Release: 2.24.3

[islameldesoky95]

User description

PR Type

Other

---

Description

• Bumped version from 2.24.2 to 2.24.3

• Updated CTV first layer CMP for TCF alignment

• Added consent toggle labels in CTV second layer

• Introduced vendor storage information section

---

Diagram Walkthrough

flowchart LR
  A["Version 2.24.2"] -- "Release 2.24.3" --> B["Version 2.24.3"]
  B --> C["CTV First Layer Updates"]
  B --> D["CTV Second Layer Enhancements"]
  C --> E["TCF Requirements Alignment"]
  D --> F["Consent Toggle Labels"]
  D --> G["Vendor Storage Information"]

Loading

File Walkthrough

	Relevant files
Configuration changes	build.gradle.kts Update Android SDK version number                                                android/build.gradle.kts Updated usercentricsVersion from 2.24.2 to 2.24.3 +1/-1      package.json Update npm package version                                                              package.json Updated package version from 2.24.2 to 2.24.3 +1/-1
Documentation	CHANGELOG.md Add release notes for version 2.24.3                                          CHANGELOG.md Added release notes for version 2.24.3 dated Dec 18, 2025 Documented CTV first layer CMP updates for TCF alignment Documented consent and legitimate interest toggle labels Documented vendor storage information section for TCF policy compliance Noted changes apply to both Android and iOS implementations +6/-0

---

---

CodeAnt-AI Description

Release 2.24.3 — CTV TCF alignment, consent toggle labels, and vendor storage info

What Changed

• Updated Android/iOS CTV first layer to show purposes and stacks according to Admin UI, matching web/mobile behavior.
• Added clear labels for Consent and Legitimate Interest toggles in the CTV second layer to satisfy TCF policy check 23.
• Introduced vendor storage information (cookies and non-cookie access) in the CTV second layer to address TCF policy check 24.
• Bumped package versions and build config to 2.24.3.

Impact

✅ Clearer consent choices on CTV
✅ Compliance with TCF checks 23 and 24
✅ Consistent consent display across web, Android, and iOS

💡 Usage Guide

Checking Your Pull Request

Every time you make a pull request, our system automatically looks through it. We check for security issues, mistakes in how you're setting up your infrastructure, and common code problems. We do this to make sure your changes are solid and won't cause any trouble later.

Talking to CodeAnt AI

Got a question or need a hand with something in your pull request? You can easily get in touch with CodeAnt AI right here. Just type the following in a comment on your pull request, and replace "Your question here" with whatever you want to ask:

@codeant-ai ask: Your question here

This lets you have a chat with CodeAnt AI about your pull request, making it easier to understand and improve your code.

Example

@codeant-ai ask: Can you suggest a safer alternative to storing this secret?

Preserve Org Learnings with CodeAnt

You can record team preferences so CodeAnt AI applies them in future reviews. Reply directly to the specific CodeAnt AI suggestion (in the same thread) and replace "Your feedback here" with your input:

@codeant-ai: Your feedback here

This helps CodeAnt AI learn and adapt to your team's coding style and standards.

Example

@codeant-ai: Do not flag unused imports.

Retrigger review

Ask CodeAnt AI to review the PR again, by typing:

@codeant-ai: review

Check Your Repository Health

To analyze the health of your code repository, visit our dashboard at https://app.codeant.ai. This tool helps you identify potential issues and areas for improvement in your codebase, ensuring your repository maintains high standards of code health.

Summary by CodeRabbit

• New Features

  • CTV first layer now aligns with web/mobile by using Admin UI-configured purposes/stacks.
  • CTV second layer shows labels for Consent and Legitimate Interest toggles to meet TCF policy.
  • CTV second layer displays vendor storage information (cookies and non-cookie access details).
  • Changes applied to both Android and iOS CTV implementations.

• Chores

  • Release version bumped to 2.24.3.
  • CI test runner macOS target updated.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[codeant-ai]

CodeAnt AI is reviewing your PR.

---

Thanks for using CodeAnt! 🎉

We're free for open-source projects. if you're enjoying it, help us grow by sharing.

Share on X ·
Reddit ·
LinkedIn

[coderabbitai]

Walkthrough

Bumps package and Android build Usercentrics versions from 2.24.2 to 2.24.3, updates CI runner macOS version, and adds a CHANGELOG entry describing CTV improvements for Android and iOS (first-layer CMP alignment, second-layer labels, vendor storage info).

Changes

Cohort / File(s)	Change Summary
Version metadata updates android/build.gradle.kts, android/build-legacy.gradle, package.json	Bumped Usercentrics/package version from 2.24.2 → 2.24.3.
CI workflow .github/workflows/ci.yml	Changed test-android job runner from macos-13 → macos-14.
Release documentation CHANGELOG.md	Added release 2.24.3 (Dec 18, 2025) entry describing CTV updates: first-layer CMP alignment with TCF, Consent/Legitimate Interest toggle labels in second layer, and vendor storage information (cookies & non-cookie access) for Android & iOS.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

• Areas to glance at:
  • package.json and android/* build files: confirm only version string updates.
  • .github/workflows/ci.yml: confirm runner change and no unintended step modifications.
  • CHANGELOG.md: verify content correctness and formatting.

Possibly related PRs

• Release: 2.23.3 #162 — Prior release bump touching the same version constants in package and Android build files.
• Release: 2.24.0 #168 — Another release/version bump updating the same metadata files.
• Release: 2.24.1 #172 — Related metadata/version bump for package and Android build scripts.

Suggested labels

size:M

Suggested reviewers

• uc-brunosouza
• souzabrunoj

Poem

🐇 I hopped a tiny version bump today,
From two-two-four-two to three—hip-hooray!
CTV labels, storage notes tucked in tight,
Android and iOS ready for flight,
A carrot dance to ship it right 🥕✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Release: 2.24.3' clearly and directly summarizes the main change—a version bump release. It is specific, concise, and accurately reflects the primary objective of the pull request.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch release/2.24.3

---

📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 19bb214 and 138ef32.

📒 Files selected for processing (1)

• .github/workflows/ci.yml (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• .github/workflows/ci.yml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: test-android
• GitHub Check: test-ios

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
Update

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

PR Code Suggestions ✨

No code suggestions found for the PR.

[pantoaibot]

PR Summary:

Release 2.24.3 — version bumps and changelog describing CTV TCF alignment and UI improvements.

• CHANGELOG.md: Added 2.24.3 release notes describing CTV changes:
  • CTV first layer now shows purposes and stacks per Admin UI (aligns with TCF/web/mobile behavior).
  • CTV second layer: proper labels for Consent and Legitimate Interest toggles (addresses TCF policy check 23).
  • Added vendor storage information (cookies and non-cookie access) in CTV second layer (addresses TCF policy check 24).
  • Notes that changes apply to both Android and iOS CTV.
• android/build.gradle.kts: bumped usercentricsVersion from 2.24.2 to 2.24.3.
• package.json: bumped package version to 2.24.3 (iosPackageVersion remains 2.24.2 — potential inconsistency to verify).

No code-level breaking changes shown in diffs; changes are metadata and release notes (functional CTV changes described in changelog).

Reviewed by Panto AI

[codeant-ai]

Nitpicks 🔍

🔒 No security issues identified

⚡ Recommended areas for review Dependency Resolution Stability Confirm dependency resolution/locking strategy: using dynamic or mismatched versions elsewhere (e.g. reactNativeVersion = "+") may cause non-deterministic builds when combined with a manual version bump. Consider using locked versions to avoid surprises. Version Bump The PR updates the usercentricsVersion constant to "2.24.3". Verify that this version is published, compatible with the rest of the project (API/ABI), and that any transitive behavior changes are intended. Ensure tests and CI use the bumped artifact and that publishing/release tasks are updated if needed. Cross-module Consistency Ensure the same usercentricsVersion is used across all modules and build files. Hardcoding a version in this file can lead to mismatches with other modules or a root-version property; search the repo for other occurrences and align them.

[codeant-ai]

CodeAnt AI finished reviewing your PR.

[pantoaibot]

Reviewed up to commit:f192c8d226232f2fa49df2f41e5390e94590d554

Reviewed by Panto AI

---

Few more points:

• [CRITICAL_BUG] You bumped the npm package version to 2.24.3 (line 3) but iosPackageVersion remains at "2.24.2" (line 10). This will cause a mismatch between the published npm version and the iOS pod/package metadata and can break release publishing or CocoaPods consumers. Update iosPackageVersion to 2.24.3, and ensure the iOS podspec (react-native-usercentrics.podspec), any iOS metadata files and CI publish scripts are updated to the same version. Run pod spec lint / packaging checks and verify the published artifacts (npm package, Podspec, any native bundles) all carry the same version before releasing.

{
  "name": "@usercentrics/react-native-sdk",
  "version": "2.24.3",
  "description": "Usercentrics SDK",
  "homepage": "https://usercentrics.com",
  "main": "lib/index.js",
  "types": "lib/index.d.ts",
  "author": "Usercentrics <developer@usercentrics.com>",
  "iosPackageName": "react-native-usercentrics",
  "iosPackageVersion": "2.24.3",
  "license": "SEE LICENSE IN LICENSE",
  "files": [
    "android",
    "ios",
    "lib",
    "src",
    "react-native-usercentrics.podspec",
    "react-native.config.js",
    "!.DS_Store",
    "!.gradle",
    "!.idea",
    "!build",
    "!gradle",
    "!*.iml",
    "!gradlew",
    "!gradlew.bat",
    "!local.properties",
    "!project.xcworkspace",
    "!xcshareddata",
    "!xcuserdata"
  ]
}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between c7aa679 and f192c8d.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (3)

• CHANGELOG.md (1 hunks)
• android/build.gradle.kts (1 hunks)
• package.json (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: test-ios

🔇 Additional comments (2)

android/build.gradle.kts (1)

1-1: LGTM!

The Android dependency version bump to 2.24.3 is correct and consistent with the release objectives.

CHANGELOG.md (1)

2-7: LGTM!

The CHANGELOG entry for release 2.24.3 is well-documented and clearly describes the CTV improvements for both Android and iOS platforms, including specific TCF policy check resolutions.