@duckduckgo/autoconsent
This is a library of rules for navigating through common consent popups on the web. These rules can be run in a Chrome extension, or in a Playwright-orchestrated headless browser. Using these rules, opt-in and opt-out options can be selected automatically
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | encoded-string-file:dist/autoconsent.extra.cjs.js | AI (source-diff): Base64 strings are noop media stubs from @remusao/small; stable pattern across versions. | ai | |
| source-diff | encoded-string-file:dist/autoconsent.extra.esm.js | AI (source-diff): Same @remusao/small noop media stubs; benign and stable for this package. | ai | |
| semgrep | semgrep:dynamic-require | AI (semgrep): Fires in update_version.js (dev script only), loading a manifest file path — not a runtime arbitrary-module-load risk. | ai |
Versions (showing 36 of 36)
| Version | Deps | Published |
|---|---|---|
| 14.94.0 | 3 / 32 | |
| 14.93.0 | 3 / 32 | |
| 14.92.0 | 3 / 32 | |
| 14.91.0 | 3 / 32 | |
| 14.90.0 | 3 / 32 | |
| 14.89.0 | 3 / 32 | |
| 14.88.0 | 3 / 32 | |
| 14.87.0 | 3 / 32 | |
| 14.86.0 | 3 / 32 | |
| 14.85.5 | 3 / 32 | |
| 14.85.4 | 3 / 32 | |
| 14.85.3 | 3 / 32 | |
| 14.85.2 | 3 / 32 | |
| 14.85.1 | 3 / 32 | |
| 14.85.0 | 3 / 32 | |
| 14.84.2 | 3 / 32 | |
| 14.84.1 | 3 / 32 | |
| 14.84.0 | 3 / 32 | |
| 14.83.0 | 3 / 32 | |
| 14.82.0 | 3 / 32 | |
| 14.81.0 | 3 / 32 | |
| 14.80.0 | 3 / 32 | |
| 14.79.0 | 3 / 32 | |
| 14.78.0 | 3 / 32 | |
| 14.77.1 | 3 / 32 | |
| 14.77.0 | 3 / 32 | |
| 14.76.0 | 3 / 32 | |
| 14.75.0 | 3 / 32 | |
| 14.74.0 | 3 / 32 | |
| 14.73.0 | 3 / 32 | |
| 14.72.0 | 3 / 32 | |
| 14.71.0 | 3 / 32 | |
| 14.70.0 | 3 / 32 | |
| 14.69.0 | 3 / 32 | |
| 14.68.0 | 3 / 32 | |
| 14.67.0 | 3 / 32 |
v14.94.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.93.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.92.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.91.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.90.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.89.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.88.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.87.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.86.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.85.5
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.85.4
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.85.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.85.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.85.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.85.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.84.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.84.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.84.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.83.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.82.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.81.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.80.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.79.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.78.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.77.1
3 findingsModified file contains 4 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 4 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.77.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.76.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.75.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.74.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.73.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.72.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.71.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.70.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.69.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.68.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v14.67.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.