native-update 1.4.9 → 3.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (265) hide show
  1. package/Readme.md +35 -9
  2. package/android/manifest-additions.xml +28 -0
  3. package/android/src/main/AndroidManifest.xml +3 -7
  4. package/android/src/main/java/com/aoneahsan/nativeupdate/BackgroundNotificationManager.kt +21 -13
  5. package/android/src/main/java/com/aoneahsan/nativeupdate/BackgroundUpdatePlugin.kt +15 -0
  6. package/android/src/main/java/com/aoneahsan/nativeupdate/BackgroundUpdateWorker.kt +23 -7
  7. package/android/src/main/java/com/aoneahsan/nativeupdate/LiveUpdatePlugin.kt +346 -31
  8. package/android/src/main/java/com/aoneahsan/nativeupdate/NativeUpdatePlugin.kt +32 -34
  9. package/android/src/main/java/com/aoneahsan/nativeupdate/NotificationActionReceiver.kt +10 -1
  10. package/android/src/main/java/com/aoneahsan/nativeupdate/SecurityManager.kt +18 -18
  11. package/cli/AGENTS.md +43 -0
  12. package/cli/CLAUDE.md +65 -0
  13. package/cli/commands/backend-create.js +56 -15
  14. package/cli/commands/bundle-create.js +39 -7
  15. package/cli/commands/monitor.js +72 -51
  16. package/cli/index.js +10 -24
  17. package/cli/package.json +11 -3
  18. package/dist/esm/app-review/app-review-manager.js +0 -1
  19. package/dist/esm/app-review/index.js +0 -1
  20. package/dist/esm/app-review/platform-review-handler.js +0 -1
  21. package/dist/esm/app-review/review-conditions-checker.js +0 -1
  22. package/dist/esm/app-review/review-rate-limiter.js +0 -1
  23. package/dist/esm/app-review/types.js +0 -1
  24. package/dist/esm/app-update/app-update-checker.js +0 -1
  25. package/dist/esm/app-update/app-update-installer.d.ts +1 -0
  26. package/dist/esm/app-update/app-update-installer.js +19 -8
  27. package/dist/esm/app-update/app-update-manager.js +0 -1
  28. package/dist/esm/app-update/app-update-notifier.js +0 -1
  29. package/dist/esm/app-update/index.js +0 -1
  30. package/dist/esm/app-update/platform-app-update.js +12 -3
  31. package/dist/esm/app-update/types.js +0 -1
  32. package/dist/esm/background-update/background-scheduler.js +0 -1
  33. package/dist/esm/background-update/index.js +0 -1
  34. package/dist/esm/background-update/notification-manager.js +0 -1
  35. package/dist/esm/config/support.js +0 -1
  36. package/dist/esm/core/analytics.d.ts +13 -0
  37. package/dist/esm/core/analytics.js +15 -1
  38. package/dist/esm/core/cache-manager.js +0 -1
  39. package/dist/esm/core/config.d.ts +6 -30
  40. package/dist/esm/core/config.js +1 -8
  41. package/dist/esm/core/errors.d.ts +1 -0
  42. package/dist/esm/core/errors.js +1 -1
  43. package/dist/esm/core/event-emitter.d.ts +0 -3
  44. package/dist/esm/core/event-emitter.js +8 -3
  45. package/dist/esm/core/logger.js +0 -1
  46. package/dist/esm/core/performance.js +0 -1
  47. package/dist/esm/core/plugin-manager.js +3 -1
  48. package/dist/esm/core/security.d.ts +22 -3
  49. package/dist/esm/core/security.js +46 -7
  50. package/dist/esm/definitions.d.ts +13 -40
  51. package/dist/esm/definitions.js +0 -1
  52. package/dist/esm/index.d.ts +3 -4
  53. package/dist/esm/index.js +3 -3
  54. package/dist/esm/live-update/bundle-manager.d.ts +8 -0
  55. package/dist/esm/live-update/bundle-manager.js +20 -1
  56. package/dist/esm/live-update/certificate-pinning.js +0 -1
  57. package/dist/esm/live-update/delta-processor.d.ts +1 -1
  58. package/dist/esm/live-update/delta-processor.js +3 -1
  59. package/dist/esm/live-update/download-manager.d.ts +36 -5
  60. package/dist/esm/live-update/download-manager.js +70 -24
  61. package/dist/esm/live-update/rollout-checker.d.ts +1 -1
  62. package/dist/esm/live-update/rollout-checker.js +5 -6
  63. package/dist/esm/live-update/update-manager.d.ts +12 -1
  64. package/dist/esm/live-update/update-manager.js +38 -11
  65. package/dist/esm/live-update/version-manager.d.ts +9 -12
  66. package/dist/esm/live-update/version-manager.js +40 -68
  67. package/dist/esm/plugin.js +82 -89
  68. package/dist/esm/security/crypto.js +11 -7
  69. package/dist/esm/security/validator.js +0 -1
  70. package/dist/esm/types/rollout.d.ts +85 -0
  71. package/dist/esm/types/rollout.js +25 -0
  72. package/dist/esm/web.d.ts +26 -1
  73. package/dist/esm/web.js +214 -75
  74. package/dist/plugin.cjs.js +1 -2
  75. package/dist/plugin.esm.js +1 -2
  76. package/dist/plugin.js +2 -3
  77. package/docs/AGENTS.md +38 -0
  78. package/docs/CHANGELOG.md +275 -0
  79. package/docs/CLAUDE.md +101 -0
  80. package/docs/MANUAL-TASKS.md +17 -0
  81. package/docs/MARKETING_WEBSITE_TRACKER.md +18 -2
  82. package/docs/MIGRATION.md +170 -0
  83. package/docs/PACKAGES.md +167 -0
  84. package/docs/PERFORMANCE.md +110 -0
  85. package/docs/PROJECT_COMPLETION_TRACKER.md +4 -35
  86. package/docs/README.md +12 -2
  87. package/docs/REMAINING_FEATURES.md +123 -76
  88. package/docs/ROADMAP.md +200 -120
  89. package/docs/SECURITY-IF-REPO-PUBLIC.md +232 -0
  90. package/docs/TESTING_REQUIREMENTS.md +1 -112
  91. package/docs/ai-knowledge-base/00-project-profile.md +38 -0
  92. package/docs/ai-knowledge-base/01-features.md +46 -0
  93. package/docs/ai-knowledge-base/02-routes.md +72 -0
  94. package/docs/ai-knowledge-base/03-tech-stack.md +57 -0
  95. package/docs/ai-knowledge-base/README.md +23 -0
  96. package/docs/analytics-tracking.md +37 -0
  97. package/docs/capacitor-official-plugins.md +46 -0
  98. package/docs/capawesome-plugins.md +29 -0
  99. package/docs/deployment/HOSTINGER_DEPLOY.md +370 -0
  100. package/docs/deployment/PRODUCTION-DEPLOY-CHECKLIST.md +184 -0
  101. package/docs/docs-site/plan.md +201 -0
  102. package/docs/docs-site/scope.md +127 -0
  103. package/docs/docs-site/tracker.json +235 -0
  104. package/docs/error-handling-tracking.md +37 -0
  105. package/docs/features/laravel-nova-backend/ASSESSMENT-SUMMARY.md +96 -0
  106. package/docs/features/laravel-nova-backend/IMPLEMENTATION-PLAN.md +504 -0
  107. package/docs/features/laravel-nova-backend/progress-tracker.json +184 -0
  108. package/docs/guides/testing-guide.md +15 -41
  109. package/docs/package-audit.md +41 -0
  110. package/docs/play-store/ASO-METADATA.md +5 -0
  111. package/docs/play-store/DATA-SAFETY.md +5 -0
  112. package/docs/play-store/DECLARATIONS.md +5 -0
  113. package/docs/play-store/README.md +27 -0
  114. package/docs/play-store/RELEASE-NOTES.md +99 -0
  115. package/docs/play-store/RELEASE-STEPS.md +6 -0
  116. package/docs/play-store/STORE-LISTING.md +7 -0
  117. package/docs/play-store/SUBMISSION-CHECKLIST.md +5 -0
  118. package/docs/production-readiness.md +1 -1
  119. package/docs/project-audit/2026-05-16/00-FINALIZATION-PLAN.md +123 -0
  120. package/docs/project-audit/2026-05-16/01-BATCH-PLAN.md +227 -0
  121. package/docs/project-audit/2026-05-16/02-AUDIT-FINDINGS.md +144 -0
  122. package/docs/project-audit/2026-05-16/sessions/batch-01.md +42 -0
  123. package/docs/project-audit/2026-05-16/sessions/batch-02.md +74 -0
  124. package/docs/project-audit/2026-05-16/sessions/batch-03.md +71 -0
  125. package/docs/project-audit/2026-05-16/sessions/batch-04.md +88 -0
  126. package/docs/project-audit/2026-05-16/sessions/batch-05.md +63 -0
  127. package/docs/project-audit/2026-05-16/sessions/batch-06.md +103 -0
  128. package/docs/project-audit/2026-05-16/sessions/batch-07.md +61 -0
  129. package/docs/project-audit/2026-05-16/sessions/batch-08.md +101 -0
  130. package/docs/project-audit/2026-05-16/sessions/batch-09.md +105 -0
  131. package/docs/project-audit/2026-05-16/sessions/batch-10.md +102 -0
  132. package/docs/project-audit/AUDIT-HISTORY.md +74 -0
  133. package/docs/project-audit/BATCH-PLAN.md +168 -0
  134. package/docs/project-audit/MARKETING-WEBSITE-FINDINGS-2026-05-11.md +73 -0
  135. package/docs/project-audit/PRODUCTION-READINESS-AUDIT-2026-05-08.md +275 -0
  136. package/docs/project-finalization/00-tracker.json +60 -0
  137. package/docs/project-knowledge-base/01-system-overview.md +227 -0
  138. package/docs/project-knowledge-base/02-routes-pages-forms-users.md +352 -0
  139. package/docs/project-knowledge-base/03-tech-stack-modules-services.md +379 -0
  140. package/docs/project-knowledge-base/04-data-models-integrations.md +244 -0
  141. package/docs/project-knowledge-base/05-docs-corpus-inventory.md +256 -0
  142. package/docs/project-knowledge-base/06-operations-testing-legal-content.md +208 -0
  143. package/docs/project-knowledge-base/README.md +103 -0
  144. package/docs/project-profiles/native-update-capacitor-update-platform-project-profile-last-updated-2026-05-19.md +81 -0
  145. package/docs/rules-tracker.md +102 -0
  146. package/docs/security/PRE-LAUNCH-PENTEST-CHECKLIST.md +116 -0
  147. package/docs/seo-aeo-rules.json +3043 -0
  148. package/docs/social-media-marketing/README.md +81 -0
  149. package/docs/social-media-marketing/posts-batch-01.md +613 -0
  150. package/docs/social-media-marketing/posts-batch-02.md +528 -0
  151. package/docs/social-media-marketing/whatsapp-messages-batch-01.md +458 -0
  152. package/docs/social-media-marketing/whatsapp-status-batch-01.md +355 -0
  153. package/docs/tracking/finalization-2026-05-16-tracker.json +346 -0
  154. package/docs/tracking/full-audit-tracker.json +121 -0
  155. package/docs/tracking/production-readiness-audit-tracker.json +429 -0
  156. package/docs/tracking/seo-checklist-tracker.json +333 -0
  157. package/ios/Plugin/BackgroundUpdate/BackgroundUpdatePlugin.swift +66 -9
  158. package/ios/Plugin/LiveUpdate/LiveUpdatePlugin.swift +306 -52
  159. package/ios/Plugin/NativeUpdatePlugin.swift +22 -9
  160. package/ios/Plugin/Security/SecurityManager.swift +13 -14
  161. package/package.json +37 -38
  162. package/cli/node_modules/.yarn-integrity +0 -16
  163. package/cli/node_modules/commander/LICENSE +0 -22
  164. package/cli/node_modules/commander/Readme.md +0 -1148
  165. package/cli/node_modules/commander/esm.mjs +0 -16
  166. package/cli/node_modules/commander/index.js +0 -26
  167. package/cli/node_modules/commander/lib/argument.js +0 -145
  168. package/cli/node_modules/commander/lib/command.js +0 -2179
  169. package/cli/node_modules/commander/lib/error.js +0 -43
  170. package/cli/node_modules/commander/lib/help.js +0 -462
  171. package/cli/node_modules/commander/lib/option.js +0 -329
  172. package/cli/node_modules/commander/lib/suggestSimilar.js +0 -100
  173. package/cli/node_modules/commander/package-support.json +0 -16
  174. package/cli/node_modules/commander/package.json +0 -80
  175. package/cli/node_modules/commander/typings/esm.d.mts +0 -3
  176. package/cli/node_modules/commander/typings/index.d.ts +0 -884
  177. package/cli/yarn.lock +0 -8
  178. package/dist/esm/__tests__/bundle-manager.test.d.ts +0 -1
  179. package/dist/esm/__tests__/bundle-manager.test.js +0 -151
  180. package/dist/esm/__tests__/bundle-manager.test.js.map +0 -1
  181. package/dist/esm/__tests__/config.test.d.ts +0 -1
  182. package/dist/esm/__tests__/config.test.js +0 -70
  183. package/dist/esm/__tests__/config.test.js.map +0 -1
  184. package/dist/esm/__tests__/delta-processor.test.d.ts +0 -1
  185. package/dist/esm/__tests__/delta-processor.test.js +0 -77
  186. package/dist/esm/__tests__/delta-processor.test.js.map +0 -1
  187. package/dist/esm/__tests__/firestore-schema.test.d.ts +0 -1
  188. package/dist/esm/__tests__/firestore-schema.test.js +0 -74
  189. package/dist/esm/__tests__/firestore-schema.test.js.map +0 -1
  190. package/dist/esm/__tests__/integration.test.d.ts +0 -1
  191. package/dist/esm/__tests__/integration.test.js +0 -78
  192. package/dist/esm/__tests__/integration.test.js.map +0 -1
  193. package/dist/esm/__tests__/manifest-reader.test.d.ts +0 -1
  194. package/dist/esm/__tests__/manifest-reader.test.js +0 -271
  195. package/dist/esm/__tests__/manifest-reader.test.js.map +0 -1
  196. package/dist/esm/__tests__/rollout-checker.test.d.ts +0 -1
  197. package/dist/esm/__tests__/rollout-checker.test.js +0 -210
  198. package/dist/esm/__tests__/rollout-checker.test.js.map +0 -1
  199. package/dist/esm/__tests__/security.test.d.ts +0 -1
  200. package/dist/esm/__tests__/security.test.js +0 -54
  201. package/dist/esm/__tests__/security.test.js.map +0 -1
  202. package/dist/esm/__tests__/version-manager.test.d.ts +0 -1
  203. package/dist/esm/__tests__/version-manager.test.js +0 -45
  204. package/dist/esm/__tests__/version-manager.test.js.map +0 -1
  205. package/dist/esm/app-review/app-review-manager.js.map +0 -1
  206. package/dist/esm/app-review/index.js.map +0 -1
  207. package/dist/esm/app-review/platform-review-handler.js.map +0 -1
  208. package/dist/esm/app-review/review-conditions-checker.js.map +0 -1
  209. package/dist/esm/app-review/review-rate-limiter.js.map +0 -1
  210. package/dist/esm/app-review/types.js.map +0 -1
  211. package/dist/esm/app-update/app-update-checker.js.map +0 -1
  212. package/dist/esm/app-update/app-update-installer.js.map +0 -1
  213. package/dist/esm/app-update/app-update-manager.js.map +0 -1
  214. package/dist/esm/app-update/app-update-notifier.js.map +0 -1
  215. package/dist/esm/app-update/index.js.map +0 -1
  216. package/dist/esm/app-update/platform-app-update.js.map +0 -1
  217. package/dist/esm/app-update/types.js.map +0 -1
  218. package/dist/esm/background-update/background-scheduler.js.map +0 -1
  219. package/dist/esm/background-update/index.js.map +0 -1
  220. package/dist/esm/background-update/notification-manager.js.map +0 -1
  221. package/dist/esm/config/support.js.map +0 -1
  222. package/dist/esm/core/analytics.js.map +0 -1
  223. package/dist/esm/core/cache-manager.js.map +0 -1
  224. package/dist/esm/core/config.js.map +0 -1
  225. package/dist/esm/core/errors.js.map +0 -1
  226. package/dist/esm/core/event-emitter.js.map +0 -1
  227. package/dist/esm/core/logger.js.map +0 -1
  228. package/dist/esm/core/performance.js.map +0 -1
  229. package/dist/esm/core/plugin-manager.js.map +0 -1
  230. package/dist/esm/core/security.js.map +0 -1
  231. package/dist/esm/definitions.js.map +0 -1
  232. package/dist/esm/firestore/firestore-client.d.ts +0 -109
  233. package/dist/esm/firestore/firestore-client.js +0 -264
  234. package/dist/esm/firestore/firestore-client.js.map +0 -1
  235. package/dist/esm/firestore/index.d.ts +0 -11
  236. package/dist/esm/firestore/index.js +0 -11
  237. package/dist/esm/firestore/index.js.map +0 -1
  238. package/dist/esm/firestore/manifest-reader.d.ts +0 -87
  239. package/dist/esm/firestore/manifest-reader.js +0 -294
  240. package/dist/esm/firestore/manifest-reader.js.map +0 -1
  241. package/dist/esm/firestore/schema.d.ts +0 -507
  242. package/dist/esm/firestore/schema.js +0 -73
  243. package/dist/esm/firestore/schema.js.map +0 -1
  244. package/dist/esm/index.js.map +0 -1
  245. package/dist/esm/live-update/bundle-manager.js.map +0 -1
  246. package/dist/esm/live-update/certificate-pinning.js.map +0 -1
  247. package/dist/esm/live-update/delta-processor.js.map +0 -1
  248. package/dist/esm/live-update/download-manager.js.map +0 -1
  249. package/dist/esm/live-update/rollout-checker.js.map +0 -1
  250. package/dist/esm/live-update/update-manager.js.map +0 -1
  251. package/dist/esm/live-update/version-manager.js.map +0 -1
  252. package/dist/esm/plugin.js.map +0 -1
  253. package/dist/esm/security/crypto.js.map +0 -1
  254. package/dist/esm/security/validator.js.map +0 -1
  255. package/dist/esm/web.js.map +0 -1
  256. package/dist/plugin.cjs.js.map +0 -1
  257. package/dist/plugin.esm.js.map +0 -1
  258. package/dist/plugin.js.map +0 -1
  259. package/docs/FIREBASE_INTEGRATION_TRACKER.md +0 -321
  260. package/docs/FIREBASE_QUERIES_AND_INDEXES_AUDIT.md +0 -221
  261. package/docs/examples/firebase-backend-example.md +0 -27
  262. package/docs/guides/no-cost-backend-implementation-plan.md +0 -77
  263. package/docs/guides/no-cost-firestore-google-drive-backend.md +0 -60
  264. package/docs/play-console-rejection-rules.json +0 -428
  265. /package/docs/{MARKETING_WEBSITE_PLAN.md → archive/MARKETING_WEBSITE_PLAN.md} +0 -0
@@ -2,7 +2,7 @@ import { Logger } from '../core/logger';
2
2
  import { AppUpdateInstallStatus, } from './types';
3
3
  export class AppUpdateInstaller {
4
4
  constructor(_) {
5
- // config parameter is kept for compatibility but not used
5
+ this.flexibleUpdateInterval = null;
6
6
  this.logger = new Logger('AppUpdateInstaller');
7
7
  this.currentState = {
8
8
  installStatus: AppUpdateInstallStatus.UNKNOWN,
@@ -67,6 +67,13 @@ export class AppUpdateInstaller {
67
67
  }
68
68
  async cancelUpdate() {
69
69
  this.logger.log('Cancelling update');
70
+ // Stop the simulated download interval. Without this, the interval
71
+ // runs forever even after cancel because the only previous exit was
72
+ // a "download finished" branch.
73
+ if (this.flexibleUpdateInterval) {
74
+ clearInterval(this.flexibleUpdateInterval);
75
+ this.flexibleUpdateInterval = null;
76
+ }
70
77
  if (this.currentState.installStatus === AppUpdateInstallStatus.DOWNLOADING) {
71
78
  this.updateState(AppUpdateInstallStatus.CANCELED);
72
79
  }
@@ -85,22 +92,27 @@ export class AppUpdateInstaller {
85
92
  this.logger.log('Update state changed', this.currentState);
86
93
  }
87
94
  simulateFlexibleUpdate() {
88
- // Simulate download progress for web platform
89
95
  let downloaded = 0;
90
- const totalSize = 50 * 1024 * 1024; // 50MB
91
- const chunkSize = 1024 * 1024; // 1MB per tick
92
- const interval = setInterval(() => {
96
+ const totalSize = 50 * 1024 * 1024;
97
+ const chunkSize = 1024 * 1024;
98
+ if (this.flexibleUpdateInterval) {
99
+ clearInterval(this.flexibleUpdateInterval);
100
+ }
101
+ this.flexibleUpdateInterval = setInterval(() => {
93
102
  downloaded += chunkSize;
94
103
  if (downloaded >= totalSize) {
95
104
  downloaded = totalSize;
96
- clearInterval(interval);
105
+ if (this.flexibleUpdateInterval) {
106
+ clearInterval(this.flexibleUpdateInterval);
107
+ this.flexibleUpdateInterval = null;
108
+ }
97
109
  this.updateState(AppUpdateInstallStatus.DOWNLOADED);
98
110
  }
99
111
  const progress = {
100
112
  bytesDownloaded: downloaded,
101
113
  totalBytesToDownload: totalSize,
102
114
  percentComplete: Math.round((downloaded / totalSize) * 100),
103
- downloadSpeed: chunkSize, // 1MB/s
115
+ downloadSpeed: chunkSize,
104
116
  estimatedTime: Math.ceil((totalSize - downloaded) / chunkSize),
105
117
  };
106
118
  if (this.progressCallback) {
@@ -120,4 +132,3 @@ export class AppUpdateInstaller {
120
132
  return !this.isAndroid() && !this.isIOS();
121
133
  }
122
134
  }
123
- //# sourceMappingURL=app-update-installer.js.map
@@ -196,4 +196,3 @@ export class AppUpdateManager {
196
196
  return Object.assign(Object.assign(Object.assign({}, nativeInfo), serverInfo), { updateAvailable: nativeInfo.updateAvailable || !!serverInfo.availableVersion, availableVersion: serverInfo.availableVersion || nativeInfo.availableVersion });
197
197
  }
198
198
  }
199
- //# sourceMappingURL=app-update-manager.js.map
@@ -97,4 +97,3 @@ export class AppUpdateNotifier {
97
97
  }
98
98
  }
99
99
  }
100
- //# sourceMappingURL=app-update-notifier.js.map
@@ -4,4 +4,3 @@ export { AppUpdateInstaller } from './app-update-installer';
4
4
  export { AppUpdateNotifier } from './app-update-notifier';
5
5
  export { PlatformAppUpdate } from './platform-app-update';
6
6
  export * from './types';
7
- //# sourceMappingURL=index.js.map
@@ -1,5 +1,6 @@
1
1
  import { Logger } from '../core/logger';
2
2
  import { Capacitor } from '@capacitor/core';
3
+ import { SecurityValidator } from '../core/security';
3
4
  export class PlatformAppUpdate {
4
5
  constructor(config) {
5
6
  this.config = config;
@@ -31,13 +32,19 @@ export class PlatformAppUpdate {
31
32
  // Web platform - check configured update URL
32
33
  if (this.config.webUpdateUrl) {
33
34
  try {
35
+ SecurityValidator.validateDownloadUrl(this.config.webUpdateUrl);
34
36
  const response = await fetch(this.config.webUpdateUrl);
35
37
  const data = await response.json();
36
38
  if (data.version && data.version !== versionInfo.currentVersion) {
37
39
  updateInfo.updateAvailable = true;
38
40
  updateInfo.availableVersion = data.version;
39
41
  updateInfo.releaseNotes = data.releaseNotes;
40
- updateInfo.updateURL = data.downloadUrl;
42
+ // Validate downloadUrl scheme — server-controlled value, must
43
+ // not be allowed to smuggle javascript: into a later openUrl.
44
+ if (data.downloadUrl) {
45
+ SecurityValidator.validateStoreUrl(data.downloadUrl);
46
+ updateInfo.updateURL = data.downloadUrl;
47
+ }
41
48
  }
42
49
  }
43
50
  catch (error) {
@@ -85,8 +92,11 @@ export class PlatformAppUpdate {
85
92
  return { url, platform: platform };
86
93
  }
87
94
  async openUrl(url) {
95
+ // Reject any non-HTTPS / non-store URL — protects against
96
+ // `javascript:` payloads handed back from a compromised server.
97
+ SecurityValidator.validateStoreUrl(url);
88
98
  if (typeof window !== 'undefined' && window.open) {
89
- window.open(url, '_blank');
99
+ window.open(url, '_blank', 'noopener,noreferrer');
90
100
  }
91
101
  else {
92
102
  throw new Error('Cannot open URL on this platform');
@@ -126,4 +136,3 @@ export class PlatformAppUpdate {
126
136
  return capabilities;
127
137
  }
128
138
  }
129
- //# sourceMappingURL=platform-app-update.js.map
@@ -9,4 +9,3 @@ export var AppUpdateInstallStatus;
9
9
  AppUpdateInstallStatus[AppUpdateInstallStatus["CANCELED"] = 6] = "CANCELED";
10
10
  AppUpdateInstallStatus[AppUpdateInstallStatus["DOWNLOADED"] = 11] = "DOWNLOADED";
11
11
  })(AppUpdateInstallStatus || (AppUpdateInstallStatus = {}));
12
- //# sourceMappingURL=types.js.map
@@ -307,4 +307,3 @@ export class BackgroundScheduler {
307
307
  return 0;
308
308
  }
309
309
  }
310
- //# sourceMappingURL=background-scheduler.js.map
@@ -1,3 +1,2 @@
1
1
  export { BackgroundScheduler } from './background-scheduler';
2
2
  export { NotificationManager } from './notification-manager';
3
- //# sourceMappingURL=index.js.map
@@ -86,4 +86,3 @@ export class NotificationManager {
86
86
  return (_a = this.preferences.vibrationEnabled) !== null && _a !== void 0 ? _a : true;
87
87
  }
88
88
  }
89
- //# sourceMappingURL=notification-manager.js.map
@@ -7,4 +7,3 @@ export const SUPPORT_CONFIG = {
7
7
  label: 'Support the Project',
8
8
  description: 'Help us keep native-update free and improving',
9
9
  };
10
- //# sourceMappingURL=support.js.map
@@ -60,6 +60,19 @@ export declare class Analytics {
60
60
  /**
61
61
  * Console analytics provider for development
62
62
  */
63
+ /**
64
+ * Default analytics provider that writes events directly to the
65
+ * browser/native console. Production apps should swap this for a real
66
+ * provider (Firebase Analytics, Amplitude, Sentry, …) via
67
+ * `setAnalyticsProvider()`.
68
+ *
69
+ * The two `console.*` calls below are intentional and on-brand for this
70
+ * class — `ConsoleAnalyticsProvider` IS the "send to console" sink. They
71
+ * are NOT a violation of the centralized-logger rule (which targets
72
+ * incidental logging, not analytics dispatch). Do not replace with the
73
+ * Logger — it would create a circular relationship between analytics
74
+ * and logging surfaces.
75
+ */
63
76
  export declare class ConsoleAnalyticsProvider implements AnalyticsProvider {
64
77
  private userId?;
65
78
  private properties;
@@ -111,14 +111,29 @@ export class Analytics {
111
111
  /**
112
112
  * Console analytics provider for development
113
113
  */
114
+ /**
115
+ * Default analytics provider that writes events directly to the
116
+ * browser/native console. Production apps should swap this for a real
117
+ * provider (Firebase Analytics, Amplitude, Sentry, …) via
118
+ * `setAnalyticsProvider()`.
119
+ *
120
+ * The two `console.*` calls below are intentional and on-brand for this
121
+ * class — `ConsoleAnalyticsProvider` IS the "send to console" sink. They
122
+ * are NOT a violation of the centralized-logger rule (which targets
123
+ * incidental logging, not analytics dispatch). Do not replace with the
124
+ * Logger — it would create a circular relationship between analytics
125
+ * and logging surfaces.
126
+ */
114
127
  export class ConsoleAnalyticsProvider {
115
128
  constructor() {
116
129
  this.properties = {};
117
130
  }
118
131
  async trackEvent(event) {
132
+ // ConsoleAnalyticsProvider intentionally writes to console — see class header.
119
133
  console.log('[Analytics]', event.type, Object.assign(Object.assign({}, event), { userId: this.userId, properties: this.properties }));
120
134
  }
121
135
  async trackError(error, context) {
136
+ // ConsoleAnalyticsProvider intentionally writes to console — see class header.
122
137
  console.error('[Analytics Error]', {
123
138
  error: error.message,
124
139
  stack: error.stack,
@@ -134,4 +149,3 @@ export class ConsoleAnalyticsProvider {
134
149
  this.properties = Object.assign(Object.assign({}, this.properties), properties);
135
150
  }
136
151
  }
137
- //# sourceMappingURL=analytics.js.map
@@ -272,4 +272,3 @@ export class CacheManager {
272
272
  }
273
273
  }
274
274
  }
275
- //# sourceMappingURL=cache-manager.js.map
@@ -1,11 +1,6 @@
1
1
  import type { Filesystem } from '@capacitor/filesystem';
2
2
  import type { Preferences } from '@capacitor/preferences';
3
3
  import type { UpdateStrategy, ChecksumAlgorithm, SecurityConfig } from '../definitions';
4
- import type { FirestoreConfig } from '../firestore/schema';
5
- /**
6
- * Backend type for update checking
7
- */
8
- export type BackendType = 'http' | 'firestore';
9
4
  export interface PluginConfig {
10
5
  filesystem?: typeof Filesystem;
11
6
  preferences?: typeof Preferences;
@@ -22,6 +17,12 @@ export interface PluginConfig {
22
17
  serverUrl?: string;
23
18
  channel?: string;
24
19
  appId?: string;
20
+ /**
21
+ * API key for authentication with the Native Update backend
22
+ * Get this from the Native Update dashboard after creating your app
23
+ * Format: nu_app_xxx or nu_device_xxx
24
+ */
25
+ apiKey?: string;
25
26
  autoCheck?: boolean;
26
27
  autoUpdate?: boolean;
27
28
  updateStrategy?: UpdateStrategy;
@@ -38,16 +39,6 @@ export interface PluginConfig {
38
39
  packageName?: string;
39
40
  webReviewUrl?: string;
40
41
  minimumVersion?: string;
41
- /**
42
- * Backend type for update checking
43
- * - 'http': Traditional HTTP server (default)
44
- * - 'firestore': Google Firestore (free tier)
45
- */
46
- backendType?: BackendType;
47
- /**
48
- * Firestore configuration (required if backendType is 'firestore')
49
- */
50
- firestore?: FirestoreConfig;
51
42
  /**
52
43
  * Enable delta updates (binary patching)
53
44
  * Reduces download size by 50-90%
@@ -58,21 +49,6 @@ export interface PluginConfig {
58
49
  * Allows gradual deployment to a percentage of users
59
50
  */
60
51
  enableStagedRollouts?: boolean;
61
- /**
62
- * Enable bundle encryption (AES-256-GCM)
63
- * When enabled, downloaded bundles will be decrypted before validation
64
- */
65
- enableEncryption?: boolean;
66
- /**
67
- * Encryption key for decrypting bundles
68
- * Should be stored securely and not hardcoded in production
69
- */
70
- encryptionKey?: string;
71
- /**
72
- * Salt for key derivation (base64 encoded)
73
- * Required when using password-based encryption
74
- */
75
- encryptionSalt?: string;
76
52
  }
77
53
  export declare class ConfigManager {
78
54
  private static instance;
@@ -25,6 +25,7 @@ export class ConfigManager {
25
25
  serverUrl: '',
26
26
  channel: 'production',
27
27
  appId: '',
28
+ apiKey: '',
28
29
  autoCheck: true,
29
30
  autoUpdate: false,
30
31
  updateStrategy: 'background',
@@ -48,15 +49,8 @@ export class ConfigManager {
48
49
  packageName: '',
49
50
  webReviewUrl: '',
50
51
  minimumVersion: '1.0.0',
51
- // Firestore backend configuration
52
- backendType: 'http',
53
- firestore: null,
54
52
  enableDeltaUpdates: true,
55
53
  enableStagedRollouts: true,
56
- // Encryption configuration
57
- enableEncryption: false,
58
- encryptionKey: '',
59
- encryptionSalt: '',
60
54
  };
61
55
  }
62
56
  configure(config) {
@@ -94,4 +88,3 @@ export class ConfigManager {
94
88
  return !!(this.config.filesystem && this.config.preferences);
95
89
  }
96
90
  }
97
- //# sourceMappingURL=config.js.map
@@ -7,6 +7,7 @@ export declare enum ErrorCode {
7
7
  DOWNLOAD_FAILED = "DOWNLOAD_FAILED",
8
8
  DOWNLOAD_TIMEOUT = "DOWNLOAD_TIMEOUT",
9
9
  INVALID_URL = "INVALID_URL",
10
+ INSECURE_URL = "INSECURE_URL",
10
11
  UNAUTHORIZED_HOST = "UNAUTHORIZED_HOST",
11
12
  BUNDLE_TOO_LARGE = "BUNDLE_TOO_LARGE",
12
13
  CHECKSUM_MISMATCH = "CHECKSUM_MISMATCH",
@@ -11,6 +11,7 @@ export var ErrorCode;
11
11
  ErrorCode["DOWNLOAD_FAILED"] = "DOWNLOAD_FAILED";
12
12
  ErrorCode["DOWNLOAD_TIMEOUT"] = "DOWNLOAD_TIMEOUT";
13
13
  ErrorCode["INVALID_URL"] = "INVALID_URL";
14
+ ErrorCode["INSECURE_URL"] = "INSECURE_URL";
14
15
  ErrorCode["UNAUTHORIZED_HOST"] = "UNAUTHORIZED_HOST";
15
16
  ErrorCode["BUNDLE_TOO_LARGE"] = "BUNDLE_TOO_LARGE";
16
17
  // Validation errors
@@ -82,4 +83,3 @@ export class UpdateError extends NativeUpdateError {
82
83
  this.name = 'UpdateError';
83
84
  }
84
85
  }
85
- //# sourceMappingURL=errors.js.map
@@ -1,6 +1,3 @@
1
- /**
2
- * Centralized event emitter for the Native Update plugin
3
- */
4
1
  export declare class EventEmitter {
5
2
  private static instance;
6
3
  private listeners;
@@ -1,6 +1,12 @@
1
1
  /**
2
- * Centralized event emitter for the Native Update plugin
2
+ * Centralized event emitter for the Native Update plugin.
3
+ *
4
+ * Listener errors are sent to the plugin Logger so they respect the
5
+ * runtime log-level switch and the secret-redaction filter — never raw
6
+ * console.* calls. See src/core/logger.ts.
3
7
  */
8
+ import { Logger } from './logger';
9
+ const logger = new Logger('NativeUpdate.EventEmitter');
4
10
  export class EventEmitter {
5
11
  constructor() {
6
12
  this.listeners = new Map();
@@ -41,7 +47,7 @@ export class EventEmitter {
41
47
  listener(data);
42
48
  }
43
49
  catch (error) {
44
- console.error(`Error in event listener for ${eventName}:`, error);
50
+ logger.error(`Error in event listener for ${eventName}`, error);
45
51
  }
46
52
  });
47
53
  }
@@ -72,4 +78,3 @@ export class EventEmitter {
72
78
  return Array.from(this.listeners.keys());
73
79
  }
74
80
  }
75
- //# sourceMappingURL=event-emitter.js.map
@@ -106,4 +106,3 @@ export class Logger {
106
106
  this.logWithLevel(LogLevel.ERROR, message, errorData);
107
107
  }
108
108
  }
109
- //# sourceMappingURL=logger.js.map
@@ -151,4 +151,3 @@ export class PerformanceMonitor {
151
151
  };
152
152
  }
153
153
  }
154
- //# sourceMappingURL=performance.js.map
@@ -56,6 +56,9 @@ export class PluginManager {
56
56
  await this.bundleManager.initialize();
57
57
  this.downloadManager = new DownloadManager();
58
58
  await this.downloadManager.initialize();
59
+ // Bundle manager needs the download manager so deleteBundle can
60
+ // also remove the on-disk blob (otherwise old bundles leak forever).
61
+ this.bundleManager.setDownloadManager(this.downloadManager);
59
62
  this.versionManager = new VersionManager();
60
63
  await this.versionManager.initialize();
61
64
  this.appUpdateManager = new AppUpdateManager({
@@ -217,4 +220,3 @@ export class PluginManager {
217
220
  });
218
221
  }
219
222
  }
220
- //# sourceMappingURL=plugin-manager.js.map
@@ -8,6 +8,17 @@ export declare class SecurityValidator {
8
8
  * Validate URL is HTTPS
9
9
  */
10
10
  static validateUrl(url: string): boolean;
11
+ /**
12
+ * Reject any URL that is not HTTPS (or known native-app schemes
13
+ * `market:` / `itms-apps:` for opening the app store). Throws so
14
+ * callers can't silently fall through to a `javascript:` payload.
15
+ */
16
+ static validateDownloadUrl(url: string): void;
17
+ /**
18
+ * Validate URL whose only acceptable schemes are HTTPS, `market:` (Play
19
+ * Store), or `itms-apps:` (App Store). Used by `openAppStore`.
20
+ */
21
+ static validateStoreUrl(url: string): void;
11
22
  /**
12
23
  * Validate checksum format
13
24
  */
@@ -25,7 +36,10 @@ export declare class SecurityValidator {
25
36
  */
26
37
  calculateChecksum(data: ArrayBuffer): Promise<string>;
27
38
  /**
28
- * Verify checksum matches expected value
39
+ * Verify checksum matches expected value.
40
+ * Fails closed when a checksum is required but missing. Only a configuration
41
+ * that explicitly disables signature+HTTPS enforcement AND omits the
42
+ * checksum will skip verification — OTA code paths must always pass one.
29
43
  */
30
44
  verifyChecksum(data: ArrayBuffer, expectedChecksum: string): Promise<boolean>;
31
45
  /**
@@ -33,9 +47,14 @@ export declare class SecurityValidator {
33
47
  */
34
48
  validateChecksum(data: ArrayBuffer, expectedChecksum: string): Promise<boolean>;
35
49
  /**
36
- * Verify digital signature using Web Crypto API
50
+ * Verify digital signature using Web Crypto API.
51
+ *
52
+ * Fails closed: if signature verification is enabled (the default), any of
53
+ * `publicKey`, `enableSignatureValidation`, or `requireSignature` being set
54
+ * makes a signature mandatory. A missing signature in that state throws —
55
+ * never silently returns true. Silent-pass was a P0 gap in prior releases.
37
56
  */
38
- verifySignature(data: ArrayBuffer, signature: string): Promise<boolean>;
57
+ verifySignature(data: ArrayBuffer, signature: string | null | undefined): Promise<boolean>;
39
58
  /**
40
59
  * Convert PEM to ArrayBuffer
41
60
  */
@@ -24,6 +24,33 @@ export class SecurityValidator {
24
24
  return false;
25
25
  }
26
26
  }
27
+ /**
28
+ * Reject any URL that is not HTTPS (or known native-app schemes
29
+ * `market:` / `itms-apps:` for opening the app store). Throws so
30
+ * callers can't silently fall through to a `javascript:` payload.
31
+ */
32
+ static validateDownloadUrl(url) {
33
+ if (!this.validateUrl(url)) {
34
+ throw new ValidationError(ErrorCode.INSECURE_URL, `Refusing non-HTTPS URL: ${url}`);
35
+ }
36
+ }
37
+ /**
38
+ * Validate URL whose only acceptable schemes are HTTPS, `market:` (Play
39
+ * Store), or `itms-apps:` (App Store). Used by `openAppStore`.
40
+ */
41
+ static validateStoreUrl(url) {
42
+ let parsed;
43
+ try {
44
+ parsed = new URL(url);
45
+ }
46
+ catch (_a) {
47
+ throw new ValidationError(ErrorCode.INSECURE_URL, `Invalid URL: ${url}`);
48
+ }
49
+ const allowed = ['https:', 'market:', 'itms-apps:'];
50
+ if (!allowed.includes(parsed.protocol)) {
51
+ throw new ValidationError(ErrorCode.INSECURE_URL, `Refusing URL scheme ${parsed.protocol}`);
52
+ }
53
+ }
27
54
  /**
28
55
  * Validate checksum format
29
56
  */
@@ -54,12 +81,14 @@ export class SecurityValidator {
54
81
  return hashArray.map((b) => b.toString(16).padStart(2, '0')).join('');
55
82
  }
56
83
  /**
57
- * Verify checksum matches expected value
84
+ * Verify checksum matches expected value.
85
+ * Fails closed when a checksum is required but missing. Only a configuration
86
+ * that explicitly disables signature+HTTPS enforcement AND omits the
87
+ * checksum will skip verification — OTA code paths must always pass one.
58
88
  */
59
89
  async verifyChecksum(data, expectedChecksum) {
60
90
  if (!expectedChecksum) {
61
- this.logger.warn('No checksum provided for verification');
62
- return true; // Allow if no checksum provided
91
+ throw new ValidationError(ErrorCode.CHECKSUM_MISMATCH, 'Checksum is required but was not provided');
63
92
  }
64
93
  const actualChecksum = await this.calculateChecksum(data);
65
94
  const isValid = actualChecksum === expectedChecksum.toLowerCase();
@@ -78,13 +107,24 @@ export class SecurityValidator {
78
107
  return this.verifyChecksum(data, expectedChecksum);
79
108
  }
80
109
  /**
81
- * Verify digital signature using Web Crypto API
110
+ * Verify digital signature using Web Crypto API.
111
+ *
112
+ * Fails closed: if signature verification is enabled (the default), any of
113
+ * `publicKey`, `enableSignatureValidation`, or `requireSignature` being set
114
+ * makes a signature mandatory. A missing signature in that state throws —
115
+ * never silently returns true. Silent-pass was a P0 gap in prior releases.
82
116
  */
83
117
  async verifySignature(data, signature) {
84
- if (!this.configManager.get('enableSignatureValidation')) {
118
+ const enabled = this.configManager.get('enableSignatureValidation');
119
+ const requireSignature = this.configManager.get('requireSignature');
120
+ const publicKey = this.configManager.get('publicKey');
121
+ const signatureRequired = enabled || requireSignature || !!publicKey;
122
+ if (!signature) {
123
+ if (signatureRequired) {
124
+ throw new ValidationError(ErrorCode.SIGNATURE_INVALID, 'Signature is required but was not provided');
125
+ }
85
126
  return true;
86
127
  }
87
- const publicKey = this.configManager.get('publicKey');
88
128
  if (!publicKey) {
89
129
  throw new ValidationError(ErrorCode.SIGNATURE_INVALID, 'Public key not configured for signature validation');
90
130
  }
@@ -322,4 +362,3 @@ export class SecurityValidator {
322
362
  }
323
363
  }
324
364
  }
325
- //# sourceMappingURL=security.js.map
@@ -198,8 +198,6 @@ export interface UpdateConfig {
198
198
  export interface LiveUpdateConfig {
199
199
  appId: string;
200
200
  serverUrl?: string;
201
- backendType?: 'http' | 'firestore';
202
- firestore?: FirestoreConfig;
203
201
  channel?: string;
204
202
  autoUpdate?: boolean;
205
203
  updateStrategy?: UpdateStrategy;
@@ -212,20 +210,6 @@ export interface LiveUpdateConfig {
212
210
  optionalInstallMode?: InstallMode;
213
211
  maxBundleSize?: number;
214
212
  allowedHosts?: string[];
215
- /**
216
- * Enable bundle encryption (AES-256-GCM)
217
- */
218
- enableEncryption?: boolean;
219
- /**
220
- * Encryption key for decrypting bundles
221
- * Should be stored securely and not hardcoded
222
- */
223
- encryptionKey?: string;
224
- /**
225
- * Salt for key derivation (base64 encoded)
226
- * Required when enableEncryption is true
227
- */
228
- encryptionSalt?: string;
229
213
  }
230
214
  export interface AppUpdateConfig {
231
215
  minimumVersion?: string;
@@ -265,6 +249,12 @@ export interface SecurityConfig {
265
249
  enforceHttps?: boolean;
266
250
  certificatePinning?: CertificatePinning;
267
251
  validateInputs?: boolean;
252
+ /**
253
+ * @deprecated since v2. Secure storage is always on. Android uses
254
+ * EncryptedSharedPreferences (Keystore-backed), iOS uses Keychain,
255
+ * web does not persist sensitive config fields to localStorage.
256
+ * Setting this to `false` is ignored.
257
+ */
268
258
  secureStorage?: boolean;
269
259
  logSecurityEvents?: boolean;
270
260
  }
@@ -316,7 +306,6 @@ export interface DeleteOptions {
316
306
  olderThan?: number;
317
307
  }
318
308
  export interface UpdateOptions {
319
- allowDowngrade?: boolean;
320
309
  cleanupOldBundles?: boolean;
321
310
  keepBundleCount?: number;
322
311
  }
@@ -713,18 +702,17 @@ export interface PluginInitConfig {
713
702
  * Enable debug logging (default: false)
714
703
  */
715
704
  enableLogging?: boolean;
716
- /**
717
- * Backend type for update checks
718
- */
719
- backendType?: 'http' | 'firestore';
720
- /**
721
- * Firestore configuration for no-cost manifest reads
722
- */
723
- firestore?: FirestoreConfig;
724
705
  /**
725
706
  * Server URL for update checks
726
707
  */
727
708
  serverUrl?: string;
709
+ /**
710
+ * API key bound to this app in the Native Update dashboard. Sent as
711
+ * the `X-API-Key` header on every request to the backend. As of v2
712
+ * the plugin does not persist this across sessions — the host app
713
+ * must pass it on every `initialize()` call.
714
+ */
715
+ apiKey?: string;
728
716
  /**
729
717
  * Update channel
730
718
  */
@@ -769,20 +757,6 @@ export interface PluginInitConfig {
769
757
  * Review URL fallback for web platforms
770
758
  */
771
759
  webReviewUrl?: string;
772
- /**
773
- * Enable bundle encryption (AES-256-GCM)
774
- */
775
- enableEncryption?: boolean;
776
- /**
777
- * Encryption key for decrypting bundles
778
- * Should be stored securely and not hardcoded
779
- */
780
- encryptionKey?: string;
781
- /**
782
- * Salt for key derivation (base64 encoded)
783
- * Required when enableEncryption is true
784
- */
785
- encryptionSalt?: string;
786
760
  }
787
761
  /**
788
762
  * Main plugin interface with initialization
@@ -805,4 +779,3 @@ export interface NativeUpdatePlugin extends NativeUpdateCombinedPlugin, NativeUp
805
779
  */
806
780
  cleanup(): Promise<void>;
807
781
  }
808
- import type { FirestoreConfig } from './firestore/schema';
@@ -102,4 +102,3 @@ export var UpdateErrorCode;
102
102
  UpdateErrorCode["NOT_CONFIGURED"] = "NOT_CONFIGURED";
103
103
  UpdateErrorCode["UNKNOWN_ERROR"] = "UNKNOWN_ERROR";
104
104
  })(UpdateErrorCode || (UpdateErrorCode = {}));
105
- //# sourceMappingURL=definitions.js.map
@@ -1,14 +1,13 @@
1
1
  export { NativeUpdate } from './plugin';
2
- export type { NativeUpdatePlugin, NativeUpdateCombinedPlugin, NativeUpdateListeners, LiveUpdatePlugin, AppUpdatePlugin, AppReviewPlugin, PluginConfig, UpdateConfig, LiveUpdateConfig, AppUpdateConfig, AppReviewConfig, BundleInfo, BundleStatus, UpdateStrategy, InstallMode, DownloadOptions, DownloadProgressEvent, SyncOptions, SyncResult, DeleteOptions, LatestVersion, ValidateOptions, ValidationResult, CheckForUpdateResult, DownloadUpdateOptions, AppUpdateInfo, OpenAppStoreOptions, ReviewResult, CanRequestReviewResult, UpdateStateChangedEvent, AppUpdateStateChangedEvent, AppUpdateProgressEvent, AppUpdateAvailableEvent, AppUpdateReadyEvent, AppUpdateFailedEvent, AppUpdateNotificationClickedEvent, AppUpdateInstallClickedEvent, BackgroundUpdateProgressEvent, BackgroundUpdateNotificationEvent, UpdateError, UpdateErrorCode, BackgroundUpdatePlugin, BackgroundUpdateConfig, BackgroundUpdateStatus, BackgroundCheckResult, BackgroundUpdateType, NotificationPreferences, NotificationPermissionStatus, NotificationPriority, SecurityConfig, SecurityInfo, CertificatePinning, CertificatePin, PluginInitConfig, PluginListenerHandle, SyncStatus, InstallStatus, UpdateMode, ChecksumAlgorithm, } from './definitions';
3
- export type { FirestoreConfig } from './firestore/schema';
2
+ export { BackgroundUpdateType, NotificationPriority, UpdateStrategy, UpdateMode, InstallMode, ChecksumAlgorithm, SyncStatus, BundleStatus, InstallStatus, UpdateErrorCode, } from './definitions';
3
+ export type { NativeUpdatePlugin, NativeUpdateCombinedPlugin, NativeUpdateListeners, LiveUpdatePlugin, AppUpdatePlugin, AppReviewPlugin, PluginConfig, UpdateConfig, LiveUpdateConfig, AppUpdateConfig, AppReviewConfig, BundleInfo, DownloadOptions, DownloadProgressEvent, SyncOptions, SyncResult, DeleteOptions, LatestVersion, ValidateOptions, ValidationResult, CheckForUpdateResult, DownloadUpdateOptions, AppUpdateInfo, OpenAppStoreOptions, ReviewResult, CanRequestReviewResult, UpdateStateChangedEvent, AppUpdateStateChangedEvent, AppUpdateProgressEvent, AppUpdateAvailableEvent, AppUpdateReadyEvent, AppUpdateFailedEvent, AppUpdateNotificationClickedEvent, AppUpdateInstallClickedEvent, BackgroundUpdateProgressEvent, BackgroundUpdateNotificationEvent, UpdateError, BackgroundUpdatePlugin, BackgroundUpdateConfig, BackgroundUpdateStatus, BackgroundCheckResult, NotificationPreferences, NotificationPermissionStatus, SecurityConfig, SecurityInfo, CertificatePinning, CertificatePin, PluginInitConfig, PluginListenerHandle, } from './definitions';
4
+ export type { RolloutConfig, RolloutTargetSegments, RolloutSchedule, RolloutTimestamp, DeviceInfo, UpdateCheckResponse, } from './types/rollout';
4
5
  export { ErrorCode, NativeUpdateError, ConfigurationError, DownloadError, ValidationError, StorageError, UpdateError as UpdateErrorClass, } from './core/errors';
5
6
  export { ConfigManager } from './core/config';
6
7
  export { Logger, LogLevel } from './core/logger';
7
8
  export { SecurityValidator } from './core/security';
8
9
  export { PluginManager } from './core/plugin-manager';
9
10
  export { CacheManager } from './core/cache-manager';
10
- export { CryptoUtils } from './security/crypto';
11
- export type { EncryptionConfig, EncryptedBundle } from './security/crypto';
12
11
  export { BundleManager } from './live-update/bundle-manager';
13
12
  export { DownloadManager } from './live-update/download-manager';
14
13
  export { VersionManager } from './live-update/version-manager';