Skip to content

Update content scope scripts to version 15.2.0#8869

Merged
nalcalag merged 1 commit into
developfrom
automated/update-content-scope-scripts-dependencies-15.2.0
Jun 15, 2026
Merged

Update content scope scripts to version 15.2.0#8869
nalcalag merged 1 commit into
developfrom
automated/update-content-scope-scripts-dependencies-15.2.0

Conversation

@daxmobile

@daxmobile daxmobile commented Jun 13, 2026

Copy link
Copy Markdown
Collaborator
  • Automated content scope scripts dependency update

This PR updates the content scope scripts dependency to the latest available version and copies the necessary files.

Tests will only run if something has changed in the node_modules/@duckduckgo/content-scope-scripts folder.

If only the package version has changed, there is no need to run the tests.

If tests have failed, see https://app.asana.com/0/1202561462274611/1203986899650836/f for further information on what to do next.

content-scope-scripts folder update

  • All tests must pass
  • Privacy tests must pass

Only content-scope-scripts package update

  • All tests must pass
  • Privacy tests do not need to run

Note

Medium Risk
Changes affect in-page privacy features (conditional config, ad hiding, Duck Player, Duck AI data clearing) across many sites; incorrect matching could alter blocking or clearing behavior until privacy tests pass.

Overview
Bumps @duckduckgo/content-scope-scripts from 15.1.0 to 15.2.0 and refreshes the vendored Android build bundles under node_modules.

The 15.2.0 injected scripts tighten config and feature matching: processAttr treats a numeric default of NaN as unset; matchConditionalFeatureSetting only derives conditions when domain is present and includes rules with no condition instead of dropping them. Element hiding only applies rules that have a selector, validates item.rules as an array, and skips override comparisons for selector-less rules.

Duck Player gains stricter DOM/event typing ( Node/Element checks before contains/matches ), wraps messaging subscription payloads, and avoids thumbnail work when watch params are missing. Duck AI data clearing validates clear-data params, normalizes caught values to Error, and fires async clears without unhandled promises. The duck player page bundle parses ytcfg / embedded player response more defensively.

package-lock.json also records transitive bumps (e.g. @ghostery/adblocker 2.17.3→2.18.0) from the resolved dependency tree.

Reviewed by Cursor Bugbot for commit 4b9d038. Bugbot is set up for automated code reviews on this repo. Configure here.

@daxmobile daxmobile force-pushed the automated/update-content-scope-scripts-dependencies-15.2.0 branch from 08e3b91 to 3e07848 Compare June 14, 2026 04:44
@nalcalag nalcalag force-pushed the automated/update-content-scope-scripts-dependencies-15.2.0 branch from 3e07848 to 4b9d038 Compare June 15, 2026 10:58
@nalcalag nalcalag merged commit 75a3924 into develop Jun 15, 2026
19 of 26 checks passed
@nalcalag nalcalag deleted the automated/update-content-scope-scripts-dependencies-15.2.0 branch June 15, 2026 11:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants