devlog: the “just rename it” update (and a bunch of other stuff)

the name thing

changed name: Updato to name: Updato Action in action.yml. that’s it. that’s the
fix. spent hours filing a support ticket, got a polite “no” from github, and the
solution was adding one word. sometimes software development is humbling.

hot-swap got its own file

ripped the hot-swap logic out of updato.ts and gave it a proper home in
hot-swap.ts. while i was in there i figured i might as well make it actually good.

it now supports images too. png, jpg, gif, svg, webp, ico, bmp, avif. it finds
matching <img>, <source>, and favicon <link> elements by basename and swaps their
src/href to a base64 data uri. so if your update is just a new logo, no reload needed.

also switched the element matching from substring (src*="${file}") to basename
comparison, which is way less fragile. before, a file called app.js could’ve
accidentally matched webapp.js. now it actually compares the filename part properly.

the css swap switched from btoa() to encodeURIComponent() which handles unicode
better. small thing but the kind of thing that would’ve been a weird bug later.

everything returns a typed HotSwapResult now instead of just a boolean. so the caller
knows what got swapped, what type it was, and which file it was for.

manifest validation

added a real validator in Worker/src/manifest.ts. before, the worker was just casting
response.json() as Manifest and hoping for the best with a couple of if-checks. now
there’s a validateManifest() function that checks every field properly and returns
typed errors. each error tells you which field failed and why.

this runs both when fetching fresh manifests from github and when reading cached ones
from kv. if a cached manifest is corrupted it just falls through and re-fetches.

rate limiting

new file: Worker/src/rate-limit.ts. uses cloudflare kv to track requests per ip.
60 requests per 60 second window, which is generous enough for normal usage but should
keep anyone from hammering it. uses CF-Connecting-IP for the real client ip, falls
back to X-Forwarded-For.

returns a proper 429 with a Retry-After header when you hit the limit. the kv entries
auto-expire so they don’t pile up forever.
I half wanted to make the 429 return silly messages, but I gotta be serious apparently sometimes :/

had to add a kv namespace binding in wrangler.toml for this. the worker was fully
stateless before, now it has a little bit of state. felt like a big architectural
decision for what’s basically a counter but whatever, it’s the right call.

kv caching for manifests

while i was adding kv for rate limiting i figured i might as well use it for manifest
caching too. previously every /check request was hitting github’s raw content cdn
directly. now it caches the manifest in kv with a configurable ttl (defaults to 300
seconds). means fewer github api calls and faster responses for repeat checks.

worker got lint + prettier too

copied the eslint + prettier setup from Build into Worker. also added projectService
and tsconfigRootDir to both eslint configs so typescript-eslint can actually find the
tsconfigs. this was one of those “why is eslint yelling at me” rabbit holes.

todo cleanup

checked off rate limiting and manifest validation. removed the already-completed items
that were cluttering the list. it’s getting shorter.