fix(banner): bridge blocker state loader↔bundle and sweep stale cookies on consent change (#4)

* fix(banner): bridge blocker state between loader and bundle

``consent-loader.js`` and ``consent-bundle.js`` are built as two
separate rollup IIFEs, so each inlines a private copy of
``blocker.ts``. The loader's copy is the one that actually matters
— it installs the ``document.cookie`` / ``Storage.prototype.setItem``
/ ``MutationObserver`` proxies, and those proxies close over the
loader's private ``acceptedCategories`` set and its
``blockedScripts`` queue.

The bundle used to ``import { updateAcceptedCategories } from './blocker'``
and call it from ``handleConsent``. That updated the **bundle's**
dead-end copy of the blocker module — a different ``Set`` object in
a different scope from the one the proxies read — so after the user
granted consent the loader's proxies stayed stuck on
``Set(['necessary'])``, any non-necessary cookie write kept being
silently dropped, and the loader's queue of blocked scripts was
never released.

Fix by exposing the loader's live ``updateAcceptedCategories`` on
``window.__consentos._updateBlocker`` right after
``installBlocker()``, and replacing the bundle's dead-end import
with a helper that calls through the bridge. The bundle no longer
imports from ``./blocker`` at all; rollup tree-shakes the bundle's
copy out, so ``consent-bundle.js`` gets slightly smaller.

Tests (``__tests__/blocker-bridge.test.ts``) cover:
* Bridge is called with the exact accepted list.
* Bridge is forwarded verbatim (no slug filtering).
* Missing bridge logs a warning and doesn't throw.
* Missing ``window.__consentos`` logs a warning and doesn't throw.

``vi.hoisted`` seeds ``window.__consentos`` before banner.ts's
module-level ``init()`` runs so the import-time IIFE doesn't throw
on the empty global.

* fix(banner): sweep disallowed cookies + storage on consent update

When the loader runs it now proactively deletes any pre-existing
cookies (and localStorage / sessionStorage keys) that classify into
a category the visitor hasn't consented to. Fixes the common case
of an ``_ga`` that slipped through before the loader was installed
— e.g. on a host page that loads the loader with ``async`` or
places another tracker above it in ``<head>`` — sitting there
forever because the blocker's only defence was a setter proxy on
future writes.

Sweep semantics:

- Runs on every ``updateAcceptedCategories`` call (consent narrowed
  → the just-revoked categories' cookies are wiped) plus an
  explicit call from the loader's "no consent yet" branch (initial
  visit with pre-existing trackers from elsewhere).
- Only deletes cookies / keys whose classifier hits a known
  pattern (``_ga``, ``_fbp``, ``intercom-*`` etc. — same lists as
  the proxied setters). Unknown / unclassified cookies are left
  alone: we can't attribute them and won't risk clobbering
  first-party session state.
- ``_consentos_*`` is always preserved.
- For cookies, we don't know the original ``domain`` / ``path``
  (``document.cookie`` doesn't expose them), so we fire deletes
  against every plausible domain variant — bare hostname, leading
  ``.``, and every parent domain walked up from the left. Covers
  the GA "set on ``.example.com`` from a subdomain page" case
  without over-deleting.
- Deletions bypass the proxied setter and go directly through the
  cached ``originalCookieDescriptor`` captured before the proxy was
  installed, so the blocker doesn't eat its own expiry writes.
- Storage access is wrapped in ``safeStorage`` — sandboxed /
  cross-origin iframes that throw on ``window.localStorage`` are
  skipped rather than crashing the loader.

Tests in ``__tests__/blocker.test.ts`` cover: non-consented analytics
cookies are deleted, consented ones are preserved, unknown cookies
survive, ``_consentos_*`` is untouched, revoking a category after
seeding new cookies triggers a follow-up sweep, and localStorage
cleanup follows the same rules. 6 new cases, 373 passing total in
the banner suite.

apps/banner/src/__tests__/blocker-bridge.test.ts

@@ -0,0 +1,116 @@
+/**
+ * Tests for the loader ↔ bundle blocker bridge.
+ *
+ * ``consent-loader.js`` and ``consent-bundle.js`` are compiled as
+ * separate rollup IIFEs, so each one inlines its own copy of
+ * ``blocker.ts`` with private module state. The bundle therefore
+ * can't reach the loader's ``acceptedCategories`` set via a direct
+ * import — it has to call through ``window.__consentos._updateBlocker``,
+ * which the loader sets after ``installBlocker()``.
+ *
+ * We mock the imports the banner module pulls in so importing
+ * ``banner.ts`` here doesn't try to hit real network / timers.
+ */
+
+import { beforeEach, describe, expect, it, vi } from 'vitest';
+
+// Seed ``window.__consentos`` before banner.ts's init() IIFE runs at
+// import time. Without this, destructuring ``window.__consentos`` at
+// the top of init() throws and fills the test output with noise.
+vi.hoisted(() => {
+  (globalThis as any).window = (globalThis as any).window || globalThis;
+  (globalThis as any).window.__consentos = {
+    siteId: '',
+    apiBase: '',
+    cdnBase: '',
+    loaded: false,
+  };
+});
+
+vi.mock('../consent', () => ({
+  buildConsentState: vi.fn(() => ({ accepted: [], rejected: [] })),
+  readConsent: vi.fn(() => null),
+  writeConsent: vi.fn(),
+}));
+
+vi.mock('../gcm', () => ({
+  buildGcmStateFromCategories: vi.fn(() => ({})),
+  updateGcm: vi.fn(),
+}));
+
+vi.mock('../i18n', () => ({
+  DEFAULT_TRANSLATIONS: {},
+  detectLocale: vi.fn(() => 'en'),
+  interpolate: vi.fn((s: string) => s),
+  loadTranslations: vi.fn(async () => ({})),
+  renderLinks: vi.fn((s: string) => s),
+}));
+
+vi.mock('../a11y', () => ({
+  announce: vi.fn(),
+  createLiveRegion: vi.fn(),
+  focusFirst: vi.fn(),
+  onEscape: vi.fn(() => () => {}),
+  prefersReducedMotion: vi.fn(() => false),
+  trapFocus: vi.fn(() => () => {}),
+}));
+
+// Prevent banner.ts's init() IIFE from running against real globals.
+vi.stubGlobal('fetch', vi.fn(() => Promise.reject(new Error('mocked'))));
+
+import { updateAcceptedCategories } from '../banner';
+
+describe('loader ↔ bundle blocker bridge', () => {
+  beforeEach(() => {
+    window.__consentos = {
+      siteId: 'test',
+      apiBase: 'https://api.example.com',
+      cdnBase: 'https://cdn.example.com',
+      loaded: false,
+    };
+  });
+
+  it('calls window.__consentos._updateBlocker when the bridge is present', () => {
+    const bridge = vi.fn();
+    window.__consentos._updateBlocker = bridge;
+
+    updateAcceptedCategories(['necessary', 'analytics']);
+
+    expect(bridge).toHaveBeenCalledTimes(1);
+    expect(bridge).toHaveBeenCalledWith(['necessary', 'analytics']);
+  });
+
+  it('forwards the exact array reference so the loader sees every slug', () => {
+    const bridge = vi.fn();
+    window.__consentos._updateBlocker = bridge;
+
+    const accepted = ['necessary', 'functional', 'marketing'] as const;
+    updateAcceptedCategories([...accepted]);
+
+    const args = bridge.mock.calls[0][0];
+    expect(args).toEqual(['necessary', 'functional', 'marketing']);
+  });
+
+  it('warns and returns cleanly when the bridge is missing', () => {
+    const warn = vi.spyOn(console, 'warn').mockImplementation(() => {});
+    delete window.__consentos._updateBlocker;
+
+    expect(() => updateAcceptedCategories(['necessary'])).not.toThrow();
+    expect(warn).toHaveBeenCalledWith(
+      expect.stringContaining('blocker bridge missing'),
+    );
+
+    warn.mockRestore();
+  });
+
+  it('warns when window.__consentos is missing entirely', () => {
+    const warn = vi.spyOn(console, 'warn').mockImplementation(() => {});
+    // @ts-expect-error — simulating a pre-init state
+    window.__consentos = undefined;
+
+    expect(() => updateAcceptedCategories(['necessary'])).not.toThrow();
+    expect(warn).toHaveBeenCalled();
+
+    warn.mockRestore();
+  });
+});