Skip to content

feat(audience): automatic CMP consent detection (GCM v2 + IAB TCF)#2842

Merged
bkbooth merged 7 commits intomainfrom
claude/adoring-black
Apr 10, 2026
Merged

feat(audience): automatic CMP consent detection (GCM v2 + IAB TCF)#2842
bkbooth merged 7 commits intomainfrom
claude/adoring-black

Conversation

@bkbooth
Copy link
Copy Markdown
Contributor

@bkbooth bkbooth commented Apr 9, 2026

Summary

  • Add consentMode: 'auto' init option to the pixel for automatic consent detection from existing CMPs on the page
  • Implement Google Consent Mode v2 detection (reads window.dataLayer, intercepts dataLayer.push for real-time updates)
  • Implement IAB TCF v2 detection (reads window.__tcfapi, registers addEventListener for consent changes)
  • CMP detection module lives in @imtbl/audience-core so the web SDK can reuse it
  • Polls up to 3 times over ~2.4s for async CMP loading, then listens for mid-session consent changes
  • Bundle size: 4.77 KB gzipped (well under 10KB budget)

Consent mapping

CMP signal Pixel consent level
analytics_storage: 'denied' / no Purpose 1 none
analytics_storage: 'granted' + ad_storage: 'denied' / Purpose 1 only anonymous
analytics_storage: 'granted' + ad_storage: 'granted' / Purpose 1 + 3/4/5 full

De-scoped

Direct CMP integrations (OneTrust, Cookiebot) moved out of scope — GCM + TCF cover the vast majority of deployments since both OneTrust and Cookiebot fire Google Consent Mode updates. Context preserved on SDK-87 for a future issue.

Test plan

  • 29 CMP unit tests (GCM mapping, TCF mapping, priority chain, polling, cleanup, consent change callbacks)
  • 8 pixel integration tests for consentMode: 'auto' (deferred page view, CMP upgrade/downgrade, teardown)
  • All 192 tests passing (119 core + 73 pixel)
  • Bundle size verified: 4.77 KB gzipped (max 10 KB)

Refs: SDK-87

🤖 Generated with Claude Code

@bkbooth @claude
feat(audience): automatic CMP consent detection (Google Consent Mode …
eb98625 
…v2 + IAB TCF)

Add consentMode: 'auto' init option to the pixel that auto-detects consent
from existing Consent Management Platforms on the page, removing the need
for studios to write custom JS to wire up consent.

Supported CMPs:
- Google Consent Mode v2 (via window.dataLayer) — covers OneTrust, Cookiebot,
  TrustArc, Didomi, Osano and most major CMPs
- IAB TCF v2 (via window.__tcfapi) — vendor-agnostic standard for EU markets

Detection polls up to 3 times over ~2.4s for async CMP loading, then
registers listeners for real-time consent changes mid-session.

CMP detection lives in @imtbl/audience-core so the web SDK can reuse it.

Refs: SDK-87

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@bkbooth bkbooth requested a review from a team as a code owner April 9, 2026 06:36
@bkbooth @claude
Merge origin/main into claude/adoring-black
2186342 
Resolve conflict in pixel.ts: include both CmpDetector and IdentityType
type imports. Update consentMode test assertion for new
createConsentManager signature (added httpSend param).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@nx-cloud
Copy link
Copy Markdown

nx-cloud bot commented Apr 9, 2026
edited
Loading

View your CI Pipeline Execution ↗ for commit 1e79fce

Command Status Duration Result
nx run-many -p @imtbl/sdk,@imtbl/checkout-widge... ✅ Succeeded 2s View ↗

☁️ Nx Cloud last updated this comment at 2026-04-10 04:44:41 UTC

@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 9, 2026
edited
Loading

✅ Pixel Bundle Size — @imtbl/pixel

Metric Size Delta vs main
Gzipped 5516 bytes (5.38 KB) +619 bytes
Raw (minified) 15165 bytes +1897 bytes

Budget: 10.00 KB gzipped (warn at 8.00 KB)

@bkbooth @claude
fix(audience): fix eslint errors in CMP module
e66df76 
Add eslint-disable for no-underscore-dangle on __tcfapi (external API name).
Fix object-curly-newline formatting in test file.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
nattb8
nattb8 reviewed Apr 9, 2026
View reviewed changes
nattb8
nattb8 reviewed Apr 9, 2026
View reviewed changes
nattb8
nattb8 reviewed Apr 9, 2026
View reviewed changes
nattb8
nattb8 reviewed Apr 9, 2026
View reviewed changes
bkbooth and others added 3 commits April 10, 2026 11:28
@bkbooth
Merge remote-tracking branch 'origin/main' into claude/adoring-black
da9c5d0
@bkbooth @claude
fix(audience): address PR review feedback for CMP consent detection
9423916 
- Add onTimeout callback to startCmpDetection for distinguishing
  "CMP said none" from "no CMP found"
- Use else-if to prevent duplicate page view when CMP detects synchronously
- Replace sessionId guard with initialPageViewFired flag for reliable
  deferred page view tracking
- Narrow consentMode type to literal 'auto' (remove ConsentLevel union)
- Add setConsent() deferred page view as fallback for failed CMP detection
- Update tests for all fixes

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@bkbooth @claude
test(pixel): improve setConsent tests for deferred page view behavior
2fc8664 
Replace weak setConsent test with two precise tests that verify:
- setConsent auto-fires the deferred initial page view on consent upgrade
- Repeated setConsent calls don't fire duplicate page views

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@bkbooth bkbooth enabled auto-merge April 10, 2026 04:23
@bkbooth bkbooth added this pull request to the merge queue Apr 10, 2026
Merged via the queue into main with commit 05eafd9 Apr 10, 2026
11 of 12 checks passed
@bkbooth bkbooth deleted the claude/adoring-black branch April 10, 2026 04:58
@bkbooth bkbooth mentioned this pull request Apr 10, 2026
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nattb8 nattb8 nattb8 approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bkbooth @nattb8