feat: enhance fingerprinting system with audio_v2, canvas_v2, WebGL2, and spoofing detection

[Copilot]

• Analyze Fingerprint-OSS codebase and reference repos (creepjs, thumbmarkjs)
• Create src/enhanced.ts with new fingerprinting functions
• Update src/types.ts with new enhanced interfaces
• Update src/systemInfo.ts to collect enhanced data
• Export new functions from src/index.ts
• Apply PR review feedback (audio, canvas fast paths, camelCase, non-enumerable, parallel, viewport)
• Simplify 2-frame canvas stabilisation: always uses stable.set(frames[0].data) — the ternary was redundant since both branches returned data0[i]

Note

Add enhanced fingerprinting signals (audio_v2, canvas_v2, WebGL2, spoofing detection) to fingerprint collection

• Adds getEnhancedAudioFingerprint using OfflineAudioContext with noise-injection detection via getChannelData/copyFromChannel comparison.
• Adds getEnhancedCanvasFingerprint that renders multiple frames and applies per-byte majority voting to stabilise pixel noise before hashing.
• Adds getEnhancedWebGL2Info collecting implementation limits, shader precision, and a hashed extension list from a WebGL2 context.
• Adds detectSpoofing that aggregates headless/anti-fingerprinting indicators (e.g. missing window.chrome, navigator.webdriver, software renderer, screen heuristics) into a weighted score.
• All signals are exposed via collectEnhancedFingerprint and attached as a non-enumerable enhanced property on SystemInfo, so JSON serialization and Object.keys() are unaffected.

^{Macroscope summarized 29726a1.}

[netlify]

❌ Deploy Preview for clever-starlight-3034ea failed. Why did it fail? →

Name	Link
🔨 Latest commit	29726a1
🔍 Latest deploy log	https://app.netlify.com/projects/clever-starlight-3034ea/deploys/69e7d15e9d2cb300082f9da6

[netlify]

❌ Deploy Preview for fingerprint-oss failed. Why did it fail? →

Name	Link
🔨 Latest commit	29726a1
🔍 Latest deploy log	https://app.netlify.com/projects/fingerprint-oss/deploys/69e7d15e02025d00081a3489

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[Copilot]

Pull request overview

This PR extends the fingerprinting pipeline by adding an optional enhanced namespace to SystemInfo, collecting additional (noise-stabilized / higher-entropy) signals and a spoofing/headless score while keeping existing outputs and hashing behavior backward-compatible.

Changes:

• Adds src/enhanced.ts with audio_v2, canvas_v2, webgl2, spoofing detection, and entropy scoring, plus an aggregate collectEnhancedFingerprint().
• Extends SystemInfo typing to include enhanced?: EnhancedFingerprintInfo.
• Wires enhanced collection into getSystemInfo() and re-exports the new APIs/types via src/index.ts.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 6 comments.

File	Description
src/enhanced.ts	Implements enhanced signal collection (audio/canvas/WebGL2) + spoofing scoring + entropy estimates.
src/types.ts	Adds new enhanced interfaces and attaches enhanced? to SystemInfo.
src/systemInfo.ts	Calls collectEnhancedFingerprint() and stores result under systemInfo.enhanced.
src/index.ts	Exposes enhanced functions/constants/types as named exports and on the default export object.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[IntegerAlex]

@copilot apply changes based on the comments in this thread

[Copilot]

@copilot apply changes based on the comments in this thread

Applied all review comments in commit 8500629 (plus a minor follow-up in 29726a1):

1. Audio pre-render check – getFloatFrequencyData now runs before startRendering() so it correctly tests pre-render silence state.
2. Canvas fast paths – replaced per-byte Map allocations with: direct set() for 1 frame; set() for 2 frames (always prefer first frame as tie-break); branchless majority-vote (a===b||a===c?a:b===c?b:a) for 3 frames; reusable Uint16Array(256) counts buffer for N-frame generic fallback.
3. camelCase keys – renamed audio_v2/canvas_v2/fp_version → audioV2/canvasV2/fpVersion.
4. Non-enumerable enhanced – attached via Object.defineProperty({enumerable: false}) so generateId/JSON.stringify are unaffected.
5. Parallel collection – collectEnhancedFingerprint() Promise is started before the first await in getSystemInfo().
6. visualViewport guard – changed || → &&, added typeof screen !== 'undefined' guard.

[macroscopeapp]

🟠 High src/systemInfo.ts:174

If any intermediate await (e.g., detectIncognito() at line 178) throws before line 256, enhancedPromise is never awaited, causing an unhandled promise rejection when collectEnhancedFingerprint() eventually rejects. This can crash Node.js configured with --unhandled-rejections=throw. Consider chaining .catch(() => {}) to enhancedPromise immediately after creation to suppress unhandled rejection warnings.

        // Start enhanced collection early so it runs in parallel with the
         // baseline async signals (incognito, adBlocker, audio, webGL, cores).
-        const enhancedPromise = collectEnhancedFingerprint();
+        const enhancedPromise = collectEnhancedFingerprint().catch(() => undefined);
 
         // Check for incognito mode
         const incognitoMode = await detectIncognito();

🚀 Reply "fix it for me" or copy this AI Prompt for your agent:

In file src/systemInfo.ts around lines 174-176:

If any intermediate `await` (e.g., `detectIncognito()` at line 178) throws before line 256, `enhancedPromise` is never awaited, causing an unhandled promise rejection when `collectEnhancedFingerprint()` eventually rejects. This can crash Node.js configured with `--unhandled-rejections=throw`. Consider chaining `.catch(() => {})` to `enhancedPromise` immediately after creation to suppress unhandled rejection warnings.

Evidence trail:
src/systemInfo.ts lines 175-178 (enhancedPromise creation and first intermediate await), lines 185, 207, 210, 217 (additional intermediate awaits), line 255 (where enhancedPromise is finally awaited), src/incognito.ts line 372 (`main().catch(reject)` showing detectIncognito can reject)

[IntegerAlex]

fix it for me

[macroscopeapp]

I'm working on the fix now. Adding .catch(() => undefined) to enhancedPromise to suppress unhandled rejection warnings.

[macroscopeapp]

I was unable to create the branch macroscope/copilot/enhance-fingerprinting-system. This may be due to your branch protection rules. For more information, see the documentation at https://docs.macroscope.com/fix-it-for-me.

[IntegerAlex]

@macroscopeapp review

[IntegerAlex]

@macroscope-app review

[macroscopeapp]

Review in progress. Results will be posted when complete.

• Macroscope - Correctness Check

[IntegerAlex]

@macroscope-app review

[macroscopeapp]

Review in progress. Results will be posted when complete.

• Macroscope - Correctness Check

[macroscopeapp]

Approvability

Verdict: Needs human review

1 blocking correctness issue found. This PR introduces a significant new fingerprinting feature with ~700 lines of new code including audio fingerprinting via OfflineAudioContext, noise-stabilized canvas fingerprinting, WebGL2 signal collection, and spoofing/headless detection. As a substantial new capability with new public API surface, it warrants human review. Additionally, there is an unresolved high-severity comment identifying a potential unhandled promise rejection bug.

^{You can customize Macroscope's approvability policy. Learn more.}