@slashgear/gdpr-cookie-scanner 3.6.0 → 3.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.dockerignore +3 -0
- package/.gitattributes +1 -0
- package/.github/workflows/website.yml +80 -0
- package/CHANGELOG.md +52 -0
- package/CLAUDE.md +12 -1
- package/CONTRIBUTING.md +32 -4
- package/NEXT_STEPS.md +37 -3
- package/README.md +23 -0
- package/dist/analyzers/colour.d.ts +36 -0
- package/dist/analyzers/colour.d.ts.map +1 -0
- package/dist/analyzers/colour.js +75 -0
- package/dist/analyzers/colour.js.map +1 -0
- package/dist/analyzers/compliance.d.ts.map +1 -1
- package/dist/analyzers/compliance.js +24 -6
- package/dist/analyzers/compliance.js.map +1 -1
- package/dist/analyzers/tcf-decoder.d.ts +9 -0
- package/dist/analyzers/tcf-decoder.d.ts.map +1 -0
- package/dist/analyzers/tcf-decoder.js +123 -0
- package/dist/analyzers/tcf-decoder.js.map +1 -0
- package/dist/analyzers/wording.d.ts +1 -0
- package/dist/analyzers/wording.d.ts.map +1 -1
- package/dist/analyzers/wording.js +39 -0
- package/dist/analyzers/wording.js.map +1 -1
- package/dist/report/generator.d.ts +1 -0
- package/dist/report/generator.d.ts.map +1 -1
- package/dist/report/generator.js +71 -1
- package/dist/report/generator.js.map +1 -1
- package/dist/report/html.d.ts.map +1 -1
- package/dist/report/html.js +123 -0
- package/dist/report/html.js.map +1 -1
- package/dist/scanner/consent-modal.d.ts.map +1 -1
- package/dist/scanner/consent-modal.js +4 -2
- package/dist/scanner/consent-modal.js.map +1 -1
- package/dist/scanner/index.d.ts.map +1 -1
- package/dist/scanner/index.js +4 -0
- package/dist/scanner/index.js.map +1 -1
- package/dist/scanner/tcf.d.ts +9 -0
- package/dist/scanner/tcf.d.ts.map +1 -0
- package/dist/scanner/tcf.js +72 -0
- package/dist/scanner/tcf.js.map +1 -0
- package/dist/types.d.ts +26 -0
- package/dist/types.d.ts.map +1 -1
- package/package.json +7 -3
- package/pnpm-workspace.yaml +3 -0
- package/scripts/build-showcase.mjs +113 -0
- package/src/analyzers/colour.ts +89 -0
- package/src/analyzers/compliance.ts +35 -10
- package/src/analyzers/tcf-decoder.ts +130 -0
- package/src/analyzers/wording.ts +44 -0
- package/src/report/generator.ts +83 -1
- package/src/report/html.ts +146 -0
- package/src/scanner/consent-modal.ts +3 -1
- package/src/scanner/index.ts +5 -0
- package/src/scanner/tcf.ts +80 -0
- package/src/types.ts +29 -0
- package/tests/analyzers/colour.test.ts +187 -0
- package/tests/analyzers/compliance.test.ts +102 -0
- package/tests/analyzers/tcf-decoder.test.ts +292 -0
- package/tests/analyzers/wording.test.ts +38 -0
- package/tests/scanner/button-classification.test.ts +32 -0
- package/website/Dockerfile +55 -0
- package/website/node_modules/.bin/oxfmt +21 -0
- package/website/node_modules/.bin/oxlint +21 -0
- package/website/node_modules/.bin/tsc +21 -0
- package/website/node_modules/.bin/tsserver +21 -0
- package/website/node_modules/.bin/tsx +21 -0
- package/website/package.json +29 -0
- package/{docs → website/public}/index.html +88 -50
- package/website/public/reports/www.20minutes.fr/after-accept.png +3 -0
- package/website/public/reports/www.20minutes.fr/after-reject.png +3 -0
- package/website/public/reports/www.20minutes.fr/gdpr-report-20minutes.fr-2026-02-22.html +907 -0
- package/website/public/reports/www.20minutes.fr/modal-initial.png +3 -0
- package/website/public/reports/www.arte.tv/after-accept.png +3 -0
- package/website/public/reports/www.arte.tv/after-reject.png +3 -0
- package/website/public/reports/www.arte.tv/gdpr-report-arte.tv-2026-02-24.html +998 -0
- package/website/public/reports/www.arte.tv/modal-initial.png +3 -0
- package/website/public/reports/www.backmarket.fr/after-accept.png +3 -0
- package/website/public/reports/www.backmarket.fr/after-reject.png +3 -0
- package/website/public/reports/www.backmarket.fr/gdpr-report-backmarket.fr-2026-02-24.html +1530 -0
- package/website/public/reports/www.backmarket.fr/modal-initial.png +3 -0
- package/website/public/reports/www.deezer.com/after-accept.png +3 -0
- package/website/public/reports/www.deezer.com/after-reject.png +3 -0
- package/website/public/reports/www.deezer.com/gdpr-report-deezer.com-2026-02-22.html +1668 -0
- package/website/public/reports/www.deezer.com/modal-initial.png +3 -0
- package/website/public/reports/www.france.tv/after-accept.png +3 -0
- package/website/public/reports/www.france.tv/after-reject.png +3 -0
- package/website/public/reports/www.france.tv/gdpr-report-france.tv-2026-02-23.html +977 -0
- package/website/public/reports/www.france.tv/modal-initial.png +3 -0
- package/website/public/reports/www.m6.fr/after-accept.png +3 -0
- package/website/public/reports/www.m6.fr/after-reject.png +3 -0
- package/website/public/reports/www.m6.fr/gdpr-report-m6.fr-2026-02-28.html +1862 -0
- package/website/public/reports/www.m6.fr/modal-initial.png +3 -0
- package/website/public/reports/www.netflix.com/after-accept.png +3 -0
- package/website/public/reports/www.netflix.com/after-reject.png +3 -0
- package/website/public/reports/www.netflix.com/gdpr-report-netflix.com-2026-02-23.html +1051 -0
- package/website/public/reports/www.netflix.com/modal-initial.png +3 -0
- package/website/public/reports/www.radiofrance.fr/after-accept.png +3 -0
- package/website/public/reports/www.radiofrance.fr/after-reject.png +3 -0
- package/website/public/reports/www.radiofrance.fr/gdpr-report-radiofrance.fr-2026-02-24.html +1146 -0
- package/website/public/reports/www.radiofrance.fr/modal-initial.png +3 -0
- package/website/public/reports/www.tf1.fr/after-accept.png +3 -0
- package/website/public/reports/www.tf1.fr/after-reject.png +3 -0
- package/website/public/reports/www.tf1.fr/gdpr-report-tf1.fr-2026-02-23.html +1512 -0
- package/website/public/reports/www.tf1.fr/modal-initial.png +3 -0
- package/website/src/index.ts +15 -0
- package/website/src/security.ts +26 -0
- package/website/tsconfig.json +14 -0
- package/.github/workflows/pages.yml +0 -40
- package/docs/reports/github.com/after-accept.png +0 -0
- package/docs/reports/github.com/after-reject.png +0 -0
- package/docs/reports/github.com/gdpr-checklist-github.com-2026-02-22.md +0 -44
- package/docs/reports/github.com/gdpr-cookies-github.com-2026-02-22.md +0 -29
- package/docs/reports/github.com/gdpr-report-github.com-2026-02-22.md +0 -102
- package/docs/reports/github.com/gdpr-report-github.com-2026-02-22.pdf +0 -0
- package/docs/reports/gitlab.com/after-accept.png +0 -0
- package/docs/reports/gitlab.com/after-reject.png +0 -0
- package/docs/reports/gitlab.com/gdpr-checklist-gitlab.com-2026-02-22.md +0 -44
- package/docs/reports/gitlab.com/gdpr-cookies-gitlab.com-2026-02-22.md +0 -55
- package/docs/reports/gitlab.com/gdpr-report-gitlab.com-2026-02-22.md +0 -200
- package/docs/reports/gitlab.com/gdpr-report-gitlab.com-2026-02-22.pdf +0 -0
- package/docs/reports/gitlab.com/modal-initial.png +0 -0
- package/docs/reports/npmjs.com/after-accept.png +0 -0
- package/docs/reports/npmjs.com/after-reject.png +0 -0
- package/docs/reports/npmjs.com/gdpr-checklist-npmjs.com-2026-02-22.md +0 -44
- package/docs/reports/npmjs.com/gdpr-cookies-npmjs.com-2026-02-22.md +0 -25
- package/docs/reports/npmjs.com/gdpr-report-npmjs.com-2026-02-22.md +0 -88
- package/docs/reports/npmjs.com/gdpr-report-npmjs.com-2026-02-22.pdf +0 -0
- package/docs/reports/reddit.com/after-accept.png +0 -0
- package/docs/reports/reddit.com/after-reject.png +0 -0
- package/docs/reports/reddit.com/gdpr-checklist-reddit.com-2026-02-22.md +0 -44
- package/docs/reports/reddit.com/gdpr-cookies-reddit.com-2026-02-22.md +0 -33
- package/docs/reports/reddit.com/gdpr-report-reddit.com-2026-02-22.md +0 -148
- package/docs/reports/reddit.com/gdpr-report-reddit.com-2026-02-22.pdf +0 -0
- package/docs/reports/reddit.com/modal-initial.png +0 -0
- package/docs/reports/stackoverflow.com/after-accept.png +0 -0
- package/docs/reports/stackoverflow.com/after-reject.png +0 -0
- package/docs/reports/stackoverflow.com/gdpr-checklist-stackoverflow.com-2026-02-22.md +0 -44
- package/docs/reports/stackoverflow.com/gdpr-cookies-stackoverflow.com-2026-02-22.md +0 -67
- package/docs/reports/stackoverflow.com/gdpr-report-stackoverflow.com-2026-02-22.md +0 -206
- package/docs/reports/stackoverflow.com/gdpr-report-stackoverflow.com-2026-02-22.pdf +0 -0
- package/docs/reports/stackoverflow.com/modal-initial.png +0 -0
- package/docs/reports/www.afp.com/after-accept.png +0 -0
- package/docs/reports/www.afp.com/after-reject.png +0 -0
- package/docs/reports/www.afp.com/gdpr-checklist-afp.com-2026-02-22.md +0 -44
- package/docs/reports/www.afp.com/gdpr-cookies-afp.com-2026-02-22.md +0 -42
- package/docs/reports/www.afp.com/gdpr-report-afp.com-2026-02-22.md +0 -202
- package/docs/reports/www.afp.com/gdpr-report-afp.com-2026-02-22.pdf +0 -0
- package/docs/reports/www.afp.com/modal-initial.png +0 -0
- /package/{docs → website/public}/style.css +0 -0
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
<title>gdpr-cookie-scanner — GDPR compliance auditor for cookie consent</title>
|
|
7
7
|
<meta
|
|
8
8
|
name="description"
|
|
9
|
-
content="Open-source CLI that audits websites for GDPR/RGPD cookie consent compliance using Playwright. Detects dark patterns, scores 4 compliance dimensions, and generates
|
|
9
|
+
content="Open-source CLI that audits websites for GDPR/RGPD cookie consent compliance using Playwright. Detects dark patterns, scores 4 compliance dimensions, and generates detailed HTML reports."
|
|
10
10
|
/>
|
|
11
11
|
<link rel="stylesheet" href="style.css" />
|
|
12
12
|
</head>
|
|
@@ -37,7 +37,7 @@
|
|
|
37
37
|
</h1>
|
|
38
38
|
<p class="hero-tagline">
|
|
39
39
|
Open-source CLI that scans any website for GDPR compliance — detects dark patterns, scores
|
|
40
|
-
4 regulatory dimensions, and generates ready-to-share
|
|
40
|
+
4 regulatory dimensions, and generates ready-to-share HTML reports.
|
|
41
41
|
</p>
|
|
42
42
|
|
|
43
43
|
<div class="install-block">
|
|
@@ -97,10 +97,10 @@
|
|
|
97
97
|
</div>
|
|
98
98
|
<div class="feature-card">
|
|
99
99
|
<div class="feature-icon">📄</div>
|
|
100
|
-
<h3>
|
|
100
|
+
<h3>Detailed HTML report</h3>
|
|
101
101
|
<p>
|
|
102
|
-
|
|
103
|
-
|
|
102
|
+
Full compliance report with score breakdown, dark pattern evidence, cookie inventory,
|
|
103
|
+
and IAB TCF analysis — ready to share or attach to an audit.
|
|
104
104
|
</p>
|
|
105
105
|
</div>
|
|
106
106
|
<div class="feature-card">
|
|
@@ -120,128 +120,166 @@
|
|
|
120
120
|
<div class="container">
|
|
121
121
|
<h2 class="section-title">Live GDPR reports</h2>
|
|
122
122
|
<p class="section-subtitle">
|
|
123
|
-
Real scans run on
|
|
123
|
+
Real scans run on Feb 2026. Click to open the full interactive HTML report.
|
|
124
124
|
</p>
|
|
125
125
|
<div class="reports-grid">
|
|
126
|
-
<!--
|
|
126
|
+
<!-- ── REPORTS_START ── -->
|
|
127
|
+
<!-- radiofrance.fr — 87/100 B -->
|
|
127
128
|
<div class="report-card">
|
|
128
129
|
<div class="report-header">
|
|
129
|
-
<div class="grade-badge grade-
|
|
130
|
+
<div class="grade-badge grade-B">B</div>
|
|
130
131
|
<div class="report-meta">
|
|
131
|
-
<h3>
|
|
132
|
-
<span class="score">
|
|
132
|
+
<h3>radiofrance.fr</h3>
|
|
133
|
+
<span class="score">87 / 100</span>
|
|
133
134
|
</div>
|
|
134
135
|
</div>
|
|
135
|
-
<p class="report-date">Scanned
|
|
136
|
+
<p class="report-date">Scanned 24 Feb 2026</p>
|
|
136
137
|
<a
|
|
137
138
|
class="btn btn-outline"
|
|
138
|
-
href="
|
|
139
|
-
target="_blank"
|
|
140
|
-
rel="noopener"
|
|
139
|
+
href="reports/www.radiofrance.fr/gdpr-report-radiofrance.fr-2026-02-24.html"
|
|
141
140
|
>
|
|
142
141
|
View report →
|
|
143
142
|
</a>
|
|
144
143
|
</div>
|
|
145
144
|
|
|
146
|
-
<!--
|
|
145
|
+
<!-- deezer.com — 80/100 B -->
|
|
147
146
|
<div class="report-card">
|
|
148
147
|
<div class="report-header">
|
|
149
|
-
<div class="grade-badge grade-
|
|
148
|
+
<div class="grade-badge grade-B">B</div>
|
|
150
149
|
<div class="report-meta">
|
|
151
|
-
<h3>
|
|
152
|
-
<span class="score">
|
|
150
|
+
<h3>deezer.com</h3>
|
|
151
|
+
<span class="score">80 / 100</span>
|
|
153
152
|
</div>
|
|
154
153
|
</div>
|
|
155
154
|
<p class="report-date">Scanned 22 Feb 2026</p>
|
|
156
155
|
<a
|
|
157
156
|
class="btn btn-outline"
|
|
158
|
-
href="
|
|
159
|
-
target="_blank"
|
|
160
|
-
rel="noopener"
|
|
157
|
+
href="reports/www.deezer.com/gdpr-report-deezer.com-2026-02-22.html"
|
|
161
158
|
>
|
|
162
159
|
View report →
|
|
163
160
|
</a>
|
|
164
161
|
</div>
|
|
165
162
|
|
|
166
|
-
<!--
|
|
163
|
+
<!-- backmarket.fr — 77/100 B -->
|
|
167
164
|
<div class="report-card">
|
|
168
165
|
<div class="report-header">
|
|
169
|
-
<div class="grade-badge grade-
|
|
166
|
+
<div class="grade-badge grade-B">B</div>
|
|
170
167
|
<div class="report-meta">
|
|
171
|
-
<h3>
|
|
172
|
-
<span class="score">
|
|
168
|
+
<h3>backmarket.fr</h3>
|
|
169
|
+
<span class="score">77 / 100</span>
|
|
173
170
|
</div>
|
|
174
171
|
</div>
|
|
175
|
-
<p class="report-date">Scanned
|
|
172
|
+
<p class="report-date">Scanned 24 Feb 2026</p>
|
|
176
173
|
<a
|
|
177
174
|
class="btn btn-outline"
|
|
178
|
-
href="
|
|
179
|
-
target="_blank"
|
|
180
|
-
rel="noopener"
|
|
175
|
+
href="reports/www.backmarket.fr/gdpr-report-backmarket.fr-2026-02-24.html"
|
|
181
176
|
>
|
|
182
177
|
View report →
|
|
183
178
|
</a>
|
|
184
179
|
</div>
|
|
185
180
|
|
|
186
|
-
<!--
|
|
181
|
+
<!-- france.tv — 71/100 C -->
|
|
187
182
|
<div class="report-card">
|
|
188
183
|
<div class="report-header">
|
|
189
184
|
<div class="grade-badge grade-C">C</div>
|
|
190
185
|
<div class="report-meta">
|
|
191
|
-
<h3>
|
|
192
|
-
<span class="score">
|
|
186
|
+
<h3>france.tv</h3>
|
|
187
|
+
<span class="score">71 / 100</span>
|
|
193
188
|
</div>
|
|
194
189
|
</div>
|
|
195
|
-
<p class="report-date">Scanned
|
|
190
|
+
<p class="report-date">Scanned 23 Feb 2026</p>
|
|
191
|
+
<a
|
|
192
|
+
class="btn btn-outline"
|
|
193
|
+
href="reports/www.france.tv/gdpr-report-france.tv-2026-02-23.html"
|
|
194
|
+
>
|
|
195
|
+
View report →
|
|
196
|
+
</a>
|
|
197
|
+
</div>
|
|
198
|
+
|
|
199
|
+
<!-- netflix.com — 71/100 C -->
|
|
200
|
+
<div class="report-card">
|
|
201
|
+
<div class="report-header">
|
|
202
|
+
<div class="grade-badge grade-C">C</div>
|
|
203
|
+
<div class="report-meta">
|
|
204
|
+
<h3>netflix.com</h3>
|
|
205
|
+
<span class="score">71 / 100</span>
|
|
206
|
+
</div>
|
|
207
|
+
</div>
|
|
208
|
+
<p class="report-date">Scanned 23 Feb 2026</p>
|
|
196
209
|
<a
|
|
197
210
|
class="btn btn-outline"
|
|
198
|
-
href="
|
|
199
|
-
target="_blank"
|
|
200
|
-
rel="noopener"
|
|
211
|
+
href="reports/www.netflix.com/gdpr-report-netflix.com-2026-02-23.html"
|
|
201
212
|
>
|
|
202
213
|
View report →
|
|
203
214
|
</a>
|
|
204
215
|
</div>
|
|
205
216
|
|
|
206
|
-
<!--
|
|
217
|
+
<!-- 20minutes.fr — 68/100 C -->
|
|
207
218
|
<div class="report-card">
|
|
208
219
|
<div class="report-header">
|
|
209
|
-
<div class="grade-badge grade-
|
|
220
|
+
<div class="grade-badge grade-C">C</div>
|
|
210
221
|
<div class="report-meta">
|
|
211
|
-
<h3>
|
|
212
|
-
<span class="score">
|
|
222
|
+
<h3>20minutes.fr</h3>
|
|
223
|
+
<span class="score">68 / 100</span>
|
|
213
224
|
</div>
|
|
214
225
|
</div>
|
|
215
226
|
<p class="report-date">Scanned 22 Feb 2026</p>
|
|
216
227
|
<a
|
|
217
228
|
class="btn btn-outline"
|
|
218
|
-
href="
|
|
219
|
-
target="_blank"
|
|
220
|
-
rel="noopener"
|
|
229
|
+
href="reports/www.20minutes.fr/gdpr-report-20minutes.fr-2026-02-22.html"
|
|
221
230
|
>
|
|
222
231
|
View report →
|
|
223
232
|
</a>
|
|
224
233
|
</div>
|
|
225
234
|
|
|
226
|
-
<!--
|
|
235
|
+
<!-- tf1.fr — 61/100 C -->
|
|
236
|
+
<div class="report-card">
|
|
237
|
+
<div class="report-header">
|
|
238
|
+
<div class="grade-badge grade-C">C</div>
|
|
239
|
+
<div class="report-meta">
|
|
240
|
+
<h3>tf1.fr</h3>
|
|
241
|
+
<span class="score">61 / 100</span>
|
|
242
|
+
</div>
|
|
243
|
+
</div>
|
|
244
|
+
<p class="report-date">Scanned 23 Feb 2026</p>
|
|
245
|
+
<a class="btn btn-outline" href="reports/www.tf1.fr/gdpr-report-tf1.fr-2026-02-23.html">
|
|
246
|
+
View report →
|
|
247
|
+
</a>
|
|
248
|
+
</div>
|
|
249
|
+
|
|
250
|
+
<!-- m6.fr — 58/100 C -->
|
|
251
|
+
<div class="report-card">
|
|
252
|
+
<div class="report-header">
|
|
253
|
+
<div class="grade-badge grade-C">C</div>
|
|
254
|
+
<div class="report-meta">
|
|
255
|
+
<h3>m6.fr</h3>
|
|
256
|
+
<span class="score">58 / 100</span>
|
|
257
|
+
</div>
|
|
258
|
+
</div>
|
|
259
|
+
<p class="report-date">Scanned 28 Feb 2026</p>
|
|
260
|
+
<a class="btn btn-outline" href="reports/www.m6.fr/gdpr-report-m6.fr-2026-02-28.html">
|
|
261
|
+
View report →
|
|
262
|
+
</a>
|
|
263
|
+
</div>
|
|
264
|
+
|
|
265
|
+
<!-- arte.tv — 53/100 D -->
|
|
227
266
|
<div class="report-card">
|
|
228
267
|
<div class="report-header">
|
|
229
268
|
<div class="grade-badge grade-D">D</div>
|
|
230
269
|
<div class="report-meta">
|
|
231
|
-
<h3>
|
|
232
|
-
<span class="score">
|
|
270
|
+
<h3>arte.tv</h3>
|
|
271
|
+
<span class="score">53 / 100</span>
|
|
233
272
|
</div>
|
|
234
273
|
</div>
|
|
235
|
-
<p class="report-date">Scanned
|
|
274
|
+
<p class="report-date">Scanned 24 Feb 2026</p>
|
|
236
275
|
<a
|
|
237
276
|
class="btn btn-outline"
|
|
238
|
-
href="
|
|
239
|
-
target="_blank"
|
|
240
|
-
rel="noopener"
|
|
277
|
+
href="reports/www.arte.tv/gdpr-report-arte.tv-2026-02-24.html"
|
|
241
278
|
>
|
|
242
279
|
View report →
|
|
243
280
|
</a>
|
|
244
281
|
</div>
|
|
282
|
+
<!-- ── REPORTS_END ── -->
|
|
245
283
|
</div>
|
|
246
284
|
</div>
|
|
247
285
|
</section>
|