BetaViberTest is in active development — expect breaking changes.
VIBERTEST
Overview
DocsRulesMissing Compliance
#020highSecurity & Compliance

Missing Compliance

Detects missing Terms of Service, Privacy Policy, cookie consent, and account deletion.

Rule ID:missing-compliance

Examples#

BadNo legal pages, analytics without consent
// No /terms or /privacy pages exist

// Analytics loaded without consent
<script src="https://www.googletagmanager.com/gtag/js" />

// Legal page with placeholders
<p>
  [Company Name] ("we", "us") collects data as described
  in this policy. Contact us at [email].
</p>

// Auth system with no account deletion
// Users can sign up but can never delete their account
GoodComplete legal pages, consent-first analytics
// /terms — real Terms of Service
// /privacy — real Privacy Policy (GDPR + CCPA compliant)

// Cookie consent before analytics
{hasConsent && (
  <Script src="https://www.googletagmanager.com/gtag/js" />
)}

// Legal pages with real content (no placeholders)
<p>
  ViberHub Inc. ("we", "us") collects data as described
  in this policy. Contact us at privacy@viberhub.dev.
</p>

// Account deletion endpoint
app.delete('/api/account', requireAuth, async (req, res) => {
  await deleteUserData(req.user.id); // GDPR Article 17
  res.status(204).end();
});

What It Detects#

highNo Terms of Service page
Missing Terms of Service page

Fix: Create a Terms of Service page at /terms or /legal/terms.

highNo Privacy Policy page
Missing Privacy Policy page

Fix: Create a Privacy Policy page. GDPR and CCPA require one.

criticalLegal page with unresolved placeholders ([Company Name])
Legal page has unresolved placeholders

Fix: Publishing legal pages with placeholders is worse than having none.

highAnalytics without cookie consent
Analytics detected without cookie consent implementation

Fix: GDPR and ePrivacy Directive require informed consent before tracking.

mediumAuth without account deletion
User authentication without account deletion mechanism

Fix: GDPR Article 17 (Right to Erasure) requires account deletion.

Configuration#

This rule is enabled by default. To disable it:

.vibertestrc.jsonjson
{
  "rules": {
    "missing-compliance": {
      "enabled": false
    }
  }
}
#019 Security Anti-Patterns#021 Accessibility