LiveIntent Id Submodule: Update live-connect build dependency to 2.3.1

[3link]

Type of change

• Bugfix
• Feature
• New bidder adapter
• Code style update (formatting, local variables)
• Refactoring (no functional changes, no api changes)
• Build related changes
• CI related changes
• Does this change affect user-facing APIs or examples documented on http://prebid.org?
• Other

Description of change

Live Connect library update. Changes in library relevant for LiveIntent's userId module:

• remove usage (get/set) of legacy _litra_id.X cookies

[patmmccann]

What does the new library do?

[3link]

@patmmccann primarily, the new library version removes the usage of a legacy cookie. The feature set used for our Prebid module remains unchanged.

[ChrisHuie]

@3link can you please remove your package.json file from this pr 🙏

[3link]

@ChrisHuie the package.json change contains the update of our LiveConnect library that is used by our user id module. This change is the reason for this PR. Or did you rather mean the changes in package-lock.json?

[ChrisHuie]

@ChrisHuie the package.json change contains the update of our LiveConnect library that is used by our user id module. This change is the reason for this PR. Or did you rather mean the changes in package-lock.json?

Can you please pull in most recent merges then on the main branch and I can merge :) 🙏

[3link]

Can you please pull in most recent merges then on the main branch and I can merge :) 🙏

Sure! Done.

[patmmccann]

@3link @ChrisHuie this still has changes on package lock, not ready for merge

[3link]

this still has changes on package lock, not ready for merge
@patmmccann @ChrisHuie Which of the changes shall be removed?

[ChrisHuie]

@3link since you are updating the dependencies it looks fine to me other than the release number probably needing to be updated again. @patmmccann is there something else in the package-lock you are referencing?

[dgirardi]

The changes in here LGTM, but since the liveIntent module effectively pulls in an external dependency into Prebid, does that mean we should be reviewing all updates that went into live-connect-js from 2.0.0 to 2.3.1? (This is a probably a policy question for @patmmccann - was the live-connect-js codebase reviewed originally?)

[dgirardi]

Given the PR description I find it surprising that you'd change these from local storage to cookies - but if it makes sense to you (& the rest of the maintainers) I have no issue with it.

[3link]

@dgirardi The resulting behaviour did not change. A step for building the request was refactored and the dependency on the _lc2_fpi cookie being present became more obvious in the test. It was there before too, but it was enough to stub getDataFromLocalStorage.

[3link]

since you are updating the dependencies it looks fine to me other than the release number probably needing to be updated again

Done.

[patmmccann]

@3link could you link to change log between 2.0.0 and 2.3.1 for reviewers' convenience?

[patmmccann]

No concerning changes at

https://github.com/LiveIntent/live-connect/releases

Thanks!