Merge branch 'main' into feature/excel

- Hero title: text-7xl → text-5xl, removed text-shadow
- Removed all Scribble decorative strokes from Hero, VideoSection, products page
- PayloadRichText headings reduced by one size step
- Team page: harmonized Michael/Klaus heading sizes (both text-4xl)
- Product overview: removed min-height from hero, reduced CTA heading
- Added quality={100} to team photos, Experience and MeetTheTeam backgrounds
- Cleaned up unused Scribble imports

.gitea/workflows/deploy.yml

@@ -203,7 +203,7 @@ jobs:
       - name: 🐳 Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
       - name: 🔐 Registry Login
-        run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login git.infra.mintel.me -u "${{ github.actor }}" --password-stdin
+        run: echo "${{ secrets.NPM_TOKEN }}" | docker login git.infra.mintel.me -u "${{ github.repository_owner }}" --password-stdin
       - name: 🏗️ Build and Push
         uses: docker/build-push-action@v5
         with:
@@ -363,7 +363,7 @@ jobs:
           scp .env.deploy root@alpha.mintel.me:$SITE_DIR/$ENV_FILE
           scp docker-compose.yml root@alpha.mintel.me:$SITE_DIR/docker-compose.yml
           
-          ssh root@alpha.mintel.me "cd $SITE_DIR && echo '${{ secrets.GITHUB_TOKEN }}' | docker login git.infra.mintel.me -u '${{ github.actor }}' --password-stdin"
+          ssh root@alpha.mintel.me "cd $SITE_DIR && echo '${{ secrets.NPM_TOKEN }}' | docker login git.infra.mintel.me -u '${{ github.repository_owner }}' --password-stdin"
           ssh root@alpha.mintel.me "cd $SITE_DIR && docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '$ENV_FILE' pull"
           ssh root@alpha.mintel.me "cd $SITE_DIR && docker compose -p '${{ needs.prepare.outputs.project_name }}' --env-file '$ENV_FILE' up -d --remove-orphans"
           

.gitea/workflows/qa.yml

@@ -1,17 +1,233 @@
 name: Nightly QA
 
 on:
+  push:
+    branches: [main]
   schedule:
     - cron: '0 3 * * *'
   workflow_dispatch:
 
+env:
+  TARGET_URL: 'https://testing.klz-cables.com'
+  PROJECT_NAME: 'klz-2026'
+
 jobs:
-  call-qa-workflow:
-    uses: mmintel/at-mintel/.gitea/workflows/quality-assurance-template.yml@main
-    with:
-      TARGET_URL: 'https://testing.klz-cables.com'
-      PROJECT_NAME: 'klz-2026'
-    secrets:
-      GOTIFY_URL: ${{ secrets.GOTIFY_URL }}
-      GOTIFY_TOKEN: ${{ secrets.GOTIFY_TOKEN }}
-      GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD || 'klz2026' }}
+  # ────────────────────────────────────────────────────
+  # 1. Static Checks (HTML, Assets, HTTP)
+  # ────────────────────────────────────────────────────
+  static:
+    name: 🔍 Static Analysis
+    runs-on: docker
+    container:
+      image: catthehacker/ubuntu:act-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: pnpm/action-setup@v3
+        with:
+          version: 10
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - name: 🔐 Registry Auth
+        run: |
+          echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm" > .npmrc
+          echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${{ secrets.NPM_TOKEN }}" >> .npmrc
+      - name: 📦 Cache node_modules
+        uses: actions/cache@v4
+        id: cache-deps
+        with:
+          path: node_modules
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        if: steps.cache-deps.outputs.cache-hit != 'true'
+        run: |
+          pnpm store prune
+          pnpm install --no-frozen-lockfile
+      - name: 🌐 Install Chrome & Dependencies
+        run: |
+          apt-get update && apt-get install -y libnss3 libnspr4 libatk1.0-0 libatk-bridge2.0-0 libcups2 libdrm2 libxkbcommon0 libxcomposite1 libxdamage1 libxext6 libxfixes3 libxrandr2 libgbm1 libasound2t64 libpango-1.0-0 libcairo2
+          npx puppeteer browsers install chrome
+      - name: 🌐 HTML Validation
+        env:
+          NEXT_PUBLIC_BASE_URL: ${{ env.TARGET_URL }}
+          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }}
+        run: pnpm run check:html
+      - name: 🖼️ Broken Assets
+        env:
+          NEXT_PUBLIC_BASE_URL: ${{ env.TARGET_URL }}
+          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }}
+          ASSET_CHECK_LIMIT: 10
+        run: pnpm run check:assets
+      - name: 🔒 HTTP Headers
+        env:
+          NEXT_PUBLIC_BASE_URL: ${{ env.TARGET_URL }}
+          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }}
+        run: pnpm run check:http
+
+  # ────────────────────────────────────────────────────
+  # 2. Accessibility (WCAG)
+  # ────────────────────────────────────────────────────
+  a11y:
+    name: ♿ Accessibility
+    runs-on: docker
+    container:
+      image: catthehacker/ubuntu:act-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: pnpm/action-setup@v3
+        with:
+          version: 10
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - name: 🔐 Registry Auth
+        run: |
+          echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm" > .npmrc
+          echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${{ secrets.NPM_TOKEN }}" >> .npmrc
+      - name: 📦 Cache node_modules
+        uses: actions/cache@v4
+        id: cache-deps
+        with:
+          path: node_modules
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        if: steps.cache-deps.outputs.cache-hit != 'true'
+        run: |
+          pnpm store prune
+          pnpm install --no-frozen-lockfile
+      - name: 🌐 Install Chrome & Dependencies
+        run: |
+          apt-get update && apt-get install -y libnss3 libnspr4 libatk1.0-0 libatk-bridge2.0-0 libcups2 libdrm2 libxkbcommon0 libxcomposite1 libxdamage1 libxext6 libxfixes3 libxrandr2 libgbm1 libasound2t64 libpango-1.0-0 libcairo2
+          npx puppeteer browsers install chrome
+      - name: ♿ WCAG Scan
+        continue-on-error: true
+        env:
+          NEXT_PUBLIC_BASE_URL: ${{ env.TARGET_URL }}
+          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }}
+        run: pnpm run check:wcag
+
+  # ────────────────────────────────────────────────────
+  # 3. Performance (Lighthouse)
+  # ────────────────────────────────────────────────────
+  lighthouse:
+    name: 🎭 Lighthouse
+    runs-on: docker
+    container:
+      image: catthehacker/ubuntu:act-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: pnpm/action-setup@v3
+        with:
+          version: 10
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - name: 🔐 Registry Auth
+        run: |
+          echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm" > .npmrc
+          echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${{ secrets.NPM_TOKEN }}" >> .npmrc
+      - name: 📦 Cache node_modules
+        uses: actions/cache@v4
+        id: cache-deps
+        with:
+          path: node_modules
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        if: steps.cache-deps.outputs.cache-hit != 'true'
+        run: |
+          pnpm store prune
+          pnpm install --no-frozen-lockfile
+      - name: 🌐 Install Chrome & Dependencies
+        run: |
+          apt-get update && apt-get install -y libnss3 libnspr4 libatk1.0-0 libatk-bridge2.0-0 libcups2 libdrm2 libxkbcommon0 libxcomposite1 libxdamage1 libxext6 libxfixes3 libxrandr2 libgbm1 libasound2t64 libpango-1.0-0 libcairo2
+          npx puppeteer browsers install chrome
+      - name: 🎭 Desktop
+        env:
+          NEXT_PUBLIC_BASE_URL: ${{ env.TARGET_URL }}
+          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }}
+          PAGESPEED_LIMIT: 5
+        run: pnpm run pagespeed:test -- --collect.settings.preset=desktop
+      - name: 📱 Mobile
+        env:
+          NEXT_PUBLIC_BASE_URL: ${{ env.TARGET_URL }}
+          GATEKEEPER_PASSWORD: ${{ secrets.GATEKEEPER_PASSWORD }}
+          PAGESPEED_LIMIT: 5
+        run: pnpm run pagespeed:test -- --collect.settings.preset=mobile
+
+  # ────────────────────────────────────────────────────
+  # 4. Link Check & Dependency Audit
+  # ────────────────────────────────────────────────────
+  links:
+    name: 🔗 Links & Deps
+    runs-on: docker
+    container:
+      image: catthehacker/ubuntu:act-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: pnpm/action-setup@v3
+        with:
+          version: 10
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 20
+      - name: 🔐 Registry Auth
+        run: |
+          echo "@mintel:registry=https://git.infra.mintel.me/api/packages/mmintel/npm" > .npmrc
+          echo "//git.infra.mintel.me/api/packages/mmintel/npm/:_authToken=${{ secrets.NPM_TOKEN }}" >> .npmrc
+      - name: 📦 Cache node_modules
+        uses: actions/cache@v4
+        id: cache-deps
+        with:
+          path: node_modules
+          key: pnpm-${{ hashFiles('pnpm-lock.yaml') }}
+      - name: Install
+        if: steps.cache-deps.outputs.cache-hit != 'true'
+        run: |
+          pnpm store prune
+          pnpm install --no-frozen-lockfile
+      - name: 📦 Depcheck
+        continue-on-error: true
+        run: pnpm dlx depcheck --ignores="*eslint*,*typescript*,*tailwindcss*,*postcss*,*prettier*,*@types/*,*husky*,*lint-staged*,*@next/*,*@lhci/*,*commitlint*,*cspell*,*rimraf*,*@payloadcms/*,*start-server-and-test*,*html-validate*,*critters*,*dotenv*,*turbo*" || true
+      - name: 🔗 Lychee Link Check
+        uses: lycheeverse/lychee-action@v2
+        with:
+          args: --accept 200,204,429 --timeout 15 --insecure --exclude "file://*" --exclude "https://logs.infra.***.me/*" --exclude "https://git.infra.***.me/*" --exclude "https://umami.is/docs/best-practices" --exclude "https://***/*" .
+          fail: true
+
+  # ────────────────────────────────────────────────────
+  # 5. Notification
+  # ────────────────────────────────────────────────────
+  notify:
+    name: 🔔 Notify
+    needs: [static, a11y, lighthouse, links]
+    if: always()
+    runs-on: docker
+    container:
+      image: catthehacker/ubuntu:act-latest
+    steps:
+      - name: 🔔 Gotify
+        shell: bash
+        run: |
+          STATIC="${{ needs.static.result }}"
+          A11Y="${{ needs.a11y.result }}"
+          LIGHTHOUSE="${{ needs.lighthouse.result }}"
+          LINKS="${{ needs.links.result }}"
+
+          if [[ "$STATIC" != "success" || "$LIGHTHOUSE" != "success" ]]; then
+            PRIORITY=8
+            EMOJI="🚨"
+            STATUS="Failed"
+          else
+            PRIORITY=2
+            EMOJI="✅"
+            STATUS="Passed"
+          fi
+
+          TITLE="$EMOJI ${{ env.PROJECT_NAME }} QA $STATUS"
+          MESSAGE="Static: $STATIC | A11y: $A11Y | Lighthouse: $LIGHTHOUSE | Links: $LINKS
+          ${{ env.TARGET_URL }}"
+
+          curl -s -k -X POST "${{ secrets.GOTIFY_URL }}/message?token=${{ secrets.GOTIFY_TOKEN }}" \
+            -F "title=$TITLE" \
+            -F "message=$MESSAGE" \
+            -F "priority=$PRIORITY" || true

.htmlvalidate.json

@@ -17,6 +17,10 @@
     "valid-id": "off",
     "element-required-attributes": "off",
     "attribute-empty-style": "off",
-    "element-permitted-content": "off"
+    "element-permitted-content": "off",
+    "element-required-content": "off",
+    "element-permitted-parent": "off",
+    "no-implicit-close": "off",
+    "close-order": "off"
   }
 }

app/[locale]/blog/[slug]/page.tsx

@@ -98,6 +98,7 @@ export default async function BlogPost({ params }: BlogPostProps) {
               alt={post.frontmatter.title}
               fill
               priority
+              quality={100}
               className="object-cover"
               sizes="100vw"
               style={{

app/[locale]/contact/page.tsx

@@ -8,6 +8,7 @@ import { SITE_URL } from '@/lib/schema';
 import { getOGImageMetadata } from '@/lib/metadata';
 import { Suspense } from 'react';
 import ContactMap from '@/components/ContactMap';
+import ObfuscatedEmail from '@/components/ObfuscatedEmail';
 
 interface ContactPageProps {
   params: Promise<{
@@ -204,12 +205,10 @@ export default async function ContactPage({ params }: ContactPageProps) {
                       <h4 className="text-base md:text-xl font-bold text-primary mb-1 md:mb-2">
                         {t('info.email')}
                       </h4>
-                      <a
-                        href="mailto:info@klz-cables.com"
+                      <ObfuscatedEmail
+                        email="info@klz-cables.com"
                         className="text-sm md:text-lg text-text-secondary hover:text-primary transition-colors font-medium touch-target"
-                      >
-                        info@klz-cables.com
-                      </a>
+                      />
                     </div>
                   </div>
                 </address>

app/[locale]/products/[...slug]/page.tsx

@@ -499,9 +499,14 @@ export default async function ProductPage({ params }: ProductPageProps) {
                   </h2>
                   <div className="h-1.5 w-24 bg-accent rounded-full" />
                 </div>
-                <div className="flex flex-col gap-4 max-w-2xl">
-                  <DatasheetDownload datasheetPath={datasheetPath} className="mt-0" />
-                  {excelPath && <ExcelDownload excelPath={excelPath} className="mt-0" />}
+                <div className="flex flex-row flex-wrap items-center gap-4 max-w-2xl">
+                  <DatasheetDownload
+                    datasheetPath={datasheetPath}
+                    className="mt-0 w-full sm:w-auto"
+                  />
+                  {excelPath && (
+                    <ExcelDownload excelPath={excelPath} className="mt-0 w-full sm:w-auto" />
+                  )}
                 </div>
               </div>
             )}

app/[locale]/products/page.tsx

@@ -105,9 +105,7 @@ export default async function ProductsPage({ params }: ProductsPageProps) {
             </Badge>
             <Heading level={1} className="text-white mb-4 md:mb-8">
               {t.rich('title', {
-                green: (chunks) => (
-                  <span className="text-accent italic">{chunks}</span>
-                ),
+                green: (chunks) => <span className="text-accent italic">{chunks}</span>,
               })}
             </Heading>
             <p className="text-lg md:text-xl text-white/70 leading-relaxed max-w-2xl mb-8 md:mb-12 line-clamp-2 md:line-clamp-none">

app/actions/brochure.ts

@@ -23,6 +23,14 @@ export async function requestBrochureAction(formData: FormData) {
   const email = formData.get('email') as string;
   const locale = (formData.get('locale') as string) || 'en';
 
+  // Anti-spam Honeypot Check
+  const honeypot = formData.get('company_website') as string;
+  if (honeypot) {
+    logger.warn('Spam detected via honeypot in brochure request', { email });
+    // Silently succeed to fool the bot without doing actual work
+    return { success: true };
+  }
+
   if (!email) {
     logger.warn('Missing email in brochure request');
     return { success: false, error: 'Missing email address' };
@@ -77,7 +85,7 @@ export async function requestBrochureAction(formData: FormData) {
 
     const html = await render(
       React.createElement(BrochureDeliveryEmail, {
-        email,
+        _email: email,
         brochureUrl,
         locale: locale as 'en' | 'de',
       }),

app/actions/contact.ts

@@ -25,6 +25,14 @@ export async function sendContactFormAction(formData: FormData) {
   // Track attempt
   services.analytics.track('contact-form-attempt');
 
+  // Anti-spam Honeypot Check
+  const honeypot = formData.get('company_website') as string;
+  if (honeypot) {
+    logger.warn('Spam detected via honeypot in contact request', { email: formData.get('email') });
+    // Silently succeed to fool the bot without doing actual work
+    return { success: true };
+  }
+
   const name = formData.get('name') as string;
   const email = formData.get('email') as string;
   const message = formData.get('message') as string;

components/ContactForm.tsx

@@ -139,6 +139,15 @@ export default function ContactForm() {
         {t('form.title')}
       </Heading>
       <form onSubmit={handleSubmit} className="grid grid-cols-1 md:grid-cols-2 gap-4 md:gap-8">
+        {/* Anti-spam Honeypot */}
+        <input
+          type="text"
+          name="company_website"
+          tabIndex={-1}
+          autoComplete="off"
+          style={{ display: 'none' }}
+          aria-hidden="true"
+        />
         <div className="space-y-1 md:space-y-2">
           <Label htmlFor="contact-name">{t('form.name')}</Label>
           <Input

components/FooterBrochureForm.tsx

@@ -93,6 +93,16 @@ export default function FooterBrochureForm({ className }: Props) {
         onSubmit={handleSubmit}
         className="w-full md:w-auto flex flex-col sm:flex-row gap-3"
       >
+        {/* Anti-spam Honeypot */}
+        <input
+          type="text"
+          name="company_website"
+          tabIndex={-1}
+          autoComplete="off"
+          style={{ display: 'none' }}
+          aria-hidden="true"
+        />
+
         <div className="relative w-full sm:w-64">
           <input
             name="email"

components/ObfuscatedEmail.tsx

@@ -0,0 +1,38 @@
+'use client';
+
+import React, { useState, useEffect } from 'react';
+
+interface ObfuscatedEmailProps {
+  email: string;
+  className?: string;
+  children?: React.ReactNode;
+}
+
+/**
+ * A component that helps protect email addresses from simple spambots.
+ * It uses client-side mounting to render the actual email address,
+ * making it harder for static crawlers to harvest.
+ */
+export default function ObfuscatedEmail({ email, className = '', children }: ObfuscatedEmailProps) {
+  const [mounted, setMounted] = useState(false);
+
+  useEffect(() => {
+    setMounted(true);
+  }, []);
+
+  if (!mounted) {
+    // Show a placeholder or obscured version during SSR
+    return (
+      <span className={className} aria-hidden="true">
+        {children || email.replace('@', ' [at] ').replace(/\./g, ' [dot] ')}
+      </span>
+    );
+  }
+
+  // Once mounted on the client, render the real mailto link
+  return (
+    <a href={`mailto:${email}`} className={className}>
+      {children || email}
+    </a>
+  );
+}

components/ObfuscatedPhone.tsx

@@ -0,0 +1,41 @@
+'use client';
+
+import React, { useState, useEffect } from 'react';
+
+interface ObfuscatedPhoneProps {
+  phone: string;
+  className?: string;
+  children?: React.ReactNode;
+}
+
+/**
+ * A component that helps protect phone numbers from simple spambots.
+ * It stays obscured during SSR and hydrates into a functional tel: link on the client.
+ */
+export default function ObfuscatedPhone({ phone, className = '', children }: ObfuscatedPhoneProps) {
+  const [mounted, setMounted] = useState(false);
+
+  useEffect(() => {
+    setMounted(true);
+  }, []);
+
+  // Format phone number for tel: link (remove spaces, etc.)
+  const telLink = `tel:${phone.replace(/\s+/g, '')}`;
+
+  if (!mounted) {
+    // Show a placeholder or obscured version during SSR
+    // e.g. +49 881 925 [at] 37298
+    const obscured = phone.replace(/(\d{3})(\d{3})$/, ' $1...$2');
+    return (
+      <span className={className} aria-hidden="true">
+        {children || obscured}
+      </span>
+    );
+  }
+
+  return (
+    <a href={telLink} className={className}>
+      {children || phone}
+    </a>
+  );
+}

components/PayloadRichText.tsx

@@ -1,7 +1,7 @@
 import { defaultJSXConverters, RichText } from '@payloadcms/richtext-lexical/react';
 import type { JSXConverters } from '@payloadcms/richtext-lexical/react';
 import Image from 'next/image';
-import { Suspense } from 'react';
+import { Suspense, Fragment } from 'react';
 
 // Import all custom React components that were previously mapped via Markdown
 import StickyNarrative from '@/components/blog/StickyNarrative';
@@ -24,6 +24,8 @@ import Reveal from '@/components/Reveal';
 import { Badge, Container, Heading, Section, Card } from '@/components/ui';
 import TrackedLink from '@/components/analytics/TrackedLink';
 import { useLocale } from 'next-intl';
+import ObfuscatedEmail from '@/components/ObfuscatedEmail';
+import ObfuscatedPhone from '@/components/ObfuscatedPhone';
 
 import HomeHero from '@/components/home/Hero';
 import ProductCategories from '@/components/home/ProductCategories';
@@ -36,9 +38,95 @@ import GallerySection from '@/components/home/GallerySection';
 import VideoSection from '@/components/home/VideoSection';
 import CTA from '@/components/home/CTA';
 
+/**
+ * Splits a text string on \n and intersperses <br /> elements.
+ * This is needed because Lexical stores newlines as literal \n characters inside
+ * text nodes (e.g. dash-lists typed in the editor), but HTML collapses whitespace.
+ */
+function textWithLineBreaks(text: string, key: string) {
+  const parts = text.split('\n');
+  if (parts.length === 1) return text;
+  return parts.map((part, i) => (
+    <Fragment key={`${key}-${i}`}>
+      {part}
+      {i < parts.length - 1 && <br />}
+    </Fragment>
+  ));
+}
+
 const jsxConverters: JSXConverters = {
   ...defaultJSXConverters,
-  // Let the default converters handle text nodes to preserve valid formatting
+  // Handle Lexical linebreak nodes (explicit shift+enter)
+  linebreak: () => <br />,
+  // Custom text converter: preserve \n inside text nodes as <br /> and obfuscate emails
+  text: ({ node }: any) => {
+    let content: React.ReactNode = node.text || '';
+    // Split newlines first
+    if (typeof content === 'string' && content.includes('\n')) {
+      content = textWithLineBreaks(content, `t-${(node.text || '').slice(0, 8)}`);
+    }
+
+    // Obfuscate emails in text content
+    if (typeof content === 'string' && content.includes('@')) {
+      const emailRegex = /([a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,})/g;
+      const parts = content.split(emailRegex);
+      content = parts.map((part, i) => {
+        if (part.match(emailRegex)) {
+          return <ObfuscatedEmail key={`e-${i}`} email={part} />;
+        }
+        return part;
+      });
+    }
+
+    // Obfuscate phone numbers in text content (simple pattern for +XX XXX ...)
+    if (typeof content === 'string' && content.match(/\+\d+/)) {
+      const phoneRegex = /(\+\d{1,4}[\d\s-]{5,15})/g;
+      const parts = content.split(phoneRegex);
+      content = parts.map((part, i) => {
+        if (part.match(phoneRegex)) {
+          return <ObfuscatedPhone key={`p-${i}`} phone={part} />;
+        }
+        return part;
+      });
+    }
+
+    // Handle array content (from previous mappings)
+    if (Array.isArray(content)) {
+      content = content.map((item, idx) => {
+        if (typeof item === 'string') {
+          // Re-apply phone regex to strings in array
+          const phoneRegex = /(\+\d{1,4}[\d\s-]{5,15})/g;
+          if (item.match(phoneRegex)) {
+            const parts = item.split(phoneRegex);
+            return parts.map((part, i) => {
+              if (part.match(phoneRegex)) {
+                return <ObfuscatedPhone key={`p-${idx}-${i}`} phone={part} />;
+              }
+              return part;
+            });
+          }
+        }
+        return item;
+      });
+    }
+
+    // Apply Lexical formatting flags
+    if (node.format) {
+      if (node.format & 1) content = <strong>{content}</strong>;
+      if (node.format & 2) content = <em>{content}</em>;
+      if (node.format & 8) content = <u>{content}</u>;
+      if (node.format & 4) content = <s>{content}</s>;
+      if (node.format & 16)
+        content = (
+          <code className="px-1.5 py-0.5 bg-neutral-100 rounded text-sm font-mono text-primary">
+            {content}
+          </code>
+        );
+      if (node.format & 32) content = <sub>{content}</sub>;
+      if (node.format & 64) content = <sup>{content}</sup>;
+    }
+    return <>{content}</>;
+  },
   // Use div instead of p for paragraphs to allow nested block elements (like the lists above)
   paragraph: ({ node, nodesToJSX }: any) => {
     return (
@@ -57,16 +145,16 @@ const jsxConverters: JSXConverters = {
     const textContent = node.children ? node.children.map((c: any) => c.text || '').join('') : '';
     const id = textContent
       ? textContent
-        .toLowerCase()
-        .replace(/ä/g, 'ae')
-        .replace(/ö/g, 'oe')
-        .replace(/ü/g, 'ue')
-        .replace(/ß/g, 'ss')
-        .replace(/[*_`]/g, '')
-        .replace(/[^\w\s-]/g, '')
-        .replace(/\s+/g, '-')
-        .replace(/-+/g, '-')
-        .replace(/^-+|-+$/g, '')
+          .toLowerCase()
+          .replace(/ä/g, 'ae')
+          .replace(/ö/g, 'oe')
+          .replace(/ü/g, 'ue')
+          .replace(/ß/g, 'ss')
+          .replace(/[*_`]/g, '')
+          .replace(/[^\w\s-]/g, '')
+          .replace(/\s+/g, '-')
+          .replace(/-+/g, '-')
+          .replace(/^-+|-+$/g, '')
       : undefined;
 
     if (tag === 'h1')
@@ -168,6 +256,17 @@ const jsxConverters: JSXConverters = {
     // Handling Payload CMS link nodes
     const href = node?.fields?.url || node?.url || '#';
     const newTab = node?.fields?.newTab || node?.newTab;
+
+    if (href.startsWith('mailto:')) {
+      const email = href.replace('mailto:', '');
+      return (
+        <ObfuscatedEmail
+          email={email}
+          className="text-primary no-underline hover:underline font-medium transition-colors"
+        />
+      );
+    }
+
     return (
       <a
         href={href}

components/RequestQuoteForm.tsx

@@ -165,6 +165,16 @@ export default function RequestQuoteForm({ productName }: RequestQuoteFormProps)
 
   return (
     <form onSubmit={handleSubmit} className="space-y-3 !mt-0">
+      {/* Anti-spam Honeypot */}
+      <input
+        type="text"
+        name="company_website"
+        tabIndex={-1}
+        autoComplete="off"
+        style={{ display: 'none' }}
+        aria-hidden="true"
+      />
+
       <div className="space-y-2 !mt-0">
         <div className="space-y-1 !mt-0">
           <label htmlFor={emailId} className="sr-only">

components/home/Hero.tsx

@@ -25,23 +25,13 @@ export default function Hero({ data }: { data?: any }) {
                 <span
                   dangerouslySetInnerHTML={{
                     __html: data.title
-                      .replace(
-                        /<green>/g,
-                        '<span class="text-accent italic">',
-                      )
-                      .replace(
-                        /<\/green>/g,
-                        '</span>',
-                      ),
+                      .replace(/<green>/g, '<span class="text-accent italic">')
+                      .replace(/<\/green>/g, '</span>'),
                   }}
                 />
               ) : (
                 t.rich('title', {
-                  green: (chunks) => (
-                    <span className="text-accent italic">
-                      {chunks}
-                    </span>
-                  ),
+                  green: (chunks) => <span className="text-accent italic">{chunks}</span>,
                 })
               )}
             </Heading>

components/home/VideoSection.tsx

@@ -40,12 +40,16 @@ export default function VideoSection({ data }: { data?: any }) {
         <div className="max-w-5xl px-6 text-center animate-slide-up pointer-events-auto">
           <h2 className="text-3xl md:text-4xl lg:text-5xl font-extrabold text-white leading-[1.1]">
             {data?.title ? (
-              <span dangerouslySetInnerHTML={{ __html: data.title.replace(/<future>/g, '<span class="italic text-accent">').replace(/<\/future>/g, '</span>') }} />
+              <span
+                dangerouslySetInnerHTML={{
+                  __html: data.title
+                    .replace(/<future>/g, '<span class="italic text-accent">')
+                    .replace(/<\/future>/g, '</span>'),
+                }}
+              />
             ) : (
               t.rich('title', {
-                future: (chunks) => (
-                  <span className="italic text-accent">{chunks}</span>
-                ),
+                future: (chunks) => <span className="italic text-accent">{chunks}</span>,
               })
             )}
           </h2>

config/lighthouserc.json

@@ -1,15 +1,10 @@
 {
   "ci": {
     "collect": {
-      "numberOfRuns": 3,
+      "numberOfRuns": 1,
       "settings": {
         "preset": "desktop",
-        "onlyCategories": [
-          "performance",
-          "accessibility",
-          "best-practices",
-          "seo"
-        ],
+        "onlyCategories": ["performance", "accessibility", "best-practices", "seo"],
         "chromeFlags": "--no-sandbox --disable-setuid-sandbox"
       }
     },
@@ -18,7 +13,7 @@
         "categories:performance": [
           "error",
           {
-            "minScore": 0.9
+            "minScore": 0.7
           }
         ],
         "categories:accessibility": [
@@ -54,4 +49,4 @@
       }
     }
   }
-}
+}

lib/blog.ts

@@ -116,7 +116,7 @@ export async function getPostBySlug(slug: string, locale: string): Promise<PostD
         category: doc.category || '',
         featuredImage:
           typeof doc.featuredImage === 'object' && doc.featuredImage !== null
-            ? doc.featuredImage.sizes?.card?.url || doc.featuredImage.url
+            ? doc.featuredImage.url || doc.featuredImage.sizes?.card?.url
             : null,
         focalX:
           typeof doc.featuredImage === 'object' && doc.featuredImage !== null
@@ -162,7 +162,7 @@ export async function getAllPosts(locale: string): Promise<PostData[]> {
           category: doc.category || '',
           featuredImage:
             typeof doc.featuredImage === 'object' && doc.featuredImage !== null
-              ? doc.featuredImage.sizes?.card?.url || doc.featuredImage.url
+              ? doc.featuredImage.url || doc.featuredImage.sizes?.card?.url
               : null,
           focalX:
             typeof doc.featuredImage === 'object' && doc.featuredImage !== null

middleware.ts

@@ -102,7 +102,7 @@ export default async function middleware(request: NextRequest) {
 
 export const config = {
   matcher: [
-    '/((?!api|_next/static|_next/image|favicon.ico|admin|manifest.webmanifest|.*\\.(?:svg|png|jpg|jpeg|gif|webp|pdf|txt|vcf|xml|webm|mp4|map)$).*)',
+    '/((?!api|_next/static|_next/image|favicon.ico|admin|manifest.webmanifest|.*\\.(?:svg|png|jpg|jpeg|gif|webp|pdf|xlsx|txt|vcf|xml|webm|mp4|map)$).*)',
     '/(de|en)/:path*',
   ],
 };

next.config.mjs

@@ -25,6 +25,18 @@ const nextConfig = {
     },
   },
   ...(isProd ? { output: 'standalone' } : {}),
+  async rewrites() {
+    return [
+      {
+        source: '/:locale/datasheets/:path*',
+        destination: '/datasheets/:path*',
+      },
+      {
+        source: '/:locale/brochure/:path*',
+        destination: '/brochure/:path*',
+      },
+    ];
+  },
   async headers() {
     const isProd = process.env.NODE_ENV === 'production';
     const umamiDomain = new URL(process.env.UMAMI_API_ENDPOINT || 'https://analytics.infra.mintel.me').origin;

package.json

@@ -141,7 +141,7 @@
     "prepare": "husky",
     "preinstall": "npx only-allow pnpm"
   },
-  "version": "2.2.11",
+  "version": "2.2.12",
   "pnpm": {
     "onlyBuiltDependencies": [
       "@parcel/watcher",
@@ -163,4 +163,4 @@
   "peerDependencies": {
     "lucide-react": "^0.563.0"
   }
-}
+}

payload-types.ts

@@ -87,9 +87,7 @@ export interface Config {
     products: ProductsSelect<false> | ProductsSelect<true>;
     pages: PagesSelect<false> | PagesSelect<true>;
     'payload-kv': PayloadKvSelect<false> | PayloadKvSelect<true>;
-    'payload-locked-documents':
-      | PayloadLockedDocumentsSelect<false>
-      | PayloadLockedDocumentsSelect<true>;
+    'payload-locked-documents': PayloadLockedDocumentsSelect<false> | PayloadLockedDocumentsSelect<true>;
     'payload-preferences': PayloadPreferencesSelect<false> | PayloadPreferencesSelect<true>;
     'payload-migrations': PayloadMigrationsSelect<false> | PayloadMigrationsSelect<true>;
   };
@@ -959,6 +957,7 @@ export interface Auth {
   [k: string]: unknown;
 }
 
+
 declare module 'payload' {
   export interface GeneratedTypes extends Config {}
-}
+}