Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: update dset to fix a security issue #14

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

jwbrandon
Copy link

Updates dset to fix the security issue outlined in the Patches section of https://github.com/lukeed/dset/releases/tag/v2.1.0

karimMourra pushed a commit that referenced this pull request Nov 3, 2022
…ebid#9125)

* Improve Digital adapter: publisher endpoint, addtl consent, syncs (#14)

- add bidders to sync url when extend mode enabled
- set ConsentedProvidersSettings when extend mode enabled
- dynamically generated AD_SERVER_URL when publisherId available

* Code refactored

* Minor changes

Co-authored-by: Faisal Islam <[email protected]>
Co-authored-by: Faisal Islam <[email protected]>
karimMourra pushed a commit that referenced this pull request Apr 5, 2023
* Improve Digital adapter: publisher endpoint, addtl consent, syncs (#14)

- add bidders to sync url when extend mode enabled
- set ConsentedProvidersSettings when extend mode enabled
- dynamically generated AD_SERVER_URL when publisherId available

* Code refactored

* Minor changes

* Fix an issue where uppercase </SCRIPT> tags broke the JS on page, as they were not properly escaped

* fixed tests

---------

Co-authored-by: Faisal Islam <[email protected]>
Co-authored-by: Faisal Islam <[email protected]>
Co-authored-by: Jozef Bartek <[email protected]>
Co-authored-by: Jozef Bartek <[email protected]>
karimMourra pushed a commit that referenced this pull request May 10, 2023
)

* collect EIDs for bid request

* add ad slot positioning to payload

* RPO-2012: Update local storage name-spacing for c_uid (#8)

* Updates c_uid namespacing to be more specific for concert

* fixes unit tests

* remove console.log

* RPO-2012: Add check for shared id (#9)

* Adds check for sharedId

* Updates cookie name

* remove trailing comma

* [RPO-3152] Enable Support for GPP Consent (#12)

* Adds gpp consent integration to concert bid adapter

* Update tests to check for gpp consent string param

* removes user sync endpoint and tests

* updates comment

* cleans up consentAllowsPpid function

* comment fix

* rename variables for clarity

* fixes conditional logic for consent allows function (#13)

* [RPO-3262] Update getUid function to check for pubcid and sharedid (#14)

* Update getUid function to check for pubcid and sharedid

* updates adapter version

---------

Co-authored-by: antoin <[email protected]>
Co-authored-by: Antoin <[email protected]>
karimMourra pushed a commit that referenced this pull request May 10, 2023
* pageURL pull from topmostLocation

* Kargo: Support for client hints (#9)

* Starting SUA support

* Kargo: Adding support for client hints

* Adding tests for sua

* Kargo: Update referer logic

* Refactor of Kargo Prebid adapter.

* PR comments addressed.

* Feedback addressed.

* Pr comments addressed.

* Continuing refactor of Kargo Bid adapter.

* Logic adjustment to exclude values when not present. Relying on server defaults.

* Updating unit tests.

* PR feedback addressed.

* Refactoring bid adapter functions.

* PR feedback addressed.

* Additional refactoring.

* Refactoring for each to use Object entries.

* Minor fixes.

* Minor fixes.

* Minor fixes.

* TDID and linting updates

* Conflicts resolved with master.

* Re-adding raw CRB storage (#14)

* Updating shared IDs object name

* Fixing missing ad markup

* Removing package json changes. Fixing unit tests broken by recent changes.

* Linting

* send requestCount even when it is 0 for BTO (#18)

* Reverting package.json change

* Reverting package-lock.json changes

* Cleanup

* Test cleanup

* Test fix

Test fix

All tests fixed

* Adding test for TDID

* Resolving merge issue

---------

Co-authored-by: Neil Flynn <[email protected]>
Co-authored-by: Julian Gan <[email protected]>
jorgeluisrocha pushed a commit that referenced this pull request May 23, 2023
…ebid#9125)

* Improve Digital adapter: publisher endpoint, addtl consent, syncs (#14)

- add bidders to sync url when extend mode enabled
- set ConsentedProvidersSettings when extend mode enabled
- dynamically generated AD_SERVER_URL when publisherId available

* Code refactored

* Minor changes

Co-authored-by: Faisal Islam <[email protected]>
Co-authored-by: Faisal Islam <[email protected]>
jorgeluisrocha pushed a commit that referenced this pull request May 23, 2023
* Improve Digital adapter: publisher endpoint, addtl consent, syncs (#14)

- add bidders to sync url when extend mode enabled
- set ConsentedProvidersSettings when extend mode enabled
- dynamically generated AD_SERVER_URL when publisherId available

* Code refactored

* Minor changes

* Fix an issue where uppercase </SCRIPT> tags broke the JS on page, as they were not properly escaped

* fixed tests

---------

Co-authored-by: Faisal Islam <[email protected]>
Co-authored-by: Faisal Islam <[email protected]>
Co-authored-by: Jozef Bartek <[email protected]>
Co-authored-by: Jozef Bartek <[email protected]>
jorgeluisrocha pushed a commit that referenced this pull request May 23, 2023
)

* collect EIDs for bid request

* add ad slot positioning to payload

* RPO-2012: Update local storage name-spacing for c_uid (#8)

* Updates c_uid namespacing to be more specific for concert

* fixes unit tests

* remove console.log

* RPO-2012: Add check for shared id (#9)

* Adds check for sharedId

* Updates cookie name

* remove trailing comma

* [RPO-3152] Enable Support for GPP Consent (#12)

* Adds gpp consent integration to concert bid adapter

* Update tests to check for gpp consent string param

* removes user sync endpoint and tests

* updates comment

* cleans up consentAllowsPpid function

* comment fix

* rename variables for clarity

* fixes conditional logic for consent allows function (#13)

* [RPO-3262] Update getUid function to check for pubcid and sharedid (#14)

* Update getUid function to check for pubcid and sharedid

* updates adapter version

---------

Co-authored-by: antoin <[email protected]>
Co-authored-by: Antoin <[email protected]>
jorgeluisrocha pushed a commit that referenced this pull request May 23, 2023
* pageURL pull from topmostLocation

* Kargo: Support for client hints (#9)

* Starting SUA support

* Kargo: Adding support for client hints

* Adding tests for sua

* Kargo: Update referer logic

* Refactor of Kargo Prebid adapter.

* PR comments addressed.

* Feedback addressed.

* Pr comments addressed.

* Continuing refactor of Kargo Bid adapter.

* Logic adjustment to exclude values when not present. Relying on server defaults.

* Updating unit tests.

* PR feedback addressed.

* Refactoring bid adapter functions.

* PR feedback addressed.

* Additional refactoring.

* Refactoring for each to use Object entries.

* Minor fixes.

* Minor fixes.

* Minor fixes.

* TDID and linting updates

* Conflicts resolved with master.

* Re-adding raw CRB storage (#14)

* Updating shared IDs object name

* Fixing missing ad markup

* Removing package json changes. Fixing unit tests broken by recent changes.

* Linting

* send requestCount even when it is 0 for BTO (#18)

* Reverting package.json change

* Reverting package-lock.json changes

* Cleanup

* Test cleanup

* Test fix

Test fix

All tests fixed

* Adding test for TDID

* Resolving merge issue

---------

Co-authored-by: Neil Flynn <[email protected]>
Co-authored-by: Julian Gan <[email protected]>
karimMourra pushed a commit that referenced this pull request Oct 3, 2023
…ebid#10356)

* collect EIDs for bid request

* add ad slot positioning to payload

* RPO-2012: Update local storage name-spacing for c_uid (#8)

* Updates c_uid namespacing to be more specific for concert

* fixes unit tests

* remove console.log

* RPO-2012: Add check for shared id (#9)

* Adds check for sharedId

* Updates cookie name

* remove trailing comma

* [RPO-3152] Enable Support for GPP Consent (#12)

* Adds gpp consent integration to concert bid adapter

* Update tests to check for gpp consent string param

* removes user sync endpoint and tests

* updates comment

* cleans up consentAllowsPpid function

* comment fix

* rename variables for clarity

* fixes conditional logic for consent allows function (#13)

* [RPO-3262] Update getUid function to check for pubcid and sharedid (#14)

* Update getUid function to check for pubcid and sharedid

* updates adapter version

* [RPO-3405] Add browserLanguage to request meta object

---------

Co-authored-by: antoin <[email protected]>
Co-authored-by: Antoin <[email protected]>
Co-authored-by: Brett Bloxom <[email protected]>
karimMourra pushed a commit that referenced this pull request Oct 3, 2023
* collect EIDs for bid request

* add ad slot positioning to payload

* RPO-2012: Update local storage name-spacing for c_uid (#8)

* Updates c_uid namespacing to be more specific for concert

* fixes unit tests

* remove console.log

* RPO-2012: Add check for shared id (#9)

* Adds check for sharedId

* Updates cookie name

* remove trailing comma

* [RPO-3152] Enable Support for GPP Consent (#12)

* Adds gpp consent integration to concert bid adapter

* Update tests to check for gpp consent string param

* removes user sync endpoint and tests

* updates comment

* cleans up consentAllowsPpid function

* comment fix

* rename variables for clarity

* fixes conditional logic for consent allows function (#13)

* [RPO-3262] Update getUid function to check for pubcid and sharedid (#14)

* Update getUid function to check for pubcid and sharedid

* updates adapter version

* [RPO-3405] Add browserLanguage to request meta object

* ConcertBidAdapter: Add TDID (#20)

* Add tdid to meta object

* Fix null handling and add tests

---------

Co-authored-by: antoin <[email protected]>
Co-authored-by: Antoin <[email protected]>
Co-authored-by: Brett Bloxom <[email protected]>
karimMourra pushed a commit that referenced this pull request Mar 6, 2024
* BeOp Bid Adapter: Add eids support (#14)

* Fix tests
karimMourra pushed a commit that referenced this pull request Mar 6, 2024
* PE-87: Implement Prebid Adapter (#1)

* PE-87: implement BT Bid Adapter

* PE-87: rework adapter to use ortbConverter lib, make requested changes

* PE-87: update imports

* PE-110: Add user sync logic to the Prebid Adapter (#3)

* PE-110: add user sync logic

* PE-110: update userSync url

* PE-110: check if iframe is enabled before setting params

* PE-111: BT Prebid Adapter can request AA ads or regular ads (#2)

* PE-120: Send Prebid Bidder info to BT Server (#4)

* PE-120: add btBidderCode to the bid object

* PE-120: use single quotes for logs string

* PE-123: Add More Metadata in site.ext.blockthrough (#5)

* PE-123: send additional meta data

* PE-123: send auctionID under imp.ext.prebid.blockthrough

* PE-123: use ortb2 config to set site.ext params

* PE-123: sent auctionId in ext.prebid.blockthrough.auctionID

* PE-123: update logs for bidderConfig setup

* PE-000: check if blockthrough is defined (#6)

* PE-87: remove BT specific logic (#7)

* Implement Blockthrough Prebid Adapter

* PE-87: Implement Prebid Adapter - misc fixes (#9)

* PE-87: rename test file, add bidder config

* PE-87: increase ttl

* PE-000: fix test

* BP-74: Change the way we enable debug (#10)

* BP-79: Send GPID as a part of `imp[].ext` (#11)

* BP-79: send gpid in imp.ext

* BP-79: add optional operator

* BP-90: Update Cookie Sync Logic (#12)

* BP-90: pass bidder to cookie sync

* BP-90: update sync logic, fix typo

* BP-90: use const for syncs variable

* BP-55: Re-add endpoint URLs (#13)

* BP-91: Add prebid JS version to auction request (#14)
karimMourra pushed a commit that referenced this pull request Apr 12, 2024
* create setupadBidAdapter

* add setupadBidAdapter

* update setupadBidAdapter

* update metrics collection

* update analytics collection

* update getUserSyncs

* add setupadAnalyticsAdapter.js

* test setupadAnalyticsAdapter

* remove test: 1

* add GVLID && bug fixes && test updates

* remove setupadAnalyticsAdapter

* add userID module handling

* add GVLID && bug fixes && test updates

* remove setupadAnalyticsAdapter

* add userID module handling

* clean up && seat bugfix

* clean up logs

* add userID module handling

* update md && clean up

* Send setupad only on bidRequested

* Fix bidResponse and bidWon responses

* Improve bidResponse and bidWon logic

* Revert changes to specific files

* Remove test parameter

* Fix multiple bidResponse and bidTimeout calls to getPixelUrl

* eslint errors fixes(brackets added)

* Add extra checks for events

* Fix BIDDER_CODE const

* update reporting endpoint

* update setupadBidAdapter_spec.js REPORT_ENDPOINT

* update readme

* Revert "Merge branch 'prebid:master' into setupad-adapter"

This reverts commit 1c14dbe, reversing
changes made to 7fe9ea5.

* Revert "Revert "Merge branch 'prebid:master' into setupad-adapter""

This reverts commit a34e3e4.

* # This is a combination of 20 commits.
# This is the 1st commit message:

add setupadBidAdapter

# This is the commit message #2:

update setupadBidAdapter

# This is the commit message #3:

update metrics collection

# This is the commit message #4:

update analytics collection

# This is the commit message #5:

update getUserSyncs

# This is the commit message #6:

add setupadAnalyticsAdapter.js

# This is the commit message #7:

test setupadAnalyticsAdapter

# This is the commit message #8:

remove test: 1

# This is the commit message #9:

add GVLID && bug fixes && test updates

# This is the commit message #10:

remove setupadAnalyticsAdapter

# This is the commit message #11:

add userID module handling

# This is the commit message #12:

clean up && seat bugfix

# This is the commit message #13:

add userID module handling

# This is the commit message #14:

add GVLID && bug fixes && test updates

# This is the commit message #15:

remove setupadAnalyticsAdapter

# This is the commit message #16:

add userID module handling

# This is the commit message #17:

clean up logs

# This is the commit message #18:

update md && clean up

# This is the commit message #19:

Send setupad only on bidRequested

# This is the commit message #20:

Fix bidResponse and bidWon responses

* # This is a combination of 22 commits.tree 8abae7e6dffc9a21ad11770713ba485fc610028a
parent cecfce3
author pavel <[email protected]> 1706627437 +0200
committer pavel <[email protected]> 1706627437 +0200
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEqGYI3KX/FkbObQG8FABtd4pCs/AFAmW5EW0ACgkQFABtd4pC
 s/CK3w//WWJSFUlycnnNKTV2XfdcBjooOeZZvjpXVthwr09CCC4uO//kw4bPluhn
 f5fcVFdXzrY1AZ6ch8Wo3msX/Pkso014jIGd5aIWcHpNYFtffACwH/40Y8AcJNZd
 bsOZxVK0awPTz/RihC5eY+0J3cP+iFWP/FlYJoHEQIBXq/Eg6mWoAhxwpL/JvxbY
 QbLFWsRn2ckQ6ftOZgm3/jh8VLaG1zWbWImlWEs5Zel+CorJBTniTj58VbApelYD
 TFMgbSR2I4NGVaqNIrHePnSMsDATxalQ2nZPwY6raKCHWIbvoUPIn/OpDMMbKgC7
 nCwounNmObxFVoj3xusAZppzHpKPasY8xKWb2Kr7zfhZArsOMC6B7fYqQNK0cWG3
 8RR/10oheJD9M2kRlfLiqnRv7ExY08SQ/ZMo9LA8BeRUGBXhh6++8FKhKIHvX1gL
 k1R5W6c+NNWP+PDFsmrFpMn+LpYdl84I7yfYK5dHuw80od7f1wuAVYpswi6Cziy9
 /KY6/rfENvUrGTmWSh5GdDBel89ACCfFkasIKB92xhzKTfjzF/DXkc8XQZOMbt1j
 CsILgWMNfLPMo4Dlgdx/tYCSLLBNEtZ1/hhUcFQ3+0TzLf0GtMkvMnlBnDinqe1n
 1P30fQ2I5W5NJKDPrCOnRymI6QOAPFXtMF11R81mbB9H8asft/E=
 =oJtZ
 -----END PGP SIGNATURE-----

bugfixes

# This is the commit message #22:

Remove test parameter

* # This is a combination of 26 commits.
parent cecfce3
author pavel <[email protected]> 1706627437 +0200
committer pavel <[email protected]> 1706627437 +0200
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEqGYI3KX/FkbObQG8FABtd4pCs/AFAmW5EW0ACgkQFABtd4pC
 s/CK3w//WWJSFUlycnnNKTV2XfdcBjooOeZZvjpXVthwr09CCC4uO//kw4bPluhn
 f5fcVFdXzrY1AZ6ch8Wo3msX/Pkso014jIGd5aIWcHpNYFtffACwH/40Y8AcJNZd
 bsOZxVK0awPTz/RihC5eY+0J3cP+iFWP/FlYJoHEQIBXq/Eg6mWoAhxwpL/JvxbY
 QbLFWsRn2ckQ6ftOZgm3/jh8VLaG1zWbWImlWEs5Zel+CorJBTniTj58VbApelYD
 TFMgbSR2I4NGVaqNIrHePnSMsDATxalQ2nZPwY6raKCHWIbvoUPIn/OpDMMbKgC7
 nCwounNmObxFVoj3xusAZppzHpKPasY8xKWb2Kr7zfhZArsOMC6B7fYqQNK0cWG3
 8RR/10oheJD9M2kRlfLiqnRv7ExY08SQ/ZMo9LA8BeRUGBXhh6++8FKhKIHvX1gL
 k1R5W6c+NNWP+PDFsmrFpMn+LpYdl84I7yfYK5dHuw80od7f1wuAVYpswi6Cziy9
 /KY6/rfENvUrGTmWSh5GdDBel89ACCfFkasIKB92xhzKTfjzF/DXkc8XQZOMbt1j
 CsILgWMNfLPMo4Dlgdx/tYCSLLBNEtZ1/hhUcFQ3+0TzLf0GtMkvMnlBnDinqe1n
 1P30fQ2I5W5NJKDPrCOnRymI6QOAPFXtMF11R81mbB9H8asft/E=
 =oJtZ
 -----END PGP SIGNATURE-----

bugfixes

# This is the commit message #22:

Remove test parameter

# This is the commit message #23:

Fix multiple bidResponse and bidTimeout calls to getPixelUrl

# This is the commit message #25:

eslint errors fixes(brackets added)

# This is the commit message #26:

Add extra checks for events

* parent 75178b9
author pavel <[email protected]> 1706627694 +0200
committer pavel <[email protected]> 1706627694 +0200
gpgsig -----BEGIN PGP SIGNATURE-----

 iQIzBAABCAAdFiEEqGYI3KX/FkbObQG8FABtd4pCs/AFAmW5Em4ACgkQFABtd4pC
 s/BBUQ/+NXyHoxPM185YJLG9M1ySC/5vTT9W5mfwQ93cVDLCeuGnpsnmi4S21NuQ
 b7gSeokFjwztvVOUmh/xqMp4lTsvL53TUd00b1k4KGVSqgcF00Foit5g8fOGLYsI
 DAoqphYV6MWjpAun+II+ELY8QUkHR1cjTc7PEGtmf+8RnptGVdyJ6C9Ab8u9TQTY
 Apj5Srhfo3Tl8S+WScOxwwB/uqEJR4fhIrJyzFzdLDEb2olSPyrQUs87vQXlhEnK
 buPEg2F5JsRH6sw11Xp3TFNSZGxNnBSlTh9dixou5md4yRCv5a2TMef667N0BVDp
 lGgc7mCrRKXyqzphmmeHudiscEGFjtUPObXoHutSVw22wdARFCTpNFKBLLFn4v8o
 Zv1OvFdNprvHsoeW0HVlZdU7OKnDTRrko6DHk2AahxojjvAFEWuDsGYZNjhdQwRR
 lK1zm+SFQnKI0Eojd+f84fvKod9geGs640jyH/x5R4eYm4yjZb8SkRtd3cca88wS
 OuGq9LIkbU428b46l7VnDwudldTXPUU8eKfUtFRjdGtIWH9I3tK6TsRoCfTcXkv0
 smxYiiU1XHjAkkPFWQWEeFdfZ071snFKVWouU0AoKiq+PdRoS8+3AJqIQUjlA2sH
 AybnSkv9KxY/Rs1bnvMubsQm1GF66qVrbxBU6FILBv1JZYwj4yA=
 =Gbog
 -----END PGP SIGNATURE-----

bugfixes

update setupadBidAdapter_spec.js REPORT_ENDPOINT

update readme

Revert "Merge branch 'prebid:master' into setupad-adapter"

This reverts commit 1c14dbe, reversing
changes made to 7fe9ea5.

Revert "Revert "Merge branch 'prebid:master' into setupad-adapter""

This reverts commit a34e3e4.

* change double quote to single quote

---------

Co-authored-by: pavel <[email protected]>
Co-authored-by: Elgars Grodnis <[email protected]>

* bugfix setupadBidAdapter

remove getAdEl, spelling correction

* add onBidWon event

onBidWon event handling moved from custom to native onBidWon method

* minor bugfixes && remove funk getSiteObj && getDeviceObj

---------

Co-authored-by: pavel <[email protected]>
Co-authored-by: Elgars Grodnis <[email protected]>
karimMourra pushed a commit that referenced this pull request Jun 4, 2024
)

* collect EIDs for bid request

* add ad slot positioning to payload

* RPO-2012: Update local storage name-spacing for c_uid (#8)

* Updates c_uid namespacing to be more specific for concert

* fixes unit tests

* remove console.log

* RPO-2012: Add check for shared id (#9)

* Adds check for sharedId

* Updates cookie name

* remove trailing comma

* [RPO-3152] Enable Support for GPP Consent (#12)

* Adds gpp consent integration to concert bid adapter

* Update tests to check for gpp consent string param

* removes user sync endpoint and tests

* updates comment

* cleans up consentAllowsPpid function

* comment fix

* rename variables for clarity

* fixes conditional logic for consent allows function (#13)

* [RPO-3262] Update getUid function to check for pubcid and sharedid (#14)

* Update getUid function to check for pubcid and sharedid

* updates adapter version

* [RPO-3405] Add browserLanguage to request meta object

* ConcertBidAdapter: Add TDID (#20)

* Add tdid to meta object

* Fix null handling and add tests

* Concert Bid Adapter: Add dealId Property to Bid Responses (#22)

* adds dealid property to bid responses

* updates tests

* use first bid for tests

* adds dealid at the correct level

---------

Co-authored-by: antoin <[email protected]>
Co-authored-by: Antoin <[email protected]>
Co-authored-by: Sam Ghitelman <[email protected]>
Co-authored-by: Sam Ghitelman <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant