node-red-contrib-letmepost 0.1.0

package/LICENSE

@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright 2026 letmepost.dev
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

package/README.md

@@ -0,0 +1,121 @@
+# node-red-contrib-letmepost
+
+Node-RED nodes for [letmepost.dev](https://letmepost.dev) — the open-source
+social-media publishing API. Publish or schedule to Bluesky, X/Twitter,
+LinkedIn, Instagram, Threads, Facebook, Pinterest and TikTok through one API,
+and trigger flows from signed webhook deliveries.
+
+## Nodes
+
+| Node | What it does |
+| --- | --- |
+| `letmepost-config` | Config node holding your API key and base URL. |
+| `letmepost-publish` | Publish or schedule a post (`POST /v1/posts`). |
+| `letmepost-get-post` | Fetch a post and its attempts (`GET /v1/posts/{id}`). |
+| `letmepost-list-accounts` | List connected accounts (`GET /v1/accounts`). |
+| `letmepost-webhook` | Trigger a flow on a signature-verified webhook event. |
+
+## Install
+
+From your Node-RED user directory (`~/.node-red`):
+
+```bash
+npm install node-red-contrib-letmepost
+```
+
+Or in the editor: **Menu → Manage palette → Install** and search for
+`node-red-contrib-letmepost`. Restart Node-RED.
+
+Requires Node.js 18+ (uses the global `fetch`) and Node-RED 3.0+.
+
+## Configure credentials
+
+1. Mint an API key in the letmepost dashboard under **Settings → API Keys**
+   (`lmp_live_…` for production, `lmp_test_…` for the test environment).
+2. Drop any letmepost node onto a flow, open it, and next to **Connection**
+   click the pencil to add a new `letmepost-config`.
+3. Paste the key into **API Key**. Leave **Base URL** as
+   `https://api.letmepost.dev` unless you self-host.
+
+The key is stored encrypted in Node-RED's credentials store, never in the
+flow JSON.
+
+## Nodes in detail
+
+### letmepost-publish
+
+Publishes or schedules a post. Each node field can be overridden by the matching
+`msg` property (`msg` wins; otherwise the node config is used).
+
+- **Account IDs** — comma-separated IDs, or an array on `msg.accountIds`. Each
+  becomes a target `{ accountId }`.
+- **Platform** — used only when no account IDs are given; auto-resolves to the
+  single connected account for that platform (e.g. `bluesky`).
+- **Text** — applied to every target.
+- **First Comment** — auto-posted reply where the platform supports it.
+- **Schedule At** — ISO-8601 timestamp in the future; queues the batch (HTTP
+  202, status `queued`).
+- **Profile ID**, **Idempotency Key** — optional. The idempotency key is sent as
+  the `Idempotency-Key` header so retries never double-post.
+- `msg.media` — optional array of MediaInput objects, passed through verbatim
+  (e.g. `[{ "kind": "image", "mediaId": "med_…" }]`).
+- `msg.payload.targets` — advanced: if `msg.payload` already contains a
+  `targets` array, the whole payload is sent as the request body and the fields
+  above are ignored. Use this to build arbitrary multi-target / per-target
+  override shapes.
+
+Output `msg.payload` is the `CreatePostResponse` envelope:
+`{ id, status, createdAt, results[] }`. The node status reflects the batch
+status (`published` / `partial_failed` / `failed` / `queued`).
+
+### letmepost-get-post
+
+`GET /v1/posts/{id}`. Set **Post ID** on the node or `msg.postId`. Output
+`msg.payload` is the `PostDetail` (the post row plus `attempts[]`).
+
+### letmepost-list-accounts
+
+`GET /v1/accounts`. Optional **Profile ID** filter (or `msg.profileId`). Output
+`msg.payload` is the array of `Account` objects. Feed an account's `id` into the
+publish node's Account IDs.
+
+### letmepost-webhook
+
+Triggers a flow when letmepost delivers an event. It registers an HTTP `POST`
+route at the configured **URL Path**, verifies the signature, and emits the
+event only when valid.
+
+This node does **not** register itself with the API. Webhook endpoints are
+created from the letmepost dashboard — the registration API is a
+dashboard-session operation and does not accept an `lmp_live_` API key. Register
+the URL by hand:
+
+**Setup**
+
+1. Pick a **URL Path** (default `/letmepost-webhook`). Your public URL is the
+   Node-RED base URL plus this path,
+   e.g. `https://your-host:1880/letmepost-webhook`. Node-RED has to be reachable
+   from the public internet for letmepost to deliver to it.
+2. In the letmepost dashboard, go to **Settings → Webhooks**, add an endpoint,
+   and paste that public URL. Choose the event types you want
+   (`post.published`, `post.failed`, `token.expiring`, …) or subscribe to all.
+3. Copy the `signingSecret` (`whsec_…`) the dashboard shows once at creation
+   into the node's **Signing Secret** field.
+
+**Verification.** Each delivery carries
+`X-Letmepost-Signature: sha256=<hex>`, an HMAC-SHA256 of the raw request body
+keyed by the signing secret (no timestamp). The node recomputes it over the
+exact received bytes and compares in constant time. Deliveries that fail get a
+`401` and are dropped; malformed JSON gets a `400`.
+
+Output: `msg.payload` is the parsed event, `msg.topic` is the event `type`.
+
+## Errors
+
+Action nodes report API failures via `node.error(err, msg)`, so a **Catch** node
+downstream can handle them. The message surfaces the letmepost error code, the
+failed `rule`, the `remediation`, and the `requestId`.
+
+## License
+
+[Apache-2.0](./LICENSE)

package/letmepost/letmepost-config.html

@@ -0,0 +1,49 @@
+<script type="text/javascript">
+	RED.nodes.registerType('letmepost-config', {
+		category: 'config',
+		defaults: {
+			name: { value: '' },
+			baseUrl: { value: 'https://api.letmepost.dev', required: true },
+		},
+		credentials: {
+			apiKey: { type: 'password' },
+		},
+		label: function () {
+			return this.name || 'letmepost';
+		},
+	});
+</script>
+
+<script type="text/html" data-template-name="letmepost-config">
+	<div class="form-row">
+		<label for="node-config-input-name"><i class="fa fa-tag"></i> Name</label>
+		<input type="text" id="node-config-input-name" placeholder="letmepost" />
+	</div>
+	<div class="form-row">
+		<label for="node-config-input-apiKey"><i class="fa fa-key"></i> API Key</label>
+		<input type="password" id="node-config-input-apiKey" placeholder="lmp_live_…" />
+	</div>
+	<div class="form-row">
+		<label for="node-config-input-baseUrl"><i class="fa fa-globe"></i> Base URL</label>
+		<input type="text" id="node-config-input-baseUrl" placeholder="https://api.letmepost.dev" />
+	</div>
+</script>
+
+<script type="text/html" data-help-name="letmepost-config">
+	<p>Holds the credentials shared by every letmepost node.</p>
+	<h3>Fields</h3>
+	<dl class="message-properties">
+		<dt>API Key <span class="property-type">password</span></dt>
+		<dd>
+			Your letmepost.dev API key. Create one in the dashboard under
+			Settings &rarr; API Keys. Use an <code>lmp_live_</code> key for
+			production or <code>lmp_test_</code> for the test environment. Stored
+			encrypted in Node-RED's credentials store, never in the flow file.
+		</dd>
+		<dt>Base URL <span class="property-type">string</span></dt>
+		<dd>
+			The API base URL. Defaults to <code>https://api.letmepost.dev</code>.
+			Change only if you run a self-hosted instance.
+		</dd>
+	</dl>
+</script>

package/letmepost/letmepost-config.js

@@ -0,0 +1,19 @@
+'use strict';
+
+const { DEFAULT_BASE_URL } = require('./lib/client');
+
+module.exports = function (RED) {
+	function LetmepostConfigNode(config) {
+		RED.nodes.createNode(this, config);
+		this.name = config.name;
+		this.baseUrl = (config.baseUrl || DEFAULT_BASE_URL).trim();
+		// this.credentials.apiKey is populated by Node-RED from the encrypted
+		// credentials store declared below.
+	}
+
+	RED.nodes.registerType('letmepost-config', LetmepostConfigNode, {
+		credentials: {
+			apiKey: { type: 'password' },
+		},
+	});
+};

package/letmepost/letmepost-get-post.html

@@ -0,0 +1,52 @@
+<script type="text/javascript">
+	RED.nodes.registerType('letmepost-get-post', {
+		category: 'letmepost',
+		color: '#1f6feb',
+		defaults: {
+			name: { value: '' },
+			letmepostConfig: { value: '', type: 'letmepost-config', required: true },
+			postId: { value: '' },
+		},
+		inputs: 1,
+		outputs: 1,
+		icon: 'font-awesome/fa-search',
+		label: function () {
+			return this.name || 'letmepost get post';
+		},
+	});
+</script>
+
+<script type="text/html" data-template-name="letmepost-get-post">
+	<div class="form-row">
+		<label for="node-input-name"><i class="fa fa-tag"></i> Name</label>
+		<input type="text" id="node-input-name" placeholder="letmepost get post" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-letmepostConfig"><i class="fa fa-key"></i> Connection</label>
+		<input type="text" id="node-input-letmepostConfig" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-postId"><i class="fa fa-hashtag"></i> Post ID</label>
+		<input type="text" id="node-input-postId" placeholder="post ID (or set msg.postId)" />
+	</div>
+</script>
+
+<script type="text/html" data-help-name="letmepost-get-post">
+	<p>Fetches a single post and its publish attempts via
+	<code>GET /v1/posts/{id}</code>.</p>
+
+	<h3>Inputs</h3>
+	<dl class="message-properties">
+		<dt class="optional">postId <span class="property-type">string</span></dt>
+		<dd>The post ID to retrieve. Overrides the node's Post ID field. Use the
+		<code>postId</code> returned inside a publish node's
+		<code>results[]</code>.</dd>
+	</dl>
+
+	<h3>Output</h3>
+	<dl class="message-properties">
+		<dt>payload <span class="property-type">object</span></dt>
+		<dd>The <code>PostDetail</code> object: the post row plus an
+		<code>attempts[]</code> array.</dd>
+	</dl>
+</script>

package/letmepost/letmepost-get-post.js

@@ -0,0 +1,42 @@
+'use strict';
+
+const { letmepostRequest } = require('./lib/client');
+
+module.exports = function (RED) {
+	function LetmepostGetPostNode(config) {
+		RED.nodes.createNode(this, config);
+		const node = this;
+		node.letmepostConfig = RED.nodes.getNode(config.letmepostConfig);
+
+		node.on('input', async function (msg, send, done) {
+			send = send || function () { node.send.apply(node, arguments); };
+			done = done || function (err) { if (err) node.error(err, msg); };
+
+			try {
+				const postId =
+					msg.postId !== undefined && msg.postId !== null && msg.postId !== ''
+						? msg.postId
+						: config.postId;
+				if (!postId) {
+					throw new Error('No post ID. Set a Post ID on the node or provide msg.postId.');
+				}
+
+				node.status({ fill: 'blue', shape: 'dot', text: 'fetching' });
+				const response = await letmepostRequest(node.letmepostConfig, {
+					method: 'GET',
+					endpoint: `/v1/posts/${encodeURIComponent(String(postId))}`,
+				});
+
+				node.status({ fill: 'green', shape: 'dot', text: response.status || 'ok' });
+				msg.payload = response;
+				send(msg);
+				done();
+			} catch (err) {
+				node.status({ fill: 'red', shape: 'ring', text: 'error' });
+				done(err);
+			}
+		});
+	}
+
+	RED.nodes.registerType('letmepost-get-post', LetmepostGetPostNode);
+};

package/letmepost/letmepost-list-accounts.html

@@ -0,0 +1,53 @@
+<script type="text/javascript">
+	RED.nodes.registerType('letmepost-list-accounts', {
+		category: 'letmepost',
+		color: '#1f6feb',
+		defaults: {
+			name: { value: '' },
+			letmepostConfig: { value: '', type: 'letmepost-config', required: true },
+			profileId: { value: '' },
+		},
+		inputs: 1,
+		outputs: 1,
+		icon: 'font-awesome/fa-users',
+		label: function () {
+			return this.name || 'letmepost list accounts';
+		},
+	});
+</script>
+
+<script type="text/html" data-template-name="letmepost-list-accounts">
+	<div class="form-row">
+		<label for="node-input-name"><i class="fa fa-tag"></i> Name</label>
+		<input type="text" id="node-input-name" placeholder="letmepost list accounts" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-letmepostConfig"><i class="fa fa-key"></i> Connection</label>
+		<input type="text" id="node-input-letmepostConfig" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-profileId"><i class="fa fa-id-card-o"></i> Profile ID</label>
+		<input type="text" id="node-input-profileId" placeholder="optional profile UUID" />
+	</div>
+</script>
+
+<script type="text/html" data-help-name="letmepost-list-accounts">
+	<p>Lists the social accounts connected to your organization via
+	<code>GET /v1/accounts</code>.</p>
+
+	<h3>Inputs</h3>
+	<dl class="message-properties">
+		<dt class="optional">profileId <span class="property-type">string</span></dt>
+		<dd>Only return accounts under this profile. Overrides the node field.</dd>
+	</dl>
+
+	<h3>Output</h3>
+	<dl class="message-properties">
+		<dt>payload <span class="property-type">array</span></dt>
+		<dd>An array of <code>Account</code> objects (the API response's
+		<code>data</code> array). Each carries <code>id</code>,
+		<code>platform</code>, <code>platformAccountId</code> and
+		<code>displayName</code>. Feed an account's <code>id</code> into the
+		publish node's Account IDs.</dd>
+	</dl>
+</script>

package/letmepost/letmepost-list-accounts.js

@@ -0,0 +1,43 @@
+'use strict';
+
+const { letmepostRequest } = require('./lib/client');
+
+module.exports = function (RED) {
+	function LetmepostListAccountsNode(config) {
+		RED.nodes.createNode(this, config);
+		const node = this;
+		node.letmepostConfig = RED.nodes.getNode(config.letmepostConfig);
+
+		node.on('input', async function (msg, send, done) {
+			send = send || function () { node.send.apply(node, arguments); };
+			done = done || function (err) { if (err) node.error(err, msg); };
+
+			try {
+				const query = {};
+				const profileId =
+					msg.profileId !== undefined && msg.profileId !== null && msg.profileId !== ''
+						? msg.profileId
+						: config.profileId;
+				if (profileId) query.profileId = String(profileId);
+
+				node.status({ fill: 'blue', shape: 'dot', text: 'fetching' });
+				const response = await letmepostRequest(node.letmepostConfig, {
+					method: 'GET',
+					endpoint: '/v1/accounts',
+					query,
+				});
+
+				const accounts = Array.isArray(response.data) ? response.data : [];
+				node.status({ fill: 'green', shape: 'dot', text: `${accounts.length} accounts` });
+				msg.payload = accounts;
+				send(msg);
+				done();
+			} catch (err) {
+				node.status({ fill: 'red', shape: 'ring', text: 'error' });
+				done(err);
+			}
+		});
+	}
+
+	RED.nodes.registerType('letmepost-list-accounts', LetmepostListAccountsNode);
+};

package/letmepost/letmepost-publish.html

@@ -0,0 +1,115 @@
+<script type="text/javascript">
+	RED.nodes.registerType('letmepost-publish', {
+		category: 'letmepost',
+		color: '#1f6feb',
+		defaults: {
+			name: { value: '' },
+			letmepostConfig: { value: '', type: 'letmepost-config', required: true },
+			accountIds: { value: '' },
+			platform: { value: '' },
+			text: { value: '' },
+			firstComment: { value: '' },
+			scheduledAt: { value: '' },
+			profileId: { value: '' },
+			idempotencyKey: { value: '' },
+		},
+		inputs: 1,
+		outputs: 1,
+		icon: 'font-awesome/fa-paper-plane',
+		label: function () {
+			return this.name || 'letmepost publish';
+		},
+	});
+</script>
+
+<script type="text/html" data-template-name="letmepost-publish">
+	<div class="form-row">
+		<label for="node-input-name"><i class="fa fa-tag"></i> Name</label>
+		<input type="text" id="node-input-name" placeholder="letmepost publish" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-letmepostConfig"><i class="fa fa-key"></i> Connection</label>
+		<input type="text" id="node-input-letmepostConfig" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-accountIds"><i class="fa fa-users"></i> Account IDs</label>
+		<input type="text" id="node-input-accountIds" placeholder="comma-separated account IDs" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-platform"><i class="fa fa-share-alt"></i> Platform</label>
+		<input type="text" id="node-input-platform" placeholder="e.g. bluesky (used only when no Account IDs)" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-text"><i class="fa fa-pencil"></i> Text</label>
+		<input type="text" id="node-input-text" placeholder="The post text" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-firstComment"><i class="fa fa-comment"></i> First Comment</label>
+		<input type="text" id="node-input-firstComment" placeholder="optional first comment" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-scheduledAt"><i class="fa fa-clock-o"></i> Schedule At</label>
+		<input type="text" id="node-input-scheduledAt" placeholder="ISO-8601, e.g. 2026-06-01T12:00:00.000Z" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-profileId"><i class="fa fa-id-card-o"></i> Profile ID</label>
+		<input type="text" id="node-input-profileId" placeholder="optional profile UUID" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-idempotencyKey"><i class="fa fa-shield"></i> Idempotency Key</label>
+		<input type="text" id="node-input-idempotencyKey" placeholder="optional, retries never double-post" />
+	</div>
+</script>
+
+<script type="text/html" data-help-name="letmepost-publish">
+	<p>Publishes or schedules a post to one or more connected accounts via
+	<code>POST /v1/posts</code>.</p>
+
+	<h3>Inputs</h3>
+	<p>Every config field can be overridden by the matching <code>msg</code>
+	property. The fallback order is <b>msg property &rarr; node config</b>.</p>
+	<dl class="message-properties">
+		<dt class="optional">accountIds <span class="property-type">string | array</span></dt>
+		<dd>One or more connected account IDs. A comma-separated string or an
+		array. Each becomes a target <code>{ accountId }</code>.</dd>
+		<dt class="optional">platform <span class="property-type">string</span></dt>
+		<dd>Used only when no account IDs are given: auto-resolves to the single
+		connected account for that platform (e.g. <code>bluesky</code>,
+		<code>twitter</code>, <code>linkedin</code>).</dd>
+		<dt class="optional">text <span class="property-type">string</span></dt>
+		<dd>The post text, applied to every target that has no per-target text.</dd>
+		<dt class="optional">firstComment <span class="property-type">string</span></dt>
+		<dd>Auto-posted reply after publishing, where the platform supports it.</dd>
+		<dt class="optional">scheduledAt <span class="property-type">string</span></dt>
+		<dd>ISO-8601 timestamp at least 1 second in the future. When set, the batch
+		is queued and the response is <code>202</code> with status
+		<code>queued</code>.</dd>
+		<dt class="optional">profileId <span class="property-type">string</span></dt>
+		<dd>Profile scope for this batch.</dd>
+		<dt class="optional">idempotencyKey <span class="property-type">string</span></dt>
+		<dd>Sent as the <code>Idempotency-Key</code> header. Replays within 24
+		hours return the original response.</dd>
+		<dt class="optional">media <span class="property-type">array</span></dt>
+		<dd>Optional array of MediaInput objects (e.g.
+		<code>[{ kind: "image", mediaId: "med_…" }]</code>) passed through verbatim.</dd>
+		<dt class="optional">payload.targets <span class="property-type">array</span></dt>
+		<dd>Advanced: if <code>msg.payload</code> already contains a
+		<code>targets</code> array, the whole payload is sent as the request body
+		and the fields above are ignored. Use this to build any multi-target or
+		per-target-override shape the API accepts.</dd>
+	</dl>
+
+	<h3>Output</h3>
+	<dl class="message-properties">
+		<dt>payload <span class="property-type">object</span></dt>
+		<dd>The <code>CreatePostResponse</code> batch envelope:
+		<code>{ id, status, createdAt, results[] }</code>. The node status shows
+		the batch <code>status</code> (published / partial_failed / failed /
+		queued).</dd>
+	</dl>
+
+	<h3>Errors</h3>
+	<p>API failures are reported via <code>node.error(err, msg)</code> so a Catch
+	node downstream can handle them. The message includes the letmepost error
+	code, <code>rule</code>, remediation and request ID.</p>
+</script>

package/letmepost/letmepost-publish.js

@@ -0,0 +1,111 @@
+'use strict';
+
+const { letmepostRequest } = require('./lib/client');
+
+module.exports = function (RED) {
+	function LetmepostPublishNode(config) {
+		RED.nodes.createNode(this, config);
+		const node = this;
+		node.letmepostConfig = RED.nodes.getNode(config.letmepostConfig);
+
+		node.on('input', async function (msg, send, done) {
+			send = send || function () { node.send.apply(node, arguments); };
+			done = done || function (err) { if (err) node.error(err, msg); };
+
+			try {
+				const body = buildBody(config, msg);
+				const requestOptions = { method: 'POST', endpoint: '/v1/posts', body };
+
+				const idempotencyKey = pick(msg.idempotencyKey, config.idempotencyKey);
+				if (idempotencyKey) {
+					requestOptions.headers = { 'Idempotency-Key': String(idempotencyKey) };
+				}
+
+				node.status({ fill: 'blue', shape: 'dot', text: 'publishing' });
+				const response = await letmepostRequest(node.letmepostConfig, requestOptions);
+
+				const status = response && response.status ? response.status : 'done';
+				const shape = status === 'published' || status === 'queued' ? 'dot' : 'ring';
+				const fill = status === 'failed' ? 'red' : status === 'partial_failed' ? 'yellow' : 'green';
+				node.status({ fill, shape, text: status });
+
+				msg.payload = response;
+				send(msg);
+				done();
+			} catch (err) {
+				node.status({ fill: 'red', shape: 'ring', text: 'error' });
+				done(err);
+			}
+		});
+	}
+
+	RED.nodes.registerType('letmepost-publish', LetmepostPublishNode);
+};
+
+// Resolve a value from msg first, falling back to the node config. Empty strings
+// and empty arrays count as "not set" so a configured default still wins.
+function pick(fromMsg, fromConfig) {
+	if (fromMsg !== undefined && fromMsg !== null && fromMsg !== '') return fromMsg;
+	return fromConfig;
+}
+
+function parseAccountIds(value) {
+	if (Array.isArray(value)) return value.filter(Boolean).map(String);
+	if (typeof value === 'string') {
+		return value
+			.split(',')
+			.map((s) => s.trim())
+			.filter(Boolean);
+	}
+	return [];
+}
+
+function buildBody(config, msg) {
+	// A fully formed body on msg.payload.targets wins outright — lets advanced
+	// users build any multi-target / per-target-override shape the API accepts.
+	if (msg.payload && typeof msg.payload === 'object' && Array.isArray(msg.payload.targets)) {
+		return msg.payload;
+	}
+
+	const accountIds = parseAccountIds(pick(msg.accountIds, config.accountIds));
+	const platform = pick(msg.platform, config.platform);
+
+	let targets;
+	if (accountIds.length > 0) {
+		targets = accountIds.map((id) => ({ accountId: id }));
+	} else if (platform) {
+		// Auto-resolve hint: the org must have exactly one connected account for
+		// this platform (see CreatePostRequest in the OpenAPI spec).
+		targets = [{ platform: String(platform) }];
+	} else {
+		throw new Error(
+			'No targets. Set Account IDs or a Platform on the node, or provide msg.payload.targets.',
+		);
+	}
+
+	const body = { targets };
+
+	const text = pick(msg.text, config.text);
+	if (text) body.text = String(text);
+
+	const firstComment = pick(msg.firstComment, config.firstComment);
+	if (firstComment) body.firstComment = { text: String(firstComment) };
+
+	const profileId = pick(msg.profileId, config.profileId);
+	if (profileId) body.profileId = String(profileId);
+
+	const scheduledAt = pick(msg.scheduledAt, config.scheduledAt);
+	if (scheduledAt) {
+		body.scheduledAt = String(scheduledAt);
+		body.publishNow = false;
+	} else {
+		body.publishNow = true;
+	}
+
+	// Optional media passthrough: accept a ready-made MediaInput[] on msg.media.
+	if (Array.isArray(msg.media) && msg.media.length > 0) {
+		body.media = msg.media;
+	}
+
+	return body;
+}

package/letmepost/letmepost-webhook.html

@@ -0,0 +1,91 @@
+<script type="text/javascript">
+	RED.nodes.registerType('letmepost-webhook', {
+		category: 'letmepost',
+		color: '#1f6feb',
+		defaults: {
+			name: { value: '' },
+			letmepostConfig: { value: '', type: 'letmepost-config', required: false },
+			path: { value: '/letmepost-webhook', required: true },
+		},
+		credentials: {
+			signingSecret: { type: 'password' },
+		},
+		inputs: 0,
+		outputs: 1,
+		icon: 'font-awesome/fa-bolt',
+		label: function () {
+			return this.name || 'letmepost webhook';
+		},
+		oneditprepare: function () {
+			// nothing dynamic; placeholder for future use
+		},
+	});
+</script>
+
+<script type="text/html" data-template-name="letmepost-webhook">
+	<div class="form-row">
+		<label for="node-input-name"><i class="fa fa-tag"></i> Name</label>
+		<input type="text" id="node-input-name" placeholder="letmepost webhook" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-letmepostConfig"><i class="fa fa-key"></i> Connection</label>
+		<input type="text" id="node-input-letmepostConfig" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-path"><i class="fa fa-globe"></i> URL Path</label>
+		<input type="text" id="node-input-path" placeholder="/letmepost-webhook" />
+	</div>
+	<div class="form-row">
+		<label for="node-input-signingSecret"><i class="fa fa-shield"></i> Signing Secret</label>
+		<input type="password" id="node-input-signingSecret" placeholder="whsec_…" />
+	</div>
+	<div class="form-tips">
+		The full public URL is your Node-RED host + this path, e.g.
+		<code>https://your-host:1880/letmepost-webhook</code>. Register that URL
+		in the letmepost <b>dashboard</b> (Settings &rarr; Webhooks), then paste
+		the <code>signingSecret</code> it shows once into the field above.
+	</div>
+</script>
+
+<script type="text/html" data-help-name="letmepost-webhook">
+	<p>Starts a flow when letmepost.dev delivers a webhook event. The node
+	registers an HTTP <code>POST</code> route at the configured path, verifies the
+	<code>X-Letmepost-Signature</code> HMAC-SHA256 over the raw body, and emits the
+	event only when the signature is valid.</p>
+
+	<h3>Setup</h3>
+	<p>This node does <b>not</b> register itself with the API. Webhook endpoints
+	are created from the letmepost dashboard (the registration API is a
+	dashboard-session operation and does not accept an <code>lmp_live_</code> key).
+	Register the URL manually:</p>
+	<ol>
+		<li>Choose a <b>URL Path</b> (default <code>/letmepost-webhook</code>). The
+		public URL is your Node-RED base URL plus this path, e.g.
+		<code>https://your-host:1880/letmepost-webhook</code>. Node-RED must be
+		reachable from the public internet for letmepost to deliver to it.</li>
+		<li>In the letmepost dashboard go to <b>Settings &rarr; Webhooks</b>, add a
+		new endpoint, and paste that public URL. Pick the event types you want (or
+		all of them).</li>
+		<li>Copy the <code>signingSecret</code> (<code>whsec_…</code>) the dashboard
+		shows once at creation, and paste it into <b>Signing Secret</b> above.</li>
+	</ol>
+
+	<h3>Verification</h3>
+	<p>Each delivery carries <code>X-Letmepost-Signature: sha256=&lt;hex&gt;</code>,
+	an HMAC-SHA256 of the raw request body keyed by the signing secret (no
+	timestamp). The node recomputes it over the exact received bytes and compares
+	in constant time. Deliveries that fail get a <code>401</code> and are dropped;
+	malformed JSON gets a <code>400</code>.</p>
+
+	<h3>Output</h3>
+	<dl class="message-properties">
+		<dt>payload <span class="property-type">object</span></dt>
+		<dd>The parsed webhook event body.</dd>
+		<dt>topic <span class="property-type">string</span></dt>
+		<dd>The event <code>type</code> (e.g. <code>post.published</code>).</dd>
+	</dl>
+
+	<h3>Notes</h3>
+	<p>The Connection (config node) is optional here and is not used to fetch the
+	secret — letmepost never returns it again. Store the secret on this node.</p>
+</script>

package/letmepost/letmepost-webhook.js

@@ -0,0 +1,147 @@
+'use strict';
+
+const crypto = require('crypto');
+
+const SIGNATURE_HEADER = 'x-letmepost-signature';
+const SIGNATURE_PREFIX = 'sha256=';
+
+module.exports = function (RED) {
+	function LetmepostWebhookNode(config) {
+		RED.nodes.createNode(this, config);
+		const node = this;
+		node.letmepostConfig = RED.nodes.getNode(config.letmepostConfig);
+
+		// The signing secret is the whsec_… value returned ONCE when the endpoint
+		// was created via POST /v1/webhook-endpoints. It lives in the config
+		// node's credentials (preferred) or, as a fallback, on this node's own
+		// credentials. We never fetch it from the API — it is not retrievable.
+		const signingSecret = resolveSecret(node, config);
+
+		let path = (config.path || '').trim();
+		if (!path) {
+			node.error('letmepost webhook: no path configured; node disabled.');
+			node.status({ fill: 'red', shape: 'ring', text: 'no path' });
+			return;
+		}
+		if (path[0] !== '/') path = `/${path}`;
+
+		node.status({ fill: 'grey', shape: 'ring', text: 'listening' });
+
+		// Capture the RAW request body for HMAC. Node-RED mounts a global JSON
+		// body-parser, but parsed JSON is re-serialized differently from the bytes
+		// that were signed, so HMAC over it would not match. We register our own
+		// body-parser on THIS route with a verify hook that stashes the exact
+		// received bytes on req.rawBody before any parsing happens.
+		const bodyParser = require('body-parser');
+		const captureRawBody = function (req, res, buf) {
+			req.rawBody = buf;
+		};
+		const rawTextParser = bodyParser.text({
+			type: '*/*',
+			limit: '5mb',
+			verify: captureRawBody,
+		});
+
+		const handler = function (req, res) {
+			const presented = req.headers[SIGNATURE_HEADER];
+			const rawBody = req.rawBody;
+
+			if (!signingSecret) {
+				node.warn('letmepost webhook: no signing secret set; rejecting delivery.');
+				node.status({ fill: 'red', shape: 'ring', text: 'no secret' });
+				res.status(401).json({ message: 'Webhook has no signing secret configured.' });
+				return;
+			}
+			if (rawBody === undefined) {
+				res.status(400).json({ message: 'Missing raw request body for signature verification.' });
+				return;
+			}
+			if (!verifySignature(rawBody, presented, signingSecret)) {
+				node.status({ fill: 'red', shape: 'ring', text: 'bad signature' });
+				res.status(401).json({ message: 'Signature verification failed.' });
+				return;
+			}
+
+			const bodyText = Buffer.isBuffer(rawBody) ? rawBody.toString('utf8') : String(rawBody);
+			let event;
+			try {
+				event = JSON.parse(bodyText);
+			} catch (e) {
+				res.status(400).json({ message: 'Webhook body was not valid JSON.' });
+				return;
+			}
+
+			// Ack immediately so the sender does not retry, then emit the event.
+			res.status(200).json({ received: true });
+
+			const eventType = (event && event.type) || 'event';
+			node.status({ fill: 'green', shape: 'dot', text: eventType });
+			node.send({ payload: event, topic: eventType, req: { headers: req.headers } });
+		};
+
+		// Register POST on the user-configured path against Node-RED's HTTP node
+		// app, with our raw-body parser in front of the handler.
+		RED.httpNode.post(path, rawTextParser, handler);
+
+		node.on('close', function (done) {
+			removeRoute(RED.httpNode, 'post', path);
+			node.status({});
+			done();
+		});
+	}
+
+	RED.nodes.registerType('letmepost-webhook', LetmepostWebhookNode, {
+		credentials: {
+			signingSecret: { type: 'password' },
+		},
+	});
+};
+
+function resolveSecret(node, config) {
+	if (node.credentials && node.credentials.signingSecret) {
+		return node.credentials.signingSecret;
+	}
+	if (
+		node.letmepostConfig &&
+		node.letmepostConfig.credentials &&
+		node.letmepostConfig.credentials.signingSecret
+	) {
+		return node.letmepostConfig.credentials.signingSecret;
+	}
+	return undefined;
+}
+
+// Verify an X-Letmepost-Signature header: HMAC-SHA256 over the RAW body, hex
+// encoded, prefixed with "sha256=". No timestamp is involved.
+function verifySignature(rawBody, presentedHeader, secret) {
+	if (typeof presentedHeader !== 'string' || presentedHeader.length === 0) return false;
+	if (typeof secret !== 'string' || secret.length === 0) return false;
+
+	const bodyBytes = Buffer.isBuffer(rawBody) ? rawBody : Buffer.from(String(rawBody), 'utf8');
+	const digest = crypto.createHmac('sha256', secret).update(bodyBytes).digest('hex');
+	const expected = `${SIGNATURE_PREFIX}${digest}`;
+	const presented = presentedHeader.startsWith(SIGNATURE_PREFIX)
+		? presentedHeader
+		: `${SIGNATURE_PREFIX}${presentedHeader}`;
+
+	const expectedBuf = Buffer.from(expected);
+	const presentedBuf = Buffer.from(presented);
+	if (expectedBuf.length !== presentedBuf.length) return false;
+	try {
+		return crypto.timingSafeEqual(expectedBuf, presentedBuf);
+	} catch (e) {
+		return false;
+	}
+}
+
+// Remove the route we added so a redeploy does not stack duplicate handlers on
+// the shared Express app. Express keeps registered routes on the router stack.
+function removeRoute(app, method, path) {
+	const router = app && app._router;
+	if (!router || !Array.isArray(router.stack)) return;
+	router.stack = router.stack.filter(function (layer) {
+		if (!layer.route) return true;
+		if (layer.route.path !== path) return true;
+		return !(layer.route.methods && layer.route.methods[method]);
+	});
+}

package/letmepost/lib/client.js

@@ -0,0 +1,157 @@
+'use strict';
+
+const DEFAULT_BASE_URL = 'https://api.letmepost.dev';
+
+const CODE_TITLES = {
+	validation_failed: 'Validation failed',
+	preflight_failed: 'Preflight check failed',
+	platform_auth_failed: 'Platform authentication failed',
+	platform_rejected: 'Platform rejected the post',
+	platform_unavailable: 'Platform temporarily unavailable',
+	platform_not_enabled: 'Platform not enabled',
+	internal_error: 'Internal error',
+	unauthenticated: 'Authentication failed',
+	unauthorized: 'Not authorized',
+	not_found: 'Not found',
+	idempotency_conflict: 'Idempotency conflict',
+	rate_limited: 'Rate limited',
+};
+
+function normalizeBaseUrl(baseUrl) {
+	return (baseUrl || DEFAULT_BASE_URL).replace(/\/+$/, '');
+}
+
+function buildQueryString(query) {
+	const parts = [];
+	for (const key of Object.keys(query || {})) {
+		const value = query[key];
+		if (value === undefined || value === null || value === '') continue;
+		if (Array.isArray(value)) {
+			for (const entry of value) {
+				if (entry === undefined || entry === null || entry === '') continue;
+				parts.push(`${encodeURIComponent(key)}=${encodeURIComponent(String(entry))}`);
+			}
+		} else {
+			parts.push(`${encodeURIComponent(key)}=${encodeURIComponent(String(value))}`);
+		}
+	}
+	return parts.length > 0 ? `?${parts.join('&')}` : '';
+}
+
+function extractEnvelope(body) {
+	let parsed = body;
+	if (typeof body === 'string') {
+		try {
+			parsed = JSON.parse(body);
+		} catch (e) {
+			return null;
+		}
+	}
+	if (!parsed || typeof parsed !== 'object') return null;
+	const maybe = parsed.error;
+	if (!maybe || typeof maybe !== 'object') return null;
+	if (typeof maybe.code !== 'string' || typeof maybe.message !== 'string') return null;
+	return maybe;
+}
+
+// An Error subclass carrying the parsed letmepost envelope so action nodes can
+// surface rule + remediation + requestId in node.error / node.status.
+class LetmepostError extends Error {
+	constructor(message, statusCode, envelope, body) {
+		super(message);
+		this.name = 'LetmepostError';
+		this.statusCode = statusCode;
+		this.envelope = envelope || null;
+		this.body = body;
+	}
+}
+
+function describeEnvelope(envelope) {
+	const title = CODE_TITLES[envelope.code] || 'Letmepost API error';
+	let message = `${title} (${envelope.code}): ${envelope.message}`;
+	const extra = [];
+	if (envelope.rule) extra.push(`Rule: ${envelope.rule}`);
+	if (envelope.remediation) extra.push(envelope.remediation);
+	if (envelope.docUrl) extra.push(`See ${envelope.docUrl}`);
+	if (envelope.requestId) extra.push(`Request ID: ${envelope.requestId}`);
+	if (extra.length > 0) message += ` — ${extra.join(' — ')}`;
+	return message;
+}
+
+/**
+ * Authenticated request against the letmepost.dev API. Reads the apiKey
+ * credential and baseUrl off the referenced config node and injects the
+ * Authorization: Bearer header. Resolves the parsed JSON body on 2xx, or throws
+ * a LetmepostError carrying the transparent error envelope (rule + remediation).
+ *
+ * Prefers the global fetch (Node 18+). Falls back to node-fetch only if global
+ * fetch is unavailable.
+ */
+async function letmepostRequest(config, options) {
+	if (!config) {
+		throw new Error('No letmepost configuration node is set. Pick a config node on this node.');
+	}
+	const apiKey = config.credentials && config.credentials.apiKey;
+	if (!apiKey) {
+		throw new Error('The letmepost configuration node has no API key set.');
+	}
+
+	const baseUrl = normalizeBaseUrl(config.baseUrl);
+	const method = options.method || 'GET';
+	const query = buildQueryString(options.query);
+	const url = `${baseUrl}${options.endpoint}${query}`;
+
+	const headers = Object.assign(
+		{
+			Authorization: `Bearer ${apiKey}`,
+			Accept: 'application/json',
+		},
+		options.headers || {},
+	);
+
+	const init = { method, headers };
+	if (options.body !== undefined) {
+		headers['Content-Type'] = 'application/json';
+		init.body = JSON.stringify(options.body);
+	}
+
+	const fetchFn = await resolveFetch();
+	const response = await fetchFn(url, init);
+
+	const text = await response.text();
+	let parsed;
+	if (text) {
+		try {
+			parsed = JSON.parse(text);
+		} catch (e) {
+			parsed = text;
+		}
+	} else {
+		parsed = {};
+	}
+
+	if (!response.ok) {
+		const envelope = extractEnvelope(parsed);
+		const message = envelope
+			? describeEnvelope(envelope)
+			: `letmepost request failed with HTTP ${response.status}`;
+		throw new LetmepostError(message, response.status, envelope, parsed);
+	}
+
+	return parsed;
+}
+
+let cachedFetch;
+async function resolveFetch() {
+	if (typeof fetch === 'function') return fetch;
+	if (cachedFetch) return cachedFetch;
+	const mod = await import('node-fetch');
+	cachedFetch = mod.default;
+	return cachedFetch;
+}
+
+module.exports = {
+	DEFAULT_BASE_URL,
+	LetmepostError,
+	letmepostRequest,
+};

package/package.json

@@ -0,0 +1,53 @@
+{
+  "name": "node-red-contrib-letmepost",
+  "version": "0.1.0",
+  "description": "Node-RED nodes for letmepost.dev — publish to Bluesky, X/Twitter, LinkedIn, Instagram, Threads, Facebook, Pinterest and TikTok through one API, plus a signed webhook trigger.",
+  "license": "Apache-2.0",
+  "homepage": "https://letmepost.dev",
+  "keywords": [
+    "node-red",
+    "letmepost",
+    "social-media",
+    "publishing",
+    "webhook",
+    "bluesky",
+    "twitter",
+    "linkedin",
+    "instagram",
+    "threads",
+    "pinterest",
+    "tiktok"
+  ],
+  "author": {
+    "name": "letmepost.dev",
+    "email": "kamal@letmepost.dev"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/letmepost/node-red-contrib-letmepost.git"
+  },
+  "bugs": {
+    "url": "https://github.com/letmepost/node-red-contrib-letmepost/issues"
+  },
+  "engines": {
+    "node": ">=18"
+  },
+  "dependencies": {
+    "body-parser": "^1.20.2"
+  },
+  "node-red": {
+    "version": ">=3.0.0",
+    "nodes": {
+      "letmepost-config": "letmepost/letmepost-config.js",
+      "letmepost-publish": "letmepost/letmepost-publish.js",
+      "letmepost-get-post": "letmepost/letmepost-get-post.js",
+      "letmepost-list-accounts": "letmepost/letmepost-list-accounts.js",
+      "letmepost-webhook": "letmepost/letmepost-webhook.js"
+    }
+  },
+  "files": [
+    "letmepost",
+    "README.md",
+    "LICENSE"
+  ]
+}