v1

Supported runtimes, public limits, and post-v1 candidates for Otalan v1.

v1 is the first public Otalan version for compatible OTA web asset updates on supported Capacitor and Expo apps.

Supported

  • Capacitor 7 and 8
  • Expo SDK 54, 55, and 56
  • iOS and Android release lanes
  • one active bundle per appId, platform, channel, and runtimeVersion
  • dashboard publishing with artifacts generated by otalan bundle
  • CI publishing with otalan publish
  • rollout percentage, pause, resume, rollback, release history, and install confirmation
  • Capacitor bundles using .otalan/bundle/bundle-<bundle-id>.zip
  • Expo bundles using .otalan/bundle/bundle-<bundle-id>.zip and .otalan/bundle/manifest.json

Limits

  • OTA updates replace compatible web assets only. Native code, native plugins, permissions, entitlements, store metadata, and native binaries still require a store release.
  • ZIP upload: 50 MB maximum compressed size.
  • ZIP contents: 200 MB maximum extracted size.
  • ZIP entries: 2,000 files maximum.
  • Single file: 75 MB maximum extracted size.
  • Paths: 240 characters maximum per archive path.
  • Compression: 30:1 maximum archive ratio and 40:1 maximum single-entry ratio.
  • ZIP format: no ZIP64, multi-disk archives, encrypted entries, symlinks, nested ZIPs, duplicate paths, path traversal, or absolute paths.
  • Expo manifest: 256 KB maximum.
  • Release metadata: app IDs and bundle IDs up to 255 characters, channels and runtime versions up to 128, release notes up to 4,000, file names up to 255, and content types up to 128.
  • Older Expo or Capacitor versions, bare React Native projects, and custom update runtimes are outside the supported v1 scope.

Post-v1 candidates

These items are not part of the v1 public scope. They are the next concrete areas to evaluate after the v1 release path is stable:

  • first-class secure delivery keys: bundle signing keys, public verification certificates, key rotation, and revocation guidance for apps that require signed OTA payload verification
  • team and workspace workflows: members, invitations, roles, and audit-friendly operator history
  • migration tooling with a clear source format: guided import for CodePush-style apps, deployments, channels, and release records; not a promise to re-ingest every historical bundle format
  • release automation and observability: webhooks, CI status callbacks, rollout health metrics, per-release check/download/install/failure counters, and exportable release events