@hot-updater/cloudflare 0.31.4 → 0.33.0

package/dist/index.mjs

@@ -1,9 +1,13 @@
 import { createRequire } from "node:module";
 import { DEFAULT_ROLLOUT_COHORT_COUNT, getAssetBaseStorageUri, getBundlePatches, getManifestFileHash, getManifestStorageUri, stripBundleArtifactMetadata } from "@hot-updater/core";
-import { calculatePagination, createDatabasePlugin, createDatabasePluginGetUpdateInfo, createNodeStoragePlugin, createStorageKeyBuilder, getContentType, parseStorageUri } from "@hot-updater/plugin-core";
+import { calculatePagination, createDatabasePlugin, createDatabasePluginGetUpdateInfo, createStorageKeyBuilder, createUniversalStoragePlugin, getContentType, parseStorageUri } from "@hot-updater/plugin-core";
 import Cloudflare from "cloudflare";
 import fs from "node:fs/promises";
 import path from "node:path";
+import { DeleteObjectCommand, GetObjectCommand, HeadObjectCommand, S3Client } from "@aws-sdk/client-s3";
+import { Upload } from "@aws-sdk/lib-storage";
+import { getSignedUrl } from "@aws-sdk/s3-request-presigner";
+import os, { constants } from "node:os";
 import { fileURLToPath } from "node:url";
 import { ChildProcess, execFile, spawn, spawnSync } from "node:child_process";
 import { StringDecoder } from "node:string_decoder";
@@ -11,7 +15,6 @@ import { aborted, callbackify, debuglog, inspect, promisify, stripVTControlChara
 import process$1, { execArgv, execPath, hrtime, platform } from "node:process";
 import tty from "node:tty";
 import { scheduler, setImmediate, setTimeout } from "node:timers/promises";
-import { constants } from "node:os";
 import { EventEmitter, addAbortListener, on, once, setMaxListeners } from "node:events";
 import { serialize } from "node:v8";
 import { appendFileSync, createReadStream, createWriteStream, readFileSync, statSync, writeFileSync } from "node:fs";
@@ -25,7 +28,7 @@ var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
 var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __commonJSMin = (cb, mod) => () => (mod || (cb((mod = { exports: {} }).exports, mod), cb = null), mod.exports);
+var __commonJSMin = (cb, mod) => () => (mod || cb((mod = { exports: {} }).exports, mod), mod.exports);
 var __copyProps = (to, from, except, desc) => {
 	if (from && typeof from === "object" || typeof from === "function") for (var keys = __getOwnPropNames(from), i = 0, n = keys.length, key; i < n; i++) {
 		key = keys[i];
@@ -273,6 +276,11 @@ var import_lib = /* @__PURE__ */ __toESM((/* @__PURE__ */ __commonJSMin(((export
 	parser.parsingErrorCode = error.parsingErrorCode;
 	module.exports = parser;
 })))(), 1);
+const buildJsonEachInClause = (columnName, values, params) => {
+	if (values.length === 0) return "1 = 0";
+	params.push(JSON.stringify(values));
+	return `${columnName} IN (SELECT value FROM json_each(?))`;
+};
 async function resolvePage(singlePage) {
 	const results = [];
 	for await (const page of singlePage.iterPages()) {
@@ -296,11 +304,7 @@ function buildWhereClause(conditions) {
 		clauses.push("enabled = ?");
 		params.push(conditions.enabled ? 1 : 0);
 	}
-	if (conditions.id?.in) if (conditions.id.in.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`id IN (${conditions.id.in.map(() => "?").join(", ")})`);
-		params.push(...conditions.id.in);
-	}
+	if (conditions.id?.in) clauses.push(buildJsonEachInClause("id", conditions.id.in, params));
 	if (conditions.id?.eq) {
 		clauses.push("id = ?");
 		params.push(conditions.id.eq);
@@ -327,11 +331,7 @@ function buildWhereClause(conditions) {
 		clauses.push("target_app_version = ?");
 		params.push(conditions.targetAppVersion);
 	}
-	if (conditions.targetAppVersionIn) if (conditions.targetAppVersionIn.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`target_app_version IN (${conditions.targetAppVersionIn.map(() => "?").join(", ")})`);
-		params.push(...conditions.targetAppVersionIn);
-	}
+	if (conditions.targetAppVersionIn) clauses.push(buildJsonEachInClause("target_app_version", conditions.targetAppVersionIn, params));
 	if (conditions.fingerprintHash !== void 0) if (conditions.fingerprintHash === null) clauses.push("fingerprint_hash IS NULL");
 	else {
 		clauses.push("fingerprint_hash = ?");
@@ -416,13 +416,13 @@ const d1Database = createDatabasePlugin({
 			const sql = (0, import_lib.default)(`
         SELECT *
         FROM bundle_patches
-        WHERE bundle_id IN (${bundleIds.map(() => "?").join(", ")})
+        WHERE bundle_id IN (SELECT value FROM json_each(?))
         ORDER BY order_index ASC, base_bundle_id ASC
       `);
 			const rows = await resolvePage(await cf.d1.database.query(config.databaseId, {
 				account_id: config.accountId,
 				sql,
-				params: bundleIds
+				params: [JSON.stringify(bundleIds)]
 			}));
 			for (const row of rows) {
 				const current = patchMap.get(row.bundle_id) ?? [];
@@ -665,6 +665,112 @@ const d1Database = createDatabasePlugin({
 	}
 });
 //#endregion
+//#region src/r2S3Storage.ts
+const ensureExpectedR2Bucket$1 = (bucket, bucketName) => {
+	if (bucket !== bucketName) throw new Error(`Bucket name mismatch: expected "${bucketName}", but found "${bucket}".`);
+};
+const isS3ObjectNotFoundError = (error) => {
+	if (error instanceof Error) return error.name === "NotFound" || error.name === "NoSuchKey";
+	if (typeof error === "object" && error !== null && "$metadata" in error) return error.$metadata?.httpStatusCode === 404;
+	return false;
+};
+const createS3Client = (config) => {
+	const { accountId, basePath: _basePath, bucketName: _bucketName, endpoint, forcePathStyle, region, ...s3Config } = config;
+	return new S3Client({
+		...s3Config,
+		endpoint: endpoint ?? `https://${accountId}.r2.cloudflarestorage.com`,
+		forcePathStyle: forcePathStyle ?? true,
+		region: region ?? "auto"
+	});
+};
+const createS3StorageProfile = (config) => {
+	const { bucketName } = config;
+	const client = createS3Client(config);
+	const getStorageKey = createStorageKeyBuilder(config.basePath);
+	return {
+		async delete(storageUri) {
+			const { bucket, key } = parseStorageUri(storageUri, "r2");
+			ensureExpectedR2Bucket$1(bucket, bucketName);
+			await client.send(new DeleteObjectCommand({
+				Bucket: bucketName,
+				Key: key
+			}));
+		},
+		async upload(key, filePath) {
+			const Body = await fs.readFile(filePath);
+			const ContentType = getContentType(filePath);
+			const Key = getStorageKey(key, path.basename(filePath));
+			await new Upload({
+				client,
+				params: {
+					Body,
+					Bucket: bucketName,
+					CacheControl: "max-age=31536000",
+					ContentType,
+					Key
+				}
+			}).done();
+			return { storageUri: `r2://${bucketName}/${Key}` };
+		},
+		async exists(storageUri) {
+			const { bucket, key } = parseStorageUri(storageUri, "r2");
+			ensureExpectedR2Bucket$1(bucket, bucketName);
+			try {
+				await client.send(new HeadObjectCommand({
+					Bucket: bucketName,
+					Key: key
+				}));
+				return true;
+			} catch (error) {
+				if (isS3ObjectNotFoundError(error)) return false;
+				throw error;
+			}
+		},
+		async downloadFile(storageUri, filePath) {
+			const { bucket, key } = parseStorageUri(storageUri, "r2");
+			ensureExpectedR2Bucket$1(bucket, bucketName);
+			const response = await client.send(new GetObjectCommand({
+				Bucket: bucketName,
+				Key: key
+			}));
+			if (!response.Body) throw new Error("R2 object body is empty");
+			await fs.mkdir(path.dirname(filePath), { recursive: true });
+			await fs.writeFile(filePath, await response.Body.transformToByteArray());
+		}
+	};
+};
+const createS3RuntimeStorageProfile = (config) => {
+	const { bucketName } = config;
+	const client = createS3Client(config);
+	return {
+		async readText(storageUri) {
+			const { bucket, key } = parseStorageUri(storageUri, "r2");
+			ensureExpectedR2Bucket$1(bucket, bucketName);
+			try {
+				const response = await client.send(new GetObjectCommand({
+					Bucket: bucketName,
+					Key: key
+				}));
+				if (!response.Body) return null;
+				return response.Body.transformToString();
+			} catch (error) {
+				if (isS3ObjectNotFoundError(error)) return null;
+				throw error;
+			}
+		},
+		async getDownloadUrl(storageUri) {
+			const { bucket, key } = parseStorageUri(storageUri, "r2");
+			ensureExpectedR2Bucket$1(bucket, bucketName);
+			const signedUrl = await getSignedUrl(client, new GetObjectCommand({
+				Bucket: bucketName,
+				Key: key
+			}), { expiresIn: 3600 });
+			if (!signedUrl) throw new Error("Failed to presign R2 URL");
+			return { fileUrl: signedUrl };
+		}
+	};
+};
+//#endregion
 //#region ../../node_modules/.pnpm/is-plain-obj@4.1.0/node_modules/is-plain-obj/index.js
 function isPlainObject(value) {
 	if (typeof value !== "object" || value === null) return false;
@@ -6838,55 +6944,108 @@ const createWrangler = ({ stdio, accountId, cloudflareApiToken, cwd }) => {
 	return (...command) => $("npx", ["wrangler", ...command]);
 };
 //#endregion
+//#region src/r2WranglerStorage.ts
+const ensureExpectedR2Bucket = (bucket, bucketName) => {
+	if (bucket !== bucketName) throw new Error(`Bucket name mismatch: expected "${bucketName}", but found "${bucket}".`);
+};
+const isR2ObjectNotFoundError = (error) => {
+	const output = [
+		error.stderr,
+		error.stdout,
+		error.shortMessage,
+		error.message
+	].filter(Boolean).join("\n").toLowerCase();
+	return output.includes("not found") || output.includes("no such object") || output.includes("does not exist");
+};
+const createWranglerStorageProfile = (config) => {
+	const { bucketName, cloudflareApiToken, accountId } = config;
+	const wrangler = createWrangler({
+		accountId,
+		cloudflareApiToken,
+		cwd: process.cwd()
+	});
+	const getStorageKey = createStorageKeyBuilder(config.basePath);
+	return {
+		async delete(storageUri) {
+			const { bucket, key } = parseStorageUri(storageUri, "r2");
+			ensureExpectedR2Bucket(bucket, bucketName);
+			try {
+				await wrangler("r2", "object", "delete", [bucketName, key].join("/"), "--remote");
+			} catch {
+				throw new Error("Can not delete bundle");
+			}
+		},
+		async upload(key, filePath) {
+			const contentType = getContentType(filePath);
+			const Key = getStorageKey(key, path.basename(filePath));
+			try {
+				const { stderr, exitCode } = await wrangler("r2", "object", "put", [bucketName, Key].join("/"), "--file", filePath, "--content-type", contentType, "--remote");
+				if (exitCode !== 0 && stderr) throw new Error(stderr);
+			} catch (error) {
+				if (error instanceof ExecaError) throw new Error(error.stderr || error.stdout);
+				throw error;
+			}
+			return { storageUri: `r2://${bucketName}/${Key}` };
+		},
+		async exists(storageUri) {
+			const { bucket, key } = parseStorageUri(storageUri, "r2");
+			ensureExpectedR2Bucket(bucket, bucketName);
+			const tempDir = await fs.mkdtemp(path.join(os.tmpdir(), "hot-updater-r2-exists-"));
+			const tempFilePath = path.join(tempDir, "object");
+			try {
+				await wrangler("r2", "object", "get", [bucketName, key].join("/"), "--file", tempFilePath, "--remote");
+				return true;
+			} catch (error) {
+				if (error instanceof ExecaError && isR2ObjectNotFoundError(error)) return false;
+				throw error;
+			} finally {
+				await fs.rm(tempDir, {
+					force: true,
+					recursive: true
+				});
+			}
+		},
+		async downloadFile(storageUri, filePath) {
+			const { bucket, key } = parseStorageUri(storageUri, "r2");
+			ensureExpectedR2Bucket(bucket, bucketName);
+			try {
+				await fs.mkdir(path.dirname(filePath), { recursive: true });
+				const { stderr, exitCode } = await wrangler("r2", "object", "get", [bucketName, key].join("/"), "--file", filePath, "--remote");
+				if (exitCode !== 0 && stderr) throw new Error(stderr);
+			} catch (error) {
+				if (error instanceof ExecaError) throw new Error(error.stderr || error.stdout);
+				throw error;
+			}
+		}
+	};
+};
+const createWranglerRuntimeStorageProfile = () => {
+	const error = /* @__PURE__ */ new Error("r2Storage runtime profile requires R2 S3 credentials. Wrangler-based R2 access is only supported by the node profile.");
+	return {
+		async readText() {
+			throw error;
+		},
+		async getDownloadUrl() {
+			throw error;
+		}
+	};
+};
+//#endregion
 //#region src/r2Storage.ts
-/**
-* Cloudflare R2 storage plugin for Hot Updater.
-*/
-const r2Storage = createNodeStoragePlugin({
+const hasS3Credentials = (config) => {
+	return Boolean(config.credentials);
+};
+const r2Storage = createUniversalStoragePlugin({
 	name: "r2Storage",
 	supportedProtocol: "r2",
 	factory: (config) => {
-		const { bucketName, cloudflareApiToken, accountId } = config;
-		const wrangler = createWrangler({
-			accountId,
-			cloudflareApiToken,
-			cwd: process.cwd()
-		});
-		const getStorageKey = createStorageKeyBuilder(config.basePath);
+		if (hasS3Credentials(config)) return {
+			node: createS3StorageProfile(config),
+			runtime: createS3RuntimeStorageProfile(config)
+		};
 		return {
-			async delete(storageUri) {
-				const { bucket, key } = parseStorageUri(storageUri, "r2");
-				if (bucket !== bucketName) throw new Error(`Bucket name mismatch: expected "${bucketName}", but found "${bucket}".`);
-				try {
-					await wrangler("r2", "object", "delete", [bucketName, key].join("/"), "--remote");
-				} catch {
-					throw new Error("Can not delete bundle");
-				}
-			},
-			async upload(key, filePath) {
-				const contentType = getContentType(filePath);
-				const Key = getStorageKey(key, path.basename(filePath));
-				try {
-					const { stderr, exitCode } = await wrangler("r2", "object", "put", [bucketName, Key].join("/"), "--file", filePath, "--content-type", contentType, "--remote");
-					if (exitCode !== 0 && stderr) throw new Error(stderr);
-				} catch (error) {
-					if (error instanceof ExecaError) throw new Error(error.stderr || error.stdout);
-					throw error;
-				}
-				return { storageUri: `r2://${bucketName}/${Key}` };
-			},
-			async downloadFile(storageUri, filePath) {
-				const { bucket, key } = parseStorageUri(storageUri, "r2");
-				if (bucket !== bucketName) throw new Error(`Bucket name mismatch: expected "${bucketName}", but found "${bucket}".`);
-				try {
-					await fs.mkdir(path.dirname(filePath), { recursive: true });
-					const { stderr, exitCode } = await wrangler("r2", "object", "get", [bucketName, key].join("/"), "--file", filePath, "--remote");
-					if (exitCode !== 0 && stderr) throw new Error(stderr);
-				} catch (error) {
-					if (error instanceof ExecaError) throw new Error(error.stderr || error.stdout);
-					throw error;
-				}
-			}
+			node: createWranglerStorageProfile(config),
+			runtime: createWranglerRuntimeStorageProfile()
 		};
 	}
 });

package/dist/worker/index.cjs

@@ -3,6 +3,11 @@ let _hot_updater_js = require("@hot-updater/js");
 let _hot_updater_core = require("@hot-updater/core");
 let _hot_updater_plugin_core = require("@hot-updater/plugin-core");
 //#region src/cloudflareWorkerDatabase.ts
+const buildJsonEachInClause = (columnName, values, params) => {
+	if (values.length === 0) return "1 = 0";
+	params.push(JSON.stringify(values));
+	return `${columnName} IN (SELECT value FROM json_each(?))`;
+};
 function buildWhereClause(conditions) {
 	if (!conditions) return {
 		sql: "",
@@ -22,11 +27,7 @@ function buildWhereClause(conditions) {
 		clauses.push("enabled = ?");
 		params.push(conditions.enabled ? 1 : 0);
 	}
-	if (conditions.id?.in) if (conditions.id.in.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`id IN (${conditions.id.in.map(() => "?").join(", ")})`);
-		params.push(...conditions.id.in);
-	}
+	if (conditions.id?.in) clauses.push(buildJsonEachInClause("id", conditions.id.in, params));
 	if (conditions.id?.eq) {
 		clauses.push("id = ?");
 		params.push(conditions.id.eq);
@@ -53,11 +54,7 @@ function buildWhereClause(conditions) {
 		clauses.push("target_app_version = ?");
 		params.push(conditions.targetAppVersion);
 	}
-	if (conditions.targetAppVersionIn) if (conditions.targetAppVersionIn.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`target_app_version IN (${conditions.targetAppVersionIn.map(() => "?").join(", ")})`);
-		params.push(...conditions.targetAppVersionIn);
-	}
+	if (conditions.targetAppVersionIn) clauses.push(buildJsonEachInClause("target_app_version", conditions.targetAppVersionIn, params));
 	if (conditions.fingerprintHash !== void 0) if (conditions.fingerprintHash === null) clauses.push("fingerprint_hash IS NULL");
 	else {
 		clauses.push("fingerprint_hash = ?");
@@ -152,9 +149,9 @@ const d1WorkerDatabase = () => (0, _hot_updater_plugin_core.createDatabasePlugin
 			const rows = await queryAll(`
             SELECT *
             FROM bundle_patches
-            WHERE bundle_id IN (${bundleIds.map(() => "?").join(", ")})
+            WHERE bundle_id IN (SELECT value FROM json_each(?))
             ORDER BY order_index ASC, base_bundle_id ASC
-          `, bundleIds, context);
+          `, [JSON.stringify(bundleIds)], context);
 			for (const row of rows) {
 				const current = patchMap.get(row.bundle_id) ?? [];
 				current.push(row);

package/dist/worker/index.d.cts

@@ -1,5 +1,6 @@
-import { verifyJwtSignedUrl } from "@hot-updater/js";
+import * as _$_hot_updater_plugin_core0 from "@hot-updater/plugin-core";
 import { HotUpdaterContext, RequestEnvContext as RequestEnvContext$1 } from "@hot-updater/plugin-core";
+import { verifyJwtSignedUrl } from "@hot-updater/js";
 
 //#region src/cloudflareWorkerDatabase.d.ts
 type D1Result<T> = {
@@ -37,7 +38,7 @@ interface CloudflareWorkerStorageConfig<TContext extends RequestEnvContext$1<Clo
 //#region src/worker/index.d.ts
 interface CloudflareWorkerRuntimeEnv extends CloudflareWorkerDatabaseEnv, CloudflareWorkerStorageEnv {}
 type RequestEnvContext<TEnv = CloudflareWorkerRuntimeEnv> = RequestEnvContext$1<TEnv>;
-declare const d1Database: <TContext extends RequestEnvContext<CloudflareWorkerRuntimeEnv> = RequestEnvContext<CloudflareWorkerRuntimeEnv>>() => () => import("@hot-updater/plugin-core").DatabasePlugin<TContext>;
-declare const r2Storage: <TContext extends RequestEnvContext<CloudflareWorkerRuntimeEnv> = RequestEnvContext<CloudflareWorkerRuntimeEnv>>(config: CloudflareWorkerStorageConfig<TContext>) => () => import("@hot-updater/plugin-core").RuntimeStoragePlugin<TContext>;
+declare const d1Database: <TContext extends RequestEnvContext<CloudflareWorkerRuntimeEnv> = RequestEnvContext<CloudflareWorkerRuntimeEnv>>() => () => _$_hot_updater_plugin_core0.DatabasePlugin<TContext>;
+declare const r2Storage: <TContext extends RequestEnvContext<CloudflareWorkerRuntimeEnv> = RequestEnvContext<CloudflareWorkerRuntimeEnv>>(config: CloudflareWorkerStorageConfig<TContext>) => () => _$_hot_updater_plugin_core0.RuntimeStoragePlugin<TContext>;
 //#endregion
 export { type CloudflareWorkerDatabaseEnv, CloudflareWorkerRuntimeEnv, type CloudflareWorkerStorageEnv, RequestEnvContext, d1Database, r2Storage, verifyJwtSignedUrl };

package/dist/worker/index.d.mts

@@ -1,4 +1,5 @@
 import { verifyJwtSignedUrl } from "@hot-updater/js";
+import * as _$_hot_updater_plugin_core0 from "@hot-updater/plugin-core";
 import { HotUpdaterContext, RequestEnvContext as RequestEnvContext$1 } from "@hot-updater/plugin-core";
 
 //#region src/cloudflareWorkerDatabase.d.ts
@@ -37,7 +38,7 @@ interface CloudflareWorkerStorageConfig<TContext extends RequestEnvContext$1<Clo
 //#region src/worker/index.d.ts
 interface CloudflareWorkerRuntimeEnv extends CloudflareWorkerDatabaseEnv, CloudflareWorkerStorageEnv {}
 type RequestEnvContext<TEnv = CloudflareWorkerRuntimeEnv> = RequestEnvContext$1<TEnv>;
-declare const d1Database: <TContext extends RequestEnvContext<CloudflareWorkerRuntimeEnv> = RequestEnvContext<CloudflareWorkerRuntimeEnv>>() => () => import("@hot-updater/plugin-core").DatabasePlugin<TContext>;
-declare const r2Storage: <TContext extends RequestEnvContext<CloudflareWorkerRuntimeEnv> = RequestEnvContext<CloudflareWorkerRuntimeEnv>>(config: CloudflareWorkerStorageConfig<TContext>) => () => import("@hot-updater/plugin-core").RuntimeStoragePlugin<TContext>;
+declare const d1Database: <TContext extends RequestEnvContext<CloudflareWorkerRuntimeEnv> = RequestEnvContext<CloudflareWorkerRuntimeEnv>>() => () => _$_hot_updater_plugin_core0.DatabasePlugin<TContext>;
+declare const r2Storage: <TContext extends RequestEnvContext<CloudflareWorkerRuntimeEnv> = RequestEnvContext<CloudflareWorkerRuntimeEnv>>(config: CloudflareWorkerStorageConfig<TContext>) => () => _$_hot_updater_plugin_core0.RuntimeStoragePlugin<TContext>;
 //#endregion
 export { type CloudflareWorkerDatabaseEnv, CloudflareWorkerRuntimeEnv, type CloudflareWorkerStorageEnv, RequestEnvContext, d1Database, r2Storage, verifyJwtSignedUrl };

package/dist/worker/index.mjs

@@ -2,6 +2,11 @@ import { signToken, verifyJwtSignedUrl } from "@hot-updater/js";
 import { DEFAULT_ROLLOUT_COHORT_COUNT, getAssetBaseStorageUri, getBundlePatches, getManifestFileHash, getManifestStorageUri, stripBundleArtifactMetadata } from "@hot-updater/core";
 import { calculatePagination, createDatabasePlugin, createDatabasePluginGetUpdateInfo, createRuntimeStoragePlugin } from "@hot-updater/plugin-core";
 //#region src/cloudflareWorkerDatabase.ts
+const buildJsonEachInClause = (columnName, values, params) => {
+	if (values.length === 0) return "1 = 0";
+	params.push(JSON.stringify(values));
+	return `${columnName} IN (SELECT value FROM json_each(?))`;
+};
 function buildWhereClause(conditions) {
 	if (!conditions) return {
 		sql: "",
@@ -21,11 +26,7 @@ function buildWhereClause(conditions) {
 		clauses.push("enabled = ?");
 		params.push(conditions.enabled ? 1 : 0);
 	}
-	if (conditions.id?.in) if (conditions.id.in.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`id IN (${conditions.id.in.map(() => "?").join(", ")})`);
-		params.push(...conditions.id.in);
-	}
+	if (conditions.id?.in) clauses.push(buildJsonEachInClause("id", conditions.id.in, params));
 	if (conditions.id?.eq) {
 		clauses.push("id = ?");
 		params.push(conditions.id.eq);
@@ -52,11 +53,7 @@ function buildWhereClause(conditions) {
 		clauses.push("target_app_version = ?");
 		params.push(conditions.targetAppVersion);
 	}
-	if (conditions.targetAppVersionIn) if (conditions.targetAppVersionIn.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`target_app_version IN (${conditions.targetAppVersionIn.map(() => "?").join(", ")})`);
-		params.push(...conditions.targetAppVersionIn);
-	}
+	if (conditions.targetAppVersionIn) clauses.push(buildJsonEachInClause("target_app_version", conditions.targetAppVersionIn, params));
 	if (conditions.fingerprintHash !== void 0) if (conditions.fingerprintHash === null) clauses.push("fingerprint_hash IS NULL");
 	else {
 		clauses.push("fingerprint_hash = ?");
@@ -151,9 +148,9 @@ const d1WorkerDatabase = () => createDatabasePlugin({
 			const rows = await queryAll(`
             SELECT *
             FROM bundle_patches
-            WHERE bundle_id IN (${bundleIds.map(() => "?").join(", ")})
+            WHERE bundle_id IN (SELECT value FROM json_each(?))
             ORDER BY order_index ASC, base_bundle_id ASC
-          `, bundleIds, context);
+          `, [JSON.stringify(bundleIds)], context);
 			for (const row of rows) {
 				const current = patchMap.get(row.bundle_id) ?? [];
 				current.push(row);

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@hot-updater/cloudflare",
   "type": "module",
-  "version": "0.31.4",
+  "version": "0.33.0",
   "description": "React Native OTA solution for self-hosted",
   "main": "dist/index.cjs",
   "module": "dist/index.mjs",
@@ -47,14 +47,17 @@
     "package.json"
   ],
   "dependencies": {
+    "@aws-sdk/client-s3": "3.1008.0",
+    "@aws-sdk/lib-storage": "3.1008.0",
+    "@aws-sdk/s3-request-presigner": "3.1008.0",
     "cloudflare": "4.2.0",
     "hono": "4.12.9",
     "uuidv7": "^1.0.2",
-    "@hot-updater/cli-tools": "0.31.4",
-    "@hot-updater/js": "0.31.4",
-    "@hot-updater/plugin-core": "0.31.4",
-    "@hot-updater/server": "0.31.4",
-    "@hot-updater/core": "0.31.4"
+    "@hot-updater/core": "0.33.0",
+    "@hot-updater/js": "0.33.0",
+    "@hot-updater/cli-tools": "0.33.0",
+    "@hot-updater/plugin-core": "0.33.0",
+    "@hot-updater/server": "0.33.0"
   },
   "devDependencies": {
     "@cloudflare/vitest-pool-workers": "0.13.0",
@@ -71,7 +74,7 @@
     "vitest": "4.1.4",
     "wrangler": "^4.5.0",
     "xdg-app-paths": "^8.3.0",
-    "@hot-updater/test-utils": "0.31.4"
+    "@hot-updater/test-utils": "0.33.0"
   },
   "scripts": {
     "build": "tsdown && pnpm build:worker",