
Research
Security News
Malicious npm Package Wipes Codebases with Remote Trigger
A malicious npm typosquat uses remote commands to silently delete entire project directories after a single mistyped install.
@axeptio/react-native-sdk
Advanced tools
Axeptio react native sdk for presenting cookies consent to the user
This repository demonstrates how to implement the Axeptio React Native SDK in your mobile applications.
This example can be compiled with brands or publishers given your requirements.
npm install --save @axeptio/react-native-sdk
// or
yarn add @axeptio/react-native-sdk
android/build.gradle
(at the root level of the .gradle file)repositories {
maven {
url = uri("https://maven.pkg.github.com/axeptio/axeptio-android-sdk")
credentials {
username = "[GITHUB_USERNAME]"
password = "[GITHUB_TOKEN]"
}
}
}
We support iOS versions >= 15.
npx pod-install
The sdk do not manage App Tracking Transparency, you can find more information there.
You can find a basic usage of the Axeptio SDK in the example
folder.
Read the specific documentation.
The SDK can be configured for either brands or publishers via the AxeptioService enum during initialization.
async function init() {
await AxeptioSDK.initialize(
AxeptioService.brands, // or AxeptioService.tcfPublishers
[your_client_id],
[your_cookies_version],
[optional_consent_token]
);
await AxeptioSDK.setupUI();
}
The Axeptio SDK does not ask for the user permission for tracking in the ATT framework and it is the responsibility of the app to do so and to decide how the Axeptio CMP and the ATT permission should coexist.
Your app must follow Apple's guidelines for disclosing the data collected by your app and asking for the user's permission for tracking.
To manage App Tracking Transparency, you can use the react-native-tracking-transparency widget.
First, install it
npm install --save react-native-tracking-transparency
// or
yarn react-native-tracking-transparency
Add NSUserTrackingUsageDescription
to your Info.plist add file
<key>NSUserTrackingUsageDescription</key>
<string>Explain why you need user tracking</string>
You can now manage ATT popup before setup UI
let trackingStatus = await getTrackingStatus();
if (trackingStatus === 'not-determined') {
trackingStatus = await requestTrackingPermission();
}
if (trackingStatus === 'denied') {
await AxeptioSDK.setUserDeniedTracking();
} else {
await AxeptioSDK.setupUI();
}
The Axeptio SDK and your mobile application have distinct responsibilities in managing user consent and tracking:
The SDK does not automatically handle ATT permissions - this must be explicitly managed by the host application as shown in the implementation examples above.
You can retrieve the consents that are stored by the SDK in UserDefaults/SharedPreferences.
To access UserDefaults/SharedPreferences, you can use the library for example.
For detailed information about stored values and cookies, please refer to the Axeptio documentation.
Additionally, you can request the consent popup to open on demand.
AxeptioSdk.showConsentScreen();
This feature is only available for publishers service.
The SDK provides a helper function to append the axeptio_token
query param to any URL.
You can precise a custom user token or use the one currently stored in the SDK.
const token = await AxeptioSdk.getAxeptioToken();
const url = await AxeptioSdk.appendAxeptioTokenURL(
'https://myurl.com',
token
);
Will return https://myurl.com?axeptio_token=[token]
AxeptioSdk.clearConsent();
The Axeptio SDK triggers various events to notify you that the user has taken some action.
We provide an AxeptioEventListener
class that can be use to catch events. Don't forget to add this listener to AxeptioSdk, as below.
const listener: AxeptioEventListener = {
onPopupClosedEvent: () => {
// Retrieve consents from UserDefaults/SharedPreferences
// Check user preferences
// Run external process/services according user consents
},
onGoogleConsentModeUpdate: (_consents) => {
// The Google Consent V2 status
// Do something
},
};
AxeptioSDK.addListener(listener);
FAQs
Axeptio react native sdk for presenting cookies consent to the user
The npm package @axeptio/react-native-sdk receives a total of 198 weekly downloads. As such, @axeptio/react-native-sdk popularity was classified as not popular.
We found that @axeptio/react-native-sdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm typosquat uses remote commands to silently delete entire project directories after a single mistyped install.
Research
Security News
Malicious PyPI package semantic-types steals Solana private keys via transitive dependency installs using monkey patching and blockchain exfiltration.
Security News
New CNA status enables OpenJS Foundation to assign CVEs for security vulnerabilities in projects like ESLint, Fastify, Electron, and others, while leaving disclosure responsibility with individual maintainers.