@hot-updater/cloudflare 0.32.0 → 0.33.0

package/dist/index.cjs

@@ -281,6 +281,11 @@ var import_lib = /* @__PURE__ */ __toESM((/* @__PURE__ */ __commonJSMin(((export
 	parser.parsingErrorCode = error.parsingErrorCode;
 	module.exports = parser;
 })))(), 1);
+const buildJsonEachInClause = (columnName, values, params) => {
+	if (values.length === 0) return "1 = 0";
+	params.push(JSON.stringify(values));
+	return `${columnName} IN (SELECT value FROM json_each(?))`;
+};
 async function resolvePage(singlePage) {
 	const results = [];
 	for await (const page of singlePage.iterPages()) {
@@ -304,11 +309,7 @@ function buildWhereClause(conditions) {
 		clauses.push("enabled = ?");
 		params.push(conditions.enabled ? 1 : 0);
 	}
-	if (conditions.id?.in) if (conditions.id.in.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`id IN (${conditions.id.in.map(() => "?").join(", ")})`);
-		params.push(...conditions.id.in);
-	}
+	if (conditions.id?.in) clauses.push(buildJsonEachInClause("id", conditions.id.in, params));
 	if (conditions.id?.eq) {
 		clauses.push("id = ?");
 		params.push(conditions.id.eq);
@@ -335,11 +336,7 @@ function buildWhereClause(conditions) {
 		clauses.push("target_app_version = ?");
 		params.push(conditions.targetAppVersion);
 	}
-	if (conditions.targetAppVersionIn) if (conditions.targetAppVersionIn.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`target_app_version IN (${conditions.targetAppVersionIn.map(() => "?").join(", ")})`);
-		params.push(...conditions.targetAppVersionIn);
-	}
+	if (conditions.targetAppVersionIn) clauses.push(buildJsonEachInClause("target_app_version", conditions.targetAppVersionIn, params));
 	if (conditions.fingerprintHash !== void 0) if (conditions.fingerprintHash === null) clauses.push("fingerprint_hash IS NULL");
 	else {
 		clauses.push("fingerprint_hash = ?");
@@ -424,13 +421,13 @@ const d1Database = (0, _hot_updater_plugin_core.createDatabasePlugin)({
 			const sql = (0, import_lib.default)(`
         SELECT *
         FROM bundle_patches
-        WHERE bundle_id IN (${bundleIds.map(() => "?").join(", ")})
+        WHERE bundle_id IN (SELECT value FROM json_each(?))
         ORDER BY order_index ASC, base_bundle_id ASC
       `);
 			const rows = await resolvePage(await cf.d1.database.query(config.databaseId, {
 				account_id: config.accountId,
 				sql,
-				params: bundleIds
+				params: [JSON.stringify(bundleIds)]
 			}));
 			for (const row of rows) {
 				const current = patchMap.get(row.bundle_id) ?? [];

package/dist/index.mjs

@@ -276,6 +276,11 @@ var import_lib = /* @__PURE__ */ __toESM((/* @__PURE__ */ __commonJSMin(((export
 	parser.parsingErrorCode = error.parsingErrorCode;
 	module.exports = parser;
 })))(), 1);
+const buildJsonEachInClause = (columnName, values, params) => {
+	if (values.length === 0) return "1 = 0";
+	params.push(JSON.stringify(values));
+	return `${columnName} IN (SELECT value FROM json_each(?))`;
+};
 async function resolvePage(singlePage) {
 	const results = [];
 	for await (const page of singlePage.iterPages()) {
@@ -299,11 +304,7 @@ function buildWhereClause(conditions) {
 		clauses.push("enabled = ?");
 		params.push(conditions.enabled ? 1 : 0);
 	}
-	if (conditions.id?.in) if (conditions.id.in.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`id IN (${conditions.id.in.map(() => "?").join(", ")})`);
-		params.push(...conditions.id.in);
-	}
+	if (conditions.id?.in) clauses.push(buildJsonEachInClause("id", conditions.id.in, params));
 	if (conditions.id?.eq) {
 		clauses.push("id = ?");
 		params.push(conditions.id.eq);
@@ -330,11 +331,7 @@ function buildWhereClause(conditions) {
 		clauses.push("target_app_version = ?");
 		params.push(conditions.targetAppVersion);
 	}
-	if (conditions.targetAppVersionIn) if (conditions.targetAppVersionIn.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`target_app_version IN (${conditions.targetAppVersionIn.map(() => "?").join(", ")})`);
-		params.push(...conditions.targetAppVersionIn);
-	}
+	if (conditions.targetAppVersionIn) clauses.push(buildJsonEachInClause("target_app_version", conditions.targetAppVersionIn, params));
 	if (conditions.fingerprintHash !== void 0) if (conditions.fingerprintHash === null) clauses.push("fingerprint_hash IS NULL");
 	else {
 		clauses.push("fingerprint_hash = ?");
@@ -419,13 +416,13 @@ const d1Database = createDatabasePlugin({
 			const sql = (0, import_lib.default)(`
         SELECT *
         FROM bundle_patches
-        WHERE bundle_id IN (${bundleIds.map(() => "?").join(", ")})
+        WHERE bundle_id IN (SELECT value FROM json_each(?))
         ORDER BY order_index ASC, base_bundle_id ASC
       `);
 			const rows = await resolvePage(await cf.d1.database.query(config.databaseId, {
 				account_id: config.accountId,
 				sql,
-				params: bundleIds
+				params: [JSON.stringify(bundleIds)]
 			}));
 			for (const row of rows) {
 				const current = patchMap.get(row.bundle_id) ?? [];

package/dist/worker/index.cjs

@@ -3,6 +3,11 @@ let _hot_updater_js = require("@hot-updater/js");
 let _hot_updater_core = require("@hot-updater/core");
 let _hot_updater_plugin_core = require("@hot-updater/plugin-core");
 //#region src/cloudflareWorkerDatabase.ts
+const buildJsonEachInClause = (columnName, values, params) => {
+	if (values.length === 0) return "1 = 0";
+	params.push(JSON.stringify(values));
+	return `${columnName} IN (SELECT value FROM json_each(?))`;
+};
 function buildWhereClause(conditions) {
 	if (!conditions) return {
 		sql: "",
@@ -22,11 +27,7 @@ function buildWhereClause(conditions) {
 		clauses.push("enabled = ?");
 		params.push(conditions.enabled ? 1 : 0);
 	}
-	if (conditions.id?.in) if (conditions.id.in.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`id IN (${conditions.id.in.map(() => "?").join(", ")})`);
-		params.push(...conditions.id.in);
-	}
+	if (conditions.id?.in) clauses.push(buildJsonEachInClause("id", conditions.id.in, params));
 	if (conditions.id?.eq) {
 		clauses.push("id = ?");
 		params.push(conditions.id.eq);
@@ -53,11 +54,7 @@ function buildWhereClause(conditions) {
 		clauses.push("target_app_version = ?");
 		params.push(conditions.targetAppVersion);
 	}
-	if (conditions.targetAppVersionIn) if (conditions.targetAppVersionIn.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`target_app_version IN (${conditions.targetAppVersionIn.map(() => "?").join(", ")})`);
-		params.push(...conditions.targetAppVersionIn);
-	}
+	if (conditions.targetAppVersionIn) clauses.push(buildJsonEachInClause("target_app_version", conditions.targetAppVersionIn, params));
 	if (conditions.fingerprintHash !== void 0) if (conditions.fingerprintHash === null) clauses.push("fingerprint_hash IS NULL");
 	else {
 		clauses.push("fingerprint_hash = ?");
@@ -152,9 +149,9 @@ const d1WorkerDatabase = () => (0, _hot_updater_plugin_core.createDatabasePlugin
 			const rows = await queryAll(`
             SELECT *
             FROM bundle_patches
-            WHERE bundle_id IN (${bundleIds.map(() => "?").join(", ")})
+            WHERE bundle_id IN (SELECT value FROM json_each(?))
             ORDER BY order_index ASC, base_bundle_id ASC
-          `, bundleIds, context);
+          `, [JSON.stringify(bundleIds)], context);
 			for (const row of rows) {
 				const current = patchMap.get(row.bundle_id) ?? [];
 				current.push(row);

package/dist/worker/index.mjs

@@ -2,6 +2,11 @@ import { signToken, verifyJwtSignedUrl } from "@hot-updater/js";
 import { DEFAULT_ROLLOUT_COHORT_COUNT, getAssetBaseStorageUri, getBundlePatches, getManifestFileHash, getManifestStorageUri, stripBundleArtifactMetadata } from "@hot-updater/core";
 import { calculatePagination, createDatabasePlugin, createDatabasePluginGetUpdateInfo, createRuntimeStoragePlugin } from "@hot-updater/plugin-core";
 //#region src/cloudflareWorkerDatabase.ts
+const buildJsonEachInClause = (columnName, values, params) => {
+	if (values.length === 0) return "1 = 0";
+	params.push(JSON.stringify(values));
+	return `${columnName} IN (SELECT value FROM json_each(?))`;
+};
 function buildWhereClause(conditions) {
 	if (!conditions) return {
 		sql: "",
@@ -21,11 +26,7 @@ function buildWhereClause(conditions) {
 		clauses.push("enabled = ?");
 		params.push(conditions.enabled ? 1 : 0);
 	}
-	if (conditions.id?.in) if (conditions.id.in.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`id IN (${conditions.id.in.map(() => "?").join(", ")})`);
-		params.push(...conditions.id.in);
-	}
+	if (conditions.id?.in) clauses.push(buildJsonEachInClause("id", conditions.id.in, params));
 	if (conditions.id?.eq) {
 		clauses.push("id = ?");
 		params.push(conditions.id.eq);
@@ -52,11 +53,7 @@ function buildWhereClause(conditions) {
 		clauses.push("target_app_version = ?");
 		params.push(conditions.targetAppVersion);
 	}
-	if (conditions.targetAppVersionIn) if (conditions.targetAppVersionIn.length === 0) clauses.push("1 = 0");
-	else {
-		clauses.push(`target_app_version IN (${conditions.targetAppVersionIn.map(() => "?").join(", ")})`);
-		params.push(...conditions.targetAppVersionIn);
-	}
+	if (conditions.targetAppVersionIn) clauses.push(buildJsonEachInClause("target_app_version", conditions.targetAppVersionIn, params));
 	if (conditions.fingerprintHash !== void 0) if (conditions.fingerprintHash === null) clauses.push("fingerprint_hash IS NULL");
 	else {
 		clauses.push("fingerprint_hash = ?");
@@ -151,9 +148,9 @@ const d1WorkerDatabase = () => createDatabasePlugin({
 			const rows = await queryAll(`
             SELECT *
             FROM bundle_patches
-            WHERE bundle_id IN (${bundleIds.map(() => "?").join(", ")})
+            WHERE bundle_id IN (SELECT value FROM json_each(?))
             ORDER BY order_index ASC, base_bundle_id ASC
-          `, bundleIds, context);
+          `, [JSON.stringify(bundleIds)], context);
 			for (const row of rows) {
 				const current = patchMap.get(row.bundle_id) ?? [];
 				current.push(row);

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@hot-updater/cloudflare",
   "type": "module",
-  "version": "0.32.0",
+  "version": "0.33.0",
   "description": "React Native OTA solution for self-hosted",
   "main": "dist/index.cjs",
   "module": "dist/index.mjs",
@@ -53,11 +53,11 @@
     "cloudflare": "4.2.0",
     "hono": "4.12.9",
     "uuidv7": "^1.0.2",
-    "@hot-updater/core": "0.32.0",
-    "@hot-updater/js": "0.32.0",
-    "@hot-updater/plugin-core": "0.32.0",
-    "@hot-updater/server": "0.32.0",
-    "@hot-updater/cli-tools": "0.32.0"
+    "@hot-updater/core": "0.33.0",
+    "@hot-updater/js": "0.33.0",
+    "@hot-updater/cli-tools": "0.33.0",
+    "@hot-updater/plugin-core": "0.33.0",
+    "@hot-updater/server": "0.33.0"
   },
   "devDependencies": {
     "@cloudflare/vitest-pool-workers": "0.13.0",
@@ -74,7 +74,7 @@
     "vitest": "4.1.4",
     "wrangler": "^4.5.0",
     "xdg-app-paths": "^8.3.0",
-    "@hot-updater/test-utils": "0.32.0"
+    "@hot-updater/test-utils": "0.33.0"
   },
   "scripts": {
     "build": "tsdown && pnpm build:worker",

package/src/cloudflareWorkerDatabase.spec.ts

@@ -0,0 +1,260 @@
+import type { DatabasePlugin } from "@hot-updater/plugin-core";
+import { beforeEach, describe, expect, it } from "vitest";
+
+import { d1Database, type RequestEnvContext } from "./worker";
+
+type WorkerBundleRow = {
+  id: string;
+  channel: string;
+  enabled: number;
+  should_force_update: number;
+  file_hash: string;
+  git_commit_hash: string | null;
+  message: string | null;
+  platform: "ios" | "android";
+  target_app_version: string | null;
+  storage_uri: string;
+  fingerprint_hash: string | null;
+  metadata: string;
+  manifest_storage_uri: string | null;
+  manifest_file_hash: string | null;
+  asset_base_storage_uri: string | null;
+  rollout_cohort_count: number | null;
+  target_cohorts: string | null;
+};
+
+type WorkerPatchRow = {
+  id: string;
+  bundle_id: string;
+  base_bundle_id: string;
+  base_file_hash: string;
+  patch_file_hash: string;
+  patch_storage_uri: string;
+  order_index: number | null;
+};
+
+type TestEnv = {
+  DB: ReturnType<typeof createD1Binding>;
+  JWT_SECRET: string;
+  BUCKET: {
+    get: (key: string) => Promise<{ text: () => Promise<string> } | null>;
+  };
+};
+
+const rows = new Map<string, WorkerBundleRow>();
+const patchRows = new Map<string, WorkerPatchRow>();
+
+const createBundleRow = (index: number): WorkerBundleRow => {
+  const id = `00000000-0000-0000-0000-${String(index).padStart(12, "0")}`;
+  return {
+    id,
+    channel: "production",
+    enabled: 1,
+    should_force_update: 0,
+    file_hash: `hash-${index}`,
+    git_commit_hash: null,
+    message: null,
+    platform: "ios",
+    target_app_version: `>=0.${index}.0`,
+    storage_uri: `r2://bucket/${id}.zip`,
+    fingerprint_hash: null,
+    metadata: "{}",
+    manifest_storage_uri: null,
+    manifest_file_hash: null,
+    asset_base_storage_uri: null,
+    rollout_cohort_count: 1000,
+    target_cohorts: null,
+  };
+};
+
+const normalizeSql = (sql: string) => sql.replace(/\s+/g, " ").trim();
+
+const filterRows = (sql: string, params: unknown[]) => {
+  let filteredRows = Array.from(rows.values());
+  let index = 0;
+
+  if (sql.includes("channel = ?")) {
+    const channel = params[index++];
+    filteredRows = filteredRows.filter((row) => row.channel === channel);
+  }
+
+  if (sql.includes("platform = ?")) {
+    const platform = params[index++];
+    filteredRows = filteredRows.filter((row) => row.platform === platform);
+  }
+
+  if (sql.includes("enabled = ?")) {
+    const enabled = Number(params[index++]);
+    filteredRows = filteredRows.filter((row) => row.enabled === enabled);
+  }
+
+  if (sql.includes("id >= ?")) {
+    const id = String(params[index++]);
+    filteredRows = filteredRows.filter((row) => row.id.localeCompare(id) >= 0);
+  }
+
+  if (sql.includes("target_app_version IS NOT NULL")) {
+    filteredRows = filteredRows.filter(
+      (row) => row.target_app_version !== null,
+    );
+  }
+
+  const inMatch = sql.match(/target_app_version IN \(([^)]+)\)/);
+  if (inMatch) {
+    const body = inMatch[1] ?? "";
+    const inValues = body.includes("json_each(")
+      ? (JSON.parse(String(params[index++])) as unknown[])
+      : params.slice(index, index + (body.match(/\?/g) ?? []).length);
+    const values = new Set(inValues);
+    filteredRows = filteredRows.filter((row) =>
+      values.has(row.target_app_version),
+    );
+    if (!body.includes("json_each(")) {
+      index += inValues.length;
+    }
+  }
+
+  return { filteredRows, index };
+};
+
+function createD1Binding() {
+  return {
+    prepare(sql: string) {
+      return {
+        bind(...params: unknown[]) {
+          if (params.length > 100) {
+            throw new Error(
+              "D1_ERROR: too many SQL variables at offset 386: SQLITE_ERROR",
+            );
+          }
+
+          return {
+            async all<T>() {
+              const normalizedSql = normalizeSql(sql).toLowerCase();
+
+              if (
+                normalizedSql.startsWith(
+                  "select target_app_version from bundles",
+                )
+              ) {
+                const { filteredRows } = filterRows(sql, params);
+                const targetAppVersions = Array.from(
+                  new Set(
+                    filteredRows
+                      .map((row) => row.target_app_version)
+                      .filter(
+                        (targetAppVersion): targetAppVersion is string =>
+                          targetAppVersion !== null,
+                      ),
+                  ),
+                ).map((targetAppVersion) => ({
+                  target_app_version: targetAppVersion,
+                }));
+
+                return { results: targetAppVersions as T[] };
+              }
+
+              if (
+                normalizedSql.startsWith(
+                  "select count(*) as total from bundles",
+                )
+              ) {
+                const { filteredRows } = filterRows(sql, params);
+                return { results: [{ total: filteredRows.length }] as T[] };
+              }
+
+              if (normalizedSql.startsWith("select * from bundles")) {
+                const { filteredRows, index } = filterRows(sql, params);
+                const limit = Number(params[index] ?? filteredRows.length);
+                const offset = Number(params[index + 1] ?? 0);
+                const result = filteredRows
+                  .sort((left, right) => right.id.localeCompare(left.id))
+                  .slice(offset, offset + limit);
+
+                return { results: result as T[] };
+              }
+
+              if (
+                normalizedSql.startsWith(
+                  "select * from bundle_patches where bundle_id in",
+                )
+              ) {
+                const selectedBundleIds = new Set(
+                  normalizedSql.includes("json_each")
+                    ? (JSON.parse(String(params[0])) as unknown[]).map(String)
+                    : params.map(String),
+                );
+                const result = Array.from(patchRows.values()).filter((row) =>
+                  selectedBundleIds.has(row.bundle_id),
+                );
+
+                return { results: result as T[] };
+              }
+
+              throw new Error(`Unsupported SQL in D1 worker mock: ${sql}`);
+            },
+            async first<T>() {
+              return (await this.all<T>()).results?.[0] ?? null;
+            },
+            async run() {
+              return {};
+            },
+          };
+        },
+      };
+    },
+  };
+}
+
+describe("cloudflare worker d1Database", () => {
+  let plugin: DatabasePlugin<RequestEnvContext<TestEnv>>;
+  let context: RequestEnvContext<TestEnv>;
+
+  beforeEach(() => {
+    rows.clear();
+    patchRows.clear();
+    plugin = d1Database<RequestEnvContext<TestEnv>>()();
+    context = {
+      env: {
+        DB: createD1Binding(),
+        JWT_SECRET: "test-secret",
+        BUCKET: {
+          get: async () => null,
+        },
+      },
+    };
+  });
+
+  it("queries getUpdateInfo with 200 distinct target_app_versions without exceeding D1's 100-bind cap", async () => {
+    for (let index = 0; index < 200; index++) {
+      const row = createBundleRow(index);
+      rows.set(row.id, row);
+    }
+
+    const result = await plugin.getUpdateInfo?.(
+      {
+        appVersion: "1.0.0",
+        bundleId: "00000000-0000-0000-0000-000000000000",
+        platform: "ios",
+        channel: "production",
+        minBundleId: "00000000-0000-0000-0000-000000000000",
+        _updateStrategy: "appVersion",
+      },
+      context,
+    );
+
+    expect(result).not.toBeNull();
+  });
+
+  it("queries patches for 200 listed bundles without exceeding D1's 100-bind cap", async () => {
+    for (let index = 0; index < 200; index++) {
+      const row = createBundleRow(index);
+      rows.set(row.id, row);
+    }
+
+    const result = await plugin.getBundles({ limit: 200 }, context);
+
+    expect(result.data).toHaveLength(200);
+    expect(result.pagination.total).toBe(200);
+  });
+});

package/src/cloudflareWorkerDatabase.ts

@@ -52,6 +52,19 @@ interface BuildQueryResult {
   params: unknown[];
 }
 
+const buildJsonEachInClause = (
+  columnName: string,
+  values: string[],
+  params: unknown[],
+) => {
+  if (values.length === 0) {
+    return "1 = 0";
+  }
+
+  params.push(JSON.stringify(values));
+  return `${columnName} IN (SELECT value FROM json_each(?))`;
+};
+
 interface D1WorkerBundleRow {
   id: string;
   channel: string;
@@ -108,12 +121,7 @@ function buildWhereClause(
   }
 
   if (conditions.id?.in) {
-    if (conditions.id.in.length === 0) {
-      clauses.push("1 = 0");
-    } else {
-      clauses.push(`id IN (${conditions.id.in.map(() => "?").join(", ")})`);
-      params.push(...conditions.id.in);
-    }
+    clauses.push(buildJsonEachInClause("id", conditions.id.in, params));
   }
 
   if (conditions.id?.eq) {
@@ -155,16 +163,13 @@ function buildWhereClause(
   }
 
   if (conditions.targetAppVersionIn) {
-    if (conditions.targetAppVersionIn.length === 0) {
-      clauses.push("1 = 0");
-    } else {
-      clauses.push(
-        `target_app_version IN (${conditions.targetAppVersionIn
-          .map(() => "?")
-          .join(", ")})`,
-      );
-      params.push(...conditions.targetAppVersionIn);
-    }
+    clauses.push(
+      buildJsonEachInClause(
+        "target_app_version",
+        conditions.targetAppVersionIn,
+        params,
+      ),
+    );
   }
 
   if (conditions.fingerprintHash !== undefined) {
@@ -335,15 +340,14 @@ export const d1WorkerDatabase = <
           return patchMap;
         }
 
-        const placeholders = bundleIds.map(() => "?").join(", ");
         const rows = await queryAll<D1WorkerBundlePatchRow>(
           `
             SELECT *
             FROM bundle_patches
-            WHERE bundle_id IN (${placeholders})
+            WHERE bundle_id IN (SELECT value FROM json_each(?))
             ORDER BY order_index ASC, base_bundle_id ASC
           `,
-          bundleIds,
+          [JSON.stringify(bundleIds)],
           context,
         );
 

package/src/d1Database.spec.ts

@@ -64,7 +64,13 @@ const getFilteredRows = (sql: string, params: any[]) => {
       return null;
     }
 
-    const count = (match[1]?.match(/\?/g) ?? []).length;
+    const body = match[1] ?? "";
+    if (body.includes("json_each(")) {
+      const values = JSON.parse(String(params[index++])) as unknown;
+      return Array.isArray(values) ? values : [];
+    }
+
+    const count = (body.match(/\?/g) ?? []).length;
     const values = params.slice(index, index + count);
     index += count;
     return values;
@@ -169,6 +175,12 @@ vi.mock("cloudflare", () => ({
             params?: any[];
           },
         ) => {
+          if (params.length > 100) {
+            throw new Error(
+              "D1_ERROR: too many SQL variables at offset 386: SQLITE_ERROR",
+            );
+          }
+
           const normalizedSql = sql.replace(/\s+/g, " ").trim().toLowerCase();
 
           if (
@@ -190,7 +202,9 @@ vi.mock("cloudflare", () => ({
             )
           ) {
             const selectedBundleIds = new Set(
-              params.map((value) => String(value)),
+              normalizedSql.includes("json_each")
+                ? (JSON.parse(String(params[0])) as unknown[]).map(String)
+                : params.map((value) => String(value)),
             );
             const result = Array.from(patchRows.values())
               .filter((row) => selectedBundleIds.has(row.bundle_id))