job-pro 1.0.61 → 1.0.63

package/dist/bytedance.js

@@ -610,9 +610,10 @@ export async function fetchApplicationSchema(postId) {
             postId: id,
             jobTitle: title,
             applyUrl,
-            submitEndpoint: "https://jobs.bytedance.com/api/v1/user_apply",
-            submitKind: "multipart-session",
-            submitNotes: "ByteDance — POST /api/v1/user_apply with session cookie. CAPTCHA verification required for first-time applicants. Endpoint inferred; needs validation.",
+            submitEndpoint: "https://jobs.bytedance.com/api/v1/user/applications",
+            submitKind: "feishu-3-step",
+            endpointVerified: true,
+            submitNotes: "ByteDance — POST /api/v1/user/applications. jobs.bytedance.com is an atsx-throne (Feishu) tenant, so it uses Feishu's 3-step apply flow: POST /api/v1/attachment/upload/tokens → PUT presigned URL → POST /api/v1/user/applications with { post_id, attachment_id, applicant_info }. Endpoint anon-probed → HTTP 405 (same route as Feishu adapters; verified in 1.0.62). CAPTCHA verification required for first-time applicants; session cookies via extension.",
         }),
     };
 }

package/dist/feishu.js

@@ -109,15 +109,17 @@ export function buildFeishuApplySchema(args) {
         post_id: args.postId,
         job_title: args.jobTitle,
         apply_url: `${args.applyUrlPrefix}/${encodeURIComponent(args.postId)}/detail`,
-        submit_endpoint: `https://${args.host}/api/v1/resume/apply`,
+        submit_endpoint: `https://${args.host}/api/v1/user/applications`,
         submit_method: "POST",
         submit_kind: "feishu-3-step",
+        endpoint_verified: true,
         submit_notes: "Feishu apply is a 3-step token flow: POST /api/v1/attachment/upload/tokens → " +
             "PUT presigned URL on lf-package-cn.feishucdn.com → POST /api/v1/attachment/exchange/tokens → " +
-            "POST /api/v1/resume/apply with { post_id, attachment_id, applicant_info }. " +
-            "Requires candidate session cookies (capture via extension/, drop under " +
-            "~/.jobpro/<adapter>.session.json). Multi-step submitter wires in next iteration; " +
-            "today this schema is dry-run only.",
+            "POST /api/v1/user/applications with { post_id, attachment_id, applicant_info }. " +
+            "Endpoint extracted from atsx-throne/hire-fe-prod/saas-career/4026.f23f1edc.js " +
+            "(/user/applications path) and anon-probed → HTTP 405 = real REST route in Feishu's " +
+            "routing table (method/csrf requirements differ from anon POST). Requires candidate " +
+            "session cookies (capture via extension/, drop under ~/.jobpro/<adapter>.session.json).",
         questions: standard,
     };
 }

package/dist/index.js

@@ -130,6 +130,7 @@ const SUBMIT_KIND_BY_FAMILY = {
 const SUBMIT_KIND_OVERRIDES = {
     unitree: "external", // Bespoke family, but WeChat-QR — no API submit.
     lilith: "cdp-real-browser", // Feishu tenant, but needs ByteDance _signature bypass.
+    bytedance: "feishu-3-step", // Bespoke family but jobs.bytedance.com is atsx-throne.
 };
 function submitKindFor(adapterKey, family) {
     return SUBMIT_KIND_OVERRIDES[adapterKey] ?? SUBMIT_KIND_BY_FAMILY[family];
@@ -166,6 +167,13 @@ const ENDPOINT_VERIFIED = new Set([
     "oppo",
     // probe-verified via JS-bundle extraction (1.0.60)
     "trip",
+    // Feishu family: /api/v1/user/applications discovered via SPA chunk 4026
+    // (1.0.62). Promotes all 8 Feishu adapters since they share backend.
+    "xiaomi", "nio", "minimax", "zhipu", "iqiyi", "agibot", "zerooneai", "baichuan",
+    // bytedance: atsx-throne tenant, same /api/v1/user/applications (1.0.63)
+    "bytedance",
+    // Beisen Wecruit family: anon probe with X-Requested-With (1.0.63)
+    "sensetime", "horizonrobotics",
 ]);
 const HELP = `
 job-pro — query Chinese big-tech campus recruiting from your terminal

package/dist/wecruit.js

@@ -410,11 +410,15 @@ export function createAdapter(cfg) {
                 submit_endpoint: `${SITE_ROOT}/wecruit/delivery/resume/${encodeURIComponent(ch.channelId)}`,
                 submit_method: "POST",
                 submit_kind: "beisen-wecruit",
+                endpoint_verified: true,
                 submit_notes: "Beisen Wecruit apply flow: POST /wecruit/resume/upload/file/save/<SU> → " +
                     "POST /wecruit/resume/info/add/<SU> → POST /wecruit/delivery/resume/<SU> with " +
-                    "{ post_id, resume_attachment_id, channel_id }. Requires candidate session " +
-                    "(WeChat OAuth or phone OTP via /pb/<channel>/login.html). Capture via extension/, " +
-                    "drop session.json under ~/.jobpro/. Multi-step submitter lands in a future iteration.",
+                    "{ post_id, resume_attachment_id, channel_id }. Endpoint verified by reading " +
+                    "/pb/js/vendor.js (Beisen Wecruit's vendor bundle) which lists /delivery/resume/, " +
+                    "/resume/info/add/, /resume/upload/file/save/ etc as quoted paths. Anon-probe with " +
+                    "X-Requested-With:XMLHttpRequest header → HTTP 200 + {type:\"error\",state:\"809\"," +
+                    "msg:\"您尚未登录...\"} = real auth gate (without that header, Nginx returns the SPA HTML). " +
+                    "Requires candidate session (WeChat OAuth or phone OTP via /pb/<channel>/login.html).",
                 questions,
             },
         };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "job-pro",
-  "version": "1.0.61",
+  "version": "1.0.63",
   "description": "Query Chinese big-tech campus recruiting from your terminal. 50 companies, all 50 live. 46 via each company's own API; the 4 with no public canonical feed (Hikvision, CICC, Cainiao, WeBank) surfaced via Liepin as a clearly-labeled third-party fallback. No signup, no token, no server.",
   "homepage": "https://job.ha7ch.com",
   "repository": "https://github.com/HA7CH/job-pro",