npm - electron-incremental-update - Versions diffs - 0.5.1 → 0.6.1 - Mend

electron-incremental-update 0.5.1 → 0.6.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/README.md +13 -12
package/dist/{chunk-OBERMV66.mjs → chunk-VADH6AZA.mjs} +12 -21
package/dist/index.cjs +220 -173
package/dist/index.d.ts +27 -15
package/dist/index.mjs +204 -150
package/dist/vite.cjs +72 -49
package/dist/vite.d.ts +25 -3
package/dist/vite.mjs +64 -33
package/package.json +2 -1

package/README.md CHANGED Viewed

@@ -58,15 +58,15 @@ src
 import { createUpdater, getGithubReleaseCdnGroup, initApp, parseGithubCdnURL } from 'electron-incremental-update'
 import { name, repository } from '../package.json'
-const SIGNATURE_PUB = '' // auto generate RSA public key when start app
+const SIGNATURE_CERT = '' // auto generate certificate when start app
 // create updater when init, no need to set productName
-initApp({ name }, { SIGNATURE_PUB, repository })
+initApp({ name }, { SIGNATURE_CERT, repository })
 // or create updater manually
 const { cdnPrefix } = getGithubReleaseCdnGroup()[0]
 const updater = createUpdater({
-  SIGNATURE_PUB,
+  SIGNATURE_CERT,
   productName: name,
   repository,
   updateJsonURL: parseGithubCdnURL(repository, 'fastly.jsdelivr.net/gh', 'version.json'),
@@ -76,20 +76,25 @@ const updater = createUpdater({
 initApp({ name }).setUpdater(updater)
 ```
-### setup main
+### usage in main process
+To utilize the electron `net` module for requesting update information, the `checkUpdate` and `downloadAndInstall` functions must be called after the app is ready by default.
+However, you have the option to customize the download function when creating the updater.
 ```ts
 // electron/main/index.ts
 import type { Updater } from 'electron-incremental-update'
-import { getAppAsarPath, getAppVersion, getEntryVersion } from 'electron-incremental-update'
+import { getEntryVersion, getProductAsarPath, getProductVersion } from 'electron-incremental-update'
 import { app } from 'electron'
 import { name } from '../../package.json'
 export default function (updater: Updater) {
+  await app.whenReady()
   console.log('\ncurrent:')
-  console.log(`\tasar path: ${getAppAsarPath(name)}`)
+  console.log(`\tasar path: ${getProductAsarPath(name)}`)
   console.log(`\tentry:     ${getEntryVersion()}`)
-  console.log(`\tapp:       ${getAppVersion(name)}`)
+  console.log(`\tapp:       ${getProductVersion(name)}`)
   let size = 0
   updater.on('downloading', (progress) => {
     console.log(`${(progress / size).toFixed(2)}%`)
@@ -108,13 +113,9 @@ export default function (updater: Updater) {
         buttons: ['Download', 'Later'],
         message: 'Application update available!',
       })
-      response === 0 && console.log(await updater.downloadUpdate())
+      response === 0 && console.log(await updater.downloadAndInstall())
     }
   })
-  // app logics
-  app.whenReady().then(() => {
-    // ...
-  })
 }
 ```

package/dist/{chunk-OBERMV66.mjs → chunk-VADH6AZA.mjs} RENAMED Viewed

@@ -7,46 +7,38 @@ var __require = /* @__PURE__ */ ((x) => typeof require !== "undefined" ? require
 });
 // src/crypto.ts
-import { constants, createCipheriv, createDecipheriv, createHash, createSign, createVerify, generateKeyPairSync } from "node:crypto";
+import { constants, createCipheriv, createDecipheriv, createHash, createSign, createVerify } from "node:crypto";
 import { Buffer as Buffer2 } from "node:buffer";
 var aesEncode = "base64url";
-function generateRSA(length = 2048) {
-  const pair = generateKeyPairSync("rsa", { modulusLength: length });
-  const privateKey = pair.privateKey.export({ type: "pkcs1", format: "pem" });
-  const publicKey = pair.publicKey.export({ type: "pkcs1", format: "pem" });
-  return {
-    privateKey,
-    publicKey
-  };
-}
-function encrypt(plainText, key, iv) {
-  const cipher = createCipheriv("aes-256-cbc", key, iv);
+function encrypt(plainText, key2, iv) {
+  const cipher = createCipheriv("aes-256-cbc", key2, iv);
   let encrypted = cipher.update(plainText, "utf8", aesEncode);
   encrypted += cipher.final(aesEncode);
   return encrypted;
 }
-function decrypt(encryptedText, key, iv) {
-  const decipher = createDecipheriv("aes-256-cbc", key, iv);
+function decrypt(encryptedText, key2, iv) {
+  const decipher = createDecipheriv("aes-256-cbc", key2, iv);
   let decrypted = decipher.update(encryptedText, aesEncode, "utf8");
   decrypted += decipher.final("utf8");
   return decrypted;
 }
-function generateKey(data, length) {
+function key(data, length) {
   const hash = createHash("SHA256").update(data).digest("binary");
   return Buffer2.from(hash).subarray(0, length);
 }
-function signature(buffer, privateKey, publicKey) {
+function signature(buffer, privateKey, cert, version) {
   const sig = createSign("RSA-SHA256").update(buffer).sign({
     key: privateKey,
     padding: constants.RSA_PKCS1_PADDING,
     saltLength: constants.RSA_PSS_SALTLEN_DIGEST
   }, "base64");
-  return encrypt(sig, generateKey(publicKey, 32), generateKey(buffer, 16));
+  return encrypt(`${sig}%${version}`, key(cert, 32), key(buffer, 16));
 }
-function verify(buffer, signature2, publicKey) {
+function verify(buffer, signature2, cert) {
   try {
-    const sig = decrypt(signature2, generateKey(publicKey, 32), generateKey(buffer, 16));
-    return createVerify("RSA-SHA256").update(buffer).verify(publicKey, sig, "base64");
+    const [sig, version] = decrypt(signature2, key(cert, 32), key(buffer, 16)).split("%");
+    const result = createVerify("RSA-SHA256").update(buffer).verify(cert, sig, "base64");
+    return result ? version : false;
   } catch (error) {
     return false;
   }
@@ -54,7 +46,6 @@ function verify(buffer, signature2, publicKey) {
 export {
   __require,
-  generateRSA,
   signature,
   verify
 };