peczenyj / GDPR-IAB-TCFv2 / 25504833662
96%
main: 96%

LAST BUILD BRANCH: devel
DEFAULT BRANCH: main
Ran
Jobs 1
Files 14
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 94.882% (-0.3%) from 95.223%
25504833662

push

github

web-flow 
feat: CMPValidator + cmp_validator rule (Phase 5) (#61)

* feat(validator): add CMPValidator and cmp_validator rule

Phase 5 / "CMP Validation".  New module
GDPR::IAB::TCFv2::CMPValidator validates a TC string's cmp_id against
a snapshot of the IAB CMP registry.  CMPs that have been retired
(deletedDate in the past relative to a configurable `now`) fail the
check; the constructor warns when the registry's lastUpdated is more
than 28 days old.

Loaders supported:
  - file => '/path/to/cmp-list.json'
  - data => '...raw json...'
  - url  => 'https://...'   (REQUIRES network_ok => 1)

Network fetch is opt-in by design.  A library that silently dials
out over the network on construction is a footgun (proxy traversal,
blocked egress, supply-chain risk); the `url` form croaks unless
network_ok is set explicitly.

The main Validator gains a `cmp_validator` rule that can be supplied
either as a CMPValidator object or as a hashref of constructor args
(auto-instantiated; matches the spec form for other rules).  Override
per-call via validate($tc, cmp_validator => $obj_or_hashref).  The
rule runs second in the chain, right after min_policy_version.

A new t/14-cmp-validator.t covers fresh/stale loading, deletedDate
semantics, error paths, the network_ok gate, and three integration
patterns (object / hashref / per-call override).

The validator_scenarios.pl golden-corpus driver gets a new
'v284_cmp_registry' scenario that exercises the rule against all
1024 corpus entries; the regenerated corpus shows healthy variance
(192 valid / 832 invalid -- the small 5-entry CMP fixture only
matches a handful of CMPs that real-world TC strings actually use).

Note: this PR supersedes #38, which was authored 38 commits behind
devel and would have reverted Validator/CLI work shipped in v0.370.
The new test file is renamed t/14-cmp-validator.t to avoid colliding
with t/08-golden-validator.t (added in #58).

* chore(corpus): regenerate golden.jsonl.gz with CMP scenario

Adds tes... (continued)

68 of 75 new or added lines in 2 files covered. (90.67%)

964 of 1016 relevant lines covered (94.88%)

11596.25 hits per line

Uncovered Changes

Lines Coverage File
7
87.72
 lib/GDPR/IAB/TCFv2/CMPValidator.pm
Jobs
ID Job ID Ran Files Coverage
1 25504833662.1 14
94.88
 GitHub Action Run
Source Files on build 25504833662