native-update 1.4.9 → 2.0.0

package/Readme.md

@@ -13,6 +13,18 @@
 >
 > **🚀 Try the example apps in `example-apps/` to see all features in action!**
 
+## Current State
+
+- Package version: `1.4.9`
+- Verified on: `2026-03-25`
+- Tests: `81/81` passing via `yarn test:run`
+- Build: `yarn build` succeeds
+- Root package manager is standardized on Yarn, and the root scripts no longer shell out to npm or pnpm
+- Root portfolio info file:
+  - `NATIVE-UPDATE_portfolio-info_2026-03-25.md`
+- Current dated project profile:
+  - `docs/project-profiles/native-update-capacitor-update-platform-project-profile-last-updated-2026-03-25.md`
+
 ## 📚 Documentation
 
 - **[AI Integration Guide](https://nativeupdate.aoneahsan.com/docs/AI-INTEGRATION-GUIDE)** - Quick reference for AI development agents (Claude, Cursor, Copilot)
@@ -61,7 +73,7 @@
 
 ---
 
-A **foundation package** for building a comprehensive update management plugin for Capacitor that combines Live/OTA updates, native app store updates, and in-app review capabilities. This package provides the architecture, interfaces, and documentation but requires additional implementation work.
+A production-oriented Capacitor update platform that combines Live/OTA updates, native app store update flows, in-app reviews, release tooling, dashboard support, example backends, and operational documentation in one ecosystem.
 
 ## 🌐 Dashboard & Management Platform
 

package/android/src/main/java/com/aoneahsan/nativeupdate/BackgroundUpdatePlugin.kt

@@ -81,6 +81,15 @@ class BackgroundUpdatePlugin : Plugin() {
         val workRequest = OneTimeWorkRequestBuilder<BackgroundUpdateWorker>()
             .setInputData(createWorkData())
             .addTag(WORK_TAG)
+            // Exponential backoff starting at 30s. WorkManager's default
+            // is 10s which hits a failing server too fast and burns
+            // battery on mobile. 30s base, doubled each retry, caps
+            // automatically at WorkManager's internal max (~5 hours).
+            .setBackoffCriteria(
+                BackoffPolicy.EXPONENTIAL,
+                30,
+                TimeUnit.SECONDS
+            )
             .build()
         
         WorkManager.getInstance(context)
@@ -141,6 +150,12 @@ class BackgroundUpdatePlugin : Plugin() {
             .setConstraints(constraints)
             .setInputData(createWorkData())
             .addTag(WORK_TAG)
+            // See triggerBackgroundCheck — same 30s exponential base.
+            .setBackoffCriteria(
+                BackoffPolicy.EXPONENTIAL,
+                30,
+                TimeUnit.SECONDS
+            )
             .build()
         
         WorkManager.getInstance(context)

package/android/src/main/java/com/aoneahsan/nativeupdate/BackgroundUpdateWorker.kt

@@ -17,31 +17,47 @@ class BackgroundUpdateWorker(
     companion object {
         private const val TAG = "BackgroundUpdateWorker"
         private const val NOTIFICATION_ID = 1001
+        // Cap the number of automatic retries for a transient failure
+        // (network error, backend 5xx, etc). WorkManager does not cap
+        // retries natively for our periodic request — without this guard
+        // a persistently-failing server would burn battery indefinitely.
+        // The schedule (with exponential backoff starting at 30s) takes
+        // roughly 30+60+120+240+480 = ~15 minutes across 5 retries, after
+        // which we give up until the next periodic run.
+        private const val MAX_RETRY_ATTEMPTS = 5
     }
-    
+
     override suspend fun doWork(): Result {
         return withContext(Dispatchers.IO) {
             try {
+                if (runAttemptCount >= MAX_RETRY_ATTEMPTS) {
+                    android.util.Log.w(
+                        TAG,
+                        "Giving up after $runAttemptCount retries; will try again on next periodic run"
+                    )
+                    return@withContext Result.failure()
+                }
+
                 val configJson = inputData.getString("config")
                 val config = parseConfig(configJson)
-                
+
                 if (config == null || !config.enabled) {
                     return@withContext Result.failure()
                 }
-                
+
                 val result = performBackgroundCheck(config)
-                
+
                 // Update plugin status
                 updatePluginStatus(result)
-                
+
                 // Send notification if updates found
                 if (result.updatesFound) {
                     sendNotification(result)
                 }
-                
+
                 // Notify listeners
                 notifyListeners(result)
-                
+
                 if (result.success) Result.success() else Result.retry()
             } catch (e: Exception) {
                 android.util.Log.e(TAG, "Background update failed", e)

package/android/src/main/java/com/aoneahsan/nativeupdate/LiveUpdatePlugin.kt

@@ -25,6 +25,24 @@ class LiveUpdatePlugin(
     private val securityManager = SecurityManager(context)
     private val activeDownloads = mutableMapOf<String, Long>()
     private var downloadManager: android.app.DownloadManager? = null
+
+    companion object {
+        // SharedPreferences keys. Kept as constants so A2 (boot-time
+        // re-verification) and A3 (crash-loop auto-rollback) stay in sync
+        // with the call-sites in setActiveBundle / notifyAppReady.
+        private const val PREF_FILE = "native_update"
+        private const val ACTIVE_BUNDLE_KEY = "active_bundle"
+        private const val PREVIOUS_BUNDLE_KEY = "previous_active_bundle"
+        private const val PENDING_BUNDLE_KEY = "pending_verify_bundle"
+        private const val PENDING_ATTEMPTS_KEY = "pending_verify_attempts"
+
+        // Activation of a new bundle is "pending" until JS calls
+        // notifyAppReady(). Each cold start before that bumps the counter.
+        // Two failed cold starts is a strong signal the bundle crashes
+        // the app, so we auto-rollback to the previous bundle on the
+        // second failure.
+        private const val MAX_PENDING_ATTEMPTS = 2
+    }
     
     init {
         // Initialize OkHttp with default settings
@@ -178,6 +196,11 @@ class LiveUpdatePlugin(
                 bundleInfo.put("status", "READY")
                 bundleInfo.put("checksum", checksum)
                 bundleInfo.put("verified", true)
+                // Persist signature so the boot-time re-verify in
+                // verifyActiveBundleOnBoot() can run without re-downloading.
+                if (signature != null) {
+                    bundleInfo.put("signature", signature)
+                }
                 
                 // Save bundle info
                 saveBundleInfo(bundleInfo)
@@ -428,8 +451,23 @@ class LiveUpdatePlugin(
     }
     
     private fun setActiveBundle(bundleId: String) {
-        val prefs = context.getSharedPreferences("native_update", Context.MODE_PRIVATE)
-        prefs.edit().putString("active_bundle", bundleId).apply()
+        val prefs = context.getSharedPreferences(PREF_FILE, Context.MODE_PRIVATE)
+        val currentActive = prefs.getString(ACTIVE_BUNDLE_KEY, null)
+        val editor = prefs.edit().putString(ACTIVE_BUNDLE_KEY, bundleId)
+
+        // Preserve the previous active bundle as a rollback target. Skip
+        // self-activation (setting to the same bundle) so we don't nuke
+        // a real previous-bundle pointer.
+        if (currentActive != null && currentActive != bundleId) {
+            editor.putString(PREVIOUS_BUNDLE_KEY, currentActive)
+        }
+
+        // Mark this activation as pending-verify. notifyAppReady() in the
+        // host app clears it; otherwise the next cold start increments the
+        // attempt counter and eventually triggers auto-rollback.
+        editor.putString(PENDING_BUNDLE_KEY, bundleId)
+        editor.putInt(PENDING_ATTEMPTS_KEY, 0)
+        editor.apply()
     }
     
     private fun clearAllBundles() {
@@ -508,8 +546,118 @@ class LiveUpdatePlugin(
     }
     
     private fun markBundleAsVerified() {
-        val prefs = context.getSharedPreferences("native_update", Context.MODE_PRIVATE)
-        prefs.edit().putBoolean("current_bundle_verified", true).apply()
+        // notifyAppReady() is the host app's "I booted clean on this bundle"
+        // signal. Clear the pending-verify state so cold starts after this
+        // no longer count against the bundle.
+        val prefs = context.getSharedPreferences(PREF_FILE, Context.MODE_PRIVATE)
+        prefs.edit()
+            .putBoolean("current_bundle_verified", true)
+            .remove(PENDING_BUNDLE_KEY)
+            .remove(PENDING_ATTEMPTS_KEY)
+            .apply()
+    }
+
+    /**
+     * Called from NativeUpdatePlugin.load() on every cold start. Runs two
+     * independent defenses, both silent when no OTA bundle is active:
+     *
+     *   A2 — re-hash the active bundle and verify it still matches the
+     *        checksum stored at install time. If signature + publicKey are
+     *        configured, also re-verify the signature. This catches on-disk
+     *        tampering on rooted devices.
+     *   A3 — if the active bundle was never confirmed by notifyAppReady()
+     *        on the previous launch, treat this cold start as a failed
+     *        boot. After MAX_PENDING_ATTEMPTS failures, rollback to the
+     *        previous known-good bundle to break the crash loop.
+     *
+     * On any failure the function rolls back and fires an
+     * updateStateChanged event with status "ROLLBACK" so the host app and
+     * analytics layer can observe it.
+     */
+    fun verifyActiveBundleOnBoot() {
+        val prefs = context.getSharedPreferences(PREF_FILE, Context.MODE_PRIVATE)
+
+        // A3: crash-loop detection. If a bundle is still pending, this
+        // cold start is counted against it.
+        val pendingBundleId = prefs.getString(PENDING_BUNDLE_KEY, null)
+        if (pendingBundleId != null) {
+            val nextAttempt = prefs.getInt(PENDING_ATTEMPTS_KEY, 0) + 1
+            if (nextAttempt > MAX_PENDING_ATTEMPTS) {
+                rollbackToPrevious("auto-rollback after $nextAttempt failed cold starts", pendingBundleId)
+                prefs.edit()
+                    .remove(PENDING_BUNDLE_KEY)
+                    .remove(PENDING_ATTEMPTS_KEY)
+                    .apply()
+                return
+            }
+            prefs.edit().putInt(PENDING_ATTEMPTS_KEY, nextAttempt).apply()
+        }
+
+        // A2: integrity re-verify. Only runs for non-default active bundles.
+        val activeBundleId = prefs.getString(ACTIVE_BUNDLE_KEY, null) ?: return
+        if (activeBundleId == "default") return
+
+        val bundleInfo = getBundleInfoById(activeBundleId) ?: run {
+            rollbackToPrevious("active bundle info missing from preferences", activeBundleId)
+            return
+        }
+
+        val bundlePath = bundleInfo.optString("path", "")
+        val expectedChecksum = bundleInfo.optString("checksum", "")
+        if (bundlePath.isEmpty() || expectedChecksum.isEmpty()) return
+
+        val bundleFile = File(bundlePath)
+        if (!bundleFile.exists()) {
+            rollbackToPrevious("bundle file missing on disk", activeBundleId)
+            return
+        }
+
+        if (!verifyChecksum(bundleFile, expectedChecksum)) {
+            rollbackToPrevious("bundle checksum mismatch on boot", activeBundleId)
+            return
+        }
+
+        val signature = bundleInfo.optString("signature", "")
+        if (signature.isNotEmpty()) {
+            val publicKey = config?.getJSObject("security")?.getString("publicKey")
+                ?: config?.getString("publicKey")
+            if (!publicKey.isNullOrEmpty()) {
+                val bytes = bundleFile.readBytes()
+                if (!securityManager.verifySignature(bytes, signature, publicKey)) {
+                    rollbackToPrevious("bundle signature mismatch on boot", activeBundleId)
+                    return
+                }
+            }
+        }
+    }
+
+    private fun rollbackToPrevious(reason: String, fromBundleId: String) {
+        val prefs = context.getSharedPreferences(PREF_FILE, Context.MODE_PRIVATE)
+        val previous = prefs.getString(PREVIOUS_BUNDLE_KEY, null)
+        val editor = prefs.edit()
+        if (previous != null) {
+            editor.putString(ACTIVE_BUNDLE_KEY, previous)
+        } else {
+            editor.remove(ACTIVE_BUNDLE_KEY)
+        }
+        editor.remove(PREVIOUS_BUNDLE_KEY).apply()
+
+        stateChangeListener?.invoke(JSObject().apply {
+            put("status", "ROLLBACK")
+            put("bundleId", fromBundleId)
+            put("rolledBackTo", previous ?: "default")
+            put("reason", reason)
+        })
+    }
+
+    private fun getBundleInfoById(bundleId: String): JSObject? {
+        val prefs = context.getSharedPreferences("native_update_bundles", Context.MODE_PRIVATE)
+        val raw = prefs.getString(bundleId, null) ?: return null
+        return try {
+            JSObject(raw)
+        } catch (e: Exception) {
+            null
+        }
     }
     
     // Async method for background update checks

package/android/src/main/java/com/aoneahsan/nativeupdate/NativeUpdatePlugin.kt

@@ -49,10 +49,23 @@ class NativeUpdatePlugin : Plugin() {
         liveUpdatePlugin.setProgressListener { progress ->
             notifyListeners("downloadProgress", progress)
         }
-        
+
         liveUpdatePlugin.setStateChangeListener { state ->
             notifyListeners("updateStateChanged", state)
         }
+
+        // Boot-time integrity re-verify + crash-loop auto-rollback. Runs
+        // before any host-app code touches the WebView so a tampered or
+        // crash-looping bundle never gets a chance to load.
+        // Signature re-verify runs again after configure() once the
+        // publicKey arrives from the host app; checksum re-verify here
+        // is sufficient to catch most tampering.
+        try {
+            liveUpdatePlugin.verifyActiveBundleOnBoot()
+        } catch (e: Exception) {
+            // Never let boot verification crash the plugin itself — fall
+            // through and let a later sync() surface the problem.
+        }
     }
     
     @PluginMethod

package/android/src/main/java/com/aoneahsan/nativeupdate/NotificationActionReceiver.kt

@@ -4,6 +4,7 @@ import android.content.BroadcastReceiver
 import android.content.Context
 import android.content.Intent
 import android.util.Log
+import androidx.work.BackoffPolicy
 import androidx.work.ExistingWorkPolicy
 import androidx.work.OneTimeWorkRequestBuilder
 import androidx.work.WorkManager
@@ -47,12 +48,20 @@ class NotificationActionReceiver : BroadcastReceiver() {
         when (updateType) {
             "live_update" -> {
                 val bundleId = intent.getStringExtra(EXTRA_BUNDLE_ID) ?: return
-                // Trigger immediate installation through WorkManager
+                // Trigger immediate installation through WorkManager.
+                // Exponential backoff keeps an ailing network or server
+                // from burning battery; matches the policy used by
+                // BackgroundUpdatePlugin.triggerBackgroundCheck.
                 val workRequest = OneTimeWorkRequestBuilder<BackgroundUpdateWorker>()
                     .setInputData(workDataOf(
                         "action" to "install_bundle",
                         "bundle_id" to bundleId
                     ))
+                    .setBackoffCriteria(
+                        BackoffPolicy.EXPONENTIAL,
+                        30,
+                        java.util.concurrent.TimeUnit.SECONDS
+                    )
                     .build()
                 
                 WorkManager.getInstance(context).enqueueUniqueWork(

package/android/src/main/java/com/aoneahsan/nativeupdate/SecurityManager.kt

@@ -68,7 +68,8 @@ class SecurityManager(private val context: Context) {
         result.put("certificatePinning", certificatePinning)
         
         result.put("validateInputs", config?.getBool("validateInputs") ?: true)
-        result.put("secureStorage", config?.getBool("secureStorage") ?: true)
+        // Hard-coded true since v2 — secure storage is no longer opt-out.
+        result.put("secureStorage", true)
         
         return result
     }
@@ -162,23 +163,20 @@ class SecurityManager(private val context: Context) {
         return digest.digest().joinToString("") { "%02x".format(it) }
     }
     
+    /**
+     * Writes always land in EncryptedSharedPreferences backed by the
+     * Android Keystore master key. The old `secureStorage: false` opt-out
+     * was removed in v2 — there is no legitimate reason to store an
+     * API key or signing metadata in plaintext on a device, and shipping
+     * the option was worse than not shipping it at all (the default was
+     * opt-in, not opt-out, so most integrations landed in plaintext).
+     */
     fun saveSecureData(key: String, value: String) {
-        if (isSecureStorageEnabled()) {
-            securePrefs.edit().putString(key, value).apply()
-        } else {
-            // Fallback to regular preferences (not recommended)
-            val prefs = context.getSharedPreferences("native_update", Context.MODE_PRIVATE)
-            prefs.edit().putString(key, value).apply()
-        }
+        securePrefs.edit().putString(key, value).apply()
     }
-    
+
     fun getSecureData(key: String): String? {
-        return if (isSecureStorageEnabled()) {
-            securePrefs.getString(key, null)
-        } else {
-            val prefs = context.getSharedPreferences("native_update", Context.MODE_PRIVATE)
-            prefs.getString(key, null)
-        }
+        return securePrefs.getString(key, null)
     }
     
     fun validatePath(path: String): Boolean {
@@ -204,9 +202,11 @@ class SecurityManager(private val context: Context) {
         return config?.getBool("enforceHttps") ?: true
     }
     
-    fun isSecureStorageEnabled(): Boolean {
-        return config?.getBool("secureStorage") ?: true
-    }
+    /**
+     * Secure storage is unconditionally on since v2. Kept as a getter so
+     * `getSecurityInfo()` still reports accurately to callers.
+     */
+    fun isSecureStorageEnabled(): Boolean = true
     
     fun isInputValidationEnabled(): Boolean {
         return config?.getBool("validateInputs") ?: true

package/cli/AGENTS.md

@@ -0,0 +1,29 @@
+# AGENTS.md - CLI Tool
+
+Agent instructions for the native-update CLI tool.
+
+## 🔴 3-Day Freshness Rule
+Check and update this file at least every 3 days. See root AGENTS.md.
+
+## Scope
+
+Node.js CLI for release management, bundle operations, and configuration. Distributed as part of the npm package.
+
+## Key Rules
+
+1. **ESM module**: Uses `"type": "module"` — all imports must use ESM syntax
+2. **Interactive prompts**: Use `prompts` library for user input
+3. **Error messages**: Clear, actionable error messages without exposing internals
+4. **Exit codes**: Use proper exit codes (0 success, 1 error)
+5. **Help text**: Every command must have `--help` documentation
+
+## When Adding CLI Commands
+
+1. Create command file in `commands/`
+2. Register in `index.js`
+3. Update `docs/CLI_REFERENCE.md`
+4. Add usage example to relevant docs
+
+---
+
+**Last Updated**: 2026-04-02

package/cli/CLAUDE.md

@@ -0,0 +1,51 @@
+# Native Update - CLI
+
+Command-line interface for native-update release management and bundle operations.
+
+## 🔴 3-Day Freshness Rule
+Check and update this file at least every 3 days. See root CLAUDE.md.
+
+## Structure
+
+| File/Folder | Purpose |
+|-------------|---------|
+| `index.js` | CLI entry point (~10KB) |
+| `commands/` | Command implementations |
+| `package.json` | CLI dependencies |
+
+## Dependencies
+- `commander` — Argument parsing
+- `chalk` — Colored terminal output
+- `ora` — Loading spinners
+- `archiver` — ZIP creation
+- `prompts` — Interactive prompts
+
+## Usage
+
+```bash
+# Via npx
+npx native-update <command>
+
+# Or install globally
+npm install -g native-update
+native-update <command>
+```
+
+## Commands
+
+The CLI provides commands for:
+- Bundle management (create, verify, sign)
+- Update publishing (upload, activate, rollback)
+- Configuration management
+- Release management
+
+## Module System
+- ESM (`"type": "module"` in package.json)
+- Uses `commander` for CLI framework
+
+## FilesHub Rule (inherited)
+All file storage uses FilesHub API. See root CLAUDE.md.
+
+---
+
+**Last Updated**: 2026-04-02

package/dist/esm/__tests__/security-enforcement.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/esm/__tests__/security-enforcement.test.js

@@ -0,0 +1,95 @@
+import { describe, it, expect, beforeEach } from 'vitest';
+import { SecurityValidator } from '../core/security';
+import { ConfigManager } from '../core/config';
+import { ErrorCode } from '../core/errors';
+// We assert on shape (name + code + message) rather than `instanceof`
+// because NativeUpdateError pins its prototype in the constructor, which
+// breaks cross-subclass `instanceof` checks in certain transpilation modes.
+/**
+ * Regression tests for the signature/checksum fail-closed contract.
+ *
+ * Prior to v2, verifySignature returned `true` when a signature was missing
+ * but a public key was configured, and verifyChecksum returned `true` for
+ * any empty checksum. Both were silent-pass gaps that let an attacker ship
+ * a manifest with the fields stripped out and bypass all integrity checks.
+ *
+ * These tests lock the new contract in place:
+ *   - empty checksum → throws (always required in OTA paths)
+ *   - empty signature with publicKey/requireSignature → throws
+ *   - empty signature with neither configured → returns true (opt-out)
+ */
+describe('SecurityValidator — fail-closed enforcement', () => {
+    const validator = SecurityValidator.getInstance();
+    const config = ConfigManager.getInstance();
+    const sampleData = new TextEncoder().encode('hello world').buffer;
+    // Test-only RSA public key (real format, fake material).
+    const SAMPLE_PUBLIC_KEY_PEM = `-----BEGIN PUBLIC KEY-----\n` +
+        `MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxxxxxxxxxxxxxxxxxxx\n` +
+        `-----END PUBLIC KEY-----`;
+    beforeEach(() => {
+        // Reset to defaults before every test.
+        config.configure({
+            publicKey: '',
+            enableSignatureValidation: false,
+            requireSignature: false,
+        });
+    });
+    describe('verifyChecksum', () => {
+        it('throws when checksum is missing', async () => {
+            await expect(validator.verifyChecksum(sampleData, '')).rejects.toMatchObject({
+                name: 'ValidationError',
+                code: ErrorCode.CHECKSUM_MISMATCH,
+            });
+        });
+        it('returns true on matching checksum', async () => {
+            // SHA-256("hello world")
+            const expected = 'b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9';
+            const ok = await validator.verifyChecksum(sampleData, expected);
+            expect(ok).toBe(true);
+        });
+        it('returns false on mismatched checksum', async () => {
+            const ok = await validator.verifyChecksum(sampleData, '0000000000000000000000000000000000000000000000000000000000000000');
+            expect(ok).toBe(false);
+        });
+    });
+    describe('verifySignature', () => {
+        it('throws when signature missing and publicKey is configured', async () => {
+            config.set('publicKey', SAMPLE_PUBLIC_KEY_PEM);
+            await expect(validator.verifySignature(sampleData, '')).rejects.toMatchObject({
+                name: 'ValidationError',
+                code: ErrorCode.SIGNATURE_INVALID,
+            });
+        });
+        it('throws when signature missing and requireSignature=true', async () => {
+            config.set('requireSignature', true);
+            await expect(validator.verifySignature(sampleData, undefined)).rejects.toMatchObject({
+                name: 'ValidationError',
+                code: ErrorCode.SIGNATURE_INVALID,
+            });
+        });
+        it('throws when signature missing and enableSignatureValidation=true', async () => {
+            config.set('enableSignatureValidation', true);
+            await expect(validator.verifySignature(sampleData, null)).rejects.toMatchObject({
+                name: 'ValidationError',
+                code: ErrorCode.SIGNATURE_INVALID,
+            });
+        });
+        it('returns true when signature AND signature-enforcement are both unset', async () => {
+            // Opt-out path: host app passed no publicKey and disabled both flags.
+            config.set('enableSignatureValidation', false);
+            config.set('requireSignature', false);
+            const ok = await validator.verifySignature(sampleData, '');
+            expect(ok).toBe(true);
+        });
+        it('throws when signature is provided but publicKey is not configured', async () => {
+            config.set('enableSignatureValidation', false);
+            config.set('requireSignature', false);
+            config.set('publicKey', '');
+            await expect(validator.verifySignature(sampleData, 'AAAAAA==')).rejects.toMatchObject({
+                name: 'ValidationError',
+                code: ErrorCode.SIGNATURE_INVALID,
+            });
+        });
+    });
+});
+//# sourceMappingURL=security-enforcement.test.js.map

package/dist/esm/__tests__/security-enforcement.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-enforcement.test.js","sourceRoot":"","sources":["../../../src/__tests__/security-enforcement.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAC1D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAE3C,sEAAsE;AACtE,yEAAyE;AACzE,4EAA4E;AAE5E;;;;;;;;;;;;GAYG;AACH,QAAQ,CAAC,6CAA6C,EAAE,GAAG,EAAE;IAC3D,MAAM,SAAS,GAAG,iBAAiB,CAAC,WAAW,EAAE,CAAC;IAClD,MAAM,MAAM,GAAG,aAAa,CAAC,WAAW,EAAE,CAAC;IAE3C,MAAM,UAAU,GAAG,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAqB,CAAC;IAEjF,yDAAyD;IACzD,MAAM,qBAAqB,GACzB,8BAA8B;QAC9B,oEAAoE;QACpE,0BAA0B,CAAC;IAE7B,UAAU,CAAC,GAAG,EAAE;QACd,uCAAuC;QACvC,MAAM,CAAC,SAAS,CAAC;YACf,SAAS,EAAE,EAAE;YACb,yBAAyB,EAAE,KAAK;YAChC,gBAAgB,EAAE,KAAK;SAC6B,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;YAC/C,MAAM,MAAM,CACV,SAAS,CAAC,cAAc,CAAC,UAAU,EAAE,EAAE,CAAC,CACzC,CAAC,OAAO,CAAC,aAAa,CAAC;gBACtB,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,SAAS,CAAC,iBAAiB;aAClC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;YACjD,yBAAyB;YACzB,MAAM,QAAQ,GACZ,kEAAkE,CAAC;YACrE,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,cAAc,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;YAChE,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACxB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;YACpD,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,cAAc,CACvC,UAAU,EACV,kEAAkE,CACnE,CAAC;YACF,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACzB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,EAAE,CAAC,2DAA2D,EAAE,KAAK,IAAI,EAAE;YACzE,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,qBAAqB,CAAC,CAAC;YAE/C,MAAM,MAAM,CACV,SAAS,CAAC,eAAe,CAAC,UAAU,EAAE,EAAE,CAAC,CAC1C,CAAC,OAAO,CAAC,aAAa,CAAC;gBACtB,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,SAAS,CAAC,iBAAiB;aAClC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;YACvE,MAAM,CAAC,GAAG,CAAC,kBAAkB,EAAE,IAAI,CAAC,CAAC;YAErC,MAAM,MAAM,CACV,SAAS,CAAC,eAAe,CAAC,UAAU,EAAE,SAAS,CAAC,CACjD,CAAC,OAAO,CAAC,aAAa,CAAC;gBACtB,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,SAAS,CAAC,iBAAiB;aAClC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kEAAkE,EAAE,KAAK,IAAI,EAAE;YAChF,MAAM,CAAC,GAAG,CAAC,2BAA2B,EAAE,IAAI,CAAC,CAAC;YAE9C,MAAM,MAAM,CACV,SAAS,CAAC,eAAe,CAAC,UAAU,EAAE,IAAI,CAAC,CAC5C,CAAC,OAAO,CAAC,aAAa,CAAC;gBACtB,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,SAAS,CAAC,iBAAiB;aAClC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sEAAsE,EAAE,KAAK,IAAI,EAAE;YACpF,sEAAsE;YACtE,MAAM,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,CAAC,CAAC;YAC/C,MAAM,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,CAAC,CAAC;YAEtC,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,eAAe,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;YAC3D,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACxB,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mEAAmE,EAAE,KAAK,IAAI,EAAE;YACjF,MAAM,CAAC,GAAG,CAAC,2BAA2B,EAAE,KAAK,CAAC,CAAC;YAC/C,MAAM,CAAC,GAAG,CAAC,kBAAkB,EAAE,KAAK,CAAC,CAAC;YACtC,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YAE5B,MAAM,MAAM,CACV,SAAS,CAAC,eAAe,CAAC,UAAU,EAAE,UAAU,CAAC,CAClD,CAAC,OAAO,CAAC,aAAa,CAAC;gBACtB,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,SAAS,CAAC,iBAAiB;aAClC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/esm/core/config.d.ts

@@ -22,6 +22,12 @@ export interface PluginConfig {
     serverUrl?: string;
     channel?: string;
     appId?: string;
+    /**
+     * API key for authentication with the Native Update backend
+     * Get this from the Native Update dashboard after creating your app
+     * Format: nu_app_xxx or nu_device_xxx
+     */
+    apiKey?: string;
     autoCheck?: boolean;
     autoUpdate?: boolean;
     updateStrategy?: UpdateStrategy;
@@ -58,21 +64,6 @@ export interface PluginConfig {
      * Allows gradual deployment to a percentage of users
      */
     enableStagedRollouts?: boolean;
-    /**
-     * Enable bundle encryption (AES-256-GCM)
-     * When enabled, downloaded bundles will be decrypted before validation
-     */
-    enableEncryption?: boolean;
-    /**
-     * Encryption key for decrypting bundles
-     * Should be stored securely and not hardcoded in production
-     */
-    encryptionKey?: string;
-    /**
-     * Salt for key derivation (base64 encoded)
-     * Required when using password-based encryption
-     */
-    encryptionSalt?: string;
 }
 export declare class ConfigManager {
     private static instance;

package/dist/esm/core/config.js

@@ -25,6 +25,7 @@ export class ConfigManager {
             serverUrl: '',
             channel: 'production',
             appId: '',
+            apiKey: '',
             autoCheck: true,
             autoUpdate: false,
             updateStrategy: 'background',
@@ -53,10 +54,6 @@ export class ConfigManager {
             firestore: null,
             enableDeltaUpdates: true,
             enableStagedRollouts: true,
-            // Encryption configuration
-            enableEncryption: false,
-            encryptionKey: '',
-            encryptionSalt: '',
         };
     }
     configure(config) {