npm - prebid.js - Versions diffs - 7.51.0 → 7.52.0 - Mend

prebid.js 7.51.0 → 7.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (199) hide show

package/dist/33acrossBidAdapter.js +1 -1
package/dist/33acrossIdSystem.js +1 -1
package/dist/adagioBidAdapter.js +1 -1
package/dist/adbookpspBidAdapter.js +1 -1
package/dist/adgenerationBidAdapter.js +1 -1
package/dist/adqueryBidAdapter.js +1 -1
package/dist/adrelevantisBidAdapter.js +1 -1
package/dist/adriverIdSystem.js +1 -1
package/dist/adtrgtmeBidAdapter.js +1 -1
package/dist/adxcgBidAdapter.js +1 -1
package/dist/adyoulikeBidAdapter.js +1 -1
package/dist/ajaBidAdapter.js +1 -1
package/dist/allowActivities.js +1 -0
package/dist/amxBidAdapter.js +1 -1
package/dist/amxIdSystem.js +1 -1
package/dist/appierAnalyticsAdapter.js +1 -1
package/dist/appnexusBidAdapter.js +1 -1
package/dist/asoBidAdapter.js +1 -1
package/dist/axonixBidAdapter.js +1 -1
package/dist/bidglassBidAdapter.js +1 -1
package/dist/big-richmediaBidAdapter.js +1 -1
package/dist/bridgewellBidAdapter.js +1 -1
package/dist/brightMountainMediaBidAdapter.js +1 -1
package/dist/carodaBidAdapter.js +1 -1
package/dist/chtnwBidAdapter.js +1 -1
package/dist/concertBidAdapter.js +1 -1
package/dist/connectIdSystem.js +1 -1
package/dist/connectadBidAdapter.js +1 -1
package/dist/consumableBidAdapter.js +1 -1
package/dist/conversantAnalyticsAdapter.js +1 -1
package/dist/conversantBidAdapter.js +1 -1
package/dist/craftBidAdapter.js +1 -1
package/dist/criteoBidAdapter.js +1 -1
package/dist/cwireBidAdapter.js +1 -1
package/dist/dependencies.json +6 -0
package/dist/dspxBidAdapter.js +1 -1
package/dist/eplanningBidAdapter.js +1 -1
package/dist/feedadBidAdapter.js +1 -1
package/dist/finativeBidAdapter.js +1 -1
package/dist/freewheel-sspBidAdapter.js +1 -1
package/dist/gdprEnforcement.js +1 -1
package/dist/glimpseBidAdapter.js +1 -1
package/dist/gmosspBidAdapter.js +1 -1
package/dist/goldbachBidAdapter.js +1 -1
package/dist/greenbidsAnalyticsAdapter.js +1 -1
package/dist/greenbidsRtdProvider.js +1 -1
package/dist/gridBidAdapter.js +1 -1
package/dist/growthCodeRtdProvider.js +1 -0
package/dist/gumgumBidAdapter.js +1 -1
package/dist/h12mediaBidAdapter.js +1 -1
package/dist/id5IdSystem.js +1 -1
package/dist/improvedigitalBidAdapter.js +1 -1
package/dist/inmarBidAdapter.js +1 -1
package/dist/insticatorBidAdapter.js +1 -1
package/dist/ixBidAdapter.js +1 -1
package/dist/justpremiumBidAdapter.js +1 -1
package/dist/kargoBidAdapter.js +1 -1
package/dist/konduitAnalyticsAdapter.js +1 -1
package/dist/kueezBidAdapter.js +1 -1
package/dist/kueezRtbBidAdapter.js +1 -1
package/dist/kulturemediaBidAdapter.js +1 -1
package/dist/lassoBidAdapter.js +1 -1
package/dist/lifestreetBidAdapter.js +1 -1
package/dist/liveyieldAnalyticsAdapter.js +1 -1
package/dist/logicadBidAdapter.js +1 -1
package/dist/loglyliftBidAdapter.js +1 -1
package/dist/magniteAnalyticsAdapter.js +1 -1
package/dist/malltvAnalyticsAdapter.js +1 -1
package/dist/marsmediaBidAdapter.js +1 -1
package/dist/mediafuseBidAdapter.js +1 -1
package/dist/mediasquareBidAdapter.js +1 -1
package/dist/mgidBidAdapter.js +1 -1
package/dist/minutemediaBidAdapter.js +1 -1
package/dist/minutemediaplusBidAdapter.js +1 -1
package/dist/nexx360BidAdapter.js +1 -1
package/dist/not-for-prod/prebid.js +136 -132
package/dist/objectGuard.js +1 -0
package/dist/oguryBidAdapter.js +1 -1
package/dist/onetagBidAdapter.js +1 -1
package/dist/ooloAnalyticsAdapter.js +1 -1
package/dist/optidigitalBidAdapter.js +1 -1
package/dist/outbrainBidAdapter.js +1 -1
package/dist/oxxionAnalyticsAdapter.js +1 -0
package/dist/pairIdSystem.js +1 -1
package/dist/parrableIdSystem.js +1 -1
package/dist/pixfutureBidAdapter.js +1 -1
package/dist/prebid-core.js +1 -1
package/dist/publinkIdSystem.js +1 -1
package/dist/pubmaticBidAdapter.js +1 -1
package/dist/pubwiseAnalyticsAdapter.js +1 -1
package/dist/pxyzBidAdapter.js +1 -1
package/dist/quantcastBidAdapter.js +1 -1
package/dist/readpeakBidAdapter.js +1 -1
package/dist/relaidoBidAdapter.js +1 -1
package/dist/retailspotBidAdapter.js +1 -1
package/dist/rhythmoneBidAdapter.js +1 -1
package/dist/riseBidAdapter.js +1 -1
package/dist/rtdModule.js +1 -1
package/dist/rubiconAnalyticsAdapter.js +1 -1
package/dist/rubiconBidAdapter.js +1 -1
package/dist/seedingAllianceBidAdapter.js +1 -1
package/dist/seedtagBidAdapter.js +1 -1
package/dist/sharethroughAnalyticsAdapter.js +1 -1
package/dist/sharethroughBidAdapter.js +1 -1
package/dist/shinezBidAdapter.js +1 -1
package/dist/smaatoBidAdapter.js +1 -1
package/dist/smartadserverBidAdapter.js +1 -1
package/dist/smartxBidAdapter.js +1 -1
package/dist/smilewantedBidAdapter.js +1 -1
package/dist/sonobiBidAdapter.js +1 -1
package/dist/sovrnAnalyticsAdapter.js +1 -1
package/dist/sovrnBidAdapter.js +1 -1
package/dist/sspBCBidAdapter.js +1 -1
package/dist/stvBidAdapter.js +1 -1
package/dist/sublimeBidAdapter.js +1 -1
package/dist/synacormediaBidAdapter.js +1 -1
package/dist/targetVideoBidAdapter.js +1 -1
package/dist/teadsBidAdapter.js +1 -1
package/dist/trionBidAdapter.js +1 -1
package/dist/tripleliftBidAdapter.js +1 -1
package/dist/ttdBidAdapter.js +1 -1
package/dist/ucfunnelAnalyticsAdapter.js +1 -1
package/dist/uid2IdSystem.js +1 -1
package/dist/underdogmediaBidAdapter.js +1 -1
package/dist/undertoneBidAdapter.js +1 -1
package/dist/userId.js +1 -1
package/dist/vidazooBidAdapter.js +1 -1
package/dist/videobyteBidAdapter.js +1 -1
package/dist/visxBidAdapter.js +1 -1
package/dist/vuukleBidAdapter.js +1 -1
package/dist/widespaceBidAdapter.js +1 -1
package/dist/winrBidAdapter.js +1 -1
package/dist/yahoosspBidAdapter.js +1 -1
package/dist/yieldmoBidAdapter.js +1 -1
package/dist/yieldoneAnalyticsAdapter.js +1 -1
package/dist/zeta_global_sspBidAdapter.js +1 -1
package/integrationExamples/gpt/growthcode.html +20 -9
package/libraries/objectGuard/objectGuard.js +108 -0
package/libraries/objectGuard/ortbGuard.js +88 -0
package/modules/adgenerationBidAdapter.js +14 -5
package/modules/adriverIdSystem.js +1 -1
package/modules/allowActivities.js +74 -0
package/modules/connectIdSystem.js +89 -13
package/modules/connectIdSystem.md +4 -7
package/modules/criteoBidAdapter.js +9 -0
package/modules/gdprEnforcement.js +98 -169
package/modules/growthCodeRtdProvider.js +131 -0
package/modules/growthCodeRtdProvider.md +55 -0
package/modules/ixBidAdapter.js +5 -2
package/modules/oxxionAnalyticsAdapter.js +212 -0
package/modules/oxxionAnalyticsAdapter.md +33 -0
package/modules/pairIdSystem.js +6 -6
package/modules/rtdModule/index.js +12 -1
package/modules/sharethroughBidAdapter.js +2 -2
package/modules/smartadserverBidAdapter.js +5 -0
package/modules/stvBidAdapter.js +34 -1
package/modules/undertoneBidAdapter.js +9 -1
package/modules/userId/index.js +69 -41
package/modules/yahoosspBidAdapter.js +45 -3
package/modules/yahoosspBidAdapter.md +1 -1
package/modules/zeta_global_sspBidAdapter.js +1 -0
package/package.json +1 -1
package/src/activities/activities.js +47 -0
package/src/activities/activityParams.js +8 -0
package/src/activities/modules.js +1 -1
package/src/activities/params.js +59 -0
package/src/activities/redactor.js +157 -0
package/src/activities/rules.js +95 -0
package/src/adapterManager.js +45 -8
package/src/fpd/rootDomain.js +1 -1
package/src/prebid.js +1 -1
package/src/storageManager.js +57 -44
package/src/userSync.js +35 -18
package/test/spec/activities/allowActivites_spec.js +138 -0
package/test/spec/activities/objectGuard_spec.js +144 -0
package/test/spec/activities/ortbGuard_spec.js +140 -0
package/test/spec/activities/params_spec.js +25 -0
package/test/spec/activities/redactor_spec.js +296 -0
package/test/spec/activities/rules_spec.js +135 -0
package/test/spec/modules/adgenerationBidAdapter_spec.js +52 -12
package/test/spec/modules/connectIdSystem_spec.js +291 -23
package/test/spec/modules/criteoBidAdapter_spec.js +84 -0
package/test/spec/modules/gdprEnforcement_spec.js +127 -414
package/test/spec/modules/growthCodeRtdProvider_spec.js +127 -0
package/test/spec/modules/ixBidAdapter_spec.js +2 -1
package/test/spec/modules/oxxionAnalyticsAdapter_spec.js +324 -0
package/test/spec/modules/pairIdSystem_spec.js +16 -3
package/test/spec/modules/realTimeDataModule_spec.js +1 -1
package/test/spec/modules/sharethroughBidAdapter_spec.js +1 -1
package/test/spec/modules/smartadserverBidAdapter_spec.js +42 -0
package/test/spec/modules/stvBidAdapter_spec.js +13 -1
package/test/spec/modules/undertoneBidAdapter_spec.js +57 -1
package/test/spec/modules/userId_spec.js +80 -21
package/test/spec/modules/yahoosspBidAdapter_spec.js +103 -51
package/test/spec/modules/zeta_global_sspBidAdapter_spec.js +4 -0
package/test/spec/unit/core/adapterManager_spec.js +181 -1
package/test/spec/unit/core/storageManager_spec.js +76 -68
package/test/spec/unit/pbjs_api_spec.js +15 -25
package/test/spec/userSync_spec.js +45 -16

package/modules/connectIdSystem.js CHANGED Viewed

@@ -11,11 +11,16 @@ import {includes} from '../src/polyfill.js';
 import {getRefererInfo} from '../src/refererDetection.js';
 import {getStorageManager} from '../src/storageManager.js';
 import {formatQS, isPlainObject, logError, parseUrl} from '../src/utils.js';
-import {uspDataHandler} from '../src/adapterManager.js';
+import {uspDataHandler, gppDataHandler} from '../src/adapterManager.js';
 import {MODULE_TYPE_UID} from '../src/activities/modules.js';
 const MODULE_NAME = 'connectId';
-const STORAGE_EXPIRY_DAYS = 14;
+const STORAGE_EXPIRY_DAYS = 365;
+const STORAGE_DURATION = 60 * 60 * 24 * 1000 * STORAGE_EXPIRY_DAYS;
+const ID_EXPIRY_DAYS = 14;
+const VALID_ID_DURATION = 60 * 60 * 24 * 1000 * ID_EXPIRY_DAYS;
+const PUID_EXPIRY_DAYS = 30;
+const PUID_EXPIRY = 60 * 60 * 24 * 1000 * PUID_EXPIRY_DAYS;
 const VENDOR_ID = 25;
 const PLACEHOLDER = '__PIXEL_ID__';
 const UPS_ENDPOINT = `https://ups.analytics.yahoo.com/ups/${PLACEHOLDER}/fed`;
@@ -28,11 +33,11 @@ export const storage = getStorageManager({moduleType: MODULE_TYPE_UID, moduleNam
  * @param {Object} obj
  */
 function storeObject(obj) {
-  const expires = Date.now() + (60 * 60 * 24 * 1000 * STORAGE_EXPIRY_DAYS);
+  const expires = Date.now() + STORAGE_DURATION;
   if (storage.cookiesAreEnabled()) {
     setEtldPlusOneCookie(MODULE_NAME, JSON.stringify(obj), new Date(expires), getSiteHostname());
-  } else if (storage.localStorageIsEnabled()) {
-    obj.__expires = expires;
+  }
+  if (storage.localStorageIsEnabled()) {
     storage.setDataInLocalStorage(MODULE_NAME, JSON.stringify(obj));
   }
 }
@@ -75,7 +80,9 @@ function getIdFromLocalStorage() {
     if (storedIdData) {
       try {
         storedIdData = JSON.parse(storedIdData);
-      } catch {}
+      } catch (e) {
+        logError(`${MODULE_NAME} module: error while reading the local storage data.`);
+      }
       if (isPlainObject(storedIdData) && storedIdData.__expires &&
           storedIdData.__expires <= Date.now()) {
         storage.removeDataFromLocalStorage(MODULE_NAME);
@@ -87,6 +94,34 @@ function getIdFromLocalStorage() {
   return null;
 }
+function syncLocalStorageToCookie() {
+  if (!storage.cookiesAreEnabled()) {
+    return;
+  }
+  const value = getIdFromLocalStorage();
+  const newCookieExpireTime = Date.now() + STORAGE_DURATION;
+  setEtldPlusOneCookie(MODULE_NAME, JSON.stringify(value), new Date(newCookieExpireTime), getSiteHostname());
+}
+function isStale(storedIdData) {
+  if (isPlainObject(storedIdData) && storedIdData.lastSynced &&
+    (storedIdData.lastSynced + VALID_ID_DURATION) <= Date.now()) {
+    return true;
+  }
+  return false;
+}
+function getStoredId() {
+  let storedId = getIdFromCookie();
+  if (!storedId) {
+    storedId = getIdFromLocalStorage();
+    if (storedId && !isStale(storedId)) {
+      syncLocalStorageToCookie();
+    }
+  }
+  return storedId;
+}
 function getSiteHostname() {
   const pageInfo = parseUrl(getRefererInfo().page);
   return pageInfo.hostname;
@@ -127,16 +162,31 @@ export const connectIdSubmodule = {
       return;
     }
     const params = config.params || {};
-    if (!params || (typeof params.he !== 'string' && typeof params.puid !== 'string') ||
+    if (!params ||
         (typeof params.pixelId === 'undefined' && typeof params.endpoint === 'undefined')) {
-      logError(`${MODULE_NAME} module: configurataion requires the 'pixelId' and at ` +
-                `least one of the 'he' or 'puid' parameters to be defined.`);
+      logError(`${MODULE_NAME} module: configuration requires the 'pixelId'.`);
       return;
     }
-    const storedId = getIdFromCookie() || getIdFromLocalStorage();
+    const storedId = getStoredId();
+    let shouldResync = isStale(storedId);
     if (storedId) {
-      return {id: storedId};
+      if (isPlainObject(storedId) && storedId.puid && storedId.lastUsed && !params.puid &&
+        (storedId.lastUsed + PUID_EXPIRY) <= Date.now()) {
+        delete storedId.puid;
+        shouldResync = true;
+      }
+      if ((params.he && params.he !== storedId.he) ||
+        (params.puid && params.puid !== storedId.puid)) {
+        shouldResync = true;
+      }
+      if (!shouldResync) {
+        storedId.lastUsed = Date.now();
+        storeObject(storedId);
+        return {id: storedId};
+      }
     }
     const uspString = uspDataHandler.getConsentData() || '';
@@ -148,6 +198,14 @@ export const connectIdSubmodule = {
       us_privacy: uspString
     };
+    const gppConsent = gppDataHandler.getConsentData();
+    if (gppConsent) {
+      data.gpp = `${gppConsent.gppString ? gppConsent.gppString : ''}`;
+      if (Array.isArray(gppConsent.applicableSections)) {
+        data.gpp_sid = gppConsent.applicableSections.join(',');
+      }
+    }
     let topmostLocation = getRefererInfo().topmostLocation;
     if (typeof topmostLocation === 'string') {
       data.url = topmostLocation.split('?')[0];
@@ -159,6 +217,14 @@ export const connectIdSubmodule = {
       }
     });
+    const hashedEmail = params.he || storedId?.he;
+    if (hashedEmail) {
+      data.he = hashedEmail;
+    }
+    if (!data.puid && storedId?.puid) {
+      data.puid = storedId.puid;
+    }
     const resp = function (callback) {
       const callbacks = {
         success: response => {
@@ -166,7 +232,12 @@ export const connectIdSubmodule = {
           if (response) {
             try {
               responseObj = JSON.parse(response);
-              if (isPlainObject(responseObj) && Object.keys(responseObj).length > 0) {
+              if (isPlainObject(responseObj) && Object.keys(responseObj).length > 0 &&
+                 (!!responseObj.connectId || !!responseObj.connectid)) {
+                responseObj.he = params.he;
+                responseObj.puid = params.puid || responseObj.puid;
+                responseObj.lastSynced = Date.now();
+                responseObj.lastUsed = Date.now();
                 storeObject(responseObj);
               } else {
                 logError(`${MODULE_NAME} module: UPS response returned an invalid payload ${response}`);
@@ -186,7 +257,12 @@ export const connectIdSubmodule = {
       let url = `${params.endpoint || endpoint}?${formatQS(data)}`;
       connectIdSubmodule.getAjaxFn()(url, callbacks, null, {method: 'GET', withCredentials: true});
     };
-    return {callback: resp};
+    const result = {callback: resp};
+    if (shouldResync && storedId) {
+      result.id = storedId;
+    }
+    return result;
   },
   /**

package/modules/connectIdSystem.md CHANGED Viewed

@@ -2,6 +2,8 @@
 Yahoo ConnectID user ID Module.
+*Note: The storage config should be ommited as the module handles the storage of the needed information.
 ### Prebid Params
 ```
@@ -9,11 +11,6 @@ pbjs.setConfig({
     userSync: {
         userIds: [{
             name: 'connectId',
-            storage: {
-                name: 'connectId',
-                type: 'html5',
-                expires: 15
-            },
             params: {
                 pixelId: 58776,
                 he: '0bef996248d63cea1529cb86de31e9547a712d9f380146e98bbd39beec70355a'
@@ -31,5 +28,5 @@ The below parameters apply only to the Yahoo ConnectID user ID Module.
 | params | Required | Object | Container of all module params. ||
 | params.pixelId | Required | Number |
 The Yahoo-supplied publisher-specific pixel ID. | `"0000"` |
-| params.he | Optional | String | The SHA-256 hashed user email address which has been lowercased prior to hashing. Pass both `he` and `puid` params if present, otherwise pass either of the two that is available. |`"ed8ddbf5a171981db8ef938596ca297d5e3f84bcc280041c5880dba3baf9c1d4"`|
-| params.puid | Optional | String | The publisher supplied user identifier such as a first-party cookie. Pass both `he` and `puid` params if present, otherwise pass either of the two that is available. | `"ab9iibf5a231ii1db8ef911596ca297d5e3f84biii00041c5880dba3baf9c1da"` |
+| params.he | Optional | String | The SHA-256 hashed user email address which has been lowercased prior to hashing. |`"ed8ddbf5a171981db8ef938596ca297d5e3f84bcc280041c5880dba3baf9c1d4"`|
+| params.puid | Optional | String | A domain-specific user identifier such as a first-party cookie. If not passed, a puid value will be auto-generated and stored in local and / or cookie storage. | `"ab9iibf5a231ii1db8ef911596ca297d5e3f84biii00041c5880dba3baf9c1da"` |

package/modules/criteoBidAdapter.js CHANGED Viewed

@@ -541,6 +541,15 @@ function buildCdbRequest(context, bidRequests, bidderRequest) {
     request.user.ext = request.user.ext || {};
     request.user.ext.eids = [...userIdAsEids];
   }
+  if (bidderRequest && bidderRequest.ortb2?.bcat) {
+    request.bcat = bidderRequest.ortb2.bcat;
+  }
+  if (bidderRequest && bidderRequest.ortb2?.badv) {
+    request.badv = bidderRequest.ortb2.badv;
+  }
+  if (bidderRequest && bidderRequest.ortb2?.bapp) {
+    request.bapp = bidderRequest.ortb2.bapp;
+  }
   return request;
 }

package/modules/gdprEnforcement.js CHANGED Viewed

@@ -2,30 +2,42 @@
  * This module gives publishers extra set of features to enforce individual purposes of TCF v2
  */
-import {deepAccess, hasDeviceAccess, isArray, logError, logWarn} from '../src/utils.js';
+import {deepAccess, logError, logWarn} from '../src/utils.js';
 import {config} from '../src/config.js';
 import adapterManager, {gdprDataHandler} from '../src/adapterManager.js';
-import {find, includes} from '../src/polyfill.js';
-import {registerSyncInner} from '../src/adapters/bidderFactory.js';
+import {find} from '../src/polyfill.js';
 import {getHook} from '../src/hook.js';
-import {validateStorageEnforcement} from '../src/storageManager.js';
 import * as events from '../src/events.js';
 import CONSTANTS from '../src/constants.json';
 import {GDPR_GVLIDS, VENDORLESS_GVLID} from '../src/consentHandler.js';
 import {
   MODULE_TYPE_ANALYTICS,
   MODULE_TYPE_BIDDER,
-  MODULE_TYPE_CORE, MODULE_TYPE_RTD,
+  MODULE_TYPE_PREBID,
+  MODULE_TYPE_RTD,
   MODULE_TYPE_UID
 } from '../src/activities/modules.js';
+import {
+  ACTIVITY_PARAM_ANL_CONFIG,
+  ACTIVITY_PARAM_COMPONENT_NAME,
+  ACTIVITY_PARAM_COMPONENT_TYPE
+} from '../src/activities/params.js';
+import {registerActivityControl} from '../src/activities/rules.js';
+import {
+  ACTIVITY_ACCESS_DEVICE,
+  ACTIVITY_ENRICH_EIDS,
+  ACTIVITY_FETCH_BIDS,
+  ACTIVITY_REPORT_ANALYTICS,
+  ACTIVITY_SYNC_USER
+} from '../src/activities/activities.js';
 export const STRICT_STORAGE_ENFORCEMENT = 'strictStorageEnforcement';
 const TCF2 = {
-  'purpose1': { id: 1, name: 'storage' },
-  'purpose2': { id: 2, name: 'basicAds' },
-  'purpose7': { id: 7, name: 'measurement' }
-}
+  'purpose1': {id: 1, name: 'storage'},
+  'purpose2': {id: 2, name: 'basicAds'},
+  'purpose7': {id: 7, name: 'measurement'}
+};
 /*
   These rules would be used if `consentManagement.gdpr.rules` is undefined by the publisher.
@@ -48,9 +60,9 @@ export let purpose7Rule;
 export let enforcementRules;
-const storageBlocked = [];
-const biddersBlocked = [];
-const analyticsBlocked = [];
+const storageBlocked = new Set();
+const biddersBlocked = new Set();
+const analyticsBlocked = new Set();
 let hooksAdded = false;
 let strictStorageEnforcement = false;
@@ -62,6 +74,9 @@ const GVLID_LOOKUP_PRIORITY = [
   MODULE_TYPE_RTD
 ];
+const RULE_NAME = 'TCF2';
+const RULE_HANDLES = [];
 /**
  * Retrieve a module's GVL ID.
  */
@@ -73,7 +88,7 @@ export function getGvlid(moduleType, moduleName, fallbackFn) {
     // Return GVL ID from user defined gvlMapping
     if (gvlMapping && gvlMapping[moduleName]) {
       return gvlMapping[moduleName];
-    } else if (moduleType === MODULE_TYPE_CORE) {
+    } else if (moduleType === MODULE_TYPE_PREBID) {
       return VENDORLESS_GVLID;
     } else {
       let {gvlid, modules} = GDPR_GVLIDS.get(moduleName);
@@ -83,8 +98,8 @@ export function getGvlid(moduleType, moduleName, fallbackFn) {
         for (const type of GVLID_LOOKUP_PRIORITY) {
           if (modules.hasOwnProperty(type)) {
             gvlid = modules[type];
-            if (type !== moduleType && !fallbackFn) {
-              logWarn(`Multiple GVL IDs found for module '${moduleName}'; using the ${type} module's ID (${gvlid}) instead of the ${moduleType}'s ID (${modules[moduleType]})`)
+            if (type !== moduleType) {
+              logWarn(`Multiple GVL IDs found for module '${moduleName}'; using the ${type} module's ID (${gvlid}) instead of the ${moduleType}'s ID (${modules[moduleType]})`);
             }
             break;
           }
@@ -109,9 +124,9 @@ export function getGvlidFromAnalyticsAdapter(code, config) {
     try {
       return gvlid.call(adapter.adapter, config);
     } catch (e) {
-      logError(`Error invoking ${code} adapter.gvlid()`, e)
+      logError(`Error invoking ${code} adapter.gvlid()`, e);
     }
-  })(adapter?.adapter?.gvlid)
+  })(adapter?.adapter?.gvlid);
 }
 export function shouldEnforce(consentData, purpose, name) {
@@ -120,7 +135,7 @@ export function shouldEnforce(consentData, purpose, name) {
     // NOTE: this check is not foolproof, as when Prebid first loads, enforcement hooks have not been attached yet
     // This piece of code would not run at all, and `gdprDataHandler.enabled` would be false, until the first
     // `setConfig({consentManagement})`
-    logWarn(`Attempting operation that requires purpose ${purpose} consent while consent data is not available${name ? ` (module: ${name})` : ''}. Assuming no consent was given.`)
+    logWarn(`Attempting operation that requires purpose ${purpose} consent while consent data is not available${name ? ` (module: ${name})` : ''}. Assuming no consent was given.`);
     return true;
   }
   return consentData && consentData.gdprApplies;
@@ -142,7 +157,7 @@ export function validateRules(rule, consentData, currentModule, gvlId) {
   if ((rule.vendorExceptions || []).includes(currentModule)) {
     return true;
   }
-  const vendorConsentRequred = !((gvlId === VENDORLESS_GVLID || (rule.softVendorExceptions || []).includes(currentModule)))
+  const vendorConsentRequred = !((gvlId === VENDORLESS_GVLID || (rule.softVendorExceptions || []).includes(currentModule)));
   // get data from the consent string
   const purposeConsent = deepAccess(consentData, `vendorData.purpose.consents.${purposeId}`);
@@ -169,170 +184,80 @@ export function validateRules(rule, consentData, currentModule, gvlId) {
 }
 /**
- * This hook checks whether module has permission to access device or not. Device access include cookie and local storage
+ * all activity rules follow the same structure:
+ * if GDPR is in scope, check configuration for a particular purpose, and if that enables enforcement,
+ * check against consent data for that purpose and vendor
  *
- * @param {Function} fn reference to original function (used by hook logic)
- * @param {string} moduleType type of the module
- * @param {string=} moduleName name of the module
- * @param result
- * @param validate
+ * @param purposeNo TCF purpose number to check for this activity
+ * @param getEnforcementRule getter for gdprEnforcement rule definition to use
+ * @param blocked optional set to use for collecting denied vendors
+ * @param gvlidFallback optional factory function for a gvlid falllback function
  */
-export function deviceAccessHook(fn, moduleType, moduleName, result, {validate = validateRules} = {}) {
-  result = Object.assign({}, {
-    hasEnforcementHook: true
-  });
-  if (!hasDeviceAccess()) {
-    logWarn('Device access is disabled by Publisher');
-    result.valid = false;
-  } else if (moduleType === MODULE_TYPE_CORE && !strictStorageEnforcement) {
-    // for vendorless (core) storage, do not enforce rules unless strictStorageEnforcement is set
-    result.valid = true;
-  } else {
+function gdprRule(purposeNo, getEnforcementRule, blocked = null, gvlidFallback = () => null) {
+  return function (params) {
     const consentData = gdprDataHandler.getConsentData();
-    let gvlid;
-    if (shouldEnforce(consentData, 1, moduleName)) {
-      const curBidder = config.getCurrentBidder();
-      // Bidders have a copy of storage object with bidder code binded. Aliases will also pass the same bidder code when invoking storage functions and hence if alias tries to access device we will try to grab the gvl id for alias instead of original bidder
-      if (curBidder && (curBidder !== moduleName) && adapterManager.aliasRegistry[curBidder] === moduleName) {
-        gvlid = getGvlid(moduleType, curBidder);
-      } else {
-        gvlid = getGvlid(moduleType, moduleName)
-      }
-      const curModule = moduleName || curBidder;
-      let isAllowed = validate(purpose1Rule, consentData, curModule, gvlid,);
-      if (isAllowed) {
-        result.valid = true;
-      } else {
-        curModule && logWarn(`TCF2 denied device access for ${curModule}`);
-        result.valid = false;
-        storageBlocked.push(curModule);
+    const modName = params[ACTIVITY_PARAM_COMPONENT_NAME];
+    if (shouldEnforce(consentData, purposeNo, modName)) {
+      const gvlid = getGvlid(params[ACTIVITY_PARAM_COMPONENT_TYPE], modName, gvlidFallback(params));
+      let allow = !!validateRules(getEnforcementRule(), consentData, modName, gvlid);
+      if (!allow) {
+        blocked && blocked.add(modName);
+        return {allow};
       }
-    } else {
-      result.valid = true;
     }
-  }
-  fn.call(this, moduleType, moduleName, result);
+  };
 }
-/**
- * This hook checks if a bidder has consent for user sync or not
- * @param {Function} fn reference to original function (used by hook logic)
- * @param  {...any} args args
- */
-export function userSyncHook(fn, ...args) {
-  const consentData = gdprDataHandler.getConsentData();
-  const curBidder = config.getCurrentBidder();
-  if (shouldEnforce(consentData, 1, curBidder)) {
-    const gvlid = getGvlid(MODULE_TYPE_BIDDER, curBidder);
-    let isAllowed = validateRules(purpose1Rule, consentData, curBidder, gvlid);
-    if (isAllowed) {
-      fn.call(this, ...args);
-    } else {
-      logWarn(`User sync not allowed for ${curBidder}`);
-      storageBlocked.push(curBidder);
-    }
-  } else {
-    fn.call(this, ...args);
-  }
-}
+export const accessDeviceRule = ((rule) => {
+  return function (params) {
+    // for vendorless (core) storage, do not enforce rules unless strictStorageEnforcement is set
+    if (params[ACTIVITY_PARAM_COMPONENT_TYPE] === MODULE_TYPE_PREBID && !strictStorageEnforcement) return;
+    return rule(params);
+  };
+})(gdprRule(1, () => purpose1Rule, storageBlocked));
+export const syncUserRule = gdprRule(1, () => purpose1Rule, storageBlocked);
+export const enrichEidsRule = gdprRule(1, () => purpose1Rule, storageBlocked);
-/**
- * This hook checks if user id module is given consent or not
- * @param {Function} fn reference to original function (used by hook logic)
- * @param  {Submodule[]} submodules Array of user id submodules
- * @param {Object} consentData GDPR consent data
- */
 export function userIdHook(fn, submodules, consentData) {
+  // TODO: remove this in v8 (https://github.com/prebid/Prebid.js/issues/9766)
   if (shouldEnforce(consentData, 1, 'User ID')) {
-    let userIdModules = submodules.map((submodule) => {
-      const moduleName = submodule.submodule.name;
-      const gvlid = getGvlid(MODULE_TYPE_UID, moduleName);
-      let isAllowed = validateRules(purpose1Rule, consentData, moduleName, gvlid);
-      if (isAllowed) {
-        return submodule;
-      } else {
-        logWarn(`User denied permission to fetch user id for ${moduleName} User id module`);
-        storageBlocked.push(moduleName);
-      }
-      return undefined;
-    }).filter(module => module)
-    fn.call(this, userIdModules, { ...consentData, hasValidated: true });
+    fn.call(this, submodules, {...consentData, hasValidated: true});
   } else {
     fn.call(this, submodules, consentData);
   }
 }
-/**
- * Checks if bidders are allowed in the auction.
- * Enforces "purpose 2 (Basic Ads)" of TCF v2.0 spec
- * @param {Function} fn - Function reference to the original function.
- * @param {Array<adUnits>} adUnits
- */
-export function makeBidRequestsHook(fn, adUnits, ...args) {
-  const consentData = gdprDataHandler.getConsentData();
-  if (shouldEnforce(consentData, 2)) {
-    adUnits.forEach(adUnit => {
-      adUnit.bids = adUnit.bids.filter(bid => {
-        const currBidder = bid.bidder;
-        const gvlId = getGvlid(MODULE_TYPE_BIDDER, currBidder);
-        if (includes(biddersBlocked, currBidder)) return false;
-        const isAllowed = !!validateRules(purpose2Rule, consentData, currBidder, gvlId);
-        if (!isAllowed) {
-          logWarn(`TCF2 blocked auction for ${currBidder}`);
-          biddersBlocked.push(currBidder);
-        }
-        return isAllowed;
-      });
-    });
-    fn.call(this, adUnits, ...args);
-  } else {
-    fn.call(this, adUnits, ...args);
-  }
-}
-/**
- * Checks if Analytics adapters are allowed to send data to their servers for furhter processing.
- * Enforces "purpose 7 (Measurement)" of TCF v2.0 spec
- * @param {Function} fn - Function reference to the original function.
- * @param {Array<AnalyticsAdapterConfig>} config - Configuration object passed to pbjs.enableAnalytics()
- */
-export function enableAnalyticsHook(fn, config) {
-  const consentData = gdprDataHandler.getConsentData();
-  if (shouldEnforce(consentData, 7, 'Analytics')) {
-    if (!isArray(config)) {
-      config = [config]
+export const fetchBidsRule = ((rule) => {
+  return function (params) {
+    if (params[ACTIVITY_PARAM_COMPONENT_TYPE] !== MODULE_TYPE_BIDDER) {
+      // TODO: this special case is for the PBS adapter (componentType is 'prebid')
+      // we should check for generic purpose 2 consent & vendor consent based on the PBS vendor's GVL ID;
+      // that is, however, a breaking change and skipped for now
+      return;
     }
-    config = config.filter(conf => {
-      const analyticsAdapterCode = conf.provider;
-      const gvlid = getGvlid(MODULE_TYPE_ANALYTICS, analyticsAdapterCode, () => getGvlidFromAnalyticsAdapter(analyticsAdapterCode, conf));
-      const isAllowed = !!validateRules(purpose7Rule, consentData, analyticsAdapterCode, gvlid);
-      if (!isAllowed) {
-        analyticsBlocked.push(analyticsAdapterCode);
-        logWarn(`TCF2 blocked analytics adapter ${conf.provider}`);
-      }
-      return isAllowed;
-    });
-    fn.call(this, config);
-  } else {
-    fn.call(this, config);
-  }
-}
+    return rule(params);
+  };
+})(gdprRule(2, () => purpose2Rule, biddersBlocked));
+export const reportAnalyticsRule = gdprRule(7, () => purpose7Rule, analyticsBlocked, (params) => getGvlidFromAnalyticsAdapter(params[ACTIVITY_PARAM_COMPONENT_NAME], params[ACTIVITY_PARAM_ANL_CONFIG]));
 /**
  * Compiles the TCF2.0 enforcement results into an object, which is emitted as an event payload to "tcf2Enforcement" event.
  */
 function emitTCF2FinalResults() {
   // remove null and duplicate values
-  const formatArray = function (arr) {
-    return arr.filter((i, k) => i !== null && arr.indexOf(i) === k);
-  }
+  const formatSet = function (st) {
+    return Array.from(st.keys()).filter(el => el != null);
+  };
   const tcf2FinalResults = {
-    storageBlocked: formatArray(storageBlocked),
-    biddersBlocked: formatArray(biddersBlocked),
-    analyticsBlocked: formatArray(analyticsBlocked)
+    storageBlocked: formatSet(storageBlocked),
+    biddersBlocked: formatSet(biddersBlocked),
+    analyticsBlocked: formatSet(analyticsBlocked)
   };
   events.emit(CONSTANTS.EVENTS.TCF2_ENFORCEMENT, tcf2FinalResults);
+  [storageBlocked, biddersBlocked, analyticsBlocked].forEach(el => el.clear());
 }
 events.on(CONSTANTS.EVENTS.AUCTION_END, emitTCF2FinalResults);
@@ -340,9 +265,15 @@ events.on(CONSTANTS.EVENTS.AUCTION_END, emitTCF2FinalResults);
 /*
   Set of callback functions used to detect presence of a TCF rule, passed as the second argument to find().
 */
-const hasPurpose1 = (rule) => { return rule.purpose === TCF2.purpose1.name }
-const hasPurpose2 = (rule) => { return rule.purpose === TCF2.purpose2.name }
-const hasPurpose7 = (rule) => { return rule.purpose === TCF2.purpose7.name }
+const hasPurpose1 = (rule) => {
+  return rule.purpose === TCF2.purpose1.name;
+};
+const hasPurpose2 = (rule) => {
+  return rule.purpose === TCF2.purpose2.name;
+};
+const hasPurpose7 = (rule) => {
+  return rule.purpose === TCF2.purpose7.name;
+};
 /**
  * A configuration function that initializes some module variables, as well as adds hooks
@@ -373,27 +304,25 @@ export function setEnforcementConfig(config) {
   if (!hooksAdded) {
     if (purpose1Rule) {
       hooksAdded = true;
-      validateStorageEnforcement.before(deviceAccessHook, 49);
-      registerSyncInner.before(userSyncHook, 48);
-      // Using getHook as user id and gdprEnforcement are both optional modules. Using import will auto include the file in build
+      RULE_HANDLES.push(registerActivityControl(ACTIVITY_ACCESS_DEVICE, RULE_NAME, accessDeviceRule));
+      RULE_HANDLES.push(registerActivityControl(ACTIVITY_SYNC_USER, RULE_NAME, syncUserRule));
+      RULE_HANDLES.push(registerActivityControl(ACTIVITY_ENRICH_EIDS, RULE_NAME, enrichEidsRule));
+      // TODO: remove this hook in v8 (https://github.com/prebid/Prebid.js/issues/9766)
       getHook('validateGdprEnforcement').before(userIdHook, 47);
     }
     if (purpose2Rule) {
-      getHook('makeBidRequests').before(makeBidRequestsHook);
+      RULE_HANDLES.push(registerActivityControl(ACTIVITY_FETCH_BIDS, RULE_NAME, fetchBidsRule));
     }
     if (purpose7Rule) {
-      getHook('enableAnalyticsCb').before(enableAnalyticsHook);
+      RULE_HANDLES.push(registerActivityControl(ACTIVITY_REPORT_ANALYTICS, RULE_NAME, reportAnalyticsRule));
     }
   }
 }
 export function uninstall() {
+  while (RULE_HANDLES.length) RULE_HANDLES.pop()();
   [
-    validateStorageEnforcement.getHooks({hook: deviceAccessHook}),
-    registerSyncInner.getHooks({hook: userSyncHook}),
     getHook('validateGdprEnforcement').getHooks({hook: userIdHook}),
-    getHook('makeBidRequests').getHooks({hook: makeBidRequestsHook}),
-    getHook('enableAnalyticsCb').getHooks({hook: enableAnalyticsHook}),
   ].forEach(hook => hook.remove());
   hooksAdded = false;
 }