npm - nappup - Versions diffs - 1.8.4 → 1.9.0 - Mend

nappup 1.8.4 → 1.9.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/README.md +8 -3
package/bin/nappup/index.js +15 -1
package/package.json +1 -1
package/src/index.js +1 -1
package/src/services/bunker-signer.js +55 -0
package/src/services/nostr-relays.js +42 -42
package/src/services/nostr-signer.js +1 -0

package/README.md CHANGED Viewed

@@ -26,7 +26,7 @@ nappup [directory] [options]
 | Flag | Description |
 |------|-------------|
-| `-s <secret_key>` | Your Nostr secret key (hex or nsec format) used to sign the application event. See [Authentication](#authentication) for alternatives. |
+| `-s <secret_key>` | Your Nostr secret key (hex, nsec, or `bunker://` URL) used to sign the application event. See [Authentication](#authentication) for alternatives. |
 | `-d <d_tag>` | The identifier (`d` tag) for your application. Any UTF-8 text up to 260 characters. If omitted, defaults to the directory name. Avoid generic names like `dist` or `build` - use something unique among your other apps like `mycoolapp`. |
 | `-y` | Skip confirmation prompt. Useful for CI/CD pipelines or automated scripts. |
 | `-r` | Force re-upload. By default, Napp Up! might skip files that haven't changed. Use this flag to ensure everything is pushed fresh. |
@@ -43,13 +43,18 @@ Napp Up! supports multiple ways to provide your Nostr secret key:
    nappup -s nsec1...
    ```
-2. **Environment variable**: Set `NOSTR_SECRET_KEY` in your environment or a `.env` file:
+2. **Remote signer (NIP-46)**: Pass a `bunker://` URL to sign events via a remote signer like [nak](https://github.com/fiatjaf/nak?tab=readme-ov-file#start-a-bunker-that-persists-its-metadata-secret-key-relays-authorized-client-pubkeys-to-disc) or [Amber](https://github.com/greenart7c3/Amber):
+   ```bash
+   nappup -s 'bunker://<pubkey>?relay=wss://relay.example.com&secret=<token>'
+   ```
+3. **Environment variable**: Set `NOSTR_SECRET_KEY` in your environment or a `.env` file (also supports `bunker://` URLs):
    ```bash
    export NOSTR_SECRET_KEY=nsec1...
    nappup ./dist
    ```
-3. **Auto-generated key**: If no key is provided, Napp Up! will generate a new keypair automatically and store it (as nsec) in your project's `.env` file for future use.
+4. **Auto-generated key**: If no key is provided, Napp Up! will generate a new keypair automatically and store it (as nsec) in your project's `.env` file for future use.
 ### Examples

package/bin/nappup/index.js CHANGED Viewed

@@ -34,4 +34,18 @@ await confirmArgs(args)
 const fileList = await toFileList(getFiles(dir), dir)
-await toApp(fileList, await NostrSigner.create(sk), { log: console.log.bind(console), dTag, channel, shouldReupload })
+const bunkerUrl = sk?.startsWith('bunker://') ? sk : (!sk && process.env.NOSTR_SECRET_KEY?.startsWith('bunker://')) ? process.env.NOSTR_SECRET_KEY : null
+let signer
+if (bunkerUrl) {
+  const { default: NostrBunkerSigner } = await import('#services/bunker-signer.js')
+  signer = await NostrBunkerSigner.create(bunkerUrl)
+} else {
+  signer = await NostrSigner.create(sk)
+}
+try {
+  await toApp(fileList, signer, { log: console.log.bind(console), dTag, channel, shouldReupload })
+} finally {
+  await signer.close?.()
+}

package/package.json CHANGED Viewed

@@ -6,7 +6,7 @@
     "url": "git+https://github.com/44billion/nappup.git"
   },
   "license": "MIT",
-  "version": "1.8.4",
+  "version": "1.9.0",
   "description": "Nostr App Uploader",
   "type": "module",
   "scripts": {

package/src/index.js CHANGED Viewed

@@ -75,7 +75,7 @@ export async function toApp (fileList, nostrSigner, { log = () => {}, onEvent =
     nostrSigner.getRelays = getRelays
   }
   const writeRelays = [...new Set((await nostrSigner.getRelays()).write.map(r => r.trim().replace(/\/$/, '')))]
-  log(`Found ${writeRelays.length} outbox relays for pubkey ${nostrSigner.getPublicKey()}:\n${writeRelays.join(', ')}`)
+  log(`Found ${writeRelays.length} outbox relays for pubkey ${await nostrSigner.getPublicKey()}:\n${writeRelays.join(', ')}`)
   if (writeRelays.length === 0) throw new Error('No outbox relays found')
   if (typeof dTag === 'string') {

package/src/services/bunker-signer.js ADDED Viewed

@@ -0,0 +1,55 @@
+import { generateSecretKey } from 'nostr-tools/pure'
+import { BunkerSigner, parseBunkerInput } from 'nostr-tools/nip46'
+import { getRelays } from '#helpers/signer.js'
+const CONNECT_TIMEOUT = 30_000
+const createToken = Symbol('createToken')
+export default class NostrBunkerSigner {
+  #bunker
+  #publicKey // hex, cached
+  constructor (token, bunker, publicKey) {
+    if (token !== createToken) throw new Error('Use NostrBunkerSigner.create(bunkerUrl) to instantiate this class.')
+    this.#bunker = bunker
+    this.#publicKey = publicKey
+  }
+  static async create (bunkerUrl) {
+    const bp = await parseBunkerInput(bunkerUrl)
+    if (!bp) throw new Error('Invalid bunker URL')
+    if (bp.relays.length === 0) throw new Error('Bunker URL must include at least one relay (?relay=wss://...)')
+    const clientSk = generateSecretKey()
+    const bunker = new BunkerSigner(clientSk, bp)
+    await Promise.race([
+      bunker.connect(),
+      new Promise((_, reject) => setTimeout(() => reject(new Error('Bunker connection timed out')), CONNECT_TIMEOUT))
+    ])
+    const publicKey = await bunker.getPublicKey()
+    return new this(createToken, bunker, publicKey)
+  }
+  getPublicKey () {
+    return this.#publicKey
+  }
+  signEvent (event) {
+    return this.#bunker.signEvent(event)
+  }
+  async getRelays () {
+    return getRelays.call(this)
+  }
+  nip44 = {
+    encrypt: (pubkey, plaintext) => this.#bunker.nip44Encrypt(pubkey, plaintext),
+    decrypt: (pubkey, ciphertext) => this.#bunker.nip44Decrypt(pubkey, ciphertext)
+  }
+  async close () {
+    await this.#bunker.close()
+  }
+}

package/src/services/nostr-relays.js CHANGED Viewed

@@ -68,39 +68,34 @@ export class NostrRelays {
     const events = []
     const promises = relays.map(async (url) => {
       let sub
-      let isClosed = false
       const p = Promise.withResolvers()
+      const t = Promise.withResolvers()
       const timer = maybeUnref(setTimeout(() => {
-        isClosed = true
         sub?.close()
-        p.reject(new Error(`timeout: ${url}`))
+        t.reject(new Error(`timeout: ${url}`))
       }, timeout))
+      ;(async () => {
+        try {
+          const relay = await this.#getRelay(url)
+          sub = relay.subscribe([filter], {
+            onevent: (event) => {
+              event.meta = { relay: url }
+              events.push(event)
+            },
+            onclose: err => err ? p.reject(err) : p.resolve(),
+            oneose: () => { sub.close(); p.resolve() }
+          })
+        } catch (err) {
+          p.reject(err)
+        }
+      })()
       try {
-        const relay = await this.#getRelay(url)
-        sub = relay.subscribe([filter], {
-          onevent: (event) => {
-            event.meta = { relay: url }
-            events.push(event)
-          },
-          onclose: err => {
-            clearTimeout(timer)
-            if (isClosed) return
-            // May have closed normally, without error
-            err ? p.reject(err) : p.resolve()
-          },
-          oneose: () => {
-            clearTimeout(timer)
-            isClosed = true
-            sub.close()
-            p.resolve()
-          }
-        })
-      } catch (err) {
+        await Promise.race([p.promise, t.promise])
+      } finally {
         clearTimeout(timer)
-        p.reject(err)
       }
-      return p.promise
     })
     const results = await Promise.allSettled(promises)
@@ -119,27 +114,32 @@ export class NostrRelays {
     if (eventToSend.meta) delete eventToSend.meta
     const promises = relays.map(async (url) => {
-      let timer
       const p = Promise.withResolvers()
-      try {
-        timer = maybeUnref(setTimeout(() => {
-          p.reject(new Error(`timeout: ${url}`))
-        }, timeout))
-        const relay = await this.#getRelay(url)
-        await relay.publish(eventToSend)
-        p.resolve()
-      } catch (err) {
-        if (err.message?.startsWith('duplicate:')) return p.resolve()
-        if (err.message?.startsWith('mute:')) {
-          console.info(`${url} - ${err.message}`)
-          return p.resolve()
+      const t = Promise.withResolvers()
+      const timer = maybeUnref(setTimeout(() => {
+        t.reject(new Error(`timeout: ${url}`))
+      }, timeout))
+      ;(async () => {
+        try {
+          const relay = await this.#getRelay(url)
+          await relay.publish(eventToSend)
+          p.resolve()
+        } catch (err) {
+          if (err.message?.startsWith('duplicate:')) return p.resolve()
+          if (err.message?.startsWith('mute:')) {
+            console.info(`${url} - ${err.message}`)
+            return p.resolve()
+          }
+          p.reject(err)
         }
-        p.reject(err)
+      })()
+      try {
+        await Promise.race([p.promise, t.promise])
       } finally {
         clearTimeout(timer)
       }
-      return p.promise
     })
     const results = await Promise.allSettled(promises)

package/src/services/nostr-signer.js CHANGED Viewed

@@ -46,6 +46,7 @@ export default class NostrSigner {
     let isNewSk = false
     if (process.env.NOSTR_SECRET_KEY) {
       let envSk = process.env.NOSTR_SECRET_KEY
+      if (envSk.startsWith('bunker://')) throw new Error('bunker:// URLs are not supported by NostrSigner. Use NostrBunkerSigner.create() instead.')
       if (envSk.startsWith('nsec')) envSk = nsecDecode(envSk)
       skBytes = base16ToBytes(envSk)
     } else {