@freshjuice/zest 0.1.0 → 1.0.0

package/README.md

@@ -1,5 +1,10 @@
 # Zest 🍋
 
+[![npm](https://img.shields.io/npm/v/@freshjuice/zest)](https://www.npmjs.com/package/@freshjuice/zest)
+[![License](https://img.shields.io/badge/license-MIT-green)](LICENSE)
+[![GitHub stars](https://img.shields.io/github/stars/freshjuice-dev/zest)](https://github.com/freshjuice-dev/zest/stargazers)
+[![GitHub forks](https://img.shields.io/github/forks/freshjuice-dev/zest)](https://github.com/freshjuice-dev/zest/network/members)
+
 A lightweight cookie consent toolkit for GDPR/CCPA compliance.
 
 - **Lightweight** - ~9KB gzipped (single language) / ~14KB (all 12 languages)
@@ -187,6 +192,47 @@ document.addEventListener('zest:ready', (e) => {
 });
 ```
 
+## Google Consent Mode v2 / Microsoft UET Consent Mode
+
+Zest can optionally push consent signals to Google and Microsoft advertising APIs. Both are **disabled by default**.
+
+### Enable via JavaScript
+
+```javascript
+window.ZestConfig = {
+  consentModeGoogle: true,    // Google Consent Mode v2
+  consentModeMicrosoft: true  // Microsoft UET Consent Mode
+};
+```
+
+### Enable via data attributes
+
+```html
+<script
+  src="zest.min.js"
+  data-consent-mode-google="true"
+  data-consent-mode-microsoft="true"
+></script>
+```
+
+### How it works
+
+When enabled, Zest automatically:
+
+1. Pushes a `'default'` denied state on page load (before any tracking scripts fire)
+2. Pushes an `'update'` with the correct consent state whenever the user makes a choice
+
+### Category mapping
+
+| Zest Category | Google Consent Mode v2 Signals | Microsoft UET Signal |
+|---|---|---|
+| `essential` | `functionality_storage: 'granted'` (always) | — |
+| `functional` | `personalization_storage` | — |
+| `analytics` | `analytics_storage` | — |
+| `marketing` | `ad_storage`, `ad_user_data`, `ad_personalization` | `ad_storage` |
+
+No additional setup is needed — just include your Google Analytics/GTM or Microsoft UET tags as usual and Zest will handle the consent signaling.
+
 ## Localization
 
 Zest has **built-in translations** with auto-detection.

package/dist/zest.de.js

@@ -842,6 +842,78 @@ var Zest = (function () {
     return { enabled: false, source: null };
   }
 
+  /**
+   * Consent Signals - Optional vendor consent mode integrations
+   *
+   * Pushes consent state to Google Consent Mode v2 and/or Microsoft UET
+   * Consent Mode when enabled via config.
+   */
+
+  /**
+   * Map Zest consent state to Google Consent Mode v2 signals
+   */
+  function toGoogleSignals(consent) {
+    const g = (val) => val ? 'granted' : 'denied';
+    return {
+      ad_storage: g(consent.marketing),
+      ad_user_data: g(consent.marketing),
+      ad_personalization: g(consent.marketing),
+      analytics_storage: g(consent.analytics),
+      functionality_storage: 'granted', // essential is always true
+      personalization_storage: g(consent.functional)
+    };
+  }
+
+  /**
+   * Push consent signal to Google via gtag or dataLayer fallback.
+   * Uses a local function to preserve the `arguments` object shape
+   * that gtag/dataLayer expects (not an array).
+   */
+  function pushGoogle(type, signals) {
+    window.dataLayer = window.dataLayer || [];
+    if (typeof window.gtag === 'function') {
+      window.gtag('consent', type, signals);
+    } else {
+      function gtagFallback() { window.dataLayer.push(arguments); }
+      gtagFallback('consent', type, signals);
+    }
+  }
+
+  /**
+   * Map Zest consent state to Microsoft UET signal.
+   * Microsoft UET only exposes ad_storage.
+   */
+  function toMicrosoftSignals(consent) {
+    return { ad_storage: consent.marketing ? 'granted' : 'denied' };
+  }
+
+  /**
+   * Push consent signal to Microsoft UET
+   */
+  function pushMicrosoft(type, signals) {
+    window.uetq = window.uetq || [];
+    window.uetq.push('consent', type, signals);
+  }
+
+  /**
+   * Apply consent signals to enabled vendor integrations.
+   *
+   * @param {Object} consent    Current Zest consent state
+   * @param {Object} config     Merged Zest config
+   * @param {boolean} isDefault true on first call (pushes 'default'), false for updates
+   */
+  function applyConsentSignals(consent, config, isDefault) {
+    const type = isDefault ? 'default' : 'update';
+
+    if (config.consentModeGoogle) {
+      pushGoogle(type, toGoogleSignals(consent));
+    }
+
+    if (config.consentModeMicrosoft) {
+      pushMicrosoft(type, toMicrosoftSignals(consent));
+    }
+  }
+
   /**
    * DE only translation - auto-generated
    * Do not edit manually, run: npm run build
@@ -953,6 +1025,10 @@ var Zest = (function () {
     // Custom styles to inject into Shadow DOM
     customStyles: '',
 
+    // Vendor consent mode integrations (optional)
+    consentModeGoogle: false,
+    consentModeMicrosoft: false,
+
     // Blocking mode: 'manual' | 'safe' | 'strict' | 'doomsday'
     mode: 'safe',
 
@@ -983,7 +1059,7 @@ var Zest = (function () {
     }
 
     // Simple properties
-    const simpleKeys = ['lang', 'position', 'theme', 'accentColor', 'autoInit', 'showWidget', 'expiration', 'policyUrl', 'imprintUrl', 'customStyles', 'mode', 'blockedDomains', 'respectDNT', 'dntBehavior'];
+    const simpleKeys = ['lang', 'position', 'theme', 'accentColor', 'autoInit', 'showWidget', 'expiration', 'policyUrl', 'imprintUrl', 'customStyles', 'mode', 'blockedDomains', 'respectDNT', 'dntBehavior', 'consentModeGoogle', 'consentModeMicrosoft'];
     for (const key of simpleKeys) {
       if (userConfig[key] !== undefined) {
         config[key] = userConfig[key];
@@ -1093,6 +1169,13 @@ var Zest = (function () {
     const expiration = script.getAttribute('data-expiration');
     if (expiration) config.expiration = parseInt(expiration, 10);
 
+    // Consent mode integrations
+    const consentModeGoogle = script.getAttribute('data-consent-mode-google');
+    if (consentModeGoogle !== null) config.consentModeGoogle = consentModeGoogle !== 'false';
+
+    const consentModeMicrosoft = script.getAttribute('data-consent-mode-microsoft');
+    if (consentModeMicrosoft !== null) config.consentModeMicrosoft = consentModeMicrosoft !== 'false';
+
     return config;
   }
 
@@ -2324,6 +2407,8 @@ ${config.customStyles || ''}
     const result = acceptAll(config.expiration);
     const categories = getCategoryIds();
 
+    applyConsentSignals(result.current, config, false);
+
     hideBanner();
     hideModal();
 
@@ -2345,6 +2430,8 @@ ${config.customStyles || ''}
   function handleRejectAll() {
     const result = rejectAll(config.expiration);
 
+    applyConsentSignals(result.current, config, false);
+
     hideBanner();
     hideModal();
 
@@ -2364,6 +2451,8 @@ ${config.customStyles || ''}
   function handleSavePreferences(selections) {
     const result = updateConsent(selections, config.expiration);
 
+    applyConsentSignals(result.current, config, false);
+
     // Find newly allowed categories
     const newlyAllowed = Object.keys(result.current).filter(
       cat => result.current[cat] && !result.previous[cat]
@@ -2442,6 +2531,13 @@ ${config.customStyles || ''}
     // Merge config
     config = setConfig(userConfig);
 
+    // Push default denied state to vendor consent mode APIs (must happen before scripts load)
+    applyConsentSignals(
+      { functional: false, analytics: false, marketing: false },
+      config,
+      true
+    );
+
     // Set patterns if provided
     if (config.patterns) {
       setPatterns(config.patterns);
@@ -2462,6 +2558,11 @@ ${config.customStyles || ''}
 
     initialized = true;
 
+    // Push update for returning visitors with saved consent
+    if (hasConsentDecision()) {
+      applyConsentSignals(consent, config, false);
+    }
+
     // Check Do Not Track / Global Privacy Control
     const dntEnabled = isDoNotTrackEnabled();
     let dntApplied = false;
@@ -2472,6 +2573,8 @@ ${config.customStyles || ''}
         const result = rejectAll(config.expiration);
         dntApplied = true;
 
+        applyConsentSignals(result.current, config, false);
+
         // Emit events
         emitReject(result.current);
         emitChange(result.current, result.previous);