fbf26453f2
ConsentOS — a privacy-first cookie consent management platform. Self-hosted, source-available alternative to OneTrust, Cookiebot, and CookieYes. Full standards coverage (IAB TCF v2.2, GPP v1, Google Consent Mode v2, GPC, Shopify Customer Privacy API), multi-tenant architecture with role-based access, configuration cascade (system → org → group → site → region), dark-pattern detection in the scanner, and a tamper-evident consent record audit trail. This is the initial public release. Prior development history is retained internally. See README.md for the feature list, architecture overview, and quick-start instructions. Licensed under the Elastic Licence 2.0 — self-host freely; do not resell as a managed service.
1.2 KiB
1.2 KiB
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
[Unreleased]
[0.1.0] - 2026-03-18
Initial public release of ConsentOS.
Added
- API: FastAPI backend with JWT authentication, org/site CRUD, consent recording, analytics, and compliance checking
- Banner: Lightweight consent banner script (~2KB loader + ~25KB bundle) with Shadow DOM isolation, auto-blocking, IAB TCF v2.2, and Google Consent Mode v2
- Scanner: Playwright-based cookie crawler with auto-categorisation and dark pattern detection
- Admin UI: React dashboard with site management, cookie manager, banner builder, compliance checker, and analytics
- Known cookies: Seeded from the Open Cookie Database (2,200+ patterns)
- Compliance: Rule-based engine covering GDPR, CNIL, CCPA/CPRA, ePrivacy, and LGPD
- Infrastructure: Docker Compose (dev/test/prod), Helm chart, Ansible playbooks
- CI: GitHub Actions pipeline with linting, testing, type checking, and bundle size checks