@xiaoxionga/buzz 2.2.0 → 2.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +18 -12
  2. package/bin/buzz.js +25 -49
  3. package/package.json +1 -1
package/README.md CHANGED
@@ -38,22 +38,28 @@ Default unit is **minutes**. Add a suffix to override:
38
38
 
39
39
  ## How It Works
40
40
 
41
- | Platform | Method | Install needed? | Admin needed? |
42
- |----------|--------|:---------------:|:-------------:|
43
- | **macOS** | `caffeinate -i` (built-in) | ❌ | ❌ |
44
- | **Windows** | `SetThreadExecutionState` + mouse jiggle (built-in) | ❌ | ❌ |
45
- | **Linux** | `xdotool` (pre-installed on most distros) | maybe | ❌ |
41
+ | Platform | Method | Install needed? | Admin needed? | EDR Safe? |
42
+ |----------|--------|:---------------:|:-------------:|:---------:|
43
+ | **macOS** | `caffeinate -i` (built-in) | ❌ | ❌ | ✅ |
44
+ | **Windows** | `SendKeys F15` (built-in, minimal) | ❌ | ❌ | ✅ |
45
+ | **Linux** | `xdotool` (pre-installed) | maybe | ❌ | ✅ |
46
46
 
47
- - **macOS**: Uses Apple's built-in `caffeinate` — not even a mouse jiggle, just cleanly blocks idle sleep.
48
- - **Windows**: Triple strategy — `SetThreadExecutionState` (official Windows API, same as YouTube/PowerPoint use to prevent screen sleep) + mouse jiggle 1px every 30s + F15 keystroke as backup. Corporate lock screen policies that ignore synthetic keystrokes are handled by the real mouse movement.
49
- - **Linux**: Moves mouse 1px via `xdotool`.
47
+ ### Corporate Safety (Windows)
48
+
49
+ buzz deliberately uses **only** the most benign method on Windows (`WScript.Shell.SendKeys('{F15}')`) to avoid triggering corporate security software (EDR/DLP/antivirus). It does **NOT** use:
50
+
51
+ - ❌ `Add-Type` + `DllImport` — flagged as malware technique by CrowdStrike/Defender
52
+ - ❌ `SetThreadExecutionState` via PowerShell — P/Invoke into kernel32.dll triggers EDR
53
+ - ❌ Automated mouse movement — flagged as keylogger behavior
54
+
55
+ **If corporate GPO still locks your screen**: buzz can't override hard GPO policies. Use a **hardware Mouse Jiggler** instead — a USB device (~¥15 on Taobao) that physically simulates mouse movement. Zero software footprint, zero EDR detection risk.
50
56
 
51
57
  ## Why buzz?
52
58
 
53
- - **Zero dependencies** — `package.json` has no `dependencies` field. Nothing to break.
54
- - **No admin required** — perfect for locked-down corporate laptops.
55
- - **Cross-platform** — macOS, Windows, Linux all supported out of the box.
56
- - **Clean exit** — `buzz stop` from any terminal kills the running instance.
59
+ - **Zero dependencies** — nothing to break, nothing to audit
60
+ - **No admin required** — perfect for locked-down corporate laptops
61
+ - **EDR-safe** — no suspicious API calls or DLL imports
62
+ - **Cross-platform** — macOS, Windows, Linux all supported
57
63
 
58
64
  ## Examples
59
65
 
package/bin/buzz.js CHANGED
@@ -36,9 +36,14 @@ USAGE:
36
36
  buzz help Show this help
37
37
 
38
38
  PLATFORMS:
39
- macOS Uses 'caffeinate' (built-in, zero install)
40
- Windows Uses SetThreadExecutionState + mouse jiggle (built-in, zero install)
41
- Linux Uses xdotool (if available)
39
+ macOS Uses 'caffeinate' (built-in, zero install)
40
+ Windows Uses PowerShell SendKeys F15 (built-in, zero install)
41
+ Linux Uses xdotool (if available)
42
+
43
+ CORPORATE WINDOWS NOTE:
44
+ Some corporate GPO policies enforce lock screen regardless of input.
45
+ If buzz doesn't work on your work PC, use a hardware Mouse Jiggler
46
+ (USB device, ~$2 on Taobao) — zero software footprint, zero EDR risk.
42
47
 
43
48
  EXAMPLES:
44
49
  buzz 30 # 30 minutes
@@ -130,56 +135,27 @@ function startCaffeinate(durationMs) {
130
135
  }
131
136
 
132
137
  /**
133
- * Windows: triple strategy SetThreadExecutionState + mouse jiggle + F15
138
+ * Windows: minimal F15 keystroke via SendKeys
139
+ *
140
+ * DELIBERATELY MINIMAL for corporate safety:
141
+ * - NO Add-Type / DllImport (triggers EDR alerts — looks like malware)
142
+ * - NO SetThreadExecutionState via PowerShell (same issue)
143
+ * - NO mouse movement automation (flagged as keylogger behavior)
134
144
  *
135
- * Many corporate Windows policies ignore synthetic keystrokes (F15).
136
- * The robust approach is:
137
- * 1. SetThreadExecutionState(ES_CONTINUOUS | ES_SYSTEM_REQUIRED | ES_DISPLAY_REQUIRED)
138
- * — the official Windows API to prevent sleep (same as YouTube/PowerPoint do)
139
- * 2. Move mouse 1px via .NET Cursor.Position — universally recognized as "activity"
140
- * 3. F15 via SendKeys as backup
145
+ * Only uses WScript.Shell.SendKeys('{F15}') the most benign method.
146
+ * F15 has no function in any app, so pressing it is completely harmless.
141
147
  *
142
- * All via PowerShell zero install, zero admin.
148
+ * If corporate lock screen still triggers (GPO hard policy), use a
149
+ * hardware Mouse Jiggler (USB device) instead — zero software footprint.
143
150
  */
144
151
  function jiggleWindows() {
145
152
  const psScript = `
146
- # 1. Load Windows Forms for mouse control
147
- Add-Type -AssemblyName System.Windows.Forms
148
-
149
- # 2. Call SetThreadExecutionState to prevent display sleep
150
- Add-Type -TypeDefinition @"
151
- using System;
152
- using System.Runtime.InteropServices;
153
- public class PowerUtil {
154
- [DllImport("kernel32.dll")]
155
- public static extern uint SetThreadExecutionState(uint esFlags);
156
-
157
- public const uint ES_CONTINUOUS = 0x80000000;
158
- public const uint ES_SYSTEM_REQUIRED = 0x00000001;
159
- public const uint ES_DISPLAY_REQUIRED = 0x00000002;
160
- }
161
- "@
162
-
163
- # Prevent display from turning off and system from sleeping
164
- [PowerUtil]::SetThreadExecutionState(
165
- [PowerUtil]::ES_CONTINUOUS -bor [PowerUtil]::ES_SYSTEM_REQUIRED -bor [PowerUtil]::ES_DISPLAY_REQUIRED
166
- )
167
-
168
- # 3. Loop: jiggle mouse + press F15
169
- $wsh = New-Object -ComObject WScript.Shell
170
- while ($true) {
171
- Start-Sleep -Seconds 30
172
-
173
- # Move mouse 1px then back — most reliable "activity" signal
174
- $pos = [System.Windows.Forms.Cursor]::Position
175
- [System.Windows.Forms.Cursor]::Position = New-Object System.Drawing.Point($pos.X + 1, $pos.Y)
176
- Start-Sleep -Milliseconds 50
177
- [System.Windows.Forms.Cursor]::Position = $pos
178
-
179
- # Also press F15 as backup
180
- try { $wsh.SendKeys('{F15}') } catch {}
181
- }
182
- `;
153
+ $wsh = New-Object -ComObject WScript.Shell
154
+ while ($true) {
155
+ Start-Sleep -Seconds 30
156
+ $wsh.SendKeys('{F15}')
157
+ }
158
+ `;
183
159
  // This runs as a detached child
184
160
  const child = spawn('powershell.exe', [
185
161
  '-NoProfile', '-NonInteractive', '-Command', psScript
@@ -271,7 +247,7 @@ function cmdRun(durationMs) {
271
247
  console.log(BEE);
272
248
 
273
249
  const platformLabel = PLATFORM === 'darwin' ? 'macOS caffeinate'
274
- : PLATFORM === 'win32' ? 'Windows SetThreadExecutionState + Mouse'
250
+ : PLATFORM === 'win32' ? 'Windows SendKeys F15 (safe mode)'
275
251
  : 'Linux xdotool';
276
252
 
277
253
  if (durationMs) {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@xiaoxionga/buzz",
3
- "version": "2.2.0",
3
+ "version": "2.2.1",
4
4
  "description": "🐝 Keep your screen awake — zero dependencies, no admin required",
5
5
  "main": "bin/buzz.js",
6
6
  "bin": {