forked from prebid/Prebid.js
-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore: update dset to fix a security issue #14
Open
jwbrandon
wants to merge
1
commit into
master
Choose a base branch
from
chore/fix-dset-security-warn
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
karimMourra
pushed a commit
that referenced
this pull request
Nov 3, 2022
…ebid#9125) * Improve Digital adapter: publisher endpoint, addtl consent, syncs (#14) - add bidders to sync url when extend mode enabled - set ConsentedProvidersSettings when extend mode enabled - dynamically generated AD_SERVER_URL when publisherId available * Code refactored * Minor changes Co-authored-by: Faisal Islam <[email protected]> Co-authored-by: Faisal Islam <[email protected]>
karimMourra
pushed a commit
that referenced
this pull request
Apr 5, 2023
* Improve Digital adapter: publisher endpoint, addtl consent, syncs (#14) - add bidders to sync url when extend mode enabled - set ConsentedProvidersSettings when extend mode enabled - dynamically generated AD_SERVER_URL when publisherId available * Code refactored * Minor changes * Fix an issue where uppercase </SCRIPT> tags broke the JS on page, as they were not properly escaped * fixed tests --------- Co-authored-by: Faisal Islam <[email protected]> Co-authored-by: Faisal Islam <[email protected]> Co-authored-by: Jozef Bartek <[email protected]> Co-authored-by: Jozef Bartek <[email protected]>
karimMourra
pushed a commit
that referenced
this pull request
May 10, 2023
) * collect EIDs for bid request * add ad slot positioning to payload * RPO-2012: Update local storage name-spacing for c_uid (#8) * Updates c_uid namespacing to be more specific for concert * fixes unit tests * remove console.log * RPO-2012: Add check for shared id (#9) * Adds check for sharedId * Updates cookie name * remove trailing comma * [RPO-3152] Enable Support for GPP Consent (#12) * Adds gpp consent integration to concert bid adapter * Update tests to check for gpp consent string param * removes user sync endpoint and tests * updates comment * cleans up consentAllowsPpid function * comment fix * rename variables for clarity * fixes conditional logic for consent allows function (#13) * [RPO-3262] Update getUid function to check for pubcid and sharedid (#14) * Update getUid function to check for pubcid and sharedid * updates adapter version --------- Co-authored-by: antoin <[email protected]> Co-authored-by: Antoin <[email protected]>
karimMourra
pushed a commit
that referenced
this pull request
May 10, 2023
* pageURL pull from topmostLocation * Kargo: Support for client hints (#9) * Starting SUA support * Kargo: Adding support for client hints * Adding tests for sua * Kargo: Update referer logic * Refactor of Kargo Prebid adapter. * PR comments addressed. * Feedback addressed. * Pr comments addressed. * Continuing refactor of Kargo Bid adapter. * Logic adjustment to exclude values when not present. Relying on server defaults. * Updating unit tests. * PR feedback addressed. * Refactoring bid adapter functions. * PR feedback addressed. * Additional refactoring. * Refactoring for each to use Object entries. * Minor fixes. * Minor fixes. * Minor fixes. * TDID and linting updates * Conflicts resolved with master. * Re-adding raw CRB storage (#14) * Updating shared IDs object name * Fixing missing ad markup * Removing package json changes. Fixing unit tests broken by recent changes. * Linting * send requestCount even when it is 0 for BTO (#18) * Reverting package.json change * Reverting package-lock.json changes * Cleanup * Test cleanup * Test fix Test fix All tests fixed * Adding test for TDID * Resolving merge issue --------- Co-authored-by: Neil Flynn <[email protected]> Co-authored-by: Julian Gan <[email protected]>
jorgeluisrocha
pushed a commit
that referenced
this pull request
May 23, 2023
…ebid#9125) * Improve Digital adapter: publisher endpoint, addtl consent, syncs (#14) - add bidders to sync url when extend mode enabled - set ConsentedProvidersSettings when extend mode enabled - dynamically generated AD_SERVER_URL when publisherId available * Code refactored * Minor changes Co-authored-by: Faisal Islam <[email protected]> Co-authored-by: Faisal Islam <[email protected]>
jorgeluisrocha
pushed a commit
that referenced
this pull request
May 23, 2023
* Improve Digital adapter: publisher endpoint, addtl consent, syncs (#14) - add bidders to sync url when extend mode enabled - set ConsentedProvidersSettings when extend mode enabled - dynamically generated AD_SERVER_URL when publisherId available * Code refactored * Minor changes * Fix an issue where uppercase </SCRIPT> tags broke the JS on page, as they were not properly escaped * fixed tests --------- Co-authored-by: Faisal Islam <[email protected]> Co-authored-by: Faisal Islam <[email protected]> Co-authored-by: Jozef Bartek <[email protected]> Co-authored-by: Jozef Bartek <[email protected]>
jorgeluisrocha
pushed a commit
that referenced
this pull request
May 23, 2023
) * collect EIDs for bid request * add ad slot positioning to payload * RPO-2012: Update local storage name-spacing for c_uid (#8) * Updates c_uid namespacing to be more specific for concert * fixes unit tests * remove console.log * RPO-2012: Add check for shared id (#9) * Adds check for sharedId * Updates cookie name * remove trailing comma * [RPO-3152] Enable Support for GPP Consent (#12) * Adds gpp consent integration to concert bid adapter * Update tests to check for gpp consent string param * removes user sync endpoint and tests * updates comment * cleans up consentAllowsPpid function * comment fix * rename variables for clarity * fixes conditional logic for consent allows function (#13) * [RPO-3262] Update getUid function to check for pubcid and sharedid (#14) * Update getUid function to check for pubcid and sharedid * updates adapter version --------- Co-authored-by: antoin <[email protected]> Co-authored-by: Antoin <[email protected]>
jorgeluisrocha
pushed a commit
that referenced
this pull request
May 23, 2023
* pageURL pull from topmostLocation * Kargo: Support for client hints (#9) * Starting SUA support * Kargo: Adding support for client hints * Adding tests for sua * Kargo: Update referer logic * Refactor of Kargo Prebid adapter. * PR comments addressed. * Feedback addressed. * Pr comments addressed. * Continuing refactor of Kargo Bid adapter. * Logic adjustment to exclude values when not present. Relying on server defaults. * Updating unit tests. * PR feedback addressed. * Refactoring bid adapter functions. * PR feedback addressed. * Additional refactoring. * Refactoring for each to use Object entries. * Minor fixes. * Minor fixes. * Minor fixes. * TDID and linting updates * Conflicts resolved with master. * Re-adding raw CRB storage (#14) * Updating shared IDs object name * Fixing missing ad markup * Removing package json changes. Fixing unit tests broken by recent changes. * Linting * send requestCount even when it is 0 for BTO (#18) * Reverting package.json change * Reverting package-lock.json changes * Cleanup * Test cleanup * Test fix Test fix All tests fixed * Adding test for TDID * Resolving merge issue --------- Co-authored-by: Neil Flynn <[email protected]> Co-authored-by: Julian Gan <[email protected]>
karimMourra
pushed a commit
that referenced
this pull request
Oct 3, 2023
…ebid#10356) * collect EIDs for bid request * add ad slot positioning to payload * RPO-2012: Update local storage name-spacing for c_uid (#8) * Updates c_uid namespacing to be more specific for concert * fixes unit tests * remove console.log * RPO-2012: Add check for shared id (#9) * Adds check for sharedId * Updates cookie name * remove trailing comma * [RPO-3152] Enable Support for GPP Consent (#12) * Adds gpp consent integration to concert bid adapter * Update tests to check for gpp consent string param * removes user sync endpoint and tests * updates comment * cleans up consentAllowsPpid function * comment fix * rename variables for clarity * fixes conditional logic for consent allows function (#13) * [RPO-3262] Update getUid function to check for pubcid and sharedid (#14) * Update getUid function to check for pubcid and sharedid * updates adapter version * [RPO-3405] Add browserLanguage to request meta object --------- Co-authored-by: antoin <[email protected]> Co-authored-by: Antoin <[email protected]> Co-authored-by: Brett Bloxom <[email protected]>
karimMourra
pushed a commit
that referenced
this pull request
Oct 3, 2023
* collect EIDs for bid request * add ad slot positioning to payload * RPO-2012: Update local storage name-spacing for c_uid (#8) * Updates c_uid namespacing to be more specific for concert * fixes unit tests * remove console.log * RPO-2012: Add check for shared id (#9) * Adds check for sharedId * Updates cookie name * remove trailing comma * [RPO-3152] Enable Support for GPP Consent (#12) * Adds gpp consent integration to concert bid adapter * Update tests to check for gpp consent string param * removes user sync endpoint and tests * updates comment * cleans up consentAllowsPpid function * comment fix * rename variables for clarity * fixes conditional logic for consent allows function (#13) * [RPO-3262] Update getUid function to check for pubcid and sharedid (#14) * Update getUid function to check for pubcid and sharedid * updates adapter version * [RPO-3405] Add browserLanguage to request meta object * ConcertBidAdapter: Add TDID (#20) * Add tdid to meta object * Fix null handling and add tests --------- Co-authored-by: antoin <[email protected]> Co-authored-by: Antoin <[email protected]> Co-authored-by: Brett Bloxom <[email protected]>
karimMourra
pushed a commit
that referenced
this pull request
Mar 6, 2024
* BeOp Bid Adapter: Add eids support (#14) * Fix tests
karimMourra
pushed a commit
that referenced
this pull request
Mar 6, 2024
* PE-87: Implement Prebid Adapter (#1) * PE-87: implement BT Bid Adapter * PE-87: rework adapter to use ortbConverter lib, make requested changes * PE-87: update imports * PE-110: Add user sync logic to the Prebid Adapter (#3) * PE-110: add user sync logic * PE-110: update userSync url * PE-110: check if iframe is enabled before setting params * PE-111: BT Prebid Adapter can request AA ads or regular ads (#2) * PE-120: Send Prebid Bidder info to BT Server (#4) * PE-120: add btBidderCode to the bid object * PE-120: use single quotes for logs string * PE-123: Add More Metadata in site.ext.blockthrough (#5) * PE-123: send additional meta data * PE-123: send auctionID under imp.ext.prebid.blockthrough * PE-123: use ortb2 config to set site.ext params * PE-123: sent auctionId in ext.prebid.blockthrough.auctionID * PE-123: update logs for bidderConfig setup * PE-000: check if blockthrough is defined (#6) * PE-87: remove BT specific logic (#7) * Implement Blockthrough Prebid Adapter * PE-87: Implement Prebid Adapter - misc fixes (#9) * PE-87: rename test file, add bidder config * PE-87: increase ttl * PE-000: fix test * BP-74: Change the way we enable debug (#10) * BP-79: Send GPID as a part of `imp[].ext` (#11) * BP-79: send gpid in imp.ext * BP-79: add optional operator * BP-90: Update Cookie Sync Logic (#12) * BP-90: pass bidder to cookie sync * BP-90: update sync logic, fix typo * BP-90: use const for syncs variable * BP-55: Re-add endpoint URLs (#13) * BP-91: Add prebid JS version to auction request (#14)
karimMourra
pushed a commit
that referenced
this pull request
Apr 12, 2024
* create setupadBidAdapter * add setupadBidAdapter * update setupadBidAdapter * update metrics collection * update analytics collection * update getUserSyncs * add setupadAnalyticsAdapter.js * test setupadAnalyticsAdapter * remove test: 1 * add GVLID && bug fixes && test updates * remove setupadAnalyticsAdapter * add userID module handling * add GVLID && bug fixes && test updates * remove setupadAnalyticsAdapter * add userID module handling * clean up && seat bugfix * clean up logs * add userID module handling * update md && clean up * Send setupad only on bidRequested * Fix bidResponse and bidWon responses * Improve bidResponse and bidWon logic * Revert changes to specific files * Remove test parameter * Fix multiple bidResponse and bidTimeout calls to getPixelUrl * eslint errors fixes(brackets added) * Add extra checks for events * Fix BIDDER_CODE const * update reporting endpoint * update setupadBidAdapter_spec.js REPORT_ENDPOINT * update readme * Revert "Merge branch 'prebid:master' into setupad-adapter" This reverts commit 1c14dbe, reversing changes made to 7fe9ea5. * Revert "Revert "Merge branch 'prebid:master' into setupad-adapter"" This reverts commit a34e3e4. * # This is a combination of 20 commits. # This is the 1st commit message: add setupadBidAdapter # This is the commit message #2: update setupadBidAdapter # This is the commit message #3: update metrics collection # This is the commit message #4: update analytics collection # This is the commit message #5: update getUserSyncs # This is the commit message #6: add setupadAnalyticsAdapter.js # This is the commit message #7: test setupadAnalyticsAdapter # This is the commit message #8: remove test: 1 # This is the commit message #9: add GVLID && bug fixes && test updates # This is the commit message #10: remove setupadAnalyticsAdapter # This is the commit message #11: add userID module handling # This is the commit message #12: clean up && seat bugfix # This is the commit message #13: add userID module handling # This is the commit message #14: add GVLID && bug fixes && test updates # This is the commit message #15: remove setupadAnalyticsAdapter # This is the commit message #16: add userID module handling # This is the commit message #17: clean up logs # This is the commit message #18: update md && clean up # This is the commit message #19: Send setupad only on bidRequested # This is the commit message #20: Fix bidResponse and bidWon responses * # This is a combination of 22 commits.tree 8abae7e6dffc9a21ad11770713ba485fc610028a parent cecfce3 author pavel <[email protected]> 1706627437 +0200 committer pavel <[email protected]> 1706627437 +0200 gpgsig -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEqGYI3KX/FkbObQG8FABtd4pCs/AFAmW5EW0ACgkQFABtd4pC s/CK3w//WWJSFUlycnnNKTV2XfdcBjooOeZZvjpXVthwr09CCC4uO//kw4bPluhn f5fcVFdXzrY1AZ6ch8Wo3msX/Pkso014jIGd5aIWcHpNYFtffACwH/40Y8AcJNZd bsOZxVK0awPTz/RihC5eY+0J3cP+iFWP/FlYJoHEQIBXq/Eg6mWoAhxwpL/JvxbY QbLFWsRn2ckQ6ftOZgm3/jh8VLaG1zWbWImlWEs5Zel+CorJBTniTj58VbApelYD TFMgbSR2I4NGVaqNIrHePnSMsDATxalQ2nZPwY6raKCHWIbvoUPIn/OpDMMbKgC7 nCwounNmObxFVoj3xusAZppzHpKPasY8xKWb2Kr7zfhZArsOMC6B7fYqQNK0cWG3 8RR/10oheJD9M2kRlfLiqnRv7ExY08SQ/ZMo9LA8BeRUGBXhh6++8FKhKIHvX1gL k1R5W6c+NNWP+PDFsmrFpMn+LpYdl84I7yfYK5dHuw80od7f1wuAVYpswi6Cziy9 /KY6/rfENvUrGTmWSh5GdDBel89ACCfFkasIKB92xhzKTfjzF/DXkc8XQZOMbt1j CsILgWMNfLPMo4Dlgdx/tYCSLLBNEtZ1/hhUcFQ3+0TzLf0GtMkvMnlBnDinqe1n 1P30fQ2I5W5NJKDPrCOnRymI6QOAPFXtMF11R81mbB9H8asft/E= =oJtZ -----END PGP SIGNATURE----- bugfixes # This is the commit message #22: Remove test parameter * # This is a combination of 26 commits. parent cecfce3 author pavel <[email protected]> 1706627437 +0200 committer pavel <[email protected]> 1706627437 +0200 gpgsig -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEqGYI3KX/FkbObQG8FABtd4pCs/AFAmW5EW0ACgkQFABtd4pC s/CK3w//WWJSFUlycnnNKTV2XfdcBjooOeZZvjpXVthwr09CCC4uO//kw4bPluhn f5fcVFdXzrY1AZ6ch8Wo3msX/Pkso014jIGd5aIWcHpNYFtffACwH/40Y8AcJNZd bsOZxVK0awPTz/RihC5eY+0J3cP+iFWP/FlYJoHEQIBXq/Eg6mWoAhxwpL/JvxbY QbLFWsRn2ckQ6ftOZgm3/jh8VLaG1zWbWImlWEs5Zel+CorJBTniTj58VbApelYD TFMgbSR2I4NGVaqNIrHePnSMsDATxalQ2nZPwY6raKCHWIbvoUPIn/OpDMMbKgC7 nCwounNmObxFVoj3xusAZppzHpKPasY8xKWb2Kr7zfhZArsOMC6B7fYqQNK0cWG3 8RR/10oheJD9M2kRlfLiqnRv7ExY08SQ/ZMo9LA8BeRUGBXhh6++8FKhKIHvX1gL k1R5W6c+NNWP+PDFsmrFpMn+LpYdl84I7yfYK5dHuw80od7f1wuAVYpswi6Cziy9 /KY6/rfENvUrGTmWSh5GdDBel89ACCfFkasIKB92xhzKTfjzF/DXkc8XQZOMbt1j CsILgWMNfLPMo4Dlgdx/tYCSLLBNEtZ1/hhUcFQ3+0TzLf0GtMkvMnlBnDinqe1n 1P30fQ2I5W5NJKDPrCOnRymI6QOAPFXtMF11R81mbB9H8asft/E= =oJtZ -----END PGP SIGNATURE----- bugfixes # This is the commit message #22: Remove test parameter # This is the commit message #23: Fix multiple bidResponse and bidTimeout calls to getPixelUrl # This is the commit message #25: eslint errors fixes(brackets added) # This is the commit message #26: Add extra checks for events * parent 75178b9 author pavel <[email protected]> 1706627694 +0200 committer pavel <[email protected]> 1706627694 +0200 gpgsig -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEqGYI3KX/FkbObQG8FABtd4pCs/AFAmW5Em4ACgkQFABtd4pC s/BBUQ/+NXyHoxPM185YJLG9M1ySC/5vTT9W5mfwQ93cVDLCeuGnpsnmi4S21NuQ b7gSeokFjwztvVOUmh/xqMp4lTsvL53TUd00b1k4KGVSqgcF00Foit5g8fOGLYsI DAoqphYV6MWjpAun+II+ELY8QUkHR1cjTc7PEGtmf+8RnptGVdyJ6C9Ab8u9TQTY Apj5Srhfo3Tl8S+WScOxwwB/uqEJR4fhIrJyzFzdLDEb2olSPyrQUs87vQXlhEnK buPEg2F5JsRH6sw11Xp3TFNSZGxNnBSlTh9dixou5md4yRCv5a2TMef667N0BVDp lGgc7mCrRKXyqzphmmeHudiscEGFjtUPObXoHutSVw22wdARFCTpNFKBLLFn4v8o Zv1OvFdNprvHsoeW0HVlZdU7OKnDTRrko6DHk2AahxojjvAFEWuDsGYZNjhdQwRR lK1zm+SFQnKI0Eojd+f84fvKod9geGs640jyH/x5R4eYm4yjZb8SkRtd3cca88wS OuGq9LIkbU428b46l7VnDwudldTXPUU8eKfUtFRjdGtIWH9I3tK6TsRoCfTcXkv0 smxYiiU1XHjAkkPFWQWEeFdfZ071snFKVWouU0AoKiq+PdRoS8+3AJqIQUjlA2sH AybnSkv9KxY/Rs1bnvMubsQm1GF66qVrbxBU6FILBv1JZYwj4yA= =Gbog -----END PGP SIGNATURE----- bugfixes update setupadBidAdapter_spec.js REPORT_ENDPOINT update readme Revert "Merge branch 'prebid:master' into setupad-adapter" This reverts commit 1c14dbe, reversing changes made to 7fe9ea5. Revert "Revert "Merge branch 'prebid:master' into setupad-adapter"" This reverts commit a34e3e4. * change double quote to single quote --------- Co-authored-by: pavel <[email protected]> Co-authored-by: Elgars Grodnis <[email protected]> * bugfix setupadBidAdapter remove getAdEl, spelling correction * add onBidWon event onBidWon event handling moved from custom to native onBidWon method * minor bugfixes && remove funk getSiteObj && getDeviceObj --------- Co-authored-by: pavel <[email protected]> Co-authored-by: Elgars Grodnis <[email protected]>
karimMourra
pushed a commit
that referenced
this pull request
Jun 4, 2024
) * collect EIDs for bid request * add ad slot positioning to payload * RPO-2012: Update local storage name-spacing for c_uid (#8) * Updates c_uid namespacing to be more specific for concert * fixes unit tests * remove console.log * RPO-2012: Add check for shared id (#9) * Adds check for sharedId * Updates cookie name * remove trailing comma * [RPO-3152] Enable Support for GPP Consent (#12) * Adds gpp consent integration to concert bid adapter * Update tests to check for gpp consent string param * removes user sync endpoint and tests * updates comment * cleans up consentAllowsPpid function * comment fix * rename variables for clarity * fixes conditional logic for consent allows function (#13) * [RPO-3262] Update getUid function to check for pubcid and sharedid (#14) * Update getUid function to check for pubcid and sharedid * updates adapter version * [RPO-3405] Add browserLanguage to request meta object * ConcertBidAdapter: Add TDID (#20) * Add tdid to meta object * Fix null handling and add tests * Concert Bid Adapter: Add dealId Property to Bid Responses (#22) * adds dealid property to bid responses * updates tests * use first bid for tests * adds dealid at the correct level --------- Co-authored-by: antoin <[email protected]> Co-authored-by: Antoin <[email protected]> Co-authored-by: Sam Ghitelman <[email protected]> Co-authored-by: Sam Ghitelman <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updates dset to fix the security issue outlined in the Patches section of https://github.com/lukeed/dset/releases/tag/v2.1.0