Skip to content

Fix 1.61 build: actually download the patched driver (not vanilla)#3

Merged
Hackerbone merged 1 commit into
mainfrom
fix/1.61-patched-driver-download
Jul 7, 2026
Merged

Fix 1.61 build: actually download the patched driver (not vanilla)#3
Hackerbone merged 1 commit into
mainfrom
fix/1.61-patched-driver-download

Conversation

@Hackerbone

Copy link
Copy Markdown
Collaborator

Problem

The published patchright==1.61.0 wheel ships a vanilla playwright-core driver — proven by inspecting it: navigator.webdriver === true, Runtime.enable used 10×, no --disable-blink-features=AutomationControlled in chromiumSwitches, 0 patchright strings, driver version 1.61.1-beta-<ts>. Patchright's core stealth lives in the driver, so the wheel is detectable — the ray-ban crawler was Akamai bot-blocked despite a residential proxy.

This also corrects the premise in the networkidle tooling docstrings ("patchright-python bundles a vanilla driver, stealth is Python-layer"): it does not — the driver must be the patched one.

Root cause

Playwright-Python 1.61 restructured setup.py: driver_version now reads from a DRIVER_VERSION file, and the bundle is assembled from the vanilla playwright-core npm package via ensure_driver_bundle() (no cdn.playwright.dev url). The existing driver_version/url AST rewrites match neither and silently no-op → the build falls back to vanilla.

Fix (+55 lines on current main)

  • patch_driver_version_file() — pin DRIVER_VERSION to the patched driver version.
  • patch_ensure_driver_bundle() — rewrite the function to curl our patched driver ZIP from bugbasesecurity/patchright releases (stealth and networkidle already baked in).
  • Workflow: optional patchright_driver_version input; refreshed defaults.

The post-build patch_wheels_networkidle.mjs step stays as an idempotent safety net (it detects challenges.cloudflare.com in the already-patched driver and skips).

Verification (end-to-end, local)

  • Patcher runs clean on microsoft/playwright-python@v1.61.0; writes DRIVER_VERSION=1.61.0; rewrites ensure_driver_bundlebugbasesecurity/patchright.
  • Built manylinux1_x86_64 wheel: driver has 39 patchright strings, the flag in chromiumSwitches, networkidle present.
  • Installed the built wheel → navigator.webdriver is false on a plain launch()+new_context(), no manual flag.

🤖 Generated with Claude Code

The published 1.61.0 wheel shipped a VANILLA playwright-core driver: proven by
inspecting it (navigator.webdriver=true, Runtime.enable used 10x, no
--disable-blink-features in chromiumSwitches, 0 patchright strings, driver
version 1.61.1-beta). Patchright's core stealth lives in the DRIVER, so the
wheel was detectable (Akamai bot-blocked the ray-ban crawler despite a
residential proxy). This corrects the assumption that patchright-python's
stealth is 'Python-layer' with a vanilla driver — it is not.

Root cause: Playwright-Python 1.61 restructured setup.py — driver_version now
reads from a DRIVER_VERSION file, and the bundle is assembled from the vanilla
playwright-core npm package via ensure_driver_bundle() (no cdn.playwright.dev
url). The existing driver_version/url AST rewrites matched neither and silently
no-op'd, so the build fell back to the vanilla driver.

- patch_driver_version_file(): pin DRIVER_VERSION to the patched driver version.
- patch_ensure_driver_bundle(): rewrite the function to curl our patched driver
  ZIP from bugbasesecurity/patchright releases (stealth + networkidle baked in).
- Workflow: optional patchright_driver_version input; refreshed defaults.

The post-build networkidle step (patch_wheels_networkidle.mjs) is now an
idempotent safety net — the downloaded driver already carries the exclusion, so
it detects it and skips.

Verified end-to-end: patcher runs clean on playwright-python v1.61.0; built
manylinux wheel bundles the patched driver (39 patchright strings,
--disable-blink-features=AutomationControlled in chromiumSwitches, networkidle
present); installed wheel -> navigator.webdriver is false on a plain
launch()+new_context() with no manual flag.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@Hackerbone Hackerbone merged commit 74b79a1 into main Jul 7, 2026
@Hackerbone Hackerbone deleted the fix/1.61-patched-driver-download branch July 7, 2026 10:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants