Skip to content

Releases: Code-Vedas/ncaptcha

v2.0.0

12 Mar 03:21
@github-actions github-actions
v2.0.0
caec1cf
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.0.0 Latest
Latest

Changes

🚀 Features

Added

  • Modern TypeScript + ESM package structure targeting Node.js 20+.
  • New functional API: createChallenge(options?) and verifyChallenge(input).
  • Stateless signed captcha verification with HMAC-SHA256.
  • Replay hook support in verification and explicit replayed reason.
  • Stronger captcha rendering with layered distortion/noise controls.
  • Runtime input validation for distortion/noise and secure token parsing.
  • Native node:test test suite with strict coverage thresholds.
  • ESLint setup with strict lint gate in CI.
  • GitHub workflows for CI, Release Drafter, and Trusted Publishing release flow.

Changed

  • Breaking API migration from legacy class API (generate/check) to function-based API.
  • Captcha output now returns PNG Buffer + mime type instead of only data URL flow.
  • Project tooling moved from legacy Mocha/nyc/Travis stack to modern TypeScript + GitHub Actions.

Security

  • Constant-time signature/hash comparisons for verification checks.
  • Base64url encoding/decoding path hardened to avoid regex-based ReDoS findings.

Removed

  • Legacy v1 implementation and test stack.
  • Legacy CI (.travis.yml) and yarn lockfile.

Contributors

niteshpurohit
Assets 2
Loading