@slashgear/gdpr-cookie-scanner 1.0.0

package/dist/analyzers/compliance.js

@@ -0,0 +1,171 @@
+import { analyzeButtonWording, analyzeModalText } from "./wording.js";
+export function analyzeCompliance(input) {
+    const issues = [];
+    // ── A. Consent validity (0-25) ────────────────────────────────
+    let consentValidity = 25;
+    if (!input.modal.detected) {
+        issues.push({
+            type: "no-reject-button",
+            severity: "critical",
+            description: "No cookie consent modal detected",
+            evidence: "A consent mechanism is required before depositing non-essential cookies",
+        });
+        consentValidity = 0;
+    }
+    else {
+        // Wording analysis
+        const wordingResult = analyzeButtonWording(input.modal.buttons);
+        const textResult = analyzeModalText(input.modal.text);
+        issues.push(...wordingResult.issues, ...textResult.issues);
+        // Pre-ticked checkboxes
+        const preTicked = input.modal.checkboxes.filter((c) => c.isCheckedByDefault);
+        if (preTicked.length > 0) {
+            issues.push({
+                type: "pre-ticked",
+                severity: "critical",
+                description: `${preTicked.length} checkbox(es) pre-ticked by default`,
+                evidence: `Pre-ticked boxes are invalid consent under RGPD Recital 32. Affected: ${preTicked.map((c) => c.label || c.name).join(", ")}`,
+            });
+            consentValidity -= 10;
+        }
+        // Missing info deductions
+        if (textResult.missingInfo.includes("purposes"))
+            consentValidity -= 5;
+        if (textResult.missingInfo.includes("third-parties"))
+            consentValidity -= 5;
+        if (textResult.missingInfo.length >= 3)
+            consentValidity -= 5;
+    }
+    // ── B. Easy refusal (0-25) ────────────────────────────────────
+    let easyRefusal = 25;
+    if (!input.modal.detected) {
+        easyRefusal = 0;
+    }
+    else {
+        const acceptButton = input.modal.buttons.find((b) => b.type === "accept");
+        const rejectButton = input.modal.buttons.find((b) => b.type === "reject");
+        if (!rejectButton) {
+            issues.push({
+                type: "buried-reject",
+                severity: "critical",
+                description: "No reject button on first layer",
+                evidence: "CNIL (2022) requires reject to require no more clicks than accept",
+            });
+            easyRefusal -= 15;
+        }
+        else if (rejectButton.clickDepth > (acceptButton?.clickDepth ?? 1)) {
+            issues.push({
+                type: "click-asymmetry",
+                severity: "critical",
+                description: "Reject requires more clicks than accept",
+                evidence: `Accept: ${acceptButton?.clickDepth ?? 1} click(s), Reject: ${rejectButton.clickDepth} click(s)`,
+            });
+            easyRefusal -= 15;
+        }
+        // Visual asymmetry: if accept button is significantly larger/more prominent
+        if (acceptButton && rejectButton && acceptButton.boundingBox && rejectButton.boundingBox) {
+            const acceptArea = acceptButton.boundingBox.width * acceptButton.boundingBox.height;
+            const rejectArea = rejectButton.boundingBox.width * rejectButton.boundingBox.height;
+            if (acceptArea > rejectArea * 3) {
+                issues.push({
+                    type: "asymmetric-prominence",
+                    severity: "warning",
+                    description: "Accept button is significantly larger than reject button",
+                    evidence: `Accept area: ${Math.round(acceptArea)}px², Reject area: ${Math.round(rejectArea)}px²`,
+                });
+                easyRefusal -= 5;
+            }
+        }
+        // Font size asymmetry
+        if (acceptButton?.fontSize && rejectButton?.fontSize) {
+            if (acceptButton.fontSize > rejectButton.fontSize * 1.3) {
+                issues.push({
+                    type: "nudging",
+                    severity: "warning",
+                    description: "Accept button font is significantly larger than reject button",
+                    evidence: `Accept: ${acceptButton.fontSize}px, Reject: ${rejectButton.fontSize}px`,
+                });
+                easyRefusal -= 5;
+            }
+        }
+    }
+    // ── C. Transparency (0-25) ────────────────────────────────────
+    let transparency = 25;
+    if (!input.modal.detected) {
+        transparency = 0;
+    }
+    else {
+        if (!input.modal.hasGranularControls) {
+            transparency -= 10;
+        }
+        // Already deducted in consentValidity for missing info
+        const wordingResult = analyzeModalText(input.modal.text);
+        if (wordingResult.missingInfo.length > 0) {
+            transparency -= wordingResult.missingInfo.length * 3;
+        }
+    }
+    // ── D. Cookie behavior (0-25) ─────────────────────────────────
+    let cookieBehavior = 25;
+    // Cookies deposited before any interaction that require consent
+    const illegalPreConsentCookies = input.cookiesBeforeInteraction.filter((c) => c.requiresConsent);
+    if (illegalPreConsentCookies.length > 0) {
+        issues.push({
+            type: "auto-consent",
+            severity: "critical",
+            description: `${illegalPreConsentCookies.length} non-essential cookie(s) deposited before any interaction`,
+            evidence: illegalPreConsentCookies.map((c) => `${c.name} (${c.category})`).join(", "),
+        });
+        cookieBehavior -= Math.min(20, illegalPreConsentCookies.length * 4);
+    }
+    // Non-essential cookies persisting after reject
+    const consentCookiesAfterReject = input.cookiesAfterReject.filter((c) => c.requiresConsent && c.capturedAt === "after-reject");
+    if (consentCookiesAfterReject.length > 0) {
+        issues.push({
+            type: "auto-consent",
+            severity: "critical",
+            description: `${consentCookiesAfterReject.length} non-essential cookie(s) persist after rejection`,
+            evidence: consentCookiesAfterReject.map((c) => `${c.name} (${c.category})`).join(", "),
+        });
+        cookieBehavior -= Math.min(15, consentCookiesAfterReject.length * 3);
+    }
+    // Network trackers firing before interaction
+    const preInteractionTrackers = input.networkBeforeInteraction.filter((r) => r.trackerCategory !== null && r.trackerCategory !== "cdn");
+    if (preInteractionTrackers.length > 0) {
+        issues.push({
+            type: "auto-consent",
+            severity: "critical",
+            description: `${preInteractionTrackers.length} tracker request(s) fired before any consent`,
+            evidence: [...new Set(preInteractionTrackers.map((r) => r.trackerName ?? r.url))]
+                .slice(0, 5)
+                .join(", "),
+        });
+        cookieBehavior -= Math.min(10, preInteractionTrackers.length * 2);
+    }
+    // Clamp all scores
+    const clamp = (v) => Math.max(0, Math.min(25, v));
+    const breakdown = {
+        consentValidity: clamp(consentValidity),
+        easyRefusal: clamp(easyRefusal),
+        transparency: clamp(transparency),
+        cookieBehavior: clamp(cookieBehavior),
+    };
+    const total = Object.values(breakdown).reduce((a, b) => a + b, 0);
+    return {
+        total,
+        breakdown,
+        issues,
+        grade: scoreToGrade(total),
+    };
+}
+function scoreToGrade(score) {
+    if (score >= 90)
+        return "A";
+    if (score >= 75)
+        return "B";
+    if (score >= 55)
+        return "C";
+    if (score >= 35)
+        return "D";
+    return "F";
+}
+//# sourceMappingURL=compliance.js.map

package/dist/analyzers/compliance.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"compliance.js","sourceRoot":"","sources":["../../src/analyzers/compliance.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAYtE,MAAM,UAAU,iBAAiB,CAAC,KAAsB;IACtD,MAAM,MAAM,GAAuB,EAAE,CAAC;IAEtC,iEAAiE;IACjE,IAAI,eAAe,GAAG,EAAE,CAAC;IAEzB,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;QAC1B,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,kBAAkB;YACxB,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,kCAAkC;YAC/C,QAAQ,EAAE,yEAAyE;SACpF,CAAC,CAAC;QACH,eAAe,GAAG,CAAC,CAAC;IACtB,CAAC;SAAM,CAAC;QACN,mBAAmB;QACnB,MAAM,aAAa,GAAG,oBAAoB,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAChE,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACtD,MAAM,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,MAAM,EAAE,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;QAE3D,wBAAwB;QACxB,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC;QAC7E,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzB,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,UAAU;gBACpB,WAAW,EAAE,GAAG,SAAS,CAAC,MAAM,qCAAqC;gBACrE,QAAQ,EAAE,yEAAyE,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aACxI,CAAC,CAAC;YACH,eAAe,IAAI,EAAE,CAAC;QACxB,CAAC;QAED,0BAA0B;QAC1B,IAAI,UAAU,CAAC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC;YAAE,eAAe,IAAI,CAAC,CAAC;QACtE,IAAI,UAAU,CAAC,WAAW,CAAC,QAAQ,CAAC,eAAe,CAAC;YAAE,eAAe,IAAI,CAAC,CAAC;QAC3E,IAAI,UAAU,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC;YAAE,eAAe,IAAI,CAAC,CAAC;IAC/D,CAAC;IAED,iEAAiE;IACjE,IAAI,WAAW,GAAG,EAAE,CAAC;IAErB,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;QAC1B,WAAW,GAAG,CAAC,CAAC;IAClB,CAAC;SAAM,CAAC;QACN,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;QAC1E,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;QAE1E,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,eAAe;gBACrB,QAAQ,EAAE,UAAU;gBACpB,WAAW,EAAE,iCAAiC;gBAC9C,QAAQ,EAAE,mEAAmE;aAC9E,CAAC,CAAC;YACH,WAAW,IAAI,EAAE,CAAC;QACpB,CAAC;aAAM,IAAI,YAAY,CAAC,UAAU,GAAG,CAAC,YAAY,EAAE,UAAU,IAAI,CAAC,CAAC,EAAE,CAAC;YACrE,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,UAAU;gBACpB,WAAW,EAAE,yCAAyC;gBACtD,QAAQ,EAAE,WAAW,YAAY,EAAE,UAAU,IAAI,CAAC,sBAAsB,YAAY,CAAC,UAAU,WAAW;aAC3G,CAAC,CAAC;YACH,WAAW,IAAI,EAAE,CAAC;QACpB,CAAC;QAED,4EAA4E;QAC5E,IAAI,YAAY,IAAI,YAAY,IAAI,YAAY,CAAC,WAAW,IAAI,YAAY,CAAC,WAAW,EAAE,CAAC;YACzF,MAAM,UAAU,GAAG,YAAY,CAAC,WAAW,CAAC,KAAK,GAAG,YAAY,CAAC,WAAW,CAAC,MAAM,CAAC;YACpF,MAAM,UAAU,GAAG,YAAY,CAAC,WAAW,CAAC,KAAK,GAAG,YAAY,CAAC,WAAW,CAAC,MAAM,CAAC;YACpF,IAAI,UAAU,GAAG,UAAU,GAAG,CAAC,EAAE,CAAC;gBAChC,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,uBAAuB;oBAC7B,QAAQ,EAAE,SAAS;oBACnB,WAAW,EAAE,0DAA0D;oBACvE,QAAQ,EAAE,gBAAgB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,qBAAqB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,KAAK;iBACjG,CAAC,CAAC;gBACH,WAAW,IAAI,CAAC,CAAC;YACnB,CAAC;QACH,CAAC;QAED,sBAAsB;QACtB,IAAI,YAAY,EAAE,QAAQ,IAAI,YAAY,EAAE,QAAQ,EAAE,CAAC;YACrD,IAAI,YAAY,CAAC,QAAQ,GAAG,YAAY,CAAC,QAAQ,GAAG,GAAG,EAAE,CAAC;gBACxD,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,SAAS;oBACf,QAAQ,EAAE,SAAS;oBACnB,WAAW,EAAE,+DAA+D;oBAC5E,QAAQ,EAAE,WAAW,YAAY,CAAC,QAAQ,eAAe,YAAY,CAAC,QAAQ,IAAI;iBACnF,CAAC,CAAC;gBACH,WAAW,IAAI,CAAC,CAAC;YACnB,CAAC;QACH,CAAC;IACH,CAAC;IAED,iEAAiE;IACjE,IAAI,YAAY,GAAG,EAAE,CAAC;IAEtB,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;QAC1B,YAAY,GAAG,CAAC,CAAC;IACnB,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,mBAAmB,EAAE,CAAC;YACrC,YAAY,IAAI,EAAE,CAAC;QACrB,CAAC;QACD,uDAAuD;QACvD,MAAM,aAAa,GAAG,gBAAgB,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACzD,IAAI,aAAa,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzC,YAAY,IAAI,aAAa,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAED,iEAAiE;IACjE,IAAI,cAAc,GAAG,EAAE,CAAC;IAExB,gEAAgE;IAChE,MAAM,wBAAwB,GAAG,KAAK,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;IAEjG,IAAI,wBAAwB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxC,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,cAAc;YACpB,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,GAAG,wBAAwB,CAAC,MAAM,2DAA2D;YAC1G,QAAQ,EAAE,wBAAwB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;SACtF,CAAC,CAAC;QACH,cAAc,IAAI,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,wBAAwB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACtE,CAAC;IAED,gDAAgD;IAChD,MAAM,yBAAyB,GAAG,KAAK,CAAC,kBAAkB,CAAC,MAAM,CAC/D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,IAAI,CAAC,CAAC,UAAU,KAAK,cAAc,CAC5D,CAAC;IAEF,IAAI,yBAAyB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzC,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,cAAc;YACpB,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,GAAG,yBAAyB,CAAC,MAAM,kDAAkD;YAClG,QAAQ,EAAE,yBAAyB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;SACvF,CAAC,CAAC;QACH,cAAc,IAAI,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,yBAAyB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACvE,CAAC;IAED,6CAA6C;IAC7C,MAAM,sBAAsB,GAAG,KAAK,CAAC,wBAAwB,CAAC,MAAM,CAClE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,KAAK,IAAI,IAAI,CAAC,CAAC,eAAe,KAAK,KAAK,CACjE,CAAC;IAEF,IAAI,sBAAsB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtC,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,cAAc;YACpB,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,GAAG,sBAAsB,CAAC,MAAM,8CAA8C;YAC3F,QAAQ,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;iBAC9E,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;iBACX,IAAI,CAAC,IAAI,CAAC;SACd,CAAC,CAAC;QACH,cAAc,IAAI,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,sBAAsB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACpE,CAAC;IAED,mBAAmB;IACnB,MAAM,KAAK,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IAC1D,MAAM,SAAS,GAAG;QAChB,eAAe,EAAE,KAAK,CAAC,eAAe,CAAC;QACvC,WAAW,EAAE,KAAK,CAAC,WAAW,CAAC;QAC/B,YAAY,EAAE,KAAK,CAAC,YAAY,CAAC;QACjC,cAAc,EAAE,KAAK,CAAC,cAAc,CAAC;KACtC,CAAC;IAEF,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IAElE,OAAO;QACL,KAAK;QACL,SAAS;QACT,MAAM;QACN,KAAK,EAAE,YAAY,CAAC,KAAK,CAAC;KAC3B,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,KAAa;IACjC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,GAAG,CAAC;IAC5B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,GAAG,CAAC;IAC5B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,GAAG,CAAC;IAC5B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,GAAG,CAAC;IAC5B,OAAO,GAAG,CAAC;AACb,CAAC"}

package/dist/analyzers/wording.d.ts

@@ -0,0 +1,13 @@
+import type { ConsentButton, DarkPatternIssue } from "../types.js";
+export interface WordingAnalysis {
+    issues: DarkPatternIssue[];
+    missingInfo: string[];
+    hasPositiveActionForAccept: boolean;
+    hasExplicitRejectOption: boolean;
+}
+export declare function analyzeButtonWording(buttons: ConsentButton[]): WordingAnalysis;
+export declare function analyzeModalText(text: string): {
+    missingInfo: string[];
+    issues: DarkPatternIssue[];
+};
+//# sourceMappingURL=wording.d.ts.map

package/dist/analyzers/wording.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"wording.d.ts","sourceRoot":"","sources":["../../src/analyzers/wording.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AA6BnE,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAC3B,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,0BAA0B,EAAE,OAAO,CAAC;IACpC,uBAAuB,EAAE,OAAO,CAAC;CAClC;AAED,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,aAAa,EAAE,GAAG,eAAe,CAoD9E;AAED,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG;IAC9C,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,MAAM,EAAE,gBAAgB,EAAE,CAAC;CAC5B,CAkBA"}

package/dist/analyzers/wording.js

@@ -0,0 +1,91 @@
+/**
+ * Ambiguous button labels that don't clearly express consent.
+ * These are used as "accept" but don't say "accept" — a dark pattern.
+ */
+const MISLEADING_ACCEPT_LABELS = [
+    /^(ok|okay|got it|understood|d'accord|compris|j'ai compris|c'est ok|continuer|continue|proceed|go ahead|next|suivant|proceed)$/i,
+    /^(i agree|i understand|i consent)$/i, // acceptable but worth flagging as borderline
+];
+/**
+ * Labels that suggest rejection but are actually just "close" or navigate away.
+ */
+const FAKE_REJECT_LABELS = [/^(×|✕|✖|close|fermer|dismiss|ignorer|skip|passer)$/i];
+/**
+ * Required informational elements in consent text (RGPD Art. 13-14).
+ */
+const REQUIRED_INFO_PATTERNS = [
+    { key: "purposes", patterns: [/finalit[eé]|purpose|objectif|utilisation/i] },
+    { key: "third-parties", patterns: [/partenaire|tiers|third.part|sous.traitant|vendor/i] },
+    {
+        key: "duration",
+        patterns: [/dur[eé]e|expir|conservation|validit[eé]|period|month|year|mois|an(s)?/i],
+    },
+    { key: "withdrawal", patterns: [/retrait|retirer|withdraw|revok|modif|changer|chang/i] },
+];
+export function analyzeButtonWording(buttons) {
+    const issues = [];
+    const acceptButton = buttons.find((b) => b.type === "accept");
+    const rejectButton = buttons.find((b) => b.type === "reject");
+    const prefButton = buttons.find((b) => b.type === "preferences");
+    // ── Misleading "accept" wording ──────────────────────────────
+    if (acceptButton) {
+        for (const pattern of MISLEADING_ACCEPT_LABELS) {
+            if (pattern.test(acceptButton.text.trim())) {
+                issues.push({
+                    type: "misleading-wording",
+                    severity: "warning",
+                    description: `Accept button has ambiguous label: "${acceptButton.text}"`,
+                    evidence: `Button text "${acceptButton.text}" does not clearly express consent`,
+                });
+                break;
+            }
+        }
+    }
+    // ── No reject button at all ───────────────────────────────────
+    if (!rejectButton && !prefButton) {
+        issues.push({
+            type: "no-reject-button",
+            severity: "critical",
+            description: "No reject/decline option found in the consent modal",
+            evidence: "RGPD requires refusal to be as easy as acceptance (CNIL 2022)",
+        });
+    }
+    // ── Fake reject (close button instead) ───────────────────────
+    if (rejectButton) {
+        for (const pattern of FAKE_REJECT_LABELS) {
+            if (pattern.test(rejectButton.text.trim())) {
+                issues.push({
+                    type: "misleading-wording",
+                    severity: "critical",
+                    description: `Reject button has misleading label: "${rejectButton.text}"`,
+                    evidence: "A close/dismiss button is not a valid rejection mechanism",
+                });
+                break;
+            }
+        }
+    }
+    return {
+        issues,
+        missingInfo: [], // filled in by analyzeModalText
+        hasPositiveActionForAccept: !!acceptButton,
+        hasExplicitRejectOption: !!rejectButton,
+    };
+}
+export function analyzeModalText(text) {
+    const missingInfo = [];
+    const issues = [];
+    for (const { key, patterns } of REQUIRED_INFO_PATTERNS) {
+        const found = patterns.some((p) => p.test(text));
+        if (!found) {
+            missingInfo.push(key);
+            issues.push({
+                type: "missing-info",
+                severity: "warning",
+                description: `Missing required information: "${key}"`,
+                evidence: `The consent text does not mention ${key}`,
+            });
+        }
+    }
+    return { missingInfo, issues };
+}
+//# sourceMappingURL=wording.js.map

package/dist/analyzers/wording.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"wording.js","sourceRoot":"","sources":["../../src/analyzers/wording.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,MAAM,wBAAwB,GAAG;IAC/B,gIAAgI;IAChI,qCAAqC,EAAE,8CAA8C;CACtF,CAAC;AAEF;;GAEG;AACH,MAAM,kBAAkB,GAAG,CAAC,qDAAqD,CAAC,CAAC;AAEnF;;GAEG;AACH,MAAM,sBAAsB,GAAG;IAC7B,EAAE,GAAG,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,2CAA2C,CAAC,EAAE;IAC5E,EAAE,GAAG,EAAE,eAAe,EAAE,QAAQ,EAAE,CAAC,mDAAmD,CAAC,EAAE;IACzF;QACE,GAAG,EAAE,UAAU;QACf,QAAQ,EAAE,CAAC,wEAAwE,CAAC;KACrF;IACD,EAAE,GAAG,EAAE,YAAY,EAAE,QAAQ,EAAE,CAAC,qDAAqD,CAAC,EAAE;CACzF,CAAC;AASF,MAAM,UAAU,oBAAoB,CAAC,OAAwB;IAC3D,MAAM,MAAM,GAAuB,EAAE,CAAC;IACtC,MAAM,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;IAC9D,MAAM,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;IAC9D,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,aAAa,CAAC,CAAC;IAEjE,gEAAgE;IAChE,IAAI,YAAY,EAAE,CAAC;QACjB,KAAK,MAAM,OAAO,IAAI,wBAAwB,EAAE,CAAC;YAC/C,IAAI,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;gBAC3C,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,oBAAoB;oBAC1B,QAAQ,EAAE,SAAS;oBACnB,WAAW,EAAE,uCAAuC,YAAY,CAAC,IAAI,GAAG;oBACxE,QAAQ,EAAE,gBAAgB,YAAY,CAAC,IAAI,oCAAoC;iBAChF,CAAC,CAAC;gBACH,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IAED,iEAAiE;IACjE,IAAI,CAAC,YAAY,IAAI,CAAC,UAAU,EAAE,CAAC;QACjC,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,kBAAkB;YACxB,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,qDAAqD;YAClE,QAAQ,EAAE,+DAA+D;SAC1E,CAAC,CAAC;IACL,CAAC;IAED,gEAAgE;IAChE,IAAI,YAAY,EAAE,CAAC;QACjB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;YACzC,IAAI,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;gBAC3C,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,oBAAoB;oBAC1B,QAAQ,EAAE,UAAU;oBACpB,WAAW,EAAE,wCAAwC,YAAY,CAAC,IAAI,GAAG;oBACzE,QAAQ,EAAE,2DAA2D;iBACtE,CAAC,CAAC;gBACH,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,MAAM;QACN,WAAW,EAAE,EAAE,EAAE,gCAAgC;QACjD,0BAA0B,EAAE,CAAC,CAAC,YAAY;QAC1C,uBAAuB,EAAE,CAAC,CAAC,YAAY;KACxC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,IAAY;IAI3C,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,MAAM,MAAM,GAAuB,EAAE,CAAC;IAEtC,KAAK,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,sBAAsB,EAAE,CAAC;QACvD,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACtB,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,cAAc;gBACpB,QAAQ,EAAE,SAAS;gBACnB,WAAW,EAAE,kCAAkC,GAAG,GAAG;gBACrD,QAAQ,EAAE,qCAAqC,GAAG,EAAE;aACrD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC;AACjC,CAAC"}

package/dist/classifiers/cookie-classifier.d.ts

@@ -0,0 +1,8 @@
+import type { CookieCategory } from "../types.js";
+interface CookieClassification {
+    category: CookieCategory;
+    requiresConsent: boolean;
+}
+export declare function classifyCookie(name: string, domain: string, value: string): CookieClassification;
+export {};
+//# sourceMappingURL=cookie-classifier.d.ts.map

package/dist/classifiers/cookie-classifier.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cookie-classifier.d.ts","sourceRoot":"","sources":["../../src/classifiers/cookie-classifier.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAElD,UAAU,oBAAoB;IAC5B,QAAQ,EAAE,cAAc,CAAC;IACzB,eAAe,EAAE,OAAO,CAAC;CAC1B;AA0GD,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,oBAAoB,CAahG"}

package/dist/classifiers/cookie-classifier.js

@@ -0,0 +1,108 @@
+/**
+ * Cookie name patterns mapped to categories.
+ * Patterns are checked against the cookie name (case-insensitive).
+ */
+const COOKIE_PATTERNS = [
+    // ── Strictly necessary ────────────────────────────────────────
+    {
+        pattern: /^(PHPSESSID|JSESSIONID|ASP\.NET_SessionId|__session)$/i,
+        category: "strictly-necessary",
+        requiresConsent: false,
+    },
+    { pattern: /^sess(ion)?[-_]?id$/i, category: "strictly-necessary", requiresConsent: false },
+    {
+        pattern: /^(csrf|xsrf|_token|authenticity_token)[-_]?/i,
+        category: "strictly-necessary",
+        requiresConsent: false,
+    },
+    {
+        pattern: /^(auth|authenticated|login|logged[-_]in)[-_]?/i,
+        category: "strictly-necessary",
+        requiresConsent: false,
+    },
+    {
+        pattern: /^(cart|basket|bag|checkout)[-_]?/i,
+        category: "strictly-necessary",
+        requiresConsent: false,
+    },
+    {
+        pattern: /^(lang|locale|language|country|currency)$/i,
+        category: "strictly-necessary",
+        requiresConsent: false,
+    },
+    {
+        pattern: /^(consent|cookie[-_]consent|cc[-_]cookie|cookieconsent)[-_]?/i,
+        category: "strictly-necessary",
+        requiresConsent: false,
+    },
+    {
+        pattern: /^(axeptio|didomi|cookiebot|onetrust|tarteaucitron)[-_]?/i,
+        category: "strictly-necessary",
+        requiresConsent: false,
+    },
+    // ── Analytics ──────────────────────────────────────────────────
+    { pattern: /^_ga$/i, category: "analytics", requiresConsent: true },
+    { pattern: /^_ga_/i, category: "analytics", requiresConsent: true },
+    { pattern: /^_gid$/i, category: "analytics", requiresConsent: true },
+    { pattern: /^_gat/i, category: "analytics", requiresConsent: true },
+    { pattern: /^_utm/i, category: "analytics", requiresConsent: true },
+    { pattern: /^__utm/i, category: "analytics", requiresConsent: true },
+    { pattern: /^_pk_/i, category: "analytics", requiresConsent: true }, // Matomo/Piwik
+    { pattern: /^pk_/i, category: "analytics", requiresConsent: true },
+    { pattern: /^amp_/i, category: "analytics", requiresConsent: true }, // Amplitude
+    { pattern: /^(ajs_|segment_)/i, category: "analytics", requiresConsent: true }, // Segment
+    { pattern: /^_hjSessionUser/i, category: "analytics", requiresConsent: true }, // Hotjar
+    { pattern: /^_hj/i, category: "analytics", requiresConsent: true },
+    { pattern: /^mixpanel/i, category: "analytics", requiresConsent: true },
+    { pattern: /^(heap_|heap\.)/i, category: "analytics", requiresConsent: true },
+    { pattern: /^(clarity_|clid|CLID)$/i, category: "analytics", requiresConsent: true }, // Microsoft Clarity
+    // ── Advertising ────────────────────────────────────────────────
+    { pattern: /^(_fbp|_fbc|fb_)/, category: "advertising", requiresConsent: true }, // Meta/Facebook
+    {
+        pattern: /^(IDE|NID|DSID|ANID|__gads|__gpi|FCNEC)$/i,
+        category: "advertising",
+        requiresConsent: true,
+    }, // Google Ads
+    {
+        pattern: /^(muid|MUID|at_check|atidvisitor)$/i,
+        category: "advertising",
+        requiresConsent: true,
+    }, // Microsoft
+    { pattern: /^(li_|linkedin_|bcookie|bscookie)/, category: "advertising", requiresConsent: true }, // LinkedIn
+    {
+        pattern: /^(twitter|_twitter_sess|personalization_id|guest_id)$/i,
+        category: "advertising",
+        requiresConsent: true,
+    },
+    { pattern: /^(criteo_|cto_|uid)$/i, category: "advertising", requiresConsent: true }, // Criteo
+    { pattern: /^(tapad|tapid)$/i, category: "advertising", requiresConsent: true },
+    { pattern: /^(DoubleClick|DCLK)$/i, category: "advertising", requiresConsent: true },
+    { pattern: /^_ttp$/i, category: "advertising", requiresConsent: true }, // TikTok
+    // ── Social ─────────────────────────────────────────────────────
+    { pattern: /^(fbsr_|fbm_)/, category: "social", requiresConsent: true }, // Facebook login
+    { pattern: /^(yt-|VISITOR_INFO|YSC|GPS)$/i, category: "social", requiresConsent: true }, // YouTube
+    // ── Personalization ────────────────────────────────────────────
+    {
+        pattern: /^(ab_|abt_|abtest|experiment|variant|split[-_]test)/i,
+        category: "personalization",
+        requiresConsent: true,
+    },
+    {
+        pattern: /^(optimizely|vwo_|convert_|cxense)/i,
+        category: "personalization",
+        requiresConsent: true,
+    },
+];
+export function classifyCookie(name, domain, value) {
+    for (const { pattern, category, requiresConsent } of COOKIE_PATTERNS) {
+        if (pattern.test(name)) {
+            return { category, requiresConsent };
+        }
+    }
+    // Heuristic: very short session cookie with no clear purpose
+    if (name.length <= 4 && !value.includes("=")) {
+        return { category: "unknown", requiresConsent: true };
+    }
+    return { category: "unknown", requiresConsent: false };
+}
+//# sourceMappingURL=cookie-classifier.js.map

package/dist/classifiers/cookie-classifier.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cookie-classifier.js","sourceRoot":"","sources":["../../src/classifiers/cookie-classifier.ts"],"names":[],"mappings":"AAOA;;;GAGG;AACH,MAAM,eAAe,GAIhB;IACH,iEAAiE;IACjE;QACE,OAAO,EAAE,wDAAwD;QACjE,QAAQ,EAAE,oBAAoB;QAC9B,eAAe,EAAE,KAAK;KACvB;IACD,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,oBAAoB,EAAE,eAAe,EAAE,KAAK,EAAE;IAC3F;QACE,OAAO,EAAE,8CAA8C;QACvD,QAAQ,EAAE,oBAAoB;QAC9B,eAAe,EAAE,KAAK;KACvB;IACD;QACE,OAAO,EAAE,gDAAgD;QACzD,QAAQ,EAAE,oBAAoB;QAC9B,eAAe,EAAE,KAAK;KACvB;IACD;QACE,OAAO,EAAE,mCAAmC;QAC5C,QAAQ,EAAE,oBAAoB;QAC9B,eAAe,EAAE,KAAK;KACvB;IACD;QACE,OAAO,EAAE,4CAA4C;QACrD,QAAQ,EAAE,oBAAoB;QAC9B,eAAe,EAAE,KAAK;KACvB;IACD;QACE,OAAO,EAAE,+DAA+D;QACxE,QAAQ,EAAE,oBAAoB;QAC9B,eAAe,EAAE,KAAK;KACvB;IACD;QACE,OAAO,EAAE,0DAA0D;QACnE,QAAQ,EAAE,oBAAoB;QAC9B,eAAe,EAAE,KAAK;KACvB;IAED,kEAAkE;IAClE,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE;IACnE,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE;IACnE,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE;IACpE,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE;IACnE,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE;IACnE,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE;IACpE,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE,EAAE,eAAe;IACpF,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE;IAClE,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE,EAAE,YAAY;IACjF,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE,EAAE,UAAU;IAC1F,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE,EAAE,SAAS;IACxF,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE;IAClE,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE;IACvE,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE;IAC7E,EAAE,OAAO,EAAE,yBAAyB,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE,IAAI,EAAE,EAAE,oBAAoB;IAE1G,kEAAkE;IAClE,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,aAAa,EAAE,eAAe,EAAE,IAAI,EAAE,EAAE,gBAAgB;IACjG;QACE,OAAO,EAAE,2CAA2C;QACpD,QAAQ,EAAE,aAAa;QACvB,eAAe,EAAE,IAAI;KACtB,EAAE,aAAa;IAChB;QACE,OAAO,EAAE,qCAAqC;QAC9C,QAAQ,EAAE,aAAa;QACvB,eAAe,EAAE,IAAI;KACtB,EAAE,YAAY;IACf,EAAE,OAAO,EAAE,mCAAmC,EAAE,QAAQ,EAAE,aAAa,EAAE,eAAe,EAAE,IAAI,EAAE,EAAE,WAAW;IAC7G;QACE,OAAO,EAAE,wDAAwD;QACjE,QAAQ,EAAE,aAAa;QACvB,eAAe,EAAE,IAAI;KACtB;IACD,EAAE,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,aAAa,EAAE,eAAe,EAAE,IAAI,EAAE,EAAE,SAAS;IAC/F,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,aAAa,EAAE,eAAe,EAAE,IAAI,EAAE;IAC/E,EAAE,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,aAAa,EAAE,eAAe,EAAE,IAAI,EAAE;IACpF,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,aAAa,EAAE,eAAe,EAAE,IAAI,EAAE,EAAE,SAAS;IAEjF,kEAAkE;IAClE,EAAE,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,QAAQ,EAAE,eAAe,EAAE,IAAI,EAAE,EAAE,iBAAiB;IAC1F,EAAE,OAAO,EAAE,+BAA+B,EAAE,QAAQ,EAAE,QAAQ,EAAE,eAAe,EAAE,IAAI,EAAE,EAAE,UAAU;IAEnG,kEAAkE;IAClE;QACE,OAAO,EAAE,sDAAsD;QAC/D,QAAQ,EAAE,iBAAiB;QAC3B,eAAe,EAAE,IAAI;KACtB;IACD;QACE,OAAO,EAAE,qCAAqC;QAC9C,QAAQ,EAAE,iBAAiB;QAC3B,eAAe,EAAE,IAAI;KACtB;CACF,CAAC;AAEF,MAAM,UAAU,cAAc,CAAC,IAAY,EAAE,MAAc,EAAE,KAAa;IACxE,KAAK,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,IAAI,eAAe,EAAE,CAAC;QACrE,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvB,OAAO,EAAE,QAAQ,EAAE,eAAe,EAAE,CAAC;QACvC,CAAC;IACH,CAAC;IAED,6DAA6D;IAC7D,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7C,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAE,IAAI,EAAE,CAAC;IACxD,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,eAAe,EAAE,KAAK,EAAE,CAAC;AACzD,CAAC"}

package/dist/classifiers/network-classifier.d.ts

@@ -0,0 +1,9 @@
+import type { TrackerCategory } from "../types.js";
+interface NetworkClassification {
+    isThirdParty: boolean;
+    trackerCategory: TrackerCategory | null;
+    trackerName: string | null;
+}
+export declare function classifyNetworkRequest(url: string, resourceType: string): NetworkClassification;
+export {};
+//# sourceMappingURL=network-classifier.d.ts.map

package/dist/classifiers/network-classifier.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"network-classifier.d.ts","sourceRoot":"","sources":["../../src/classifiers/network-classifier.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEnD,UAAU,qBAAqB;IAC7B,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,EAAE,eAAe,GAAG,IAAI,CAAC;IACxC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;CAC5B;AAED,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,qBAAqB,CA2C/F"}

package/dist/classifiers/network-classifier.js

@@ -0,0 +1,51 @@
+import { TRACKER_DB, PIXEL_PATTERNS } from "./tracker-list.js";
+export function classifyNetworkRequest(url, resourceType) {
+    let hostname;
+    try {
+        hostname = new URL(url).hostname.replace(/^www\./, "");
+    }
+    catch {
+        return { isThirdParty: false, trackerCategory: null, trackerName: null };
+    }
+    // Check tracker database (exact match or suffix match)
+    for (const [domain, entry] of Object.entries(TRACKER_DB)) {
+        if (hostname === domain || hostname.endsWith(`.${domain}`)) {
+            return {
+                isThirdParty: true,
+                trackerCategory: entry.category,
+                trackerName: entry.name,
+            };
+        }
+    }
+    // Check pixel/beacon patterns in URL
+    if (PIXEL_PATTERNS.some((p) => p.test(url))) {
+        return {
+            isThirdParty: true,
+            trackerCategory: "pixel",
+            trackerName: "Tracking Pixel",
+        };
+    }
+    // Resource type heuristics
+    if (resourceType === "image" && isLikelyPixel(url)) {
+        return {
+            isThirdParty: true,
+            trackerCategory: "pixel",
+            trackerName: "Tracking Pixel (image)",
+        };
+    }
+    return {
+        isThirdParty: false,
+        trackerCategory: null,
+        trackerName: null,
+    };
+}
+/**
+ * Heuristic: 1x1 gif / tiny image with tracking params
+ */
+function isLikelyPixel(url) {
+    const u = url.toLowerCase();
+    return ((u.includes(".gif") || u.includes(".png")) &&
+        u.includes("?") &&
+        /[?&](uid|userid|sid|cid|vid|ts|t=|e=|ev=)/i.test(url));
+}
+//# sourceMappingURL=network-classifier.js.map

package/dist/classifiers/network-classifier.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"network-classifier.js","sourceRoot":"","sources":["../../src/classifiers/network-classifier.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAS/D,MAAM,UAAU,sBAAsB,CAAC,GAAW,EAAE,YAAoB;IACtE,IAAI,QAAgB,CAAC;IAErB,IAAI,CAAC;QACH,QAAQ,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,eAAe,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;IAC3E,CAAC;IAED,uDAAuD;IACvD,KAAK,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QACzD,IAAI,QAAQ,KAAK,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,MAAM,EAAE,CAAC,EAAE,CAAC;YAC3D,OAAO;gBACL,YAAY,EAAE,IAAI;gBAClB,eAAe,EAAE,KAAK,CAAC,QAAQ;gBAC/B,WAAW,EAAE,KAAK,CAAC,IAAI;aACxB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,qCAAqC;IACrC,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;QAC5C,OAAO;YACL,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,OAAO;YACxB,WAAW,EAAE,gBAAgB;SAC9B,CAAC;IACJ,CAAC;IAED,2BAA2B;IAC3B,IAAI,YAAY,KAAK,OAAO,IAAI,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;QACnD,OAAO;YACL,YAAY,EAAE,IAAI;YAClB,eAAe,EAAE,OAAO;YACxB,WAAW,EAAE,wBAAwB;SACtC,CAAC;IACJ,CAAC;IAED,OAAO;QACL,YAAY,EAAE,KAAK;QACnB,eAAe,EAAE,IAAI;QACrB,WAAW,EAAE,IAAI;KAClB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,GAAW;IAChC,MAAM,CAAC,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;IAC5B,OAAO,CACL,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAC1C,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;QACf,4CAA4C,CAAC,IAAI,CAAC,GAAG,CAAC,CACvD,CAAC;AACJ,CAAC"}

package/dist/classifiers/tracker-list.d.ts

@@ -0,0 +1,16 @@
+import type { TrackerCategory } from "../types.js";
+interface TrackerEntry {
+    name: string;
+    category: TrackerCategory;
+}
+/**
+ * Known tracker domains and their categories.
+ * Based on open-source tracker databases (EasyPrivacy, Disconnect, DuckDuckGo Tracker Radar).
+ */
+export declare const TRACKER_DB: Record<string, TrackerEntry>;
+/**
+ * Patterns for detecting tracking pixels and beacons by URL shape.
+ */
+export declare const PIXEL_PATTERNS: RegExp[];
+export {};
+//# sourceMappingURL=tracker-list.d.ts.map

package/dist/classifiers/tracker-list.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tracker-list.d.ts","sourceRoot":"","sources":["../../src/classifiers/tracker-list.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAEnD,UAAU,YAAY;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,eAAe,CAAC;CAC3B;AAED;;;GAGG;AACH,eAAO,MAAM,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,YAAY,CAgFnD,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,cAAc,EAAE,MAAM,EAQlC,CAAC"}

package/dist/classifiers/tracker-list.js

@@ -0,0 +1,86 @@
+/**
+ * Known tracker domains and their categories.
+ * Based on open-source tracker databases (EasyPrivacy, Disconnect, DuckDuckGo Tracker Radar).
+ */
+export const TRACKER_DB = {
+    // ── Google ────────────────────────────────────────────────────
+    "google-analytics.com": { name: "Google Analytics", category: "analytics" },
+    "analytics.google.com": { name: "Google Analytics", category: "analytics" },
+    "googletagmanager.com": { name: "Google Tag Manager", category: "analytics" },
+    "googletagservices.com": { name: "Google Tag Services", category: "advertising" },
+    "googlesyndication.com": { name: "Google AdSense", category: "advertising" },
+    "doubleclick.net": { name: "Google DoubleClick", category: "advertising" },
+    "adservice.google.com": { name: "Google Ad Services", category: "advertising" },
+    "google.com/ads": { name: "Google Ads", category: "advertising" },
+    "googleadservices.com": { name: "Google Ad Services", category: "advertising" },
+    "pagead2.googlesyndication.com": { name: "Google PageAd", category: "advertising" },
+    // ── Meta / Facebook ───────────────────────────────────────────
+    "connect.facebook.net": { name: "Facebook SDK", category: "social" },
+    "graph.facebook.com": { name: "Facebook Graph API", category: "social" },
+    "facebook.com/tr": { name: "Meta Pixel", category: "advertising" },
+    "fbcdn.net": { name: "Facebook CDN", category: "social" },
+    // ── Microsoft ─────────────────────────────────────────────────
+    "bat.bing.com": { name: "Bing Ads", category: "advertising" },
+    "clarity.ms": { name: "Microsoft Clarity", category: "analytics" },
+    "ads.microsoft.com": { name: "Microsoft Ads", category: "advertising" },
+    "scorecardresearch.com": { name: "Scorecard Research", category: "analytics" },
+    // ── Hotjar ────────────────────────────────────────────────────
+    "hotjar.com": { name: "Hotjar", category: "analytics" },
+    "static.hotjar.com": { name: "Hotjar", category: "analytics" },
+    // ── LinkedIn ─────────────────────────────────────────────────
+    "snap.licdn.com": { name: "LinkedIn Insight Tag", category: "advertising" },
+    "platform.linkedin.com": { name: "LinkedIn", category: "social" },
+    // ── Twitter / X ──────────────────────────────────────────────
+    "static.ads-twitter.com": { name: "Twitter Ads", category: "advertising" },
+    "analytics.twitter.com": { name: "Twitter Analytics", category: "analytics" },
+    "t.co": { name: "Twitter URL shortener", category: "advertising" },
+    // ── TikTok ───────────────────────────────────────────────────
+    "analytics.tiktok.com": { name: "TikTok Analytics", category: "analytics" },
+    "ads-api.tiktok.com": { name: "TikTok Ads", category: "advertising" },
+    // ── Criteo ───────────────────────────────────────────────────
+    "dis.us.criteo.com": { name: "Criteo", category: "advertising" },
+    "rtax.criteo.com": { name: "Criteo Retargeting", category: "advertising" },
+    "static.criteo.net": { name: "Criteo", category: "advertising" },
+    // ── Segment / Amplitude / Mixpanel ───────────────────────────
+    "api.segment.io": { name: "Segment", category: "analytics" },
+    "cdn.segment.com": { name: "Segment", category: "analytics" },
+    "api2.amplitude.com": { name: "Amplitude", category: "analytics" },
+    "api.mixpanel.com": { name: "Mixpanel", category: "analytics" },
+    // ── Intercom / Drift / HubSpot ────────────────────────────────
+    "js.intercomcdn.com": { name: "Intercom", category: "analytics" },
+    "widget.intercom.io": { name: "Intercom Widget", category: "analytics" },
+    "hubspot.com": { name: "HubSpot", category: "analytics" },
+    "js.hs-scripts.com": { name: "HubSpot", category: "analytics" },
+    "drift.com": { name: "Drift", category: "analytics" },
+    // ── Fingerprinting ───────────────────────────────────────────
+    "fingerprintjs.com": { name: "FingerprintJS", category: "fingerprinting" },
+    "fpnpmcdn.net": { name: "FingerprintJS CDN", category: "fingerprinting" },
+    // ── Advertising networks ─────────────────────────────────────
+    "amazon-adsystem.com": { name: "Amazon Ads", category: "advertising" },
+    "pubmatic.com": { name: "PubMatic", category: "advertising" },
+    "rubiconproject.com": { name: "Rubicon Project", category: "advertising" },
+    "openx.net": { name: "OpenX", category: "advertising" },
+    "casalemedia.com": { name: "Casale Media", category: "advertising" },
+    "akamaized.net": { name: "Akamai", category: "cdn" },
+    "outbrain.com": { name: "Outbrain", category: "advertising" },
+    "taboola.com": { name: "Taboola", category: "advertising" },
+    "quantserve.com": { name: "Quantcast", category: "advertising" },
+    "chartbeat.com": { name: "Chartbeat", category: "analytics" },
+    // ── AB Testing ───────────────────────────────────────────────
+    "optimizely.com": { name: "Optimizely", category: "analytics" },
+    "vwo.com": { name: "VWO", category: "analytics" },
+    "app.convert.com": { name: "Convert", category: "analytics" },
+};
+/**
+ * Patterns for detecting tracking pixels and beacons by URL shape.
+ */
+export const PIXEL_PATTERNS = [
+    /\/pixel(\.gif|\.png|\.php)?(\?|$)/i,
+    /\/beacon(\.gif|\.png|\.php)?(\?|$)/i,
+    /\/track(ing)?(\.gif|\.png|\.php)?(\?|$)/i,
+    /\/collect(\?|$)/i,
+    /\/event(\?|$)/i,
+    /\/(hit|ping|log)(\?|$)/i,
+    /\?.*(?:pixel|beacon|track|event|hit)=/i,
+];
+//# sourceMappingURL=tracker-list.js.map

package/dist/classifiers/tracker-list.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tracker-list.js","sourceRoot":"","sources":["../../src/classifiers/tracker-list.ts"],"names":[],"mappings":"AAOA;;;GAGG;AACH,MAAM,CAAC,MAAM,UAAU,GAAiC;IACtD,iEAAiE;IACjE,sBAAsB,EAAE,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC3E,sBAAsB,EAAE,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC3E,sBAAsB,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC7E,uBAAuB,EAAE,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,aAAa,EAAE;IACjF,uBAAuB,EAAE,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC5E,iBAAiB,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC1E,sBAAsB,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC/E,gBAAgB,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE;IACjE,sBAAsB,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC/E,+BAA+B,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,aAAa,EAAE;IAEnF,iEAAiE;IACjE,sBAAsB,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,EAAE;IACpE,oBAAoB,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IACxE,iBAAiB,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE;IAClE,WAAW,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAEzD,iEAAiE;IACjE,cAAc,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC7D,YAAY,EAAE,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,WAAW,EAAE;IAClE,mBAAmB,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,aAAa,EAAE;IACvE,uBAAuB,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,WAAW,EAAE;IAE9E,iEAAiE;IACjE,YAAY,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE;IACvD,mBAAmB,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE;IAE9D,gEAAgE;IAChE,gBAAgB,EAAE,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC3E,uBAAuB,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAEjE,gEAAgE;IAChE,wBAAwB,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC1E,uBAAuB,EAAE,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC7E,MAAM,EAAE,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,aAAa,EAAE;IAElE,gEAAgE;IAChE,sBAAsB,EAAE,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC3E,oBAAoB,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE;IAErE,gEAAgE;IAChE,mBAAmB,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,aAAa,EAAE;IAChE,iBAAiB,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC1E,mBAAmB,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,aAAa,EAAE;IAEhE,gEAAgE;IAChE,gBAAgB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC5D,iBAAiB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC7D,oBAAoB,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,EAAE;IAClE,kBAAkB,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE;IAE/D,iEAAiE;IACjE,oBAAoB,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE;IACjE,oBAAoB,EAAE,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,EAAE,WAAW,EAAE;IACxE,aAAa,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE;IACzD,mBAAmB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC/D,WAAW,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE;IAErD,gEAAgE;IAChE,mBAAmB,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,gBAAgB,EAAE;IAC1E,cAAc,EAAE,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,gBAAgB,EAAE;IAEzE,gEAAgE;IAChE,qBAAqB,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE;IACtE,cAAc,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC7D,oBAAoB,EAAE,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC1E,WAAW,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,aAAa,EAAE;IACvD,iBAAiB,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,aAAa,EAAE;IACpE,eAAe,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE;IACpD,cAAc,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC7D,aAAa,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,aAAa,EAAE;IAC3D,gBAAgB,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,aAAa,EAAE;IAChE,eAAe,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,EAAE;IAE7D,gEAAgE;IAChE,gBAAgB,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,WAAW,EAAE;IAC/D,SAAS,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE;IACjD,iBAAiB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE;CAC9D,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,cAAc,GAAa;IACtC,oCAAoC;IACpC,qCAAqC;IACrC,0CAA0C;IAC1C,kBAAkB;IAClB,gBAAgB;IAChB,yBAAyB;IACzB,wCAAwC;CACzC,CAAC"}

package/dist/cli.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":""}