@npm-pipl/device-intelligence 1.1.1 → 1.1.3

package/dist/device-intelligence.js

@@ -1,5 +1,5 @@
 /*!
- * Device Intelligence SDK v1.1.1
+ * Device Intelligence SDK v1.1.3
  * (c) 2026 Your Company
  * Released under the MIT License
  */
@@ -5518,7 +5518,19 @@ ZwIDAQAB
             // Check webdriver property
             if (nav.webdriver === true)
                 return true;
-            // Check for automation-related properties
+            // Detect navigator.webdriver tampering (stealth plugins redefine the getter)
+            try {
+                const desc = Object.getOwnPropertyDescriptor(Navigator.prototype, "webdriver");
+                if (desc?.get) {
+                    const src = Function.prototype.toString.call(desc.get);
+                    if (!/\[native code\]/.test(src))
+                        return true;
+                }
+            }
+            catch {
+                /* ignore */
+            }
+            // Check for automation-related properties on window / document
             const automationProps = [
                 "__selenium_unwrapped",
                 "__webdriver_evaluate",
@@ -5537,12 +5549,22 @@ ZwIDAQAB
                 "$chrome_asyncScriptInfo",
                 "__nightmare",
                 "__puppeteer_evaluation_script__",
-                "__playwright_evaluation_script__"
+                "__playwright_evaluation_script__",
+                "__playwright",
+                "__pw_manual"
             ];
             for (const prop of automationProps) {
                 if (prop in win || prop in document)
                     return true;
             }
+            // Dynamic $cdc_ scan — ChromeDriver injects keys with varying suffixes
+            try {
+                if (Object.keys(win).some((k) => k.startsWith("$cdc_")))
+                    return true;
+            }
+            catch {
+                /* ignore */
+            }
             // Check for PhantomJS
             if ("callPhantom" in win || "_phantom" in win || "phantom" in win) {
                 return true;
@@ -5552,8 +5574,44 @@ ZwIDAQAB
             if (ua.includes("headless") || ua.includes("phantomjs")) {
                 return true;
             }
-            // Check for CriOS (Chrome on iOS), which is legitimate
-            // but check for other weird UA patterns
+            // WebGL renderer — headless Chromium uses SwiftShader (software renderer)
+            try {
+                const canvas = document.createElement("canvas");
+                const gl = canvas.getContext("webgl") || canvas.getContext("experimental-webgl");
+                if (gl) {
+                    const dbg = gl.getExtension("WEBGL_debug_renderer_info");
+                    if (dbg) {
+                        const renderer = gl.getParameter(dbg.UNMASKED_RENDERER_WEBGL);
+                        if (typeof renderer === "string" && /swiftshader/i.test(renderer)) {
+                            return true;
+                        }
+                    }
+                }
+            }
+            catch {
+                /* ignore */
+            }
+            // Plugins — headless browsers report 0 plugins; real Chrome always has >=1
+            try {
+                if (nav.plugins && nav.plugins.length === 0 && !ua.includes("firefox")) {
+                    return true;
+                }
+            }
+            catch {
+                /* ignore */
+            }
+            // Chrome object inconsistency — Chrome UA but missing window.chrome
+            try {
+                if (ua.includes("chrome") && !("chrome" in win)) {
+                    return true;
+                }
+                if (win.chrome && !win.chrome.runtime && !win.chrome.csi) {
+                    return true;
+                }
+            }
+            catch {
+                /* ignore */
+            }
             return false;
         }
     };
@@ -5715,67 +5773,103 @@ ZwIDAQAB
     const incognitoMode = {
         category: "risk",
         key: "incognito_mode",
-        version: 1,
+        version: 2,
         cacheTtlMs: 300000,
-        timeoutMs: 2000,
+        timeoutMs: 3000,
         collect: async () => {
-            // Safari: Check storage quota (with timeout to prevent hanging)
+            const ua = (navigator.userAgent || "").toLowerCase();
+            const isChromium = ua.includes("chrome") || ua.includes("chromium");
+            const isFirefox = ua.includes("firefox");
+            // ── Storage quota ──────────────────────────────────────────────────
+            // Normal mode:   quota ≈ 50–60 % of disk (tens to hundreds of GB).
+            // Incognito:     quota is RAM-based and much smaller.
+            //   • Safari / Firefox private: typically < 200 MB
+            //   • Chrome incognito: scales with device RAM (1–16 GB)
             try {
-                const storage = await withTimeout(navigator.storage.estimate(), 1000);
-                if (storage &&
-                    storage.quota !== undefined &&
-                    storage.quota < 120000000) {
-                    return {
-                        is_private: true,
-                        confidence: "high",
-                        method: "storage_quota"
-                    };
+                const est = await withTimeout(navigator.storage.estimate(), 1500);
+                if (est && est.quota !== undefined) {
+                    const quota = est.quota;
+                    // Tier 1: very small quota — catches Safari & Firefox private
+                    if (quota < 200000000) {
+                        return {
+                            is_private: true,
+                            confidence: "high",
+                            method: "storage_quota"
+                        };
+                    }
+                    if (isChromium) {
+                        // Tier 2: compare quota to device memory (most reliable for Chrome).
+                        // In incognito, quota is RAM-based → quota ≤ ~RAM.
+                        // In normal mode, quota is disk-based → quota >> RAM.
+                        // navigator.deviceMemory is capped at 8 (GB) and coarsened,
+                        // so we use a 3× multiplier to cover the gap between the
+                        // capped value and real RAM.  Even on a 64 GB RAM machine
+                        // (deviceMemory=8), incognito quota (~16 GB) < 3×8 GB = 24 GB,
+                        // while normal quota on a 128 GB SSD (~64 GB) > 24 GB.
+                        const deviceMemGB = navigator.deviceMemory;
+                        if (deviceMemGB && quota < deviceMemGB * 3 * 1024 * 1024 * 1024) {
+                            return {
+                                is_private: true,
+                                confidence: "medium",
+                                method: "storage_quota_vs_memory"
+                            };
+                        }
+                        // Tier 3: absolute fallback when deviceMemory is unavailable.
+                        // 16 GB catches incognito on most machines (up to ~32 GB RAM)
+                        // while staying below normal-mode quota on any disk ≥ 64 GB.
+                        if (!deviceMemGB && quota < 16000000000) {
+                            return {
+                                is_private: true,
+                                confidence: "medium",
+                                method: "storage_quota_chrome"
+                            };
+                        }
+                    }
                 }
             }
             catch {
-                // Not supported
+                // API not supported
             }
-            // Firefox: Check IndexedDB behavior (with timeout to prevent hanging)
+            // ── webkitTemporaryStorage (Chromium legacy) ───────────────────────
+            // Still present in some Chromium builds; incognito returns a small
+            // quota (often ≈ 120 MB) vs normal (multiple GB).
             try {
-                const dbResult = await withTimeout(new Promise((resolve, reject) => {
-                    const db = indexedDB.open("test");
-                    db.onerror = () => reject(new Error("IndexedDB error"));
-                    db.onsuccess = () => {
-                        db.result.close();
-                        resolve(true);
-                    };
-                }), 1000);
-                // If timeout occurred (null), treat as inconclusive, not private
-                if (dbResult === null) {
-                    // Timeout - can't determine, continue to next check
+                const tmpStorage = navigator.webkitTemporaryStorage;
+                if (tmpStorage?.queryUsageAndQuota) {
+                    const quota = await withTimeout(new Promise((resolve, reject) => {
+                        tmpStorage.queryUsageAndQuota((_usage, q) => resolve(q), () => reject(new Error("quota query failed")));
+                    }), 1000);
+                    if (quota !== null && quota < 200000000) {
+                        return {
+                            is_private: true,
+                            confidence: "medium",
+                            method: "webkit_temporary_storage"
+                        };
+                    }
                 }
             }
             catch {
-                return {
-                    is_private: true,
-                    confidence: "medium",
-                    method: "indexeddb"
-                };
+                // Not available
             }
-            // Chrome: Check filesystem API (deprecated but still works)
+            // ── IndexedDB ────────────────────────────────────────────────────────
+            // Firefox private mode rejects indexedDB.open().  Some Chrome/Edge
+            // incognito edge-cases (enterprise policies, older builds) also fail
+            // here, so we keep this as a universal late fallback.
             try {
-                const fs = window.webkitRequestFileSystem;
-                if (fs) {
-                    const fsResult = await withTimeout(new Promise((resolve, reject) => {
-                        fs(0, // TEMPORARY
-                        1, () => resolve(true), () => reject(new Error("FileSystem error")));
-                    }), 1000);
-                    // If timeout occurred, continue
-                    if (fsResult === null) {
-                        // Timeout - can't determine
-                    }
-                }
+                await withTimeout(new Promise((resolve, reject) => {
+                    const req = indexedDB.open("_di_priv_check");
+                    req.onerror = () => reject(new Error("blocked"));
+                    req.onsuccess = () => {
+                        req.result.close();
+                        resolve(true);
+                    };
+                }), 1000);
             }
             catch {
                 return {
                     is_private: true,
-                    confidence: "medium",
-                    method: "filesystem"
+                    confidence: isFirefox ? "medium" : "low",
+                    method: "indexeddb"
                 };
             }
             return {
@@ -5929,7 +6023,7 @@ ZwIDAQAB
         return getAllCollectors();
     }
 
-    var version = "1.1.1";
+    var version = "1.1.3";
     var packageJson = {
     	version: version};