@enslo/sd-metadata 2.2.0 → 3.0.0

package/CHANGELOG.md

@@ -5,6 +5,56 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [3.0.0] - 2026-06-07
+
+### Added
+
+- **C2PA Content Credentials detection** (#234): Detect AI provenance metadata
+  embedded by commercial tools (ChatGPT / OpenAI, Gemini / Google). When an
+  image carries no recognized generation parameters but has a signed C2PA
+  manifest, `read()` now returns a `c2pa` status with coarse vendor attribution
+  and the declared AI-generated flag.
+  - New `C2paMetadata` and `C2paVendor` types
+  - The manifest is read as declared; its cryptographic signature is **not**
+    verified, so presence is not proof of authenticity and absence is not proof
+    of human origin
+
+### Potentially Breaking Changes
+
+- **New `ParseResult` variant** (#234): `{ status: 'c2pa'; c2pa: C2paMetadata }`
+  added. TypeScript users with an exhaustive `switch` on `result.status` (or a
+  `Record<...>` keyed by the status union) will need to handle the new `'c2pa'`
+  case.
+- **`read()` behavior change** (#234): images that carry a C2PA manifest but no
+  recognized generation metadata now return `{ status: 'c2pa' }` instead of
+  `{ status: 'unrecognized' }` or `{ status: 'empty' }`.
+
+### Security
+
+- **`read()` hardening** (#236): Fix two HIGH-severity issues when reading
+  malformed input — a ReDoS via unbounded regex backtracking in XMP parsing,
+  and an out-of-bounds `RangeError` while reading image dimensions.
+
+### Maintenance
+
+- Update development dependencies
+
+## [2.3.0] - 2026-05-30
+
+### Improved
+
+- **ComfyUI metadata parsing** (#219): Improved accuracy and coverage for
+  non-standard workflow topologies and custom nodes (`ShowText|pysssss`,
+  `PromptStashSaver`). Several edge cases that previously caused parse failures
+  or incorrect results — including workflows with `NaN`-containing JSON, node
+  references in model fields, and workflow-only PNG files — are now handled
+  correctly.
+
+### Maintenance
+
+- Add `index.d.ts.map` (declaration sourcemaps) to the published output (#216)
+- Update development dependencies
+
 ## [2.2.0] - 2026-02-27
 
 ### Added

package/README.ja.md

@@ -14,6 +14,7 @@ AI生成画像に埋め込まれたメタデータを読み書きするための
 
 - **マルチフォーマット対応**: PNG (tEXt / iTXt)、JPEG (COM / Exif)、WebP (Exif)
 - **シンプルAPI**: `read()`、`write()`、`embed()`、`stringify()` — 4つの関数で全ユースケースをカバー
+- **AI生成元の検出**: C2PA Content Credentials を持つ画像（OpenAI ChatGPT、Google Gemini）を識別 — 検出のみ、署名検証なし
 - **TypeScriptネイティブ**: TypeScriptで書かれており、型定義を完全同梱
 - **ゼロ依存**: Node.jsとブラウザで外部依存なしで動作
 - **フォーマット変換**: PNG、JPEG、WebP間でメタデータをシームレスに変換
@@ -148,7 +149,7 @@ fileInput.addEventListener('change', async (e) => {
 // ==UserScript==
 // @name        My Script
 // @namespace   https://example.com
-// @require     https://cdn.jsdelivr.net/npm/@enslo/sd-metadata@2.2.0/dist/index.global.js
+// @require     https://cdn.jsdelivr.net/npm/@enslo/sd-metadata@3.0.0/dist/index.global.js
 // ==/UserScript==
 
 const response = await fetch(imageUrl);
@@ -211,6 +212,13 @@ switch (result.status) {
     console.log(`Prompt: ${result.metadata.prompt}`);
     break;
 
+  case 'c2pa':
+    // C2PA Content Credentials を検出（例：OpenAI ChatGPT、Google Gemini）。
+    // 検出のみ — 署名は検証されず、読み取れる生成パラメータ（プロンプト／シード／モデル）もありません。
+    console.log(`AI生成元（未検証）: ${result.c2pa.vendor}`);
+    console.log(`Claim generator: ${result.c2pa.claimGenerator ?? 'unknown'}`);
+    break;
+
   case 'unrecognized':
     // メタデータは存在するがフォーマットが認識できない
     console.log('不明なメタデータフォーマット');
@@ -258,6 +266,27 @@ if (result.ok) {
 
 </details>
 
+<details>
+<summary>AI生成元の検出（C2PA Content Credentials）</summary>
+
+一部の商用ツール（OpenAI ChatGPT、Google Gemini）は、生成パラメータの代わりに C2PA Content Credentials を埋め込みます。これらの画像に対して `read()` は `{ status: 'c2pa', c2pa }` を返します：
+
+```typescript
+import { read, c2paVendorLabels } from '@enslo/sd-metadata';
+
+const result = read(imageData);
+
+if (result.status === 'c2pa') {
+  console.log('Vendor:', c2paVendorLabels[result.c2pa.vendor]);
+  console.log('Declared AI-generated:', result.c2pa.aiGenerated);
+  console.log('Claim generator:', result.c2pa.claimGenerator ?? 'unknown');
+}
+```
+
+> **検出のみ — 証明にはなりません。** C2PA署名を検証しないため、`c2pa` の結果は偽造可能で、真正性の証明にはなりません。また Content Credentials は再アップロードや再エンコードで失われやすいため、`c2pa` にならないことも「AI生成ではない」ことの証明にはなりません。
+
+</details>
+
 <details>
 <summary>メタデータの削除</summary>
 
@@ -365,13 +394,16 @@ if (text) {
 **パラメータ:**
 
 - `input` - 画像ファイルデータ（PNG、JPEG、またはWebP）
-- `options` - オプションの読み込み設定（詳細は[型ドキュメント](./docs/types.ja.md)を参照）
+- `options` - オプションの読み込み設定
+  - `strict?: boolean`（デフォルト: `false`）— `true` の場合、寸法（`width` / `height`）はメタデータからのみ取得します。`false` の場合、メタデータに寸法がなければ画像ヘッダーから取得します。
 
 **戻り値:**
 
 - `{ status: 'success', metadata, raw }` - パース成功
   - `metadata`: 統一されたメタデータオブジェクト（`GenerationMetadata`を参照）
   - `raw`: 元のフォーマット固有のデータ（chunks/segments）
+- `{ status: 'c2pa', c2pa }` - 画像がC2PA Content Credentials（例：OpenAI ChatGPT、Google Gemini）を持つが、パース可能な生成メタデータがない
+  - `c2pa`: 未検証の Content Credentials（`C2paMetadata`を参照）。検出のみ — 署名は検証されません。
 - `{ status: 'unrecognized', raw }` - 画像にメタデータがあるが既知のAIツールからではない
   - `raw`: 変換用に保持された元のメタデータ
 - `{ status: 'empty' }` - 画像にメタデータが見つからない
@@ -396,7 +428,7 @@ if (text) {
 - `{ ok: false, error: { type, message? } }` - 失敗。`type` は以下のいずれか：
   - `'unsupportedFormat'`: 対象画像がPNG、JPEG、WebP以外の場合
   - `'conversionFailed'`: メタデータ変換に失敗（例：互換性のないフォーマット）
-  - `'writeFailed'`: 画像へのメタデータ埋め込みに失敗
+  - `'writeFailed'`: 画像へのメタデータ埋め込みに失敗、または再書き込みが不可能な場合
 
 ### `embed(input: Uint8Array | ArrayBuffer, metadata: EmbedMetadata | GenerationMetadata): WriteResult`
 
@@ -430,7 +462,11 @@ SD WebUI (A1111) フォーマットでカスタムメタデータを画像に埋
 
 **戻り値:**
 
-- `ParseResult` の場合: `success` → WebUIフォーマット、`unrecognized` → 生テキスト、`empty`/`invalid` → 空文字列
+- `ParseResult` の場合:
+  - `success` → WebUIフォーマット
+  - `c2pa` → claim generator 名（`claimGenerator ?? ''`）
+  - `unrecognized` → 生テキスト
+  - `empty` / `invalid` → 空文字列
 - `EmbedMetadata` / `GenerationMetadata` の場合: WebUIフォーマットのテキスト
 
 **ユースケース:**
@@ -454,6 +490,20 @@ if (result.status === 'success') {
 }
 ```
 
+### `c2paVendorLabels: Record<C2paVendor, string>`
+
+`C2paVendor` の識別子から表示用の名前への読み取り専用マッピング。
+
+```typescript
+import { c2paVendorLabels } from '@enslo/sd-metadata';
+
+const result = read(imageData);
+if (result.status === 'c2pa') {
+  console.log(c2paVendorLabels[result.c2pa.vendor]);
+  // => "OpenAI (ChatGPT)", "Google (Gemini)", "AI-generated (Content Credentials)"
+}
+```
+
 ## 型リファレンス
 
 このセクションでは主要な型の概要を説明します。完全な型定義については[型ドキュメント](./docs/types.ja.md)を参照してください。
@@ -465,6 +515,7 @@ if (result.status === 'success') {
 ```typescript
 type ParseResult =
   | { status: 'success'; metadata: GenerationMetadata; raw: RawMetadata }
+  | { status: 'c2pa'; c2pa: C2paMetadata }
   | { status: 'unrecognized'; raw: RawMetadata }
   | { status: 'empty' }
   | { status: 'invalid'; message?: string };

package/README.md

@@ -14,6 +14,7 @@ A TypeScript library to read and write metadata embedded in AI-generated images.
 
 - **Multi-format Support**: PNG (tEXt / iTXt), JPEG (COM / Exif), WebP (Exif)
 - **Simple API**: `read()`, `write()`, `embed()`, `stringify()` — four functions cover all use cases
+- **AI Provenance Detection**: identifies images carrying C2PA Content Credentials (OpenAI ChatGPT, Google Gemini) — detection only, no signature verification
 - **TypeScript Native**: Written in TypeScript with full type definitions included
 - **Zero Dependencies**: Works in Node.js and browsers without any external dependencies
 - **Format Conversion**: Seamlessly convert metadata between PNG, JPEG, and WebP
@@ -148,7 +149,7 @@ For userscripts (Tampermonkey, Violentmonkey, etc.), load the IIFE build via `@r
 // ==UserScript==
 // @name        My Script
 // @namespace   https://example.com
-// @require     https://cdn.jsdelivr.net/npm/@enslo/sd-metadata@2.2.0/dist/index.global.js
+// @require     https://cdn.jsdelivr.net/npm/@enslo/sd-metadata@3.0.0/dist/index.global.js
 // ==/UserScript==
 
 const response = await fetch(imageUrl);
@@ -211,6 +212,14 @@ switch (result.status) {
     console.log(`Prompt: ${result.metadata.prompt}`);
     break;
 
+  case 'c2pa':
+    // C2PA Content Credentials detected (e.g. OpenAI ChatGPT, Google Gemini).
+    // Detection only — the signature is NOT verified, and there are no
+    // generation parameters (prompt/seed/model) to read.
+    console.log(`AI provenance: ${result.c2pa.vendor} (unverified)`);
+    console.log(`Claim generator: ${result.c2pa.claimGenerator ?? 'unknown'}`);
+    break;
+
   case 'unrecognized':
     // Metadata exists but format is not recognized
     console.log('Unknown metadata format');
@@ -258,6 +267,27 @@ if (result.ok) {
 
 </details>
 
+<details>
+<summary>AI Provenance Detection (C2PA Content Credentials)</summary>
+
+Some commercial tools (OpenAI ChatGPT, Google Gemini) embed a signed C2PA "Content Credentials" provenance manifest instead of generation parameters. `read()` returns `{ status: 'c2pa', c2pa }` for these images:
+
+```typescript
+import { read, c2paVendorLabels } from '@enslo/sd-metadata';
+
+const result = read(imageData);
+
+if (result.status === 'c2pa') {
+  console.log('Vendor:', c2paVendorLabels[result.c2pa.vendor]);
+  console.log('Declared AI-generated:', result.c2pa.aiGenerated);
+  console.log('Claim generator:', result.c2pa.claimGenerator ?? 'unknown');
+}
+```
+
+> **Detection only — not proof.** The C2PA signature is not verified, so a `c2pa` result is forgeable and cannot prove authenticity. Content Credentials are also easily stripped (screenshots, re-uploads, re-encoding), so the absence of a `c2pa` result does not prove an image is *not* AI-generated.
+
+</details>
+
 <details>
 <summary>Removing Metadata</summary>
 
@@ -362,13 +392,16 @@ Reads and parses metadata from an image file.
 **Parameters:**
 
 - `input` - Image file data (PNG, JPEG, or WebP)
-- `options` - Optional read options (see [Type Documentation](./docs/types.md) for details)
+- `options` - Optional read options
+  - `strict?: boolean` (default: `false`) — When `true`, dimensions (`width` / `height`) are taken strictly from metadata only. When `false`, missing dimensions are extracted from image headers.
 
 **Returns:**
 
 - `{ status: 'success', metadata, raw }` - Successfully parsed
   - `metadata`: Unified metadata object (see `GenerationMetadata`)
   - `raw`: Original format-specific data (chunks/segments)
+- `{ status: 'c2pa', c2pa }` - Image carries C2PA Content Credentials (e.g. OpenAI ChatGPT, Google Gemini) but no parseable generation metadata
+  - `c2pa`: Declared (unverified) AI provenance (see `C2paMetadata`). Detection only — the signature is not verified.
 - `{ status: 'unrecognized', raw }` - Image has metadata but not from a known AI tool
   - `raw`: Original metadata preserved for conversion
 - `{ status: 'empty' }` - No metadata found in the image
@@ -393,7 +426,7 @@ Writes metadata to an image file.
 - `{ ok: false, error: { type, message? } }` - Failed. `type` is one of:
   - `'unsupportedFormat'`: Target image is not PNG, JPEG, or WebP
   - `'conversionFailed'`: Metadata conversion failed (e.g., incompatible format)
-  - `'writeFailed'`: Failed to embed metadata into the image
+  - `'writeFailed'`: Failed to embed metadata into the image, or the input cannot be written back
 
 ### `embed(input: Uint8Array | ArrayBuffer, metadata: EmbedMetadata | GenerationMetadata): WriteResult`
 
@@ -429,9 +462,11 @@ Converts metadata to a human-readable string.
 
 **Returns:**
 
-- `ParseResult` with `success` → Human-readable text in WebUI format
-- `ParseResult` with `unrecognized` → Raw metadata as plain text
-- `ParseResult` with `empty` / `invalid` → Empty string
+- `ParseResult`:
+  - `success` → Human-readable text in WebUI format
+  - `c2pa` → The claim generator name (`claimGenerator ?? ''`)
+  - `unrecognized` → Raw metadata as plain text
+  - `empty` / `invalid` → Empty string
 - `EmbedMetadata` / `GenerationMetadata` → Human-readable text in WebUI format
 
 **Use cases:**
@@ -439,6 +474,7 @@ Converts metadata to a human-readable string.
 - Displaying generation parameters in image viewers or galleries
 - Copying metadata to clipboard as readable text
 - Logging or debugging parsed metadata
+- Previewing `EmbedMetadata` before embedding
 
 ### `softwareLabels: Record<GenerationSoftware, string>`
 
@@ -454,6 +490,20 @@ if (result.status === 'success') {
 }
 ```
 
+### `c2paVendorLabels: Record<C2paVendor, string>`
+
+A read-only mapping from `C2paVendor` identifiers to their human-readable display names.
+
+```typescript
+import { c2paVendorLabels } from '@enslo/sd-metadata';
+
+const result = read(imageData);
+if (result.status === 'c2pa') {
+  console.log(c2paVendorLabels[result.c2pa.vendor]);
+  // => "OpenAI (ChatGPT)", "Google (Gemini)", "AI-generated (Content Credentials)"
+}
+```
+
 ## Type Reference
 
 This section provides an overview of the main types. For complete type definitions, see [Type Documentation](./docs/types.md).
@@ -465,6 +515,7 @@ The result of the `read()` function. It uses a discriminated union with a `statu
 ```typescript
 type ParseResult =
   | { status: 'success'; metadata: GenerationMetadata; raw: RawMetadata }
+  | { status: 'c2pa'; c2pa: C2paMetadata }
   | { status: 'unrecognized'; raw: RawMetadata }
   | { status: 'empty' }
   | { status: 'invalid'; message?: string };