chore: remove explicit email and phone inline blocks in favor of automatic obfuscation

2026-03-02 12:39:07 +01:00
parent 1e0886144f
commit 4faed38f47
6 changed files with 59 additions and 117 deletions
--- a/.gitea/workflows/qa.yml
+++ b/.gitea/workflows/qa.yml
@@ -11,10 +11,10 @@ env:

 jobs:
  # ────────────────────────────────────────────────────
-  # 1. Install & Cache Dependencies
+  # 1. Static Checks (HTML, Assets, HTTP)
  # ────────────────────────────────────────────────────
-  install:
-    name: 📦 Install
+  static:
+    name: 🔍 Static Analysis
    runs-on: docker
    container:
      image: catthehacker/ubuntu:act-latest
@@ -30,39 +30,17 @@ jobs:
        run: |
          echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm" > .npmrc
          echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${{ secrets.NPM_TOKEN }}" >> .npmrc
+      - name: 📦 Cache node_modules
+        uses: actions/cache@v4
+        id: cache-deps
+        with:
+          path: node_modules
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
      - name: Install
+        if: steps.cache-deps.outputs.cache-hit != 'true'
        run: |
          pnpm store prune
          pnpm install --no-frozen-lockfile
-      - name: Upload workspace
-        uses: actions/upload-artifact@v4
-        with:
-          name: workspace
-          path: |
-            node_modules
-            .npmrc
-          retention-days: 1
-
-  # ────────────────────────────────────────────────────
-  # 2. Static Checks (HTML, Assets, HTTP)
-  # ────────────────────────────────────────────────────
-  static:
-    name: 🔍 Static Analysis
-    needs: install
-    runs-on: docker
-    container:
-      image: catthehacker/ubuntu:act-latest
-    steps:
-      - uses: actions/checkout@v4
-      - uses: pnpm/action-setup@v3
-        with:
-          version: 10
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 20
-      - uses: actions/download-artifact@v4
-        with:
-          name: workspace
      - name: 🌐 HTML Validation
        env:
          NEXT_PUBLIC_BASE_URL: ${{ env.TARGET_URL }}
@@ -80,11 +58,10 @@ jobs:
        run: pnpm run check:http

  # ────────────────────────────────────────────────────
-  # 3. Accessibility (WCAG)
+  # 2. Accessibility (WCAG)
  # ────────────────────────────────────────────────────
  a11y:
    name: ♿ Accessibility
-    needs: install
    runs-on: docker
    container:
      image: catthehacker/ubuntu:act-latest
@@ -96,9 +73,21 @@ jobs:
      - uses: actions/setup-node@v4
        with:
          node-version: 20
-      - uses: actions/download-artifact@v4
+      - name: 🔐 Registry Auth
+        run: |
+          echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm" > .npmrc
+          echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${{ secrets.NPM_TOKEN }}" >> .npmrc
+      - name: 📦 Cache node_modules
+        uses: actions/cache@v4
+        id: cache-deps
        with:
-          name: workspace
+          path: node_modules
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        if: steps.cache-deps.outputs.cache-hit != 'true'
+        run: |
+          pnpm store prune
+          pnpm install --no-frozen-lockfile
      - name: 🔍 Install Chromium
        run: |
          apt-get update && apt-get install -y gnupg wget ca-certificates
@@ -117,11 +106,10 @@ jobs:
        run: pnpm run check:wcag

  # ────────────────────────────────────────────────────
-  # 4. Performance (Lighthouse)
+  # 3. Performance (Lighthouse)
  # ────────────────────────────────────────────────────
  lighthouse:
    name: 🎭 Lighthouse
-    needs: install
    runs-on: docker
    container:
      image: catthehacker/ubuntu:act-latest
@@ -133,9 +121,21 @@ jobs:
      - uses: actions/setup-node@v4
        with:
          node-version: 20
-      - uses: actions/download-artifact@v4
+      - name: 🔐 Registry Auth
+        run: |
+          echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm" > .npmrc
+          echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${{ secrets.NPM_TOKEN }}" >> .npmrc
+      - name: 📦 Cache node_modules
+        uses: actions/cache@v4
+        id: cache-deps
        with:
-          name: workspace
+          path: node_modules
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        if: steps.cache-deps.outputs.cache-hit != 'true'
+        run: |
+          pnpm store prune
+          pnpm install --no-frozen-lockfile
      - name: 🔍 Install Chromium
        run: |
          apt-get update && apt-get install -y gnupg wget ca-certificates
@@ -158,11 +158,10 @@ jobs:
        run: pnpm run pagespeed:test -- --collect.settings.preset=mobile

  # ────────────────────────────────────────────────────
-  # 5. Link Check & Dependency Audit
+  # 4. Link Check & Dependency Audit
  # ────────────────────────────────────────────────────
  links:
    name: 🔗 Links & Deps
-    needs: install
    runs-on: docker
    container:
      image: catthehacker/ubuntu:act-latest
@@ -174,9 +173,21 @@ jobs:
      - uses: actions/setup-node@v4
        with:
          node-version: 20
-      - uses: actions/download-artifact@v4
+      - name: 🔐 Registry Auth
+        run: |
+          echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm" > .npmrc
+          echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${{ secrets.NPM_TOKEN }}" >> .npmrc
+      - name: 📦 Cache node_modules
+        uses: actions/cache@v4
+        id: cache-deps
        with:
-          name: workspace
+          path: node_modules
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        if: steps.cache-deps.outputs.cache-hit != 'true'
+        run: |
+          pnpm store prune
+          pnpm install --no-frozen-lockfile
      - name: 📦 Depcheck
        continue-on-error: true
        run: pnpm dlx depcheck --ignores="*eslint*,*typescript*,*tailwindcss*,*postcss*,*prettier*,*@types/*,*husky*,*lint-staged*,*@next/*,*@lhci/*,*commitlint*,*cspell*,*rimraf*,*@payloadcms/*,*start-server-and-test*,*html-validate*,*critters*,*dotenv*,*turbo*"
@@ -187,11 +198,11 @@ jobs:
          fail: true

  # ────────────────────────────────────────────────────
-  # 6. Notification
+  # 5. Notification
  # ────────────────────────────────────────────────────
  notify:
    name: 🔔 Notify
-    needs: [install, static, a11y, lighthouse, links]
+    needs: [static, a11y, lighthouse, links]
    if: always()
    runs-on: docker
    container:
@@ -200,13 +211,12 @@ jobs:
      - name: 🔔 Gotify
        shell: bash
        run: |
-          INSTALL="${{ needs.install.result }}"
          STATIC="${{ needs.static.result }}"
          A11Y="${{ needs.a11y.result }}"
          LIGHTHOUSE="${{ needs.lighthouse.result }}"
          LINKS="${{ needs.links.result }}"

-          if [[ "$INSTALL" != "success" || "$STATIC" != "success" || "$LIGHTHOUSE" != "success" ]]; then
+          if [[ "$STATIC" != "success" || "$LIGHTHOUSE" != "success" ]]; then
            PRIORITY=8
            EMOJI="🚨"
            STATUS="Failed"
@@ -217,7 +227,7 @@ jobs:
          fi

          TITLE="$EMOJI ${{ env.PROJECT_NAME }} QA $STATUS"
-          MESSAGE="Install: $INSTALL | Static: $STATIC | A11y: $A11Y | Lighthouse: $LIGHTHOUSE | Links: $LINKS
+          MESSAGE="Static: $STATIC | A11y: $A11Y | Lighthouse: $LIGHTHOUSE | Links: $LINKS
          ${{ env.TARGET_URL }}"

          curl -s -k -X POST "${{ secrets.GOTIFY_URL }}/message?token=${{ secrets.GOTIFY_TOKEN }}" \