mirror of
https://github.com/LightZirconite/Microsoft-Rewards-Bot.git
synced 2026-01-09 00:56:16 +00:00
Updated package version from 3.5.3 to 3.5.4 and improved email masking to enhance security
This commit is contained in:
6
package-lock.json
generated
6
package-lock.json
generated
@@ -1,12 +1,12 @@
|
||||
{
|
||||
"name": "microsoft-rewards-bot",
|
||||
"version": "3.5.3",
|
||||
"version": "3.5.4",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "microsoft-rewards-bot",
|
||||
"version": "3.5.3",
|
||||
"version": "3.5.4",
|
||||
"license": "CC-BY-NC-SA-4.0",
|
||||
"dependencies": {
|
||||
"axios": "^1.8.4",
|
||||
@@ -4291,4 +4291,4 @@
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "microsoft-rewards-bot",
|
||||
"version": "3.5.3",
|
||||
"version": "3.5.4",
|
||||
"description": "Automate Microsoft Rewards points collection",
|
||||
"private": true,
|
||||
"main": "index.js",
|
||||
|
||||
@@ -63,11 +63,11 @@ class DashboardState {
|
||||
setRunning(running: boolean, currentAccount?: string): void {
|
||||
this.status.running = running
|
||||
this.status.currentAccount = currentAccount
|
||||
|
||||
|
||||
if (running && !this.status.startTime) {
|
||||
this.status.startTime = new Date().toISOString()
|
||||
}
|
||||
|
||||
|
||||
if (!running) {
|
||||
this.status.lastRun = new Date().toISOString()
|
||||
this.status.startTime = undefined
|
||||
@@ -75,7 +75,7 @@ class DashboardState {
|
||||
this.status.currentAccount = undefined
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
this.notifyChange('status', this.getStatus())
|
||||
}
|
||||
|
||||
@@ -127,17 +127,17 @@ class DashboardState {
|
||||
private maskEmail(email: string): string {
|
||||
const parts = email.split('@')
|
||||
if (parts.length !== 2) return '***@***'
|
||||
|
||||
|
||||
const [local, domain] = parts
|
||||
if (!local || !domain) return '***@***'
|
||||
|
||||
|
||||
// SECURITY: More aggressive masking to prevent account enumeration
|
||||
const maskedLocal = local.length <= 2 ? '**' : local.slice(0, 2) + '*'.repeat(Math.min(local.length - 2, 5))
|
||||
|
||||
|
||||
const domainParts = domain.split('.')
|
||||
const tld = domainParts.pop() || 'com'
|
||||
const maskedDomain = domain.length <= 4 ? '***.' + tld : domain.slice(0, 2) + '***.' + tld
|
||||
|
||||
|
||||
return `${maskedLocal}@${maskedDomain}`
|
||||
}
|
||||
|
||||
@@ -145,7 +145,7 @@ class DashboardState {
|
||||
public initializeAccounts(emails: string[]): void {
|
||||
// Load points from sessions if available
|
||||
const pointsMap = loadAllPointsFromSessions()
|
||||
|
||||
|
||||
for (const email of emails) {
|
||||
if (!this.accounts.has(email)) {
|
||||
// Try to get points from session or job state
|
||||
@@ -153,7 +153,7 @@ class DashboardState {
|
||||
if (points === undefined) {
|
||||
points = loadPointsFromJobState(email)
|
||||
}
|
||||
|
||||
|
||||
this.accounts.set(email, {
|
||||
email,
|
||||
maskedEmail: this.maskEmail(email),
|
||||
|
||||
Reference in New Issue
Block a user