviceId The device ID to save
+     */
+    private static void saveDeviceIdToKeystore(Context context, String deviceId) throws Exception {
+        // Get or create encryption key in Keystore
+        SecretKey key = getOrCreateKey();
+        if (key == null) {
+            throw new Exception("Failed to get encryption key");
+        }
+
+        // Encrypt the device ID
+        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
+        cipher.init(Cipher.ENCRYPT_MODE, key);
+
+        byte[] iv = cipher.getIV();
+        byte[] encryptedBytes = cipher.doFinal(deviceId.getBytes(StandardCharsets.UTF_8));
+
+        // Store encrypted device ID and IV in SharedPreferences
+        SharedPreferences prefs = context.getSharedPreferences(DEVICE_ID_PREFS, Context.MODE_PRIVATE);
+        prefs
+            .edit()
+            .putString(DEVICE_ID_KEY, android.util.Base64.encodeToString(encryptedBytes, android.util.Base64.DEFAULT))
+            .putString(IV_KEY, android.util.Base64.encodeToString(iv, android.util.Base64.DEFAULT))
+            .apply();
+    }
+
+    /**
+     * Gets or creates the encryption key in Android Keystore.
+     *
+     * The key is configured to persist across reinstalls and not require user authentication.
+     *
+     * @return SecretKey from Keystore or null if failed
+     */
+    private static SecretKey getOrCreateKey() {
+        try {
+            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
+            keyStore.load(null);
+
+            // Check if key already exists
+            if (keyStore.containsAlias(KEYSTORE_ALIAS)) {
+                KeyStore.SecretKeyEntry entry = (KeyStore.SecretKeyEntry) keyStore.getEntry(KEYSTORE_ALIAS, null);
+                return entry.getSecretKey();
+            }
+
+            // Create new key
+            KeyGenerator keyGenerator = KeyGenerator.getInstance(KeyProperties.KEY_ALGORITHM_AES, ANDROID_KEYSTORE);
+
+            KeyGenParameterSpec keySpec = new KeyGenParameterSpec.Builder(
+                KEYSTORE_ALIAS,
+                KeyProperties.PURPOSE_ENCRYPT | KeyProperties.PURPOSE_DECRYPT
+            )
+                .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
+                .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
+                .setKeySize(256)
+                .setRandomizedEncryptionRequired(true)
+                .build();
+
+            keyGenerator.init(keySpec);
+            return keyGenerator.generateKey();
+        } catch (
+            KeyStoreException
+            | CertificateException
+            | NoSuchAlgorithmException
+            | IOException
+            | NoSuchProviderException
+            | UnrecoverableEntryException e
+        ) {
+            return null;
+        } catch (Exception e) {
+            return null;
+        }
+    }
+
+    /**
+     * Fallback method using legacy SharedPreferences if Keystore fails or API < 23.
+     *
+     * @param legacyPrefs Legacy SharedPreferences
+     * @return Device ID string
+     */
+    private static String getFallbackDeviceId(SharedPreferences legacyPrefs) {
+        String deviceId = legacyPrefs.getString(LEGACY_PREFS_KEY, null);
+
+        if (deviceId == null || deviceId.isEmpty()) {
+            deviceId = UUID.randomUUID().toString();
+            legacyPrefs.edit().putString(LEGACY_PREFS_KEY, deviceId).apply();
+        }
+
+        return deviceId.toLowerCase();
+    }
+}

package/android/src/main/java/ee/forgr/capacitor_updater/DownloadService.java

@@ -63,7 +63,7 @@ public class DownloadService extends Worker {
     public static final String PUBLIC_KEY = "publickey";
     public static final String IS_MANIFEST = "is_manifest";
     public static final String APP_ID = "app_id";
-    public static final String PLUGIN_VERSION = "plugin_version";
+    public static final String pluginVersion = "plugin_version";
     private static final String UPDATE_FILE = "update.dat";
 
     // Shared OkHttpClient to prevent resource leaks

package/android/src/main/java/ee/forgr/capacitor_updater/DownloadWorkerManager.java

@@ -80,7 +80,7 @@ public class DownloadWorkerManager {
             .putBoolean(DownloadService.IS_MANIFEST, isManifest)
             .putString(DownloadService.PUBLIC_KEY, publicKey)
             .putString(DownloadService.APP_ID, appId)
-            .putString(DownloadService.PLUGIN_VERSION, pluginVersion)
+            .putString(DownloadService.pluginVersion, pluginVersion)
             .build();
 
         // Create network constraints - be more lenient on emulators

package/dist/docs.json

@@ -679,7 +679,7 @@
             "text": "{Error}"
           }
         ],
-        "docs": "Get unique ID used to identify device (sent to auto update server), this ID is made following Apple and Google privacy best practices, and not persisted between installs",
+        "docs": "Get unique ID used to identify device (sent to auto update server).\n\nThis ID is privacy-friendly and follows Apple and Google best practices:\n- Generated as a UUID and stored securely\n- Android: Uses EncryptedSharedPreferences with Auto Backup (persists across reinstalls)\n- iOS: Uses Keychain with kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly (persists across reinstalls)\n- Data stays on device (not synced to cloud on iOS)\n- Can be cleared by user via system settings (Android) or keychain access (iOS)\n\nThe device ID now persists between app reinstalls to maintain consistent device identity.",
         "complexTypes": [
           "DeviceId"
         ],

package/dist/esm/definitions.d.ts

@@ -516,7 +516,16 @@ export interface CapacitorUpdaterPlugin {
      */
     getBuiltinVersion(): Promise<BuiltinVersion>;
     /**
-     * Get unique ID used to identify device (sent to auto update server), this ID is made following Apple and Google privacy best practices, and not persisted between installs
+     * Get unique ID used to identify device (sent to auto update server).
+     *
+     * This ID is privacy-friendly and follows Apple and Google best practices:
+     * - Generated as a UUID and stored securely
+     * - Android: Uses EncryptedSharedPreferences with Auto Backup (persists across reinstalls)
+     * - iOS: Uses Keychain with kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly (persists across reinstalls)
+     * - Data stays on device (not synced to cloud on iOS)
+     * - Can be cleared by user via system settings (Android) or keychain access (iOS)
+     *
+     * The device ID now persists between app reinstalls to maintain consistent device identity.
      *
      * @returns {Promise<DeviceId>} A Promise with id for this device
      * @throws {Error}