npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@cookieyes/core

v0.1.1

Published

Headless consent engine — the single source of truth for all CookieYes consent logic

Readme

@cookieyes/core

The headless consent engine powering the CookieYes SDK. Zero UI, zero runtime dependencies. This is the single source of truth for all consent logic — every framework adapter imports from this package exclusively.

Install

npm install @cookieyes/core
pnpm add @cookieyes/core
yarn add @cookieyes/core
bun add @cookieyes/core

Usage

The recommended entry point is getOrCreateConsentRuntime(). It returns a process-wide singleton with a consentStore (reactive state) and a consentManager (imperative API).

import { getOrCreateConsentRuntime } from "@cookieyes/core";

const { consentManager, consentStore } = getOrCreateConsentRuntime({
  mode: "offline",                          // "offline" (cookie-only) | "self-hosted"
  overrides: { regulation: "GDPR" },        // "GDPR" | "CCPA" | "DEFAULT"
  colorScheme: "system",                    // "light" | "dark" | "system"
});

// React to every saved state change
const unsubscribe = consentStore.subscribe((state) => {
  if (state.has("analytics")) {
    // load analytics scripts (gtag, Mixpanel, …)
  }
  if (state.has("advertisement")) {
    // load ad scripts (Meta Pixel, Google Ads, …)
  }
});

// React only to saved preference changes (not transient UI toggles)
consentStore
  .getState()
  .subscribeToConsentChanges(({ allowedCategories, deniedCategories }) => {
    console.log("Allowed:", allowedCategories);
    console.log("Denied:", deniedCategories);
  });

// Imperative actions
consentStore.getState().has("analytics");           // → boolean
consentStore.getState().saveConsents("all");         // accept all
consentStore.getState().saveConsents("necessary");   // reject all (necessary only)
consentStore.getState().setConsent("analytics", true);
consentManager.showPreferences();                    // open the preferences dialog
consentManager.resetConsent();                       // clear + re-prompt

unsubscribe();

Self-hosted mode

Pass mode: "self-hosted" with either a backendURL (the SDK POSTs a ConsentPayload to it) or a custom backend adapter for full control:

getOrCreateConsentRuntime({
  mode: "self-hosted",
  backend: {
    async persist(payload) {
      await fetch("https://your-backend.example.com/v1/consent", {
        method: "POST",
        headers: { "Content-Type": "application/json" },
        body: JSON.stringify(payload),
      });
    },
  },
});

API

getOrCreateConsentRuntime(options)

Returns { consentManager, consentStore } (a singleton — call resetConsentRuntime() to clear it, primarily for tests).

options (ConsentRuntimeOptions):

| Option | Type | Notes | |--------|------|-------| | mode | "offline" \| "self-hosted" | Required. | | backendURL | string | Self-hosted: endpoint the payload is POSTed to. | | backend | ConsentBackend | Self-hosted: custom persist(payload) adapter. | | apiKey | string | Optional auth key. | | overrides.regulation | "GDPR" \| "CCPA" \| "DEFAULT" | Force the applicable regulation. | | colorScheme | "light" \| "dark" \| "system" | | | theme | ThemeConfig | Color / spacing tokens. | | i18n | I18nConfig | Translation messages / locale. | | networkBlocker | NetworkBlockerConfig | Block network requests by category. | | reloadOnRevoke | boolean | Reload the page when consent is revoked. | | onConsentReady / onConsentUpdate | (state) => void | Lifecycle callbacks. |

consentStoresubscribe(listener) and getState(). State (ConsentStoreState) includes consentId, hasActed, categories, regulation, lastRenewed, activeUI, plus the methods has(), saveConsents(), setConsent(), and subscribeToConsentChanges().

createConsentManager(config) (low-level)

The underlying manager, if you want to bypass the store. Returns a ConsentManager with:

  • State: consentId, hasActed, categories, regulation, lastRenewed, isPreferencesOpen
  • Methods: acceptAll(), rejectAll(), acceptSelected(cats), updateCategory(cat, val), savePreferences(), resetConsent(), showPreferences(), hidePreferences(), subscribe(fn), registerScript(entry)

config (ConsentConfig) accepts: regulation, colorScheme, theme, apiUrl, apiKey, backend, reloadOnRevoke, onConsentReady, onConsentUpdate.

The applicable regulation comes from your configuration (overrides.regulation / config.regulation) and defaults to "DEFAULT". The core engine does not perform IP-based geo-detection.

Consent categories

necessary (always on), functional, analytics, performance, advertisement.

Cookie

Consent is persisted in the cookieyes-consent cookie (SameSite=Lax, path=/). Use parseCookie / serializeCookie from this package to read or write it directly.

License

MIT — see LICENSE.