feat: update documentation and improve error reporting features

2026-01-09 17:06:15 +00:00 · 2025-12-16 20:59:58 +01:00
parent 1a19c880f7
commit a5ecf36668
7 changed files with 253 additions and 214 deletions
--- a/README.md
+++ b/README.md
@@ -2,40 +2,126 @@
 <p align="center">
 	<img src="assets/logo.png" alt="Microsoft Rewards Bot logo" width="180" />
 	<br />
 	<a href="https://discord.gg/k5uHkx9mne">Join the Discord</a> · <a href="https://github.com/LightZirconite/Microsoft-Rewards-Bot/stargazers">Star the project</a>
 </p>
-Automates Microsoft Rewards tasks so you collect points with minimal setup.
+<p align="center">
 	<a href="https://github.com/LightZirconite/Microsoft-Rewards-Bot/releases"><img src="https://img.shields.io/badge/version-3.5.0-blue?style=flat-square" alt="Version 3.5.0" /></a>
 	<a href="https://nodejs.org/"><img src="https://img.shields.io/badge/node-≥20-brightgreen?style=flat-square&logo=nodedotjs" alt="Node.js 20+" /></a>
 	<a href="https://www.typescriptlang.org/"><img src="https://img.shields.io/badge/TypeScript-strict-3178c6?style=flat-square&logo=typescript" alt="TypeScript" /></a>
 	<a href="https://discord.gg/k5uHkx9mne"><img src="https://img.shields.io/badge/Discord-Join-5865F2?style=flat-square&logo=discord&logoColor=white" alt="Discord" /></a>
 	<a href="https://github.com/LightZirconite/Microsoft-Rewards-Bot/stargazers"><img src="https://img.shields.io/github/stars/LightZirconite/Microsoft-Rewards-Bot?style=flat-square&color=gold" alt="Stars" /></a>
 </p>
-## Install
+<p align="center">
- Install Node.js 20 or newer.
+	<b>v3.5 Remaster</b> — The most advanced Microsoft Rewards automation tool.<br />
- Clone this repository.
+	Human-like behavior · Anti-detection · Multi-account · Dashboard · Scheduling
- Run `npm install` inside the project folder.
+</p>
-## Setup
+---
 - Copy `src/accounts.example.jsonc` to `src/accounts.jsonc` and add your accounts.
 - Adjust `src/config.jsonc` only if you want to change defaults.
 - (Optional) set `DISCORD_WEBHOOK_URL` for alerts.
-## Run
+## ⚡ Quick Start
 - `npm start` to build if needed and run once.
 - `npm run dashboard` to view the web dashboard.
 - `npm run dev` for local development mode.
 - `npm run creator` for account creation mode (see warning below).
 - `npm run docker:compose` to run in Docker.
-## Modes
+```bash
- Default: runs daily tasks once, then stops.
+# 1. Clone the repository
- Dashboard: serves a simple web panel to monitor runs.
+git clone https://github.com/LightZirconite/Microsoft-Rewards-Bot.git
- Dev: runs from source with fast restarts for editing.
+cd Microsoft-Rewards-Bot
 - Account creation: creates new Microsoft accounts.
 - Docker: runs the bot in a container with built-in scheduling.
-## Account Creation Warning
+# 2. Setup accounts
- New accounts can be flagged if they earn points immediately.
+cp src/accounts.example.jsonc src/accounts.jsonc
- Let fresh accounts sit for a few weeks before using them.
+# Edit src/accounts.jsonc with your Microsoft account(s)
- Use account creation mode only if you accept this risk.
+
 # 3. Run
 npm start
 ```
 ## Features
 | Feature | Description |
 |---------|-------------|
 | 🤖 **Full Automation** | Daily Set, More Promotions, Punch Cards, Read to Earn, Daily Check-in |
 | 🔍 **Smart Searches** | Desktop & Mobile with diverse query sources (Google Trends, Reddit) |
 | 🛡️ **Anti-Detection** | Advanced fingerprinting, humanized delays, natural mouse movements |
 | 📊 **Web Dashboard** | Real-time monitoring panel for all accounts |
 | ⏰ **Built-in Scheduler** | Run automatically at specified times with jitter |
 | 📱 **Multi-Account** | Process multiple accounts in parallel clusters |
 | 🐳 **Docker Ready** | Production-ready containerization |
 | 🔔 **Notifications** | Discord webhooks, NTFY push notifications |
 | 🛠️ **Account Creator** | Automated Microsoft account registration |
 | 💾 **Job State** | Resume-on-crash, skip completed accounts |
 ## Documentation
-Explore the **[full documentation](docs/index.md)** for detailed guides on setup, running modes, scheduling, and troubleshooting.
+
 📚 **[Full Documentation](docs/index.md)** — Setup guides, configuration, scheduling, troubleshooting.
 ## Commands
 | Command | Description |
 |---------|-------------|
 | `npm start` | Build and run the bot |
 | `npm run dashboard` | Start web monitoring panel |
 | `npm run creator` | Account creation wizard |
 | `npm run dev` | Development mode with hot reload |
 | `npm run docker:compose` | Run in Docker container |
 ## Account Creation Warning
 ⚠️ New accounts may be flagged if they earn points immediately. Let fresh accounts age 2-4 weeks before using them.
 ---
 ## 🔥 Why Choose This Bot?
 This fork is the **most feature-complete and actively maintained** Microsoft Rewards automation tool. Here's how we compare to the original [TheNetsky/Microsoft-Rewards-Script](https://github.com/TheNetsky/Microsoft-Rewards-Script):
 | Feature | **This Bot (v3.5 Remaster)** | Original Script |
 |---------|:----------------------------:|:---------------:|
 | **Anti-Detection System** | ✅ Advanced (fingerprints, humanization, gestures) | ⚠️ Basic |
 | **Query Diversity Engine** | ✅ Multi-source (Google Trends, Reddit, News) | ❌ Google Trends only |
 | **Web Dashboard** | ✅ Real-time monitoring | ❌ None |
 | **Built-in Scheduler** | ✅ Internal scheduler with jitter | ❌ External cron only |
 | **Account Creator** | ✅ Full automation wizard | ❌ None |
 | **Job State Management** | ✅ Resume-on-crash, skip completed | ❌ None |
 | **Error Reporting** | ✅ Automatic (helps improve project) | ❌ None |
 | **Vacation Mode** | ✅ Natural usage patterns | ❌ None |
 | **Risk Management** | ✅ Adaptive delays, ban prediction | ❌ None |
 | **Documentation** | ✅ Comprehensive guides | ⚠️ Minimal (TODO) |
 | **NTFY Push Notifications** | ✅ Supported | ❌ None |
 | **Semantic Deduplication** | ✅ Smart query filtering | ❌ Basic dedup |
 | **Human Typing Simulation** | ✅ Variable speed, typos | ⚠️ Fixed delay |
 | **Compromised Mode Recovery** | ✅ Auto-handles security prompts | ❌ None |
 | **Multi-Pass Runs** | ✅ Configurable passes per run | ❌ Single pass |
 ### Why the Remaster?
 The original script served as a solid foundation, but lacked the sophisticated anti-detection measures required for long-term reliability. This remaster addresses:
 1. **Detection Risk** — Microsoft actively monitors for bot behavior. Our advanced humanization (random delays, mouse gestures, scroll patterns) significantly reduces ban risk.
 2. **Reliability** — Job state management means crashed runs resume where they left off. No more re-running completed accounts.
 3. **Usability** — Web dashboard, comprehensive documentation, and built-in scheduling make this accessible to everyone—not just developers.
 4. **Maintenance** — Active development with regular updates, bug fixes, and community support via Discord.
 ### Migration from Original Script
 Already using TheNetsky's script? Migration is simple:
 ```bash
 # Your accounts.jsonc format is compatible!
 # Just copy your accounts file to src/accounts.jsonc
 ```
 ---
 ## Disclaimer
 > ⚠️ **Use at your own risk.** Automation of Microsoft Rewards may lead to account suspension. This software is for educational purposes only. The authors are not responsible for any actions taken by Microsoft.
 ---
 <p align="center">
 	<a href="https://discord.gg/k5uHkx9mne">Discord</a> · 
 	<a href="docs/index.md">Documentation</a> · 
 	<a href="https://github.com/LightZirconite/Microsoft-Rewards-Bot/issues">Report Bug</a>
 </p>
--- a/api/report-error.js
+++ b/api/report-error.js
@@ -1,147 +0,0 @@
 const { randomUUID } = require('crypto')
 const MAX_BODY_SIZE = 10000
 const MAX_TEXT = 900
 const MAX_FIELD = 120
 const MAX_STACK_LINES = 8
 const AUTH_HEADER = 'x-error-report-token'
 function isPlainObject(value) {
    return Boolean(value) && typeof value === 'object' && !Array.isArray(value)
 }
 function trimAndLimit(value, limit) {
    if (typeof value !== 'string') {
        return ''
    }
    const trimmed = value.trim()
    return trimmed.length > limit ? `${trimmed.slice(0, limit)}…` : trimmed
 }
 function formatMetadata(metadata) {
    if (!isPlainObject(metadata)) {
        return 'Not provided'
    }
    const entries = Object.entries(metadata).filter(([key, val]) => typeof key === 'string' && (typeof val === 'string' || typeof val === 'number' || typeof val === 'boolean'))
    if (entries.length === 0) {
        return 'Not provided'
    }
    const limited = entries.slice(0, 6)
    const lines = limited.map(([key, val]) => {
        const valueText = trimAndLimit(String(val), MAX_FIELD)
        return `${trimAndLimit(key, MAX_FIELD)}: ${valueText}`
    })
    return lines.join('\n')
 }
 async function readJsonBody(req) {
    if (req.body) {
        return req.body
    }
    let data = ''
    for await (const chunk of req) {
        data += chunk
        if (data.length > MAX_BODY_SIZE) {
            throw new Error('Payload too large')
        }
    }
    if (!data) {
        return {}
    }
    return JSON.parse(data)
 }
 module.exports = async function handler(req, res) {
    res.setHeader('Content-Type', 'application/json')
    if (req.method !== 'POST') {
        res.setHeader('Allow', 'POST')
        res.status(405).json({ error: 'Method not allowed' })
        return
    }
    const webhookUrl = process.env.DISCORD_WEBHOOK_URL
    const authToken = process.env.ERROR_REPORT_TOKEN
    if (!webhookUrl) {
        res.status(500).json({ error: 'Webhook not configured' })
        return
    }
    if (!authToken) {
        res.status(500).json({ error: 'Reporting token not configured' })
        return
    }
    const providedHeader = req.headers?.[AUTH_HEADER]
    const providedToken = Array.isArray(providedHeader) ? providedHeader[0] : providedHeader
    if (!providedToken || providedToken !== authToken) {
        res.status(401).json({ error: 'Unauthorized' })
        return
    }
    let body
    try {
        body = await readJsonBody(req)
    } catch (error) {
        res.status(400).json({ error: 'Invalid JSON body' })
        return
    }
    const errorText = trimAndLimit(body.error, MAX_TEXT)
    if (!errorText) {
        res.status(400).json({ error: 'Field \'error\' is required' })
        return
    }
    const summary = trimAndLimit(body.summary || body.message || '', 140)
    const errorType = trimAndLimit(body.type || 'unspecified', 80)
    const environment = trimAndLimit((body.environment && (body.environment.name || body.environment)) || process.env.VERCEL_ENV || process.env.NODE_ENV || 'unspecified', 80)
    const metadata = formatMetadata(body.metadata)
    const stackSnippet = Array.isArray(body.stack)
        ? body.stack.slice(0, MAX_STACK_LINES).join('\n')
        : trimAndLimit(typeof body.stack === 'string' ? body.stack.split('\n').slice(0, MAX_STACK_LINES).join('\n') : '', MAX_TEXT)
    const requestId = randomUUID()
    const embed = {
        title: 'Error Report',
        description: summary || 'Automated error report received',
        color: 0xef4444,
        fields: [
            { name: 'Error', value: errorText, inline: false },
            { name: 'Type', value: errorType, inline: true },
            { name: 'Environment', value: environment, inline: true },
            { name: 'Request ID', value: requestId, inline: true }
        ],
        footer: { text: 'Microsoft Rewards Bot' },
        timestamp: new Date().toISOString()
    }
    if (metadata && metadata !== 'Not provided') {
        embed.fields.push({ name: 'Metadata', value: metadata, inline: false })
    }
    if (stackSnippet) {
        embed.fields.push({ name: 'Stack (truncated)', value: stackSnippet })
    }
    const payload = { embeds: [embed] }
    try {
        const response = await fetch(webhookUrl, {
            method: 'POST',
            headers: { 'Content-Type': 'application/json' },
            body: JSON.stringify(payload)
        })
        if (!response.ok) {
            res.status(502).json({ error: 'Failed to deliver report' })
            return
        }
        res.status(200).json({ status: 'reported' })
    } catch (error) {
        res.status(502).json({ error: 'Failed to deliver report' })
    }
 }
--- a/docs/error-reporting.md
+++ b/docs/error-reporting.md
@@ -1,20 +1,38 @@
-# Error Reporting API
+# Error Reporting
 ## What it does
-Accepts structured error reports and forwards them to Discord in a clean format. Submissions require a shared secret header so random users cannot spam your webhook.
+Automatically sends anonymized error reports to help improve the project. When enabled, the bot reports genuine bugs (not user configuration errors) to a central Discord webhook.
-## How to use
+## Privacy
- Set `DISCORD_WEBHOOK_URL` and `ERROR_REPORT_TOKEN` in your environment (e.g., Vercel project settings → Environment Variables).
+- **No sensitive data is sent:** Emails, passwords, tokens, and file paths are automatically redacted.
- Send a POST request to `/api/report-error` with header `x-error-report-token: <your token>` and JSON that includes at least `error`.
+- **Only genuine bugs are reported:** User configuration errors (wrong password, missing files) are filtered out.
- Optional fields: `summary`, `type`, `metadata` (object), `environment` (string or object with `name`).
+- **Completely optional:** Disable in config.jsonc if you prefer not to participate.
-## Example
+## How to configure
-```bash
+In src/config.jsonc:
-curl -X POST https://your-deployment.vercel.app/api/report-error \
+
-  -H "Content-Type: application/json" \
+```jsonc
-  -H "x-error-report-token: YOUR_TOKEN" \
+{
-  -d '{"error":"Search job failed","type":"search","metadata":{"account":"user@contoso.com"}}'
+  "errorReporting": {
    "enabled": true  // Set to false to disable
  }
 }
 ```
 ## What gets reported
 - Error message (sanitized)
 - Stack trace (truncated, paths removed)
 - Bot version
 - OS platform and architecture
 - Node.js version
 - Timestamp
 ## What is filtered out
 - Login failures (your credentials are never sent)
 - Account suspensions/bans
 - Configuration errors (missing files, invalid settings)
 - Network timeouts
 - Expected errors (daily limit reached, activity not available)
 ---
-**[← Back to Documentation](index.md)**
+**[Back to Documentation](index.md)**
--- a/docs/index.md
+++ b/docs/index.md
@@ -1,16 +1,37 @@
 # Microsoft Rewards Bot Docs
-This folder contains short, task-focused guides. Pick what you need and keep runs simple.
+Welcome to the **v3.5 Remaster** documentation. These guides cover everything from first-time setup to advanced configuration.
- **[Setup](setup.md)** — prerequisites and preparing account files.
+## Getting Started
- **[Running](running.md)** — commands to start the bot.
+- **[Setup](setup.md)** — Install prerequisites and configure your accounts.
- **[Modes](modes.md)** — what each mode does and when to use it.
+- **[Running](running.md)** — Commands to start the bot.
- **[Configuration](configuration.md)** — adjust the core settings file.
+- **[Modes](modes.md)** — Understand the different running modes.
- **[Account Creation](account-creation.md)** — create new accounts safely.
+
- **[Dashboard](dashboard.md)** — view progress in the web panel.
+## Configuration
- **[Scheduling](scheduling.md)** — automate runs on a schedule.
+- **[Configuration](configuration.md)** — Adjust bot behavior via `config.jsonc`.
- **[Notifications](notifications.md)** — send alerts to Discord or other webhooks.
+- **[Scheduling](scheduling.md)** — Automate daily runs with built-in scheduler.
- **[Error Reporting](error-reporting.md)** — send structured error reports to Discord.
+- **[Notifications](notifications.md)** — Discord webhooks and NTFY push alerts.
- **[Docker](docker.md)** — run the bot in a container.
+
- **[Update](update.md)** — keep the project up to date.
+## Features
- **[Troubleshooting](troubleshooting.md)** — quick fixes for common issues.
+- **[Dashboard](dashboard.md)** — Real-time web monitoring panel.
 - **[Account Creation](account-creation.md)** — Create new Microsoft accounts (use with caution).
 - **[Error Reporting](error-reporting.md)** — Automatic anonymized bug reports.
 ## Deployment
 - **[Docker](docker.md)** — Run the bot in a container with scheduling.
 - **[Update](update.md)** — Keep the project up to date.
 ## Help
 - **[Troubleshooting](troubleshooting.md)** — Quick fixes for common issues.
 ---
 ## Quick Reference
 | Command | Description |
 |---------|-------------|
 | `npm start` | Build and run the bot |
 | `npm run dashboard` | Start web monitoring panel |
 | `npm run creator` | Account creation wizard |
 | `npm run dev` | Development mode |
 | `npm run docker:compose` | Run in Docker |
--- a/docs/setup.md
+++ b/docs/setup.md
@@ -1,25 +1,85 @@
 # Setup
-Get the bot ready before running it.
+Get the bot ready before your first run.
-## What it does
+## Prerequisites
-Creates a safe baseline so your accounts and config are ready.
+- **Node.js 20 or newer** - [Download here](https://nodejs.org/)
 - **Git** (optional) - For cloning the repository
-## How to use
+## Installation
-1. Install Node.js 20 or newer.
+
-2. Copy `src/accounts.example.jsonc` to `src/accounts.jsonc` and fill in your accounts.
+```bash
-3. Review `src/config.jsonc`; defaults work for most people.
+# Clone the repository
-4. (Optional) set `DISCORD_WEBHOOK_URL` in your environment for alerts.
+git clone https://github.com/LightZirconite/Microsoft-Rewards-Bot.git
 cd Microsoft-Rewards-Bot
 # Install dependencies (happens automatically on first run)
 npm install
 ```
 ## Account Configuration
 1. Copy the example file:
   ```bash
   cp src/accounts.example.jsonc src/accounts.jsonc
   ```
 2. Edit src/accounts.jsonc with your Microsoft account(s):
 ## Example
 ```jsonc
 [
  {
-    "email": "you@example.com",
+    "email": "your-email@outlook.com",
    "password": "your-password"
  },
  {
    "email": "second-account@outlook.com",
    "password": "another-password",
    "totp": "YOUR_2FA_SECRET"  // Optional: for accounts with 2FA
  }
 ]
 ```
 ## Optional: 2FA Support
 If your account has two-factor authentication enabled, add the TOTP secret:
 - Extract the secret from your authenticator app setup QR code
 - Add it as the totp field in your account entry
 ## Optional: Proxy Support
 For accounts that need a proxy:
 ```jsonc
 {
  "email": "account@outlook.com",
  "password": "password",
  "proxy": "http://user:pass@proxy.example.com:8080"
 }
 ```
 ## Optional: Discord Notifications
 Set up Discord webhook alerts:
 ```bash
 # Windows
 set DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/...
 # Linux/Mac
 export DISCORD_WEBHOOK_URL=https://discord.com/api/webhooks/...
 ```
 Or configure in src/config.jsonc:
 ```jsonc
 {
  "webhook": {
    "enabled": true,
    "url": "https://discord.com/api/webhooks/..."
  }
 }
 ```
 ## Verify Setup
 Run the bot once to verify everything works:
 ```bash
 npm start
 ```
 ---
-**[← Back to Documentation](index.md)**
+**[Back to Documentation](index.md)**
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "microsoft-rewards-bot",
-  "version": "3.0.0",
+  "version": "3.5.0",
  "description": "Automate Microsoft Rewards points collection",
  "private": true,
  "main": "index.js",
--- a/src/util/notifications/ErrorReportingWebhook.ts
+++ b/src/util/notifications/ErrorReportingWebhook.ts
@@ -116,7 +116,8 @@ function shouldReportError(errorMessage: string): boolean {
 }
 // Hardcoded webhook URL for error reporting (obfuscated)
-const ERROR_WEBHOOK_URL = 'aHR0cHM6Ly9kaXNjb3JkLmNvbS9hcGkvd2ViaG9va3MvMTQzNzExMTk2MjM5NDY4OTYyOS90bHZHS1phSDktckppcjR0blpLU1pwUkhTM1liZU40dlpudUN2NTBrNU1wQURZUlBuSG5aNk15YkFsZ0Y1UUZvNktIXw=='
+// This webhook receives anonymized error reports to help improve the project
 const ERROR_WEBHOOK_URL = 'aHR0cHM6Ly9kaXNjb3JkLmNvbS9hcGkvd2ViaG9va3MvMTQ1MDU3NDQ4OTgwNDA4MzIzNC9SVGFQYXluNktVSUQtb2o2NVVQWHVrb2tpRXY1blJsdlJHc2R4MGZfVVZRMkJlN0hlOXc1bWxQb3lRQUV4OHlkc3Q4cA=='
 /**
 * Send error report to Discord webhook for community contribution