npm - barebrowse - Versions diffs - 0.5.1 → 0.5.3 - Mend

barebrowse 0.5.1 → 0.5.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (26) hide show

package/CHANGELOG.md +15 -6
package/README.md +1 -1
package/barebrowse.context.md +2 -2
package/mcp-server.js +1 -1
package/package.json +1 -1
package/src/index.js +6 -0
package/.barebrowse/page-2026-02-23T15-39-32-011Z.yml +0 -1219
package/.barebrowse/page-2026-02-23T15-40-19-874Z.yml +0 -663
package/.mcp.json +0 -8
package/CLAUDE.md +0 -24
package/baremobile.md +0 -105
package/docs/00-context/assumptions.md +0 -38
package/docs/00-context/system-state.md +0 -402
package/docs/00-context/vision.md +0 -52
package/docs/01-product/prd.md +0 -308
package/docs/03-logs/bug-log.md +0 -16
package/docs/03-logs/decisions-log.md +0 -32
package/docs/03-logs/implementation-log.md +0 -54
package/docs/03-logs/insights.md +0 -35
package/docs/03-logs/validation-log.md +0 -269
package/docs/04-process/definition-of-done.md +0 -31
package/docs/04-process/dev-workflow.md +0 -68
package/docs/04-process/testing.md +0 -242
package/docs/README.md +0 -56
package/docs/archive/poc-plan.md +0 -230
package/docs/skill-template.md +0 -106

package/CHANGELOG.md CHANGED Viewed

@@ -1,8 +1,21 @@
 # Changelog
-## 0.5.1
+## 0.5.3
-bareagent tool parity + test fix.
+Improved bot detection for hybrid mode fallback.
+### Challenge detection (`src/index.js`)
+- `isChallengePage()` now catches near-empty pages (< 50 chars of text) as blocks
+- Added challenge phrases: "unknown error", "access denied", "permission denied", "request blocked"
+- Sites like CNN that return generic error pages instead of Cloudflare challenges now correctly trigger hybrid → headed fallback
+## 0.5.2
+Clean npm tarball + bareagent tool parity.
+### npm package
+- `.npmignore` updated: excluded `.barebrowse/`, `.mcp.json`, `baremobile.md`, `CLAUDE.md`, `docs/` from tarball
+- Package size: 41 files / 390KB → 21 files / 180KB
 ### bareagent adapter
 - Added `hover`, `tabs`, `switchTab`, `pdf` tools (was 13 + assess, now 17 + assess)
@@ -12,10 +25,6 @@ bareagent tool parity + test fix.
 - Fixed 2 snapshot URL prefix assertions (`# url` → `url: url`) to match 0.4.7 format change
 - 69/69 passing
-### Version
-- Package version: 0.5.1
-- MCP server version string updated
 ## 0.5.0
 Privacy assessment via wearehere integration.

package/README.md CHANGED Viewed

@@ -105,7 +105,7 @@ For code examples, API reference, and wiring instructions, see **[barebrowse.con
 ## What it handles automatically
-Cookie consent walls (29 languages), login walls (cookie extraction from your browsers), bot detection (stealth patches + automatic headed fallback), permission prompts, SPA navigation, JS dialogs, off-screen elements, pre-filled inputs, ARIA noise, and profile locking. The agent doesn't think about any of it.
+Cookie consent walls (29 languages), login walls (cookie extraction from your browsers), bot detection (stealth patches + automatic headed fallback on challenge pages, error pages, and near-empty responses), permission prompts, SPA navigation, JS dialogs, off-screen elements, pre-filled inputs, ARIA noise, and profile locking. The agent doesn't think about any of it.
 ## What the agent sees

package/barebrowse.context.md CHANGED Viewed

@@ -1,7 +1,7 @@
 # barebrowse -- Integration Guide
 > For AI assistants and developers wiring barebrowse into a project.
-> v0.5.1 | Node.js >= 22 | 0 required deps | MIT
+> v0.5.3 | Node.js >= 22 | 0 required deps | MIT
 ## What this is
@@ -153,7 +153,7 @@ barebrowse can inject cookies from the user's real browser sessions, bypassing l
 | Off-screen elements | `DOM.scrollIntoViewIfNeeded` before every click | Both |
 | Form submission | `press('Enter')` triggers onsubmit | Both |
 | SPA navigation | `waitForNavigation()` uses loadEventFired + frameNavigated | Both |
-| Bot detection | Headed mode with real cookies bypasses most checks | Headed |
+| Bot detection | Hybrid fallback: detects challenge pages, error pages, and near-empty responses, then switches to headed | Hybrid |
 | `navigator.webdriver` | Stealth patches in headless (webdriver, plugins, chrome obj) | Headless |
 | Profile locking | Unique temp dir per headless instance | Headless |
 | ARIA noise | 9-step pruning: wrapper collapse, noise removal, landmark promotion | Both |

package/mcp-server.js CHANGED Viewed

@@ -286,7 +286,7 @@ async function handleMessage(msg) {
     return jsonrpcResponse(id, {
       protocolVersion: '2024-11-05',
       capabilities: { tools: {} },
-      serverInfo: { name: 'barebrowse', version: '0.5.1' },
+      serverInfo: { name: 'barebrowse', version: '0.5.3' },
     });
   }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "barebrowse",
-  "version": "0.5.1",
+  "version": "0.5.3",
   "description": "Authenticated web browsing for autonomous agents via CDP. URL in, pruned ARIA snapshot out.",
   "type": "module",
   "main": "src/index.js",

package/src/index.js CHANGED Viewed

@@ -565,6 +565,8 @@ function waitForNetworkIdle(session, opts = {}) {
 function isChallengePage(tree) {
   if (!tree) return true;
   const text = flattenTreeText(tree);
+  // Near-empty pages are almost certainly blocks
+  if (text.trim().length < 50) return true;
   const challengePhrases = [
     'just a moment',
     'checking if the site connection is secure',
@@ -574,6 +576,10 @@ function isChallengePage(tree) {
     'prove your humanity',
     'attention required',
     'file a ticket',
+    'unknown error',
+    'access denied',
+    'permission denied',
+    'request blocked',
   ];
   const lower = text.toLowerCase();
   return challengePhrases.some((p) => lower.includes(p));