@lvnt/release-radar 1.0.1 → 1.1.1

package/.env.example

@@ -1,2 +1,4 @@
 TELEGRAM_BOT_TOKEN=your_bot_token_here
 TELEGRAM_CHAT_ID=your_chat_id_here
+GITHUB_WEBHOOK_SECRET=your_webhook_secret_here
+UPDATER_PORT=9000

package/README.md

@@ -140,6 +140,33 @@ Edit `config/tools.json` to add/remove tools:
 | `/interval` | Show current check interval |
 | `/setinterval <hours>` | Set check interval (1-24 hours) |
 
+## Auto-Updater (Optional)
+
+ReleaseRadar includes an optional auto-updater that receives GitHub webhooks and automatically updates itself when you publish a new version.
+
+### Setup
+
+1. Add to your `.env`:
+   ```env
+   GITHUB_WEBHOOK_SECRET=your_secret_here
+   UPDATER_PORT=9000
+   ```
+
+2. Configure GitHub webhook:
+   - Go to your repo's Settings → Webhooks → Add webhook
+   - Payload URL: `https://your-domain.com/webhook`
+   - Content type: `application/json`
+   - Secret: same as `GITHUB_WEBHOOK_SECRET`
+   - Events: Select "Releases" only
+
+3. Start the updater with pm2:
+   ```bash
+   pm2 start release-radar-updater --name release-radar-updater
+   pm2 save
+   ```
+
+When you publish a new release, the updater will automatically run `npm update -g @lvnt/release-radar` and restart the main service.
+
 ## Project Structure
 
 ```

package/bin/release-radar-updater.js

@@ -0,0 +1,41 @@
+#!/usr/bin/env node
+
+import { fileURLToPath } from 'url';
+import { dirname, join } from 'path';
+import { existsSync } from 'fs';
+import { config } from 'dotenv';
+import TelegramBot from 'node-telegram-bot-api';
+import { startUpdater } from '../dist/updater.js';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+
+// Load .env from current working directory
+const envPath = join(process.cwd(), '.env');
+if (existsSync(envPath)) {
+  config({ path: envPath });
+}
+
+const BOT_TOKEN = process.env.TELEGRAM_BOT_TOKEN;
+const CHAT_ID = process.env.TELEGRAM_CHAT_ID;
+const WEBHOOK_SECRET = process.env.GITHUB_WEBHOOK_SECRET;
+const PORT = parseInt(process.env.UPDATER_PORT || '9000', 10);
+
+if (!BOT_TOKEN || !CHAT_ID) {
+  console.error('Missing TELEGRAM_BOT_TOKEN or TELEGRAM_CHAT_ID in .env');
+  process.exit(1);
+}
+
+if (!WEBHOOK_SECRET) {
+  console.error('Missing GITHUB_WEBHOOK_SECRET in .env');
+  process.exit(1);
+}
+
+const bot = new TelegramBot(BOT_TOKEN);
+
+startUpdater({
+  port: PORT,
+  webhookSecret: WEBHOOK_SECRET,
+  telegramBot: bot,
+  chatId: CHAT_ID
+});

package/dist/updater.d.ts

@@ -0,0 +1,21 @@
+import TelegramBot from 'node-telegram-bot-api';
+export interface GitHubReleasePayload {
+    action: string;
+    release?: {
+        tag_name: string;
+    };
+}
+export declare function parseReleaseEvent(payload: GitHubReleasePayload): string | null;
+export declare function verifySignature(payload: string, signature: string, secret: string): boolean;
+export interface UpdateResult {
+    success: boolean;
+    error?: string;
+}
+export declare function executeUpdate(): Promise<UpdateResult>;
+export interface UpdaterConfig {
+    port: number;
+    webhookSecret: string;
+    telegramBot: TelegramBot;
+    chatId: string;
+}
+export declare function startUpdater(config: UpdaterConfig): void;

package/dist/updater.js

@@ -0,0 +1,107 @@
+import { createHmac, timingSafeEqual } from 'crypto';
+import { spawn } from 'child_process';
+import { createServer } from 'http';
+export function parseReleaseEvent(payload) {
+    if (payload.action !== 'published' || !payload.release?.tag_name) {
+        return null;
+    }
+    const tag = payload.release.tag_name;
+    return tag.startsWith('v') ? tag.slice(1) : tag;
+}
+export function verifySignature(payload, signature, secret) {
+    if (!signature || !signature.startsWith('sha256=')) {
+        return false;
+    }
+    const expected = 'sha256=' + createHmac('sha256', secret)
+        .update(payload)
+        .digest('hex');
+    try {
+        return timingSafeEqual(Buffer.from(signature), Buffer.from(expected));
+    }
+    catch {
+        return false;
+    }
+}
+export function executeUpdate() {
+    return new Promise((resolve) => {
+        const npmProcess = spawn('npm', ['update', '-g', '@lvnt/release-radar'], {
+            stdio: 'inherit'
+        });
+        npmProcess.on('error', (err) => {
+            resolve({ success: false, error: `npm process error: ${err.message}` });
+        });
+        npmProcess.on('close', (code) => {
+            if (code !== 0) {
+                resolve({ success: false, error: `npm update failed with code ${code}` });
+                return;
+            }
+            const pm2Process = spawn('pm2', ['restart', 'release-radar'], {
+                stdio: 'inherit'
+            });
+            pm2Process.on('error', (err) => {
+                resolve({ success: false, error: `pm2 process error: ${err.message}` });
+            });
+            pm2Process.on('close', (pm2Code) => {
+                if (pm2Code !== 0) {
+                    resolve({ success: false, error: `pm2 restart failed with code ${pm2Code}` });
+                }
+                else {
+                    resolve({ success: true });
+                }
+            });
+        });
+    });
+}
+export function startUpdater(config) {
+    const server = createServer(async (req, res) => {
+        // Only accept POST /webhook
+        if (req.method !== 'POST' || req.url !== '/webhook') {
+            res.writeHead(404);
+            res.end('Not Found');
+            return;
+        }
+        // Read body
+        let body = '';
+        for await (const chunk of req) {
+            body += chunk;
+        }
+        // Verify signature
+        const signature = req.headers['x-hub-signature-256'];
+        if (!verifySignature(body, signature, config.webhookSecret)) {
+            res.writeHead(401);
+            res.end('Invalid signature');
+            return;
+        }
+        // Parse event
+        let payload;
+        try {
+            payload = JSON.parse(body);
+        }
+        catch {
+            res.writeHead(400);
+            res.end('Invalid JSON');
+            return;
+        }
+        const version = parseReleaseEvent(payload);
+        if (!version) {
+            // Not a release.published event, acknowledge but don't update
+            res.writeHead(200);
+            res.end('OK (ignored)');
+            return;
+        }
+        // Respond immediately, update async
+        res.writeHead(200);
+        res.end('OK');
+        console.log(`Received release event for v${version}, updating...`);
+        const result = await executeUpdate();
+        if (result.success) {
+            await config.telegramBot.sendMessage(config.chatId, `🔄 Updated release-radar to v${version}`);
+        }
+        else {
+            await config.telegramBot.sendMessage(config.chatId, `⚠️ Failed to update release-radar: ${result.error}`);
+        }
+    });
+    server.listen(config.port, () => {
+        console.log(`Updater webhook server listening on port ${config.port}`);
+    });
+}

package/dist/updater.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/updater.test.js

@@ -0,0 +1,104 @@
+import { describe, it, expect, vi, beforeEach } from 'vitest';
+import { verifySignature, parseReleaseEvent, executeUpdate } from './updater.js';
+import { spawn } from 'child_process';
+vi.mock('child_process', () => ({
+    spawn: vi.fn()
+}));
+describe('verifySignature', () => {
+    const secret = 'test-secret';
+    const payload = '{"action":"published"}';
+    it('returns true for valid signature', () => {
+        // SHA256 HMAC of payload with secret
+        const validSig = 'sha256=0d408f71f2420c71a03fe2dd4aa32e00a84408ab43f239d7a41b4ab658e1b064';
+        expect(verifySignature(payload, validSig, secret)).toBe(true);
+    });
+    it('returns false for invalid signature', () => {
+        expect(verifySignature(payload, 'sha256=invalid', secret)).toBe(false);
+    });
+    it('returns false for missing signature', () => {
+        expect(verifySignature(payload, '', secret)).toBe(false);
+    });
+});
+describe('parseReleaseEvent', () => {
+    it('returns version for release.published event', () => {
+        const payload = {
+            action: 'published',
+            release: {
+                tag_name: 'v1.2.0'
+            }
+        };
+        expect(parseReleaseEvent(payload)).toBe('1.2.0');
+    });
+    it('returns null for non-published action', () => {
+        const payload = {
+            action: 'created',
+            release: {
+                tag_name: 'v1.2.0'
+            }
+        };
+        expect(parseReleaseEvent(payload)).toBeNull();
+    });
+    it('returns null for missing release', () => {
+        const payload = { action: 'published' };
+        expect(parseReleaseEvent(payload)).toBeNull();
+    });
+    it('strips v prefix from tag', () => {
+        const payload = {
+            action: 'published',
+            release: { tag_name: 'v2.0.0' }
+        };
+        expect(parseReleaseEvent(payload)).toBe('2.0.0');
+    });
+    it('handles tag without v prefix', () => {
+        const payload = {
+            action: 'published',
+            release: { tag_name: '2.0.0' }
+        };
+        expect(parseReleaseEvent(payload)).toBe('2.0.0');
+    });
+});
+describe('executeUpdate', () => {
+    beforeEach(() => {
+        vi.clearAllMocks();
+    });
+    it('runs npm update then pm2 restart on success', async () => {
+        const mockSpawn = vi.mocked(spawn);
+        // Mock npm update success
+        const npmProcess = {
+            on: vi.fn((event, cb) => {
+                if (event === 'close')
+                    cb(0);
+                return npmProcess;
+            })
+        };
+        // Mock pm2 restart success
+        const pm2Process = {
+            on: vi.fn((event, cb) => {
+                if (event === 'close')
+                    cb(0);
+                return pm2Process;
+            })
+        };
+        mockSpawn
+            .mockReturnValueOnce(npmProcess)
+            .mockReturnValueOnce(pm2Process);
+        const result = await executeUpdate();
+        expect(result.success).toBe(true);
+        expect(mockSpawn).toHaveBeenCalledWith('npm', ['update', '-g', '@lvnt/release-radar'], expect.any(Object));
+        expect(mockSpawn).toHaveBeenCalledWith('pm2', ['restart', 'release-radar'], expect.any(Object));
+    });
+    it('returns failure if npm update fails', async () => {
+        const mockSpawn = vi.mocked(spawn);
+        const npmProcess = {
+            on: vi.fn((event, cb) => {
+                if (event === 'close')
+                    cb(1);
+                return npmProcess;
+            })
+        };
+        mockSpawn.mockReturnValueOnce(npmProcess);
+        const result = await executeUpdate();
+        expect(result.success).toBe(false);
+        expect(result.error).toBe('npm update failed with code 1');
+    });
+});

package/package.json

@@ -1,10 +1,11 @@
 {
   "name": "@lvnt/release-radar",
-  "version": "1.0.1",
+  "version": "1.1.1",
   "description": "Monitor tool versions and notify via Telegram when updates are detected",
   "main": "dist/index.js",
   "bin": {
-    "release-radar": "bin/release-radar.js"
+    "release-radar": "bin/release-radar.js",
+    "release-radar-updater": "bin/release-radar-updater.js"
   },
   "type": "module",
   "scripts": {