native-update 1.4.9 → 3.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (265) hide show
  1. package/Readme.md +35 -9
  2. package/android/manifest-additions.xml +28 -0
  3. package/android/src/main/AndroidManifest.xml +3 -7
  4. package/android/src/main/java/com/aoneahsan/nativeupdate/BackgroundNotificationManager.kt +21 -13
  5. package/android/src/main/java/com/aoneahsan/nativeupdate/BackgroundUpdatePlugin.kt +15 -0
  6. package/android/src/main/java/com/aoneahsan/nativeupdate/BackgroundUpdateWorker.kt +23 -7
  7. package/android/src/main/java/com/aoneahsan/nativeupdate/LiveUpdatePlugin.kt +346 -31
  8. package/android/src/main/java/com/aoneahsan/nativeupdate/NativeUpdatePlugin.kt +32 -34
  9. package/android/src/main/java/com/aoneahsan/nativeupdate/NotificationActionReceiver.kt +10 -1
  10. package/android/src/main/java/com/aoneahsan/nativeupdate/SecurityManager.kt +18 -18
  11. package/cli/AGENTS.md +43 -0
  12. package/cli/CLAUDE.md +65 -0
  13. package/cli/commands/backend-create.js +56 -15
  14. package/cli/commands/bundle-create.js +39 -7
  15. package/cli/commands/monitor.js +72 -51
  16. package/cli/index.js +10 -24
  17. package/cli/package.json +11 -3
  18. package/dist/esm/app-review/app-review-manager.js +0 -1
  19. package/dist/esm/app-review/index.js +0 -1
  20. package/dist/esm/app-review/platform-review-handler.js +0 -1
  21. package/dist/esm/app-review/review-conditions-checker.js +0 -1
  22. package/dist/esm/app-review/review-rate-limiter.js +0 -1
  23. package/dist/esm/app-review/types.js +0 -1
  24. package/dist/esm/app-update/app-update-checker.js +0 -1
  25. package/dist/esm/app-update/app-update-installer.d.ts +1 -0
  26. package/dist/esm/app-update/app-update-installer.js +19 -8
  27. package/dist/esm/app-update/app-update-manager.js +0 -1
  28. package/dist/esm/app-update/app-update-notifier.js +0 -1
  29. package/dist/esm/app-update/index.js +0 -1
  30. package/dist/esm/app-update/platform-app-update.js +12 -3
  31. package/dist/esm/app-update/types.js +0 -1
  32. package/dist/esm/background-update/background-scheduler.js +0 -1
  33. package/dist/esm/background-update/index.js +0 -1
  34. package/dist/esm/background-update/notification-manager.js +0 -1
  35. package/dist/esm/config/support.js +0 -1
  36. package/dist/esm/core/analytics.d.ts +13 -0
  37. package/dist/esm/core/analytics.js +15 -1
  38. package/dist/esm/core/cache-manager.js +0 -1
  39. package/dist/esm/core/config.d.ts +6 -30
  40. package/dist/esm/core/config.js +1 -8
  41. package/dist/esm/core/errors.d.ts +1 -0
  42. package/dist/esm/core/errors.js +1 -1
  43. package/dist/esm/core/event-emitter.d.ts +0 -3
  44. package/dist/esm/core/event-emitter.js +8 -3
  45. package/dist/esm/core/logger.js +0 -1
  46. package/dist/esm/core/performance.js +0 -1
  47. package/dist/esm/core/plugin-manager.js +3 -1
  48. package/dist/esm/core/security.d.ts +22 -3
  49. package/dist/esm/core/security.js +46 -7
  50. package/dist/esm/definitions.d.ts +13 -40
  51. package/dist/esm/definitions.js +0 -1
  52. package/dist/esm/index.d.ts +3 -4
  53. package/dist/esm/index.js +3 -3
  54. package/dist/esm/live-update/bundle-manager.d.ts +8 -0
  55. package/dist/esm/live-update/bundle-manager.js +20 -1
  56. package/dist/esm/live-update/certificate-pinning.js +0 -1
  57. package/dist/esm/live-update/delta-processor.d.ts +1 -1
  58. package/dist/esm/live-update/delta-processor.js +3 -1
  59. package/dist/esm/live-update/download-manager.d.ts +36 -5
  60. package/dist/esm/live-update/download-manager.js +70 -24
  61. package/dist/esm/live-update/rollout-checker.d.ts +1 -1
  62. package/dist/esm/live-update/rollout-checker.js +5 -6
  63. package/dist/esm/live-update/update-manager.d.ts +12 -1
  64. package/dist/esm/live-update/update-manager.js +38 -11
  65. package/dist/esm/live-update/version-manager.d.ts +9 -12
  66. package/dist/esm/live-update/version-manager.js +40 -68
  67. package/dist/esm/plugin.js +82 -89
  68. package/dist/esm/security/crypto.js +11 -7
  69. package/dist/esm/security/validator.js +0 -1
  70. package/dist/esm/types/rollout.d.ts +85 -0
  71. package/dist/esm/types/rollout.js +25 -0
  72. package/dist/esm/web.d.ts +26 -1
  73. package/dist/esm/web.js +214 -75
  74. package/dist/plugin.cjs.js +1 -2
  75. package/dist/plugin.esm.js +1 -2
  76. package/dist/plugin.js +2 -3
  77. package/docs/AGENTS.md +38 -0
  78. package/docs/CHANGELOG.md +275 -0
  79. package/docs/CLAUDE.md +101 -0
  80. package/docs/MANUAL-TASKS.md +17 -0
  81. package/docs/MARKETING_WEBSITE_TRACKER.md +18 -2
  82. package/docs/MIGRATION.md +170 -0
  83. package/docs/PACKAGES.md +167 -0
  84. package/docs/PERFORMANCE.md +110 -0
  85. package/docs/PROJECT_COMPLETION_TRACKER.md +4 -35
  86. package/docs/README.md +12 -2
  87. package/docs/REMAINING_FEATURES.md +123 -76
  88. package/docs/ROADMAP.md +200 -120
  89. package/docs/SECURITY-IF-REPO-PUBLIC.md +232 -0
  90. package/docs/TESTING_REQUIREMENTS.md +1 -112
  91. package/docs/ai-knowledge-base/00-project-profile.md +38 -0
  92. package/docs/ai-knowledge-base/01-features.md +46 -0
  93. package/docs/ai-knowledge-base/02-routes.md +72 -0
  94. package/docs/ai-knowledge-base/03-tech-stack.md +57 -0
  95. package/docs/ai-knowledge-base/README.md +23 -0
  96. package/docs/analytics-tracking.md +37 -0
  97. package/docs/capacitor-official-plugins.md +46 -0
  98. package/docs/capawesome-plugins.md +29 -0
  99. package/docs/deployment/HOSTINGER_DEPLOY.md +370 -0
  100. package/docs/deployment/PRODUCTION-DEPLOY-CHECKLIST.md +184 -0
  101. package/docs/docs-site/plan.md +201 -0
  102. package/docs/docs-site/scope.md +127 -0
  103. package/docs/docs-site/tracker.json +235 -0
  104. package/docs/error-handling-tracking.md +37 -0
  105. package/docs/features/laravel-nova-backend/ASSESSMENT-SUMMARY.md +96 -0
  106. package/docs/features/laravel-nova-backend/IMPLEMENTATION-PLAN.md +504 -0
  107. package/docs/features/laravel-nova-backend/progress-tracker.json +184 -0
  108. package/docs/guides/testing-guide.md +15 -41
  109. package/docs/package-audit.md +41 -0
  110. package/docs/play-store/ASO-METADATA.md +5 -0
  111. package/docs/play-store/DATA-SAFETY.md +5 -0
  112. package/docs/play-store/DECLARATIONS.md +5 -0
  113. package/docs/play-store/README.md +27 -0
  114. package/docs/play-store/RELEASE-NOTES.md +99 -0
  115. package/docs/play-store/RELEASE-STEPS.md +6 -0
  116. package/docs/play-store/STORE-LISTING.md +7 -0
  117. package/docs/play-store/SUBMISSION-CHECKLIST.md +5 -0
  118. package/docs/production-readiness.md +1 -1
  119. package/docs/project-audit/2026-05-16/00-FINALIZATION-PLAN.md +123 -0
  120. package/docs/project-audit/2026-05-16/01-BATCH-PLAN.md +227 -0
  121. package/docs/project-audit/2026-05-16/02-AUDIT-FINDINGS.md +144 -0
  122. package/docs/project-audit/2026-05-16/sessions/batch-01.md +42 -0
  123. package/docs/project-audit/2026-05-16/sessions/batch-02.md +74 -0
  124. package/docs/project-audit/2026-05-16/sessions/batch-03.md +71 -0
  125. package/docs/project-audit/2026-05-16/sessions/batch-04.md +88 -0
  126. package/docs/project-audit/2026-05-16/sessions/batch-05.md +63 -0
  127. package/docs/project-audit/2026-05-16/sessions/batch-06.md +103 -0
  128. package/docs/project-audit/2026-05-16/sessions/batch-07.md +61 -0
  129. package/docs/project-audit/2026-05-16/sessions/batch-08.md +101 -0
  130. package/docs/project-audit/2026-05-16/sessions/batch-09.md +105 -0
  131. package/docs/project-audit/2026-05-16/sessions/batch-10.md +102 -0
  132. package/docs/project-audit/AUDIT-HISTORY.md +74 -0
  133. package/docs/project-audit/BATCH-PLAN.md +168 -0
  134. package/docs/project-audit/MARKETING-WEBSITE-FINDINGS-2026-05-11.md +73 -0
  135. package/docs/project-audit/PRODUCTION-READINESS-AUDIT-2026-05-08.md +275 -0
  136. package/docs/project-finalization/00-tracker.json +60 -0
  137. package/docs/project-knowledge-base/01-system-overview.md +227 -0
  138. package/docs/project-knowledge-base/02-routes-pages-forms-users.md +352 -0
  139. package/docs/project-knowledge-base/03-tech-stack-modules-services.md +379 -0
  140. package/docs/project-knowledge-base/04-data-models-integrations.md +244 -0
  141. package/docs/project-knowledge-base/05-docs-corpus-inventory.md +256 -0
  142. package/docs/project-knowledge-base/06-operations-testing-legal-content.md +208 -0
  143. package/docs/project-knowledge-base/README.md +103 -0
  144. package/docs/project-profiles/native-update-capacitor-update-platform-project-profile-last-updated-2026-05-19.md +81 -0
  145. package/docs/rules-tracker.md +102 -0
  146. package/docs/security/PRE-LAUNCH-PENTEST-CHECKLIST.md +116 -0
  147. package/docs/seo-aeo-rules.json +3043 -0
  148. package/docs/social-media-marketing/README.md +81 -0
  149. package/docs/social-media-marketing/posts-batch-01.md +613 -0
  150. package/docs/social-media-marketing/posts-batch-02.md +528 -0
  151. package/docs/social-media-marketing/whatsapp-messages-batch-01.md +458 -0
  152. package/docs/social-media-marketing/whatsapp-status-batch-01.md +355 -0
  153. package/docs/tracking/finalization-2026-05-16-tracker.json +346 -0
  154. package/docs/tracking/full-audit-tracker.json +121 -0
  155. package/docs/tracking/production-readiness-audit-tracker.json +429 -0
  156. package/docs/tracking/seo-checklist-tracker.json +333 -0
  157. package/ios/Plugin/BackgroundUpdate/BackgroundUpdatePlugin.swift +66 -9
  158. package/ios/Plugin/LiveUpdate/LiveUpdatePlugin.swift +306 -52
  159. package/ios/Plugin/NativeUpdatePlugin.swift +22 -9
  160. package/ios/Plugin/Security/SecurityManager.swift +13 -14
  161. package/package.json +37 -38
  162. package/cli/node_modules/.yarn-integrity +0 -16
  163. package/cli/node_modules/commander/LICENSE +0 -22
  164. package/cli/node_modules/commander/Readme.md +0 -1148
  165. package/cli/node_modules/commander/esm.mjs +0 -16
  166. package/cli/node_modules/commander/index.js +0 -26
  167. package/cli/node_modules/commander/lib/argument.js +0 -145
  168. package/cli/node_modules/commander/lib/command.js +0 -2179
  169. package/cli/node_modules/commander/lib/error.js +0 -43
  170. package/cli/node_modules/commander/lib/help.js +0 -462
  171. package/cli/node_modules/commander/lib/option.js +0 -329
  172. package/cli/node_modules/commander/lib/suggestSimilar.js +0 -100
  173. package/cli/node_modules/commander/package-support.json +0 -16
  174. package/cli/node_modules/commander/package.json +0 -80
  175. package/cli/node_modules/commander/typings/esm.d.mts +0 -3
  176. package/cli/node_modules/commander/typings/index.d.ts +0 -884
  177. package/cli/yarn.lock +0 -8
  178. package/dist/esm/__tests__/bundle-manager.test.d.ts +0 -1
  179. package/dist/esm/__tests__/bundle-manager.test.js +0 -151
  180. package/dist/esm/__tests__/bundle-manager.test.js.map +0 -1
  181. package/dist/esm/__tests__/config.test.d.ts +0 -1
  182. package/dist/esm/__tests__/config.test.js +0 -70
  183. package/dist/esm/__tests__/config.test.js.map +0 -1
  184. package/dist/esm/__tests__/delta-processor.test.d.ts +0 -1
  185. package/dist/esm/__tests__/delta-processor.test.js +0 -77
  186. package/dist/esm/__tests__/delta-processor.test.js.map +0 -1
  187. package/dist/esm/__tests__/firestore-schema.test.d.ts +0 -1
  188. package/dist/esm/__tests__/firestore-schema.test.js +0 -74
  189. package/dist/esm/__tests__/firestore-schema.test.js.map +0 -1
  190. package/dist/esm/__tests__/integration.test.d.ts +0 -1
  191. package/dist/esm/__tests__/integration.test.js +0 -78
  192. package/dist/esm/__tests__/integration.test.js.map +0 -1
  193. package/dist/esm/__tests__/manifest-reader.test.d.ts +0 -1
  194. package/dist/esm/__tests__/manifest-reader.test.js +0 -271
  195. package/dist/esm/__tests__/manifest-reader.test.js.map +0 -1
  196. package/dist/esm/__tests__/rollout-checker.test.d.ts +0 -1
  197. package/dist/esm/__tests__/rollout-checker.test.js +0 -210
  198. package/dist/esm/__tests__/rollout-checker.test.js.map +0 -1
  199. package/dist/esm/__tests__/security.test.d.ts +0 -1
  200. package/dist/esm/__tests__/security.test.js +0 -54
  201. package/dist/esm/__tests__/security.test.js.map +0 -1
  202. package/dist/esm/__tests__/version-manager.test.d.ts +0 -1
  203. package/dist/esm/__tests__/version-manager.test.js +0 -45
  204. package/dist/esm/__tests__/version-manager.test.js.map +0 -1
  205. package/dist/esm/app-review/app-review-manager.js.map +0 -1
  206. package/dist/esm/app-review/index.js.map +0 -1
  207. package/dist/esm/app-review/platform-review-handler.js.map +0 -1
  208. package/dist/esm/app-review/review-conditions-checker.js.map +0 -1
  209. package/dist/esm/app-review/review-rate-limiter.js.map +0 -1
  210. package/dist/esm/app-review/types.js.map +0 -1
  211. package/dist/esm/app-update/app-update-checker.js.map +0 -1
  212. package/dist/esm/app-update/app-update-installer.js.map +0 -1
  213. package/dist/esm/app-update/app-update-manager.js.map +0 -1
  214. package/dist/esm/app-update/app-update-notifier.js.map +0 -1
  215. package/dist/esm/app-update/index.js.map +0 -1
  216. package/dist/esm/app-update/platform-app-update.js.map +0 -1
  217. package/dist/esm/app-update/types.js.map +0 -1
  218. package/dist/esm/background-update/background-scheduler.js.map +0 -1
  219. package/dist/esm/background-update/index.js.map +0 -1
  220. package/dist/esm/background-update/notification-manager.js.map +0 -1
  221. package/dist/esm/config/support.js.map +0 -1
  222. package/dist/esm/core/analytics.js.map +0 -1
  223. package/dist/esm/core/cache-manager.js.map +0 -1
  224. package/dist/esm/core/config.js.map +0 -1
  225. package/dist/esm/core/errors.js.map +0 -1
  226. package/dist/esm/core/event-emitter.js.map +0 -1
  227. package/dist/esm/core/logger.js.map +0 -1
  228. package/dist/esm/core/performance.js.map +0 -1
  229. package/dist/esm/core/plugin-manager.js.map +0 -1
  230. package/dist/esm/core/security.js.map +0 -1
  231. package/dist/esm/definitions.js.map +0 -1
  232. package/dist/esm/firestore/firestore-client.d.ts +0 -109
  233. package/dist/esm/firestore/firestore-client.js +0 -264
  234. package/dist/esm/firestore/firestore-client.js.map +0 -1
  235. package/dist/esm/firestore/index.d.ts +0 -11
  236. package/dist/esm/firestore/index.js +0 -11
  237. package/dist/esm/firestore/index.js.map +0 -1
  238. package/dist/esm/firestore/manifest-reader.d.ts +0 -87
  239. package/dist/esm/firestore/manifest-reader.js +0 -294
  240. package/dist/esm/firestore/manifest-reader.js.map +0 -1
  241. package/dist/esm/firestore/schema.d.ts +0 -507
  242. package/dist/esm/firestore/schema.js +0 -73
  243. package/dist/esm/firestore/schema.js.map +0 -1
  244. package/dist/esm/index.js.map +0 -1
  245. package/dist/esm/live-update/bundle-manager.js.map +0 -1
  246. package/dist/esm/live-update/certificate-pinning.js.map +0 -1
  247. package/dist/esm/live-update/delta-processor.js.map +0 -1
  248. package/dist/esm/live-update/download-manager.js.map +0 -1
  249. package/dist/esm/live-update/rollout-checker.js.map +0 -1
  250. package/dist/esm/live-update/update-manager.js.map +0 -1
  251. package/dist/esm/live-update/version-manager.js.map +0 -1
  252. package/dist/esm/plugin.js.map +0 -1
  253. package/dist/esm/security/crypto.js.map +0 -1
  254. package/dist/esm/security/validator.js.map +0 -1
  255. package/dist/esm/web.js.map +0 -1
  256. package/dist/plugin.cjs.js.map +0 -1
  257. package/dist/plugin.esm.js.map +0 -1
  258. package/dist/plugin.js.map +0 -1
  259. package/docs/FIREBASE_INTEGRATION_TRACKER.md +0 -321
  260. package/docs/FIREBASE_QUERIES_AND_INDEXES_AUDIT.md +0 -221
  261. package/docs/examples/firebase-backend-example.md +0 -27
  262. package/docs/guides/no-cost-backend-implementation-plan.md +0 -77
  263. package/docs/guides/no-cost-firestore-google-drive-backend.md +0 -60
  264. package/docs/play-console-rejection-rules.json +0 -428
  265. /package/docs/{MARKETING_WEBSITE_PLAN.md → archive/MARKETING_WEBSITE_PLAN.md} +0 -0
@@ -0,0 +1,201 @@
1
+ # Documentation Site — Batch Plan
2
+
3
+ **Goal**: Ship a complete, public, SEO-ready Docusaurus documentation site for `native-update` v3.x in 10 batches. Each batch = one prompt = one commit per affected repo. Resumable via `tracker.json`.
4
+
5
+ **Two repos affected**:
6
+ 1. `native-update/` (this repo) — owns the plan + tracker. Single planning commit per batch.
7
+ 2. `native-update-docs/` (sibling, separate public GitHub repo) — owns the actual docs site. One commit per batch in this repo.
8
+
9
+ **Cooldown after final batch**: 7 days. After all 10 batches complete, this prompt becomes a no-op until 7 days have passed (matches the project-wide `production-readiness-audit-tracker.json` pattern).
10
+
11
+ ---
12
+
13
+ ## Skill bindings (apply per batch where listed)
14
+
15
+ | Domain | Skill |
16
+ |---|---|
17
+ | Diátaxis info architecture | `documentation-writer` |
18
+ | Technical writing voice | `technical-writing` |
19
+ | AI-citable structure | `ai-seo` |
20
+ | Marketing landing copy | `copywriting` |
21
+ | Broad SEO + GSC | `seo` |
22
+ | Firebase Hosting setup | `firebase-hosting-basics` |
23
+ | Firebase config/CLI | `firebase-basics` |
24
+
25
+ Invoke matching skills BEFORE the first Edit/Write of each batch.
26
+
27
+ ---
28
+
29
+ ## Batch 1 — Foundation & first pages ✅ (this batch)
30
+
31
+ **Skills**: `documentation-writer`, `ai-seo`, `copywriting`
32
+
33
+ **In `native-update`**:
34
+ - `docs/docs-site/scope.md` — what we document, locked
35
+ - `docs/docs-site/plan.md` — this file
36
+ - `docs/docs-site/tracker.json` — JSON status, resumable
37
+ - Update root `CLAUDE.md` + `AGENTS.md` with a "Docs Site" record pointing at the tracker
38
+
39
+ **In `native-update-docs/` (new sibling)**:
40
+ - Init: `package.json`, `tsconfig.json`, `.gitignore`, `.editorconfig`
41
+ - `docusaurus.config.ts` — brand metadata, SEO defaults, OG image, Ahsan author footer
42
+ - `sidebars.ts` — full target structure (placeholders for sections written in later batches)
43
+ - `src/css/custom.css` — brand color palette + dark-mode tuning
44
+ - `src/pages/index.tsx` — homepage (hero + features + CTA)
45
+ - `static/img/logo.svg`, `static/img/favicon.svg`, `static/img/social-card.svg`
46
+ - `static/robots.txt` (skeleton — full allow-list ships in Batch 10)
47
+ - `docs/intro.md` — "What is native-update?" (definition-first, 600+ words)
48
+ - `docs/getting-started/installation.md` — install steps, peer-dep note, platform setup quick reference
49
+ - `docs/getting-started/quick-start.md` — 5-minute first OTA update tutorial
50
+ - `docs/about-the-author.md` — Ahsan Mahmood credits page (links, contact)
51
+ - `README.md`, `CLAUDE.md`, `AGENTS.md` — repo metadata + freshness rules
52
+ - `yarn install`, `git init`, first commit
53
+ - `~/.dev-ports.json` — register port 5960
54
+
55
+ **Verification**: `yarn build` (in sibling) exits 0; `yarn typecheck` (if available) exits 0; tracker updated.
56
+
57
+ ---
58
+
59
+ ## Batch 2 — SDK Reference: Live Update (OTA)
60
+
61
+ **Skills**: `documentation-writer`, `ai-seo`
62
+
63
+ Write `docs/reference/sdk/live-update/`:
64
+ - `overview.md` — what live-update does, when to use it
65
+ - `methods.md` — all 20 methods grouped (lifecycle, channels, downloads, validation, cancellation), each with TypeScript signature + parameters table + return type + example + errors thrown
66
+ - `types.md` — `BundleInfo`, `SyncOptions`, `SyncResult`, `DownloadOptions`, `LatestVersion`, `DeleteOptions`, `ValidateOptions`, `ValidationResult`, `CheckForUpdateResult`, `DownloadUpdateOptions`
67
+ - `enums.md` — `UpdateStrategy`, `UpdateMode`, `BundleStatus`, `SyncStatus`
68
+ - `events.md` — `downloadProgress`, `updateStateChanged`
69
+ - `config.md` — `LiveUpdateConfig` field-by-field
70
+
71
+ Estimated: 8–10 pages, ~6,000 words total.
72
+
73
+ ---
74
+
75
+ ## Batch 3 — SDK Reference: App Update + App Review
76
+
77
+ **Skills**: `documentation-writer`, `ai-seo`
78
+
79
+ Write `docs/reference/sdk/app-update/` (5 methods, AppUpdateInfo, OpenAppStoreOptions, InstallStatus enum, 6 events) and `docs/reference/sdk/app-review/` (2 methods, AppReviewConfig, ReviewResult, CanRequestReviewResult, throttling rules).
80
+
81
+ Estimated: 7–8 pages.
82
+
83
+ ---
84
+
85
+ ## Batch 4 — SDK Reference: Background Updates + Security + Core
86
+
87
+ **Skills**: `documentation-writer`, `ai-seo`
88
+
89
+ Write `docs/reference/sdk/background-update/` (8 methods, BackgroundUpdateConfig, NotificationPreferences, 2 events, BackgroundUpdateType + NotificationPriority enums), `docs/reference/sdk/security/` (getSecurityInfo, SecurityConfig, ChecksumAlgorithm, CertificatePinning, UpdateErrorCode 20+ codes), `docs/reference/sdk/core/` (initialize/isInitialized/reset/cleanup/configure + PluginInitConfig).
90
+
91
+ Estimated: 9–11 pages.
92
+
93
+ ---
94
+
95
+ ## Batch 5 — CLI Reference
96
+
97
+ **Skills**: `documentation-writer`, `technical-writing`
98
+
99
+ Write `docs/reference/cli/`:
100
+ - `overview.md` — install, global flags, exit codes
101
+ - `init.md`, `keys-generate.md`, `bundle-create.md`, `bundle-sign.md`, `bundle-verify.md`, `server-start.md`, `monitor.md`, `backend-create.md`
102
+
103
+ Each command page: synopsis, flags table, examples, common errors.
104
+
105
+ Estimated: 9 pages.
106
+
107
+ ---
108
+
109
+ ## Batch 6 — Backend setup guides
110
+
111
+ **Skills**: `documentation-writer`, `technical-writing`
112
+
113
+ Write `docs/backend/`:
114
+ - `overview.md` — when to self-host, hosted SaaS comparison
115
+ - `laravel-nova-self-host.md` — full setup (env, migrations, queues, signing keys, Nova auth, Firebase token verification)
116
+ - `node-express-minimal.md` — based on `example-apps/node-express`
117
+ - `api-contract.md` — every public endpoint, request/response shape, signing
118
+ - `nova-admin-overview.md` — what each Nova resource manages
119
+
120
+ Estimated: 5 pages, dense.
121
+
122
+ ---
123
+
124
+ ## Batch 7 — Platform guides
125
+
126
+ **Skills**: `documentation-writer`, `technical-writing`
127
+
128
+ Write `docs/platforms/`:
129
+ - `android.md` — manifest additions, permissions, ProGuard rules, WorkManager constraints, signing setup
130
+ - `ios.md` — Info.plist keys, capabilities, background modes, App Store Review setup
131
+ - `web.md` — browser dev fallback, limitations, when to use
132
+
133
+ Estimated: 3 long pages (~2,000 words each).
134
+
135
+ ---
136
+
137
+ ## Batch 8 — Tutorials & how-to guides
138
+
139
+ **Skills**: `documentation-writer`, `ai-seo`, `copywriting`
140
+
141
+ Write `docs/tutorials/` and `docs/how-to/`:
142
+ - Tutorial: end-to-end first OTA update (install → keypair → bundle → sign → upload → device verifies → applies)
143
+ - Tutorial: backend-first walkthrough (Laravel install → first app → first build → first device check)
144
+ - How-to: manage release channels (production/staging/beta)
145
+ - How-to: rotate signing keys without breaking active bundles
146
+ - How-to: roll back a bad bundle
147
+ - How-to: migrate from CodePush
148
+ - How-to: integrate with CI/CD (GitHub Actions example)
149
+ - How-to: test bundles in development
150
+
151
+ Estimated: 8 pages.
152
+
153
+ ---
154
+
155
+ ## Batch 9 — Concepts & explanations
156
+
157
+ **Skills**: `documentation-writer`, `ai-seo`
158
+
159
+ Write `docs/concepts/`:
160
+ - `how-ota-updates-work.md`
161
+ - `bundle-integrity-and-signing.md`
162
+ - `update-strategies-compared.md` (immediate vs background vs manual)
163
+ - `architecture.md` (with mermaid diagrams)
164
+ - `security-model.md`
165
+ - `error-handling-philosophy.md`
166
+
167
+ Estimated: 6 pages, deeper writing.
168
+
169
+ ---
170
+
171
+ ## Batch 10 — SEO + Firebase deploy + GitHub publish
172
+
173
+ **Skills**: `seo`, `ai-seo`, `firebase-hosting-basics`, `firebase-basics`
174
+
175
+ - Per-page meta head injection (canonical, OG, Twitter Card) via `docusaurus.config.ts`
176
+ - `static/robots.txt` final form (full AI-bot allow list)
177
+ - `static/llms.txt` + `static/llms-full.txt`
178
+ - `static/humans.txt`, `static/.well-known/security.txt`
179
+ - `static/sitemap-index.json`
180
+ - JSON-LD injection per page (TechArticle + FAQPage where applicable)
181
+ - `firebase.json`, `.firebaserc`, hosting config
182
+ - GitHub Actions workflow: build + deploy on push to `main`
183
+ - README publish instructions (GH + Firebase + Search Console + Bing Webmaster)
184
+ - Update tracker `last_run.completed_at` and `next_allowed_run_after` (today + 7 days)
185
+ - Final commit in both repos
186
+
187
+ Estimated: 1 dense pass.
188
+
189
+ ---
190
+
191
+ ## Resumability protocol (for future runs of this prompt)
192
+
193
+ When this prompt is re-run:
194
+
195
+ 1. Read `docs/docs-site/tracker.json`.
196
+ 2. If `last_run.status == "complete"` AND today < `last_run.next_allowed_run_after` → SKIP. Tell the user "Docs site is complete; next allowed run after `<date>`. Use the docs site or open an issue if anything is missing."
197
+ 3. If `last_run.status == "in_progress"` → find the lowest-indexed batch with `status != "completed"` in `batches[]` and resume there. Do NOT redo earlier batches.
198
+ 4. After completing each batch: append a row to `batches[]`, update `current_batch` and `progress_pct`. ONE commit per batch in each affected repo.
199
+ 5. After Batch 10: set `last_run.status = "complete"`, `last_run.completed_at = today`, `last_run.next_allowed_run_after = today + 7 days`.
200
+
201
+ **Override conditions** (run a fix-only batch even within cooldown): explicit user bypass; broken `yarn build` in sibling repo; production incident; published page returns 404 or 5xx; Lighthouse SEO drops below 95.
@@ -0,0 +1,127 @@
1
+ # Documentation Site — Scope
2
+
3
+ **Project**: Public Docusaurus documentation site for the `native-update` Capacitor plugin.
4
+ **Repo location**: `/home/ahsan/Documents/01-code/projects/native-update-docs/` (sibling, separate public GitHub repo)
5
+ **Hosting**: Dedicated Firebase project (TBD in Batch 10)
6
+ **Versioning**: Single version — latest only (no version dropdown for v1)
7
+ **Theme**: Default Docusaurus `classic` preset + brand colors + logo + dark mode
8
+ **Author credit**: Ahsan Mahmood (aoneahsan@gmail.com, https://aoneahsan.com, https://linkedin.com/in/aoneahsan) — surfaced on every page footer + about/credits page + JSON-LD `author`
9
+
10
+ ## Reference date
11
+
12
+ **Scope locked**: 2026-05-10
13
+ **Source of truth**: `native-update` plugin v3.0.0 (`package.json`)
14
+
15
+ ---
16
+
17
+ ## What we're documenting (surface area)
18
+
19
+ ### 1. Plugin SDK — TypeScript API (`src/`)
20
+
21
+ **~30 public methods**, **~50 types/interfaces**, **11 events**, **10 enums**, split across 6 feature areas:
22
+
23
+ | Area | Methods | Notes |
24
+ |---|---|---|
25
+ | Live Update (OTA) | 20 — `sync`, `download`, `set`, `reload`, `reset`, `current`, `list`, `delete`, `notifyAppReady`, `getLatest`, `setChannel`, `setUpdateUrl`, `validateUpdate`, `checkForUpdate`, `downloadUpdate`, `applyUpdate`, `cancelDownload`, `cancelAllDownloads`, `isDownloading`, `getActiveDownloadCount` | Largest feature surface. Bundle lifecycle, channels, signing, rollback. |
26
+ | App Update (in-app, store-driven) | 5 — `getAppUpdateInfo`, `performImmediateUpdate`, `startFlexibleUpdate`, `completeFlexibleUpdate`, `openAppStore` | Wraps Play In-App Updates and iOS App Store check. |
27
+ | App Review | 2 — `requestReview`, `canRequestReview` | Wraps Play In-App Review and SKStoreReviewController. |
28
+ | Background Update | 8 — `enableBackgroundUpdates`, `disableBackgroundUpdates`, `getBackgroundUpdateStatus`, `scheduleBackgroundCheck`, `triggerBackgroundCheck`, `setNotificationPreferences`, `getNotificationPermissions`, `requestNotificationPermissions` | Battery-aware, network-aware silent updates. |
29
+ | Security | 1 — `getSecurityInfo` (+ ChecksumAlgorithm enum, certificate pinning config, 20+ error codes) | Bundle integrity, signing, HTTPS enforcement. |
30
+ | Core | 5 — `initialize`, `isInitialized`, `reset`, `cleanup`, `configure` | Plugin lifecycle. |
31
+
32
+ **Events** (via `addListener()`): `downloadProgress`, `updateStateChanged`, `backgroundUpdateProgress`, `backgroundUpdateNotification`, `appUpdateStateChanged`, `appUpdateProgress`, `appUpdateAvailable`, `appUpdateReady`, `appUpdateFailed`, `appUpdateNotificationClicked`, `appUpdateInstallClicked`.
33
+
34
+ **Power-user exports** (`src/index.ts`): `ConfigManager`, `Logger`, `SecurityValidator`, `PluginManager`, `CacheManager`, `BundleManager`, `DownloadManager`, `VersionManager`, `UpdateManager`, error classes (`NativeUpdateError`, `ConfigurationError`, `DownloadError`, `ValidationError`, `StorageError`, `UpdateErrorClass`), rollout/device-info types.
35
+
36
+ ### 2. CLI (`cli/commands/`) — 8 commands
37
+
38
+ | Command | Purpose |
39
+ |---|---|
40
+ | `init` | Scaffold native-update into an existing Capacitor project |
41
+ | `keys generate` | Generate RSA/ECDSA keypair for bundle signing |
42
+ | `bundle create` | Build a ZIP bundle from a built app dir (excludes node_modules, .git, .env) |
43
+ | `bundle sign` | Sign bundle with private key (SHA-256/512 + RSA/ECDSA) |
44
+ | `bundle verify` | Verify bundle signature with public key |
45
+ | `server start` | Start a local Express dev server for testing updates |
46
+ | `monitor` | Poll an update server and print available updates |
47
+ | `backend create` | Scaffold a Laravel + Nova backend (with greppable `TODO[SCAFFOLD-IMPLEMENT-BEFORE-DEPLOY]` markers) |
48
+
49
+ ### 3. Backend (`backend/` — Laravel 11 + Nova 5)
50
+
51
+ **API routes** (top-level groups):
52
+ - `/health` — liveness check
53
+ - `/v1/updates/check` — update check (public, signed)
54
+ - `/v1/analytics/{mau,download,install}` — anonymous usage telemetry
55
+ - `/v1/bundles/{build}/download` — bundle download (signed URL)
56
+ - `/dashboard/*` — admin panel (Firebase token required) — apps, builds, api-keys, signing-keys, stats, license management
57
+ - `/admin/*` — internal admin
58
+ - `/webhooks/paypal` — PayPal subscription webhook
59
+
60
+ **Nova resources** (22): App, User, Build, ApiKey, SigningKey, BuildChannel, BuildStatusFilter, UserStatusFilter, UserPlanFilter, ApiKeyStatusFilter, SigningKeyStatusFilter, ArchiveBuild, ActivateBuild, AssignLicense, DeprecateApiKey, RevokeApiKey, RevokeSigningKey, RotateSigningKey, SetCustomLimits, SuspendUser, UnsuspendUser, Resource (base).
61
+
62
+ ### 4. Platform-native implementations
63
+
64
+ - **Android** — 10 Kotlin files at `android/src/main/java/com/aoneahsan/nativeupdate/` (NativeUpdatePlugin, LiveUpdatePlugin, AppUpdatePlugin, AppReviewPlugin, BackgroundUpdatePlugin, SecurityManager, BackgroundUpdateWorker, BackgroundUpdateManager, BackgroundNotificationManager, NotificationActionReceiver). Manifest additions documented in `android/manifest-additions.xml`.
65
+ - **iOS** — 8 Swift files at `ios/Plugin/` (NativeUpdatePlugin, LiveUpdatePlugin, AppUpdatePlugin, AppReviewPlugin, BackgroundUpdatePlugin, SecurityManager, BackgroundNotificationManager, WebViewConfiguration). Pod published as `NativeUpdate.podspec`.
66
+ - **Web** — `src/web.ts` (browser fallback for development).
67
+
68
+ ### 5. Example apps (`example-apps/`)
69
+
70
+ | App | Stack | Demonstrates |
71
+ |---|---|---|
72
+ | `react-capacitor` | React + Vite + Capacitor 8 | Mobile OTA bundle workflow end-to-end |
73
+ | `node-express` | Node.js + Express | Minimal HTTP backend (`/api/updates/check`, `/api/bundles/upload`, bundle serving) |
74
+
75
+ ---
76
+
77
+ ## What we're NOT documenting in v1
78
+
79
+ - The hosted SaaS dashboard (https://nativeupdate.aoneahsan.com) — that's a marketing surface owned by `website/`, not the SDK docs.
80
+ - Internal Nova action implementation details — Nova is the user-facing surface; how each action is coded is implementation detail.
81
+ - Backend Laravel class internals beyond config + endpoints + setup — the backend is "reference implementation", not a teaching project.
82
+ - v1 / v2 history — single-version site, v3.x only. Migration documented in one page; older API never re-documented.
83
+
84
+ ---
85
+
86
+ ## Information architecture (Diátaxis-aligned)
87
+
88
+ | Quadrant | Section | Content |
89
+ |---|---|---|
90
+ | Tutorials (learning) | `tutorials/` | End-to-end first-update walkthrough; backend-first walkthrough |
91
+ | How-to guides (problems) | `how-to/` | Channel management; key rotation; rollback; CodePush migration; testing strategy; CI/CD pipelines |
92
+ | Reference (information) | `reference/sdk/`, `reference/cli/`, `reference/backend-api/` | Every method, type, event, command, endpoint |
93
+ | Explanation (understanding) | `concepts/` | How OTA updates work; bundle integrity; update strategies compared; architecture; security model |
94
+
95
+ Plus three top-level sections: `getting-started/` (intro, installation, quick start, configuration), `platforms/` (Android, iOS, Web specifics), `backend/` (Laravel self-host + Node-Express minimal).
96
+
97
+ ---
98
+
99
+ ## SEO / AEO targets
100
+
101
+ - **AI bots allowed in robots.txt** (GPTBot, ChatGPT-User, ClaudeBot, anthropic-ai, PerplexityBot, Google-Extended, CCBot, Applebot, Bingbot)
102
+ - `llms.txt` + `llms-full.txt` at site root
103
+ - Per-page JSON-LD: `WebSite`, `Organization`, `BreadcrumbList`, `TechArticle` (with `author`), `FAQPage` (where applicable), `HowTo` (tutorials)
104
+ - Sitemap auto-generated by `@docusaurus/plugin-sitemap`
105
+ - Open Graph + Twitter Card per page (Docusaurus config)
106
+ - Public GitHub repo (boosts crawl discoverability per the `seo-aeo-ranking.md` Wikipedia/GitHub presence rule)
107
+
108
+ ---
109
+
110
+ ## Author credits surfacing
111
+
112
+ Required everywhere a reader sees brand:
113
+ - Footer: "Built by [Ahsan Mahmood](https://aoneahsan.com)" with linkedin.com/in/aoneahsan, GitHub, npm links
114
+ - About / Credits page (`docs/about-the-author.md`)
115
+ - JSON-LD `author` on every TechArticle
116
+ - `package.json` author + `meta.author` Docusaurus tag
117
+ - README footer
118
+ - Hosted site footer
119
+
120
+ ---
121
+
122
+ ## Out-of-scope items the user has signalled future interest in
123
+
124
+ - Custom theme matching `website/` design system (deferred — chose default + brand colors for v1)
125
+ - Versioning (deferred until v4 ships)
126
+ - Internationalisation (no signal yet)
127
+ - Custom search beyond Docusaurus default — Algolia DocSearch can be added later
@@ -0,0 +1,235 @@
1
+ {
2
+ "$schema": "docs-site-tracker-v1",
3
+ "description": "Resumable tracker for the native-update Docusaurus documentation site project. Read first on every re-run of the docs-site prompt; honours the 7-day cooldown after full completion.",
4
+ "project": "native-update",
5
+ "docs_repo_path": "/home/ahsan/Documents/01-code/projects/native-update-docs/",
6
+ "docs_repo_remote": "TBD — created in Batch 10 (will be a public GitHub repo)",
7
+ "hosting": {
8
+ "platform": "Firebase Hosting (dedicated project)",
9
+ "firebase_project_id": "TBD — created in Batch 10",
10
+ "live_url": "TBD"
11
+ },
12
+ "scope_doc": "docs/docs-site/scope.md",
13
+ "plan_doc": "docs/docs-site/plan.md",
14
+ "total_batches": 10,
15
+ "current_batch": 10,
16
+ "progress_pct": 100,
17
+ "last_run": {
18
+ "started_at": "2026-05-10",
19
+ "status": "complete",
20
+ "completed_at": "2026-05-11",
21
+ "next_allowed_run_after": "2026-05-18",
22
+ "cooldown_days": 7,
23
+ "notes": "All 10 batches complete. Docs site is feature-complete with 58 pages plus deploy-ready discovery + SEO infrastructure. The Firebase Hosting deploy and the public GitHub repo creation are documented in native-update-docs/DEPLOY.md as user-actions — they require `firebase login` and `gh auth` against the user's accounts and cannot be automated from CI/agent context. Cooldown: 7-day soft gate before re-running this prompt. Override conditions: broken yarn build in sibling, published page 404/5xx, Lighthouse SEO drops below 95, production incident."
24
+ },
25
+ "batches": [
26
+ {
27
+ "id": 1,
28
+ "title": "Foundation & first pages",
29
+ "status": "completed",
30
+ "started_at": "2026-05-10",
31
+ "completed_at": "2026-05-10",
32
+ "skills_invoked": ["documentation-writer", "ai-seo", "copywriting"],
33
+ "deliverables": [
34
+ "native-update: docs/docs-site/scope.md",
35
+ "native-update: docs/docs-site/plan.md",
36
+ "native-update: docs/docs-site/tracker.json (this file)",
37
+ "native-update: root CLAUDE.md + AGENTS.md docs-site record",
38
+ "native-update-docs: package.json, tsconfig.json, docusaurus.config.ts, sidebars.ts, .gitignore, .editorconfig",
39
+ "native-update-docs: src/css/custom.css (brand palette + dark mode)",
40
+ "native-update-docs: src/pages/index.tsx (homepage)",
41
+ "native-update-docs: static/img/logo.svg, favicon.svg, social-card.svg",
42
+ "native-update-docs: static/robots.txt (skeleton)",
43
+ "native-update-docs: docs/intro.md, docs/getting-started/installation.md, docs/getting-started/quick-start.md",
44
+ "native-update-docs: docs/about-the-author.md",
45
+ "native-update-docs: README.md, CLAUDE.md, AGENTS.md",
46
+ "native-update-docs: git init + first commit",
47
+ "~/.dev-ports.json: register port 5960"
48
+ ],
49
+ "verification": "yarn build in sibling exits 0; folder structure matches sidebars.ts; homepage renders Ahsan author block",
50
+ "commit_native_update": "TBD",
51
+ "commit_docs_repo": "TBD"
52
+ },
53
+ {
54
+ "id": 2,
55
+ "title": "SDK Reference: Live Update (OTA)",
56
+ "status": "completed",
57
+ "started_at": "2026-05-10",
58
+ "completed_at": "2026-05-10",
59
+ "skills_invoked": ["documentation-writer", "ai-seo"],
60
+ "deliverables": [
61
+ "native-update-docs: docs/reference/sdk/live-update/overview.md (~1100 words, mental model, FAQ, mermaid state diagram)",
62
+ "native-update-docs: docs/reference/sdk/live-update/methods.md (~2500 words, all 20 methods grouped: sync/check, download, apply/rollback, inspect, configure, maintenance; signatures verbatim from src/definitions.ts)",
63
+ "native-update-docs: docs/reference/sdk/live-update/types.md (10 types: SyncOptions, SyncResult, DownloadOptions, DownloadUpdateOptions, BundleInfo, DeleteOptions, LatestVersion, CheckForUpdateResult, ValidateOptions, ValidationResult)",
64
+ "native-update-docs: docs/reference/sdk/live-update/enums.md (UpdateStrategy, UpdateMode, ChecksumAlgorithm, SyncStatus, BundleStatus + Live-Update subset of UpdateErrorCode)",
65
+ "native-update-docs: docs/reference/sdk/live-update/events.md (downloadProgress + updateStateChanged with cleanup pattern)",
66
+ "native-update-docs: docs/reference/sdk/live-update/config.md (LiveUpdateConfig field-by-field + recommended prod/dev examples)",
67
+ "native-update-docs: sidebars.ts — SDK Reference > Live Update (OTA) category active"
68
+ ],
69
+ "verification": "yarn build clean (no broken anchors after 2 explicit-id fixes); 6 pages reachable at /reference/sdk/live-update/*; explicit anchor IDs added for setChannel, setUpdateUrl, UpdateErrorCode to make slugs stable"
70
+ },
71
+ {
72
+ "id": 3,
73
+ "title": "SDK Reference: App Update + App Review",
74
+ "status": "completed",
75
+ "started_at": "2026-05-10",
76
+ "completed_at": "2026-05-10",
77
+ "skills_invoked": ["documentation-writer", "ai-seo"],
78
+ "deliverables": [
79
+ "native-update-docs: docs/reference/sdk/app-update/overview.md (mental model, when-to-use matrix, platform behaviour matrix Android/iOS/Web, Play priority 0-5 table, mermaid sequence diagram, 6-entry FAQ block)",
80
+ "native-update-docs: docs/reference/sdk/app-update/methods.md (all 5 methods: getAppUpdateInfo, performImmediateUpdate, startFlexibleUpdate, completeFlexibleUpdate, openAppStore — with platform notes, throws, examples)",
81
+ "native-update-docs: docs/reference/sdk/app-update/types.md (AppUpdateInfo with 10 fields + decision-matrix code; OpenAppStoreOptions)",
82
+ "native-update-docs: docs/reference/sdk/app-update/events.md (7 events: appUpdateStateChanged + appUpdateProgress + appUpdateAvailable + appUpdateReady + appUpdateFailed + appUpdateNotificationClicked + appUpdateInstallClicked; embeds InstallStatus enum reference)",
83
+ "native-update-docs: docs/reference/sdk/app-update/config.md (AppUpdateConfig field-by-field with prod recipe)",
84
+ "native-update-docs: docs/reference/sdk/app-review/overview.md (Apple 3-per-365 rule explained, default throttling table, mental model, 6-entry FAQ block)",
85
+ "native-update-docs: docs/reference/sdk/app-review/methods.md (canRequestReview + requestReview with the recommended call-site pattern; ReviewResult + CanRequestReviewResult inline)",
86
+ "native-update-docs: docs/reference/sdk/app-review/config.md (AppReviewConfig field-by-field; prod + dev recipes; Apple-throttle warning admonition)",
87
+ "native-update-docs: sidebars.ts — App Update + App Review categories activated under SDK Reference"
88
+ ],
89
+ "verification": "yarn build clean (one broken-link to Batch 4 background-update/overview was fixed by converting to italic placeholder); 8 new pages reachable at /reference/sdk/app-update/* and /reference/sdk/app-review/*"
90
+ },
91
+ {
92
+ "id": 4,
93
+ "title": "SDK Reference: Background Updates + Security + Core",
94
+ "status": "completed",
95
+ "started_at": "2026-05-11",
96
+ "completed_at": "2026-05-11",
97
+ "skills_invoked": ["documentation-writer", "ai-seo"],
98
+ "deliverables": [
99
+ "native-update-docs: docs/reference/sdk/background-update/overview.md (mental model, when-to-use matrix, platform behaviour matrix Android WorkManager / iOS BGTaskScheduler / Web, mermaid flowchart of OS-fired task gates, sample wiring, 6-entry FAQ explaining 'how often does this actually run')",
100
+ "native-update-docs: docs/reference/sdk/background-update/methods.md (all 8 methods: enableBackgroundUpdates, disableBackgroundUpdates, getBackgroundUpdateStatus, scheduleBackgroundCheck, triggerBackgroundCheck, setNotificationPreferences, getNotificationPermissions, requestNotificationPermissions; embedded BackgroundUpdateStatus + BackgroundCheckResult + NotificationPermissionStatus type tables)",
101
+ "native-update-docs: docs/reference/sdk/background-update/config.md (BackgroundUpdateConfig 12 fields + NotificationPreferences 10 fields + BackgroundUpdateType + NotificationPriority enums; production recipe; iOS Info.plist BGTaskSchedulerPermittedIdentifiers note)",
102
+ "native-update-docs: docs/reference/sdk/background-update/events.md (backgroundUpdateProgress + backgroundUpdateNotification with payloads, lifecycle, action flow; 'apply update on tap' example)",
103
+ "native-update-docs: docs/reference/sdk/security/overview.md (3-layer security model table, getSecurityInfo + SecurityInfo type, SecurityConfig field-by-field with deprecated secureStorage call-out, threat-model coverage table, 6-entry FAQ on key rotation + clock skew + at-rest encryption)",
104
+ "native-update-docs: docs/reference/sdk/security/error-codes.md (full UpdateErrorCode catalogue grouped by domain: network, download, security, install, permission, app-update, app-review, config; mapping to typed Error classes for instanceof checks)",
105
+ "native-update-docs: docs/reference/sdk/security/certificate-pinning.md (CertificatePinning + CertificatePin types, working OpenSSL recipe to extract SHA-256 SPKI pins, operational checklist with the two-pin rule, when-NOT-to-use guidance, 5-entry FAQ on Let's Encrypt + HPKP + captive portals)",
106
+ "native-update-docs: docs/reference/sdk/core/lifecycle.md (initialize, isInitialized, configure, reset, cleanup with mermaid state diagram of allowed transitions; clarification of the dual-meaning reset())",
107
+ "native-update-docs: docs/reference/sdk/core/config.md (PluginInitConfig — 24 fields grouped: server, live-update shorthand, download tuning, security, filesystem injection, native app-update/review, logging; ms-vs-seconds units gotcha highlighted; production recipe)",
108
+ "native-update-docs: sidebars.ts — Background Update + Security + Core categories activated under SDK Reference (SDK Reference section now complete)",
109
+ "native-update-docs: app-update/events.md — restored real link to background-update/overview (was Batch-3 italic placeholder)"
110
+ ],
111
+ "verification": "yarn build clean; 9 new pages render at /reference/sdk/background-update/* and /reference/sdk/security/* and /reference/sdk/core/*; total docs site now 27 pages; SDK Reference section feature-complete"
112
+ },
113
+ {
114
+ "id": 5,
115
+ "title": "CLI Reference",
116
+ "status": "completed",
117
+ "started_at": "2026-05-11",
118
+ "completed_at": "2026-05-11",
119
+ "skills_invoked": ["documentation-writer", "ai-seo"],
120
+ "deliverables": [
121
+ "native-update-docs: docs/reference/cli/overview.md (~1100 words — when-to-use matrix, install, quick-start workflow, exit codes, output conventions, default-artifact-locations table, what-the-CLI-does-NOT-do, FAQ)",
122
+ "native-update-docs: docs/reference/cli/init.md (interactive 4-prompt walkthrough, --example + --backend flags, generated config shape, common errors, limitations)",
123
+ "native-update-docs: docs/reference/cli/keys-generate.md (RSA 2048/4096 + EC P-256/P-384 matrix, output filenames + chmod 600, algorithm-choice guidance, rotation policy, install-public-key recipe)",
124
+ "native-update-docs: docs/reference/cli/bundle-create.md (flags table, examples, what-the-bundle-contains, safety refused-bundle list (node_modules/.git/.env*), reproducibility note, success output sample)",
125
+ "native-update-docs: docs/reference/cli/bundle-sign.md (RSA-SHA256, .sig sidecar JSON shape, signing in CI, common PEM errors, why backend must serve the sidecar)",
126
+ "native-update-docs: docs/reference/cli/bundle-verify.md (sidecar lookup convention, valid vs invalid output, CI release-gate pattern, how-verification-works step-by-step, limitations)",
127
+ "native-update-docs: docs/reference/cli/server-start.md (4 endpoints documented: /api/latest, /api/bundles, /bundles/<file>, /health; localhost-vs-LAN caveat; what-it-does-NOT-do block; stopping convention)",
128
+ "native-update-docs: docs/reference/cli/monitor.md (dashboard preview, expected /api/stats response shape, 5s polling + 5-failure bailout, SIGINT/SIGTERM handling, headless-mode limitation)",
129
+ "native-update-docs: docs/reference/cli/backend-create.md (express/firebase/vercel, SCAFFOLD_BANNER explained, TODO[SCAFFOLD-IMPLEMENT-BEFORE-DEPLOY] grep workflow, when-NOT-to-use guidance steering to example-apps/node-express + backend/)",
130
+ "native-update-docs: sidebars.ts — CLI Reference category active under SDK Reference; removed commented-out Batch-5 placeholder block"
131
+ ],
132
+ "verification": "yarn build clean (no broken-link errors after build); 9 new pages reachable at /reference/cli/*; build output verified via ls of build/reference/cli/ — all 9 .html files present"
133
+ },
134
+ {
135
+ "id": 6,
136
+ "title": "Backend setup guides",
137
+ "status": "completed",
138
+ "started_at": "2026-05-11",
139
+ "completed_at": "2026-05-11",
140
+ "skills_invoked": ["documentation-writer", "technical-writing"],
141
+ "deliverables": [
142
+ "native-update-docs: docs/backend/overview.md (~1300 words — what-the-backend-does endpoint table, three options matrix (Hosted SaaS / Self-host Laravel / Roll your own), how-to-choose chooser table, what-stays-the-same regardless of backend invariants block, next-steps fork)",
143
+ "native-update-docs: docs/backend/laravel-nova-self-host.md (~2400 words — what-you're-deploying overview, prerequisites (PHP 8.2+, MySQL/Postgres, Redis, supervisor), clone+install+build, env walk-through (APP_KEY / CORS / FIREBASE / NATIVE_UPDATE_FIREBASE_AUTO_CREATE / PAYPAL / ADMIN_EMAILS), schema notes (~14 tables — users/apps/builds/api_keys/signing_keys/analytics), four storage backends (FilesHub default, Drive, S3/R2, local), queue worker with sample systemd unit, optimize-cache sequence, Firebase token verification + clock-skew warning, Nova license auth.json, sample nginx vhost, smoke-test commands)",
144
+ "native-update-docs: docs/backend/node-express-minimal.md (~1700 words — what-it-implements vs what-it-doesn't (skips analytics), running locally, contract mapping endpoint-by-endpoint with code snippets pulled from the actual repo, what production needs vs what the example has (signing URLs, checksums, signatures, rate limiting), framework-translation guidance for Hono/Fastify/etc., when-to-graduate-from-this-example triggers)",
145
+ "native-update-docs: docs/backend/api-contract.md (~2100 words — full wire spec for 6 endpoints (health, /updates/check, /bundles/{id}/download, /analytics/mau, /analytics/download, /analytics/install), auth schemes table (API-key vs signed URL vs Firebase token), header tables, response shapes with field semantics, error envelope convention, field-naming-reminder block listing the 11 canonical fields that custom backends must NOT rename)",
146
+ "native-update-docs: docs/backend/nova-admin-overview.md (~1700 words — group structure (Content vs Security), tour of 5 resources (User/App/Build/ApiKey/SigningKey) with fields + relationships + actions + when-to-come-here use-cases, 10 Nova Actions reference table, AuthServiceProvider + admin-bypass `before` hooks pattern documented, what-Nova-is-NOT-for boundary block)",
147
+ "native-update-docs: sidebars.ts — Backend category activated; commented Batch-6 placeholder removed"
148
+ ],
149
+ "verification": "yarn build clean (no broken-link errors); 5 new pages reachable at /backend/*; ls of build/backend/ confirms api-contract.html + laravel-nova-self-host.html + node-express-minimal.html + nova-admin-overview.html + overview.html all generated"
150
+ },
151
+ {
152
+ "id": 7,
153
+ "title": "Platform guides (Android, iOS, Web)",
154
+ "status": "completed",
155
+ "started_at": "2026-05-11",
156
+ "completed_at": "2026-05-11",
157
+ "skills_invoked": ["documentation-writer", "technical-writing", "capacitor-best-practices"],
158
+ "deliverables": [
159
+ "native-update-docs: docs/platforms/android.md (~2100 words — Capacitor + gradle versions, 6 required permissions with sensitive vs non-sensitive breakdown and tools:node='remove' opt-out for non-background-update apps, manifest-additions <service> + <receiver> with explanation of tools:node='merge' and exported=false, WorkManager constraints (NetworkType.UNMETERED / setRequiresBatteryNotLow / setRequiresCharging) with Doze + App Standby caveats, Play Core 2.1.0 + Play Review 2.0.1 with internal-testing-track gotcha, network security config for cleartext localhost, ProGuard rules + likely failure modes, signing setup, Play Console rejection rules (merged-manifest sensitive permissions + foreground service notification requirement), edge-to-edge note, smoke-test commands with adb logcat filters)",
160
+ "native-update-docs: docs/platforms/ios.md (~2400 words — deployment target iOS 14, SPM vs CocoaPods, BGTaskSchedulerPermittedIdentifiers with two identifiers, UIBackgroundModes for background-app-refresh + background-processing, NSAppTransportSecurity with localhost exception pattern, PrivacyInfo.xcprivacy template covering UserDefaults CA92.1 + FileTimestamp C617.1, SKStoreReviewController throttling (Apple 3/365 + plugin's launches/days/lastPrompt knobs), App Store Review Guideline 2.5.2 compliance with rejection-reason examples and how the OTA flow stays inside the JS-in-WKWebView carve-out, Keychain accessibility level explanation, TestFlight + Xcode debugging tips with BGTaskScheduler LLDB simulate command, what-the-plugin-does-NOT-do block (no APNs, no force-update on iOS, no Watch/tvOS), smoke-test commands)",
161
+ "native-update-docs: docs/platforms/web.md (~1500 words — when web target activates, what-works method-by-method (configure/getSecurityInfo/current/list/delete/notifyAppReady/reload/setChannel/getLatest/openAppStore/requestReview), what's-stubbed throwing PLATFORM_NOT_SUPPORTED, service-worker update path with full register+message-passing code, three legitimate use cases (dev fallback, PWA deployment, E2E tests), three when-NOT-to-use callouts, configuration that affects web vs ignored fields, browser support matrix, smoke-test snippet)",
162
+ "native-update-docs: sidebars.ts — Platforms category activated; commented Batch-7 placeholder removed"
163
+ ],
164
+ "verification": "yarn build clean (no broken-link errors); 3 new pages reachable at /platforms/*; ls of build/platforms/ confirms android.html + ios.html + web.html generated; total docs site now 44 pages."
165
+ },
166
+ {
167
+ "id": 8,
168
+ "title": "Tutorials & how-to guides",
169
+ "status": "completed",
170
+ "started_at": "2026-05-11",
171
+ "completed_at": "2026-05-11",
172
+ "skills_invoked": ["documentation-writer", "ai-seo", "copywriting"],
173
+ "deliverables": [
174
+ "native-update-docs: docs/tutorials/first-ota-update.md (~1900 words — 10-step happy-path walkthrough: install plugin → keys generate → scaffold config → wire SDK into boot code → sign up on SaaS + create app + paste API key + register public key → bundle → sign → upload → device install + verify → ship a real visible-change update; explicit what-you-did-not-do block calling out channels/rollouts/CI/key-rotation/rollback as separate how-tos)",
175
+ "native-update-docs: docs/tutorials/backend-first-walkthrough.md (~1900 words — 13-step self-hosted Laravel + Nova walkthrough: clone+install → DB setup → .env walk-through → migrate → optimise+serve → Nova login with tinker-seed-admin-user pattern → first App + ApiKey + SigningKey → wire app to LAN → bundle/sign/upload → verify device trace through Laravel log; covers 10.0.2.2 vs localhost vs LAN-IP nuances)",
176
+ "native-update-docs: docs/how-to/manage-channels.md (~1100 words — channel model with production/staging/beta/canary table, declare channels on App, tag bundles at build time with --channel, switch device at runtime via setChannel(), build channel UI for internal users, promote-between-channels via re-upload vs re-tag, common pitfalls including reset()-after-setChannel and case-sensitive matching)",
177
+ "native-update-docs: docs/how-to/rotate-signing-keys.md (~1700 words — scheduled-rotation vs emergency-revoke split with how-the-installed-binary-pins-the-trusted-key explanation; 7-step multi-key transition with publicKey-as-array approach + 95%-app-store-adoption gate; 5-step emergency-revoke path with App Store / Play Store expedited-review note; three how-NOT-to-rotate anti-patterns)",
178
+ "native-update-docs: docs/how-to/roll-back-bundle.md (~1300 words — 3-layer strategy: automatic crash-rollback via notifyAppReady() 60s window, cohort-wide rollback via Rollout%=0 or Is_Active=false or downgrade-as-latest, explicit per-device NativeUpdate.rollback() with code; what gets recorded in the Build counters; what rollback does NOT do — native code, offline devices, downstream data)",
179
+ "native-update-docs: docs/how-to/migrate-from-codepush.md (~1700 words — App Center retirement context, concept-mapping table (deployment→channel, deployment-key→api-key, mandatoryInstallMode→bundle.mandatory etc.), 6-step migration with side-by-side phase, sync-option mapping table, common gotchas (mandatory updates work differently, no bundle diffs, signing now mandatory))",
180
+ "native-update-docs: docs/how-to/ci-cd-github-actions.md (~1600 words — production GitHub Actions workflow: secrets setup, full .github/workflows/ota-release.yml with concurrency block + umask + verify-as-release-gate + cleanup-always + workflow_dispatch channel chooser; manual-approval pattern via GitHub Environments; cache wisdom + gotchas; what's-not-included block — tests, versioning, notifications, rollback automation)",
181
+ "native-update-docs: docs/how-to/test-bundles-locally.md (~1500 words — three local-test loops in increasing fidelity: bundle-verify smoke test → native-update server start dev server → full LAN test with real backend; per-loop what-catches vs what-skips matrix; LAN setup with macOS+Linux IP discovery, Android cleartext config, iOS NSAllowsLocalNetworking; iteration-speed tips including version-badge component)",
182
+ "native-update-docs: sidebars.ts — Tutorials + How-to guides categories activated; commented Batch-8 placeholder removed"
183
+ ],
184
+ "verification": "yarn build clean (no broken-link errors); 8 new pages reachable at /tutorials/* + /how-to/*; ls of build/tutorials/ + build/how-to/ confirms all 8 .html files generated; total docs site now 52 pages."
185
+ },
186
+ {
187
+ "id": 9,
188
+ "title": "Concepts & explanations",
189
+ "status": "completed",
190
+ "started_at": "2026-05-11",
191
+ "completed_at": "2026-05-11",
192
+ "skills_invoked": ["documentation-writer", "ai-seo"],
193
+ "deliverables": [
194
+ "native-update-docs: docs/concepts/how-ota-updates-work.md (~2200 words — five-moving-parts framing, 11-step lifecycle from package→sign→upload→sync→server-decision→download→checksum→signature-verify→stage→atomic-swap→verify-or-rollback, why-this-design-not-simpler covering integrity+atomicity+reversibility constraints, what-OTA-gives-you-over-web-deployment)",
195
+ "native-update-docs: docs/concepts/bundle-integrity-and-signing.md (~1900 words — envelope-and-bag metaphor for two-layer model, what SHA-256 alone catches (bitflips, CDN swaps, server confusion), what SHA-256 does NOT (server-attested-checksum-attack), what signing adds, five-entity trust chain breakdown, what signing does NOT protect (private-key compromise, buggy bundles, replay, native code, leaked-but-unrevoked key, side channels), algorithm-choice rationale (RSA universal+deterministic+small-overhead))",
196
+ "native-update-docs: docs/concepts/update-strategies-compared.md (~1900 words — four-strategy comparison table with one-line decision tree, immediate/on-app-start/on-app-resume/manual deep-dives with user-experience consequences and three-legitimate-use-cases per strategy, background-updates-orthogonal-to-strategies explanation, what's-not-in-the-model (no minimum-age-before-apply, no must-apply-by deadline))",
197
+ "native-update-docs: docs/concepts/architecture.md (~2200 words — five-component overview (CLI, backend, object store, device SDK, dashboard), three mermaid diagrams (build-time flowchart, deploy-time sequence, runtime sequence), trust-boundaries diagram with four-zone breakdown (your-control / semi-exposed / device / hostile), how-the-pieces-version-together explaining SDK-via-app-store vs backend-via-redeploy intersection rule)",
198
+ "native-update-docs: docs/concepts/security-model.md (~2000 words — three-class threat model (passive observer / active MITM / compromised infrastructure), three-layer defense (transport HTTPS+pinning / content checksum+signature / runtime crash-rollback), explicit what's-in-scope vs what's-out-of-scope (private key compromise, dashboard auth compromise, malicious-but-signed bundles, supply-chain via deps, jailbroken devices, side channels, DoS), six operational assumptions the model depends on, regulated-industries note on FIPS+SOC2+air-gapped)",
199
+ "native-update-docs: docs/concepts/error-handling-philosophy.md (~1800 words — fail-closed-on-correctness vs fail-open-on-availability framing, list of what-fails-closed (signature, checksum, HTTPS-in-prod, plugin-not-initialised, required-fields) vs what-fails-open (analytics writes, background scheduling, notification rendering, optional callbacks), typed-error-codes-everywhere with switch-on-code example, host-app-must-keep-running rule with safeBootstrapOta pattern, calibration rationale for 60s notifyAppReady window + 30min signed-URL TTL)",
200
+ "native-update-docs: sidebars.ts — Concepts category activated; commented Batch-9 placeholder removed"
201
+ ],
202
+ "verification": "yarn build clean (no broken-link errors); 6 new pages reachable at /concepts/*; ls of build/concepts/ confirms architecture.html + bundle-integrity-and-signing.html + error-handling-philosophy.html + how-ota-updates-work.html + security-model.html + update-strategies-compared.html generated; mermaid diagrams rendered (theme already enabled in docusaurus.config.ts); total docs site now 58 pages."
203
+ },
204
+ {
205
+ "id": 10,
206
+ "title": "SEO + Firebase deploy + GitHub publish",
207
+ "status": "completed",
208
+ "started_at": "2026-05-11",
209
+ "completed_at": "2026-05-11",
210
+ "skills_invoked": ["ai-seo", "firebase-hosting-basics"],
211
+ "deliverables": [
212
+ "native-update-docs: static/robots.txt — 30+ AI-bot allow list (Googlebot, Bingbot, DuckDuckBot, Applebot, YandexBot, Baiduspider, Slurp, GPTBot, ChatGPT-User, OAI-SearchBot, ClaudeBot, anthropic-ai, Claude-Web, PerplexityBot, Perplexity-User, Google-Extended, Applebot-Extended, YouBot, CCBot, Diffbot, cohere-ai/cohere-training-data-crawler, Meta-ExternalAgent, FacebookBot, Amazonbot, MistralAI-User) + 8-bot block list (Ahrefs/Semrush/MJ12/Dot/BLEX/Petal/serpstat/SiteAudit) + Sitemap directive",
213
+ "native-update-docs: static/llms.txt (9.6 KB) — llmstxt.org-format structured index covering all 58 pages grouped by Diátaxis quadrant (Tutorials, How-to, SDK Reference subsections, CLI Reference, Backend, Platforms, Concepts), with absolute URLs ready for LLM consumption",
214
+ "native-update-docs: static/llms-full.txt (15.4 KB) — single-document long-form summary covering project facts, four feature areas, 11-step OTA lifecycle, wire contract, CLI commands, three backend options, platform requirements per Android/iOS/Web, security model, update strategies, error handling philosophy, performance defaults, CodePush migration mapping, author contact",
215
+ "native-update-docs: static/humans.txt — team/thanks/site credits per humanstxt.org convention",
216
+ "native-update-docs: static/.well-known/security.txt (RFC 9116) — Contact / Expires (2027-05-11) / Preferred-Languages / Canonical / Policy fields plus inline responsible-disclosure policy",
217
+ "native-update-docs: static/sitemap-index.json — machine-readable section index complementing sitemap.xml; lists 8 content hubs with page counts and Diátaxis-type tags; discovery file URLs for sitemap/robots/llms/humans/security",
218
+ "native-update-docs: docusaurus.config.ts — headTags array with canonical link, RSS alternate, theme-color, application-name + 3 application/ld+json blocks (WebSite with publisher Person, SoftwareApplication with offers + softwareVersion 3.0.0 + license, Organization with sameAs network); themeConfig.metadata extended with description fallback, expanded keywords (15 terms), max-image-preview:large robots meta, twitter:site, og:locale, og:image:width/height, article:author",
219
+ "native-update-docs: firebase.json — public=build, cleanUrls, SPA-style 404 rewrite, Cache-Control immutable for assets (jpg|png|svg|js|css|woff2 = 1 year), HTML 5min, robots/sitemap/llms.txt 1hr, security headers (X-Content-Type-Options nosniff, Referrer-Policy strict-origin-when-cross-origin, Permissions-Policy, Strict-Transport-Security HSTS 1yr+preload)",
220
+ "native-update-docs: .firebaserc — default project 'native-update-docs'",
221
+ "native-update-docs: package.json — added firebase:emulate / firebase:deploy / firebase:deploy:preview yarn scripts (use npx -y firebase-tools@latest per global CLAUDE.md Firebase rule); removed default docusaurus deploy script (Firebase replaces GitHub Pages)",
222
+ "native-update-docs: DEPLOY.md — 6-section deploy runbook covering prerequisites, one-time GitHub publish via gh CLI, one-time Firebase project create + custom domain DNS, recurring deploy workflow with preview channels, post-deploy Google Search Console + Bing Webmaster Tools submission, healthcheck curl commands, freshness cycle, troubleshooting for 5 common failure modes"
223
+ ],
224
+ "verification": "yarn typecheck clean; yarn build clean — 6 discovery files materialised in build/ (robots.txt 2.6KB, llms.txt 9.7KB, llms-full.txt 15.4KB, humans.txt 0.9KB, sitemap.xml 10.6KB, sitemap-index.json 2.9KB) plus build/.well-known/security.txt; build/index.html contains 3 application/ld+json blocks (WebSite + SoftwareApplication + Organization) + canonical link + new robots/theme-color/twitter:site meta tags verified by grep. Firebase deploy + GitHub publish are user-actions documented in DEPLOY.md (require user-account auth)."
225
+ }
226
+ ],
227
+ "resume_protocol": "On every re-run of the docs-site prompt: read this file FIRST. If last_run.status=='complete' AND today<next_allowed_run_after, skip and tell the user the date. If 'in_progress', find lowest-indexed batch with status!='completed' and resume there. After Batch 10, set status='complete', completed_at=today, next_allowed_run_after=today+7d.",
228
+ "override_conditions": [
229
+ "Explicit user bypass",
230
+ "yarn build broken in sibling repo",
231
+ "Published page returns 404 or 5xx",
232
+ "Lighthouse SEO drops below 95",
233
+ "Production incident affecting users"
234
+ ]
235
+ }
@@ -0,0 +1,37 @@
1
+ # Error Handling Tracking (R-023)
2
+
3
+ This registry lists every component, page, hook, or service that wires errors into the centralised `trackError` (`website/src/lib/errorTracking.ts`). Every new feature added MUST add itself here.
4
+
5
+ **Service:** `website/src/lib/errorTracking.ts`
6
+ **Destinations:** Firebase Analytics (always on if Firebase keys present) + Sentry / Microsoft Clarity / Amplitude (off until their env keys are set)
7
+
8
+ **Last audited:** 2026-04-25
9
+
10
+ | Path | Type | Wired? | Notes |
11
+ |---|---|---|---|
12
+ | `src/components/ErrorBoundary.tsx` | Component | Pending | Top-level error boundary should call `trackError` in `componentDidCatch` — incremental migration. |
13
+ | `src/services/auth-service.ts` | Service | Pending | Wrap Firebase auth errors. |
14
+ | `src/services/google-drive-service.ts` | Service | Pending | OAuth + Drive API errors. |
15
+ | `src/services/bundle-upload-service.ts` | Service | Pending | Upload failures, integrity verification failures. |
16
+ | `src/services/manifest-generator.ts` | Service | Pending | Manifest assembly errors. |
17
+ | `src/lib/analytics.ts` | Service | N/A | Analytics; uses its own internal logger swallow. |
18
+ | `src/lib/firebase.ts` | Service | N/A | Init-time only — failure here is rendered by the app shell. |
19
+
20
+ ## How to wire a new module
21
+
22
+ ```ts
23
+ import { trackError } from '@/lib/errorTracking';
24
+
25
+ try {
26
+ await doRiskyThing();
27
+ } catch (err) {
28
+ trackError(err, { surface: 'upload', step: 'verify_checksum' });
29
+ throw err; // rethrow so callers see the failure too
30
+ }
31
+ ```
32
+
33
+ ## Env keys
34
+
35
+ - `VITE_SENTRY_DSN` — when set + `@sentry/browser` installed, errors flow to Sentry
36
+ - `VITE_CLARITY_PROJECT_ID` — when set + Clarity script loaded, last error pinned to session
37
+ - `VITE_AMPLITUDE_API_KEY` — when set + Amplitude script loaded, errors emitted as `app_error` events