Gathering detailed insights and metrics for puppeteer-afp
Gathering detailed insights and metrics for puppeteer-afp
Installations
npm install puppeteer-afpScore
80.7
Supply Chain
98.3
Quality
80
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Developer
pavlealeksic
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
16.17.1
NPM Version
8.15.0
Statistics
117 Stars
29 Commits
9 Forks
2 Watching
1 Branches
3 Contributors
Updated on 21 Nov 2024
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
315,727
Last day
15.3%
962
Compared to previous day
Last week
30.6%
5,105
Compared to previous week
Last month
-5.4%
17,451
Compared to previous month
Last year
152.7%
216,276
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
puppeteer-afp
Stop websites fingerprinting your puppeteer browser instances.
This covers: Canvas Fingerprinting, WebGL Fingerprinting, AudioContext Fingerprinting, Font Fingerprinting
Installation
1yarn add puppeteer-afp 2# - or - 3npm install puppeteer-afp
Usage
1const puppeteer = require('puppeteer'); 2const { 3 protectPage, 4 protectedBrowser, 5} = require('puppeteer-afp'); 6 7const browser = await puppeteer.launch(); 8// I always use this method to get the active page, and not to have to open a new tab 9const pageToProtect = (await browser.pages())[0]; 10// For these options, all are optional, and you dont have to use them, 11// these are used just if you want to reuse a fingerprint 12const options = { 13 canvasRgba: [0, 0, 0, 0], //all these numbers can be from -5 to 5 14 webglData: { 15 3379: 32768, //16384, 32768 16 3386: { 17 0: 32768, // 8192, 16384, 32768 18 1: 32768, // 8192, 16384, 32768 19 }, 20 3410: 2, // 2, 4, 8, 16 21 3411: 2, // 2, 4, 8, 16 22 3412: 16, // 2, 4, 8, 16 23 3413: 2, // 2, 4, 8, 16 24 7938: "WebGL 1.0 (OpenGL Chromium)", // "WebGL 1.0", "WebGL 1.0 (OpenGL)", "WebGL 1.0 (OpenGL Chromium)" 25 33901: { 26 0: 1, 27 1: 1, // 1, 1024, 2048, 4096, 8192 28 }, 29 33902: { 30 0: 1, 31 1: 4096, // 1, 1024, 2048, 4096, 8192 32 }, 33 34024: 32768, //16384, 32768 34 34047: 8, // 2, 4, 8, 16 35 34076: 16384, //16384, 32768 36 34921: 16, // 2, 4, 8, 16 37 34930: 16, // 2, 4, 8, 16 38 35660: 2, // 2, 4, 8, 16 39 35661: 32, // 16, 32, 64, 128, 256 40 35724: "WebGL GLSL ES", // "WebGL", "WebGL GLSL", "WebGL GLSL ES", "WebGL GLSL ES (OpenGL Chromium)" 41 36347: 4096, // 4096, 8192 42 36349: 8192, // 1024, 2048, 4096, 8192 43 37446: "HD Graphics", // "Graphics", "HD Graphics", "Intel(R) HD Graphics" 44 }, 45 fontFingerprint: { 46 noise: 1, // -1, 0, 1, 2 47 sign: +1, // -1, +1 48 }, 49 audioFingerprint: { 50 getChannelDataIndexRandom: 0.7659530895341677, // all values of Math.random() can be used 51 getChannelDataResultRandom: 0.7659530895341677, // all values of Math.random() can be used 52 createAnalyserIndexRandom: 0.7659530895341677, // all values of Math.random() can be used 53 createAnalyserResultRandom: 0.7659530895341677, // all values of Math.random() can be used 54 }, 55 webRTCProtect: true //this option is used to disable or enable WebRTC disabling by destroying get user media 56 }; 57// run this function on any page you want to protect, so pages loaded on 58// this page after this is done will be protected 59await protectPage(pageToProtect, options); 60 61//Another way of using it is to protect automatically a new tab, 62//and if you want the fingerprint to change, just remove the options parameter: 63const protectedChromium = await protectedBrowser(browser, options); 64//and then we use the following command: 65const protectedPage = protectedChromium.newProtectedPage() 66
Go to https://webbrowsertools.com with your browser and check your fingerprints
Creator
Pavle Aleksic
License
This project is licensed under the terms of the MIT license.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish-github-packages.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/pavlealeksic/puppeteer-afp/npm-publish-github-packages.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish-github-packages.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/pavlealeksic/puppeteer-afp/npm-publish-github-packages.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish-github-packages.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/pavlealeksic/puppeteer-afp/npm-publish-github-packages.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish-github-packages.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/pavlealeksic/puppeteer-afp/npm-publish-github-packages.yml/master?enable=pin
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 2 out of 2 npmCommand dependencies pinned
Reason
Found 2/27 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/npm-publish-github-packages.yml:25
- Warn: jobLevel 'packages' permission set to 'write': .github/workflows/npm-publish-github-packages.yml:26
- Warn: no topLevel permission defined: .github/workflows/npm-publish-github-packages.yml:1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 4 are checked with a SAST tool
Reason
21 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-2j2x-2gpw-g8fm
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-g6ww-v8xp-vmwg
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Score
2.7
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More