@redsocs/spam-warden 1.1.8 → 1.1.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +2 -2
  2. package/dist/spamwarden.js +1704 -1
  3. package/dist/spamwarden.min.js +2 -2
  4. package/package.json +1 -1
package/README.md CHANGED
@@ -95,7 +95,7 @@ We do not rely solely on "Security through Obscurity." SpamWarden employs a **Ho
95
95
  1. **The Ghost Tarpit (Honeypot):** We intentionally deploy a "Poison Pill" decoy. If a bot or attacker attempts to bypass or tamper with the script, they are redirected into this trap, which is designed to actively retaliate by crashing headless browsers (Puppeteer/Playwright) and wasting attacker compute credits.
96
96
  2. **Build-Time Randomization (The Moving Target):** The real machine-learning engine is hidden inside an isolated closure and bound to the DOM using a randomized cryptographic key generated during compilation. The internal execution path changes on every release, defeating static bypass scripts.
97
97
  3. **Brutal DOM Protection:** By utilizing Document-Level Capturing Phase listeners, Prototype Monkey-Patching, and MutationObservers, SpamWarden intercepts submissions before they reach the form element. This defeats trivial bypasses like form cloning or direct `document.forms[0].submit()` calls.
98
- 4. **Aggressive Obfuscation:** The final distribution is run through high-entropy obfuscation (Control Flow Flattening, String Shifting) to protect the model weights and heavily penalize reverse engineers trying to step through the code.
98
+ 4. **Aggressive Obfuscation:** The final distribution is run through proprietary, high-entropy obfuscation routines to protect the model weights and heavily penalize reverse engineering attempts.
99
99
 
100
100
  If you require absolute, mathematically unbroken security, client-side protection will never be enough. You **must** validate payloads on your backend:
101
101
  - **For WordPress:** Use our [SpamWarden WP Plugin](https://redsocs.com/spam-warden) to protect your server at the PHP layer (Paid).
@@ -131,7 +131,7 @@ You can spin up a local simulation server to test the DOM auto-blocking behavior
131
131
 
132
132
  # About
133
133
 
134
- - **Version:** 1.1.8 (Engine v11.06)
134
+ - **Version:** 1.1.10 (Engine v11.06)
135
135
  - **Author:** [RedSocs](https://github.com/RedSocs)
136
136
  - **License:** MIT
137
137
  - **Model Origin:** Trained via [RedSocs/spam-labeler](https://github.com/RedSocs/spam-labeler)