job-pro 0.7.4 → 0.8.0

package/dist/cainiao.js

@@ -1,63 +1,26 @@
-// 菜鸟 (Cainiao Network) — stub adapter for `job-pro`.
+// 菜鸟 (Cainiao Network) careers adapter — Liepin aggregator fallback.
 //
-// STATUS: stub-only. Both campus and social recruiting are routed through
-// Alibaba's unified careers infrastructure, which is hosted on subdomains
-// that fail to resolve over public DNS (likely group-network-only A records).
+// Cainiao's own careers subdomains (campus / recruit / job.cainiao.com)
+// resolve only on Alibaba-Group-internal DNS. Public-facing positions
+// don't surface through the parent Alibaba feed either
+// (`job-pro alibaba search 菜鸟` → total=0). We surface real
+// currently-open Cainiao positions by querying Liepin
+// (api-c.liepin.com) filtered by compName="菜鸟网络". See
+// `cli/src/liepin.ts` for the shared factory.
 //
-// ============================================================
-// RECONNAISSANCE RESULTS (probed 2026-05):
-//
-//   https://campus.cainiao.com           — 000 (no public DNS / unreachable)
-//   https://recruit.cainiao.com          — 000 (no public DNS / unreachable)
-//   https://job.cainiao.com              — 000 (no public DNS / unreachable)
-//
-//   The corporate careers blurb on www.cainiao.com links out to
-//   "campus-talent.alibaba.com" (already covered by the `alibaba` adapter),
-//   suggesting cainiao postings are merged into the Alibaba Group careers feed
-//   when they go public. The dedicated Cainiao SPA is internal-only.
-//
-//   Feishu ATSX:  cainiao.jobs.feishu.cn — HTTP 400 (no portal configured)
-//   Greenhouse / Lever / Moka: no `cainiao` slug found on any of them.
-//
-// Conclusion: no unauthenticated public API outside of the Alibaba Group
-// feed. Use `job-pro alibaba search "菜鸟"` to surface group-listed roles, or
-// visit https://www.cainiao.com/ for direct contact info.
-import { extractResumeSignals, scoreOverlap, checkResume } from "./tencent.js";
-export { checkResume };
-const SOURCE = "cainiao.com";
-const STUB_MESSAGE = "Cainiao (菜鸟): dedicated careers subdomains (campus / recruit / job.cainiao.com) fail to resolve " +
-    "over public DNS. Public-facing roles are surfaced through the Alibaba Group careers feed " +
-    "(use `job-pro alibaba search \"菜鸟\"`). No standalone unauthenticated public API.";
-export async function searchPositions(_opts = {}) {
-    return { ok: false, source: SOURCE, message: STUB_MESSAGE, query: {}, positions: [] };
-}
-export async function fetchAllPositions(_opts = {}) {
-    return { ok: false, source: SOURCE, message: STUB_MESSAGE, total: 0, fetched: 0, positions: [] };
-}
-export async function fetchPositionDetail(postId) {
-    return { ok: false, source: SOURCE, message: STUB_MESSAGE, post_id: postId };
-}
-export async function fetchDictionaries() {
-    return { ok: false, source: SOURCE, message: STUB_MESSAGE };
-}
-export async function listNotices() {
-    return { ok: false, source: SOURCE, message: STUB_MESSAGE, notices: [] };
-}
-export async function getNotice(noticeId) {
-    return { ok: false, source: SOURCE, message: STUB_MESSAGE, notice_id: noticeId };
-}
-export async function findNoticesByQuestion(question, _opts = {}) {
-    return { ok: false, source: SOURCE, question, message: STUB_MESSAGE, matches: [] };
-}
-export async function matchResume(text, _opts = {}) {
-    const { terms, cities } = extractResumeSignals(text ?? "");
-    return {
-        ok: false,
-        source: SOURCE,
-        extracted_terms: terms,
-        city_preferences: cities,
-        matches: [],
-        message: STUB_MESSAGE,
-    };
-}
-export { extractResumeSignals, scoreOverlap };
+// Source: api-c.liepin.com (`source` field on responses) — clearly NOT
+// the same as Cainiao's own portal.
+import { createAdapter } from "./liepin.js";
+const adapter = createAdapter({
+    companyName: "菜鸟网络",
+    label: "Cainiao / 菜鸟",
+});
+export const searchPositions = adapter.searchPositions;
+export const fetchAllPositions = adapter.fetchAllPositions;
+export const fetchPositionDetail = adapter.fetchPositionDetail;
+export const fetchDictionaries = adapter.fetchDictionaries;
+export const listNotices = adapter.listNotices;
+export const getNotice = adapter.getNotice;
+export const findNoticesByQuestion = adapter.findNoticesByQuestion;
+export const matchResume = adapter.matchResume;
+export const checkResume = adapter.checkResume;

package/dist/cdp.js

@@ -79,6 +79,11 @@ async function launchOnce() {
                 ". Set $JOB_PRO_CHROME=/path/to/chrome to override.",
         };
     }
+    // Optional egress proxy — useful for geo-fenced upstreams (e.g. hikvision
+    // requires a CN-egress to pass its Tencent EdgeOne 403 check). Set
+    // `$JOB_PRO_HTTPS_PROXY=http://user:pass@host:port` or `socks5://host:port`.
+    const proxy = process.env.JOB_PRO_HTTPS_PROXY?.trim();
+    const proxyArg = proxy ? [`--proxy-server=${proxy}`] : [];
     try {
         const browser = await pp.mod.launch({
             executablePath: chrome,
@@ -87,6 +92,7 @@ async function launchOnce() {
                 "--no-sandbox",
                 "--disable-blink-features=AutomationControlled",
                 "--disable-features=IsolateOrigins,site-per-process",
+                ...proxyArg,
             ],
         });
         return browser;

package/dist/cicc.js

@@ -1,152 +1,26 @@
-// Thin client for CICC / 中金公司 (China International Capital Corporation) campus recruiting.
-//
-// ============================================================
-// API DISCOVERY (probed 2026-05-14)
-//
-// Five potential portals were investigated:
-//
-//   1. careers.cicc.com  (CICC dedicated careers subdomain)
-//      DNS resolves to 198.18.1.66 (IANA RFC 2544 benchmarking range — unreachable
-//      from public internet; SSL handshake fails at TCP level).
-//      This hostname is dead from outside the CICC intranet.
-//
-//   2. hr.cicc.com  (HR portal)
-//      DNS resolves to 198.18.1.212 — same IANA-reserved range.
-//      Unreachable: SSL handshake fails.
-//
-//   3. www.cicc.com/career  (main site career section)
-//      Returns HTTP 521 (Cloudflare "Web server is down"). Cloudflare can reach
-//      the origin but the origin is not responding. No API endpoints discoverable.
-//
-//   4. app.mokahr.com — Moka ATS, orgId 28961 (reconnaissance-flagged candidate)
-//      The Moka platform (app.mokahr.com) is reachable (resolves to Aliyun WAF
-//      47.93.92.61 via authoritative DNS). However:
-//        - /campus-recruitment/cicc/28961        → HTTP 302 self-redirect (infinite loop)
-//        - /campus-recruitment/cicc-career/28961 → HTTP 200 HTML, but init-data
-//          contains {"message":"您访问的页面不存在"} — org page does not exist
-//        - /social-recruitment/cicc-career/28961 → same "page not found" response
-//        - All /api/campus/jobs?organizationId=28961 variants → {"code":-1,"message":"您访问的页面不存在"}
-//      Conclusion: orgId 28961 is either wrong or the CICC Moka tenant is fully
-//      auth-gated behind enterprise SSO. No public JSON feed is accessible.
-//
-//   5. Alternative slugs tried on Moka: "cicc", "cicc-career", "zhongjin", numeric
-//      variants of orgId (28960–28965) — all return either the same "not found"
-//      response or an infinite self-redirect.
-//
-// VERDICT: No public unauthenticated API exists for CICC campus recruiting as of
-// 2026-05-14. All externally-facing hostnames resolve to IANA-reserved IPs (intranet)
-// or return infrastructure errors (521). The Moka tenant, if it exists, is fully
-// auth-gated with no discoverable public endpoints.
-//
-// The canonical path for candidates is the CICC official career portal:
-//   https://www.cicc.com/career  (may load once the origin is healthy)
-// Or the known Moka URL patterns (require an active employee/candidate session):
-//   https://app.mokahr.com/campus-recruitment/cicc-career/28961
-//
-// ============================================================
-// PositionSummary field mapping (canonical keys, matches all other adapters)
-//   post_id       — string job identifier
-//   title         — position title
-//   project       — job category / department (e.g. "投行" / "研究" / "固收")
-//   recruit_label — recruit type label (e.g. "校园招聘" / "实习")
-//   bgs           — business group / division (not exposed without auth, always "")
-//   work_cities   — work location string
-//   apply_url     — deep link to the job posting
-// ============================================================
-import { extractResumeSignals, scoreOverlap, checkResume } from "./tencent.js";
-export { checkResume };
-const SOURCE = "www.cicc.com";
-const CAMPUS_PAGE = "https://www.cicc.com/career";
-// Moka tenant URL kept for reference — requires auth
-const MOKA_PAGE = "https://app.mokahr.com/campus-recruitment/cicc-career/28961";
-// ---------- stub message ----------
-const STUB_MSG = "CICC (中金公司) campus recruiting has no publicly accessible API as of 2026-05-14. " +
-    "careers.cicc.com and hr.cicc.com resolve to IANA-reserved IPs (198.18.x.x, " +
-    "unreachable outside the CICC intranet; SSL handshake fails). " +
-    "www.cicc.com returns HTTP 521 (Cloudflare origin-down). " +
-    "The Moka ATS tenant (orgId 28961) is fully auth-gated: all public API paths " +
-    'return {"code":-1,"message":"您访问的页面不存在"}. ' +
-    `Apply directly at ${CAMPUS_PAGE} or via the Moka portal (login required): ${MOKA_PAGE}`;
-// ---------- searchPositions ----------
-export async function searchPositions(_opts = {}) {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: STUB_MSG,
-        apply_url: CAMPUS_PAGE,
-        moka_url: MOKA_PAGE,
-        positions: [],
-    };
-}
-// ---------- fetchAllPositions ----------
-export async function fetchAllPositions(_opts = {}) {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: STUB_MSG,
-        apply_url: CAMPUS_PAGE,
-        moka_url: MOKA_PAGE,
-        fetched: 0,
-        positions: [],
-    };
-}
-// ---------- fetchPositionDetail ----------
-export async function fetchPositionDetail(_postId) {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: STUB_MSG,
-        apply_url: CAMPUS_PAGE,
-        moka_url: MOKA_PAGE,
-    };
-}
-// ---------- fetchDictionaries ----------
-export async function fetchDictionaries() {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: STUB_MSG,
-        apply_url: CAMPUS_PAGE,
-        moka_url: MOKA_PAGE,
-    };
-}
-// ---------- notices (no public endpoint) ----------
-export async function listNotices() {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: "CICC: no public notices endpoint",
-    };
-}
-export async function getNotice(_id) {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: "CICC: no public notices endpoint",
-    };
-}
-export async function findNoticesByQuestion(_question, _opts = {}) {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: "CICC: no public notices endpoint",
-    };
-}
-// ---------- matchResume ----------
-// Resume matching cannot fetch live position data without auth.
-// We extract signals from the resume and direct the user to the CICC career portal.
-export async function matchResume(text, opts = {}) {
-    void opts;
-    const { terms, cities } = extractResumeSignals(text ?? "");
-    return {
-        ok: false,
-        source: SOURCE,
-        message: STUB_MSG,
-        apply_url: CAMPUS_PAGE,
-        moka_url: MOKA_PAGE,
-        extracted_terms: terms,
-        city_preferences: cities,
-    };
-}
-// Export helpers so callers that import from this module can use them.
-export { extractResumeSignals, scoreOverlap };
+// 中金 / CICC careers adapter — Liepin aggregator fallback.
+//
+// CICC's official careers portal (careers.cicc.com / cicc.com.cn) is
+// Cloudflare-gated with HTTP 521 for non-CN IPs, returns 404 for crawlers,
+// and has no third-party ATS (Moka / Beisen / Greenhouse) tenant. We
+// surface real currently-open CICC positions by querying Liepin
+// (api-c.liepin.com) filtered by compName="中金公司". See
+// `cli/src/liepin.ts` for the shared factory.
+//
+// Source: api-c.liepin.com (`source` field on responses) — clearly NOT
+// the same as CICC's own portal. Callers can filter on this attribution
+// if they only want first-party feeds.
+import { createAdapter } from "./liepin.js";
+const adapter = createAdapter({
+    companyName: "中金公司",
+    label: "CICC / 中金",
+});
+export const searchPositions = adapter.searchPositions;
+export const fetchAllPositions = adapter.fetchAllPositions;
+export const fetchPositionDetail = adapter.fetchPositionDetail;
+export const fetchDictionaries = adapter.fetchDictionaries;
+export const listNotices = adapter.listNotices;
+export const getNotice = adapter.getNotice;
+export const findNoticesByQuestion = adapter.findNoticesByQuestion;
+export const matchResume = adapter.matchResume;
+export const checkResume = adapter.checkResume;

package/dist/hikvision.js

@@ -1,185 +1,28 @@
-// Thin client for 海康威视 / Hikvision campus-recruiting portals.
-//
-// ============================================================
-// RECONNAISSANCE RESULTS (probed 2026-05):
-//
-//   https://hr.hikvision.com/
-//   https://hr.hikvision.com/zwzx          (老职位中心 / legacy position center)
-//   https://campus.hikvision.com/
-//     → TLS ECONNRESET from non-CN IP (geo-blocked by WAF/CDN)
-//       DNS resolves to CGNAT 198.18.1.57/58 via local proxy, never reaches origin.
-//       HTTP port 80 also hangs (socket hang-up). Both domains are inaccessible
-//       from outside Mainland China. Confirmed with both curl (SSL_ERROR_SYSCALL)
-//       and Node.js https / undici (ECONNRESET).
-//
-//   https://app.mokahr.com/campus-recruitment/hikvision/58022
-//     → app.mokahr.com serves a 302 redirect loop until a session cookie is set,
-//       then loads the SPA shell with init-data: {"message":-1}.
-//       message:-1 is Moka's "org not found / org not active on public campus portal"
-//       status. The org slug "hikvision" resolves to orgId 58022 but the public
-//       campus module is inactive for this tenant.
-//       All /api/campus/v*/jobs?orgId=58022 and /api/campus/v*/... paths → 404.
-//
-//   https://www.hikvision.com/en/about-us/careers/
-//     → Reachable (AEM/Adobe Experience Manager marketing page). Links only to
-//       regional career pages on the global site — no job search API.
-//
-// ============================================================
-// INFRASTRUCTURE NOTES:
-//
-//   Hikvision is a 50,000+ employee Chinese enterprise headquartered in Hangzhou.
-//   Their recruiting stack is entirely self-hosted behind the corporate CDN/WAF.
-//   Unlike ByteDance/Tencent/JD (which expose public unauthenticated search APIs),
-//   Hikvision's hr.hikvision.com portal appears to be:
-//     • HTTPS only on port 443, WAF blocks TLS handshakes from non-CN egress IPs
-//     • No HTTP (port 80) fallback — socket hangs immediately
-//     • Likely Alibaba Cloud WAF or Hikvision's own security gateway
-//
-//   The legacy position center at /zwzx is on the same domain and equally blocked.
-//
-//   Moka ATS (Moka HR, app.mokahr.com) orgId 58022:
-//     • The campus-recruitment portal returns message:-1 (tenant inactive / not found)
-//     • Hikvision may have migrated away from Moka or never activated the public campus module
-//     • No public /api/campus/* endpoint returns job data for this org
-//
-// ============================================================
-// WHY THIS IS A STUB (unauthenticated API access is impossible from non-CN):
-//
-//   Both career portals (hr.hikvision.com and campus.hikvision.com) are behind a
-//   geo-blocking WAF that resets TLS connections from non-Mainland-China IP ranges.
-//   Even if a valid API path were known (e.g. from JS bundle analysis), the TLS
-//   handshake never completes — no HTTP request can be made.
-//
-//   The Moka ATS fallback (orgId 58022) returns org-not-found, providing no data.
-//
-//   POSSIBLE FUTURE UNBLOCKING:
-//     (a) Access from a Mainland China exit node (VPS/proxy)
-//     (b) Hikvision activating their Moka public campus module
-//     (c) Hikvision publishing a CDN-fronted public job API (unlikely given security posture)
-//     (d) Third-party aggregators: 牛客网, 实习僧, Boss直聘 (separate adapters)
-//
-// ============================================================
-// STUB CONTRACT:
-//   All functions return ok:false with STUB_MESSAGE.
-//   checkResume is re-exported from tencent.ts (works offline on resume text).
-//   PositionSummary matches the canonical shape used by every other adapter.
-//
-// ============================================================
-// ---- PositionSummary field mapping (Hikvision → canonical, for when API becomes accessible) ----
-//   post_id       ← position ID from hr.hikvision.com or Moka publishId
-//   title         ← position name / 职位名称
-//   project       ← job category / 职位类别 (e.g. "软件开发", "算法研究", "嵌入式开发")
-//   recruit_label ← recruit type / 招聘类型 (e.g. "校招", "实习", "社招")
-//   bgs           ← business line / 事业部 (not exposed in known public payloads → "")
-//   work_cities   ← work location / 工作地点 (e.g. "杭州" / "北京 / 上海")
-//   apply_url     ← https://hr.hikvision.com/zwzx#/job/<id>  (inferred from URL pattern)
-import { extractResumeSignals, checkResume } from "./tencent.js";
-export { checkResume };
-const SOURCE = "hr.hikvision.com";
-const CAMPUS_URL = "https://hr.hikvision.com/zwzx";
-const MOKA_URL = "https://app.mokahr.com/campus-recruitment/hikvision/58022";
-const STUB_MESSAGE = "Hikvision (海康威视): no public job API accessible from outside Mainland China. " +
-    "hr.hikvision.com and campus.hikvision.com are geo-blocked (TLS ECONNRESET, WAF resets " +
-    "all non-CN connections). Moka ATS orgId 58022 returns message:-1 (org not active on " +
-    "public campus portal). To access Hikvision jobs, visit hr.hikvision.com directly from " +
-    "a Mainland China network, or check 牛客网/Boss直聘/实习僧 for aggregated listings. " +
-    "Documented in cli/src/hikvision.ts header.";
-// ---- searchPositions ----
-export async function searchPositions(_opts = {}) {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: STUB_MESSAGE,
-        // Expose the discovered endpoint candidate so callers can see what we would have hit
-        endpoint_candidates: [
-            `GET  ${CAMPUS_URL}   (geo-blocked from non-CN)`,
-            `GET  https://campus.hikvision.com/   (geo-blocked from non-CN)`,
-            `GET  ${MOKA_URL}     (Moka orgId 58022, message:-1 — org inactive)`,
-        ],
-        query: {
-            keyword: _opts.keyword ?? "",
-            page: _opts.page ?? 1,
-            pageSize: _opts.pageSize ?? 20,
-            recruitType: _opts.recruitType ?? "campus",
-        },
-        page: _opts.page ?? 1,
-        page_size: _opts.pageSize ?? 20,
-        total: 0,
-        positions: [],
-    };
-}
-// ---- fetchAllPositions ----
-export async function fetchAllPositions(_opts = {}) {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: STUB_MESSAGE,
-        total: 0,
-        fetched: 0,
-        positions: [],
-    };
-}
-// ---- fetchPositionDetail ----
-export async function fetchPositionDetail(postId) {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: STUB_MESSAGE,
-        post_id: postId,
-    };
-}
-// ---- fetchDictionaries ----
-export async function fetchDictionaries() {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: STUB_MESSAGE,
-        note: "When hr.hikvision.com becomes accessible from non-CN: " +
-            "inspect JS bundles at /zwzx for /api/* filter taxonomy endpoints " +
-            "(job categories, work cities, recruit types).",
-    };
-}
-// ---- notices (no public endpoint) ----
-export async function listNotices() {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: "Hikvision: no public notices endpoint",
-        notices: [],
-    };
-}
-export async function getNotice(noticeId) {
-    return {
-        ok: false,
-        source: SOURCE,
-        message: "Hikvision: no public notices endpoint",
-        notice_id: noticeId,
-    };
-}
-export async function findNoticesByQuestion(question, _opts = {}) {
-    return {
-        ok: false,
-        source: SOURCE,
-        question,
-        message: "Hikvision: no public notices endpoint",
-        matches: [],
-    };
-}
-// ---- matchResume ----
-//
-// Because the position search API is inaccessible, we cannot retrieve live listings
-// to score against the resume. Return ok:false with the extracted signals so the
-// caller can display what terms were parsed (useful for debugging the resume text).
-export async function matchResume(text, _opts = {}) {
-    const { terms, cities } = extractResumeSignals(text ?? "");
-    return {
-        ok: false,
-        source: SOURCE,
-        extracted_terms: terms,
-        city_preferences: cities,
-        matches: [],
-        message: STUB_MESSAGE,
-        apply_url: CAMPUS_URL,
-        moka_url: MOKA_URL,
-    };
-}
+// 海康威视 / Hikvision careers adapter — Liepin aggregator fallback.
+//
+// hr.hikvision.com is gated by Tencent EdgeOne which 403s any non-CN IP
+// regardless of cookies. www.hikvision.com.cn has no public DNS A record
+// outside Mainland China. There is no third-party ATS tenant.
+//
+// Until a CN-egress proxy path lands (set `JOB_PRO_HTTPS_PROXY` and see
+// the historical CDP-driven adapter at `git log cli/src/hikvision.ts`),
+// we surface real currently-open Hikvision positions by querying Liepin
+// (api-c.liepin.com) filtered by compName="海康威视". See
+// `cli/src/liepin.ts` for the shared factory.
+//
+// Source: api-c.liepin.com (`source` field on responses) — clearly NOT
+// the same as Hikvision's own portal.
+import { createAdapter } from "./liepin.js";
+const adapter = createAdapter({
+    companyName: "海康威视",
+    label: "Hikvision / 海康威视",
+});
+export const searchPositions = adapter.searchPositions;
+export const fetchAllPositions = adapter.fetchAllPositions;
+export const fetchPositionDetail = adapter.fetchPositionDetail;
+export const fetchDictionaries = adapter.fetchDictionaries;
+export const listNotices = adapter.listNotices;
+export const getNotice = adapter.getNotice;
+export const findNoticesByQuestion = adapter.findNoticesByQuestion;
+export const matchResume = adapter.matchResume;
+export const checkResume = adapter.checkResume;

package/dist/index.js

@@ -51,7 +51,7 @@ import * as webank from "./webank.js";
 import * as horizonrobotics from "./horizonrobotics.js";
 import * as cambricon from "./cambricon.js";
 import { memoryList, memoryGet, memorySet, memoryEvent, memoryClear, } from "./memory.js";
-const VERSION = "0.7.4";
+const VERSION = "0.8.0";
 const HELP = `
 job-pro — query Chinese big-tech campus recruiting from your terminal
             (job.ha7ch.com)

package/dist/liepin.js

@@ -0,0 +1,357 @@
+// Generic 猎聘 (Liepin) aggregator factory for `job-pro`.
+//
+// ============================================================
+// WHY THIS EXISTS
+//
+// Four of the 50 companies (hikvision / cicc / cainiao / webank) have no
+// publicly reachable canonical job feed — see `docs/stub-unblock.md`.
+// Liepin (https://www.liepin.com) is a major Chinese job aggregator
+// whose public `pc-search-job` endpoint surfaces real, currently-open
+// positions for every Chinese employer of consequence. It does NOT
+// require authentication, just a one-time XSRF-TOKEN cookie that the
+// liepin.com home page sets on first request.
+//
+// We use Liepin here as a fallback ONLY for the 4 adapters above. The
+// other 46 adapters continue to talk to their company's own API. Every
+// position surfaced through this factory has `source: "api-c.liepin.com"`
+// in its envelope so consumers can tell it's a third-party feed.
+//
+// ============================================================
+// API DISCOVERY (probed 2026-05-16)
+//
+//   1. GET  https://www.liepin.com/                          → Set-Cookie: XSRF-TOKEN=<token>
+//   2. POST https://api-c.liepin.com/api/com.liepin.searchfront4c.pc-search-job
+//        Content-Type: application/json;charset=UTF-8
+//        Origin:       https://www.liepin.com
+//        X-Client-Type: web
+//        X-Xsrf-Token: <token from cookie>
+//        X-Fscp-Std-Info: {"client_id": "40108"}
+//        X-Fscp-Version: 1.1
+//        Body: { data: { mainSearchPcConditionForm: { key:"<co>", city:"410",
+//                                                     dq:"410", currentPage:N,
+//                                                     pageSize:M, … },
+//                        passThroughForm: { scene:"init" } } }
+//        Response: { flag:1, data:{ data:{ jobCardList:[{ comp, job, recruiter, … }],
+//                                          compCard:{…} } } }
+//
+// `city:"410"` = 全国 (all of China). Per-city codes are documented in
+// Liepin's filter taxonomy; left as future work.
+import { randomUUID } from "node:crypto";
+import { extractResumeSignals, scoreOverlap, checkResume } from "./tencent.js";
+export { checkResume, extractResumeSignals, scoreOverlap };
+const HOME = "https://www.liepin.com";
+const SEARCH_URL = "https://api-c.liepin.com/api/com.liepin.searchfront4c.pc-search-job";
+const SOURCE = "api-c.liepin.com";
+const USER_AGENT = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36";
+// ---------- shared XSRF-TOKEN cache ----------
+// One token per Node process. Liepin's token is short-lived (~hour) but for a
+// CLI process that finishes in seconds, refreshing on every invocation is
+// fine. We still cache it within the process so multi-call workflows reuse it.
+let _token = null;
+async function getToken() {
+    if (_token && Date.now() - _token.fetchedAt < 30 * 60 * 1000) {
+        return { ok: true, xsrf: _token.value, cookie: _token.cookieHeader };
+    }
+    let response;
+    try {
+        response = await fetch(HOME, {
+            method: "GET",
+            headers: { "User-Agent": USER_AGENT, "Accept-Language": "zh-CN,zh;q=0.9" },
+        });
+    }
+    catch (err) {
+        return { ok: false, message: `network error: ${err instanceof Error ? err.message : err}` };
+    }
+    // getSetCookie() is the Node-undici-canonical API for multi-Set-Cookie headers.
+    const headersAny = response.headers;
+    const setCookies = typeof headersAny.getSetCookie === "function"
+        ? headersAny.getSetCookie.call(response.headers) ?? []
+        : (response.headers.get("set-cookie") ?? "").split(/,(?=[^;]+=)/);
+    let xsrf = "";
+    const cookieParts = [];
+    for (const c of setCookies) {
+        const kv = c.split(";")[0].trim();
+        cookieParts.push(kv);
+        if (kv.startsWith("XSRF-TOKEN="))
+            xsrf = kv.slice("XSRF-TOKEN=".length);
+    }
+    if (!xsrf) {
+        return { ok: false, message: "liepin.com did not set an XSRF-TOKEN cookie" };
+    }
+    _token = { value: xsrf, cookieHeader: cookieParts.join("; "), fetchedAt: Date.now() };
+    return { ok: true, xsrf, cookie: _token.cookieHeader };
+}
+// ---------- summarise ----------
+function summarize(card) {
+    const comp = card.comp ?? {};
+    const job = card.job ?? {};
+    return {
+        post_id: String(job.jobId ?? ""),
+        title: (job.title ?? "").trim(),
+        project: "",
+        recruit_label: job.jobKind === "1" ? "全职" : job.jobKind === "2" ? "社招" : "",
+        bgs: (comp.compIndustry ?? "").trim(),
+        work_cities: (job.dq ?? "").trim(),
+        apply_url: job.link ?? job.pcOuterLink ?? (job.jobId ? `https://www.liepin.com/job/${encodeURIComponent(String(job.jobId))}.shtml` : HOME),
+    };
+}
+// ---------- core: search for a single page ----------
+async function searchOnePage(companyName, keyword, page, pageSize) {
+    const tok = await getToken();
+    if (!tok.ok)
+        return tok;
+    const fullKey = [companyName, keyword].filter(Boolean).join(" ").trim();
+    const body = {
+        data: {
+            mainSearchPcConditionForm: {
+                city: "410",
+                dq: "410",
+                pubTime: "",
+                currentPage: Math.max(0, page - 1),
+                pageSize: Math.max(1, Math.min(40, pageSize)),
+                key: fullKey,
+                suggestTag: "",
+                workYearCode: "",
+                compId: "",
+                compName: companyName,
+                compTag: "",
+                industry: "",
+                salaryCode: "",
+                jobKind: "",
+                compScale: "",
+                compKind: "",
+                compStage: "",
+                eduLevel: "",
+                salaryLow: "",
+                salaryHigh: "",
+            },
+            passThroughForm: { scene: "init", skId: "", fkId: "", ckId: "", suggest: null },
+        },
+    };
+    let response;
+    try {
+        response = await fetch(SEARCH_URL, {
+            method: "POST",
+            headers: {
+                "Content-Type": "application/json;charset=UTF-8",
+                "User-Agent": USER_AGENT,
+                Origin: HOME,
+                Referer: `${HOME}/zhaopin/?key=${encodeURIComponent(fullKey)}`,
+                Accept: "application/json, text/plain, */*",
+                "Accept-Language": "zh-CN,zh;q=0.9",
+                "X-Client-Type": "web",
+                "X-Requested-With": "XMLHttpRequest",
+                "X-Fscp-Std-Info": '{"client_id": "40108"}',
+                "X-Fscp-Version": "1.1",
+                "X-Fscp-Trace-Id": randomUUID(),
+                "X-Xsrf-Token": tok.xsrf,
+                Cookie: tok.cookie,
+            },
+            body: JSON.stringify(body),
+        });
+    }
+    catch (err) {
+        return { ok: false, message: `network error: ${err instanceof Error ? err.message : err}` };
+    }
+    if (!response.ok) {
+        return { ok: false, message: `HTTP ${response.status}: ${response.statusText}` };
+    }
+    let env;
+    try {
+        env = (await response.json());
+    }
+    catch (err) {
+        return { ok: false, message: `bad JSON: ${err instanceof Error ? err.message : err}` };
+    }
+    if (env.flag !== 1 || !env.data?.data) {
+        return { ok: false, message: env.msg ?? `flag=${env.flag} code=${env.code ?? "?"}` };
+    }
+    const inner = env.data.data;
+    const jobs = inner.jobCardList ?? [];
+    // Filter to the actual target company (Liepin's relevance ranker leaks
+    // adjacent employers when there's no exact match).
+    const exact = jobs.filter((c) => (c.comp?.compName ?? "") === companyName);
+    return {
+        ok: true,
+        total: exact.length === 0 ? jobs.length : exact.length,
+        jobs: exact.length === 0 ? jobs : exact,
+        compCard: inner.compCard,
+    };
+}
+export function createAdapter(cfg) {
+    const ATTRIBUTION = `via Liepin (api-c.liepin.com) — official portal not publicly accessible`;
+    async function searchPositions(opts = {}) {
+        const page = Math.max(1, opts.page ?? 1);
+        const pageSize = Math.max(1, Math.min(40, opts.pageSize ?? 20));
+        const r = await searchOnePage(cfg.companyName, (opts.keyword ?? "").trim(), page, pageSize);
+        if (!r.ok) {
+            return {
+                ok: false,
+                source: SOURCE,
+                company: cfg.companyName,
+                attribution: ATTRIBUTION,
+                message: r.message,
+                query: opts,
+                positions: [],
+            };
+        }
+        return {
+            ok: true,
+            source: SOURCE,
+            company: cfg.companyName,
+            attribution: ATTRIBUTION,
+            comp_card: r.compCard,
+            query: opts,
+            page,
+            page_size: pageSize,
+            total: r.total,
+            positions: r.jobs.map(summarize),
+        };
+    }
+    async function fetchAllPositions(opts = {}) {
+        const pageSize = Math.max(1, Math.min(40, opts.pageSize ?? 40));
+        const maxPages = Math.max(1, opts.maxPages ?? 10);
+        const bucket = [];
+        let total = 0;
+        let lastMsg = "ok";
+        let anyOk = false;
+        for (let page = 1; page <= maxPages; page++) {
+            const r = await searchOnePage(cfg.companyName, (opts.keyword ?? "").trim(), page, pageSize);
+            if (!r.ok) {
+                lastMsg = r.message;
+                break;
+            }
+            anyOk = true;
+            total = r.total;
+            if (!r.jobs.length)
+                break;
+            for (const c of r.jobs)
+                bucket.push(summarize(c));
+            if (r.jobs.length < pageSize)
+                break;
+        }
+        if (!anyOk) {
+            return {
+                ok: false,
+                source: SOURCE,
+                company: cfg.companyName,
+                attribution: ATTRIBUTION,
+                message: lastMsg,
+                total: 0,
+                fetched: 0,
+                positions: [],
+            };
+        }
+        return {
+            ok: true,
+            source: SOURCE,
+            company: cfg.companyName,
+            attribution: ATTRIBUTION,
+            total,
+            fetched: bucket.length,
+            positions: bucket,
+        };
+    }
+    async function fetchPositionDetail(postId) {
+        const id = (postId ?? "").trim();
+        if (!id)
+            return { ok: false, source: SOURCE, message: "post_id is required" };
+        // Liepin's detail page is `/job/{id}.shtml` — non-API, HTML-only. We
+        // surface the deep-link rather than pretend to fetch a JSON detail.
+        return {
+            ok: true,
+            source: SOURCE,
+            company: cfg.companyName,
+            attribution: ATTRIBUTION,
+            post_id: id,
+            apply_url: `https://www.liepin.com/job/${encodeURIComponent(id)}.shtml`,
+            message: "Liepin position detail is HTML-only; visit apply_url for the full JD.",
+        };
+    }
+    async function fetchDictionaries() {
+        // Surface the compCard payload (industry / scale / tags) as the closest
+        // thing to a "taxonomy" we can offer from a third-party aggregator.
+        const r = await searchOnePage(cfg.companyName, "", 1, 5);
+        if (!r.ok) {
+            return { ok: false, source: SOURCE, message: r.message };
+        }
+        return {
+            ok: true,
+            source: SOURCE,
+            company: cfg.companyName,
+            attribution: ATTRIBUTION,
+            comp_card: r.compCard ?? null,
+            note: "Liepin doesn't expose a per-company filter taxonomy; comp_card holds " +
+                "the company profile (industry, scale, stage, tags).",
+        };
+    }
+    const NOTICES_MSG = `${cfg.label}: surfaced via Liepin aggregator; no notices endpoint available.`;
+    async function listNotices() {
+        return { ok: false, source: SOURCE, message: NOTICES_MSG, notices: [] };
+    }
+    async function getNotice(noticeId) {
+        return { ok: false, source: SOURCE, message: NOTICES_MSG, notice_id: noticeId };
+    }
+    async function findNoticesByQuestion(question, _opts = {}) {
+        return { ok: false, source: SOURCE, question, message: NOTICES_MSG, matches: [] };
+    }
+    // matchResume reuses extractResumeSignals / scoreOverlap from tencent.ts
+    // so the contract matches every other adapter.
+    async function matchResume(text, opts = {}) {
+        const topN = Math.max(1, opts.topN ?? 5);
+        const candidates = Math.max(topN, opts.candidates ?? 20);
+        const { terms, cities } = extractResumeSignals(text ?? "");
+        if (!terms.length) {
+            return {
+                ok: false,
+                source: SOURCE,
+                message: "could not extract any technical signals from the text",
+                preview: (text ?? "").slice(0, 120),
+            };
+        }
+        const keyword = terms.slice(0, 3).join(" ");
+        const list = await searchPositions({ keyword, page: 1, pageSize: 40 });
+        if (!list.ok) {
+            return { ok: false, source: SOURCE, message: list.message, positions: [] };
+        }
+        const scored = [];
+        for (const p of list.positions) {
+            const blob = [p.title, p.bgs, p.work_cities, p.recruit_label].join(" ");
+            const { score, reasons } = scoreOverlap(blob, terms, cities);
+            if (score > 0)
+                scored.push({ score, position: p, reasons });
+        }
+        scored.sort((a, b) => b.score - a.score);
+        let shortlist = scored.slice(0, Math.max(topN, candidates));
+        if (!shortlist.length) {
+            shortlist = list.positions.slice(0, candidates).map((position) => ({ score: 0, position, reasons: [] }));
+        }
+        const matches = shortlist.slice(0, topN).map((s) => {
+            const mr = s.reasons.length > 0
+                ? s.reasons.slice(0, 5)
+                : ["no specific keyword overlap — surfaced from Liepin search"];
+            return { ...s.position, match_reasons: mr };
+        });
+        return {
+            ok: true,
+            source: SOURCE,
+            attribution: ATTRIBUTION,
+            extracted_terms: terms,
+            city_preferences: cities,
+            matches,
+            note: "match_reasons surfaces overlapping keywords, not a probability of getting an interview. " +
+                "The only authority on selection is HR.",
+        };
+    }
+    return {
+        searchPositions,
+        fetchAllPositions,
+        fetchPositionDetail,
+        fetchDictionaries,
+        listNotices,
+        getNotice,
+        findNoticesByQuestion,
+        matchResume,
+        checkResume,
+    };
+}

package/dist/webank.js

@@ -1,62 +1,25 @@
-// 微众银行 (WeBank) — stub adapter for `job-pro`.
+// 微众银行 (WeBank) careers adapter — Liepin aggregator fallback.
 //
-// STATUS: stub-only. WeBank operates a campus-recruiting portal at
-// career.webank.com but the domain is not resolvable from public DNS, and
-// every public ATS slug we probed (Feishu, Moka, Greenhouse, Lever) returns
-// 404. WeBank's hiring funnel runs entirely through WeChat mini-programs.
+// WeBank's career page at www.webank.com/career/ is a 15KB static Vue
+// brochure with no embedded job feed; recruitment runs through the
+// 微众银行招聘 WeChat 公众号 → 微信小程序 chain. We surface real
+// currently-open WeBank positions by querying Liepin
+// (api-c.liepin.com) filtered by compName="微众银行". See
+// `cli/src/liepin.ts` for the shared factory.
 //
-// ============================================================
-// RECONNAISSANCE RESULTS (probed 2026-05):
-//
-//   https://career.webank.com   — 000 (no public DNS / unreachable)
-//   https://job.webank.com      — 000 (no public DNS / unreachable)
-//   https://hr.webank.com       — 000 (no public DNS / unreachable)
-//
-//   Feishu ATSX:    webank.jobs.feishu.cn — HTTP 400 (no portal)
-//   Greenhouse:     webank                — HTTP 404 (no board)
-//   Lever:          webank                — HTTP 404 (no posting)
-//
-//   The official 微众银行招聘 WeChat 公众号 publishes openings as articles
-//   and routes applications into a mini-program; no JSON surface is exposed.
-//
-// Conclusion: no unauthenticated public API. Apply via the WeChat 微众银行招聘
-// account or visit https://www.webank.com/ for company contact info.
-import { extractResumeSignals, scoreOverlap, checkResume } from "./tencent.js";
-export { checkResume };
-const SOURCE = "webank.com";
-const STUB_MESSAGE = "WeBank (微众银行): career.webank.com and sibling subdomains fail to resolve over public DNS. " +
-    "Recruiting runs through the WeChat 微众银行招聘 mini-program; no Greenhouse / Lever / Feishu " +
-    "tenant provisioned. No unauthenticated public API available.";
-export async function searchPositions(_opts = {}) {
-    return { ok: false, source: SOURCE, message: STUB_MESSAGE, query: {}, positions: [] };
-}
-export async function fetchAllPositions(_opts = {}) {
-    return { ok: false, source: SOURCE, message: STUB_MESSAGE, total: 0, fetched: 0, positions: [] };
-}
-export async function fetchPositionDetail(postId) {
-    return { ok: false, source: SOURCE, message: STUB_MESSAGE, post_id: postId };
-}
-export async function fetchDictionaries() {
-    return { ok: false, source: SOURCE, message: STUB_MESSAGE };
-}
-export async function listNotices() {
-    return { ok: false, source: SOURCE, message: STUB_MESSAGE, notices: [] };
-}
-export async function getNotice(noticeId) {
-    return { ok: false, source: SOURCE, message: STUB_MESSAGE, notice_id: noticeId };
-}
-export async function findNoticesByQuestion(question, _opts = {}) {
-    return { ok: false, source: SOURCE, question, message: STUB_MESSAGE, matches: [] };
-}
-export async function matchResume(text, _opts = {}) {
-    const { terms, cities } = extractResumeSignals(text ?? "");
-    return {
-        ok: false,
-        source: SOURCE,
-        extracted_terms: terms,
-        city_preferences: cities,
-        matches: [],
-        message: STUB_MESSAGE,
-    };
-}
-export { extractResumeSignals, scoreOverlap };
+// Source: api-c.liepin.com (`source` field on responses) — clearly NOT
+// the same as WeBank's WeChat mini-program funnel.
+import { createAdapter } from "./liepin.js";
+const adapter = createAdapter({
+    companyName: "微众银行",
+    label: "WeBank / 微众银行",
+});
+export const searchPositions = adapter.searchPositions;
+export const fetchAllPositions = adapter.fetchAllPositions;
+export const fetchPositionDetail = adapter.fetchPositionDetail;
+export const fetchDictionaries = adapter.fetchDictionaries;
+export const listNotices = adapter.listNotices;
+export const getNotice = adapter.getNotice;
+export const findNoticesByQuestion = adapter.findNoticesByQuestion;
+export const matchResume = adapter.matchResume;
+export const checkResume = adapter.checkResume;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "job-pro",
-  "version": "0.7.4",
-  "description": "Query Chinese big-tech campus recruiting from your terminal. 50 companies, 46 live (incl. Lilith via local Chrome / puppeteer-core). No signup, no token, no server.",
+  "version": "0.8.0",
+  "description": "Query Chinese big-tech campus recruiting from your terminal. 50 companies, all 50 live. 46 via each company's own API; the 4 with no public canonical feed (Hikvision, CICC, Cainiao, WeBank) surfaced via Liepin as a clearly-labeled third-party fallback. No signup, no token, no server.",
   "homepage": "https://job.ha7ch.com",
   "repository": "https://github.com/HA7CH/job-pro",
   "license": "MIT",