@hot-updater/supabase 0.17.0 → 0.18.0

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@hot-updater/supabase",
   "type": "module",
-  "version": "0.17.0",
+  "version": "0.18.0",
   "description": "React Native OTA solution for self-hosted",
   "main": "dist/index.cjs",
   "module": "dist/index.js",
@@ -11,7 +11,7 @@
       "import": "./dist/index.js",
       "require": "./dist/index.cjs"
     },
-    "./edge-functions": {
+    "./scaffold": {
       "import": "./supabase/index.ts",
       "require": "./supabase/index.ts"
     },
@@ -40,8 +40,8 @@
   ],
   "dependencies": {
     "@supabase/supabase-js": "^2.47.10",
-    "@hot-updater/core": "0.17.0",
-    "@hot-updater/plugin-core": "0.17.0"
+    "@hot-updater/core": "0.18.0",
+    "@hot-updater/plugin-core": "0.18.0"
   },
   "devDependencies": {
     "@clack/prompts": "0.10.0",
@@ -50,10 +50,10 @@
     "execa": "^9.5.2",
     "mime": "^4.0.4",
     "picocolors": "^1.0.0",
-    "@hot-updater/postgres": "0.17.0"
+    "@hot-updater/postgres": "0.18.0"
   },
   "scripts": {
-    "build": "tsup",
+    "build": "tsdown",
     "test:type": "tsc --noEmit",
     "make-migrations": "node --experimental-strip-types ./scripts/make-migrations.ts"
   }

package/supabase/edge-functions/index.ts

@@ -0,0 +1,331 @@
+import "jsr:@supabase/functions-js/edge-runtime.d.ts";
+import semver from "npm:semver@7.7.1";
+import { Hono } from "jsr:@hono/hono";
+import {
+  type SupabaseClient,
+  createClient,
+} from "jsr:@supabase/supabase-js@2.49.4";
+import type { GetBundlesArgs, UpdateInfo } from "@hot-updater/core";
+
+const NIL_UUID = "00000000-0000-0000-0000-000000000000";
+
+const semverSatisfies = (targetAppVersion: string, currentVersion: string) => {
+  const currentCoerce = semver.coerce(currentVersion);
+  if (!currentCoerce) {
+    return false;
+  }
+
+  return semver.satisfies(currentCoerce.version, targetAppVersion);
+};
+
+/**
+ * Filters target app versions that are compatible with the current app version.
+ * Returns only versions that are compatible with the current version according to semver rules.
+ *
+ * @param targetAppVersionList - List of target app versions to filter
+ * @param currentVersion - Current app version
+ * @returns Array of target app versions compatible with the current version
+ */
+export const filterCompatibleAppVersions = (
+  targetAppVersionList: string[],
+  currentVersion: string,
+) => {
+  const compatibleAppVersionList = targetAppVersionList.filter((version) =>
+    semverSatisfies(version, currentVersion),
+  );
+
+  return compatibleAppVersionList.sort((a, b) => b.localeCompare(a));
+};
+
+const appVersionStrategy = async (
+  supabase: SupabaseClient<any, "public", any>,
+  {
+    appPlatform,
+    minBundleId,
+    bundleId,
+    appVersion,
+    channel,
+  }: {
+    appPlatform: string;
+    minBundleId: string;
+    bundleId: string;
+    appVersion: string;
+    channel: string;
+  },
+) => {
+  const { data: appVersionList } = await supabase.rpc(
+    "get_target_app_version_list",
+    {
+      app_platform: appPlatform,
+      min_bundle_id: minBundleId || NIL_UUID,
+    },
+  );
+  const compatibleAppVersionList = filterCompatibleAppVersions(
+    appVersionList?.map((group) => group.target_app_version) ?? [],
+    appVersion,
+  );
+
+  return supabase.rpc("get_update_info_by_app_version", {
+    app_platform: appPlatform,
+    app_version: appVersion,
+    bundle_id: bundleId,
+    min_bundle_id: minBundleId || NIL_UUID,
+    target_channel: channel || "production",
+    target_app_version_list: compatibleAppVersionList,
+  });
+};
+
+const fingerprintHashStrategy = async (
+  supabase: SupabaseClient<any, "public", any>,
+  {
+    appPlatform,
+    minBundleId,
+    bundleId,
+    channel,
+    fingerprintHash,
+  }: {
+    appPlatform: string;
+    bundleId: string;
+    minBundleId: string | null;
+    channel: string | null;
+    fingerprintHash: string;
+  },
+) => {
+  return supabase.rpc("get_update_info_by_fingerprint_hash", {
+    app_platform: appPlatform,
+    bundle_id: bundleId,
+    min_bundle_id: minBundleId || NIL_UUID,
+    target_channel: channel || "production",
+    target_fingerprint_hash: fingerprintHash,
+  });
+};
+
+const handleUpdateRequest = async (
+  supabase: SupabaseClient<any, "public", any>,
+  updateConfig: GetBundlesArgs,
+) => {
+  const { data, error } =
+    updateConfig._updateStrategy === "fingerprint"
+      ? await fingerprintHashStrategy(supabase, {
+          appPlatform: updateConfig.platform,
+          minBundleId: updateConfig.minBundleId!,
+          bundleId: updateConfig.bundleId,
+          channel: updateConfig.channel!,
+          fingerprintHash: updateConfig.fingerprintHash!,
+        })
+      : await appVersionStrategy(supabase, {
+          appPlatform: updateConfig.platform,
+          minBundleId: updateConfig.minBundleId!,
+          bundleId: updateConfig.bundleId,
+          appVersion: updateConfig.appVersion!,
+          channel: updateConfig.channel!,
+        });
+
+  if (error) {
+    throw error;
+  }
+
+  const storageUri = data[0]?.storage_uri;
+  const response = data[0]
+    ? ({
+        id: data[0].id,
+        shouldForceUpdate: data[0].should_force_update,
+        message: data[0].message,
+        status: data[0].status,
+      } as UpdateInfo)
+    : null;
+
+  if (!response) {
+    return null;
+  }
+
+  if (response.id === NIL_UUID) {
+    return {
+      ...response,
+      fileUrl: null,
+    };
+  }
+
+  const storageURL = new URL(storageUri);
+  const storageBucket = storageURL.host;
+  const storagePath = storageURL.pathname;
+
+  const { data: signedUrlData } = await supabase.storage
+    .from(storageBucket)
+    .createSignedUrl(storagePath, 60);
+
+  return {
+    ...response,
+    fileUrl: signedUrlData?.signedUrl ?? null,
+  };
+};
+
+declare global {
+  var HotUpdater: {
+    FUNCTION_NAME: string;
+  };
+}
+
+const functionName = HotUpdater.FUNCTION_NAME;
+const app = new Hono().basePath(`/${functionName}`);
+
+app.get("/ping", (c) => c.text("pong"));
+
+app.get("/", async (c) => {
+  try {
+    const bundleId = c.req.header("x-bundle-id");
+    const appPlatform = c.req.header("x-app-platform") as "ios" | "android";
+    const appVersion = c.req.header("x-app-version");
+    const fingerprintHash = c.req.header("x-fingerprint-hash");
+    const minBundleId = c.req.header("x-min-bundle-id");
+    const channel = c.req.header("x-channel");
+
+    if (!appVersion && !fingerprintHash) {
+      return c.json(
+        {
+          error:
+            "Missing required headers (x-app-version or x-fingerprint-hash).",
+        },
+        400,
+      );
+    }
+
+    if (!bundleId || !appPlatform) {
+      return c.json(
+        { error: "Missing required headers (x-app-platform, x-bundle-id)." },
+        400,
+      );
+    }
+
+    const supabase = createClient(
+      Deno.env.get("SUPABASE_URL") ?? "",
+      Deno.env.get("SUPABASE_SERVICE_ROLE_KEY") ?? "",
+      {
+        auth: { autoRefreshToken: false, persistSession: false },
+      },
+    );
+
+    const updateConfig = fingerprintHash
+      ? ({
+          platform: appPlatform,
+          fingerprintHash,
+          bundleId,
+          minBundleId: minBundleId || NIL_UUID,
+          channel: channel || "production",
+          _updateStrategy: "fingerprint" as const,
+        } satisfies GetBundlesArgs)
+      : ({
+          platform: appPlatform,
+          appVersion: appVersion!,
+          bundleId,
+          minBundleId: minBundleId || NIL_UUID,
+          channel: channel || "production",
+          _updateStrategy: "appVersion" as const,
+        } satisfies GetBundlesArgs);
+
+    const result = await handleUpdateRequest(supabase, updateConfig);
+    return c.json(result);
+  } catch (err: unknown) {
+    return c.json(
+      {
+        error: err instanceof Error ? err.message : "Unknown error",
+      },
+      500,
+    );
+  }
+});
+
+app.get(
+  "/app-version/:platform/:app-version/:channel/:minBundleId/:bundleId",
+  async (c) => {
+    try {
+      const {
+        platform,
+        "app-version": appVersion,
+        channel,
+        minBundleId,
+        bundleId,
+      } = c.req.param();
+
+      if (!bundleId || !platform) {
+        return c.json(
+          { error: "Missing required parameters (platform, bundleId)." },
+          400,
+        );
+      }
+
+      const supabase = createClient(
+        Deno.env.get("SUPABASE_URL") ?? "",
+        Deno.env.get("SUPABASE_SERVICE_ROLE_KEY") ?? "",
+        {
+          auth: { autoRefreshToken: false, persistSession: false },
+        },
+      );
+
+      const updateConfig = {
+        platform: platform as "ios" | "android",
+        appVersion,
+        bundleId,
+        minBundleId: minBundleId || NIL_UUID,
+        channel: channel || "production",
+        _updateStrategy: "appVersion" as const,
+      } satisfies GetBundlesArgs;
+
+      const result = await handleUpdateRequest(supabase, updateConfig);
+      return c.json(result);
+    } catch (err: unknown) {
+      return c.json(
+        {
+          error: err instanceof Error ? err.message : "Unknown error",
+        },
+        500,
+      );
+    }
+  },
+);
+
+app.get(
+  "/fingerprint/:platform/:fingerprintHash/:channel/:minBundleId/:bundleId",
+  async (c) => {
+    try {
+      const { platform, fingerprintHash, channel, minBundleId, bundleId } =
+        c.req.param();
+
+      if (!bundleId || !platform) {
+        return c.json(
+          { error: "Missing required parameters (platform, bundleId)." },
+          400,
+        );
+      }
+
+      const supabase = createClient(
+        Deno.env.get("SUPABASE_URL") ?? "",
+        Deno.env.get("SUPABASE_SERVICE_ROLE_KEY") ?? "",
+        {
+          auth: { autoRefreshToken: false, persistSession: false },
+        },
+      );
+
+      const updateConfig = {
+        platform: platform as "ios" | "android",
+        fingerprintHash,
+        bundleId,
+        minBundleId: minBundleId || NIL_UUID,
+        channel: channel || "production",
+        _updateStrategy: "fingerprint" as const,
+      } satisfies GetBundlesArgs;
+
+      const result = await handleUpdateRequest(supabase, updateConfig);
+      return c.json(result);
+    } catch (err: unknown) {
+      return c.json(
+        {
+          error: err instanceof Error ? err.message : "Unknown error",
+        },
+        500,
+      );
+    }
+  },
+);
+
+Deno.serve(app.fetch);

package/supabase/migrations/20250516000000_hot-updater_0.18.0.sql

@@ -0,0 +1,194 @@
+
+ALTER TABLE bundles ADD COLUMN IF NOT EXISTS fingerprint_hash text;
+ALTER TABLE bundles ADD COLUMN IF NOT EXISTS metadata JSONB DEFAULT '{}'::jsonb;
+
+ALTER TABLE bundles ADD COLUMN IF NOT EXISTS storage_uri TEXT;
+
+UPDATE bundles
+SET storage_uri = 'supabase-storage://%%BUCKET_NAME%%/' || id || '/bundle.zip'
+WHERE storage_uri IS NULL;
+
+ALTER TABLE bundles ALTER COLUMN storage_uri SET NOT NULL;
+ALTER TABLE bundles ALTER COLUMN target_app_version DROP NOT NULL;
+
+ALTER TABLE bundles ADD CONSTRAINT check_version_or_fingerprint CHECK (
+    (target_app_version IS NOT NULL) OR (fingerprint_hash IS NOT NULL)
+);
+
+CREATE INDEX bundles_fingerprint_hash_idx ON bundles(fingerprint_hash);
+
+DROP FUNCTION IF EXISTS get_update_info;
+
+-- HotUpdater.get_update_info
+CREATE OR REPLACE FUNCTION get_update_info_by_fingerprint_hash (
+    app_platform   platforms,
+    bundle_id  uuid,
+    min_bundle_id uuid,
+    target_channel text,
+    target_fingerprint_hash text
+)
+RETURNS TABLE (
+    id            uuid,
+    should_force_update  boolean,
+    message       text,
+    status        text,
+    storage_uri   text
+)
+LANGUAGE plpgsql
+AS
+$$
+DECLARE
+    NIL_UUID CONSTANT uuid := '00000000-0000-0000-0000-000000000000';
+BEGIN
+    RETURN QUERY
+    WITH update_candidate AS (
+        SELECT
+            b.id,
+            b.should_force_update,
+            b.message,
+            'UPDATE' AS status,
+            b.storage_uri
+        FROM bundles b
+        WHERE b.enabled = TRUE
+          AND b.platform = app_platform
+          AND b.id >= bundle_id
+          AND b.id > min_bundle_id
+          AND b.channel = target_channel
+          AND b.fingerprint_hash = target_fingerprint_hash
+        ORDER BY b.id DESC
+        LIMIT 1
+    ),
+    rollback_candidate AS (
+        SELECT
+            b.id,
+            TRUE AS should_force_update,
+            b.message,
+            'ROLLBACK' AS status,
+            b.storage_uri
+        FROM bundles b
+        WHERE b.enabled = TRUE
+          AND b.platform = app_platform
+          AND b.id < bundle_id
+          AND b.id > min_bundle_id
+          AND b.channel = target_channel
+          AND b.fingerprint_hash = target_fingerprint_hash
+        ORDER BY b.id DESC
+        LIMIT 1
+    ),
+    final_result AS (
+        SELECT * FROM update_candidate
+        UNION ALL
+        SELECT * FROM rollback_candidate
+        WHERE NOT EXISTS (SELECT 1 FROM update_candidate)
+    )
+    SELECT *
+    FROM final_result
+    WHERE final_result.id != bundle_id
+
+    UNION ALL
+
+    SELECT
+        NIL_UUID      AS id,
+        TRUE          AS should_force_update,
+        NULL          AS message,
+        'ROLLBACK'    AS status,
+        NULL          AS storage_uri
+    WHERE (SELECT COUNT(*) FROM final_result) = 0
+      AND bundle_id != NIL_UUID
+      AND bundle_id > min_bundle_id
+      AND NOT EXISTS (
+          SELECT 1
+          FROM bundles b
+          WHERE b.id = bundle_id
+            AND b.enabled = TRUE
+            AND b.platform = app_platform
+      );
+END;
+$$;
+
+
+-- HotUpdater.get_update_info
+CREATE OR REPLACE FUNCTION get_update_info_by_app_version (
+    app_platform   platforms,
+    app_version text,
+    bundle_id  uuid,
+    min_bundle_id uuid,
+    target_channel text,
+    target_app_version_list text[]
+)
+RETURNS TABLE (
+    id            uuid,
+    should_force_update  boolean,
+    message       text,
+    status        text,
+    storage_uri   text
+)
+LANGUAGE plpgsql
+AS
+$$
+DECLARE
+    NIL_UUID CONSTANT uuid := '00000000-0000-0000-0000-000000000000';
+BEGIN
+    RETURN QUERY
+    WITH update_candidate AS (
+        SELECT
+            b.id,
+            b.should_force_update,
+            b.message,
+            'UPDATE' AS status,
+            b.storage_uri
+        FROM bundles b
+        WHERE b.enabled = TRUE
+          AND b.platform = app_platform
+          AND b.id >= bundle_id
+          AND b.id > min_bundle_id
+          AND b.target_app_version IN (SELECT unnest(target_app_version_list))
+          AND b.channel = target_channel
+        ORDER BY b.id DESC
+        LIMIT 1
+    ),
+    rollback_candidate AS (
+        SELECT
+            b.id,
+            TRUE AS should_force_update,
+            b.message,
+            'ROLLBACK' AS status,
+            b.storage_uri
+        FROM bundles b
+        WHERE b.enabled = TRUE
+          AND b.platform = app_platform
+          AND b.id < bundle_id
+          AND b.id > min_bundle_id
+        ORDER BY b.id DESC
+        LIMIT 1
+    ),
+    final_result AS (
+        SELECT * FROM update_candidate
+        UNION ALL
+        SELECT * FROM rollback_candidate
+        WHERE NOT EXISTS (SELECT 1 FROM update_candidate)
+    )
+    SELECT *
+    FROM final_result
+    WHERE final_result.id != bundle_id
+
+    UNION ALL
+
+    SELECT
+        NIL_UUID      AS id,
+        TRUE          AS should_force_update,
+        NULL          AS message,
+        'ROLLBACK'    AS status,
+        NULL          AS storage_uri
+    WHERE (SELECT COUNT(*) FROM final_result) = 0
+      AND bundle_id != NIL_UUID
+      AND bundle_id > min_bundle_id
+      AND NOT EXISTS (
+          SELECT 1
+          FROM bundles b
+          WHERE b.id = bundle_id
+            AND b.enabled = TRUE
+            AND b.platform = app_platform
+      );
+END;
+$$;

package/supabase/functions/update-server/index.ts

@@ -1,140 +0,0 @@
-import "jsr:@supabase/functions-js/edge-runtime.d.ts";
-import camelcaseKeys from "npm:camelcase-keys@9.1.3";
-import semver from "npm:semver@7.7.1";
-import { createClient } from "jsr:@supabase/supabase-js@2.49.1";
-
-const NIL_UUID = "00000000-0000-0000-0000-000000000000";
-
-const semverSatisfies = (targetAppVersion: string, currentVersion: string) => {
-  const currentCoerce = semver.coerce(currentVersion);
-  if (!currentCoerce) {
-    return false;
-  }
-
-  return semver.satisfies(currentCoerce.version, targetAppVersion);
-};
-
-/**
- * Filters target app versions that are compatible with the current app version.
- * Returns only versions that are compatible with the current version according to semver rules.
- *
- * @param targetAppVersionList - List of target app versions to filter
- * @param currentVersion - Current app version
- * @returns Array of target app versions compatible with the current version
- */
-export const filterCompatibleAppVersions = (
-  targetAppVersionList: string[],
-  currentVersion: string,
-) => {
-  const compatibleAppVersionList = targetAppVersionList.filter((version) =>
-    semverSatisfies(version, currentVersion),
-  );
-
-  return compatibleAppVersionList.sort((a, b) => b.localeCompare(a));
-};
-
-const createErrorResponse = (message: string, statusCode: number) => {
-  return new Response(JSON.stringify({ code: statusCode, message }), {
-    headers: { "Content-Type": "application/json" },
-    status: statusCode,
-  });
-};
-
-declare global {
-  var HotUpdater: {
-    BUCKET_NAME: string;
-  };
-}
-
-Deno.serve(async (req) => {
-  try {
-    const supabase = createClient(
-      Deno.env.get("SUPABASE_URL") ?? "",
-      Deno.env.get("SUPABASE_SERVICE_ROLE_KEY") ?? "",
-      {
-        auth: { autoRefreshToken: false, persistSession: false },
-      },
-    );
-
-    const bundleId = req.headers.get("x-bundle-id") as string;
-    const appPlatform = req.headers.get("x-app-platform") as "ios" | "android";
-    const appVersion = req.headers.get("x-app-version") as string;
-    const minBundleId = req.headers.get("x-min-bundle-id") as
-      | string
-      | undefined;
-    const channel = req.headers.get("x-channel") as string | undefined;
-
-    if (!bundleId || !appPlatform || !appVersion) {
-      return createErrorResponse(
-        "Missing bundleId, appPlatform, or appVersion",
-        400,
-      );
-    }
-
-    const { data: appVersionList } = await supabase.rpc(
-      "get_target_app_version_list",
-      {
-        app_platform: appPlatform,
-        min_bundle_id: minBundleId || NIL_UUID,
-      },
-    );
-    const compatibleAppVersionList = filterCompatibleAppVersions(
-      appVersionList?.map((group) => group.target_app_version) ?? [],
-      appVersion,
-    );
-
-    const { data, error } = await supabase.rpc("get_update_info", {
-      app_platform: appPlatform,
-      app_version: appVersion,
-      bundle_id: bundleId,
-      min_bundle_id: minBundleId || NIL_UUID,
-      target_channel: channel || "production",
-      target_app_version_list: compatibleAppVersionList,
-    });
-
-    if (error) {
-      throw error;
-    }
-
-    const response = data[0] ? camelcaseKeys(data[0]) : null;
-    if (!response) {
-      return new Response(JSON.stringify(null), {
-        headers: { "Content-Type": "application/json" },
-        status: 200,
-      });
-    }
-
-    if (response.id === NIL_UUID) {
-      return new Response(
-        JSON.stringify({
-          ...response,
-          fileUrl: null,
-        }),
-        {
-          headers: { "Content-Type": "application/json" },
-          status: 200,
-        },
-      );
-    }
-
-    const { data: signedUrlData } = await supabase.storage
-      .from(HotUpdater.BUCKET_NAME)
-      .createSignedUrl([response.id, "bundle.zip"].join("/"), 60);
-
-    return new Response(
-      JSON.stringify({
-        ...response,
-        fileUrl: signedUrlData?.signedUrl ?? null,
-      }),
-      {
-        headers: { "Content-Type": "application/json" },
-        status: 200,
-      },
-    );
-  } catch (err: unknown) {
-    return createErrorResponse(
-      err instanceof Error ? err.message : "Unknown error",
-      500,
-    );
-  }
-});