diff --git a/.changeset/admin-endpoints-in-maintenance-mode.md b/.changeset/admin-endpoints-in-maintenance-mode.md deleted file mode 100644 index 841c23ba64..0000000000 --- a/.changeset/admin-endpoints-in-maintenance-mode.md +++ /dev/null @@ -1,8 +0,0 @@ ---- -"@prosopo/env": patch -"@prosopo/provider": patch ---- - -Keep the provider admin endpoints working while `MAINTENANCE_MODE` is on. Previously the admin/access-rule router was skipped entirely at boot in maintenance mode — `Environment.isReady()` never connected the DB, so `env.getDb()` threw and the DB-backed `Tasks` couldn't be constructed — which meant adding/removing site keys (access rules), detector keys and decision machines all 404'd on a node in maintenance mode. - -Now, in maintenance mode `Environment.isReady()` creates the `ProviderDatabase` handle and connects in the **background** (without awaiting), so a slow or unavailable Mongo/Redis socket still can't gate boot, but `env.getDb()` returns a usable handle and the admin endpoints register and function. The captcha request path is unchanged — it still short-circuits to a maintenance "pass" before touching the DB. `blockMiddleware` now has an explicit maintenance-mode skip (it previously relied on `env.getDb()` throwing to no-op) so the blocklist/Redis lookup stays off the captcha hot path. diff --git a/.changeset/frictionless-iframe-url.md b/.changeset/frictionless-iframe-url.md deleted file mode 100644 index 0d3e63800d..0000000000 --- a/.changeset/frictionless-iframe-url.md +++ /dev/null @@ -1,21 +0,0 @@ ---- -"@prosopo/procaptcha-frictionless": patch -"@prosopo/provider": patch -"@prosopo/api": patch -"@prosopo/types": patch -"@prosopo/types-database": patch -"@prosopo/util": patch ---- - -Record both the top-frame URL and the widget's own iframe URL on frictionless sessions. - -Previously the client only sent one field (`currentUrl`), which for embedded widgets resolved to the top-frame URL — so we lost visibility into which iframe endpoint the session was actually loaded through. Now the client sends both: - -- `currentUrl`: the top-frame URL (same resolution rules as before — same-origin iframes read `window.top.location.href` directly; cross-origin iframes fall back to `document.referrer`). -- `iframeUrl`: the widget's own frame URL when embedded. Undefined when the widget IS the top frame (nothing to distinguish). - -Both fields are sanitised client- and server-side (origin + path only; query string, fragment and any embedded credentials stripped). The provider persists both on the `Session` record and re-uses them on post-PoW escalation sessions. Only `currentUrl` is gated in the frictionless decision machine (unchanged — missing `currentUrl` still forces an image captcha); `iframeUrl` is recorded for analytics. - -Both fields are also surfaced to the decision machines as raw signals: `RoutingMachineRawSignals` gains an optional `iframeUrl` populated from the freshly decrypted frictionless payload on the `route` phase, from the persisted Session record on the `postPow` phase, and from the cached Session in the dedup replay path — matching how `currentUrl` is already threaded through. - -Additionally, sessions carry a new computed boolean `isProtect`, set at session-creation time when the widget iframe was served from `protect.` and embedded in a page on the same tenant (subdomain-of matching, dot-boundary safe — see `isProtectDeployment` in `@prosopo/util`). Persisted only when true (same pattern as `isEscalation`) and backed by a sparse `{isProtect, createdAt}` index so analytics can cheaply retrieve Protect sessions without re-parsing URLs. Post-PoW escalation sessions inherit the flag from the origin session. diff --git a/demos/client-bundle-example/package.json b/demos/client-bundle-example/package.json index 5aac8b7c9e..ee4acf3772 100644 --- a/demos/client-bundle-example/package.json +++ b/demos/client-bundle-example/package.json @@ -28,9 +28,9 @@ "devDependencies": { "@emotion/cache": "11.11.0", "@prosopo/config": "3.3.4", - "@prosopo/dotenv": "3.0.47", + "@prosopo/dotenv": "3.0.48", "@prosopo/locale": "3.2.6", - "@prosopo/types": "4.9.7", + "@prosopo/types": "4.9.8", "@types/node": "22.5.5", "@vitest/coverage-v8": "3.2.4", "concurrently": "9.0.1", diff --git a/demos/client-example-server/CHANGELOG.md b/demos/client-example-server/CHANGELOG.md index 281dc63098..06970e287f 100644 --- a/demos/client-example-server/CHANGELOG.md +++ b/demos/client-example-server/CHANGELOG.md @@ -1,5 +1,18 @@ # @prosopo/client-example-server +## 2.7.113 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/server@2.10.34 + - @prosopo/common@3.1.44 + - @prosopo/database@3.15.11 + - @prosopo/keyring@2.9.55 + - @prosopo/logger@2.0.2 + - @prosopo/dotenv@3.0.48 + ## 2.7.112 ### Patch Changes diff --git a/demos/client-example-server/package.json b/demos/client-example-server/package.json index 72f88d40d1..1e79e7edb3 100644 --- a/demos/client-example-server/package.json +++ b/demos/client-example-server/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/client-example-server", - "version": "2.7.112", + "version": "2.7.113", "description": "Backend for client-example", "main": "dist/app.js", "types": "dist/app.d.ts", @@ -42,14 +42,14 @@ "@noble/hashes": "1.8.0", "@polkadot/util": "13.5.7", "@polkadot/util-crypto": "13.5.7", - "@prosopo/common": "3.1.43", - "@prosopo/database": "3.15.10", - "@prosopo/logger": "2.0.1", - "@prosopo/dotenv": "3.0.47", - "@prosopo/keyring": "2.9.54", - "@prosopo/server": "2.10.33", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/database": "3.15.11", + "@prosopo/logger": "2.0.2", + "@prosopo/dotenv": "3.0.48", + "@prosopo/keyring": "2.9.55", + "@prosopo/server": "2.10.34", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@typegoose/auto-increment": "4.13.0", "cors": "2.8.5", "express": "4.21.2", diff --git a/demos/cypress-shared/CHANGELOG.md b/demos/cypress-shared/CHANGELOG.md index 8245881dc7..c1b4ea2ea9 100644 --- a/demos/cypress-shared/CHANGELOG.md +++ b/demos/cypress-shared/CHANGELOG.md @@ -1,5 +1,12 @@ # @prosopo/cypress-shared +## 2.8.102 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + ## 2.8.101 ### Patch Changes diff --git a/demos/cypress-shared/package.json b/demos/cypress-shared/package.json index 0a77d9972f..b5bc3dd6f8 100644 --- a/demos/cypress-shared/package.json +++ b/demos/cypress-shared/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/cypress-shared", - "version": "2.8.101", + "version": "2.8.102", "private": true, "type": "module", "main": "dist/index.js", @@ -17,18 +17,18 @@ "npm": "^11" }, "dependencies": { - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3" + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4" }, "devDependencies": { "@cypress/xpath": "2.0.3", "@polkadot/util": "13.5.7", - "@prosopo/common": "3.1.43", + "@prosopo/common": "3.1.44", "@prosopo/config": "3.3.4", - "@prosopo/datasets": "3.1.48", - "@prosopo/dotenv": "3.0.47", - "@prosopo/keyring": "2.9.54", - "@prosopo/types-database": "4.11.9", + "@prosopo/datasets": "3.1.49", + "@prosopo/dotenv": "3.0.48", + "@prosopo/keyring": "2.9.55", + "@prosopo/types-database": "4.11.10", "@types/node": "22.5.5", "@vitest/coverage-v8": "3.2.4", "concurrently": "9.0.1", diff --git a/demos/provider-mock/CHANGELOG.md b/demos/provider-mock/CHANGELOG.md index fa0445232b..aae64ac966 100644 --- a/demos/provider-mock/CHANGELOG.md +++ b/demos/provider-mock/CHANGELOG.md @@ -1,5 +1,19 @@ # @prosopo/provider-mock +## 2.8.124 +### Patch Changes + +- Updated dependencies [550d20a] +- Updated dependencies [85e8857] + - @prosopo/provider@4.15.2 + - @prosopo/types@4.9.8 + - @prosopo/types-database@4.11.10 + - @prosopo/api-express-router@3.1.42 + - @prosopo/common@3.1.44 + - @prosopo/database@3.15.11 + - @prosopo/logger@2.0.2 + - @prosopo/dotenv@3.0.48 + ## 2.8.123 ### Patch Changes diff --git a/demos/provider-mock/package.json b/demos/provider-mock/package.json index 37cbeae5a7..4cf92a68cc 100644 --- a/demos/provider-mock/package.json +++ b/demos/provider-mock/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/provider-mock", - "version": "2.8.123", + "version": "2.8.124", "author": "PROSOPO LIMITED ", "license": "Apache-2.0", "type": "module", @@ -26,15 +26,15 @@ "bundle": "NODE_ENV=${NODE_ENV:-development}; vite build --config vite.config.ts --mode $NODE_ENV" }, "dependencies": { - "@prosopo/api-express-router": "3.1.41", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/database": "3.15.10", - "@prosopo/dotenv": "3.0.47", + "@prosopo/api-express-router": "3.1.42", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/database": "3.15.11", + "@prosopo/dotenv": "3.0.48", "@prosopo/locale": "3.2.6", - "@prosopo/provider": "4.15.1", - "@prosopo/types": "4.9.7", - "@prosopo/types-database": "4.11.9", + "@prosopo/provider": "4.15.2", + "@prosopo/types": "4.9.8", + "@prosopo/types-database": "4.11.10", "cors": "2.8.5", "express": "4.21.2", "mongoose": "8.13.0" diff --git a/dev/flux/CHANGELOG.md b/dev/flux/CHANGELOG.md index 0391a414b7..2324117216 100644 --- a/dev/flux/CHANGELOG.md +++ b/dev/flux/CHANGELOG.md @@ -1,5 +1,14 @@ # @prosopo/flux +## 2.6.61 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/util@3.3.4 + - @prosopo/common@3.1.44 + - @prosopo/logger@2.0.2 + - @prosopo/dotenv@3.0.48 + ## 2.6.60 ### Patch Changes diff --git a/dev/flux/package.json b/dev/flux/package.json index 6572f0e553..63700f0aa1 100644 --- a/dev/flux/package.json +++ b/dev/flux/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/flux", - "version": "2.6.60", + "version": "2.6.61", "description": "Tools for managing Flux deployment", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -33,10 +33,10 @@ "@noble/curves": "1.9.2", "@polkadot/util": "13.5.7", "@polkadot/util-crypto": "13.5.7", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/dotenv": "3.0.47", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/dotenv": "3.0.48", + "@prosopo/util": "3.3.4", "openpgp": "5.11.3", "qs": "6.15.2", "socket.io-client": "4.7.5", diff --git a/dev/lint/CHANGELOG.md b/dev/lint/CHANGELOG.md index d8c5476ff8..2acb816f58 100644 --- a/dev/lint/CHANGELOG.md +++ b/dev/lint/CHANGELOG.md @@ -1,5 +1,11 @@ # @prosopo/lint +## 2.8.38 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/util@3.3.4 + ## 2.8.37 ### Patch Changes diff --git a/dev/lint/package.json b/dev/lint/package.json index 9045b3346d..192d31606a 100644 --- a/dev/lint/package.json +++ b/dev/lint/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/lint", - "version": "2.8.37", + "version": "2.8.38", "description": "", "private": true, "type": "module", @@ -43,7 +43,7 @@ "npm": "^11" }, "dependencies": { - "@prosopo/util": "3.3.3", + "@prosopo/util": "3.3.4", "@prosopo/workspace": "3.1.20", "fast-glob": "3.3.2", "yargs": "17.7.2", diff --git a/dev/scripts/CHANGELOG.md b/dev/scripts/CHANGELOG.md index 98b28c7c21..58d527ef4b 100644 --- a/dev/scripts/CHANGELOG.md +++ b/dev/scripts/CHANGELOG.md @@ -1,5 +1,22 @@ # @prosopo/scripts +## 3.1.124 +### Patch Changes + +- Updated dependencies [550d20a] +- Updated dependencies [85e8857] + - @prosopo/env@3.6.11 + - @prosopo/provider@4.15.2 + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/cli@3.6.60 + - @prosopo/common@3.1.44 + - @prosopo/datasets@3.1.49 + - @prosopo/keyring@2.9.55 + - @prosopo/types-env@2.10.10 + - @prosopo/logger@2.0.2 + - @prosopo/dotenv@3.0.48 + ## 3.1.123 ### Patch Changes diff --git a/dev/scripts/package.json b/dev/scripts/package.json index 4af2e15035..ab65850269 100644 --- a/dev/scripts/package.json +++ b/dev/scripts/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/scripts", - "version": "3.1.123", + "version": "3.1.124", "description": "Dev scripts for working with prosopo packages", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -31,18 +31,18 @@ "@iarna/toml": "2.2.5", "@polkadot/util": "13.5.7", "@polkadot/util-crypto": "13.5.7", - "@prosopo/cli": "3.6.59", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/datasets": "3.1.48", - "@prosopo/dotenv": "3.0.47", - "@prosopo/env": "3.6.10", - "@prosopo/keyring": "2.9.54", + "@prosopo/cli": "3.6.60", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/datasets": "3.1.49", + "@prosopo/dotenv": "3.0.48", + "@prosopo/env": "3.6.11", + "@prosopo/keyring": "2.9.55", "@prosopo/locale": "3.2.6", - "@prosopo/provider": "4.15.1", - "@prosopo/types": "4.9.7", - "@prosopo/types-env": "2.10.9", - "@prosopo/util": "3.3.3", + "@prosopo/provider": "4.15.2", + "@prosopo/types": "4.9.8", + "@prosopo/types-env": "2.10.10", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "@prosopo/workspace": "3.1.20", "dotenv": "16.4.5", diff --git a/docker/images/provider/package.json b/docker/images/provider/package.json index 7f4a0b220e..e490bca116 100644 --- a/docker/images/provider/package.json +++ b/docker/images/provider/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/provider-docker", - "version": "3.6.59", + "version": "3.6.60", "engines": { "node": "^24", "npm": "^11" diff --git a/integration/frameworks/angular/angular-procaptcha-integration-demo/CHANGELOG.md b/integration/frameworks/angular/angular-procaptcha-integration-demo/CHANGELOG.md index f49baebbbd..2f74cb7049 100644 --- a/integration/frameworks/angular/angular-procaptcha-integration-demo/CHANGELOG.md +++ b/integration/frameworks/angular/angular-procaptcha-integration-demo/CHANGELOG.md @@ -1,5 +1,10 @@ # @prosopo/angular-procaptcha-integration-demo +## 1.1.98 +### Patch Changes + + - @prosopo/angular-procaptcha-wrapper@1.1.98 + ## 1.1.97 ### Patch Changes diff --git a/integration/frameworks/angular/angular-procaptcha-integration-demo/package.json b/integration/frameworks/angular/angular-procaptcha-integration-demo/package.json index 5bd0e6dd48..f5f7b6a093 100644 --- a/integration/frameworks/angular/angular-procaptcha-integration-demo/package.json +++ b/integration/frameworks/angular/angular-procaptcha-integration-demo/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/angular-procaptcha-integration-demo", - "version": "1.1.97", + "version": "1.1.98", "engines": { "node": "^24", "npm": "^11" @@ -19,7 +19,7 @@ "@angular/core": "20.3.25", "@angular/platform-browser": "20.3.25", "@angular/router": "20.3.25", - "@prosopo/angular-procaptcha-wrapper": "1.1.97" + "@prosopo/angular-procaptcha-wrapper": "1.1.98" }, "main": "dist/index.js", "types": "dist/index.d.ts", diff --git a/integration/frameworks/angular/angular-procaptcha-wrapper/CHANGELOG.md b/integration/frameworks/angular/angular-procaptcha-wrapper/CHANGELOG.md index bda144ceee..75a206d1f0 100644 --- a/integration/frameworks/angular/angular-procaptcha-wrapper/CHANGELOG.md +++ b/integration/frameworks/angular/angular-procaptcha-wrapper/CHANGELOG.md @@ -1,5 +1,10 @@ # @prosopo/angular-procaptcha-wrapper +## 1.1.98 +### Patch Changes + + - @prosopo/procaptcha-wrapper@2.6.99 + ## 1.1.97 ### Patch Changes diff --git a/integration/frameworks/angular/angular-procaptcha-wrapper/package.json b/integration/frameworks/angular/angular-procaptcha-wrapper/package.json index 0e1862cebb..a694e4e676 100644 --- a/integration/frameworks/angular/angular-procaptcha-wrapper/package.json +++ b/integration/frameworks/angular/angular-procaptcha-wrapper/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/angular-procaptcha-wrapper", - "version": "1.1.97", + "version": "1.1.98", "type": "module", "engines": { "node": "^24", @@ -15,7 +15,7 @@ "dev": "npm run build -- --watch" }, "dependencies": { - "@prosopo/procaptcha-wrapper": "2.6.98" + "@prosopo/procaptcha-wrapper": "2.6.99" }, "peerDependencies": { "@angular/core": "20.3.25" diff --git a/integration/frameworks/react/react-procaptcha-integration-demo/CHANGELOG.md b/integration/frameworks/react/react-procaptcha-integration-demo/CHANGELOG.md index d8373447ea..8b6621df1b 100644 --- a/integration/frameworks/react/react-procaptcha-integration-demo/CHANGELOG.md +++ b/integration/frameworks/react/react-procaptcha-integration-demo/CHANGELOG.md @@ -1,5 +1,10 @@ # @prosopo/react-procaptcha-integration-demo +## 1.1.97 +### Patch Changes + + - @prosopo/react-procaptcha-wrapper@1.1.97 + ## 1.1.96 ### Patch Changes diff --git a/integration/frameworks/react/react-procaptcha-integration-demo/package.json b/integration/frameworks/react/react-procaptcha-integration-demo/package.json index ff1e986a0e..b6dceea15c 100644 --- a/integration/frameworks/react/react-procaptcha-integration-demo/package.json +++ b/integration/frameworks/react/react-procaptcha-integration-demo/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/react-procaptcha-integration-demo", - "version": "1.1.96", + "version": "1.1.97", "type": "module", "engines": { "node": "^24", @@ -25,7 +25,7 @@ "clean": "del-cli --verbose dist tsconfig.tsbuildinfo" }, "dependencies": { - "@prosopo/react-procaptcha-wrapper": "1.1.96", + "@prosopo/react-procaptcha-wrapper": "1.1.97", "react": "18.3.1", "react-dom": "18.3.1" }, diff --git a/integration/frameworks/react/react-procaptcha-wrapper/CHANGELOG.md b/integration/frameworks/react/react-procaptcha-wrapper/CHANGELOG.md index 04c4abe9b0..9de4f61551 100644 --- a/integration/frameworks/react/react-procaptcha-wrapper/CHANGELOG.md +++ b/integration/frameworks/react/react-procaptcha-wrapper/CHANGELOG.md @@ -1,5 +1,10 @@ # @prosopo/react-procaptcha-wrapper +## 1.1.97 +### Patch Changes + + - @prosopo/procaptcha-wrapper@2.6.99 + ## 1.1.96 ### Patch Changes diff --git a/integration/frameworks/react/react-procaptcha-wrapper/package.json b/integration/frameworks/react/react-procaptcha-wrapper/package.json index ff0bdf4581..4f8b2afb8c 100644 --- a/integration/frameworks/react/react-procaptcha-wrapper/package.json +++ b/integration/frameworks/react/react-procaptcha-wrapper/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/react-procaptcha-wrapper", - "version": "1.1.96", + "version": "1.1.97", "type": "module", "engines": { "node": "^24", @@ -24,7 +24,7 @@ "clean": "del-cli --verbose dist tsconfig.tsbuildinfo" }, "dependencies": { - "@prosopo/procaptcha-wrapper": "2.6.98" + "@prosopo/procaptcha-wrapper": "2.6.99" }, "peerDependencies": { "react": "^18.0.0 || ^19.0.0" diff --git a/integration/frameworks/svelte/svelte-procaptcha-integration-demo/CHANGELOG.md b/integration/frameworks/svelte/svelte-procaptcha-integration-demo/CHANGELOG.md index 03af510358..61830b4796 100644 --- a/integration/frameworks/svelte/svelte-procaptcha-integration-demo/CHANGELOG.md +++ b/integration/frameworks/svelte/svelte-procaptcha-integration-demo/CHANGELOG.md @@ -1,5 +1,10 @@ # @prosopo/svelte-procaptcha-integration-demo +## 1.1.97 +### Patch Changes + + - @prosopo/svelte-procaptcha-wrapper@1.1.97 + ## 1.1.96 ### Patch Changes diff --git a/integration/frameworks/svelte/svelte-procaptcha-integration-demo/package.json b/integration/frameworks/svelte/svelte-procaptcha-integration-demo/package.json index b6c74d7f8c..d61e378a12 100644 --- a/integration/frameworks/svelte/svelte-procaptcha-integration-demo/package.json +++ b/integration/frameworks/svelte/svelte-procaptcha-integration-demo/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/svelte-procaptcha-integration-demo", - "version": "1.1.96", + "version": "1.1.97", "type": "module", "engines": { "node": "^24", @@ -25,7 +25,7 @@ "clean": "del-cli --verbose dist tsconfig.tsbuildinfo" }, "dependencies": { - "@prosopo/svelte-procaptcha-wrapper": "1.1.96", + "@prosopo/svelte-procaptcha-wrapper": "1.1.97", "svelte": "5.55.7" }, "devDependencies": { diff --git a/integration/frameworks/svelte/svelte-procaptcha-wrapper/CHANGELOG.md b/integration/frameworks/svelte/svelte-procaptcha-wrapper/CHANGELOG.md index f5e55c5ad1..71cda377bb 100644 --- a/integration/frameworks/svelte/svelte-procaptcha-wrapper/CHANGELOG.md +++ b/integration/frameworks/svelte/svelte-procaptcha-wrapper/CHANGELOG.md @@ -1,5 +1,10 @@ # @prosopo/svelte-procaptcha-wrapper +## 1.1.97 +### Patch Changes + + - @prosopo/procaptcha-wrapper@2.6.99 + ## 1.1.96 ### Patch Changes diff --git a/integration/frameworks/svelte/svelte-procaptcha-wrapper/package.json b/integration/frameworks/svelte/svelte-procaptcha-wrapper/package.json index 0f4ec2b9c2..0f0e7585f8 100644 --- a/integration/frameworks/svelte/svelte-procaptcha-wrapper/package.json +++ b/integration/frameworks/svelte/svelte-procaptcha-wrapper/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/svelte-procaptcha-wrapper", - "version": "1.1.96", + "version": "1.1.97", "type": "module", "engines": { "node": "^24", @@ -23,7 +23,7 @@ "dev": "npm run svpkg -- -w" }, "dependencies": { - "@prosopo/procaptcha-wrapper": "2.6.98" + "@prosopo/procaptcha-wrapper": "2.6.99" }, "peerDependencies": { "svelte": "^5.0.0" diff --git a/integration/frameworks/vue/vue-procaptcha-integration-demo/CHANGELOG.md b/integration/frameworks/vue/vue-procaptcha-integration-demo/CHANGELOG.md index c50877e611..9b426e7b42 100644 --- a/integration/frameworks/vue/vue-procaptcha-integration-demo/CHANGELOG.md +++ b/integration/frameworks/vue/vue-procaptcha-integration-demo/CHANGELOG.md @@ -1,5 +1,10 @@ # @prosopo/vue-procaptcha-integration-demo +## 1.1.97 +### Patch Changes + + - @prosopo/vue-procaptcha-wrapper@1.1.97 + ## 1.1.96 ### Patch Changes diff --git a/integration/frameworks/vue/vue-procaptcha-integration-demo/package.json b/integration/frameworks/vue/vue-procaptcha-integration-demo/package.json index 9f33782a6d..231152892a 100644 --- a/integration/frameworks/vue/vue-procaptcha-integration-demo/package.json +++ b/integration/frameworks/vue/vue-procaptcha-integration-demo/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/vue-procaptcha-integration-demo", - "version": "1.1.96", + "version": "1.1.97", "type": "module", "engines": { "node": "^24", @@ -25,7 +25,7 @@ "dev": "NODE_ENV=${NODE_ENV:-development}; vite dev --port=9331 --mode=$NODE_ENV" }, "dependencies": { - "@prosopo/vue-procaptcha-wrapper": "1.1.96", + "@prosopo/vue-procaptcha-wrapper": "1.1.97", "vue": "3.5.13" }, "devDependencies": { diff --git a/integration/frameworks/vue/vue-procaptcha-wrapper/CHANGELOG.md b/integration/frameworks/vue/vue-procaptcha-wrapper/CHANGELOG.md index 681433de8f..b1c2795f2d 100644 --- a/integration/frameworks/vue/vue-procaptcha-wrapper/CHANGELOG.md +++ b/integration/frameworks/vue/vue-procaptcha-wrapper/CHANGELOG.md @@ -1,5 +1,10 @@ # @prosopo/vue-procaptcha-wrapper +## 1.1.97 +### Patch Changes + + - @prosopo/procaptcha-wrapper@2.6.99 + ## 1.1.96 ### Patch Changes diff --git a/integration/frameworks/vue/vue-procaptcha-wrapper/package.json b/integration/frameworks/vue/vue-procaptcha-wrapper/package.json index 4e80115abc..e46ebf5c4e 100644 --- a/integration/frameworks/vue/vue-procaptcha-wrapper/package.json +++ b/integration/frameworks/vue/vue-procaptcha-wrapper/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/vue-procaptcha-wrapper", - "version": "1.1.96", + "version": "1.1.97", "type": "module", "engines": { "node": "^24", @@ -24,7 +24,7 @@ "clean": "del-cli --verbose dist tsconfig.tsbuildinfo" }, "dependencies": { - "@prosopo/procaptcha-wrapper": "2.6.98", + "@prosopo/procaptcha-wrapper": "2.6.99", "vue": "3.5.13" }, "devDependencies": { diff --git a/package-lock.json b/package-lock.json index 3f47165c35..07c442c3d2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@prosopo/captcha", - "version": "3.6.58", + "version": "3.6.59", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@prosopo/captcha", - "version": "3.6.58", + "version": "3.6.59", "license": "Apache-2.0", "workspaces": [ "dev/*", @@ -41,9 +41,9 @@ "devDependencies": { "@emotion/cache": "11.11.0", "@prosopo/config": "3.3.4", - "@prosopo/dotenv": "3.0.47", + "@prosopo/dotenv": "3.0.48", "@prosopo/locale": "3.2.6", - "@prosopo/types": "4.9.7", + "@prosopo/types": "4.9.8", "@types/node": "22.5.5", "@vitest/coverage-v8": "3.2.4", "concurrently": "9.0.1", @@ -64,20 +64,20 @@ }, "demos/client-example-server": { "name": "@prosopo/client-example-server", - "version": "2.7.112", + "version": "2.7.113", "license": "Apache-2.0", "dependencies": { "@noble/hashes": "1.8.0", "@polkadot/util": "13.5.7", "@polkadot/util-crypto": "13.5.7", - "@prosopo/common": "3.1.43", - "@prosopo/database": "3.15.10", - "@prosopo/dotenv": "3.0.47", - "@prosopo/keyring": "2.9.54", - "@prosopo/logger": "2.0.1", - "@prosopo/server": "2.10.33", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/database": "3.15.11", + "@prosopo/dotenv": "3.0.48", + "@prosopo/keyring": "2.9.55", + "@prosopo/logger": "2.0.2", + "@prosopo/server": "2.10.34", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@typegoose/auto-increment": "4.13.0", "cors": "2.8.5", "express": "4.21.2", @@ -117,20 +117,20 @@ }, "demos/cypress-shared": { "name": "@prosopo/cypress-shared", - "version": "2.8.101", + "version": "2.8.102", "dependencies": { - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3" + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4" }, "devDependencies": { "@cypress/xpath": "2.0.3", "@polkadot/util": "13.5.7", - "@prosopo/common": "3.1.43", + "@prosopo/common": "3.1.44", "@prosopo/config": "3.3.4", - "@prosopo/datasets": "3.1.48", - "@prosopo/dotenv": "3.0.47", - "@prosopo/keyring": "2.9.54", - "@prosopo/types-database": "4.11.9", + "@prosopo/datasets": "3.1.49", + "@prosopo/dotenv": "3.0.48", + "@prosopo/keyring": "2.9.55", + "@prosopo/types-database": "4.11.10", "@types/node": "22.5.5", "@vitest/coverage-v8": "3.2.4", "concurrently": "9.0.1", @@ -153,18 +153,18 @@ }, "demos/provider-mock": { "name": "@prosopo/provider-mock", - "version": "2.8.123", + "version": "2.8.124", "license": "Apache-2.0", "dependencies": { - "@prosopo/api-express-router": "3.1.41", - "@prosopo/common": "3.1.43", - "@prosopo/database": "3.15.10", - "@prosopo/dotenv": "3.0.47", + "@prosopo/api-express-router": "3.1.42", + "@prosopo/common": "3.1.44", + "@prosopo/database": "3.15.11", + "@prosopo/dotenv": "3.0.48", "@prosopo/locale": "3.2.6", - "@prosopo/logger": "2.0.1", - "@prosopo/provider": "4.15.1", - "@prosopo/types": "4.9.7", - "@prosopo/types-database": "4.11.9", + "@prosopo/logger": "2.0.2", + "@prosopo/provider": "4.15.2", + "@prosopo/types": "4.9.8", + "@prosopo/types-database": "4.11.10", "cors": "2.8.5", "express": "4.21.2", "mongoose": "8.13.0" @@ -1628,16 +1628,16 @@ }, "dev/flux": { "name": "@prosopo/flux", - "version": "2.6.60", + "version": "2.6.61", "license": "Apache-2.0", "dependencies": { "@noble/curves": "1.9.2", "@polkadot/util": "13.5.7", "@polkadot/util-crypto": "13.5.7", - "@prosopo/common": "3.1.43", - "@prosopo/dotenv": "3.0.47", - "@prosopo/logger": "2.0.1", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/dotenv": "3.0.48", + "@prosopo/logger": "2.0.2", + "@prosopo/util": "3.3.4", "openpgp": "5.11.3", "qs": "6.15.2", "socket.io-client": "4.7.5", @@ -1729,10 +1729,10 @@ }, "dev/lint": { "name": "@prosopo/lint", - "version": "2.8.37", + "version": "2.8.38", "license": "ISC", "dependencies": { - "@prosopo/util": "3.3.3", + "@prosopo/util": "3.3.4", "@prosopo/workspace": "3.1.20", "fast-glob": "3.3.2", "yargs": "17.7.2", @@ -1794,24 +1794,24 @@ }, "dev/scripts": { "name": "@prosopo/scripts", - "version": "3.1.123", + "version": "3.1.124", "license": "Apache-2.0", "dependencies": { "@iarna/toml": "2.2.5", "@polkadot/util": "13.5.7", "@polkadot/util-crypto": "13.5.7", - "@prosopo/cli": "3.6.59", - "@prosopo/common": "3.1.43", - "@prosopo/datasets": "3.1.48", - "@prosopo/dotenv": "3.0.47", - "@prosopo/env": "3.6.10", - "@prosopo/keyring": "2.9.54", + "@prosopo/cli": "3.6.60", + "@prosopo/common": "3.1.44", + "@prosopo/datasets": "3.1.49", + "@prosopo/dotenv": "3.0.48", + "@prosopo/env": "3.6.11", + "@prosopo/keyring": "2.9.55", "@prosopo/locale": "3.2.6", - "@prosopo/logger": "2.0.1", - "@prosopo/provider": "4.15.1", - "@prosopo/types": "4.9.7", - "@prosopo/types-env": "2.10.9", - "@prosopo/util": "3.3.3", + "@prosopo/logger": "2.0.2", + "@prosopo/provider": "4.15.2", + "@prosopo/types": "4.9.8", + "@prosopo/types-env": "2.10.10", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "@prosopo/workspace": "3.1.20", "dotenv": "16.4.5", @@ -2431,13 +2431,13 @@ }, "integration/frameworks/angular/angular-procaptcha-integration-demo": { "name": "@prosopo/angular-procaptcha-integration-demo", - "version": "1.1.97", + "version": "1.1.98", "dependencies": { "@angular/common": "20.3.25", "@angular/core": "20.3.25", "@angular/platform-browser": "20.3.25", "@angular/router": "20.3.25", - "@prosopo/angular-procaptcha-wrapper": "1.1.97" + "@prosopo/angular-procaptcha-wrapper": "1.1.98" }, "devDependencies": { "@angular-builders/custom-webpack": "20.0.0", @@ -4414,10 +4414,10 @@ }, "integration/frameworks/angular/angular-procaptcha-wrapper": { "name": "@prosopo/angular-procaptcha-wrapper", - "version": "1.1.97", + "version": "1.1.98", "license": "Apache-2.0", "dependencies": { - "@prosopo/procaptcha-wrapper": "2.6.98" + "@prosopo/procaptcha-wrapper": "2.6.99" }, "devDependencies": { "@angular/compiler-cli": "20.3.25", @@ -4610,10 +4610,10 @@ }, "integration/frameworks/react/react-procaptcha-integration-demo": { "name": "@prosopo/react-procaptcha-integration-demo", - "version": "1.1.96", + "version": "1.1.97", "license": "Apache-2.0", "dependencies": { - "@prosopo/react-procaptcha-wrapper": "1.1.96", + "@prosopo/react-procaptcha-wrapper": "1.1.97", "react": "18.3.1", "react-dom": "18.3.1" }, @@ -4641,10 +4641,10 @@ }, "integration/frameworks/react/react-procaptcha-wrapper": { "name": "@prosopo/react-procaptcha-wrapper", - "version": "1.1.96", + "version": "1.1.97", "license": "Apache-2.0", "dependencies": { - "@prosopo/procaptcha-wrapper": "2.6.98" + "@prosopo/procaptcha-wrapper": "2.6.99" }, "devDependencies": { "@prosopo/config": "3.3.4", @@ -4673,10 +4673,10 @@ }, "integration/frameworks/svelte/svelte-procaptcha-integration-demo": { "name": "@prosopo/svelte-procaptcha-integration-demo", - "version": "1.1.96", + "version": "1.1.97", "license": "Apache-2.0", "dependencies": { - "@prosopo/svelte-procaptcha-wrapper": "1.1.96", + "@prosopo/svelte-procaptcha-wrapper": "1.1.97", "svelte": "5.55.7" }, "devDependencies": { @@ -4704,10 +4704,10 @@ }, "integration/frameworks/svelte/svelte-procaptcha-wrapper": { "name": "@prosopo/svelte-procaptcha-wrapper", - "version": "1.1.96", + "version": "1.1.97", "license": "Apache-2.0", "dependencies": { - "@prosopo/procaptcha-wrapper": "2.6.98" + "@prosopo/procaptcha-wrapper": "2.6.99" }, "devDependencies": { "@prosopo/config": "3.3.4", @@ -4736,10 +4736,10 @@ }, "integration/frameworks/vue/vue-procaptcha-integration-demo": { "name": "@prosopo/vue-procaptcha-integration-demo", - "version": "1.1.96", + "version": "1.1.97", "license": "Apache-2.0", "dependencies": { - "@prosopo/vue-procaptcha-wrapper": "1.1.96", + "@prosopo/vue-procaptcha-wrapper": "1.1.97", "vue": "3.5.13" }, "devDependencies": { @@ -4767,10 +4767,10 @@ }, "integration/frameworks/vue/vue-procaptcha-wrapper": { "name": "@prosopo/vue-procaptcha-wrapper", - "version": "1.1.96", + "version": "1.1.97", "license": "Apache-2.0", "dependencies": { - "@prosopo/procaptcha-wrapper": "2.6.98", + "@prosopo/procaptcha-wrapper": "2.6.99", "vue": "3.5.13" }, "devDependencies": { @@ -38821,7 +38821,7 @@ }, "packages/account": { "name": "@prosopo/account", - "version": "2.8.55", + "version": "2.8.56", "license": "Apache-2.0", "dependencies": { "@polkadot/extension-base": "0.62.3", @@ -38829,11 +38829,11 @@ "@polkadot/extension-inject": "0.62.3", "@polkadot/util": "13.5.7", "@polkadot/util-crypto": "13.5.7", - "@prosopo/common": "3.1.43", - "@prosopo/fingerprint": "2.7.13", - "@prosopo/keyring": "2.9.54", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/fingerprint": "2.7.14", + "@prosopo/keyring": "2.9.55", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30" }, "devDependencies": { @@ -38866,10 +38866,10 @@ }, "packages/api": { "name": "@prosopo/api", - "version": "3.5.14", + "version": "3.5.15", "license": "Apache-2.0", "dependencies": { - "@prosopo/types": "4.9.7" + "@prosopo/types": "4.9.8" }, "devDependencies": { "@prosopo/config": "3.3.4", @@ -38891,17 +38891,17 @@ }, "packages/api-express-router": { "name": "@prosopo/api-express-router", - "version": "3.1.41", + "version": "3.1.42", "license": "Apache-2.0", "dependencies": { "@polkadot/util": "13.5.7", - "@prosopo/api-route": "2.6.50", - "@prosopo/common": "3.1.43", - "@prosopo/env": "3.6.10", + "@prosopo/api-route": "2.6.51", + "@prosopo/common": "3.1.44", + "@prosopo/env": "3.6.11", "@prosopo/locale": "3.2.6", - "@prosopo/logger": "2.0.1", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/logger": "2.0.2", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "dotenv": "16.4.5", "express": "4.21.2", @@ -38943,10 +38943,10 @@ }, "packages/api-route": { "name": "@prosopo/api-route", - "version": "2.6.50", + "version": "2.6.51", "license": "Apache-2.0", "dependencies": { - "@prosopo/logger": "2.0.1", + "@prosopo/logger": "2.0.2", "zod": "3.23.8" }, "devDependencies": { @@ -38981,20 +38981,20 @@ }, "packages/cli": { "name": "@prosopo/cli", - "version": "3.6.59", + "version": "3.6.60", "license": "Apache-2.0", "dependencies": { "@polkadot/types-codec": "16.4.9", - "@prosopo/api": "3.5.14", - "@prosopo/common": "3.1.43", - "@prosopo/dotenv": "3.0.47", - "@prosopo/env": "3.6.10", - "@prosopo/keyring": "2.9.54", + "@prosopo/api": "3.5.15", + "@prosopo/common": "3.1.44", + "@prosopo/dotenv": "3.0.48", + "@prosopo/env": "3.6.11", + "@prosopo/keyring": "2.9.55", "@prosopo/locale": "3.2.6", - "@prosopo/logger": "2.0.1", - "@prosopo/provider": "4.15.1", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/logger": "2.0.2", + "@prosopo/provider": "4.15.2", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/workspace": "3.1.20", "cron-parser": "4.9.0", "dotenv": "16.4.5", @@ -39048,17 +39048,17 @@ }, "packages/common": { "name": "@prosopo/common", - "version": "3.1.43", + "version": "3.1.44", "license": "Apache-2.0", "dependencies": { "@prosopo/locale": "3.2.6", - "@prosopo/logger": "2.0.1", + "@prosopo/logger": "2.0.2", "i18next": "24.1.0", "zod": "3.23.8" }, "devDependencies": { "@prosopo/config": "3.3.4", - "@prosopo/types": "4.9.7", + "@prosopo/types": "4.9.8", "@types/node": "22.10.2", "@vitest/coverage-v8": "3.2.4", "concurrently": "9.0.1", @@ -39101,17 +39101,17 @@ }, "packages/database": { "name": "@prosopo/database", - "version": "3.15.10", + "version": "3.15.11", "license": "Apache-2.0", "dependencies": { "@polkadot/util": "13.5.7", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/redis-client": "1.0.27", - "@prosopo/types": "4.9.7", - "@prosopo/types-database": "4.11.9", - "@prosopo/user-access-policy": "3.12.1", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/redis-client": "1.0.28", + "@prosopo/types": "4.9.8", + "@prosopo/types-database": "4.11.10", + "@prosopo/user-access-policy": "3.12.2", + "@prosopo/util": "3.3.4", "bson": "6.10.4", "make-dir": "3.1.0", "mongodb": "6.15.0", @@ -39148,14 +39148,14 @@ }, "packages/datasets": { "name": "@prosopo/datasets", - "version": "3.1.48", + "version": "3.1.49", "license": "Apache-2.0", "dependencies": { "@polkadot/util": "13.5.7", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30" }, "devDependencies": { @@ -39179,14 +39179,14 @@ }, "packages/datasets-fs": { "name": "@prosopo/datasets-fs", - "version": "3.0.97", + "version": "3.0.98", "license": "Apache-2.0", "dependencies": { "@noble/hashes": "1.8.0", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "@prosopo/workspace": "3.1.20", "bcrypt": "6.0.0", @@ -39264,9 +39264,9 @@ }, "packages/detector": { "name": "@prosopo/detector", - "version": "3.5.8", + "version": "3.5.9", "dependencies": { - "@prosopo/types": "4.9.7", + "@prosopo/types": "4.9.8", "dotenv": "16.4.5" }, "devDependencies": { @@ -39311,10 +39311,10 @@ }, "packages/dotenv": { "name": "@prosopo/dotenv", - "version": "3.0.47", + "version": "3.0.48", "license": "Apache-2.0", "dependencies": { - "@prosopo/logger": "2.0.1", + "@prosopo/logger": "2.0.2", "dotenv": "16.4.5" }, "devDependencies": { @@ -39359,16 +39359,16 @@ }, "packages/env": { "name": "@prosopo/env", - "version": "3.6.10", + "version": "3.6.11", "license": "Apache-2.0", "dependencies": { - "@prosopo/common": "3.1.43", - "@prosopo/database": "3.15.10", - "@prosopo/ipinfo": "0.2.34", - "@prosopo/keyring": "2.9.54", - "@prosopo/logger": "2.0.1", - "@prosopo/types": "4.9.7", - "@prosopo/types-env": "2.10.9", + "@prosopo/common": "3.1.44", + "@prosopo/database": "3.15.11", + "@prosopo/ipinfo": "0.2.35", + "@prosopo/keyring": "2.9.55", + "@prosopo/logger": "2.0.2", + "@prosopo/types": "4.9.8", + "@prosopo/types-env": "2.10.10", "@prosopo/util-crypto": "13.5.30" }, "devDependencies": { @@ -39401,10 +39401,10 @@ }, "packages/file-server": { "name": "@prosopo/file-server", - "version": "2.6.47", + "version": "2.6.48", "license": "Apache-2.0", "dependencies": { - "@prosopo/util": "3.3.3", + "@prosopo/util": "3.3.4", "dotenv": "16.4.5", "express": "4.21.2", "sharp": "0.33.5" @@ -39441,11 +39441,11 @@ }, "packages/fingerprint": { "name": "@prosopo/fingerprint", - "version": "2.7.13", + "version": "2.7.14", "license": "Apache-2.0", "dependencies": { "@prosopo/fingerprintjs": "5.2.0", - "@prosopo/types": "4.9.7", + "@prosopo/types": "4.9.8", "@prosopo/util-crypto": "13.5.30" }, "devDependencies": { @@ -39588,12 +39588,12 @@ }, "packages/ipinfo": { "name": "@prosopo/ipinfo", - "version": "0.2.34", + "version": "0.2.35", "license": "Apache-2.0", "dependencies": { "@maxmind/geoip2-node": "5.0.0", - "@prosopo/logger": "2.0.1", - "@prosopo/types": "4.9.7" + "@prosopo/logger": "2.0.2", + "@prosopo/types": "4.9.8" }, "devDependencies": { "@prosopo/config": "3.3.4", @@ -39622,14 +39622,14 @@ }, "packages/keyring": { "name": "@prosopo/keyring", - "version": "2.9.54", + "version": "2.9.55", "license": "Apache-2.0", "dependencies": { "@polkadot/util": "13.5.7", "@polkadot/util-crypto": "13.5.7", - "@prosopo/common": "3.1.43", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "dotenv": "16.4.5" }, @@ -39675,11 +39675,11 @@ }, "packages/load-balancer": { "name": "@prosopo/load-balancer", - "version": "2.10.8", + "version": "2.10.9", "license": "Apache-2.0", "dependencies": { - "@prosopo/common": "3.1.43", - "@prosopo/types": "4.9.7", + "@prosopo/common": "3.1.44", + "@prosopo/types": "4.9.8", "zod": "3.23.8" }, "devDependencies": { @@ -39820,10 +39820,10 @@ }, "packages/logger": { "name": "@prosopo/logger", - "version": "2.0.1", + "version": "2.0.2", "license": "Apache-2.0", "dependencies": { - "@prosopo/util": "3.3.3", + "@prosopo/util": "3.3.4", "zod": "3.23.8" }, "devDependencies": { @@ -39945,16 +39945,16 @@ }, "packages/procaptcha": { "name": "@prosopo/procaptcha", - "version": "2.10.48", + "version": "2.10.49", "license": "Apache-2.0", "dependencies": { "@polkadot/util": "13.5.7", - "@prosopo/api": "3.5.14", - "@prosopo/common": "3.1.43", - "@prosopo/datasets": "3.1.48", - "@prosopo/procaptcha-common": "2.11.8", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/api": "3.5.15", + "@prosopo/common": "3.1.44", + "@prosopo/datasets": "3.1.49", + "@prosopo/procaptcha-common": "2.11.9", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30" }, "devDependencies": { @@ -39978,17 +39978,17 @@ }, "packages/procaptcha-bundle": { "name": "@prosopo/procaptcha-bundle", - "version": "4.1.29", + "version": "4.1.30", "license": "Apache-2.0", "dependencies": { "@emotion/cache": "11.11.0", "@emotion/react": "11.11.1", - "@prosopo/dotenv": "3.0.47", + "@prosopo/dotenv": "3.0.48", "@prosopo/locale": "3.2.6", - "@prosopo/procaptcha-common": "2.11.8", - "@prosopo/procaptcha-frictionless": "2.12.10", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/procaptcha-common": "2.11.9", + "@prosopo/procaptcha-frictionless": "2.12.11", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/widget-skeleton": "2.8.4", "dotenv": "16.4.5", "fast-glob": "3.3.2", @@ -40120,14 +40120,14 @@ }, "packages/procaptcha-common": { "name": "@prosopo/procaptcha-common", - "version": "2.11.8", + "version": "2.11.9", "license": "Apache-2.0", "dependencies": { "@emotion/react": "11.11.1", "@emotion/styled": "11.11.0", - "@prosopo/account": "2.8.55", - "@prosopo/load-balancer": "2.10.8", - "@prosopo/types": "4.9.7", + "@prosopo/account": "2.8.56", + "@prosopo/load-balancer": "2.10.9", + "@prosopo/types": "4.9.8", "@prosopo/widget-skeleton": "2.8.4", "react": "18.3.1", "react-dom": "18.3.1" @@ -40264,18 +40264,18 @@ }, "packages/procaptcha-frictionless": { "name": "@prosopo/procaptcha-frictionless", - "version": "2.12.10", + "version": "2.12.11", "license": "Apache-2.0", "dependencies": { - "@prosopo/api": "3.5.14", - "@prosopo/common": "3.1.43", - "@prosopo/detector": "3.5.8", + "@prosopo/api": "3.5.15", + "@prosopo/common": "3.1.44", + "@prosopo/detector": "3.5.9", "@prosopo/locale": "3.2.6", - "@prosopo/procaptcha-common": "2.11.8", - "@prosopo/procaptcha-pow": "2.10.14", - "@prosopo/procaptcha-puzzle": "2.10.29", - "@prosopo/procaptcha-react": "2.9.87", - "@prosopo/types": "4.9.7", + "@prosopo/procaptcha-common": "2.11.9", + "@prosopo/procaptcha-pow": "2.10.15", + "@prosopo/procaptcha-puzzle": "2.10.30", + "@prosopo/procaptcha-react": "2.9.88", + "@prosopo/types": "4.9.8", "@prosopo/widget-skeleton": "2.8.4", "dotenv": "16.4.5", "react": "18.3.1" @@ -40322,17 +40322,17 @@ }, "packages/procaptcha-pow": { "name": "@prosopo/procaptcha-pow", - "version": "2.10.14", + "version": "2.10.15", "license": "Apache-2.0", "dependencies": { "@polkadot/util": "13.5.7", - "@prosopo/api": "3.5.14", - "@prosopo/common": "3.1.43", - "@prosopo/fingerprint": "2.7.13", + "@prosopo/api": "3.5.15", + "@prosopo/common": "3.1.44", + "@prosopo/fingerprint": "2.7.14", "@prosopo/locale": "3.2.6", - "@prosopo/procaptcha-common": "2.11.8", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/procaptcha-common": "2.11.9", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "@prosopo/widget-skeleton": "2.8.4", "react": "18.3.1" @@ -40369,16 +40369,16 @@ }, "packages/procaptcha-puzzle": { "name": "@prosopo/procaptcha-puzzle", - "version": "2.10.29", + "version": "2.10.30", "license": "Apache-2.0", "dependencies": { "@polkadot/util": "13.5.7", - "@prosopo/api": "3.5.14", - "@prosopo/common": "3.1.43", + "@prosopo/api": "3.5.15", + "@prosopo/common": "3.1.44", "@prosopo/locale": "3.2.6", - "@prosopo/procaptcha-common": "2.11.8", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/procaptcha-common": "2.11.9", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "@prosopo/widget-skeleton": "2.8.4", "react": "18.3.1" @@ -40405,15 +40405,15 @@ }, "packages/procaptcha-react": { "name": "@prosopo/procaptcha-react", - "version": "2.9.87", + "version": "2.9.88", "license": "Apache-2.0", "dependencies": { - "@prosopo/common": "3.1.43", + "@prosopo/common": "3.1.44", "@prosopo/locale": "3.2.6", - "@prosopo/procaptcha": "2.10.48", - "@prosopo/procaptcha-common": "2.11.8", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/procaptcha": "2.10.49", + "@prosopo/procaptcha-common": "2.11.9", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/widget-skeleton": "2.8.4", "csstype": "3.1.3", "react": "18.3.1", @@ -40451,11 +40451,11 @@ }, "packages/procaptcha-wrapper": { "name": "@prosopo/procaptcha-wrapper", - "version": "2.6.98", + "version": "2.6.99", "license": "Apache-2.0", "dependencies": { "@prosopo/locale": "3.2.6", - "@prosopo/types": "4.9.7" + "@prosopo/types": "4.9.8" }, "devDependencies": { "@prosopo/config": "3.3.4", @@ -40502,29 +40502,29 @@ }, "packages/provider": { "name": "@prosopo/provider", - "version": "4.15.1", + "version": "4.15.2", "license": "Apache-2.0", "dependencies": { "@noble/hashes": "1.8.0", "@polkadot/util": "13.5.7", - "@prosopo/api": "3.5.14", - "@prosopo/api-express-router": "3.1.41", - "@prosopo/api-route": "2.6.50", - "@prosopo/common": "3.1.43", - "@prosopo/database": "3.15.10", - "@prosopo/datasets": "3.1.48", - "@prosopo/env": "3.6.10", - "@prosopo/ipinfo": "0.2.34", - "@prosopo/keyring": "2.9.54", - "@prosopo/load-balancer": "2.10.8", + "@prosopo/api": "3.5.15", + "@prosopo/api-express-router": "3.1.42", + "@prosopo/api-route": "2.6.51", + "@prosopo/common": "3.1.44", + "@prosopo/database": "3.15.11", + "@prosopo/datasets": "3.1.49", + "@prosopo/env": "3.6.11", + "@prosopo/ipinfo": "0.2.35", + "@prosopo/keyring": "2.9.55", + "@prosopo/load-balancer": "2.10.9", "@prosopo/locale": "3.2.6", - "@prosopo/logger": "2.0.1", - "@prosopo/redis-client": "1.0.27", - "@prosopo/types": "4.9.7", - "@prosopo/types-database": "4.11.9", - "@prosopo/types-env": "2.10.9", - "@prosopo/user-access-policy": "3.12.1", - "@prosopo/util": "3.3.3", + "@prosopo/logger": "2.0.2", + "@prosopo/redis-client": "1.0.28", + "@prosopo/types": "4.9.8", + "@prosopo/types-database": "4.11.10", + "@prosopo/types-env": "2.10.10", + "@prosopo/user-access-policy": "3.12.2", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "cron": "3.1.7", "express": "4.21.2", @@ -40820,10 +40820,10 @@ }, "packages/redis-client": { "name": "@prosopo/redis-client", - "version": "1.0.27", + "version": "1.0.28", "license": "Apache-2.0", "dependencies": { - "@prosopo/logger": "2.0.1", + "@prosopo/logger": "2.0.2", "@redis/search": "5.0.0", "redis": "5.0.0" }, @@ -40872,16 +40872,16 @@ }, "packages/server": { "name": "@prosopo/server", - "version": "2.10.33", + "version": "2.10.34", "license": "Apache-2.0", "dependencies": { - "@prosopo/api": "3.5.14", - "@prosopo/common": "3.1.43", - "@prosopo/keyring": "2.9.54", - "@prosopo/load-balancer": "2.10.8", - "@prosopo/logger": "2.0.1", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/api": "3.5.15", + "@prosopo/common": "3.1.44", + "@prosopo/keyring": "2.9.55", + "@prosopo/load-balancer": "2.10.9", + "@prosopo/logger": "2.0.2", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "i18next": "24.1.0" }, "devDependencies": { @@ -40938,14 +40938,14 @@ }, "packages/types": { "name": "@prosopo/types", - "version": "4.9.7", + "version": "4.9.8", "license": "Apache-2.0", "dependencies": { "@polkadot/extension-inject": "0.62.3", "@polkadot/types": "16.4.9", "@polkadot/util": "13.5.7", "@prosopo/locale": "3.2.6", - "@prosopo/util": "3.3.3", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "ip-address": "10.0.1", "scale-ts": "1.6.1", @@ -40971,14 +40971,14 @@ }, "packages/types-database": { "name": "@prosopo/types-database", - "version": "4.11.9", + "version": "4.11.10", "license": "Apache-2.0", "dependencies": { - "@prosopo/common": "3.1.43", + "@prosopo/common": "3.1.44", "@prosopo/locale": "3.2.6", - "@prosopo/logger": "2.0.1", - "@prosopo/types": "4.9.7", - "@prosopo/user-access-policy": "3.12.1", + "@prosopo/logger": "2.0.2", + "@prosopo/types": "4.9.8", + "@prosopo/user-access-policy": "3.12.2", "bson": "6.10.4", "mongoose": "8.13.0", "zod": "3.23.8" @@ -41229,13 +41229,13 @@ }, "packages/types-env": { "name": "@prosopo/types-env", - "version": "2.10.9", + "version": "2.10.10", "license": "Apache-2.0", "dependencies": { - "@prosopo/keyring": "2.9.54", - "@prosopo/logger": "2.0.1", - "@prosopo/types": "4.9.7", - "@prosopo/types-database": "4.11.9" + "@prosopo/keyring": "2.9.55", + "@prosopo/logger": "2.0.2", + "@prosopo/types": "4.9.8", + "@prosopo/types-database": "4.11.10" }, "devDependencies": { "@prosopo/config": "3.3.4", @@ -41694,16 +41694,16 @@ }, "packages/user-access-policy": { "name": "@prosopo/user-access-policy", - "version": "3.12.1", + "version": "3.12.2", "license": "Apache-2.0", "dependencies": { - "@prosopo/api": "3.5.14", - "@prosopo/api-route": "2.6.50", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/redis-client": "1.0.27", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/api": "3.5.15", + "@prosopo/api-route": "2.6.51", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/redis-client": "1.0.28", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@redis/search": "5.0.0", "cidr-calc": "1.0.4", "dotenv": "16.4.5", @@ -41965,7 +41965,7 @@ }, "packages/util": { "name": "@prosopo/util", - "version": "3.3.3", + "version": "3.3.4", "license": "Apache-2.0", "dependencies": { "@noble/hashes": "1.8.0", diff --git a/package.json b/package.json index a303127d7f..739b95c658 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "@prosopo/captcha", "packageManager": "npm@11.0.0", - "version": "3.6.59", + "version": "3.6.60", "author": "Prosopo", "type": "module", "repository": { diff --git a/packages/account/CHANGELOG.md b/packages/account/CHANGELOG.md index fde94656ac..1904429bc5 100644 --- a/packages/account/CHANGELOG.md +++ b/packages/account/CHANGELOG.md @@ -1,5 +1,15 @@ # @prosopo/account +## 2.8.56 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/common@3.1.44 + - @prosopo/fingerprint@2.7.14 + - @prosopo/keyring@2.9.55 + ## 2.8.55 ### Patch Changes diff --git a/packages/account/package.json b/packages/account/package.json index e223764ba5..fafb4a91fe 100644 --- a/packages/account/package.json +++ b/packages/account/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/account", - "version": "2.8.55", + "version": "2.8.56", "description": "Services and Utils for Prosopo account gen and management", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -51,11 +51,11 @@ "@polkadot/extension-inject": "0.62.3", "@polkadot/util": "13.5.7", "@polkadot/util-crypto": "13.5.7", - "@prosopo/common": "3.1.43", - "@prosopo/fingerprint": "2.7.13", - "@prosopo/keyring": "2.9.54", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/fingerprint": "2.7.14", + "@prosopo/keyring": "2.9.55", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30" }, "devDependencies": { diff --git a/packages/api-express-router/CHANGELOG.md b/packages/api-express-router/CHANGELOG.md index 87a159f872..bf008d64fe 100644 --- a/packages/api-express-router/CHANGELOG.md +++ b/packages/api-express-router/CHANGELOG.md @@ -1,5 +1,17 @@ # @prosopo/api-express-router +## 3.1.42 +### Patch Changes + +- Updated dependencies [550d20a] +- Updated dependencies [85e8857] + - @prosopo/env@3.6.11 + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/common@3.1.44 + - @prosopo/logger@2.0.2 + - @prosopo/api-route@2.6.51 + ## 3.1.41 ### Patch Changes diff --git a/packages/api-express-router/package.json b/packages/api-express-router/package.json index ab65d41db3..bafd00f047 100644 --- a/packages/api-express-router/package.json +++ b/packages/api-express-router/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/api-express-router", - "version": "3.1.41", + "version": "3.1.42", "main": "dist/index.js", "types": "dist/index.d.ts", "type": "module", @@ -26,13 +26,13 @@ }, "dependencies": { "@polkadot/util": "13.5.7", - "@prosopo/api-route": "2.6.50", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/env": "3.6.10", + "@prosopo/api-route": "2.6.51", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/env": "3.6.11", "@prosopo/locale": "3.2.6", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "dotenv": "16.4.5", "express": "4.21.2", diff --git a/packages/api-route/CHANGELOG.md b/packages/api-route/CHANGELOG.md index 6bb142defd..7fb657c662 100644 --- a/packages/api-route/CHANGELOG.md +++ b/packages/api-route/CHANGELOG.md @@ -1,5 +1,10 @@ # @prosopo/api-route +## 2.6.51 +### Patch Changes + + - @prosopo/logger@2.0.2 + ## 2.6.50 ### Patch Changes diff --git a/packages/api-route/package.json b/packages/api-route/package.json index 0a9a8af160..422fb17041 100644 --- a/packages/api-route/package.json +++ b/packages/api-route/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/api-route", - "version": "2.6.50", + "version": "2.6.51", "main": "dist/index.js", "types": "dist/index.d.ts", "type": "module", @@ -24,7 +24,7 @@ "typecheck": "tsc --project tsconfig.types.json" }, "dependencies": { - "@prosopo/logger": "2.0.1", + "@prosopo/logger": "2.0.2", "zod": "3.23.8" }, "devDependencies": { diff --git a/packages/api/CHANGELOG.md b/packages/api/CHANGELOG.md index 5dce399792..d6ba01c985 100644 --- a/packages/api/CHANGELOG.md +++ b/packages/api/CHANGELOG.md @@ -1,5 +1,23 @@ # @prosopo/api +## 3.5.15 +### Patch Changes + +- 85e8857: Record both the top-frame URL and the widget's own iframe URL on frictionless sessions. + + Previously the client only sent one field (`currentUrl`), which for embedded widgets resolved to the top-frame URL — so we lost visibility into which iframe endpoint the session was actually loaded through. Now the client sends both: + + - `currentUrl`: the top-frame URL (same resolution rules as before — same-origin iframes read `window.top.location.href` directly; cross-origin iframes fall back to `document.referrer`). + - `iframeUrl`: the widget's own frame URL when embedded. Undefined when the widget IS the top frame (nothing to distinguish). + + Both fields are sanitised client- and server-side (origin + path only; query string, fragment and any embedded credentials stripped). The provider persists both on the `Session` record and re-uses them on post-PoW escalation sessions. Only `currentUrl` is gated in the frictionless decision machine (unchanged — missing `currentUrl` still forces an image captcha); `iframeUrl` is recorded for analytics. + + Both fields are also surfaced to the decision machines as raw signals: `RoutingMachineRawSignals` gains an optional `iframeUrl` populated from the freshly decrypted frictionless payload on the `route` phase, from the persisted Session record on the `postPow` phase, and from the cached Session in the dedup replay path — matching how `currentUrl` is already threaded through. + + Additionally, sessions carry a new computed boolean `isProtect`, set at session-creation time when the widget iframe was served from `protect.` and embedded in a page on the same tenant (subdomain-of matching, dot-boundary safe — see `isProtectDeployment` in `@prosopo/util`). Persisted only when true (same pattern as `isEscalation`) and backed by a sparse `{isProtect, createdAt}` index so analytics can cheaply retrieve Protect sessions without re-parsing URLs. Post-PoW escalation sessions inherit the flag from the origin session. +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + ## 3.5.14 ### Patch Changes diff --git a/packages/api/package.json b/packages/api/package.json index 85b71aaca6..5387e35cdf 100644 --- a/packages/api/package.json +++ b/packages/api/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/api", - "version": "3.5.14", + "version": "3.5.15", "description": "Wrapper for the provider API", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -36,7 +36,7 @@ }, "homepage": "https://github.com/prosopo/captcha#readme", "dependencies": { - "@prosopo/types": "4.9.7" + "@prosopo/types": "4.9.8" }, "devDependencies": { "@prosopo/config": "3.3.4", diff --git a/packages/cli/CHANGELOG.md b/packages/cli/CHANGELOG.md index 8100b6be08..39aa9f7e93 100644 --- a/packages/cli/CHANGELOG.md +++ b/packages/cli/CHANGELOG.md @@ -1,5 +1,20 @@ # @prosopo/cli +## 3.6.60 +### Patch Changes + +- Updated dependencies [550d20a] +- Updated dependencies [85e8857] + - @prosopo/env@3.6.11 + - @prosopo/provider@4.15.2 + - @prosopo/api@3.5.15 + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/common@3.1.44 + - @prosopo/keyring@2.9.55 + - @prosopo/logger@2.0.2 + - @prosopo/dotenv@3.0.48 + ## 3.6.59 ### Patch Changes diff --git a/packages/cli/package.json b/packages/cli/package.json index 7b6be6f707..90a918a981 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/cli", - "version": "3.6.59", + "version": "3.6.60", "description": "CLI for Prosopo Provider", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -32,16 +32,16 @@ }, "dependencies": { "@polkadot/types-codec": "16.4.9", - "@prosopo/api": "3.5.14", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/dotenv": "3.0.47", - "@prosopo/env": "3.6.10", - "@prosopo/keyring": "2.9.54", + "@prosopo/api": "3.5.15", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/dotenv": "3.0.48", + "@prosopo/env": "3.6.11", + "@prosopo/keyring": "2.9.55", "@prosopo/locale": "3.2.6", - "@prosopo/provider": "4.15.1", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/provider": "4.15.2", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/workspace": "3.1.20", "cron-parser": "4.9.0", "dotenv": "16.4.5", diff --git a/packages/common/CHANGELOG.md b/packages/common/CHANGELOG.md index 2ce9b42043..15e14ae02f 100644 --- a/packages/common/CHANGELOG.md +++ b/packages/common/CHANGELOG.md @@ -1,5 +1,10 @@ # @prosopo/common +## 3.1.44 +### Patch Changes + + - @prosopo/logger@2.0.2 + ## 3.1.43 ### Patch Changes diff --git a/packages/common/package.json b/packages/common/package.json index 96c937981a..3cb4754f57 100644 --- a/packages/common/package.json +++ b/packages/common/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/common", - "version": "3.1.43", + "version": "3.1.44", "description": "Prosopo common library", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -34,14 +34,14 @@ "license": "Apache-2.0", "dependencies": { "@prosopo/locale": "3.2.6", - "@prosopo/logger": "2.0.1", + "@prosopo/logger": "2.0.2", "i18next": "24.1.0", "zod": "3.23.8" }, "devDependencies": { "@prosopo/config": "3.3.4", "@types/node": "22.10.2", - "@prosopo/types": "4.9.7", + "@prosopo/types": "4.9.8", "@vitest/coverage-v8": "3.2.4", "concurrently": "9.0.1", "del-cli": "6.0.0", diff --git a/packages/database/CHANGELOG.md b/packages/database/CHANGELOG.md index fdc5c5d9df..2634a272e8 100644 --- a/packages/database/CHANGELOG.md +++ b/packages/database/CHANGELOG.md @@ -1,5 +1,17 @@ # @prosopo/database +## 3.15.11 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/types-database@4.11.10 + - @prosopo/util@3.3.4 + - @prosopo/user-access-policy@3.12.2 + - @prosopo/common@3.1.44 + - @prosopo/logger@2.0.2 + - @prosopo/redis-client@1.0.28 + ## 3.15.10 ### Patch Changes diff --git a/packages/database/package.json b/packages/database/package.json index abe9ed2eaa..358be84dd7 100644 --- a/packages/database/package.json +++ b/packages/database/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/database", - "version": "3.15.10", + "version": "3.15.11", "description": "Prosopo database plugins for provider", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -38,13 +38,13 @@ "homepage": "https://github.com/prosopo/captcha#readme", "dependencies": { "@polkadot/util": "13.5.7", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/redis-client": "1.0.27", - "@prosopo/types": "4.9.7", - "@prosopo/types-database": "4.11.9", - "@prosopo/user-access-policy": "3.12.1", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/redis-client": "1.0.28", + "@prosopo/types": "4.9.8", + "@prosopo/types-database": "4.11.10", + "@prosopo/user-access-policy": "3.12.2", + "@prosopo/util": "3.3.4", "bson": "6.10.4", "make-dir": "3.1.0", "mongodb": "6.15.0", diff --git a/packages/datasets-fs/CHANGELOG.md b/packages/datasets-fs/CHANGELOG.md index 2a8d63670d..bfbfcb16aa 100644 --- a/packages/datasets-fs/CHANGELOG.md +++ b/packages/datasets-fs/CHANGELOG.md @@ -1,5 +1,14 @@ # @prosopo/datasets-fs +## 3.0.98 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/common@3.1.44 + - @prosopo/logger@2.0.2 + ## 3.0.97 ### Patch Changes diff --git a/packages/datasets-fs/package.json b/packages/datasets-fs/package.json index e1447e6318..e93c89b632 100644 --- a/packages/datasets-fs/package.json +++ b/packages/datasets-fs/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/datasets-fs", - "version": "3.0.97", + "version": "3.0.98", "author": "PROSOPO LIMITED ", "license": "Apache-2.0", "private": false, @@ -30,10 +30,10 @@ }, "dependencies": { "@noble/hashes": "1.8.0", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "@prosopo/workspace": "3.1.20", "bcrypt": "6.0.0", diff --git a/packages/datasets/CHANGELOG.md b/packages/datasets/CHANGELOG.md index 10527925c8..ace3bdc093 100644 --- a/packages/datasets/CHANGELOG.md +++ b/packages/datasets/CHANGELOG.md @@ -1,5 +1,14 @@ # @prosopo/datasets +## 3.1.49 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/common@3.1.44 + - @prosopo/logger@2.0.2 + ## 3.1.48 ### Patch Changes diff --git a/packages/datasets/package.json b/packages/datasets/package.json index ea9a81866d..e38293dcec 100644 --- a/packages/datasets/package.json +++ b/packages/datasets/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/datasets", - "version": "3.1.48", + "version": "3.1.49", "author": "PROSOPO LIMITED ", "license": "Apache-2.0", "private": false, @@ -42,10 +42,10 @@ }, "dependencies": { "@polkadot/util": "13.5.7", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30" }, "devDependencies": { diff --git a/packages/detector/CHANGELOG.md b/packages/detector/CHANGELOG.md index b55cacae30..66c249e688 100644 --- a/packages/detector/CHANGELOG.md +++ b/packages/detector/CHANGELOG.md @@ -1,5 +1,11 @@ # @prosopo/detector +## 3.5.9 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + ## 3.5.8 ### Patch Changes diff --git a/packages/detector/package.json b/packages/detector/package.json index 27e6395b82..91b3536063 100644 --- a/packages/detector/package.json +++ b/packages/detector/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/detector", - "version": "3.5.8", + "version": "3.5.9", "main": "dist/index.js", "types": "dist/index.d.ts", "engines": { @@ -24,7 +24,7 @@ }, "type": "module", "dependencies": { - "@prosopo/types": "4.9.7", + "@prosopo/types": "4.9.8", "dotenv": "16.4.5" }, "devDependencies": { diff --git a/packages/dotenv/CHANGELOG.md b/packages/dotenv/CHANGELOG.md index 45b0433f4d..9dbf26d306 100644 --- a/packages/dotenv/CHANGELOG.md +++ b/packages/dotenv/CHANGELOG.md @@ -1,5 +1,10 @@ # @prosopo/dotenv +## 3.0.48 +### Patch Changes + + - @prosopo/logger@2.0.2 + ## 3.0.47 ### Patch Changes diff --git a/packages/dotenv/package.json b/packages/dotenv/package.json index 627de16015..3f6a0ca887 100644 --- a/packages/dotenv/package.json +++ b/packages/dotenv/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/dotenv", - "version": "3.0.47", + "version": "3.0.48", "main": "dist/index.js", "types": "dist/index.d.ts", "exports": { @@ -28,7 +28,7 @@ }, "type": "module", "dependencies": { - "@prosopo/logger": "2.0.1", + "@prosopo/logger": "2.0.2", "dotenv": "16.4.5" }, "devDependencies": { diff --git a/packages/env/CHANGELOG.md b/packages/env/CHANGELOG.md index e141d8983c..54a7e2a993 100644 --- a/packages/env/CHANGELOG.md +++ b/packages/env/CHANGELOG.md @@ -1,5 +1,20 @@ # @prosopo/env +## 3.6.11 +### Patch Changes + +- 550d20a: Keep the provider admin endpoints working while `MAINTENANCE_MODE` is on. Previously the admin/access-rule router was skipped entirely at boot in maintenance mode — `Environment.isReady()` never connected the DB, so `env.getDb()` threw and the DB-backed `Tasks` couldn't be constructed — which meant adding/removing site keys (access rules), detector keys and decision machines all 404'd on a node in maintenance mode. + + Now, in maintenance mode `Environment.isReady()` creates the `ProviderDatabase` handle and connects in the **background** (without awaiting), so a slow or unavailable Mongo/Redis socket still can't gate boot, but `env.getDb()` returns a usable handle and the admin endpoints register and function. The captcha request path is unchanged — it still short-circuits to a maintenance "pass" before touching the DB. `blockMiddleware` now has an explicit maintenance-mode skip (it previously relied on `env.getDb()` throwing to no-op) so the blocklist/Redis lookup stays off the captcha hot path. +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/common@3.1.44 + - @prosopo/database@3.15.11 + - @prosopo/ipinfo@0.2.35 + - @prosopo/keyring@2.9.55 + - @prosopo/types-env@2.10.10 + - @prosopo/logger@2.0.2 + ## 3.6.10 ### Patch Changes diff --git a/packages/env/package.json b/packages/env/package.json index 0820fccd00..1d74ebe67b 100644 --- a/packages/env/package.json +++ b/packages/env/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/env", - "version": "3.6.10", + "version": "3.6.11", "description": "Path env prosopo environment", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -26,13 +26,13 @@ "typecheck": "tsc --project tsconfig.types.json" }, "dependencies": { - "@prosopo/ipinfo": "0.2.34", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/database": "3.15.10", - "@prosopo/keyring": "2.9.54", - "@prosopo/types": "4.9.7", - "@prosopo/types-env": "2.10.9", + "@prosopo/ipinfo": "0.2.35", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/database": "3.15.11", + "@prosopo/keyring": "2.9.55", + "@prosopo/types": "4.9.8", + "@prosopo/types-env": "2.10.10", "@prosopo/util-crypto": "13.5.30" }, "devDependencies": { diff --git a/packages/file-server/CHANGELOG.md b/packages/file-server/CHANGELOG.md index 940f6425be..d3a895cc4d 100644 --- a/packages/file-server/CHANGELOG.md +++ b/packages/file-server/CHANGELOG.md @@ -1,5 +1,11 @@ # @prosopo/file-server +## 2.6.48 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/util@3.3.4 + ## 2.6.47 ### Patch Changes diff --git a/packages/file-server/package.json b/packages/file-server/package.json index e27c3caf18..e923acb0f4 100644 --- a/packages/file-server/package.json +++ b/packages/file-server/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/file-server", - "version": "2.6.47", + "version": "2.6.48", "description": "Simple static file server", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -26,7 +26,7 @@ "start": "node ./dist/index.js" }, "dependencies": { - "@prosopo/util": "3.3.3", + "@prosopo/util": "3.3.4", "dotenv": "16.4.5", "express": "4.21.2", "sharp": "0.33.5" diff --git a/packages/fingerprint/CHANGELOG.md b/packages/fingerprint/CHANGELOG.md index 81d383ab79..a111981039 100644 --- a/packages/fingerprint/CHANGELOG.md +++ b/packages/fingerprint/CHANGELOG.md @@ -1,5 +1,11 @@ # @prosopo/fingerprint +## 2.7.14 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + ## 2.7.13 ### Patch Changes diff --git a/packages/fingerprint/package.json b/packages/fingerprint/package.json index d5b9a66029..e23585e75c 100644 --- a/packages/fingerprint/package.json +++ b/packages/fingerprint/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/fingerprint", - "version": "2.7.13", + "version": "2.7.14", "description": "Provider fingerprint", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -38,7 +38,7 @@ "homepage": "https://github.com/prosopo/captcha#readme", "dependencies": { "@prosopo/fingerprintjs": "5.2.0", - "@prosopo/types": "4.9.7", + "@prosopo/types": "4.9.8", "@prosopo/util-crypto": "13.5.30" }, "devDependencies": { diff --git a/packages/ipinfo/CHANGELOG.md b/packages/ipinfo/CHANGELOG.md index 8e18fff196..85b5ed191d 100644 --- a/packages/ipinfo/CHANGELOG.md +++ b/packages/ipinfo/CHANGELOG.md @@ -1,5 +1,12 @@ # @prosopo/ipinfo +## 0.2.35 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/logger@2.0.2 + ## 0.2.34 ### Patch Changes diff --git a/packages/ipinfo/package.json b/packages/ipinfo/package.json index 40cf86189f..6cda23900b 100644 --- a/packages/ipinfo/package.json +++ b/packages/ipinfo/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/ipinfo", - "version": "0.2.34", + "version": "0.2.35", "description": "IP information service with MaxMind and ipapi.is backends", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -26,8 +26,8 @@ }, "dependencies": { "@maxmind/geoip2-node": "5.0.0", - "@prosopo/logger": "2.0.1", - "@prosopo/types": "4.9.7" + "@prosopo/logger": "2.0.2", + "@prosopo/types": "4.9.8" }, "devDependencies": { "@prosopo/config": "3.3.4", diff --git a/packages/keyring/CHANGELOG.md b/packages/keyring/CHANGELOG.md index bb0682c62c..6d2a19f2e1 100644 --- a/packages/keyring/CHANGELOG.md +++ b/packages/keyring/CHANGELOG.md @@ -1,5 +1,13 @@ # @prosopo/keyring +## 2.9.55 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/common@3.1.44 + ## 2.9.54 ### Patch Changes diff --git a/packages/keyring/package.json b/packages/keyring/package.json index 06fc3a3ad3..48bdb1754d 100644 --- a/packages/keyring/package.json +++ b/packages/keyring/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/keyring", - "version": "2.9.54", + "version": "2.9.55", "description": "Keypair generator for Prosopo", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -39,9 +39,9 @@ "dependencies": { "@polkadot/util": "13.5.7", "@polkadot/util-crypto": "13.5.7", - "@prosopo/common": "3.1.43", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/common": "3.1.44", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "dotenv": "16.4.5" }, diff --git a/packages/load-balancer/CHANGELOG.md b/packages/load-balancer/CHANGELOG.md index 91a2641a8c..a9815873d8 100644 --- a/packages/load-balancer/CHANGELOG.md +++ b/packages/load-balancer/CHANGELOG.md @@ -1,5 +1,12 @@ # @prosopo/load-balancer +## 2.10.9 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/common@3.1.44 + ## 2.10.8 ### Patch Changes diff --git a/packages/load-balancer/package.json b/packages/load-balancer/package.json index 9af46d10eb..f102611b3a 100644 --- a/packages/load-balancer/package.json +++ b/packages/load-balancer/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/load-balancer", - "version": "2.10.8", + "version": "2.10.9", "description": "Provider load balancer", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -37,8 +37,8 @@ }, "homepage": "https://github.com/prosopo/captcha#readme", "dependencies": { - "@prosopo/common": "3.1.43", - "@prosopo/types": "4.9.7", + "@prosopo/common": "3.1.44", + "@prosopo/types": "4.9.8", "zod": "3.23.8" }, "devDependencies": { diff --git a/packages/logger/CHANGELOG.md b/packages/logger/CHANGELOG.md index d537aef207..505565d6d7 100644 --- a/packages/logger/CHANGELOG.md +++ b/packages/logger/CHANGELOG.md @@ -1,5 +1,11 @@ # @prosopo/logger +## 2.0.2 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/util@3.3.4 + ## 2.0.1 ### Patch Changes diff --git a/packages/logger/package.json b/packages/logger/package.json index bf346cd24b..71913849ab 100644 --- a/packages/logger/package.json +++ b/packages/logger/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/logger", - "version": "2.0.1", + "version": "2.0.2", "description": "Prosopo logger library", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -28,7 +28,7 @@ "author": "Prosopo Limited", "license": "Apache-2.0", "dependencies": { - "@prosopo/util": "3.3.3", + "@prosopo/util": "3.3.4", "zod": "3.23.8" }, "devDependencies": { diff --git a/packages/procaptcha-bundle/CHANGELOG.md b/packages/procaptcha-bundle/CHANGELOG.md index 4ed503b1ca..6a36200535 100644 --- a/packages/procaptcha-bundle/CHANGELOG.md +++ b/packages/procaptcha-bundle/CHANGELOG.md @@ -1,5 +1,15 @@ # @prosopo/procaptcha-bundle +## 4.1.30 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/procaptcha-frictionless@2.12.11 + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/procaptcha-common@2.11.9 + - @prosopo/dotenv@3.0.48 + ## 4.1.29 ### Patch Changes diff --git a/packages/procaptcha-bundle/package.json b/packages/procaptcha-bundle/package.json index 4c5e56145e..49ae8e2650 100644 --- a/packages/procaptcha-bundle/package.json +++ b/packages/procaptcha-bundle/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/procaptcha-bundle", - "version": "4.1.29", + "version": "4.1.30", "author": "PROSOPO LIMITED ", "license": "Apache-2.0", "main": "dist/index.js", @@ -39,12 +39,12 @@ }, "browserslist": ["> 0.5%, last 2 versions, not dead"], "dependencies": { - "@prosopo/dotenv": "3.0.47", + "@prosopo/dotenv": "3.0.48", "@prosopo/locale": "3.2.6", - "@prosopo/procaptcha-common": "2.11.8", - "@prosopo/procaptcha-frictionless": "2.12.10", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/procaptcha-common": "2.11.9", + "@prosopo/procaptcha-frictionless": "2.12.11", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/widget-skeleton": "2.8.4", "dotenv": "16.4.5", "fast-glob": "3.3.2", diff --git a/packages/procaptcha-common/CHANGELOG.md b/packages/procaptcha-common/CHANGELOG.md index 0d1e643d2b..60125e99db 100644 --- a/packages/procaptcha-common/CHANGELOG.md +++ b/packages/procaptcha-common/CHANGELOG.md @@ -1,5 +1,13 @@ # @prosopo/procaptcha-common +## 2.11.9 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/account@2.8.56 + - @prosopo/load-balancer@2.10.9 + ## 2.11.8 ### Patch Changes diff --git a/packages/procaptcha-common/package.json b/packages/procaptcha-common/package.json index 7c76c4eecf..3f89d16de3 100644 --- a/packages/procaptcha-common/package.json +++ b/packages/procaptcha-common/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/procaptcha-common", - "version": "2.11.8", + "version": "2.11.9", "author": "PROSOPO LIMITED ", "license": "Apache-2.0", "main": "dist/index.js", @@ -34,9 +34,9 @@ "dependencies": { "@emotion/react": "11.11.1", "@emotion/styled": "11.11.0", - "@prosopo/account": "2.8.55", - "@prosopo/load-balancer": "2.10.8", - "@prosopo/types": "4.9.7", + "@prosopo/account": "2.8.56", + "@prosopo/load-balancer": "2.10.9", + "@prosopo/types": "4.9.8", "@prosopo/widget-skeleton": "2.8.4", "react": "18.3.1", "react-dom": "18.3.1" diff --git a/packages/procaptcha-frictionless/CHANGELOG.md b/packages/procaptcha-frictionless/CHANGELOG.md index 4a140ced73..00cd8f5534 100644 --- a/packages/procaptcha-frictionless/CHANGELOG.md +++ b/packages/procaptcha-frictionless/CHANGELOG.md @@ -1,5 +1,30 @@ # @prosopo/procaptcha-frictionless +## 2.12.11 +### Patch Changes + +- 85e8857: Record both the top-frame URL and the widget's own iframe URL on frictionless sessions. + + Previously the client only sent one field (`currentUrl`), which for embedded widgets resolved to the top-frame URL — so we lost visibility into which iframe endpoint the session was actually loaded through. Now the client sends both: + + - `currentUrl`: the top-frame URL (same resolution rules as before — same-origin iframes read `window.top.location.href` directly; cross-origin iframes fall back to `document.referrer`). + - `iframeUrl`: the widget's own frame URL when embedded. Undefined when the widget IS the top frame (nothing to distinguish). + + Both fields are sanitised client- and server-side (origin + path only; query string, fragment and any embedded credentials stripped). The provider persists both on the `Session` record and re-uses them on post-PoW escalation sessions. Only `currentUrl` is gated in the frictionless decision machine (unchanged — missing `currentUrl` still forces an image captcha); `iframeUrl` is recorded for analytics. + + Both fields are also surfaced to the decision machines as raw signals: `RoutingMachineRawSignals` gains an optional `iframeUrl` populated from the freshly decrypted frictionless payload on the `route` phase, from the persisted Session record on the `postPow` phase, and from the cached Session in the dedup replay path — matching how `currentUrl` is already threaded through. + + Additionally, sessions carry a new computed boolean `isProtect`, set at session-creation time when the widget iframe was served from `protect.` and embedded in a page on the same tenant (subdomain-of matching, dot-boundary safe — see `isProtectDeployment` in `@prosopo/util`). Persisted only when true (same pattern as `isEscalation`) and backed by a sparse `{isProtect, createdAt}` index so analytics can cheaply retrieve Protect sessions without re-parsing URLs. Post-PoW escalation sessions inherit the flag from the origin session. +- Updated dependencies [85e8857] + - @prosopo/api@3.5.15 + - @prosopo/types@4.9.8 + - @prosopo/procaptcha-pow@2.10.15 + - @prosopo/procaptcha-puzzle@2.10.30 + - @prosopo/common@3.1.44 + - @prosopo/detector@3.5.9 + - @prosopo/procaptcha-common@2.11.9 + - @prosopo/procaptcha-react@2.9.88 + ## 2.12.10 ### Patch Changes diff --git a/packages/procaptcha-frictionless/package.json b/packages/procaptcha-frictionless/package.json index 1a2f983fc9..bfec5affda 100644 --- a/packages/procaptcha-frictionless/package.json +++ b/packages/procaptcha-frictionless/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/procaptcha-frictionless", - "version": "2.12.10", + "version": "2.12.11", "author": "PROSOPO LIMITED ", "license": "Apache-2.0", "main": "dist/index.js", @@ -30,15 +30,15 @@ }, "browserslist": ["> 0.5%, last 2 versions, not dead"], "dependencies": { - "@prosopo/api": "3.5.14", - "@prosopo/common": "3.1.43", - "@prosopo/detector": "3.5.8", + "@prosopo/api": "3.5.15", + "@prosopo/common": "3.1.44", + "@prosopo/detector": "3.5.9", "@prosopo/locale": "3.2.6", - "@prosopo/procaptcha-common": "2.11.8", - "@prosopo/procaptcha-pow": "2.10.14", - "@prosopo/procaptcha-puzzle": "2.10.29", - "@prosopo/procaptcha-react": "2.9.87", - "@prosopo/types": "4.9.7", + "@prosopo/procaptcha-common": "2.11.9", + "@prosopo/procaptcha-pow": "2.10.15", + "@prosopo/procaptcha-puzzle": "2.10.30", + "@prosopo/procaptcha-react": "2.9.88", + "@prosopo/types": "4.9.8", "@prosopo/widget-skeleton": "2.8.4", "dotenv": "16.4.5", "react": "18.3.1" diff --git a/packages/procaptcha-pow/CHANGELOG.md b/packages/procaptcha-pow/CHANGELOG.md index b0c9ac726c..d3b1ddc89f 100644 --- a/packages/procaptcha-pow/CHANGELOG.md +++ b/packages/procaptcha-pow/CHANGELOG.md @@ -1,5 +1,16 @@ # @prosopo/procaptcha-pow +## 2.10.15 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/api@3.5.15 + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/common@3.1.44 + - @prosopo/fingerprint@2.7.14 + - @prosopo/procaptcha-common@2.11.9 + ## 2.10.14 ### Patch Changes diff --git a/packages/procaptcha-pow/package.json b/packages/procaptcha-pow/package.json index 11b4ec265c..e9c872553d 100644 --- a/packages/procaptcha-pow/package.json +++ b/packages/procaptcha-pow/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/procaptcha-pow", - "version": "2.10.14", + "version": "2.10.15", "author": "PROSOPO LIMITED ", "license": "Apache-2.0", "main": "dist/index.js", @@ -30,13 +30,13 @@ "browserslist": ["> 0.5%, last 2 versions, not dead"], "dependencies": { "@polkadot/util": "13.5.7", - "@prosopo/api": "3.5.14", - "@prosopo/common": "3.1.43", - "@prosopo/fingerprint": "2.7.13", + "@prosopo/api": "3.5.15", + "@prosopo/common": "3.1.44", + "@prosopo/fingerprint": "2.7.14", "@prosopo/locale": "3.2.6", - "@prosopo/procaptcha-common": "2.11.8", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/procaptcha-common": "2.11.9", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "@prosopo/widget-skeleton": "2.8.4", "react": "18.3.1" diff --git a/packages/procaptcha-puzzle/CHANGELOG.md b/packages/procaptcha-puzzle/CHANGELOG.md index bf49417442..53ff764614 100644 --- a/packages/procaptcha-puzzle/CHANGELOG.md +++ b/packages/procaptcha-puzzle/CHANGELOG.md @@ -1,5 +1,15 @@ # @prosopo/procaptcha-puzzle +## 2.10.30 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/api@3.5.15 + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/common@3.1.44 + - @prosopo/procaptcha-common@2.11.9 + ## 2.10.29 ### Patch Changes diff --git a/packages/procaptcha-puzzle/package.json b/packages/procaptcha-puzzle/package.json index f4e542c14b..086f199242 100644 --- a/packages/procaptcha-puzzle/package.json +++ b/packages/procaptcha-puzzle/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/procaptcha-puzzle", - "version": "2.10.29", + "version": "2.10.30", "author": "PROSOPO LIMITED ", "license": "Apache-2.0", "main": "dist/index.js", @@ -30,12 +30,12 @@ "browserslist": ["> 0.5%, last 2 versions, not dead"], "dependencies": { "@polkadot/util": "13.5.7", - "@prosopo/api": "3.5.14", - "@prosopo/common": "3.1.43", + "@prosopo/api": "3.5.15", + "@prosopo/common": "3.1.44", "@prosopo/locale": "3.2.6", - "@prosopo/procaptcha-common": "2.11.8", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/procaptcha-common": "2.11.9", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "@prosopo/widget-skeleton": "2.8.4", "react": "18.3.1" diff --git a/packages/procaptcha-react/CHANGELOG.md b/packages/procaptcha-react/CHANGELOG.md index 5cc1ff9386..ad6bd60ffa 100644 --- a/packages/procaptcha-react/CHANGELOG.md +++ b/packages/procaptcha-react/CHANGELOG.md @@ -1,5 +1,15 @@ # @prosopo/procaptcha-react +## 2.9.88 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/procaptcha@2.10.49 + - @prosopo/common@3.1.44 + - @prosopo/procaptcha-common@2.11.9 + ## 2.9.87 ### Patch Changes diff --git a/packages/procaptcha-react/package.json b/packages/procaptcha-react/package.json index 74fe2ed2a2..3f0a1a40d1 100644 --- a/packages/procaptcha-react/package.json +++ b/packages/procaptcha-react/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/procaptcha-react", - "version": "2.9.87", + "version": "2.9.88", "author": "PROSOPO LIMITED ", "license": "Apache-2.0", "main": "dist/index.js", @@ -29,12 +29,12 @@ }, "browserslist": ["> 0.5%, last 2 versions, not dead"], "dependencies": { - "@prosopo/common": "3.1.43", + "@prosopo/common": "3.1.44", "@prosopo/locale": "3.2.6", - "@prosopo/procaptcha": "2.10.48", - "@prosopo/procaptcha-common": "2.11.8", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/procaptcha": "2.10.49", + "@prosopo/procaptcha-common": "2.11.9", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/widget-skeleton": "2.8.4", "csstype": "3.1.3", "react": "18.3.1", diff --git a/packages/procaptcha-wrapper/CHANGELOG.md b/packages/procaptcha-wrapper/CHANGELOG.md index a7b96b6c06..27244a805f 100644 --- a/packages/procaptcha-wrapper/CHANGELOG.md +++ b/packages/procaptcha-wrapper/CHANGELOG.md @@ -1,5 +1,11 @@ # @prosopo/procaptcha-wrapper +## 2.6.99 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + ## 2.6.98 ### Patch Changes diff --git a/packages/procaptcha-wrapper/package.json b/packages/procaptcha-wrapper/package.json index c2bc138709..b34c00c792 100644 --- a/packages/procaptcha-wrapper/package.json +++ b/packages/procaptcha-wrapper/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/procaptcha-wrapper", - "version": "2.6.98", + "version": "2.6.99", "type": "module", "engines": { "node": "^24", @@ -24,7 +24,7 @@ "typecheck": "tsc --project tsconfig.types.json" }, "dependencies": { - "@prosopo/types": "4.9.7", + "@prosopo/types": "4.9.8", "@prosopo/locale": "3.2.6" }, "devDependencies": { diff --git a/packages/procaptcha/CHANGELOG.md b/packages/procaptcha/CHANGELOG.md index 6c56e75c36..3ddad8d96c 100644 --- a/packages/procaptcha/CHANGELOG.md +++ b/packages/procaptcha/CHANGELOG.md @@ -1,5 +1,16 @@ # @prosopo/procaptcha +## 2.10.49 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/api@3.5.15 + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/common@3.1.44 + - @prosopo/datasets@3.1.49 + - @prosopo/procaptcha-common@2.11.9 + ## 2.10.48 ### Patch Changes diff --git a/packages/procaptcha/package.json b/packages/procaptcha/package.json index 907aaed32b..2a813be596 100644 --- a/packages/procaptcha/package.json +++ b/packages/procaptcha/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/procaptcha", - "version": "2.10.48", + "version": "2.10.49", "author": "PROSOPO LIMITED ", "license": "Apache-2.0", "main": "./dist/index.js", @@ -33,12 +33,12 @@ }, "dependencies": { "@polkadot/util": "13.5.7", - "@prosopo/api": "3.5.14", - "@prosopo/common": "3.1.43", - "@prosopo/datasets": "3.1.48", - "@prosopo/procaptcha-common": "2.11.8", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/api": "3.5.15", + "@prosopo/common": "3.1.44", + "@prosopo/datasets": "3.1.49", + "@prosopo/procaptcha-common": "2.11.9", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30" }, "devDependencies": { diff --git a/packages/provider/CHANGELOG.md b/packages/provider/CHANGELOG.md index e30589c1b2..a82409f1a6 100644 --- a/packages/provider/CHANGELOG.md +++ b/packages/provider/CHANGELOG.md @@ -1,5 +1,43 @@ # @prosopo/provider +## 4.15.2 +### Patch Changes + +- 550d20a: Keep the provider admin endpoints working while `MAINTENANCE_MODE` is on. Previously the admin/access-rule router was skipped entirely at boot in maintenance mode — `Environment.isReady()` never connected the DB, so `env.getDb()` threw and the DB-backed `Tasks` couldn't be constructed — which meant adding/removing site keys (access rules), detector keys and decision machines all 404'd on a node in maintenance mode. + + Now, in maintenance mode `Environment.isReady()` creates the `ProviderDatabase` handle and connects in the **background** (without awaiting), so a slow or unavailable Mongo/Redis socket still can't gate boot, but `env.getDb()` returns a usable handle and the admin endpoints register and function. The captcha request path is unchanged — it still short-circuits to a maintenance "pass" before touching the DB. `blockMiddleware` now has an explicit maintenance-mode skip (it previously relied on `env.getDb()` throwing to no-op) so the blocklist/Redis lookup stays off the captcha hot path. +- 85e8857: Record both the top-frame URL and the widget's own iframe URL on frictionless sessions. + + Previously the client only sent one field (`currentUrl`), which for embedded widgets resolved to the top-frame URL — so we lost visibility into which iframe endpoint the session was actually loaded through. Now the client sends both: + + - `currentUrl`: the top-frame URL (same resolution rules as before — same-origin iframes read `window.top.location.href` directly; cross-origin iframes fall back to `document.referrer`). + - `iframeUrl`: the widget's own frame URL when embedded. Undefined when the widget IS the top frame (nothing to distinguish). + + Both fields are sanitised client- and server-side (origin + path only; query string, fragment and any embedded credentials stripped). The provider persists both on the `Session` record and re-uses them on post-PoW escalation sessions. Only `currentUrl` is gated in the frictionless decision machine (unchanged — missing `currentUrl` still forces an image captcha); `iframeUrl` is recorded for analytics. + + Both fields are also surfaced to the decision machines as raw signals: `RoutingMachineRawSignals` gains an optional `iframeUrl` populated from the freshly decrypted frictionless payload on the `route` phase, from the persisted Session record on the `postPow` phase, and from the cached Session in the dedup replay path — matching how `currentUrl` is already threaded through. + + Additionally, sessions carry a new computed boolean `isProtect`, set at session-creation time when the widget iframe was served from `protect.` and embedded in a page on the same tenant (subdomain-of matching, dot-boundary safe — see `isProtectDeployment` in `@prosopo/util`). Persisted only when true (same pattern as `isEscalation`) and backed by a sparse `{isProtect, createdAt}` index so analytics can cheaply retrieve Protect sessions without re-parsing URLs. Post-PoW escalation sessions inherit the flag from the origin session. +- Updated dependencies [550d20a] +- Updated dependencies [85e8857] + - @prosopo/env@3.6.11 + - @prosopo/api@3.5.15 + - @prosopo/types@4.9.8 + - @prosopo/types-database@4.11.10 + - @prosopo/util@3.3.4 + - @prosopo/api-express-router@3.1.42 + - @prosopo/user-access-policy@3.12.2 + - @prosopo/common@3.1.44 + - @prosopo/database@3.15.11 + - @prosopo/datasets@3.1.49 + - @prosopo/ipinfo@0.2.35 + - @prosopo/keyring@2.9.55 + - @prosopo/load-balancer@2.10.9 + - @prosopo/types-env@2.10.10 + - @prosopo/logger@2.0.2 + - @prosopo/api-route@2.6.51 + - @prosopo/redis-client@1.0.28 + ## 4.15.1 ### Patch Changes diff --git a/packages/provider/package.json b/packages/provider/package.json index c698783e23..7233209e51 100644 --- a/packages/provider/package.json +++ b/packages/provider/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/provider", - "version": "4.15.1", + "version": "4.15.2", "author": "PROSOPO LIMITED ", "license": "Apache-2.0", "type": "module", @@ -23,24 +23,24 @@ "dependencies": { "@noble/hashes": "1.8.0", "@polkadot/util": "13.5.7", - "@prosopo/api": "3.5.14", - "@prosopo/api-express-router": "3.1.41", - "@prosopo/api-route": "2.6.50", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/database": "3.15.10", - "@prosopo/datasets": "3.1.48", - "@prosopo/env": "3.6.10", - "@prosopo/ipinfo": "0.2.34", - "@prosopo/keyring": "2.9.54", - "@prosopo/load-balancer": "2.10.8", - "@prosopo/redis-client": "1.0.27", + "@prosopo/api": "3.5.15", + "@prosopo/api-express-router": "3.1.42", + "@prosopo/api-route": "2.6.51", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/database": "3.15.11", + "@prosopo/datasets": "3.1.49", + "@prosopo/env": "3.6.11", + "@prosopo/ipinfo": "0.2.35", + "@prosopo/keyring": "2.9.55", + "@prosopo/load-balancer": "2.10.9", + "@prosopo/redis-client": "1.0.28", "@prosopo/locale": "3.2.6", - "@prosopo/types": "4.9.7", - "@prosopo/types-database": "4.11.9", - "@prosopo/types-env": "2.10.9", - "@prosopo/user-access-policy": "3.12.1", - "@prosopo/util": "3.3.3", + "@prosopo/types": "4.9.8", + "@prosopo/types-database": "4.11.10", + "@prosopo/types-env": "2.10.10", + "@prosopo/user-access-policy": "3.12.2", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "cron": "3.1.7", "express": "4.21.2", diff --git a/packages/redis-client/CHANGELOG.md b/packages/redis-client/CHANGELOG.md index 7b0527fd7f..17f46bb431 100644 --- a/packages/redis-client/CHANGELOG.md +++ b/packages/redis-client/CHANGELOG.md @@ -1,5 +1,10 @@ # @prosopo/redis-client +## 1.0.28 +### Patch Changes + + - @prosopo/logger@2.0.2 + ## 1.0.27 ### Patch Changes diff --git a/packages/redis-client/package.json b/packages/redis-client/package.json index ef82d68742..751117cd96 100644 --- a/packages/redis-client/package.json +++ b/packages/redis-client/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/redis-client", - "version": "1.0.27", + "version": "1.0.28", "description": "Pluggable Redis client for non-blocking connections with smart index creation", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -38,7 +38,7 @@ }, "homepage": "https://github.com/prosopo/captcha#readme", "dependencies": { - "@prosopo/logger": "2.0.1", + "@prosopo/logger": "2.0.2", "@redis/search": "5.0.0", "redis": "5.0.0" }, diff --git a/packages/server/CHANGELOG.md b/packages/server/CHANGELOG.md index 5b62c14fff..4ac7c6614a 100644 --- a/packages/server/CHANGELOG.md +++ b/packages/server/CHANGELOG.md @@ -1,5 +1,17 @@ # @prosopo/server +## 2.10.34 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/api@3.5.15 + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/common@3.1.44 + - @prosopo/keyring@2.9.55 + - @prosopo/load-balancer@2.10.9 + - @prosopo/logger@2.0.2 + ## 2.10.33 ### Patch Changes diff --git a/packages/server/package.json b/packages/server/package.json index 726d442899..a0fbf681b6 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/server", - "version": "2.10.33", + "version": "2.10.34", "description": "NodeJS package for server side communication with the prosopo captcha client", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -37,13 +37,13 @@ "homepage": "https://github.com/prosopo/captcha#readme", "sideEffects": false, "dependencies": { - "@prosopo/api": "3.5.14", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/keyring": "2.9.54", - "@prosopo/load-balancer": "2.10.8", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/api": "3.5.15", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/keyring": "2.9.55", + "@prosopo/load-balancer": "2.10.9", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "i18next": "24.1.0" }, "devDependencies": { diff --git a/packages/types-database/CHANGELOG.md b/packages/types-database/CHANGELOG.md index e15ae72fe1..8ed902e875 100644 --- a/packages/types-database/CHANGELOG.md +++ b/packages/types-database/CHANGELOG.md @@ -1,5 +1,26 @@ # @prosopo/types-database +## 4.11.10 +### Patch Changes + +- 85e8857: Record both the top-frame URL and the widget's own iframe URL on frictionless sessions. + + Previously the client only sent one field (`currentUrl`), which for embedded widgets resolved to the top-frame URL — so we lost visibility into which iframe endpoint the session was actually loaded through. Now the client sends both: + + - `currentUrl`: the top-frame URL (same resolution rules as before — same-origin iframes read `window.top.location.href` directly; cross-origin iframes fall back to `document.referrer`). + - `iframeUrl`: the widget's own frame URL when embedded. Undefined when the widget IS the top frame (nothing to distinguish). + + Both fields are sanitised client- and server-side (origin + path only; query string, fragment and any embedded credentials stripped). The provider persists both on the `Session` record and re-uses them on post-PoW escalation sessions. Only `currentUrl` is gated in the frictionless decision machine (unchanged — missing `currentUrl` still forces an image captcha); `iframeUrl` is recorded for analytics. + + Both fields are also surfaced to the decision machines as raw signals: `RoutingMachineRawSignals` gains an optional `iframeUrl` populated from the freshly decrypted frictionless payload on the `route` phase, from the persisted Session record on the `postPow` phase, and from the cached Session in the dedup replay path — matching how `currentUrl` is already threaded through. + + Additionally, sessions carry a new computed boolean `isProtect`, set at session-creation time when the widget iframe was served from `protect.` and embedded in a page on the same tenant (subdomain-of matching, dot-boundary safe — see `isProtectDeployment` in `@prosopo/util`). Persisted only when true (same pattern as `isEscalation`) and backed by a sparse `{isProtect, createdAt}` index so analytics can cheaply retrieve Protect sessions without re-parsing URLs. Post-PoW escalation sessions inherit the flag from the origin session. +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/user-access-policy@3.12.2 + - @prosopo/common@3.1.44 + - @prosopo/logger@2.0.2 + ## 4.11.9 ### Patch Changes diff --git a/packages/types-database/package.json b/packages/types-database/package.json index f954a70d64..33e2ba2130 100644 --- a/packages/types-database/package.json +++ b/packages/types-database/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/types-database", - "version": "4.11.9", + "version": "4.11.10", "description": "Types for prosopo database", "type": "module", "main": "dist/index.js", @@ -36,11 +36,11 @@ }, "homepage": "https://github.com/prosopo/captcha#readme", "dependencies": { - "@prosopo/common": "3.1.43", + "@prosopo/common": "3.1.44", "@prosopo/locale": "3.2.6", - "@prosopo/logger": "2.0.1", - "@prosopo/types": "4.9.7", - "@prosopo/user-access-policy": "3.12.1", + "@prosopo/logger": "2.0.2", + "@prosopo/types": "4.9.8", + "@prosopo/user-access-policy": "3.12.2", "bson": "6.10.4", "mongoose": "8.13.0", "zod": "3.23.8" diff --git a/packages/types-env/CHANGELOG.md b/packages/types-env/CHANGELOG.md index 49c1237d22..f0a5e8cde6 100644 --- a/packages/types-env/CHANGELOG.md +++ b/packages/types-env/CHANGELOG.md @@ -1,5 +1,14 @@ # @prosopo/types-env +## 2.10.10 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/types@4.9.8 + - @prosopo/types-database@4.11.10 + - @prosopo/keyring@2.9.55 + - @prosopo/logger@2.0.2 + ## 2.10.9 ### Patch Changes diff --git a/packages/types-env/package.json b/packages/types-env/package.json index 6cac1979e0..d017ba4142 100644 --- a/packages/types-env/package.json +++ b/packages/types-env/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/types-env", - "version": "2.10.9", + "version": "2.10.10", "description": "Types for prosopo environment", "main": "dist/index.js", "types": "dist/index.d.ts", @@ -36,10 +36,10 @@ }, "homepage": "https://github.com/prosopo/captcha#readme", "dependencies": { - "@prosopo/logger": "2.0.1", - "@prosopo/keyring": "2.9.54", - "@prosopo/types": "4.9.7", - "@prosopo/types-database": "4.11.9" + "@prosopo/logger": "2.0.2", + "@prosopo/keyring": "2.9.55", + "@prosopo/types": "4.9.8", + "@prosopo/types-database": "4.11.10" }, "devDependencies": { "@prosopo/config": "3.3.4", diff --git a/packages/types/CHANGELOG.md b/packages/types/CHANGELOG.md index 3a73d3aec1..a0055224b1 100644 --- a/packages/types/CHANGELOG.md +++ b/packages/types/CHANGELOG.md @@ -1,5 +1,23 @@ # @prosopo/types +## 4.9.8 +### Patch Changes + +- 85e8857: Record both the top-frame URL and the widget's own iframe URL on frictionless sessions. + + Previously the client only sent one field (`currentUrl`), which for embedded widgets resolved to the top-frame URL — so we lost visibility into which iframe endpoint the session was actually loaded through. Now the client sends both: + + - `currentUrl`: the top-frame URL (same resolution rules as before — same-origin iframes read `window.top.location.href` directly; cross-origin iframes fall back to `document.referrer`). + - `iframeUrl`: the widget's own frame URL when embedded. Undefined when the widget IS the top frame (nothing to distinguish). + + Both fields are sanitised client- and server-side (origin + path only; query string, fragment and any embedded credentials stripped). The provider persists both on the `Session` record and re-uses them on post-PoW escalation sessions. Only `currentUrl` is gated in the frictionless decision machine (unchanged — missing `currentUrl` still forces an image captcha); `iframeUrl` is recorded for analytics. + + Both fields are also surfaced to the decision machines as raw signals: `RoutingMachineRawSignals` gains an optional `iframeUrl` populated from the freshly decrypted frictionless payload on the `route` phase, from the persisted Session record on the `postPow` phase, and from the cached Session in the dedup replay path — matching how `currentUrl` is already threaded through. + + Additionally, sessions carry a new computed boolean `isProtect`, set at session-creation time when the widget iframe was served from `protect.` and embedded in a page on the same tenant (subdomain-of matching, dot-boundary safe — see `isProtectDeployment` in `@prosopo/util`). Persisted only when true (same pattern as `isEscalation`) and backed by a sparse `{isProtect, createdAt}` index so analytics can cheaply retrieve Protect sessions without re-parsing URLs. Post-PoW escalation sessions inherit the flag from the origin session. +- Updated dependencies [85e8857] + - @prosopo/util@3.3.4 + ## 4.9.7 ### Patch Changes diff --git a/packages/types/package.json b/packages/types/package.json index 0272822322..ec8d6cf9ad 100644 --- a/packages/types/package.json +++ b/packages/types/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/types", - "version": "4.9.7", + "version": "4.9.8", "description": "Types for prosopo TypeScript packages", "type": "module", "main": "dist/index.js", @@ -40,7 +40,7 @@ "@polkadot/types": "16.4.9", "@polkadot/util": "13.5.7", "@prosopo/locale": "3.2.6", - "@prosopo/util": "3.3.3", + "@prosopo/util": "3.3.4", "@prosopo/util-crypto": "13.5.30", "ip-address": "10.0.1", "scale-ts": "1.6.1", diff --git a/packages/user-access-policy/CHANGELOG.md b/packages/user-access-policy/CHANGELOG.md index 310652b148..f76f13f2ac 100644 --- a/packages/user-access-policy/CHANGELOG.md +++ b/packages/user-access-policy/CHANGELOG.md @@ -1,5 +1,17 @@ # @prosopo/user-access-policy +## 3.12.2 +### Patch Changes + +- Updated dependencies [85e8857] + - @prosopo/api@3.5.15 + - @prosopo/types@4.9.8 + - @prosopo/util@3.3.4 + - @prosopo/common@3.1.44 + - @prosopo/logger@2.0.2 + - @prosopo/api-route@2.6.51 + - @prosopo/redis-client@1.0.28 + ## 3.12.1 ### Patch Changes diff --git a/packages/user-access-policy/package.json b/packages/user-access-policy/package.json index b5b0965f9c..dec2622e35 100644 --- a/packages/user-access-policy/package.json +++ b/packages/user-access-policy/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/user-access-policy", - "version": "3.12.1", + "version": "3.12.2", "type": "module", "engines": { "node": "^24", @@ -43,13 +43,13 @@ "test": "npm run test:unit && npm run test:integration" }, "dependencies": { - "@prosopo/api": "3.5.14", - "@prosopo/api-route": "2.6.50", - "@prosopo/common": "3.1.43", - "@prosopo/logger": "2.0.1", - "@prosopo/redis-client": "1.0.27", - "@prosopo/types": "4.9.7", - "@prosopo/util": "3.3.3", + "@prosopo/api": "3.5.15", + "@prosopo/api-route": "2.6.51", + "@prosopo/common": "3.1.44", + "@prosopo/logger": "2.0.2", + "@prosopo/redis-client": "1.0.28", + "@prosopo/types": "4.9.8", + "@prosopo/util": "3.3.4", "@redis/search": "5.0.0", "cidr-calc": "1.0.4", "dotenv": "16.4.5", diff --git a/packages/util/CHANGELOG.md b/packages/util/CHANGELOG.md index 20c29f5108..0f21d162ee 100644 --- a/packages/util/CHANGELOG.md +++ b/packages/util/CHANGELOG.md @@ -1,5 +1,21 @@ # @prosopo/util +## 3.3.4 +### Patch Changes + +- 85e8857: Record both the top-frame URL and the widget's own iframe URL on frictionless sessions. + + Previously the client only sent one field (`currentUrl`), which for embedded widgets resolved to the top-frame URL — so we lost visibility into which iframe endpoint the session was actually loaded through. Now the client sends both: + + - `currentUrl`: the top-frame URL (same resolution rules as before — same-origin iframes read `window.top.location.href` directly; cross-origin iframes fall back to `document.referrer`). + - `iframeUrl`: the widget's own frame URL when embedded. Undefined when the widget IS the top frame (nothing to distinguish). + + Both fields are sanitised client- and server-side (origin + path only; query string, fragment and any embedded credentials stripped). The provider persists both on the `Session` record and re-uses them on post-PoW escalation sessions. Only `currentUrl` is gated in the frictionless decision machine (unchanged — missing `currentUrl` still forces an image captcha); `iframeUrl` is recorded for analytics. + + Both fields are also surfaced to the decision machines as raw signals: `RoutingMachineRawSignals` gains an optional `iframeUrl` populated from the freshly decrypted frictionless payload on the `route` phase, from the persisted Session record on the `postPow` phase, and from the cached Session in the dedup replay path — matching how `currentUrl` is already threaded through. + + Additionally, sessions carry a new computed boolean `isProtect`, set at session-creation time when the widget iframe was served from `protect.` and embedded in a page on the same tenant (subdomain-of matching, dot-boundary safe — see `isProtectDeployment` in `@prosopo/util`). Persisted only when true (same pattern as `isEscalation`) and backed by a sparse `{isProtect, createdAt}` index so analytics can cheaply retrieve Protect sessions without re-parsing URLs. Post-PoW escalation sessions inherit the flag from the origin session. + ## 3.3.3 ### Patch Changes diff --git a/packages/util/package.json b/packages/util/package.json index 487df05c0a..acc1fba801 100644 --- a/packages/util/package.json +++ b/packages/util/package.json @@ -1,6 +1,6 @@ { "name": "@prosopo/util", - "version": "3.3.3", + "version": "3.3.4", "author": "PROSOPO LIMITED ", "license": "Apache-2.0", "private": false,