Prebid 10.20.0 + potential fix for adRenderFailed (#273)

* Attekmi: add Anzu alias (#13950)

Co-authored-by: Victor <victor.banudz@smart-hub.io>

* Bump @types/google-publisher-tag from 1.20250811.0 to 1.20250811.1 (#13948)

Bumps [@types/google-publisher-tag](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-publisher-tag) from 1.20250811.0 to 1.20250811.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-publisher-tag)

---
updated-dependencies:
- dependency-name: "@types/google-publisher-tag"
  dependency-version: 1.20250811.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump url from 0.11.3 to 0.11.4 (#13947)

Bumps [url](https://github.com/defunctzombie/node-url) from 0.11.3 to 0.11.4.
- [Commits](https://github.com/defunctzombie/node-url/compare/v0.11.3...v0.11.4)

---
updated-dependencies:
- dependency-name: url
  dependency-version: 0.11.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Semantiq RTD Provider: fix outdated cache (#13910)

Change the storage to session storage to prevent the use of data built on the outdated Semantiq configuration.

* Advertising Bid Adapter: Update the regex while parsing bid.impid to support the change to UUID format for bid ids (#13879)

* Bump webdriverio from 9.19.1 to 9.20.0 (#13949)

Bumps [webdriverio](https://github.com/webdriverio/webdriverio/tree/HEAD/packages/webdriverio) from 9.19.1 to 9.20.0.
- [Release notes](https://github.com/webdriverio/webdriverio/releases)
- [Changelog](https://github.com/webdriverio/webdriverio/blob/main/CHANGELOG.md)
- [Commits](https://github.com/webdriverio/webdriverio/commits/v9.20.0/packages/webdriverio)

---
updated-dependencies:
- dependency-name: webdriverio
  dependency-version: 9.20.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fluctBidAdapter: add-im-rtd-segment data (#13687)

* [fluctBidAdapter] add-im-rtd-segment data

* fix space

* Update atsAnalyticsAdapter.js (#13877)

* Screencore Bid Adapter : initial release (#13833)

* Screencore prebid adapter

* rearrange code

* use lowercase screncore bidder code

* fix tests

* update tests

* trigger CI

* Rimozione campi da adapter Prebid.js (#13956)

Co-authored-by: robin-crazygames <robin@crazygames.com>

* Adding code reviewer assignment workflow (#13954)

* Increment version to 10.13.0-pre

* Prebid 10.12.0 release

* NexMillennium: Added support for some openrtb parameters (#13927)

* fixed typos end changed test endpoint

* changed report endpoint

* fixed tests

* fixed tests

* added support some new pameters for openrtb 2.6

* set version 4.5.0

* save

* Update permissions for code reviewer workflow (#13960)

* Yieldmo Bidder: TDID object not being passed correctly (#13958)

* update

* updates

* add in test

* userId: fix bug with encryptedSignalSources and GPT secureSignalProviders (#13953)

* userId: fix bug with encryptedSignalSources and GPT secureSignalProviders

* clean up tests

* fix tests

* Core: Update Permissions for Code Reviewer Automation (#13962)

* Volunteers use team and update access token

* Core: Update Code Reviewer Automation to Trigger from Pull Request Target (#13966)

* Update to use pull request target

* ADBRO Bid Adapter : Initial Release (#13963)

* Implemented minimal working ADBRO Bid Adapter

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Added ADBRO Bid Adapter description with Test Parameters.

ADBRO-4285

Signed-off-by: Alexander Shvetsov <ashvetsov@adbro.me>

* Added setting up sizes and display manager fields in banner object

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Building TagId using GPID

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Added ADBRO bill notification

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Removed excess params, imports and checks

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Explicitly cast request validity condition to Boolean

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Iterate all requests in buildRequests

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Group imps by Placement ID to send a single request per placement

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Change default and fallback tagid

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Changed billing event to onBidBillable

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Fixed failing fallback tagid

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* ADBRO Bid Adapter is covered with tests

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Set Creative Id from the test config on backend

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Added Bid Response bids existence check

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Review fixes

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Raised default impression expire timeout to 300 sec

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Null-checks are moved out from the isBidRequestValid function

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Covered null cases in isBidRequestValid function

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

* Replaced testing domain with the prod one

ADBRO-4285

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>

---------

Signed-off-by: Ivan Nebritov <inebritov@adbro.me>
Signed-off-by: Alexander Shvetsov <ashvetsov@adbro.me>
Co-authored-by: Alexander Shvetsov <ashvetsov@adbro.me>

* Update test-chunk.yml (#13961)

* IX Bid Adapter : multiformat promotion (#13898)

* chore: promoted multiformat FT [PB-4298]

* chore: updated expected siteId overrides [PB-4298]

* chore: cleaned up tests around multiformat

---------

Co-authored-by: Love Sharma <love.sharma@indexexchange.com>

* Core: expose requestBids hooks (#13957)

* Expose requestBids hooks

* add test

* Adkernel Bid Adapter: add Infinety alias (#13971)

* Core: isolate DNT helper (#13940)

* MediaConsortium Bid Adapter: change outstream renderer (#13452)

* MediaConsortium: change outstream renderer

* MediaConsortium Bid Adapter: add unit outstream renderer unit tests

* MediaConsortium Bid Adapter: fix outstream unit tests

* MediaConsortium Bid Adapter: use local config first

* MediaConsortium Bid Adapter: fix unit tests

* fix lint

* fix lint

---------

Co-authored-by: Vincent Barach <vincent@hubvisor.io>

* Ozone Bid Adapter: support oRTB Ext object (#13951)

* Update ozoneBidAdapter.js

- added support for ortb.ext params
- update on ozlabels custom KVP
- slight tweak to fix submitted to handle empty eid response.

* Update ozoneBidAdapter_spec.js

updated spec file for 4.0.2

* Update ozoneBidAdapter.js

* Update ozoneBidAdapter.js

* AdKernal tests: fix broken test related to DNT helper (#13973)

* Fix getDNT stubbing in utils and Adkernel tests

* Core: Proxy navigator DNT helper

* Core: Move DNT helper to dedicated library

* Core: Restore stub-friendly DNT re-export

* TeqBlaze Lib: add support gpid param (#13974)

* fix isBidRequestValid()

* add support gpid param

* PubMatic Analytics Adapter: Preserve original mediaTypes and sizes when copying bid details in analytics (#13888)

* Targetting key set for floor applied from PM RTD module

* Test Cases Added

* UPR related changes

* Minor changes

* Added targeting keys in constants

* UOE-12412: Added floorProvider = "PM" related check to set the targeting

* UOE-12412: Removed modelVersion related check

* UOE-12412: Changed Key Name for targeting

* UOE-12412: Enabling and disabling targetting key based on adServertargeting coming from config

* UOE-12412: RTD provider error handling for undefined configs

* Refactor: Improve bid status handling and floor value detection for No Bids scenario in PubMatic RTD provider

* Refactor: Extract bid targeting logic into separate functions

* Refactor: Improve pubmatic RTD provider targeting logic and add test coverage

* Enhance PubMatic RTD floor calculation with multi-size support and targeting precision

* UOE-12413: Changed adServerTargeting to pmTargetingKeys

* Enhance multiplier handling in pubmatic RTD provider

* PubM RTD Module: Update pubmatic RTD provider with enhanced targeting logic and test coverage

* PubM RTD Module: Multipliers fallback mechanism implemented and test cases edited

* Code changes optimisation

* Test case optimized

* Test cases: add unit tests for multiplier extraction in pubmatic RTD provider

* refactor: reorder multiplier sources in pubmaticRtdProvider to prioritize config.json over floor.json

* Fix: update NOBID multiplier from 1.6 to 1.2 in pubmaticRtdProvider module

* Refactor: enhance floor value calculation for multi-format ad units and improve logging

* Refactor: Add getBidder function and remove unused findWinningBid import in PubMatic RTD provider tests

* chore: remove unused pubmaticRtd example and noconfig files

* PubMatic RTD module markdown file update having targetingKey details

* Fix:  Removed extra whitespace and normalize line endings in RTD provider

* fix: add colon to RTD targeting log message in pubmaticRtdProvider

* Preserve original mediaTypes and sizes when copying bid details in analytics in case of marketplace scenario

* UOE-13066: Added mediaTypes and dimensions to raw request of tracker in case of marketplace scenario

* Lint Issue: Remove unnecessary whitespace in pubmatic analytics bid handling

---------

Co-authored-by: Chris Huie <phoenixtechnerd@gmail.com>

* UNIQUEST Widget Bid Adapter: initial release  (#13933)

* add uniquestWidgetBidAdapter

* fix uniquestWidgetBidAdapter_spec.js, uniquestWidgetBidAdapter.md

* fix interpretResponse to util

* Removing devicePixelRatio in Bid Request (#13979)

* Updated bidding domain (#13981)

* Bump @eslint/compat from 1.3.2 to 1.4.0 (#13977)

Bumps [@eslint/compat](https://github.com/eslint/rewrite/tree/HEAD/packages/compat) from 1.3.2 to 1.4.0.
- [Release notes](https://github.com/eslint/rewrite/releases)
- [Changelog](https://github.com/eslint/rewrite/blob/main/packages/compat/CHANGELOG.md)
- [Commits](https://github.com/eslint/rewrite/commits/compat-v1.4.0/packages/compat)

---
updated-dependencies:
- dependency-name: "@eslint/compat"
  dependency-version: 1.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Patrick McCann <pmccann@cafemedia.com>

* Bump @babel/core from 7.28.3 to 7.28.4 (#13975)

Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.28.3 to 7.28.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.28.4/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-version: 7.28.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump fs-extra from 11.3.1 to 11.3.2 (#13976)

Bumps [fs-extra](https://github.com/jprichardson/node-fs-extra) from 11.3.1 to 11.3.2.
- [Changelog](https://github.com/jprichardson/node-fs-extra/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jprichardson/node-fs-extra/compare/11.3.1...11.3.2)

---
updated-dependencies:
- dependency-name: fs-extra
  dependency-version: 11.3.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Linting: fix array-callback-return warnings (#13621)

* Maintenance: fix array-callback-return warnings

* Update eslint.config.js

* Maintenance: fix array-callback-return lint

* Core: fix price bucket capping logic

* Core: move array callback lint exception

* Fix missing returns in adapters

* Update cointrafficBidAdapter.js

* Update index.js

* Update cointrafficBidAdapter.js

* Update ixBidAdapter_spec.js

* Update ixBidAdapter_spec.js

---------

Co-authored-by: Jeff Mahoney <jeff.t.mahoney@gmail.com>

* Build system: reduce number of e2e test retries (#13993)

* Scalibur Bid Adapter : initial release (#13826)

* Add Scalibur bid adapter with comprehensive tests

* finish scalibur bid adapter and tests

* fix

* fix

* add missing params

* convert response price to cpm

* size to valid format

* fix tests

* remove all uses of first party data and Math.random

* fix lint error

* fix some more lint errors

* add support to own fpd

* vlaidate tests and lint

* re tests

* rerun tests

* remove the use of navigator

---------

Co-authored-by: Timor Bibi <timor@Timors-MacBook-Pro-2.local>

* Core: refactor window dimensions utilities to only access DOM APIs when necessary (#13929)

* cachedApiWrapper

* lazy access target

* make parent available to getTarget

* simplify

* consolidate extraWinDimensions

* Remove sketchy dimensions

* adnuntius: remove availWidth/availHeight

* onetag: stop using outer & avail dims

---------

Co-authored-by: Patrick McCann <pmccann@cafemedia.com>

* Core: Adding bidLimit to adUnit (#13930)

* Core: targeting bids limit varying on ad unit

* handling other case

* refactoring

* moving bidLimit to adUnit level

* fixing sendAllBids issue, allowing adunitBidLimit as object

* restoring missing comment

* performance optimization

* Yandex Bid Adapter: Added banner coordinates to the request (#13944)

* Yandex Bid Adapter: Added banner coordinates to the request

* fix webdriver

* Yandex Bid Adapter: Added banner coordinates to the request

* Yandex Bid Adapter: Added banner coordinates to the request

* Update modules/yandexBidAdapter.js

Co-authored-by: Graham Higgins <gwhigs@gmail.com>

---------

Co-authored-by: Graham Higgins <gwhigs@gmail.com>

* new alias Vaaya media (#13995)

Co-authored-by: mderevyanko <mderevyanko24@gmail.com>

* Bump karma-spec-reporter from 0.0.32 to 0.0.36 (#13911)

Bumps [karma-spec-reporter](https://github.com/tmcgee123/karma-spec-reporter) from 0.0.32 to 0.0.36.
- [Commits](https://github.com/tmcgee123/karma-spec-reporter/compare/v0.0.32...v0.0.36)

---
updated-dependencies:
- dependency-name: karma-spec-reporter
  dependency-version: 0.0.36
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Patrick McCann <pmccann@cafemedia.com>

* ID5 User Id module - generate targeting tags on the server side (#13992)

Including the tags in GAM is still controlled from the module configuration level. Generating them on the server side gives us more flexibility and simplifies user module.

* Add 'oftmedia' to the approved external JS list (#14001)

Co-authored-by: Andy <arezitopedia@gmail.com>

* Nodals RTD Module: Add support for publisher to override standard TCF consent checks (#14004)

Co-authored-by: slimkrazy <sam@nodls.ai>

* Build system: start browserstack binary explicitly (#13999)

* Core: wait for creative document DOMContentLoaded

* start browserstacklocal explicitly

* debug

* debug

* capitalization

* start as daemon

* Undo unrelated change

* Bump github/codeql-action from 3 to 4 (#14006)

Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Patrick McCann <pmccann@cafemedia.com>

* Msft Bid adapter - initial release (for closed testing) (#13952)

* msftBidAdapter - new adapter to eventually replace appnexusBidAdapter

* add unit test file

* fix import issue in tests

* fix lint issue in adapter file

* add more tests

* add more tests

* update banner test

* update comment

* another set of updates

* update unit tests

* update to readme

* remove tid code

* remove some comments, fix type checks, remove unneeded response function

* edit other comments

* try to fix lint errors

---------

Co-authored-by: Demetrio Girardi <dgirardi@prebid.org>

* Craft Bid Adapter : add user.eids to request (#13985)

* [craftBidder] Add user.eids to request

* [craftBidder] Add user.eids to request add test

---------

Co-authored-by: Monis Qadri <monis0395@users.noreply.github.com>

* EmpowerBidAdapter: initial release (#13943)

* EmpowerBidAdapter: initial release

* EmpowerBidAdapter: initial release

* some code changes after lint check

* test bannerServerRequest changes from local url to server url

* some fixes and improvements

* unceswsary line removed

---------

Co-authored-by: Monis Qadri <monis0395@users.noreply.github.com>

* Bump @babel/runtime from 7.28.3 to 7.28.4 (#14008)

Bumps [@babel/runtime](https://github.com/babel/babel/tree/HEAD/packages/babel-runtime) from 7.28.3 to 7.28.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.28.4/packages/babel-runtime)

---
updated-dependencies:
- dependency-name: "@babel/runtime"
  dependency-version: 7.28.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* optableRtdProvider: update documentation (#14017)

* Update optableRtdProvider.md

* Update optableRtdProvider.md

* AtsAnalyticsAdapter: get the user Ids from userIdAsEids  (#14022)

* [ATS-68316] Update to get userId as per prebid version 10+

* [ATS-68316] Add unit test case for the fix

---------

Co-authored-by: Sunath <sunath@liveramp.com>

* SmartyTech Bid Adapter: Add userId and consent data support with chunking capability (#13945)

* SmartyTech Bid Adapter: Add userId, consent data support and chunking capability

- Add userIdAsEids transmission when available
- Add GDPR, CCPA/USP, and COPPA consent support
- Add configurable chunking of bid requests to control number of ads per request
- Maintain backward compatibility
- Add comprehensive test coverage for all new features

Results of gulp lint: ✅ No issues
Results of gulp test: ✅ All tests pass

* Smartytech bid adapter. Avoid send undefined for gdprApplies and guarantee for config get

* Datawrkz Analytics Adapter: add publisherId and apiKey options (#13899)

* feat(analytics): added Datawrkz analytics adapter

* fix(analytics): lint fixes for Datawrkz Analytics Adapter

* fix(analytics): lint fixes for Datawrkz Analytics Adapter

* feat(analytics): add publisherId and apiKey config in Datawrkz Analytics Adapter

* Datawrkz Analytics Adapter: add tests for publisherId and apiKey config

---------

Co-authored-by: Monis Qadri <monis0395@users.noreply.github.com>
Co-authored-by: Love Sharma <sharmak.love@gmail.com>

* Nativery Bid Adapter: track auction events (#13990)

* feat: track auction events

* style: lint files

* perf: add keepalive on tracking request

* fix: ajax content type

* test: ajax content type

* perf: remove json content type to avoid preflight request

---------

Co-authored-by: Andrea Fassina <fasenderos@gmail.com>

* Omnidex update details (#14021)

* adding glvid to the omnidex

* fixing test

* Bump core-js from 3.45.1 to 3.46.0 (#14007)

Bumps [core-js](https://github.com/zloirock/core-js/tree/HEAD/packages/core-js) from 3.45.1 to 3.46.0.
- [Release notes](https://github.com/zloirock/core-js/releases)
- [Changelog](https://github.com/zloirock/core-js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/zloirock/core-js/commits/v3.46.0/packages/core-js)

---
updated-dependencies:
- dependency-name: core-js
  dependency-version: 3.46.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Core: fix bug where commands submitted to que.push can run out of order (#14025)

* Semantiq RTD module: fix incorrect property name (#14027)

Co-authored-by: Alexandr Kim <alexandr.kim@audienzz.ch>

* Build system: add metadata override for uniquestWidget (#14031)

* Build system: revert dependabot updates, use browserstack's action (#14026)

* Build system: adjust karma timeouts

* use browserstack own action for setup

* use 127.0.0.1 instead of localhost

* revert dependency changes

* disable dependabot

* Undo timeout changes

* increase disconnect tolerance

* fix version and schema-utils in package.json

* fix versions (again)

* Allow dependabot updates to type definitions

* Change dependency update schedule to monthly

Changed the update schedule for GitHub Actions and npm dependencies from weekly to monthly. Added additional dependencies to the allow list.

* Update Babel dependencies in dependabot configuration

* Change npm dependency update interval to quarterly

---------

Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* Bump @types/ws from 8.5.12 to 8.18.1 (#14033)

Bumps [@types/ws](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/ws) from 8.5.12 to 8.18.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/ws)

---
updated-dependencies:
- dependency-name: "@types/ws"
  dependency-version: 8.18.1
  dependency-type: indirect
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump actions/setup-node from 5 to 6 (#14032)

Bumps [actions/setup-node](https://github.com/actions/setup-node) from 5 to 6.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* riseBidAdapter: get the user Ids from userIdAsEids (#14013)

* riseBidAdapter: get the user Ids from userIdAsEids

* add tests for the user id changes

---------

Co-authored-by: Laslo Chechur <laslochenchur@laslos-MacBook-Pro.local>
Co-authored-by: Patrick McCann <pmccann@cafemedia.com>

* Core: break out dependabot security and version update rules (#14037)

Added configuration for daily security updates with no open pull requests limit.

* Nuba Bid Adapter: initial release (#14003)

* feature/nuba-bidder: add Prebid.js bidder adapter

* feature/nuba-bidder

* feature/nuba-bidder

* feature/nuba-bidder

---------

Co-authored-by: Monis Qadri <monis0395@users.noreply.github.com>

* Prebid 10.13.0 release

* Increment version to 10.14.0-pre

* Bump @babel/core from 7.28.3 to 7.28.4 (#14034)

Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.28.3 to 7.28.4.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.28.4/packages/babel-core)

---
updated-dependencies:
- dependency-name: "@babel/core"
  dependency-version: 7.28.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* FWSSP Adapter: update user-sync logic (#13994)

* Bump webpack from 5.101.3 to 5.102.1 (#14009)

Bumps [webpack](https://github.com/webpack/webpack) from 5.101.3 to 5.102.1.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.101.3...v5.102.1)

---
updated-dependencies:
- dependency-name: webpack
  dependency-version: 5.102.1
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* Yandex Bid Adapter: Change request domain (#14012)

* Yandex Bid Adapter: The request domain has been changed

* Bug fix after resolve conflicts

* SeenThis Brand Stories Rendering Module: initial release (#13834)

* Add SeenThis Brand Stories module

* test: add unit tests for seenthisBrandStories module functions and constants

* remove support for loading inside iframe

* only allow events of seenthis origin

---------

Co-authored-by: Alexander Öström <alexander.ostrom@seenthis.se>

* Smartytech Bid Adapter: add alias user ID (#13983)

* SmartyTech Bid Adapter: Add userId, consent data support and chunking capability

- Add userIdAsEids transmission when available
- Add GDPR, CCPA/USP, and COPPA consent support
- Add configurable chunking of bid requests to control number of ads per request
- Maintain backward compatibility
- Add comprehensive test coverage for all new features

Results of gulp lint: ✅ No issues
Results of gulp test: ✅ All tests pass

* retry: trigger CI tests

* Empty commit to trigger tests

* Empty commit to trigger tests

* Smartytech bid adapter: add alias used ID to bid request

* SmartyTech Bid Adapter: Add userId, consent data support and chunking capability

- Add userIdAsEids transmission when available
- Add GDPR, CCPA/USP, and COPPA consent support
- Add configurable chunking of bid requests to control number of ads per request
- Maintain backward compatibility
- Add comprehensive test coverage for all new features

Results of gulp lint: ✅ No issues
Results of gulp test: ✅ All tests pass

* Smartytech bid adapter. Avoid send undefined for gdprApplies and guarantee for config get

* Define Media Bid Adapter: initial release (#13713)

* defineMediaBidAdapter checkpoint

* test page

* clean up

* first tests
Better integration test

Push integration test

Update Readme and remove publisherId from required parameters

* Make Adapter feasable for multiple BidRequests

Comment out not working tests

* Fix some adapter props. Not all unittest working

* WIP on master

Some test fixes, but there ist still noch page object

Updated Unittests with real testdata

simplifies and minimizes test data and adds more detailed object checks

* cleanup debug scripts

* Fix/Delete testfiles

* Change maintainer

* Restore helo world

* Leave out additional options fot http to rely on default  and avoid additional cors requests

* gvl id fix

* Only import used utils by name

* Remove accidential commited test code for XHR

* small linter error

* clarify supplierDomainName usage

- clarify that publishers do not need to host sellers.json
- explain supplierDomainName is used for schain attribution
- add onboarding/transparency notes (account management)

* Define Media Bid Adapter: initial release (#13713)

* Fix schain handling
* Add detailed JSDoc comments explaining adapter functionality, parameters, and compliance requirements
* Add comprehensive inline comments for code maintainability
* Improve error handling in onBidderError with structured error categorization

* Define Media Bid Adapter: initial release (#13713)

*fix linting errors

---------

Co-authored-by: Michael Klumpp <m.klumpp@definemedia.de>
Co-authored-by: Dennis Joest <djprivat@gmail.com>

* Revert "SeenThis Brand Stories Rendering Module: initial release (#13834)" (#14041)

This reverts commit 56a41d89c389e0695186b9da3160c8914ec044e4.

* msft bid adapter - fix check around eids (#14040)

* Dependabot: clean up configuration error (#14039)

* Maintenance: Point npm updates to dependabot branch

* Change dependabot target branch to 'dependabotTarget'

* feat: Upgrade Neuwo RTD module to support newest API (#14002)

Updates the Neuwo RTD module to integrate with the newest
version of the Neuwo API (10-2025), introducing comprehensive IAB taxonomy support
and refreshes outdated documentation.

This commit includes:
- Support for IAB Content Taxonomy 3.0 and 2.2.
- Support for IAB Audience Taxonomy 1.1.
- User-specified configuration for the desired IAB Content Taxonomy version.
- Unit tests covering all module functions.
- JSDoc added to all functions for improved code documentation.
- Update to the example testing page.
- Update to the module markdown documentation.
- Update to Local Development setup.

Co-authored-by: grzgm <>

* RTB House Bid Adapter: add GPP support (#14047)

* Richaudience Bid Adapter: add compatibility with gpid (#14042)

* Richaudience Bid Adapter: test/spec change in user eids

* Richaudience Bid Adapter: change in user eids

* RichAudience Bid Adapter : remove deprecated params for video player

* Richaudience Bid Adapter: add compatibility with gpid

* Richaudience Bid Adapter Test: add compatibility with gpid

* Richaudience Bid Adapter: add compatibility with gpid

---------

Co-authored-by: IAN <ian.musachs@richaudience.com>

* Core: consistentTids feature (#14011)

* Add assertions for consistent tid prefixes

* Respect publisher supplied impression tids

* Core: align tidSource redaction with review

* Core: allow pub tidSource option

* Core: adjust tid prefixes for consistent option

* refactor & fix some edge cases

* Rename consistentTids to consistentTIDs for consistency

* Fix typo in config key from 'consistentTids' to 'consistentTIDs'

* Fix typo in consistentTIDs configuration

---------

Co-authored-by: Demetrio Girardi <dgirardi@prebid.org>

* Fix mappings for the natives according to the standard (#14053)

* CI: attempt to serialize test runs (#14049)

* Try to gauge running session from browserstack

* automate, not app automate; separate to its own workflow

* reintroduce retries

* check on every chunk

* jobs not steps

* do not wait when not using browserstack

* composite actions

* remove stale yml

* fix path

* Core: Skip module bids during mediaType eligibility checks (#14058)

* Core: Skip module bids during mediaType eligibility checks

Module bids do not have a `bidder` property. They should not be considered for mediaType checks.

This only works as-is for banner units because we default `supportedMediaTypes` to `['banner']'` for an `undefined` bidder.

Closes #14057

* add test case

---------

Co-authored-by: Demetrio Girardi <dgirardi@prebid.org>

* Core: wait for creative document DOMContentLoaded (#13991)

Co-authored-by: Patrick McCann <pmccann@cafemedia.com>

* CI: update codeQL rules for fingerprinting APIs (#14059)

* Core: Skip module bids during mediaType eligibility checks

Module bids do not have a `bidder` property. They should not be considered for mediaType checks.

This only works as-is for banner units because we default `supportedMediaTypes` to `['banner']'` for an `undefined` bidder.

Closes #14057

* add test case

* Improve codeql queries

* event tracking

* Extend and update codeQL rules for fingerprinting APIs

---------

Co-authored-by: Graham Higgins <ghiggins@raptive.com>

* Consent Management : reset functionality to properly disable TCF/GPP modules (#13989)

* Prebid Core: Cosnent Handler reset functionality

* Prebid Consent Management: Add reset

* Consent Management Reset: Remove add event listener if it is listening already

* Consent management changes working

* Consent Management: add enabled flag before enabling the module. Provided backward compatibility

* Consent Management: logInfo to logWarn

* Consent Manegement reset fix

* Add gdpr test cases

* Move the cmp event listener removal functions to libraries

---------

Co-authored-by: Patrick McCann <pmccann@cafemedia.com>
Co-authored-by: Demetrio Girardi <dgirardi@prebid.org>
Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* suim Bidder: Change api endpoint (#14060)

* change api endpoint

* Fix test

* Revert "Consent Management : reset functionality to properly disable TCF/GPP …" (#14063)

This reverts commit 65e6c0bc5bad095d51cbb75637badebb2eabb369.

* Adagio multi modules: placement params (#13857) (#14000)

* WelectBidAdapter: add `mediaType` param to bid response (#14046)

* Adkernel Bid Adapter: add Qohere alias (#14064)

* browsiRtdProvider: do not init analytics module (#13883)

* browsiRtdProvider-analytics-module

* browsiRtdProvider-analytics-module

* Update browsiRtdProvider.js

---------

Co-authored-by: Stav Ben Shlomo <stavbe@gobrowsi.com>
Co-authored-by: Patrick McCann <pmccann@cafemedia.com>
Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* pgamssp Bid Adapter : update deleted gvlid (#14065)

* Update pgamsspBidAdapter.js

no longer valid gvlid

* fix gvlid

* Prebid 10.14.0 release

* Increment version to 10.15.0-pre

* Yield one bid adapter: Conditionally stop sending push_sync requests for bot-like traffic (#14062)

* Conditionally stop sending push_sync requests for bot-like traffic

* adjust unit tests for Bot-like traffic

* lint

* remove unnecessary UA patterns and move the list to consts

---------

Co-authored-by: alukonin <alukonin@iponweb.net>

* holidBidAdapter: map OpenRTB adomain -> meta.advertiserDomains (enables hb_adomain) (#14075)

* Richaudience Bid Adapter: add compatibility with ortb2Imp.ext.gpid (#14073)

* Richaudience Bid Adapter: test/spec change in user eids

* Richaudience Bid Adapter: change in user eids

* RichAudience Bid Adapter : remove deprecated params for video player

* Richaudience Bid Adapter: add compatibility with gpid

* Richaudience Bid Adapter Test: add compatibility with gpid

* Richaudience Bid Adapter: add compatibility with gpid

* Richaudience Bid Adapter: add compatibility with ortb2Imp.ext.gpid

* Richaudience Bid Adapter: add compatibility with ortb2Imp.ext.gpid

---------

Co-authored-by: IAN <ian.musachs@richaudience.com>

* AdOcean Bid Adapter: initial release (#13982)

* [ADO-981] Adocean adapter

* [ADO-981] Tests and some bug fixes

* [ADO-981] Video tests

* [ADO-981] Ao sizes

* [ADO-981] Review changes

* [ADO-981] Updated bidder md file

* [ADO-981] Change param name

* MSFT bid adapter - update endpoint query params (#14076)

* Consent Management : reset functionality to properly disable TCF/GPP modules (#14070)

* Prebid Core: Cosnent Handler reset functionality

* Prebid Consent Management: Add reset

* Consent Management Reset: Remove add event listener if it is listening already

* Consent management changes working

* Consent Management: add enabled flag before enabling the module. Provided backward compatibility

* Consent Management: logInfo to logWarn

* Consent Manegement reset fix

* Add gdpr test cases

* Move the cmp event listener removal functions to libraries

* Remove stray comment

* Fix test cases issues

---------

Co-authored-by: Patrick McCann <pmccann@cafemedia.com>
Co-authored-by: Demetrio Girardi <dgirardi@prebid.org>
Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* Core: fix bug with DNT lookup throwing exceptions when in an iframe (#14081)

* refactor doNotTrack

* Remove duplicate getDNT

* CI: Complete codeQL fingerprinting rules (#14066)

* Core: Skip module bids during mediaType eligibility checks

Module bids do not have a `bidder` property. They should not be considered for mediaType checks.

This only works as-is for banner units because we default `supportedMediaTypes` to `['banner']'` for an `undefined` bidder.

Closes #14057

* add test case

* Improve codeql queries

* event tracking

* Extend and update codeQL rules for fingerprinting APIs

* Refactor to generate only data, not query logic

* rename rules

* coverage complete

* remove stray files

* cleanup & comments

* typo/whitespace

* update-codeql

---------

Co-authored-by: Graham Higgins <ghiggins@raptive.com>

* Opsco Bid Adapter : refactor to use ortb converter (#13998)

* Opsco bid adapter init commit

* Opsco bid adapter banner implementation

* Changing test parameter

* Changing endpoint

* Retrieving placement Id from bid request params

* Refactor `opscoBidAdapter` to use ORTB converter and enhance GDPR, CCPA, and bid floor handling.

---------

Co-authored-by: adtech-sky <adtech@graysonsky.com>
Co-authored-by: Chris Huie <3444727+ChrisHuie@users.noreply.github.com>

* Prebid 10.15.0 release

* Increment version to 10.16.0-pre

* Pubmatic bid adapter: remove extra transactionId from bidder request (#14084)

* Comment transactionId: passed in global ext.wrapper. Not being used in Adserver

(cherry picked from commit 5f28a727f981ef65ac3117770ee94cde4925ef2a)

* Comment out unused code of setting transactionId

* fix lint

* Remove unused code of setting transactionId

---------

Co-authored-by: Komal Kumari <komalkumari@Komals-MacBook-Pro-L1834.local>

* Adkernel Bid Adapter: add bluTonic alias (#14078)

* IntentIq ID Module: GAM updates (#13969)

* AGT685: Remove device info logic (#42)

* AGT-680: Don't send gam in browserBlacklist (#44)

* AGT-680: Dont send gam in browserBlacklist

* AGT-680: fix commas

* Agt 682 implementation for module (#45)

* add GAM prediction

* Update version number, add tests, update documentation

* Fix property name

* refactor export file

* fix import typo

* remove GAM prediction  flag

* extend GAM prediction documentation

* fix configuration name in documentation

* Agt 698 module config changes (#46)

* move analytic related params to analytic adapter

* Move back Maintainer section

---------

Co-authored-by: dmytro-po <dmytro.po@intentiq.com>

* VISX Bid Adapter : added support for GPID (#14080)

* VISX Bid Adapter: Added support for GPID

* VISX Bid Adapter: Added support for GPID - tests refactoring

* UID2 Shared library: Update Optout token to be consistent between UID2 and EUID (#14086)

* added log errors to catch the errors

* fixed lint errors

* making stored optout consistent between uid2 and euid

* remove log error

* add empty catch statements

* made code more consistent

* Sevio Bid Adapter : detect keywords when those were not provided as params (#13814)

* Detect keywords when those were not provided as params

* Add extra parameter to the BE endpoint to instruct in which env we are

* Add tests for each of the cases of the keywords detection

* Modify the adapter to use the ortb detected keywords

* Add safety checks for the keywords

* Added tests for the keywords, also for the ortb case

* Medianet Analytics Adapter: pass ext from Prebid Server Response and Prebid 10 Updates (#13825)

* Pass ext values from Prebid Server bid response to bidderRequest and use pbjs.getUserIds instead of bid.userid

* Test cases added to verify Prebid Server ext response for an Auction

* Store Prebid Server Ext Fields in pbsExt and test case updated

* fix(lint): resolve linting issues causing pipeline failure

* CI: remove reviewer assignment action (#14100)

* Add new AdverxoAdapter alias: harrenmedia (#14096)

* Bid response filter: Extending with mediaTypes (#14071)

* Bid response filter: extending with mediaTypes

* removing mtype handling

* AJA Bid Adapter: refactor JSDoc and code style improvements (#14091)

* AJA Bid Adapter: refactor JSDoc and code style improvements

- Add missing type definitions (Bid, BidderRequest, ServerResponse, SyncOptions)
- Standardize constant naming (BIDDER_CODE, ENDPOINT_URL, etc.)
- Add API response type definitions (AJABidResponse, AJAAd, AJABannerAd)
- Remove unnecessary optional chaining where server always returns expected values
- Remove verbose comments and keep only essential type definitions
- Improve code consistency and maintainability

* AJA Bid Adapter: address review comments

- Remove @inner tag from typedef definitions (module-level, not inner members)
- Simplify Array.isArray check (redundant truthy check removed)

* T Advertising Bid Adapter : fix handling of no bid response (#14105)

* T Advertising Bid Adapter: Refactor interpredResponse for response body with no bids

-

* T Advertising Bid Adapter: Add expected indentation

* feat: wallet profiling (#14067)

* Core: fix bug where activity checks on RTD modules can hide data from unrelated modules (#14074)

* Core: fix bug where activity checks on RTD modules can hide data from unrelated modules

* Lint

* Adagio Bid Adapter: enable gzip compression (#14110)

* AdagioBidAdapter: add endpoint "orgid" query param

* AdagioBidAdapter: enable gzip compression

* Added alias for kueezBidAdapter

* Prebid 10.16.0 release

* Increment version to 10.17.0-pre

* Various modules: consolidate page view ID logic (#14051)

* Page view ID.

* Page view ID.

* Removed console.log.

* Removed unused import.

* Improved example.

* Fixed some tests.

* sevio Bid Adapter : add extra parameters required by the BE (#13904)

* Add extra parameters required by the BE

* Correct prod endpoint

* Removed properties that were flagged as fingerprinting

* Added tests for the additions made and also some extra safety checks in the adapter

* Removed networkBandwidth and networkQuality as they are flagged as fingerprinting

* Placed getDomComplexity under the fpdUtils/pageInfo.js

* Use the getPageDescription and getPagetitle from the fpdUtils

* Remove the tests for the params that are not sent anymore

* SSP Genie Bid Adapter: Change logic of specified currency bid-params do not refer to adServerCurrency. (#14061)

* modify adUnit infomation

* fix imuid module

* feat(GenieeBidAdapter): Add support for GPID and pbadslot

- Add support for GPID (Global Placement ID) from ortb2Imp.ext.gpid
- Add fallback support for ortb2Imp.ext.data.pbadslot
- Include gpid parameter in request when GPID exists
- Add test cases to verify GPID, pbadslot, and priority behavior

* Aladdin Bidder ID5 Compatible Adapter

* add comment

* modified test message

* the import of buildExtuidQuery was missing

* test: add test cases for id5id in extuid query

* delete duplicate test

* feat(GenieeBidAdapter): Add support for iframe-based cookie sync in BidAdapter

* [CARPET-5190] Bid Adapter: Fix the default value of the ib parameter

- change default value ib parameter

* remove ib param

* fix test/spec/modules/ssp_genieeBidAdapter_spec.js

* Corrected cookie sync URL and added title to data

* reset document.title after test

* Modify document.title in sandbox.stub

* CARPET-6134 Change logic of specified currency bidparams

* format code

* update assert in unit test

* update code

* update code

* update reset config

* Update assert to expect

* Update logic

---------

Co-authored-by: Murano Takamasa <takamasa-murano@j0098.geniee.jp>
Co-authored-by: daikichiteranishi <49385718+daikichiteranishi@users.noreply.github.com>
Co-authored-by: teranishi daikichi <daikichi.teranishi@geniee.co.jp>
Co-authored-by: gn-daikichi <49385718+gn-daikichi@users.noreply.github.com>
Co-authored-by: takumi-furukawa <takumi.furukawa@geniee.co.jp>
Co-authored-by: furukawaTakumi <45890154+furukawaTakumi@users.noreply.github.com>
Co-authored-by: furukawaTakumi <black3moon88@gmail.com>
Co-authored-by: haruki-yamaguchi <haruki.yamaguchi@geniee.co.jp>
Co-authored-by: haruki yamaguchi <100411113+hrkhito@users.noreply.github.com>
Co-authored-by: Thanh Tran <thanhtv@geniee.co.jp>
Co-authored-by: thanhtran-geniee <135969265+thanhtran-geniee@users.noreply.github.com>

* Nexx360 Bid Adapter : typescript conversion & ybidder alias added (#13987)

* typescript conversion & ybidder alias added

* fixes

* https fix

---------

Co-authored-by: Gabriel Chicoye <gabriel@macbookrogab24g.lan>

* ConnectID Adapter: fix storage type configuration not being respected (#14018)

* fix: Update ConnectID Adapter to respect storage type configuration.

* refactor: Improve ConnectID storage type handling with constants and documentation.

* Vidazoo utils: fix screen resolution detection (#14122)

* Fix Vidazoo utils screen resolution detection

* remove duplication

---------

Co-authored-by: Demetrio Girardi <dgirardi@prebid.org>

* CI: run release drafter on legacy branches (#14124)

* CI: run release drafter on legacy branches

* Remove unnecessary blank line in workflow file

---------

Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* Attekmi Bid Adapter : add MarlinAds alias (#14094)

* Attekmi: add MarlinAds alias

* pid fix

---------

Co-authored-by: Victor <victor.banudz@smart-hub.io>

* OMS Bid Adapter: add banner media type check in buildRequests (#14117)

* Tappx Adapter Fix: obtain Adomain from response and add test (#14113)

* Feature: added obtention of gpid, divid and other information and adding tests

* Fix: obtain Adomain from response and add test

---------

Co-authored-by: Jordi Arnau <jarnau@tappx.com>
Co-authored-by: jordi-tappx <jarnau@techsoulogy.com>
Co-authored-by: Yaiza Fernández <yfernandez@tappx.com>

* RTB House Bid Adapter: fix floor price handling (#14112)

* RTB House Bid Adapter: add GPP support

* Revert "RTB House Bid Adapter: add GPP support"

This reverts commit 9bf11f2e9e89b8fcc6e6798e30ec72d692650770.

* RTB House Bid Adapter: fix floor price handling

* RTB House Bid Adapter: minor spelling fix

* Sharethrough Bid Adapter: adjust how values are saved on meta prop (#14114)

Co-authored-by: Jeff Mahoney <jmahoney@equativ.com>

* adds nvm path to setup script (#14109)

* Sparteo Bid Adapter:  support new optional query params (#13986)

* Sparteo: add required query params to adapter endpoint

* Code Review monis0395

* Clickio Bid Adapter: initial release (#14023)

* Clickio Bidder Adapter

* Clickio Bid Adapter: update cookie sync URL to new endpoint

* Clickio Bid Adapter: add conditional logic for iframe sync response

- Updated the getUserSyncs function to return an empty array when iframe sync is disabled, ensuring proper handling of sync options.
- Adjusted the corresponding test to verify the new behavior, checking for the updated URL format.

* Clickio Bid Adapter: update parameter name from `placementId` to `said` in documentation and tests

---------

Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* optimeraRTD: updated scorefile fetching logic (#14101)

* Cointraffic Bid Adapter: Added device information to payload (#14120)

* endpoint update

* added device information to payload

* Core: fix spurious validation warnings on mediaType / ortb2Imp (#14099)

* Add TopOn adapter (#14072)

* Permutive modules:  define gvl id (#14131)

* Permutive modules: centralize gvl id

* Set gvlid to null in permutiveIdentityManagerIdSystem

* Set gvlid to null in permutiveRtdProvider.json

* Set gvlid to null for Permutive components

* Fix JSON formatting by adding missing newline

* Fix missing newline in permutiveIdentityManagerIdSystem.json

Add missing newline at the end of the JSON file.

* Update permutiveRtdProvider.json

* CI: split tests into smaller chunks (#14126)

* CI: increase karma browserNoActivityTimeout

* try decreasing

* increase test timeout

* Fix fintezaAnalytics tests

* Increase number of test chunks

* Fix number of chunks

* Extract save-wdir action

* use matrix

* simplify

* fix chunk def

* fix concurrency key

* fix test cmd

* Output concurrency

* Fix concurrency key again

* only save coverage if it exists

* adjust max-parallel

* collect coverage results

* temp disable e2e

* rename serialize to browserstack

* Use wdir to get access to local action

* fix github_output-s

* set up node, fix coverage cache keys

* temporarily enable coverage on nofeatures

* skip browserstack step when not using browserstack

* key prefix

* debug output

* debug

* remove some debug output

* script syntax

* matrix output

* adjust matrix output

* fixes

* use artifacts directly

* cleanup outputs

* use artifacts instead of cache

* consolidate

* specify path

* debug

* build when there is no build

* include hidden files

* overwrite artifacts

* try save/load

* adjust load

* try skipping untar

* more debug

* Remove debug output

* cleanup dependencies

* Adjust timeouts

* adjust overall timeout

* adjust timeouts again

* fix finteza tests

* adjust timeouts

* use build name from env

* Clear browserstack sessions

* Always clean up sessions

* sessions cannot be terminated via api

* adjust capture timeout

* skip build when there is no build cmd

* increase retries

* adjust timeouts

* add chunk no in build name

* Fix coveralls

* isolate browserstack tests

* Revert "isolate browserstack tests"

This reverts commit 2ebfa9d2b4dc4b4baf71e448149e6321ff218da6.

* Attekmi: rename alias from Marlinads to Amcom (#14138)

Co-authored-by: Victor <victor.banudz@smart-hub.io>

* sevioBidAdapter_bugfix: Send all sizes instead of just maxSize (#14133)

* Send all sizes instead of just maxSize

* Added tests to cover modifs in the sizes that we are sending

* Attekmi: add Adastra Tech alias (#14141)

Co-authored-by: Victor <victor.banudz@smart-hub.io>

* Nexx360 Bid Adapter: buildImp fix (#14139)

* buildImp fix

* Update modules/nexx360BidAdapter.ts

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update bidderVersion from '7.0' to '7.1' on test

* Add divId to nexx360 configuration in tests

---------

Co-authored-by: Gabriel Chicoye <gabriel@macbookrogab24g.lan>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* fix(adapter): align uniquest_widgetBidAdapter file name with docs biddercode (#14043)

* FWSSP Adapter: update schain serialization logic and add fallback for missing videoassetid (#14135)

* FWSSP Adapter: update schain serialization logic and add fallback for missing videoassetid

* FWSSP Adapter: fix linting in fwsspBidAdapter_spec - indentation

* FWSSP Adapter: fix schain unit test to use dynamic pbjs.version in vclr

* FWSSP Adapter: fix schain unit test missing 'prebid' in vclr

---------

Co-authored-by: Josh Kraskin <jkraskin@freewheel.com>

* Remove security-updates-only from dependabot config

invalid property

* Neuwo Rtd Module: Add url cleaning feature to Neuwo RTD module  (#14089)

* feat: add url cleaning functionality

Add configurable URL cleaning options to strip query parameters and fragments before sending URLs to Neuwo API:
- stripAllQueryParams: removes all query parameters
- stripQueryParamsForDomains: removes all params for specific domains/subdomains
- stripQueryParams: removes specific named parameters
- stripFragments: removes URL hash fragments

* test: add tests for url cleaning functionality

Add test cases for cleanUrl function covering:
- Query parameter stripping (all, domain-specific, selective)
- Fragment stripping and combinations
- Edge cases (malformed URLs, encoding, delimiters)
- Domain/subdomain matching logic
- Option priority and fallthrough behavior
- Integration tests with getBidRequestData

* docs: update documentation for url cleaning

Update module documentation to include:
- URL cleaning configuration options and examples
- Parameter table with stripAllQueryParams, stripQueryParamsForDomains, stripQueryParams, stripFragments
- `npm ci` as dependencies installation command
- Linting section with eslint command
- Adjust commands examples
- Update test commands to use test-only and test-only-nobuild
- Update example page to include URL cleaning functionality
- Unified commands between the example file and the module readme
- Improve input structure on the example page
- Enable saving input values on the example page to facilitate manual testing
- Update contact information

* Neuwo RTD Module feat: add API response caching

- Added `enableCache` parameter (default: `true`) to cache API responses and avoid redundant requests during the page session
- Implemented `clearCache()` function for testing purposes
- Updated *modules/neuwoRtdProvider.js* to store responses in `globalCachedResponse` and reuse them when caching is enabled
- Added cache control UI to *integrationExamples/gpt/neuwoRtdProvider_example.html* with checkbox and state persistence
- Updated *modules/neuwoRtdProvider.md* documentation with caching configuration details
- Added test coverage in *test/spec/modules/neuwoRtdProvider_spec.js* for both enabled and disabled cache scenarios

---------

Co-authored-by: grzgm <125459798+grzgm@users.noreply.github.com>

* Bump min-document from 2.19.0 to 2.19.2 (#14162)

Bumps [min-document](https://github.com/Raynos/min-document) from 2.19.0 to 2.19.2.
- [Commits](https://github.com/Raynos/min-document/compare/v2.19.0...v2.19.2)

---
updated-dependencies:
- dependency-name: min-document
  dependency-version: 2.19.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* CI: reduce dependency on browserstack (#14165)

* try safari testing

* try macos-latest

* adjust save/load

* adjust again

* why

* adjust -C

* try safarinative

* use SafariNative

* separate build from run-tests

* browser tests

* add safari

* refactor

* use setup step

* add firefoxHeadless

* add edge

* try force-local

* temporarily remove build logic testing

* --force-local only on win

* add npm install to build

* run npm install on windows

* use script to generate id

* use --force-local on save as well

* setup edge

* remove run npm install option

* enable debug logging

* try edge headless

* define EdgeHeadless

* try chromium edge

* remove edge launcher

* disable debug logging

* add build logic test step

* set shell bash

* move id generation to actions/save

* browser_testing.json

* fix coverage

* add browerstack

* fix bstack secrets

* remove unnecessary checkout

* Clean up unused input

* try clearing localStorage

* Core: fix schema-utils import (#14168)

Co-authored-by: Demetrio Girardi <dgirardi@prebid.org>

* Bump actions/download-artifact from 5 to 6 (#14146)

Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5 to 6.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* Bump tar-fs from 3.0.9 to 3.1.1 (#14163)

Bumps [tar-fs](https://github.com/mafintosh/tar-fs) from 3.0.9 to 3.1.1.
- [Commits](https://github.com/mafintosh/tar-fs/compare/v3.0.9...v3.1.1)

---
updated-dependencies:
- dependency-name: tar-fs
  dependency-version: 3.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* Bump js-yaml (#14164)

Bumps  and [js-yaml](https://github.com/nodeca/js-yaml). These dependencies needed to be updated together.

Updates `js-yaml` from 3.14.1 to 3.14.2
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2)

Updates `js-yaml` from 4.1.0 to 4.1.1
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodeca/js-yaml/compare/3.14.1...3.14.2)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 3.14.2
  dependency-type: indirect
- dependency-name: js-yaml
  dependency-version: 4.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Public Good Bid Adapter : initial release (#13896)

* Public Good new adapter

* fix typo

---------

Co-authored-by: Patrick McCann <pmccann@cafemedia.com>

* Prebid 10.17.0 release

* Increment version to 10.18.0-pre

* Bump glob from 10.4.5 to 10.5.0 (#14170)

Bumps [glob](https://github.com/isaacs/node-glob) from 10.4.5 to 10.5.0.
- [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md)
- [Commits](https://github.com/isaacs/node-glob/compare/v10.4.5...v10.5.0)

---
updated-dependencies:
- dependency-name: glob
  dependency-version: 10.5.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* Bump axios from 1.9.0 to 1.13.2 (#14161)

Bumps [axios](https://github.com/axios/axios) from 1.9.0 to 1.13.2.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.9.0...v1.13.2)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.13.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* CI: do not use browserstack for e2e tests (#14174)

* local e2e testing

* rework concurrency id

* clean up inputs

* try installing safari

* specify shell

* try npx

* break out build from test for e2e

* try safaridriver --enable

* adjust build, safaridriver

* safari why such a pain

* safari

* safari...

* do not allow parallel tests

* Cache deps

* Core: Delete .circleci/config.yml (#14137)

No longer needed in 10

* CI: Automatic review assignment (#14176)

* test arguments

* declare environ

* environment name

* I like secrets

* Revert "I like secrets"

This reverts commit dc07a6acbb4743d9011cea225a5bbed8ca334d13.

* try getPRProperties

* local e2e testing

* rework concurrency id

* clean up inputs

* try installing safari

* specify shell

* try npx

* break out build from test for e2e

* try safaridriver --enable

* adjust build, safaridriver

* safari why such a pain

* safari

* safari...

* do not allow parallel tests

* test integration

* self-contained workflow

* Cache deps

* Install dependencies

* pass PR number

* WIP pr bot

* Update PR assignment script

* typo

* undo unrelated change

* CI: improve PR review assignment automation (#14177)

* test arguments

* declare environ

* environment name

* I like secrets

* Revert "I like secrets"

This reverts commit dc07a6acbb4743d9011cea225a5bbed8ca334d13.

* try getPRProperties

* local e2e testing

* rework concurrency id

* clean up inputs

* try installing safari

* specify shell

* try npx

* break out build from test for e2e

* try safaridriver --enable

* adjust build, safaridriver

* safari why such a pain

* safari

* safari...

* do not allow parallel tests

* test integration

* self-contained workflow

* Cache deps

* Install dependencies

* pass PR number

* WIP pr bot

* Update PR assignment script

* typo

* undo unrelated change

* look at reviews as well as requested reviewers

* add an extra authorized reviewer check

* Do not consider negative engineers

* CI: fix issue with PR review automation (#14179)

* test arguments

* declare environ

* environment name

* I like secrets

* Revert "I like secrets"

This reverts commit dc07a6acbb4743d9011cea225a5bbed8ca334d13.

* try getPRProperties

* local e2e testing

* rework concurrency id

* clean up inputs

* try installing safari

* specify shell

* try npx

* break out build from test for e2e

* try safaridriver --enable

* adjust build, safaridriver

* safari why such a pain

* safari

* safari...

* do not allow parallel tests

* test integration

* self-contained workflow

* Cache deps

* Install dependencies

* pass PR number

* WIP pr bot

* Update PR assignment script

* typo

* undo unrelated change

* look at reviews as well as requested reviewers

* add an extra authorized reviewer check

* Do not consider negative engineers

* do not request reviewers that have already reviewed

* sevioBidAdapter: send currency if this is set in the config (#14143)

* Read currency configs

* Add tests for the currency handling

* CI: bump chrome 109 to 113 and move it off browserstack (#14187)

* local e2e testing

* rework concurrency id

* clean up inputs

* try installing safari

* specify shell

* try npx

* break out build from test for e2e

* try safaridriver --enable

* adjust build, safaridriver

* safari why such a pain

* safari

* safari...

* do not allow parallel tests

* try to install chrome 109

* log browsers

* deb installation

* fix deb installation

* extract install-deb

* fix install-deb

* more flexible version definition

* remove safari 15

* disable coverage on chrome 109

* Better job names

* bump chrome 109 -> 113, and add logic to test it outside browserstack

* reintroduce safari 15.6

* try --no-sandbox

* rename custom -> noSandbox

* update wait for browserstack to accept variable number of sessions

* fix type error

* Core: fix proxy identity issue in objectGuard by caching wrapped objects (#14171)

* Add weakCachec to objectGuard

* add unit test

* lint

---------

Co-authored-by: Demetrio Girardi <dgirardi@prebid.org>

* StartioBidAdapter: Change the protocol from http to https (#14128)

* Start.io adapter: Change the protocol from http to https

* Start.io adapter: Changing content-type to json

* Start.io adapter: Changing content-type back to text/plain

* Rename greenbids bid adapter spec file (#14191)

* SeenThis Brand Stories Rendering Module: initial release (fixed) (#14044)

* Add SeenThis Brand Stories module

* test: add unit tests for seenthisBrandStories module functions and constants

* remove support for loading inside iframe

* only allow events of seenthis origin

* fix tests; update applying of styling

* sort variables

* emit billable event on init

---------

Co-authored-by: Per Holmäng <per.holmang@gmail.com>

* Various modules: fix tests (#14194)

* GreenbidsBidAdapter: fix tests

* fix adnuntius & pbsBidAdapter

* Set localIdentifier for browserstack tests (#14195)

* Screencore Bid Adapter: add endpointId parameter (#14169)

* Screencore prebid adapter

* rearrange code

* use lowercase screncore bidder code

* fix tests

* update tests

* trigger CI

* Screencore Bid Adapter: add endpointId parameter

* Updated adapter to use teqblazeUtils library
* Added endpointId parameter support in test parameters
* Updated test specs to include endpointId validation

* Screencore Bid Adapter: update sync URL to base domain

Update SYNC_URL constant to use base domain.
The getUserSyncs function from teqblazeUtils will append the appropriate path.

* Screencore Bid Adapter: migrate to teqblazeUtils library

- Update imports to use buildRequestsBase, interpretResponse, getUserSyncs,
  isBidRequestValid, and buildPlacementProcessingFunction from teqblazeUtils
- Remove storage manager dependency (no longer needed)
- Update isBidRequestValid to use placementId/endpointId params validation
- Refactor buildRequests to use buildRequestsBase pattern
- Rewrite test suite to match teqblazeUtils API:
  - Simplify test data structures
  - Update server response format (body as array)
  - Add tests for placementId/endpointId validation
  - Update getUserSyncs URL format expectations

---------

Co-authored-by: Kostiantyn Karchevsky <kostiantyn.karchevsky@teqblaze.com>
Co-authored-by: Demetrio Girardi <dgirardi@prebid.org>
Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* Rubicon Bid Adapter: Remove PAAPI and Privacy Sandbox support (#14197)

Co-authored-by: Patrick McCann <patmmccann@gmail.com>

* fix bug in AmxBidAdapter userSync settings handling (#14200)

A bitwise `&` was being used instead of the intended `|`.

* Prebid 10.18.0 release

* Increment version to 10.19.0-pre

* CodeQL: scope JSON request check to bid adapters (#14189)

* Onetag Adapter: remove screenLeft usage (#14184)

* Onetag Adapter: remove screenLeft usage

* Update onetagBidAdap…

Author: 157 people

.circleci/config.yml

@@ -5,7 +5,9 @@
 
 	"build": {
 		"dockerfile": "Dockerfile",		
-		"args": { "VARIANT": "12" }
+		"args": {
+			"VARIANT": "18"
+		}
 	},
 
 	"postCreateCommand": "bash .devcontainer/postCreate.sh",

.devcontainer/devcontainer.json

@@ -1,5 +1,8 @@
 echo "Post Create Starting"
 
+export NVM_DIR="/usr/local/share/nvm"
+[ -s "$NVM_DIR/nvm.sh" ] && . "$NVM_DIR/nvm.sh"
+
 nvm install
 nvm use
 npm install gulp-cli -g

.devcontainer/postCreate.sh

@@ -0,0 +1,35 @@
+name: Install deb
+description: Download and install a .deb package
+inputs:
+  url:
+    description: URL to the .deb file
+    required: true
+  name:
+    description: A local name for the package. Required if using this action multiple times in the same context.
+    default: package.deb
+    required: false
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Restore deb
+      id: deb-restore
+      uses: actions/cache/restore@v4
+      with:
+        path: "${{ runner.temp }}/${{ inputs.name }}"
+        key: ${{ inputs.url }}
+    - name: Download deb
+      if: ${{ steps.deb-restore.outputs.cache-hit != 'true'  }}
+      shell: bash
+      run: |
+        wget --no-verbose "${{ inputs.url }}" -O "${{ runner.temp }}/${{ inputs.name }}"
+    - name: Cache deb
+      if: ${{ steps.deb-restore.outputs.cache-hit != 'true' }}
+      uses: actions/cache/save@v4
+      with:
+        path: "${{ runner.temp }}/${{ inputs.name }}"
+        key: ${{ inputs.url }}
+    - name: Install deb
+      shell: bash
+      run: |
+        sudo apt-get install -y --allow-downgrades "${{ runner.temp }}/${{ inputs.name }}"

.github/actions/install-deb/action.yml

@@ -0,0 +1,38 @@
+name: Load working directory
+description: Load working directory saved with "actions/save"
+inputs:
+  name:
+    description: The name used with actions/save
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Set up Node.js
+      uses: actions/setup-node@v6
+      with:
+        node-version: '20'
+    - uses: actions/github-script@v8
+      id: platform
+      with:
+        result-encoding: string
+        script: |
+          const os = require('os');
+          return os.platform();
+    - name: 'Clear working directory'
+      shell: bash
+      run: |
+        rm -r "$(pwd)"/*
+
+    - name: Download artifact
+      uses: actions/download-artifact@v5
+      with:
+        path: '${{ runner.temp }}'
+        name: '${{ inputs.name }}'
+
+    - name: 'Untar working directory'
+      shell: bash
+      run: |
+        wdir="$(pwd)"
+        parent="$(dirname "$wdir")"
+        target="$(basename "$wdir")"
+        tar ${{ steps.platform.outputs.result == 'win32' && '--force-local' || '' }} -C "$parent" -xf '${{ runner.temp }}/${{ inputs.name }}.tar' "$target"

.github/actions/load/action.yml

@@ -0,0 +1,23 @@
+name: NPM install
+description: Run npm install and cache dependencies
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Restore dependencies
+      id: restore-modules
+      uses: actions/cache/restore@v4
+      with:
+        path: "node_modules"
+        key: node_modules-${{ hashFiles('package-lock.json') }}
+    - name: Run npm ci
+      if: ${{ steps.restore-modules.outputs.cache-hit != 'true'  }}
+      shell: bash
+      run: |
+        npm ci
+    - name: Cache dependencies
+      if: ${{ steps.restore-modules.outputs.cache-hit != 'true' }}
+      uses: actions/cache/save@v4
+      with:
+        path: "node_modules"
+        key: node_modules-${{ hashFiles('package-lock.json') }}

.github/actions/npm-ci/action.yml

@@ -0,0 +1,41 @@
+name: Save working directory
+description: Save working directory, preserving permissions
+inputs:
+  prefix:
+    description: Prefix to use for autogenerated names
+    required: false
+  name:
+    description: a name to reference with actions/load
+    required: false
+outputs:
+  name:
+    description: a name to reference with actions/load
+    value: ${{ fromJSON(steps.platform.outputs.result).name }}
+
+runs:
+  using: 'composite'
+  steps:
+    - uses: actions/github-script@v8
+      id: platform
+      with:
+        script: |
+          const os = require('os');
+          const crypto = require("crypto");
+          const id = crypto.randomBytes(16).toString("hex");          
+          return {       
+             name: ${{ inputs.name && format('"{0}"', inputs.name) || format('"{0}" + id', inputs.prefix || '') }},
+             platform: os.platform(),
+          }
+    - name: Tar working directory
+      shell: bash
+      run: |
+        wdir="$(pwd)"
+        parent="$(dirname "$wdir")"
+        target="$(basename "$wdir")"
+        tar ${{ fromJSON(steps.platform.outputs.result).platform == 'win32' && '--force-local' || '' }} -C "$parent" -cf "${{ runner.temp }}/${{ fromJSON(steps.platform.outputs.result).name }}.tar" "$target"
+    - name: Upload artifact
+      uses: actions/upload-artifact@v4
+      with:
+        path: '${{ runner.temp }}/${{ fromJSON(steps.platform.outputs.result).name }}.tar'
+        name: ${{ fromJSON(steps.platform.outputs.result).name }}
+        overwrite: true

.github/actions/save/action.yml

@@ -0,0 +1,27 @@
+name: Wait for browserstack sessions
+description: Wait until enough browserstack sessions have become available
+inputs:
+  sessions:
+    description: Number of sessions needed to continue
+    default: "6"
+runs:
+  using: 'composite'
+  steps:
+    - shell: bash
+      run: |
+        while            
+          status=$(curl -u "${BROWSERSTACK_USERNAME}:${BROWSERSTACK_ACCESS_KEY}" \
+            -X GET "https://api-cloud.browserstack.com/automate/plan.json" 2> /dev/null);
+          running=$(jq '.parallel_sessions_running' <<< $status)
+          max_running=$(jq '.parallel_sessions_max_allowed' <<< $status)
+          queued=$(jq '.queued_sessions' <<< $status)
+          max_queued=$(jq '.queued_sessions_max_allowed' <<< $status)
+          spare=$(( ${max_running} + ${max_queued} - ${running} - ${queued} ))
+          required=${{ inputs.sessions }}
+          echo "Browserstack status: ${running} sessions running, ${queued} queued, ${spare} free"
+          (( ${required} > ${spare} ))
+        do
+          delay=$(( 60 + $(shuf -i 1-60 -n 1) ))
+          echo "Waiting for ${required} sessions to free up, checking again in ${delay}s"
+          sleep $delay
+        done

.github/actions/wait-for-browserstack/action.yml

@@ -0,0 +1,23 @@
+// this file is autogenerated, see fingerprintApis.mjs
+
+class DOMMethod extends string {
+
+  float weight; 
+  string type; 
+  
+  DOMMethod() {
+      
+      ( this = "toDataURL"  and weight = 23.69  and type = "HTMLCanvasElement" )
+       or 
+      ( this = "getChannelData"  and weight = 731.69  and type = "AudioBuffer" )
+  }  
+
+  float getWeight() {
+    result = weight
+  }
+  
+  string getType() {
+    result = type
+  }
+  
+} 

.github/codeql/queries/autogen_fpDOMMethod.qll

@@ -0,0 +1,35 @@
+// this file is autogenerated, see fingerprintApis.mjs
+
+class EventProperty extends string {
+
+  float weight; 
+  string event; 
+  
+  EventProperty() {
+      
+      ( this = "candidate"  and weight = 68.42  and event = "icecandidate" )
+       or 
+      ( this = "acceleration"  and weight = 67.02  and event = "devicemotion" )
+       or 
+      ( this = "rotationRate"  and weight = 66.54  and event = "devicemotion" )
+       or 
+      ( this = "accelerationIncludingGravity"  and weight = 184.27  and event = "devicemotion" )
+       or 
+      ( this = "alpha"  and weight = 355.23  and event = "deviceorientation" )
+       or 
+      ( this = "beta"  and weight = 768.94  and event = "deviceorientation" )
+       or 
+      ( this = "gamma"  and weight = 350.62  and event = "deviceorientation" )
+       or 
+      ( this = "absolute"  and weight = 235.6  and event = "deviceorientation" )
+  }  
+
+  float getWeight() {
+    result = weight
+  }
+  
+  string getEvent() {
+    result = event
+  }
+  
+}