nappup 1.8.1 → 1.8.2

package/README.md

@@ -27,8 +27,7 @@ nappup [directory] [options]
 | Flag | Description |
 |------|-------------|
 | `-s <secret_key>` | Your Nostr secret key (hex or nsec format) used to sign the application event. See [Authentication](#authentication) for alternatives. |
-| `-D <name>` | **Recommended**: A string to derive the identifier (`d` tag) from. This is the preferred way to set your app's identifier since you don't need to worry about the format - we'll handle the conversion for you. Just provide the application name and we'll ensure it's safely converted to a valid `d` tag. |
-| `-d <d_tag>` | The exact identifier (`d` tag) for your application. Only use this if you know the exact `d` tag you want. Otherwise, use `-D`. If both are omitted, defaults to deriving the identifier from the directory name. Avoid generic names like `dist` or `build` - use something unique among your other apps like `mycoolapp`. |
+| `-d <d_tag>` | The identifier (`d` tag) for your application. Any UTF-8 text up to 260 characters. If omitted, defaults to the directory name. Avoid generic names like `dist` or `build` - use something unique among your other apps like `mycoolapp`. |
 | `-y` | Skip confirmation prompt. Useful for CI/CD pipelines or automated scripts. |
 | `-r` | Force re-upload. By default, Napp Up! might skip files that haven't changed. Use this flag to ensure everything is pushed fresh. |
 | `--main` | Publish to the **main** release channel. This is the default behavior. |
@@ -66,10 +65,31 @@ NOSTR_SECRET_KEY=nsec1... nappup
 
 Upload a specific `dist` folder with a custom identifier to the `next` channel:
 ```bash
-nappup ./dist -s nsec1... -D "My App #1" --next
+nappup ./dist -s nsec1... -d "My App #1" --next
 ```
 
 Force re-upload a draft:
 ```bash
 nappup ~/my-repos/projectx/build/projectx --draft -r
 ```
+
+## Programmatic Usage
+
+Napp Up! also exports a function that works in both Node.js and the browser, so you can integrate app uploads directly into your own tooling:
+
+```js
+import publishApp from 'nappup'
+
+await publishApp(fileList, signer, {
+  dTag: 'my-app',
+  channel: 'main',       // 'main' | 'next' | 'draft'
+  shouldReupload: false,
+  onEvent ({ type, progress }) {
+    console.log(`${type} — ${progress}%`)
+  }
+})
+```
+
+- **`fileList`** — a `FileList` or array of `File` objects (each needs `webkitRelativePath`).
+- **`signer`** — a [NIP-07](https://github.com/nostr-protocol/nips/blob/master/07.md)-compatible signer. In the browser, `window.nostr` is used automatically if omitted.
+- **`onEvent`** — optional callback that receives progress events with a `type` (`'init'`, `'file-uploaded'`, `'complete'`, `'error'`, …) and `progress` (0–100).

package/package.json

@@ -6,7 +6,7 @@
     "url": "git+https://github.com/44billion/nappup.git"
   },
   "license": "MIT",
-  "version": "1.8.1",
+  "version": "1.8.2",
   "description": "Nostr App Uploader",
   "type": "module",
   "scripts": {

package/src/services/blossom-upload.js

@@ -1,3 +1,4 @@
+import { sha256 } from '@noble/hashes/sha2.js'
 import { BlossomClient } from 'nostr-tools/nipb7'
 import nostrRelays from '#services/nostr-relays.js'
 import { bytesToBase16 } from '#helpers/base16.js'
@@ -67,12 +68,17 @@ export async function healthCheckServers (servers, signer, { log = () => {} } =
 }
 
 /**
- * Computes the sha256 hex hash of a File/Blob.
+ * Computes the sha256 hex hash of a File/Blob using streaming for memory efficiency.
  */
 export async function computeFileHash (file) {
-  const bytes = new Uint8Array(await file.arrayBuffer())
-  const hashBuffer = await crypto.subtle.digest('SHA-256', bytes)
-  return bytesToBase16(new Uint8Array(hashBuffer))
+  const hash = sha256.create()
+  const reader = file.stream().getReader()
+  while (true) {
+    const { done, value } = await reader.read()
+    if (done) break
+    hash.update(value)
+  }
+  return bytesToBase16(hash.digest())
 }
 
 /**