native-update 1.0.9 → 1.1.1

package/cli/commands/bundle-sign.js

@@ -0,0 +1,58 @@
+import chalk from 'chalk';
+import fs from 'fs/promises';
+import path from 'path';
+import crypto from 'crypto';
+
+export async function signBundle(bundlePath, options) {
+  console.log(chalk.blue('🔏 Signing bundle...'));
+
+  try {
+    // Validate bundle exists
+    await fs.access(bundlePath);
+
+    // Read private key
+    const privateKeyPem = await fs.readFile(options.key, 'utf-8');
+    
+    // Read bundle
+    const bundleData = await fs.readFile(bundlePath);
+    
+    // Create signature
+    const sign = crypto.createSign('RSA-SHA256');
+    sign.update(bundleData);
+    const signature = sign.sign(privateKeyPem, 'base64');
+
+    // Determine output path
+    const outputPath = options.output || bundlePath.replace('.zip', '.signed.zip');
+    
+    // Create signed bundle metadata
+    const signedMetadata = {
+      originalBundle: path.basename(bundlePath),
+      signature,
+      signedAt: new Date().toISOString(),
+      algorithm: 'RSA-SHA256'
+    };
+
+    // Save signature file
+    const sigPath = outputPath.replace('.zip', '.sig');
+    await fs.writeFile(sigPath, JSON.stringify(signedMetadata, null, 2));
+
+    // Copy bundle to output path if different
+    if (outputPath !== bundlePath) {
+      await fs.copyFile(bundlePath, outputPath);
+    }
+
+    console.log(chalk.green('✅ Bundle signed successfully!'));
+    console.log('');
+    console.log(chalk.bold('Signed Bundle:'));
+    console.log(chalk.gray(`  Bundle: ${outputPath}`));
+    console.log(chalk.gray(`  Signature: ${sigPath}`));
+    console.log('');
+    console.log(chalk.yellow('Next steps:'));
+    console.log(chalk.gray('  1. Upload both files to your update server'));
+    console.log(chalk.gray('  2. Update your server to serve the signature'));
+
+  } catch (error) {
+    console.error(chalk.red('❌ Failed to sign bundle:'), error.message);
+    process.exit(1);
+  }
+}

package/cli/commands/bundle-verify.js

@@ -0,0 +1,55 @@
+import chalk from 'chalk';
+import fs from 'fs/promises';
+import path from 'path';
+import crypto from 'crypto';
+
+export async function verifyBundle(bundlePath, options) {
+  console.log(chalk.blue('🔍 Verifying bundle signature...'));
+
+  try {
+    // Check if bundle exists
+    await fs.access(bundlePath);
+
+    // Look for signature file
+    const sigPath = bundlePath.replace('.zip', '.sig');
+    let signatureData;
+    
+    try {
+      const sigContent = await fs.readFile(sigPath, 'utf-8');
+      signatureData = JSON.parse(sigContent);
+    } catch {
+      throw new Error(`No signature file found at ${sigPath}`);
+    }
+
+    // Read public key
+    const publicKeyPem = await fs.readFile(options.key, 'utf-8');
+    
+    // Read bundle
+    const bundleData = await fs.readFile(bundlePath);
+    
+    // Verify signature
+    const verify = crypto.createVerify('RSA-SHA256');
+    verify.update(bundleData);
+    const isValid = verify.verify(publicKeyPem, signatureData.signature, 'base64');
+
+    if (isValid) {
+      console.log(chalk.green('✅ Bundle signature is VALID'));
+      console.log('');
+      console.log(chalk.bold('Bundle Details:'));
+      console.log(chalk.gray(`  Signed at: ${signatureData.signedAt}`));
+      console.log(chalk.gray(`  Algorithm: ${signatureData.algorithm}`));
+      console.log('');
+      console.log(chalk.green('This bundle can be trusted and deployed safely.'));
+    } else {
+      console.log(chalk.red('❌ Bundle signature is INVALID'));
+      console.log('');
+      console.log(chalk.red('WARNING: This bundle may have been tampered with!'));
+      console.log(chalk.red('Do not deploy this bundle.'));
+      process.exit(1);
+    }
+
+  } catch (error) {
+    console.error(chalk.red('❌ Failed to verify bundle:'), error.message);
+    process.exit(1);
+  }
+}

package/cli/commands/init.js

@@ -0,0 +1,146 @@
+import chalk from 'chalk';
+import fs from 'fs/promises';
+import path from 'path';
+import prompts from 'prompts';
+
+export async function init(options) {
+  console.log(chalk.blue('🚀 Initializing Native Update in your project...'));
+
+  try {
+    // Check if already initialized
+    try {
+      await fs.access('./native-update.config.js');
+      const { overwrite } = await prompts({
+        type: 'confirm',
+        name: 'overwrite',
+        message: 'Config file already exists. Overwrite?',
+        initial: false
+      });
+      
+      if (!overwrite) {
+        console.log(chalk.yellow('Initialization cancelled.'));
+        return;
+      }
+    } catch {
+      // File doesn't exist, good
+    }
+
+    // Prompt for configuration
+    const config = await prompts([
+      {
+        type: 'text',
+        name: 'appId',
+        message: 'App ID (e.g., com.example.app):',
+        validate: value => value.length > 0
+      },
+      {
+        type: 'text',
+        name: 'serverUrl',
+        message: 'Update server URL:',
+        initial: 'https://your-update-server.com'
+      },
+      {
+        type: 'select',
+        name: 'channel',
+        message: 'Default update channel:',
+        choices: [
+          { title: 'Production', value: 'production' },
+          { title: 'Staging', value: 'staging' },
+          { title: 'Development', value: 'development' }
+        ]
+      },
+      {
+        type: 'confirm',
+        name: 'autoUpdate',
+        message: 'Enable automatic updates?',
+        initial: true
+      }
+    ]);
+
+    // Create config file
+    const configContent = `export default {
+  appId: '${config.appId}',
+  serverUrl: '${config.serverUrl}',
+  channel: '${config.channel}',
+  autoUpdate: ${config.autoUpdate},
+  
+  // Security
+  publicKey: \`-----BEGIN PUBLIC KEY-----
+YOUR_PUBLIC_KEY_HERE
+-----END PUBLIC KEY-----\`,
+  
+  // Update behavior
+  updateStrategy: 'immediate', // immediate, on-app-start, on-app-resume
+  checkInterval: 60 * 60 * 1000, // 1 hour
+  
+  // Optional callbacks
+  onUpdateAvailable: (update) => {
+    console.log('Update available:', update.version);
+  },
+  
+  onUpdateDownloaded: (update) => {
+    console.log('Update downloaded:', update.version);
+  },
+  
+  onUpdateFailed: (error) => {
+    console.error('Update failed:', error);
+  }
+};
+`;
+
+    await fs.writeFile('./native-update.config.js', configContent);
+
+    // Create example integration if requested
+    if (options.example) {
+      const exampleCode = `import { NativeUpdate } from 'native-update';
+import config from './native-update.config.js';
+
+// Initialize on app start
+export async function initializeUpdates() {
+  try {
+    // Configure the plugin
+    await NativeUpdate.configure(config);
+    
+    // Check for updates
+    const update = await NativeUpdate.checkForUpdate();
+    
+    if (update.available) {
+      console.log(\`Update available: \${update.version}\`);
+      
+      // Download in background
+      await NativeUpdate.downloadUpdate();
+      
+      // Apply on next restart
+      await NativeUpdate.installOnNextRestart();
+    }
+  } catch (error) {
+    console.error('Update check failed:', error);
+  }
+}
+
+// Call this in your app initialization
+initializeUpdates();
+`;
+
+      await fs.writeFile('./native-update-example.js', exampleCode);
+      console.log(chalk.gray('  Created: native-update-example.js'));
+    }
+
+    console.log(chalk.green('✅ Native Update initialized successfully!'));
+    console.log('');
+    console.log(chalk.bold('Next steps:'));
+    console.log(chalk.gray('  1. Generate signing keys:'));
+    console.log(chalk.cyan('     npx native-update keys generate'));
+    console.log(chalk.gray('  2. Add public key to native-update.config.js'));
+    console.log(chalk.gray('  3. Import and use the config in your app'));
+    
+    if (options.backend !== 'custom') {
+      console.log(chalk.gray(`  4. Create ${options.backend} backend:`));
+      console.log(chalk.cyan(`     npx native-update backend create ${options.backend}`));
+    }
+
+  } catch (error) {
+    console.error(chalk.red('❌ Initialization failed:'), error.message);
+    process.exit(1);
+  }
+}

package/cli/commands/keys-generate.js

@@ -0,0 +1,92 @@
+import chalk from 'chalk';
+import fs from 'fs/promises';
+import path from 'path';
+import crypto from 'crypto';
+import { generateKeyPairSync } from 'crypto';
+
+export async function generateKeys(options) {
+  console.log(chalk.blue('🔑 Generating key pair...'));
+
+  try {
+    // Create output directory
+    const outputDir = path.resolve(options.output);
+    await fs.mkdir(outputDir, { recursive: true });
+
+    let publicKey, privateKey;
+
+    if (options.type === 'rsa') {
+      // Generate RSA key pair
+      const keySize = parseInt(options.size);
+      if (![2048, 4096].includes(keySize)) {
+        throw new Error('RSA key size must be 2048 or 4096');
+      }
+
+      ({ publicKey, privateKey } = generateKeyPairSync('rsa', {
+        modulusLength: keySize,
+        publicKeyEncoding: {
+          type: 'spki',
+          format: 'pem'
+        },
+        privateKeyEncoding: {
+          type: 'pkcs8',
+          format: 'pem'
+        }
+      }));
+    } else if (options.type === 'ec') {
+      // Generate EC key pair
+      const curveMap = {
+        '256': 'prime256v1',
+        '384': 'secp384r1'
+      };
+      const namedCurve = curveMap[options.size];
+      if (!namedCurve) {
+        throw new Error('EC key size must be 256 or 384');
+      }
+
+      ({ publicKey, privateKey } = generateKeyPairSync('ec', {
+        namedCurve,
+        publicKeyEncoding: {
+          type: 'spki',
+          format: 'pem'
+        },
+        privateKeyEncoding: {
+          type: 'pkcs8',
+          format: 'pem'
+        }
+      }));
+    } else {
+      throw new Error('Key type must be "rsa" or "ec"');
+    }
+
+    // Save keys
+    const timestamp = Date.now();
+    const privateKeyPath = path.join(outputDir, `private-${timestamp}.pem`);
+    const publicKeyPath = path.join(outputDir, `public-${timestamp}.pem`);
+
+    await fs.writeFile(privateKeyPath, privateKey);
+    await fs.writeFile(publicKeyPath, publicKey);
+
+    // Set proper permissions on private key
+    await fs.chmod(privateKeyPath, 0o600);
+
+    console.log(chalk.green('✅ Key pair generated successfully!'));
+    console.log('');
+    console.log(chalk.bold('Key Files:'));
+    console.log(chalk.gray(`  Private Key: ${privateKeyPath}`));
+    console.log(chalk.gray(`  Public Key: ${publicKeyPath}`));
+    console.log('');
+    console.log(chalk.yellow('⚠️  Security Notes:'));
+    console.log(chalk.red('  • Keep your private key secure and never commit it to version control'));
+    console.log(chalk.gray('  • Add the public key to your app configuration'));
+    console.log(chalk.gray('  • Use the private key for signing bundles on your CI/CD server'));
+    console.log('');
+    console.log(chalk.yellow('Next steps:'));
+    console.log(chalk.gray('  1. Add to .gitignore:'));
+    console.log(chalk.cyan(`     echo "${path.basename(privateKeyPath)}" >> .gitignore`));
+    console.log(chalk.gray('  2. Configure your app with the public key'));
+
+  } catch (error) {
+    console.error(chalk.red('❌ Failed to generate keys:'), error.message);
+    process.exit(1);
+  }
+}

package/cli/commands/monitor.js

@@ -0,0 +1,68 @@
+import chalk from 'chalk';
+import ora from 'ora';
+
+export async function monitor(options) {
+  if (!options.server) {
+    console.error(chalk.red('Error: --server URL is required'));
+    process.exit(1);
+  }
+
+  console.log(chalk.blue(`📊 Monitoring updates from ${options.server}...`));
+  console.log(chalk.gray('Press Ctrl+C to stop'));
+  console.log('');
+
+  const spinner = ora('Fetching update statistics...').start();
+
+  try {
+    // Poll server for stats
+    setInterval(async () => {
+      try {
+        const headers = options.key ? { 'Authorization': `Bearer ${options.key}` } : {};
+        
+        const response = await fetch(`${options.server}/api/stats`, { headers });
+        
+        if (!response.ok) {
+          throw new Error(`Server returned ${response.status}`);
+        }
+
+        const stats = await response.json();
+        
+        spinner.stop();
+        console.clear();
+        console.log(chalk.blue(`📊 Update Monitor - ${new Date().toLocaleTimeString()}`));
+        console.log(chalk.gray('─'.repeat(50)));
+        console.log('');
+        
+        console.log(chalk.bold('Current Version:'));
+        console.log(chalk.gray(`  Latest: ${stats.latestVersion || 'N/A'}`));
+        console.log(chalk.gray(`  Channel: ${stats.channel || 'production'}`));
+        console.log('');
+        
+        console.log(chalk.bold('Download Statistics:'));
+        console.log(chalk.gray(`  Total Downloads: ${stats.totalDownloads || 0}`));
+        console.log(chalk.gray(`  Downloads Today: ${stats.downloadsToday || 0}`));
+        console.log(chalk.gray(`  Active Installs: ${stats.activeInstalls || 0}`));
+        console.log('');
+        
+        if (stats.recentActivity) {
+          console.log(chalk.bold('Recent Activity:'));
+          stats.recentActivity.forEach(activity => {
+            console.log(chalk.gray(`  ${activity.time} - ${activity.action} (${activity.version})`));
+          });
+        }
+        
+        console.log('');
+        console.log(chalk.gray('Press Ctrl+C to stop'));
+        
+        spinner.start('Updating...');
+      } catch (error) {
+        spinner.fail(`Failed to fetch stats: ${error.message}`);
+        spinner.start('Retrying...');
+      }
+    }, 5000); // Update every 5 seconds
+
+  } catch (error) {
+    spinner.fail(`Monitor failed: ${error.message}`);
+    process.exit(1);
+  }
+}

package/cli/commands/server-start.js

@@ -0,0 +1,96 @@
+import chalk from 'chalk';
+import express from 'express';
+import fs from 'fs/promises';
+import path from 'path';
+import { fileURLToPath } from 'url';
+import { dirname } from 'path';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = dirname(__filename);
+
+export async function startServer(options) {
+  console.log(chalk.blue('🚀 Starting development update server...'));
+
+  const app = express();
+  const port = parseInt(options.port);
+  const bundleDir = path.resolve(options.dir);
+
+  // Enable CORS if requested
+  if (options.cors) {
+    app.use((req, res, next) => {
+      res.header('Access-Control-Allow-Origin', '*');
+      res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept');
+      next();
+    });
+  }
+
+  // Serve static files
+  app.use('/bundles', express.static(bundleDir));
+
+  // API endpoint to get latest bundle info
+  app.get('/api/latest', async (req, res) => {
+    try {
+      const { channel = 'production' } = req.query;
+      
+      // Find all metadata files
+      const files = await fs.readdir(bundleDir);
+      const metadataFiles = files.filter(f => f.endsWith('.json') && f.startsWith('bundle-'));
+      
+      // Read and parse all metadata
+      const bundles = await Promise.all(
+        metadataFiles.map(async (file) => {
+          const content = await fs.readFile(path.join(bundleDir, file), 'utf-8');
+          return JSON.parse(content);
+        })
+      );
+
+      // Filter by channel and sort by version
+      const channelBundles = bundles.filter(b => b.channel === channel);
+      const latest = channelBundles.sort((a, b) => 
+        b.created.localeCompare(a.created)
+      )[0];
+
+      if (!latest) {
+        return res.status(404).json({ error: 'No bundles found' });
+      }
+
+      // Add download URL
+      latest.downloadUrl = `http://localhost:${port}/bundles/${latest.filename}`;
+      
+      res.json(latest);
+    } catch (error) {
+      res.status(500).json({ error: error.message });
+    }
+  });
+
+  // Health check endpoint
+  app.get('/health', (req, res) => {
+    res.json({ status: 'ok', server: 'native-update-dev' });
+  });
+
+  // List all bundles
+  app.get('/api/bundles', async (req, res) => {
+    try {
+      const files = await fs.readdir(bundleDir);
+      const bundles = files.filter(f => f.endsWith('.zip'));
+      res.json({ bundles });
+    } catch (error) {
+      res.status(500).json({ error: error.message });
+    }
+  });
+
+  app.listen(port, () => {
+    console.log(chalk.green(`✅ Server running at http://localhost:${port}`));
+    console.log('');
+    console.log(chalk.bold('Endpoints:'));
+    console.log(chalk.gray(`  GET  /api/latest?channel=production - Get latest bundle`));
+    console.log(chalk.gray(`  GET  /api/bundles - List all bundles`));
+    console.log(chalk.gray(`  GET  /bundles/<filename> - Download bundle`));
+    console.log(chalk.gray(`  GET  /health - Health check`));
+    console.log('');
+    console.log(chalk.yellow('Configure your app to use this server:'));
+    console.log(chalk.cyan(`  serverUrl: 'http://localhost:${port}'`));
+    console.log('');
+    console.log(chalk.gray('Press Ctrl+C to stop'));
+  });
+}