ENG-2160: Custom Alpha Image

[tvandort]

Ticket ENG-2160

Description Of Changes

Custom alpha image for client. Includes updates in 2.75.2 plus Banner Resurfacing.

Code Changes

Steps to Confirm

Pre-Merge Checklist

• Issue requirements met
• All CI pipelines succeeded
• CHANGELOG.md updated
  • Add a db-migration This indicates that a change includes a database migration label to the entry if your change includes a DB migration
  • Add a high-risk This issue suggests changes that have a high-probability of breaking existing code label to the entry if your change includes a high-risk change (i.e. potential for performance impact or unexpected regression) that should be flagged
  • Updates unreleased work already in Changelog, no new entry necessary
• UX feedback:
  • All UX related changes have been reviewed by a designer
  • No UX review needed
• Followup issues:
  • Followup issues created
  • No followup issues
• Database migrations:
  • Ensure that your downrev is up to date with the latest revision on main
  • Ensure that your downgrade() migration is correct and works
    • If a downgrade migration is not possible for this change, please call this out in the PR description!
  • No migrations
• Documentation:
  • Documentation complete, PR opened in fidesdocs
  • Documentation issue created in fidesdocs
  • If there are any new client scopes created as part of the pull request, remember to update public-facing documentation that references our scope registry
  • No documentation updates required

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

2 Skipped Deployments

Project	Deployment	Preview	Comments	Updated (UTC)
fides-plus-nightly	Ignored			Dec 3, 2025 7:20pm
fides-privacy-center	Ignored			Dec 3, 2025 7:20pm

[greptile-apps]

Greptile Overview

Greptile Summary

This PR upgrades React (19.0.0→19.0.1) and Next.js (15.2.3→15.2.6) to fix a React Server vulnerability, and adds logic to resurface the consent banner when users dismiss or reject consent in TCF overlays.

Key Changes:

• Security patch for React Server vulnerability via dependency upgrades
• Banner now resurfaces for ConsentMethod.DISMISS and ConsentMethod.REJECT in TCF overlays
• Test expectations updated for dismiss case

Minor Issues:

• Test label says "returns false" but expects true (misleading)
• Missing test coverage for the REJECT consent method

Confidence Score: 4/5

• Safe to merge with minor test improvements recommended
• Security patches are critical and properly implemented. The consent banner logic change is small and focused. Only concerns are a misleading test label and missing test coverage for REJECT case, which are non-blocking style issues.
• Consider adding test coverage for ConsentMethod.REJECT in clients/fides-js/__tests__/lib/consent-utils.test.ts

Important Files Changed

File Analysis

Filename	Score	Overview
clients/privacy-center/package.json	5/5	Upgraded React 19.0.0→19.0.1 and Next.js 15.2.3→15.2.6 for security fix
clients/fides-js/src/lib/consent-utils.ts	4/5	Added logic to resurface banner when consent method is DISMISS or REJECT
clients/fides-js/tests/lib/consent-utils.test.ts	3/5	Updated test expectation for DISMISS case, but missing test for REJECT case

[greptile-apps]

Additional Comments (1)

1. clients/fides-js/__tests__/lib/consent-utils.test.ts, line 340 (link)

   style: Test label says "returns false" but expects true - misleading label.

_{4 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

style: Add test coverage for ConsentMethod.REJECT case - only DISMISS is tested.