diff --git a/CHANGELOG.md b/CHANGELOG.md index dfbb42d..8aec149 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,57 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +## [0.4.0] - 2026-06-30 + +### Added +- Stealth-browser detection for botasaurus-class scrapers +- `F4` tripwire rule with honeytoken support — deterministic, zero-false-positive deception + +### Fixed +- Dropped Playwright heuristics that false-positived on real Chrome + +### Documentation +- Documented tripwire deception and the rules engine in the README + +## [0.3.0] - 2026-05-31 + +### Added +- Self-hosted detection engine ported from FCaptcha (Phase 1) +- Captcha service with proof-of-work and token issuance (Phase 2) +- `@webdecoy/client` browser widget (Phase 3) +- Captcha HTTP endpoints and framework adapters (Phase 4) + +### Changed +- Aligned client endpoint paths across the SDK +- Switched to a shields.io dynamic npm version badge +- Bumped CI `checkout`/`setup-node` actions to v5 (Node 24) + +### Documentation +- Captcha docs, client README, and a runnable example + +## [0.2.1] - 2026-05-29 + +### Fixed +- Corrected repository URLs to `WebDecoy/node-sdk` +- Updated CI to Node 20/22 and regenerated the lock file + +### Changed +- Bumped all packages to 0.2.1 +- Added the npm publish workflow +- Removed old planning docs + +## [0.2.0] - 2026-02-08 + +### Added +- Rules engine with rate limiting, request filters, and violation reporting +- Contributing guide, changelog, and CI workflow +- Implementation summary and dashboard integration guide + +### Fixed +- Workspace dependencies for npm compatibility + +## [0.1.0] - 2025-11-26 + ### Added - Initial release of `@webdecoy/node` core SDK - Initial release of `@webdecoy/express` middleware @@ -41,7 +92,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Contributing guidelines - MIT License -## [0.1.0] - 2025-01-XX - -### Added -- Initial beta release +[Unreleased]: https://github.com/WebDecoy/node-sdk/compare/v0.4.0...HEAD +[0.4.0]: https://github.com/WebDecoy/node-sdk/compare/v0.3.0...v0.4.0 +[0.3.0]: https://github.com/WebDecoy/node-sdk/compare/v0.2.1...v0.3.0 +[0.2.1]: https://github.com/WebDecoy/node-sdk/compare/v0.2.0...v0.2.1 +[0.2.0]: https://github.com/WebDecoy/node-sdk/compare/v0.1.0...v0.2.0 +[0.1.0]: https://github.com/WebDecoy/node-sdk/releases/tag/v0.1.0 diff --git a/README.md b/README.md index 1520845..6407cd7 100644 --- a/README.md +++ b/README.md @@ -160,7 +160,7 @@ const webdecoy = new WebDecoy({ apiKey: 'sk_live_xxxxx', // Optional: API endpoint (defaults to production) - apiUrl: 'https://api.webdecoy.com', + apiUrl: 'https://ingest.webdecoy.com', // Optional: Enable TLS fingerprinting (default: true) enableTLSFingerprinting: true, diff --git a/packages/client/package.json b/packages/client/package.json index b37a66d..c85ba48 100644 --- a/packages/client/package.json +++ b/packages/client/package.json @@ -1,6 +1,6 @@ { "name": "@webdecoy/client", - "version": "0.4.0", + "version": "0.4.1", "description": "Web Decoy browser widget - signal collection, proof-of-work, and captcha UI", "main": "./dist/index.js", "module": "./dist/index.mjs", diff --git a/packages/express/README.md b/packages/express/README.md index c9af17b..613333f 100644 --- a/packages/express/README.md +++ b/packages/express/README.md @@ -46,7 +46,7 @@ interface WebDecoyMiddlewareOptions { // Required: Web Decoy API key apiKey: string; - // Optional: API endpoint (default: 'https://api.webdecoy.com') + // Optional: API endpoint (default: 'https://ingest.webdecoy.com') apiUrl?: string; // Optional: Threat score threshold for blocking (default: 80) diff --git a/packages/express/package.json b/packages/express/package.json index 467f770..8615689 100644 --- a/packages/express/package.json +++ b/packages/express/package.json @@ -1,6 +1,6 @@ { "name": "@webdecoy/express", - "version": "0.4.0", + "version": "0.4.1", "description": "Web Decoy middleware for Express.js", "main": "./dist/index.js", "types": "./dist/index.d.ts", @@ -40,7 +40,7 @@ "url": "https://github.com/WebDecoy/node-sdk/issues" }, "dependencies": { - "@webdecoy/node": "^0.4.0" + "@webdecoy/node": "^0.4.1" }, "peerDependencies": { "express": "^4.18.0 || ^5.0.0" diff --git a/packages/fastify/package.json b/packages/fastify/package.json index 53481bd..b1c5cf3 100644 --- a/packages/fastify/package.json +++ b/packages/fastify/package.json @@ -1,6 +1,6 @@ { "name": "@webdecoy/fastify", - "version": "0.4.0", + "version": "0.4.1", "description": "Web Decoy plugin for Fastify", "main": "./dist/index.js", "types": "./dist/index.d.ts", @@ -40,7 +40,7 @@ "url": "https://github.com/WebDecoy/node-sdk/issues" }, "dependencies": { - "@webdecoy/node": "^0.4.0", + "@webdecoy/node": "^0.4.1", "fastify-plugin": "^4.5.1" }, "peerDependencies": { diff --git a/packages/nextjs/package.json b/packages/nextjs/package.json index c122a8b..3fd5a7c 100644 --- a/packages/nextjs/package.json +++ b/packages/nextjs/package.json @@ -1,6 +1,6 @@ { "name": "@webdecoy/nextjs", - "version": "0.4.0", + "version": "0.4.1", "description": "Web Decoy middleware for Next.js", "main": "./dist/index.js", "types": "./dist/index.d.ts", @@ -41,7 +41,7 @@ "url": "https://github.com/WebDecoy/node-sdk/issues" }, "dependencies": { - "@webdecoy/node": "^0.4.0" + "@webdecoy/node": "^0.4.1" }, "peerDependencies": { "next": ">=13.0.0" diff --git a/packages/webdecoy/README.md b/packages/webdecoy/README.md index 37d3eb6..f9d1e70 100644 --- a/packages/webdecoy/README.md +++ b/packages/webdecoy/README.md @@ -45,7 +45,7 @@ const webdecoy = new WebDecoy({ apiKey: 'sk_live_xxxxx', // Optional: API endpoint (defaults to production) - apiUrl: 'https://api.webdecoy.com', + apiUrl: 'https://ingest.webdecoy.com', // Optional: Enable TLS fingerprinting (default: true) enableTLSFingerprinting: true, diff --git a/packages/webdecoy/package.json b/packages/webdecoy/package.json index f1c93fd..26803af 100644 --- a/packages/webdecoy/package.json +++ b/packages/webdecoy/package.json @@ -1,6 +1,6 @@ { "name": "@webdecoy/node", - "version": "0.4.0", + "version": "0.4.1", "description": "Web Decoy SDK for Node.js - Bot detection with TLS fingerprinting", "main": "./dist/index.js", "types": "./dist/index.d.ts", diff --git a/packages/webdecoy/src/sdk.ts b/packages/webdecoy/src/sdk.ts index 294df5c..1c91539 100644 --- a/packages/webdecoy/src/sdk.ts +++ b/packages/webdecoy/src/sdk.ts @@ -42,7 +42,7 @@ export class WebDecoy { // Set defaults this.config = { apiKey: config.apiKey, - apiUrl: config.apiUrl || 'https://api.webdecoy.com', + apiUrl: config.apiUrl || 'https://ingest.webdecoy.com', enableTLSFingerprinting: config.enableTLSFingerprinting ?? true, threatScoreThreshold: config.threatScoreThreshold ?? 80, timeout: config.timeout ?? 5000, diff --git a/packages/webdecoy/src/types.ts b/packages/webdecoy/src/types.ts index c335384..a347dde 100644 --- a/packages/webdecoy/src/types.ts +++ b/packages/webdecoy/src/types.ts @@ -18,7 +18,7 @@ export interface WebDecoyConfig { /** * API URL for the Web Decoy ingest service - * @default 'https://api.webdecoy.com' + * @default 'https://ingest.webdecoy.com' */ apiUrl?: string;