peczenyj / lua-gdpr-iab-tcfv2 / 26566825408
91%
devel: 91%

LAST BUILD BRANCH: refs/pull/28/merge
DEFAULT BRANCH: devel
Ran
Jobs 1
Files 11
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 90.524% (+0.8%) from 89.694%
26566825408

push

github

web-flow 
chore(release): 0.2.2 (#27)

* chore(security): SLSA Build L2 claim, action SHA-pinning, and OpenSSF Scorecard (#25)

* docs(security): claim SLSA Build Level 2 for releases

State the SLSA v1.0 Build Track Level 2 claim explicitly in README.md
(badge, Features bullet, Supply-chain security section) and SECURITY.md
(level, basis for the L2 claim, and the gh >= 2.49 requirement for the
attestation command).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* ci(security): pin GitHub Actions to commit SHAs

Replace mutable tag/branch refs (@v4, @v2, @master, @v1) with full
commit SHAs across all workflows, keeping a version comment for
readability. Immutable refs prevent a compromised or retagged action
from silently entering the build.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

* ci(security): add OpenSSF Scorecard workflow and badge

Add the OpenSSF Scorecard analysis workflow (scheduled, on push to the
default branch, and on branch-protection changes) with results published
to the OpenSSF API and the code-scanning dashboard. Add the Scorecard
badge to README.md and note action SHA-pinning in the Supply-chain
security section.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>

* feat(validator): align with Go lib-gdpr strict-path semantics (#26)

Port the Go lib-gdpr 'redesign' branch strict-path semantics (the parity
target the Perl reference now mirrors in lib/GDPR/IAB/TCFv2/Validator.pm
and t/18-go-parity.t) to the Lua validator.

Behavioural changes:
- min_tcf_policy_version >= 5 auto-enables verify_disclosed_vendors
  (Go: verifyDisclosedVendors ||= MinTcfPolicyVersion >= 5). The
  constructor shallow-copies config so the caller's table is never
  mutated.
- New TCF_V23_DEADLINE = 17722368000 (deciseconds, since parser.created
  is the raw 36-bit TCF Created field). The strictly-after comparison
  mirrors Go's created.After(v23Deadline).
- _check_pol... (continued)

229 of 239 new or added lines in 1 file covered. (95.82%)

15 existing lines in 1 file now uncovered.

726 of 802 relevant lines covered (90.52%)

7017.78 hits per line

Uncovered Changes

Lines Coverage File
10
93.19
 0.18% src/gdpr/iab/tcfv2/validator.lua

Coverage Regressions

Lines Coverage File
15
93.19
 0.18% src/gdpr/iab/tcfv2/validator.lua
Jobs
ID Job ID Ran Files Coverage
1 26566825408.1 11
90.52
 GitHub Action Run
Source Files on build 26566825408