npm - @hot-updater/react-native - Versions diffs - 0.22.1 → 0.23.0 - Mend

@hot-updater/react-native 0.22.1 → 0.23.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

package/android/src/main/java/com/hotupdater/BundleFileStorageService.kt +17 -12
package/android/src/main/java/com/hotupdater/HotUpdater.kt +1 -1
package/android/src/main/java/com/hotupdater/HotUpdaterFactory.kt +1 -0
package/android/src/main/java/com/hotupdater/HotUpdaterImpl.kt +1 -1
package/android/src/main/java/com/hotupdater/SignatureVerifier.kt +346 -0
package/ios/HotUpdater/Internal/BundleFileStorageService.swift +26 -18
package/ios/HotUpdater/Internal/SignatureVerifier.swift +339 -0
package/lib/commonjs/checkForUpdate.js +1 -1
package/lib/commonjs/checkForUpdate.js.map +1 -1
package/lib/commonjs/index.js +16 -1
package/lib/commonjs/index.js.map +1 -1
package/lib/commonjs/specs/NativeHotUpdater.js.map +1 -1
package/lib/commonjs/types.js +45 -0
package/lib/commonjs/types.js.map +1 -0
package/lib/module/checkForUpdate.js +1 -1
package/lib/module/checkForUpdate.js.map +1 -1
package/lib/module/index.js +1 -0
package/lib/module/index.js.map +1 -1
package/lib/module/specs/NativeHotUpdater.js.map +1 -1
package/lib/module/types.js +40 -0
package/lib/module/types.js.map +1 -0
package/lib/typescript/commonjs/index.d.ts +1 -0
package/lib/typescript/commonjs/index.d.ts.map +1 -1
package/lib/typescript/commonjs/specs/NativeHotUpdater.d.ts +7 -2
package/lib/typescript/commonjs/specs/NativeHotUpdater.d.ts.map +1 -1
package/lib/typescript/commonjs/types.d.ts +34 -0
package/lib/typescript/commonjs/types.d.ts.map +1 -0
package/lib/typescript/module/index.d.ts +1 -0
package/lib/typescript/module/index.d.ts.map +1 -1
package/lib/typescript/module/specs/NativeHotUpdater.d.ts +7 -2
package/lib/typescript/module/specs/NativeHotUpdater.d.ts.map +1 -1
package/lib/typescript/module/types.d.ts +34 -0
package/lib/typescript/module/types.d.ts.map +1 -0
package/package.json +7 -7
package/plugin/build/transformers.js +269 -0
package/src/checkForUpdate.ts +1 -1
package/src/index.ts +5 -0
package/src/specs/NativeHotUpdater.ts +7 -2
package/src/types.ts +63 -0

package/ios/HotUpdater/Internal/SignatureVerifier.swift ADDED Viewed

@@ -0,0 +1,339 @@
+import Foundation
+import Security
+/// Prefix for signed file hash format.
+private let SIGNED_HASH_PREFIX = "sig:"
+/// Error types for signature verification failures.
+///
+/// **IMPORTANT**: The error messages in `errorUserInfo` are used by the JavaScript layer
+/// (`packages/react-native/src/types.ts`) to detect signature verification failures.
+/// If you change these messages, update `isSignatureVerificationError()` in types.ts accordingly.
+public enum SignatureVerificationError: Error, CustomNSError {
+    case publicKeyNotConfigured
+    case invalidPublicKeyFormat
+    case invalidSignatureFormat
+    case verificationFailed
+    case hashMismatch
+    case hashCalculationFailed
+    case unsignedNotAllowed
+    case securityFrameworkError(OSStatus)
+    // CustomNSError protocol implementation
+    public static var errorDomain: String {
+        return "com.hotupdater.SignatureVerificationError"
+    }
+    public var errorCode: Int {
+        switch self {
+        case .publicKeyNotConfigured: return 2001
+        case .invalidPublicKeyFormat: return 2002
+        case .invalidSignatureFormat: return 2003
+        case .verificationFailed: return 2004
+        case .hashMismatch: return 2005
+        case .hashCalculationFailed: return 2006
+        case .unsignedNotAllowed: return 2007
+        case .securityFrameworkError: return 2099
+        }
+    }
+    public var errorUserInfo: [String: Any] {
+        var userInfo: [String: Any] = [:]
+        switch self {
+        case .publicKeyNotConfigured:
+            userInfo[NSLocalizedDescriptionKey] = "Public key not configured for signature verification"
+            userInfo[NSLocalizedRecoverySuggestionErrorKey] = "Add HOT_UPDATER_PUBLIC_KEY to Info.plist with your RSA public key"
+        case .invalidPublicKeyFormat:
+            userInfo[NSLocalizedDescriptionKey] = "Public key format is invalid"
+            userInfo[NSLocalizedRecoverySuggestionErrorKey] = "Ensure the public key is in PEM format (BEGIN PUBLIC KEY)"
+        case .invalidSignatureFormat:
+            userInfo[NSLocalizedDescriptionKey] = "Signature format is invalid"
+            userInfo[NSLocalizedRecoverySuggestionErrorKey] = "The signature must be base64-encoded"
+        case .verificationFailed:
+            userInfo[NSLocalizedDescriptionKey] = "Bundle signature verification failed"
+            userInfo[NSLocalizedRecoverySuggestionErrorKey] = "The bundle may be corrupted or tampered with. Rejecting update for security"
+        case .hashMismatch:
+            userInfo[NSLocalizedDescriptionKey] = "Bundle hash verification failed"
+            userInfo[NSLocalizedRecoverySuggestionErrorKey] = "The bundle file hash does not match. File may be corrupted"
+        case .hashCalculationFailed:
+            userInfo[NSLocalizedDescriptionKey] = "Failed to calculate file hash"
+            userInfo[NSLocalizedRecoverySuggestionErrorKey] = "Could not read file for hash verification"
+        case .unsignedNotAllowed:
+            userInfo[NSLocalizedDescriptionKey] = "Unsigned bundle not allowed when signing is enabled"
+            userInfo[NSLocalizedRecoverySuggestionErrorKey] = "Public key is configured but bundle is not signed. Rejecting update"
+        case .securityFrameworkError(let status):
+            userInfo[NSLocalizedDescriptionKey] = "Security framework error during verification (OSStatus: \(status))"
+            userInfo[NSLocalizedRecoverySuggestionErrorKey] = "Check public key format and signature data"
+        }
+        return userInfo
+    }
+}
+/**
+ * Service for verifying bundle integrity through hash or RSA-SHA256 signature verification.
+ * Uses iOS Security framework for cryptographic operations.
+ *
+ * fileHash format:
+ * - Signed: `sig:<base64_signature>` - Verify signature (implicitly verifies hash)
+ * - Unsigned: `<hex_hash>` - Verify SHA256 hash only
+ *
+ * Security rules:
+ * - null/empty fileHash → REJECT
+ * - sig:... + public key configured → verify signature → Install/REJECT
+ * - sig:... + public key NOT configured → REJECT (can't verify)
+ * - <hash> + public key configured → REJECT (unsigned not allowed)
+ * - <hash> + public key NOT configured → verify hash → Install/REJECT
+ */
+public class SignatureVerifier {
+    /**
+     * Reads public key from Info.plist configuration.
+     * @return Public key PEM string or nil if not configured
+     */
+    private static func getPublicKeyFromConfig() -> String? {
+        guard let publicKeyPEM = Bundle.main.object(forInfoDictionaryKey: "HOT_UPDATER_PUBLIC_KEY") as? String else {
+            NSLog("[SignatureVerifier] HOT_UPDATER_PUBLIC_KEY not found in Info.plist")
+            return nil
+        }
+        return publicKeyPEM
+    }
+    /**
+     * Checks if signing is enabled (public key is configured).
+     * @return true if public key is configured
+     */
+    public static func isSigningEnabled() -> Bool {
+        return getPublicKeyFromConfig() != nil
+    }
+    /**
+     * Checks if fileHash is in signed format (starts with "sig:").
+     * @param fileHash The file hash string to check
+     * @return true if signed format
+     */
+    public static func isSignedFormat(_ fileHash: String?) -> Bool {
+        guard let hash = fileHash else { return false }
+        return hash.hasPrefix(SIGNED_HASH_PREFIX)
+    }
+    /**
+     * Extracts signature from signed format fileHash.
+     * @param fileHash The signed file hash (sig:<signature>)
+     * @return Base64-encoded signature or nil if not signed format
+     */
+    public static func extractSignature(_ fileHash: String?) -> String? {
+        guard let hash = fileHash, isSignedFormat(hash) else { return nil }
+        return String(hash.dropFirst(SIGNED_HASH_PREFIX.count))
+    }
+    /**
+     * Verifies bundle integrity based on fileHash format.
+     * Determines verification mode by checking for "sig:" prefix.
+     *
+     * @param fileURL URL of the bundle file to verify
+     * @param fileHash Combined hash string (sig:<signature> or <hex_hash>)
+     * @return Result indicating verification success or failure with error
+     */
+    public static func verifyBundle(fileURL: URL, fileHash: String?) -> Result<Void, SignatureVerificationError> {
+        let signingEnabled = isSigningEnabled()
+        // Rule: null/empty fileHash → REJECT
+        guard let hash = fileHash, !hash.isEmpty else {
+            NSLog("[SignatureVerifier] fileHash is null or empty. Rejecting update.")
+            return .failure(.verificationFailed)
+        }
+        if isSignedFormat(hash) {
+            // Signed format: sig:<signature>
+            guard let signature = extractSignature(hash) else {
+                NSLog("[SignatureVerifier] Failed to extract signature from fileHash")
+                return .failure(.invalidSignatureFormat)
+            }
+            // Rule: sig:... + public key NOT configured → REJECT
+            guard signingEnabled else {
+                NSLog("[SignatureVerifier] Signed bundle but public key not configured. Cannot verify.")
+                return .failure(.publicKeyNotConfigured)
+            }
+            // Rule: sig:... + public key configured → verify signature
+            return verifySignature(fileURL: fileURL, signatureBase64: signature)
+        } else {
+            // Unsigned format: <hex_hash>
+            // Rule: <hash> + public key configured → REJECT
+            if signingEnabled {
+                NSLog("[SignatureVerifier] Unsigned bundle not allowed when signing is enabled. Rejecting.")
+                return .failure(.unsignedNotAllowed)
+            }
+            // Rule: <hash> + public key NOT configured → verify hash
+            return verifyHash(fileURL: fileURL, expectedHash: hash)
+        }
+    }
+    /**
+     * Verifies SHA256 hash of a file.
+     * @param fileURL URL of the file to verify
+     * @param expectedHash Expected SHA256 hash (hex string)
+     * @return Result indicating verification success or failure
+     */
+    public static func verifyHash(fileURL: URL, expectedHash: String) -> Result<Void, SignatureVerificationError> {
+        NSLog("[SignatureVerifier] Verifying hash for file: \(fileURL.lastPathComponent)")
+        guard HashUtils.verifyHash(fileURL: fileURL, expectedHash: expectedHash) else {
+            NSLog("[SignatureVerifier] Hash mismatch!")
+            return .failure(.hashMismatch)
+        }
+        NSLog("[SignatureVerifier] ✅ Hash verified successfully")
+        return .success(())
+    }
+    /**
+     * Verifies RSA-SHA256 signature of a file.
+     * Calculates the file hash internally and verifies the signature.
+     *
+     * @param fileURL URL of the file to verify
+     * @param signatureBase64 Base64-encoded RSA-SHA256 signature
+     * @return Result indicating verification success or failure with error
+     */
+    public static func verifySignature(fileURL: URL, signatureBase64: String) -> Result<Void, SignatureVerificationError> {
+        NSLog("[SignatureVerifier] Verifying signature for file: \(fileURL.lastPathComponent)")
+        // Get public key from config
+        guard let publicKeyPEM = getPublicKeyFromConfig() else {
+            NSLog("[SignatureVerifier] Cannot verify signature: public key not configured in Info.plist")
+            return .failure(.publicKeyNotConfigured)
+        }
+        // Convert PEM to SecKey
+        let publicKeyResult = createPublicKey(from: publicKeyPEM)
+        guard case .success(let publicKey) = publicKeyResult else {
+            if case .failure(let error) = publicKeyResult {
+                return .failure(error)
+            }
+            return .failure(.invalidPublicKeyFormat)
+        }
+        // Calculate file hash
+        guard let fileHashHex = HashUtils.calculateSHA256(fileURL: fileURL) else {
+            NSLog("[SignatureVerifier] Failed to calculate file hash")
+            return .failure(.hashCalculationFailed)
+        }
+        NSLog("[SignatureVerifier] Calculated file hash: \(fileHashHex)")
+        // Decode signature from base64
+        guard let signatureData = Data(base64Encoded: signatureBase64) else {
+            NSLog("[SignatureVerifier] Failed to decode signature from base64")
+            return .failure(.invalidSignatureFormat)
+        }
+        // Convert hex fileHash to data
+        guard let fileHashData = dataFromHexString(fileHashHex) else {
+            NSLog("[SignatureVerifier] Failed to convert fileHash from hex")
+            return .failure(.invalidSignatureFormat)
+        }
+        // Verify signature
+        let algorithm: SecKeyAlgorithm = .rsaSignatureMessagePKCS1v15SHA256
+        guard SecKeyIsAlgorithmSupported(publicKey, .verify, algorithm) else {
+            NSLog("[SignatureVerifier] RSA-SHA256 algorithm not supported")
+            return .failure(.securityFrameworkError(-1))
+        }
+        var error: Unmanaged<CFError>?
+        let verified = SecKeyVerifySignature(
+            publicKey,
+            algorithm,
+            fileHashData as CFData,
+            signatureData as CFData,
+            &error
+        )
+        if let err = error?.takeRetainedValue() {
+            NSLog("[SignatureVerifier] Verification failed: \(err)")
+            return .failure(.verificationFailed)
+        }
+        if verified {
+            NSLog("[SignatureVerifier] ✅ Signature verified successfully")
+            return .success(())
+        } else {
+            NSLog("[SignatureVerifier] ❌ Signature verification failed")
+            return .failure(.verificationFailed)
+        }
+    }
+    /**
+     * Converts PEM-formatted public key to SecKey.
+     * @param publicKeyPEM Public key in PEM format
+     * @return SecKey or error
+     */
+    private static func createPublicKey(from publicKeyPEM: String) -> Result<SecKey, SignatureVerificationError> {
+        // Remove PEM headers/footers and whitespace
+        var keyString = publicKeyPEM
+            .replacingOccurrences(of: "-----BEGIN PUBLIC KEY-----", with: "")
+            .replacingOccurrences(of: "-----END PUBLIC KEY-----", with: "")
+            .replacingOccurrences(of: "\\n", with: "")
+            .replacingOccurrences(of: "\n", with: "")
+            .replacingOccurrences(of: " ", with: "")
+        // Decode base64
+        guard let keyData = Data(base64Encoded: keyString) else {
+            NSLog("[SignatureVerifier] Failed to decode public key from base64")
+            return .failure(.invalidPublicKeyFormat)
+        }
+        // SecKeyCreateWithData auto-detects key size from SPKI-formatted key data.
+        // This supports any valid RSA key size (2048, 3072, 4096-bit, etc.)
+        let attributes: [String: Any] = [
+            kSecAttrKeyType as String: kSecAttrKeyTypeRSA,
+            kSecAttrKeyClass as String: kSecAttrKeyClassPublic
+        ]
+        var error: Unmanaged<CFError>?
+        guard let secKey = SecKeyCreateWithData(keyData as CFData, attributes as CFDictionary, &error) else {
+            if let err = error?.takeRetainedValue() {
+                NSLog("[SignatureVerifier] SecKeyCreateWithData failed: \(err)")
+            }
+            return .failure(.invalidPublicKeyFormat)
+        }
+        return .success(secKey)
+    }
+    /**
+     * Converts hex string to Data.
+     * @param hexString Hex-encoded string
+     * @return Data or nil if invalid format
+     */
+    private static func dataFromHexString(_ hexString: String) -> Data? {
+        var data = Data(capacity: hexString.count / 2)
+        var index = hexString.startIndex
+        while index < hexString.endIndex {
+            let nextIndex = hexString.index(index, offsetBy: 2)
+            guard nextIndex <= hexString.endIndex else { return nil }
+            let byteString = hexString[index..<nextIndex]
+            guard let byte = UInt8(byteString, radix: 16) else { return nil }
+            data.append(byte)
+            index = nextIndex
+        }
+        return data
+    }
+}

package/lib/commonjs/checkForUpdate.js CHANGED Viewed

@@ -50,7 +50,7 @@ async function checkForUpdate(options) {
         return (0, _native.updateBundle)({
           bundleId: updateInfo.id,
           fileUrl: updateInfo.fileUrl,
-          fileHash: updateInfo?.fileHash ?? null,
+          fileHash: updateInfo.fileHash,
           status: updateInfo.status
         });
       }

package/lib/commonjs/checkForUpdate.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_reactNative","require","_error","_fetchUpdateInfo","_native","checkForUpdate","options","__DEV__","includes","Platform","OS","onError","HotUpdaterError","currentAppVersion","getAppVersion","platform","currentBundleId","getBundleId","minBundleId","getMinBundleId","channel","getChannel","fingerprintHash","getFingerprintHash","fetchUpdateInfo","source","params","bundleId","appVersion","requestHeaders","requestTimeout","then","updateInfo","updateBundle","id","fileUrl","fileHash","status","getUpdateSource","baseUrl","updateStrategy","exports"],"sourceRoot":"../../src","sources":["checkForUpdate.ts"],"mappings":";;;;;;;AACA,IAAAA,YAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AA4BO,eAAeI,cAAcA,CAClCC,OAA8B,EACQ;EACtC,IAAIC,OAAO,EAAE;IACX,OAAO,IAAI;EACb;EAEA,IAAI,CAAC,CAAC,KAAK,EAAE,SAAS,CAAC,CAACC,QAAQ,CAACC,qBAAQ,CAACC,EAAE,CAAC,EAAE;IAC7CJ,OAAO,CAACK,OAAO,GACb,IAAIC,sBAAe,CAAC,iDAAiD,CACvE,CAAC;IACD,OAAO,IAAI;EACb;EAEA,MAAMC,iBAAiB,GAAG,IAAAC,qBAAa,EAAC,CAAC;EACzC,MAAMC,QAAQ,GAAGN,qBAAQ,CAACC,EAAuB;EACjD,MAAMM,eAAe,GAAG,IAAAC,mBAAW,EAAC,CAAC;EACrC,MAAMC,WAAW,GAAG,IAAAC,sBAAc,EAAC,CAAC;EACpC,MAAMC,OAAO,GAAG,IAAAC,kBAAU,EAAC,CAAC;EAE5B,IAAI,CAACR,iBAAiB,EAAE;IACtBP,OAAO,CAACK,OAAO,GAAG,IAAIC,sBAAe,CAAC,2BAA2B,CAAC,CAAC;IACnE,OAAO,IAAI;EACb;EAEA,MAAMU,eAAe,GAAG,IAAAC,0BAAkB,EAAC,CAAC;EAE5C,OAAO,IAAAC,gCAAe,EAAC;IACrBC,MAAM,EAAEnB,OAAO,CAACmB,MAAM;IACtBC,MAAM,EAAE;MACNC,QAAQ,EAAEX,eAAe;MACzBY,UAAU,EAAEf,iBAAiB;MAC7BE,QAAQ;MACRG,WAAW;MACXE,OAAO;MACPE;IACF,CAAC;IACDO,cAAc,EAAEvB,OAAO,CAACuB,cAAc;IACtClB,OAAO,EAAEL,OAAO,CAACK,OAAO;IACxBmB,cAAc,EAAExB,OAAO,CAACwB;EAC1B,CAAC,CAAC,CAACC,IAAI,CAAEC,UAAU,IAAK;IACtB,IAAI,CAACA,UAAU,EAAE;MACf,OAAO,IAAI;IACb;IAEA,OAAO;MACL,GAAGA,UAAU;MACbC,YAAY,EAAE,MAAAA,CAAA,KAAY;QACxB,OAAO,IAAAA,oBAAY,EAAC;UAClBN,QAAQ,EAAEK,UAAU,CAACE,EAAE;UACvBC,OAAO,EAAEH,UAAU,CAACG,OAAO;UAC3BC,QAAQ,EAAEJ,UAAU,~~EAAEI~~,QAAQ~~,IAAI,IAAI~~;~~UACtCC~~,MAAM,EAAEL,UAAU,CAACK;QACrB,CAAC,CAAC;MACJ;IACF,CAAC;EACH,CAAC,CAAC;AACJ;AAYO,MAAMC,eAAe,GAC1BA,CAACC,OAAe,EAAEjC,OAA+B,KAChDoB,MAA0B,IAAK;EAC9B,QAAQpB,OAAO,CAACkC,cAAc;IAC5B,KAAK,aAAa;MAAE;QAClB,IAAI,CAACd,MAAM,CAACJ,eAAe,EAAE;UAC3B,MAAM,IAAIV,sBAAe,CAAC,8BAA8B,CAAC;QAC3D;QACA,OAAO,GAAG2B,OAAO,gBAAgBb,MAAM,CAACX,QAAQ,IAAIW,MAAM,CAACJ,eAAe,IAAII,MAAM,CAACN,OAAO,IAAIM,MAAM,CAACR,WAAW,IAAIQ,MAAM,CAACC,QAAQ,EAAE;MACzI;IACA,KAAK,YAAY;MAAE;QACjB,OAAO,GAAGY,OAAO,gBAAgBb,MAAM,CAACX,QAAQ,IAAIW,MAAM,CAACE,UAAU,IAAIF,MAAM,CAACN,OAAO,IAAIM,MAAM,CAACR,WAAW,IAAIQ,MAAM,CAACC,QAAQ,EAAE;MACpI;IACA;MACE,OAAOY,OAAO;EAClB;AACF,CAAC;AAACE,OAAA,CAAAH,eAAA,GAAAA,eAAA","ignoreList":[]}
1	+ {"version":3,"names":["_reactNative","require","_error","_fetchUpdateInfo","_native","checkForUpdate","options","__DEV__","includes","Platform","OS","onError","HotUpdaterError","currentAppVersion","getAppVersion","platform","currentBundleId","getBundleId","minBundleId","getMinBundleId","channel","getChannel","fingerprintHash","getFingerprintHash","fetchUpdateInfo","source","params","bundleId","appVersion","requestHeaders","requestTimeout","then","updateInfo","updateBundle","id","fileUrl","fileHash","status","getUpdateSource","baseUrl","updateStrategy","exports"],"sourceRoot":"../../src","sources":["checkForUpdate.ts"],"mappings":";;;;;;;AACA,IAAAA,YAAA,GAAAC,OAAA;AACA,IAAAC,MAAA,GAAAD,OAAA;AACA,IAAAE,gBAAA,GAAAF,OAAA;AACA,IAAAG,OAAA,GAAAH,OAAA;AA4BO,eAAeI,cAAcA,CAClCC,OAA8B,EACQ;EACtC,IAAIC,OAAO,EAAE;IACX,OAAO,IAAI;EACb;EAEA,IAAI,CAAC,CAAC,KAAK,EAAE,SAAS,CAAC,CAACC,QAAQ,CAACC,qBAAQ,CAACC,EAAE,CAAC,EAAE;IAC7CJ,OAAO,CAACK,OAAO,GACb,IAAIC,sBAAe,CAAC,iDAAiD,CACvE,CAAC;IACD,OAAO,IAAI;EACb;EAEA,MAAMC,iBAAiB,GAAG,IAAAC,qBAAa,EAAC,CAAC;EACzC,MAAMC,QAAQ,GAAGN,qBAAQ,CAACC,EAAuB;EACjD,MAAMM,eAAe,GAAG,IAAAC,mBAAW,EAAC,CAAC;EACrC,MAAMC,WAAW,GAAG,IAAAC,sBAAc,EAAC,CAAC;EACpC,MAAMC,OAAO,GAAG,IAAAC,kBAAU,EAAC,CAAC;EAE5B,IAAI,CAACR,iBAAiB,EAAE;IACtBP,OAAO,CAACK,OAAO,GAAG,IAAIC,sBAAe,CAAC,2BAA2B,CAAC,CAAC;IACnE,OAAO,IAAI;EACb;EAEA,MAAMU,eAAe,GAAG,IAAAC,0BAAkB,EAAC,CAAC;EAE5C,OAAO,IAAAC,gCAAe,EAAC;IACrBC,MAAM,EAAEnB,OAAO,CAACmB,MAAM;IACtBC,MAAM,EAAE;MACNC,QAAQ,EAAEX,eAAe;MACzBY,UAAU,EAAEf,iBAAiB;MAC7BE,QAAQ;MACRG,WAAW;MACXE,OAAO;MACPE;IACF,CAAC;IACDO,cAAc,EAAEvB,OAAO,CAACuB,cAAc;IACtClB,OAAO,EAAEL,OAAO,CAACK,OAAO;IACxBmB,cAAc,EAAExB,OAAO,CAACwB;EAC1B,CAAC,CAAC,CAACC,IAAI,CAAEC,UAAU,IAAK;IACtB,IAAI,CAACA,UAAU,EAAE;MACf,OAAO,IAAI;IACb;IAEA,OAAO;MACL,GAAGA,UAAU;MACbC,YAAY,EAAE,MAAAA,CAAA,KAAY;QACxB,OAAO,IAAAA,oBAAY,EAAC;UAClBN,QAAQ,EAAEK,UAAU,CAACE,EAAE;UACvBC,OAAO,EAAEH,UAAU,CAACG,OAAO;UAC3BC,QAAQ,EAAEJ,UAAU,CAACI,QAAQ;UAC7BC,MAAM,EAAEL,UAAU,CAACK;QACrB,CAAC,CAAC;MACJ;IACF,CAAC;EACH,CAAC,CAAC;AACJ;AAYO,MAAMC,eAAe,GAC1BA,CAACC,OAAe,EAAEjC,OAA+B,KAChDoB,MAA0B,IAAK;EAC9B,QAAQpB,OAAO,CAACkC,cAAc;IAC5B,KAAK,aAAa;MAAE;QAClB,IAAI,CAACd,MAAM,CAACJ,eAAe,EAAE;UAC3B,MAAM,IAAIV,sBAAe,CAAC,8BAA8B,CAAC;QAC3D;QACA,OAAO,GAAG2B,OAAO,gBAAgBb,MAAM,CAACX,QAAQ,IAAIW,MAAM,CAACJ,eAAe,IAAII,MAAM,CAACN,OAAO,IAAIM,MAAM,CAACR,WAAW,IAAIQ,MAAM,CAACC,QAAQ,EAAE;MACzI;IACA,KAAK,YAAY;MAAE;QACjB,OAAO,GAAGY,OAAO,gBAAgBb,MAAM,CAACX,QAAQ,IAAIW,MAAM,CAACE,UAAU,IAAIF,MAAM,CAACN,OAAO,IAAIM,MAAM,CAACR,WAAW,IAAIQ,MAAM,CAACC,QAAQ,EAAE;MACpI;IACA;MACE,OAAOY,OAAO;EAClB;AACF,CAAC;AAACE,OAAA,CAAAH,eAAA,GAAAA,eAAA","ignoreList":[]}

package/lib/commonjs/index.js CHANGED Viewed

@@ -5,15 +5,29 @@ Object.defineProperty(exports, "__esModule", {
 });
 var _exportNames = {
   HotUpdater: true,
-  getUpdateSource: true
+  getUpdateSource: true,
+  extractSignatureFailure: true,
+  isSignatureVerificationError: true
 };
 exports.HotUpdater = void 0;
+Object.defineProperty(exports, "extractSignatureFailure", {
+  enumerable: true,
+  get: function () {
+    return _types.extractSignatureFailure;
+  }
+});
 Object.defineProperty(exports, "getUpdateSource", {
   enumerable: true,
   get: function () {
     return _checkForUpdate.getUpdateSource;
   }
 });
+Object.defineProperty(exports, "isSignatureVerificationError", {
+  enumerable: true,
+  get: function () {
+    return _types.isSignatureVerificationError;
+  }
+});
 var _checkForUpdate = require("./checkForUpdate.js");
 var _native = require("./native.js");
 var _runUpdateProcess = require("./runUpdateProcess.js");
@@ -30,6 +44,7 @@ Object.keys(_store).forEach(function (key) {
   });
 });
 var _wrap = require("./wrap.js");
+var _types = require("./types.js");
 (0, _native.addListener)("onProgress", ({
   progress
 }) => {

package/lib/commonjs/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_checkForUpdate","require","_native","_runUpdateProcess","_store","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","exports","defineProperty","enumerable","get","_wrap","addListener","progress","hotUpdaterStore","setState","HotUpdater","wrap","reload","isUpdateDownloaded","getSnapshot","getAppVersion","getBundleId","getMinBundleId","getChannel","checkForUpdate","runUpdateProcess","updateBundle","getFingerprintHash"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":"~~;;;;;;;;;;;;;;;;~~AAAA,IAAAA,eAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAUA,IAAAE,iBAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAIAI,MAAA,CAAAC,IAAA,CAAAF,MAAA,EAAAG,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAJ,MAAA,CAAAI,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAZ,MAAA,CAAAI,GAAA;IAAA;EAAA;AAAA;AAHA,IAAAS,KAAA,GAAAhB,OAAA;~~AAMA~~,IAAAiB,mBAAW,EAAC,YAAY,EAAE,CAAC;EAAEC;AAAS,CAAC,KAAK;EAC1CC,sBAAe,CAACC,QAAQ,CAAC;IACvBF;EACF,CAAC,CAAC;AACJ,CAAC,CAAC;AAEK,MAAMG,UAAU,~~GAAAT~~,OAAA,~~CAAAS~~,UAAA,GAAG;EACxB;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,IAAI,EAAJA,UAAI;EACJ;AACF;AACA;EACEC,MAAM,EAANA,cAAM;EACN;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,kBAAkB,EAAEA,CAAA,KAAML,sBAAe,CAACM,WAAW,CAAC,CAAC,CAACD,kBAAkB;EAC1E;AACF;AACA;EACEE,aAAa,EAAbA,qBAAa;EACb;AACF;AACA;EACEC,WAAW,EAAXA,mBAAW;EACX;AACF;AACA;EACEC,cAAc,EAAdA,sBAAc;EACd;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,UAAU,EAAVA,kBAAU;EACV;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEZ,WAAW,EAAXA,mBAAW;EACX;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEa,cAAc,EAAdA,8BAAc;EACd;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,gBAAgB,EAAhBA,kCAAgB;EAChB;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,YAAY,EAAZA,oBAAY;EACZ;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,kBAAkB,EAAlBA;AACF,CAAC","ignoreList":[]}
1	+ {"version":3,"names":["_checkForUpdate","require","_native","_runUpdateProcess","_store","Object","keys","forEach","key","prototype","hasOwnProperty","call","_exportNames","exports","defineProperty","enumerable","get","_wrap","_types","addListener","progress","hotUpdaterStore","setState","HotUpdater","wrap","reload","isUpdateDownloaded","getSnapshot","getAppVersion","getBundleId","getMinBundleId","getChannel","checkForUpdate","runUpdateProcess","updateBundle","getFingerprintHash"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAAA,eAAA,GAAAC,OAAA;AACA,IAAAC,OAAA,GAAAD,OAAA;AAUA,IAAAE,iBAAA,GAAAF,OAAA;AACA,IAAAG,MAAA,GAAAH,OAAA;AAIAI,MAAA,CAAAC,IAAA,CAAAF,MAAA,EAAAG,OAAA,WAAAC,GAAA;EAAA,IAAAA,GAAA,kBAAAA,GAAA;EAAA,IAAAH,MAAA,CAAAI,SAAA,CAAAC,cAAA,CAAAC,IAAA,CAAAC,YAAA,EAAAJ,GAAA;EAAA,IAAAA,GAAA,IAAAK,OAAA,IAAAA,OAAA,CAAAL,GAAA,MAAAJ,MAAA,CAAAI,GAAA;EAAAH,MAAA,CAAAS,cAAA,CAAAD,OAAA,EAAAL,GAAA;IAAAO,UAAA;IAAAC,GAAA,WAAAA,CAAA;MAAA,OAAAZ,MAAA,CAAAI,GAAA;IAAA;EAAA;AAAA;AAHA,IAAAS,KAAA,GAAAhB,OAAA;AAIA,IAAAiB,MAAA,GAAAjB,OAAA;AAOA,IAAAkB,mBAAW,EAAC,YAAY,EAAE,CAAC;EAAEC;AAAS,CAAC,KAAK;EAC1CC,sBAAe,CAACC,QAAQ,CAAC;IACvBF;EACF,CAAC,CAAC;AACJ,CAAC,CAAC;AAEK,MAAMG,UAAU,GAAAV,OAAA,CAAAU,UAAA,GAAG;EACxB;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,IAAI,EAAJA,UAAI;EACJ;AACF;AACA;EACEC,MAAM,EAANA,cAAM;EACN;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,kBAAkB,EAAEA,CAAA,KAAML,sBAAe,CAACM,WAAW,CAAC,CAAC,CAACD,kBAAkB;EAC1E;AACF;AACA;EACEE,aAAa,EAAbA,qBAAa;EACb;AACF;AACA;EACEC,WAAW,EAAXA,mBAAW;EACX;AACF;AACA;EACEC,cAAc,EAAdA,sBAAc;EACd;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,UAAU,EAAVA,kBAAU;EACV;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEZ,WAAW,EAAXA,mBAAW;EACX;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEa,cAAc,EAAdA,8BAAc;EACd;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,gBAAgB,EAAhBA,kCAAgB;EAChB;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,YAAY,EAAZA,oBAAY;EACZ;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEC,kBAAkB,EAAlBA;AACF,CAAC","ignoreList":[]}

package/lib/commonjs/specs/NativeHotUpdater.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["_reactNative","require","_default","exports","default","TurboModuleRegistry","getEnforcing"],"sourceRoot":"../../../src","sources":["specs/NativeHotUpdater.ts"],"mappings":";;;;;;AACA,IAAAA,YAAA,GAAAC,OAAA;AAAmD,IAAAC,QAAA,GAAAC,OAAA,CAAAC,OAAA,~~GA4BpCC~~,gCAAmB,CAACC,YAAY,CAAO,YAAY,CAAC","ignoreList":[]}
1	+ {"version":3,"names":["_reactNative","require","_default","exports","default","TurboModuleRegistry","getEnforcing"],"sourceRoot":"../../../src","sources":["specs/NativeHotUpdater.ts"],"mappings":";;;;;;AACA,IAAAA,YAAA,GAAAC,OAAA;AAAmD,IAAAC,QAAA,GAAAC,OAAA,CAAAC,OAAA,GAiCpCC,gCAAmB,CAACC,YAAY,CAAO,YAAY,CAAC","ignoreList":[]}

package/lib/commonjs/types.js ADDED Viewed

@@ -0,0 +1,45 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", {
+  value: true
+});
+exports.extractSignatureFailure = extractSignatureFailure;
+exports.isSignatureVerificationError = isSignatureVerificationError;
+/**
+ * Information about a signature verification failure.
+ * This is a security-critical event that indicates the bundle
+ * may have been tampered with or the public key is misconfigured.
+ */
+/**
+ * Checks if an error is a signature verification failure.
+ * Matches error messages from both iOS and Android native implementations.
+ *
+ * **IMPORTANT**: This function relies on specific error message patterns from native code.
+ * If you change the error messages in the native implementations, update these patterns:
+ * - iOS: `ios/HotUpdater/Internal/SignatureVerifier.swift` (SignatureVerificationError)
+ * - Android: `android/src/main/java/com/hotupdater/SignatureVerifier.kt` (SignatureVerificationException)
+ */
+function isSignatureVerificationError(error) {
+  if (!(error instanceof Error)) {
+    return false;
+  }
+  const message = error.message.toLowerCase();
+  // Match iOS SignatureVerificationError messages
+  // Match Android SignatureVerificationException messages
+  return message.includes("signature verification") || message.includes("public key not configured") || message.includes("public key format is invalid") || message.includes("signature format is invalid") || message.includes("bundle may be corrupted or tampered");
+}
+/**
+ * Extracts signature verification failure details from an error.
+ */
+function extractSignatureFailure(error, bundleId) {
+  const normalizedError = error instanceof Error ? error : new Error(String(error));
+  return {
+    bundleId,
+    message: normalizedError.message,
+    error: normalizedError
+  };
+}
+//# sourceMappingURL=types.js.map

package/lib/commonjs/types.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["isSignatureVerificationError","error","Error","message","toLowerCase","includes","extractSignatureFailure","bundleId","normalizedError","String"],"sourceRoot":"../../src","sources":["types.ts"],"mappings":";;;;;;;AAAA;AACA;AACA;AACA;AACA;;AAgBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACO,SAASA,4BAA4BA,CAACC,KAAc,EAAW;EACpE,IAAI,EAAEA,KAAK,YAAYC,KAAK,CAAC,EAAE;IAC7B,OAAO,KAAK;EACd;EAEA,MAAMC,OAAO,GAAGF,KAAK,CAACE,OAAO,CAACC,WAAW,CAAC,CAAC;;EAE3C;EACA;EACA,OACED,OAAO,CAACE,QAAQ,CAAC,wBAAwB,CAAC,IAC1CF,OAAO,CAACE,QAAQ,CAAC,2BAA2B,CAAC,IAC7CF,OAAO,CAACE,QAAQ,CAAC,8BAA8B,CAAC,IAChDF,OAAO,CAACE,QAAQ,CAAC,6BAA6B,CAAC,IAC/CF,OAAO,CAACE,QAAQ,CAAC,qCAAqC,CAAC;AAE3D;;AAEA;AACA;AACA;AACO,SAASC,uBAAuBA,CACrCL,KAAc,EACdM,QAAgB,EACc;EAC9B,MAAMC,eAAe,GACnBP,KAAK,YAAYC,KAAK,GAAGD,KAAK,GAAG,IAAIC,KAAK,CAACO,MAAM,CAACR,KAAK,CAAC,CAAC;EAE3D,OAAO;IACLM,QAAQ;IACRJ,OAAO,EAAEK,eAAe,CAACL,OAAO;IAChCF,KAAK,EAAEO;EACT,CAAC;AACH","ignoreList":[]}

package/lib/module/checkForUpdate.js CHANGED Viewed

@@ -45,7 +45,7 @@ export async function checkForUpdate(options) {
         return updateBundle({
           bundleId: updateInfo.id,
           fileUrl: updateInfo.fileUrl,
-          fileHash: updateInfo?.fileHash ?? null,
+          fileHash: updateInfo.fileHash,
           status: updateInfo.status
         });
       }

package/lib/module/checkForUpdate.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["Platform","HotUpdaterError","fetchUpdateInfo","getAppVersion","getBundleId","getChannel","getFingerprintHash","getMinBundleId","updateBundle","checkForUpdate","options","__DEV__","includes","OS","onError","currentAppVersion","platform","currentBundleId","minBundleId","channel","fingerprintHash","source","params","bundleId","appVersion","requestHeaders","requestTimeout","then","updateInfo","id","fileUrl","fileHash","status","getUpdateSource","baseUrl","updateStrategy"],"sourceRoot":"../../src","sources":["checkForUpdate.ts"],"mappings":";;AACA,SAASA,QAAQ,QAAQ,cAAc;AACvC,SAASC,eAAe,QAAQ,YAAS;AACzC,SAASC,eAAe,QAA2B,sBAAmB;AACtE,SACEC,aAAa,EACbC,WAAW,EACXC,UAAU,EACVC,kBAAkB,EAClBC,cAAc,EACdC,YAAY,QACP,aAAU;AAqBjB,OAAO,eAAeC,cAAcA,CAClCC,OAA8B,EACQ;EACtC,IAAIC,OAAO,EAAE;IACX,OAAO,IAAI;EACb;EAEA,IAAI,CAAC,CAAC,KAAK,EAAE,SAAS,CAAC,CAACC,QAAQ,CAACZ,QAAQ,CAACa,EAAE,CAAC,EAAE;IAC7CH,OAAO,CAACI,OAAO,GACb,IAAIb,eAAe,CAAC,iDAAiD,CACvE,CAAC;IACD,OAAO,IAAI;EACb;EAEA,MAAMc,iBAAiB,GAAGZ,aAAa,CAAC,CAAC;EACzC,MAAMa,QAAQ,GAAGhB,QAAQ,CAACa,EAAuB;EACjD,MAAMI,eAAe,GAAGb,WAAW,CAAC,CAAC;EACrC,MAAMc,WAAW,GAAGX,cAAc,CAAC,CAAC;EACpC,MAAMY,OAAO,GAAGd,UAAU,CAAC,CAAC;EAE5B,IAAI,CAACU,iBAAiB,EAAE;IACtBL,OAAO,CAACI,OAAO,GAAG,IAAIb,eAAe,CAAC,2BAA2B,CAAC,CAAC;IACnE,OAAO,IAAI;EACb;EAEA,MAAMmB,eAAe,GAAGd,kBAAkB,CAAC,CAAC;EAE5C,OAAOJ,eAAe,CAAC;IACrBmB,MAAM,EAAEX,OAAO,CAACW,MAAM;IACtBC,MAAM,EAAE;MACNC,QAAQ,EAAEN,eAAe;MACzBO,UAAU,EAAET,iBAAiB;MAC7BC,QAAQ;MACRE,WAAW;MACXC,OAAO;MACPC;IACF,CAAC;IACDK,cAAc,EAAEf,OAAO,CAACe,cAAc;IACtCX,OAAO,EAAEJ,OAAO,CAACI,OAAO;IACxBY,cAAc,EAAEhB,OAAO,CAACgB;EAC1B,CAAC,CAAC,CAACC,IAAI,CAAEC,UAAU,IAAK;IACtB,IAAI,CAACA,UAAU,EAAE;MACf,OAAO,IAAI;IACb;IAEA,OAAO;MACL,GAAGA,UAAU;MACbpB,YAAY,EAAE,MAAAA,CAAA,KAAY;QACxB,OAAOA,YAAY,CAAC;UAClBe,QAAQ,EAAEK,UAAU,CAACC,EAAE;UACvBC,OAAO,EAAEF,UAAU,CAACE,OAAO;UAC3BC,QAAQ,EAAEH,UAAU,~~EAAEG~~,QAAQ~~,IAAI,IAAI~~;~~UACtCC~~,MAAM,EAAEJ,UAAU,CAACI;QACrB,CAAC,CAAC;MACJ;IACF,CAAC;EACH,CAAC,CAAC;AACJ;AAYA,OAAO,MAAMC,eAAe,GAC1BA,CAACC,OAAe,EAAExB,OAA+B,KAChDY,MAA0B,IAAK;EAC9B,QAAQZ,OAAO,CAACyB,cAAc;IAC5B,KAAK,aAAa;MAAE;QAClB,IAAI,CAACb,MAAM,CAACF,eAAe,EAAE;UAC3B,MAAM,IAAInB,eAAe,CAAC,8BAA8B,CAAC;QAC3D;QACA,OAAO,GAAGiC,OAAO,gBAAgBZ,MAAM,CAACN,QAAQ,IAAIM,MAAM,CAACF,eAAe,IAAIE,MAAM,CAACH,OAAO,IAAIG,MAAM,CAACJ,WAAW,IAAII,MAAM,CAACC,QAAQ,EAAE;MACzI;IACA,KAAK,YAAY;MAAE;QACjB,OAAO,GAAGW,OAAO,gBAAgBZ,MAAM,CAACN,QAAQ,IAAIM,MAAM,CAACE,UAAU,IAAIF,MAAM,CAACH,OAAO,IAAIG,MAAM,CAACJ,WAAW,IAAII,MAAM,CAACC,QAAQ,EAAE;MACpI;IACA;MACE,OAAOW,OAAO;EAClB;AACF,CAAC","ignoreList":[]}
1	+ {"version":3,"names":["Platform","HotUpdaterError","fetchUpdateInfo","getAppVersion","getBundleId","getChannel","getFingerprintHash","getMinBundleId","updateBundle","checkForUpdate","options","__DEV__","includes","OS","onError","currentAppVersion","platform","currentBundleId","minBundleId","channel","fingerprintHash","source","params","bundleId","appVersion","requestHeaders","requestTimeout","then","updateInfo","id","fileUrl","fileHash","status","getUpdateSource","baseUrl","updateStrategy"],"sourceRoot":"../../src","sources":["checkForUpdate.ts"],"mappings":";;AACA,SAASA,QAAQ,QAAQ,cAAc;AACvC,SAASC,eAAe,QAAQ,YAAS;AACzC,SAASC,eAAe,QAA2B,sBAAmB;AACtE,SACEC,aAAa,EACbC,WAAW,EACXC,UAAU,EACVC,kBAAkB,EAClBC,cAAc,EACdC,YAAY,QACP,aAAU;AAqBjB,OAAO,eAAeC,cAAcA,CAClCC,OAA8B,EACQ;EACtC,IAAIC,OAAO,EAAE;IACX,OAAO,IAAI;EACb;EAEA,IAAI,CAAC,CAAC,KAAK,EAAE,SAAS,CAAC,CAACC,QAAQ,CAACZ,QAAQ,CAACa,EAAE,CAAC,EAAE;IAC7CH,OAAO,CAACI,OAAO,GACb,IAAIb,eAAe,CAAC,iDAAiD,CACvE,CAAC;IACD,OAAO,IAAI;EACb;EAEA,MAAMc,iBAAiB,GAAGZ,aAAa,CAAC,CAAC;EACzC,MAAMa,QAAQ,GAAGhB,QAAQ,CAACa,EAAuB;EACjD,MAAMI,eAAe,GAAGb,WAAW,CAAC,CAAC;EACrC,MAAMc,WAAW,GAAGX,cAAc,CAAC,CAAC;EACpC,MAAMY,OAAO,GAAGd,UAAU,CAAC,CAAC;EAE5B,IAAI,CAACU,iBAAiB,EAAE;IACtBL,OAAO,CAACI,OAAO,GAAG,IAAIb,eAAe,CAAC,2BAA2B,CAAC,CAAC;IACnE,OAAO,IAAI;EACb;EAEA,MAAMmB,eAAe,GAAGd,kBAAkB,CAAC,CAAC;EAE5C,OAAOJ,eAAe,CAAC;IACrBmB,MAAM,EAAEX,OAAO,CAACW,MAAM;IACtBC,MAAM,EAAE;MACNC,QAAQ,EAAEN,eAAe;MACzBO,UAAU,EAAET,iBAAiB;MAC7BC,QAAQ;MACRE,WAAW;MACXC,OAAO;MACPC;IACF,CAAC;IACDK,cAAc,EAAEf,OAAO,CAACe,cAAc;IACtCX,OAAO,EAAEJ,OAAO,CAACI,OAAO;IACxBY,cAAc,EAAEhB,OAAO,CAACgB;EAC1B,CAAC,CAAC,CAACC,IAAI,CAAEC,UAAU,IAAK;IACtB,IAAI,CAACA,UAAU,EAAE;MACf,OAAO,IAAI;IACb;IAEA,OAAO;MACL,GAAGA,UAAU;MACbpB,YAAY,EAAE,MAAAA,CAAA,KAAY;QACxB,OAAOA,YAAY,CAAC;UAClBe,QAAQ,EAAEK,UAAU,CAACC,EAAE;UACvBC,OAAO,EAAEF,UAAU,CAACE,OAAO;UAC3BC,QAAQ,EAAEH,UAAU,CAACG,QAAQ;UAC7BC,MAAM,EAAEJ,UAAU,CAACI;QACrB,CAAC,CAAC;MACJ;IACF,CAAC;EACH,CAAC,CAAC;AACJ;AAYA,OAAO,MAAMC,eAAe,GAC1BA,CAACC,OAAe,EAAExB,OAA+B,KAChDY,MAA0B,IAAK;EAC9B,QAAQZ,OAAO,CAACyB,cAAc;IAC5B,KAAK,aAAa;MAAE;QAClB,IAAI,CAACb,MAAM,CAACF,eAAe,EAAE;UAC3B,MAAM,IAAInB,eAAe,CAAC,8BAA8B,CAAC;QAC3D;QACA,OAAO,GAAGiC,OAAO,gBAAgBZ,MAAM,CAACN,QAAQ,IAAIM,MAAM,CAACF,eAAe,IAAIE,MAAM,CAACH,OAAO,IAAIG,MAAM,CAACJ,WAAW,IAAII,MAAM,CAACC,QAAQ,EAAE;MACzI;IACA,KAAK,YAAY;MAAE;QACjB,OAAO,GAAGW,OAAO,gBAAgBZ,MAAM,CAACN,QAAQ,IAAIM,MAAM,CAACE,UAAU,IAAIF,MAAM,CAACH,OAAO,IAAIG,MAAM,CAACJ,WAAW,IAAII,MAAM,CAACC,QAAQ,EAAE;MACpI;IACA;MACE,OAAOW,OAAO;EAClB;AACF,CAAC","ignoreList":[]}

package/lib/module/index.js CHANGED Viewed

@@ -6,6 +6,7 @@ import { runUpdateProcess } from "./runUpdateProcess.js";
 import { hotUpdaterStore } from "./store.js";
 import { wrap } from "./wrap.js";
 export * from "./store.js";
+export { extractSignatureFailure, isSignatureVerificationError } from "./types.js";
 addListener("onProgress", ({
   progress
 }) => {

package/lib/module/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["checkForUpdate","addListener","getAppVersion","getBundleId","getChannel","getFingerprintHash","getMinBundleId","reload","updateBundle","runUpdateProcess","hotUpdaterStore","wrap","progress","setState","HotUpdater","isUpdateDownloaded","getSnapshot","getUpdateSource"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;AAAA,SAASA,cAAc,QAAQ,qBAAkB;AACjD,SACEC,WAAW,EACXC,aAAa,EACbC,WAAW,EACXC,UAAU,EACVC,kBAAkB,EAClBC,cAAc,EACdC,MAAM,EACNC,YAAY,QACP,aAAU;AACjB,SAASC,gBAAgB,QAAQ,uBAAoB;AACrD,SAASC,eAAe,QAAQ,YAAS;AACzC,SAASC,IAAI,QAAQ,WAAQ;AAG7B,cAAc,YAAS;~~AAGvBV~~,WAAW,CAAC,YAAY,EAAE,CAAC;~~EAAEW~~;AAAS,CAAC,KAAK;~~EAC1CF~~,eAAe,~~CAACG~~,QAAQ,CAAC;IACvBD;EACF,CAAC,CAAC;AACJ,CAAC,CAAC;AAEF,OAAO,MAAME,UAAU,GAAG;EACxB;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;~~EACEH~~,IAAI;EACJ;AACF;AACA;EACEJ,MAAM;EACN;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;~~EACEQ~~,kBAAkB,EAAEA,CAAA,~~KAAML~~,eAAe,~~CAACM~~,WAAW,CAAC,CAAC,CAACD,kBAAkB;EAC1E;AACF;AACA;~~EACEb~~,aAAa;EACb;AACF;AACA;EACEC,WAAW;EACX;AACF;AACA;EACEG,cAAc;EACd;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEF,UAAU;EACV;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEH,WAAW;EACX;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACED,cAAc;EACd;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACES,gBAAgB;EAChB;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACED,YAAY;EACZ;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEH;AACF,CAAC;AAED,~~SAASY~~,eAAe,QAAQ,qBAAkB","ignoreList":[]}
1	+ {"version":3,"names":["checkForUpdate","addListener","getAppVersion","getBundleId","getChannel","getFingerprintHash","getMinBundleId","reload","updateBundle","runUpdateProcess","hotUpdaterStore","wrap","extractSignatureFailure","isSignatureVerificationError","progress","setState","HotUpdater","isUpdateDownloaded","getSnapshot","getUpdateSource"],"sourceRoot":"../../src","sources":["index.ts"],"mappings":";;AAAA,SAASA,cAAc,QAAQ,qBAAkB;AACjD,SACEC,WAAW,EACXC,aAAa,EACbC,WAAW,EACXC,UAAU,EACVC,kBAAkB,EAClBC,cAAc,EACdC,MAAM,EACNC,YAAY,QACP,aAAU;AACjB,SAASC,gBAAgB,QAAQ,uBAAoB;AACrD,SAASC,eAAe,QAAQ,YAAS;AACzC,SAASC,IAAI,QAAQ,WAAQ;AAG7B,cAAc,YAAS;AACvB,SACEC,uBAAuB,EACvBC,4BAA4B,QAEvB,YAAS;AAGhBZ,WAAW,CAAC,YAAY,EAAE,CAAC;EAAEa;AAAS,CAAC,KAAK;EAC1CJ,eAAe,CAACK,QAAQ,CAAC;IACvBD;EACF,CAAC,CAAC;AACJ,CAAC,CAAC;AAEF,OAAO,MAAME,UAAU,GAAG;EACxB;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEL,IAAI;EACJ;AACF;AACA;EACEJ,MAAM;EACN;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEU,kBAAkB,EAAEA,CAAA,KAAMP,eAAe,CAACQ,WAAW,CAAC,CAAC,CAACD,kBAAkB;EAC1E;AACF;AACA;EACEf,aAAa;EACb;AACF;AACA;EACEC,WAAW;EACX;AACF;AACA;EACEG,cAAc;EACd;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEF,UAAU;EACV;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEH,WAAW;EACX;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACED,cAAc;EACd;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACES,gBAAgB;EAChB;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACED,YAAY;EACZ;AACF;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;EACEH;AACF,CAAC;AAED,SAASc,eAAe,QAAQ,qBAAkB","ignoreList":[]}

package/lib/module/specs/NativeHotUpdater.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"names":["TurboModuleRegistry","getEnforcing"],"sourceRoot":"../../../src","sources":["specs/NativeHotUpdater.ts"],"mappings":";;AACA,SAASA,mBAAmB,QAAQ,cAAc;~~AA4BlD~~,eAAeA,mBAAmB,CAACC,YAAY,CAAO,YAAY,CAAC","ignoreList":[]}
1	+ {"version":3,"names":["TurboModuleRegistry","getEnforcing"],"sourceRoot":"../../../src","sources":["specs/NativeHotUpdater.ts"],"mappings":";;AACA,SAASA,mBAAmB,QAAQ,cAAc;AAiClD,eAAeA,mBAAmB,CAACC,YAAY,CAAO,YAAY,CAAC","ignoreList":[]}

package/lib/module/types.js ADDED Viewed

@@ -0,0 +1,40 @@
+"use strict";
+/**
+ * Information about a signature verification failure.
+ * This is a security-critical event that indicates the bundle
+ * may have been tampered with or the public key is misconfigured.
+ */
+/**
+ * Checks if an error is a signature verification failure.
+ * Matches error messages from both iOS and Android native implementations.
+ *
+ * **IMPORTANT**: This function relies on specific error message patterns from native code.
+ * If you change the error messages in the native implementations, update these patterns:
+ * - iOS: `ios/HotUpdater/Internal/SignatureVerifier.swift` (SignatureVerificationError)
+ * - Android: `android/src/main/java/com/hotupdater/SignatureVerifier.kt` (SignatureVerificationException)
+ */
+export function isSignatureVerificationError(error) {
+  if (!(error instanceof Error)) {
+    return false;
+  }
+  const message = error.message.toLowerCase();
+  // Match iOS SignatureVerificationError messages
+  // Match Android SignatureVerificationException messages
+  return message.includes("signature verification") || message.includes("public key not configured") || message.includes("public key format is invalid") || message.includes("signature format is invalid") || message.includes("bundle may be corrupted or tampered");
+}
+/**
+ * Extracts signature verification failure details from an error.
+ */
+export function extractSignatureFailure(error, bundleId) {
+  const normalizedError = error instanceof Error ? error : new Error(String(error));
+  return {
+    bundleId,
+    message: normalizedError.message,
+    error: normalizedError
+  };
+}
+//# sourceMappingURL=types.js.map

package/lib/module/types.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"names":["isSignatureVerificationError","error","Error","message","toLowerCase","includes","extractSignatureFailure","bundleId","normalizedError","String"],"sourceRoot":"../../src","sources":["types.ts"],"mappings":";;AAAA;AACA;AACA;AACA;AACA;;AAgBA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASA,4BAA4BA,CAACC,KAAc,EAAW;EACpE,IAAI,EAAEA,KAAK,YAAYC,KAAK,CAAC,EAAE;IAC7B,OAAO,KAAK;EACd;EAEA,MAAMC,OAAO,GAAGF,KAAK,CAACE,OAAO,CAACC,WAAW,CAAC,CAAC;;EAE3C;EACA;EACA,OACED,OAAO,CAACE,QAAQ,CAAC,wBAAwB,CAAC,IAC1CF,OAAO,CAACE,QAAQ,CAAC,2BAA2B,CAAC,IAC7CF,OAAO,CAACE,QAAQ,CAAC,8BAA8B,CAAC,IAChDF,OAAO,CAACE,QAAQ,CAAC,6BAA6B,CAAC,IAC/CF,OAAO,CAACE,QAAQ,CAAC,qCAAqC,CAAC;AAE3D;;AAEA;AACA;AACA;AACA,OAAO,SAASC,uBAAuBA,CACrCL,KAAc,EACdM,QAAgB,EACc;EAC9B,MAAMC,eAAe,GACnBP,KAAK,YAAYC,KAAK,GAAGD,KAAK,GAAG,IAAIC,KAAK,CAACO,MAAM,CAACR,KAAK,CAAC,CAAC;EAE3D,OAAO;IACLM,QAAQ;IACRJ,OAAO,EAAEK,eAAe,CAACL,OAAO;IAChCF,KAAK,EAAEO;EACT,CAAC;AACH","ignoreList":[]}

package/lib/typescript/commonjs/index.d.ts CHANGED Viewed

@@ -3,6 +3,7 @@ import { updateBundle } from "./native";
 import { wrap } from "./wrap";
 export type { HotUpdaterEvent } from "./native";
 export * from "./store";
+export { extractSignatureFailure, isSignatureVerificationError, type SignatureVerificationFailure, } from "./types";
 export type { HotUpdaterOptions } from "./wrap";
 export declare const HotUpdater: {
     /**

package/lib/typescript/commonjs/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAQL,YAAY,EACb,MAAM,UAAU,CAAC;AAGlB,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAE9B,YAAY,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAChD,cAAc,SAAS,CAAC;AACxB,YAAY,EAAE,iBAAiB,EAAE,MAAM,QAAQ,CAAC;AAQhD,eAAO,MAAM,UAAU;IACrB;;;;;;;;;;;;;;;;;;;;;OAqBG;;IAEH;;OAEG;;IAEH;;;;;;;;;;;;;;;;OAgBG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;;;;;;;;;;;OAYG;;IAEH;;;;;;;;;;;;;;;;OAgBG;;IAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;;IAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA+BG;;IAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAgCG;;IAEH;;;;;;;;;;OAUG;;CAEJ,CAAC;AAEF,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAQL,YAAY,EACb,MAAM,UAAU,CAAC;AAGlB,OAAO,EAAE,IAAI,EAAE,MAAM,QAAQ,CAAC;AAE9B,YAAY,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAChD,cAAc,SAAS,CAAC;AACxB,OAAO,EACL,uBAAuB,EACvB,4BAA4B,EAC5B,KAAK,4BAA4B,GAClC,MAAM,SAAS,CAAC;AACjB,YAAY,EAAE,iBAAiB,EAAE,MAAM,QAAQ,CAAC;AAQhD,eAAO,MAAM,UAAU;IACrB;;;;;;;;;;;;;;;;;;;;;OAqBG;;IAEH;;OAEG;;IAEH;;;;;;;;;;;;;;;;OAgBG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;OAEG;;IAEH;;;;;;;;;;;;OAYG;;IAEH;;;;;;;;;;;;;;;;OAgBG;;IAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA4BG;;IAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA+BG;;IAEH;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAgCG;;IAEH;;;;;;;;;;OAUG;;CAEJ,CAAC;AAEF,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC"}

package/lib/typescript/commonjs/specs/NativeHotUpdater.d.ts CHANGED Viewed

@@ -3,8 +3,13 @@ export interface UpdateBundleParams {
     bundleId: string;
     fileUrl: string | null;
     /**
-     * SHA256 hash of the bundle file for integrity verification.
-     * If provided, the native layer will verify the downloaded file's hash.
+     * File hash for integrity/signature verification.
+     *
+     * Format depends on signing configuration:
+     * - Signed: `sig:<base64_signature>` - Native will verify signature (and implicitly hash)
+     * - Unsigned: `<hex_hash>` - Native will verify SHA256 hash only
+     *
+     * Native determines verification mode by checking for "sig:" prefix.
      */
     fileHash: string | null;
 }

package/lib/typescript/commonjs/specs/NativeHotUpdater.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"NativeHotUpdater.d.ts","sourceRoot":"","sources":["../../../../src/specs/NativeHotUpdater.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAGhD,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB~~;;;OAGG~~;IACH,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB;AAED,MAAM,WAAW,IAAK,SAAQ,WAAW;IAEvC,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACxB,YAAY,CAAC,MAAM,EAAE,kBAAkB,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAG3D,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACrC,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrC,QAAQ,CAAC,YAAY,EAAE,MAAM;QAC3B,aAAa,EAAE,MAAM,CAAC;QACtB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;QAC3B,OAAO,EAAE,MAAM,CAAC;QAChB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;KACjC,CAAC;CACH;;AAED,wBAAoE"}
1	+ {"version":3,"file":"NativeHotUpdater.d.ts","sourceRoot":"","sources":["../../../../src/specs/NativeHotUpdater.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAGhD,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB;;;;;;;;OAQG;IACH,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB;AAED,MAAM,WAAW,IAAK,SAAQ,WAAW;IAEvC,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;IACxB,YAAY,CAAC,MAAM,EAAE,kBAAkB,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAG3D,WAAW,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACrC,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrC,QAAQ,CAAC,YAAY,EAAE,MAAM;QAC3B,aAAa,EAAE,MAAM,CAAC;QACtB,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;QAC3B,OAAO,EAAE,MAAM,CAAC;QAChB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;KACjC,CAAC;CACH;;AAED,wBAAoE"}

package/lib/typescript/commonjs/types.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+/**
+ * Information about a signature verification failure.
+ * This is a security-critical event that indicates the bundle
+ * may have been tampered with or the public key is misconfigured.
+ */
+export interface SignatureVerificationFailure {
+    /**
+     * The bundle ID that failed verification.
+     */
+    bundleId: string;
+    /**
+     * Human-readable error message from the native layer.
+     */
+    message: string;
+    /**
+     * The underlying error object.
+     */
+    error: Error;
+}
+/**
+ * Checks if an error is a signature verification failure.
+ * Matches error messages from both iOS and Android native implementations.
+ *
+ * **IMPORTANT**: This function relies on specific error message patterns from native code.
+ * If you change the error messages in the native implementations, update these patterns:
+ * - iOS: `ios/HotUpdater/Internal/SignatureVerifier.swift` (SignatureVerificationError)
+ * - Android: `android/src/main/java/com/hotupdater/SignatureVerifier.kt` (SignatureVerificationException)
+ */
+export declare function isSignatureVerificationError(error: unknown): boolean;
+/**
+ * Extracts signature verification failure details from an error.
+ */
+export declare function extractSignatureFailure(error: unknown, bundleId: string): SignatureVerificationFailure;
+//# sourceMappingURL=types.d.ts.map