The big change: I split collectors into "stable" (14) and "unstable" (5). Stable ones like canvas, webgl, fonts go into the hash. Unstable ones like battery level, network speed, local IPs are still collected but don't affect the fingerprint.
You get consistent hashes across reloads while still having access to all the data.
Also added bot detection - catches Puppeteer, Playwright, Selenium, headless browsers, CDP artifacts, canvas noise injection.
19 collectors total, ~15KB, zero deps, TypeScript.
Thinking about building a SaaS layer on top with server-side analysis and ML risk scoring. The lib stays MIT. Not sure if there's room next to Fingerprint Pro or if they've got it locked down - would be curious to hear thoughts on that.
Feedback on the stable/unstable approach welcome.