smueller/HexaHost-Web-Prod
1
0
Fork 0
mirror of https://git.hexahost.dev/smueller/HexaHost-Frontend.git synced 2026-06-02 10:28:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: smueller:6c9114e0a7f9468430f0d13488a3026863dbcfa5
Branches Tags
smueller:main smueller:ci smueller:dev
..
compare: smueller:ci
Branches Tags
smueller:main smueller:ci smueller:dev

7 Commits
6c9114e0a7 ... ci

Author SHA1 Message Date
smueller
9c92df4ae4 feat(footer): add andere dienste section with hexadns and hexa-mail 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-06-01 08:49:35 +02:00
smueller
e0bcf15121 fix(styles): scope legal breadcrumb colors to legal pages 
Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-06-01 08:36:00 +02:00
smueller
1d4b751316 chore(git): add conventional commit hooks and template 
Add commit-msg hook, .gitmessage, and setup script. Ignore .cursor/ in gitignore and lower contact rate limit to 5 per hour.

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-05-29 11:03:09 +02:00
smueller
186b5ae199 Implement product visibility management: Added configuration for product visibility in navigation and footer, along with helper functions to determine visibility and generate HTML attributes. Updated footer, header, and index files to utilize these new functions, enhancing the user interface by conditionally displaying products based on their visibility settings. 2026-05-29 10:52:56 +02:00
smueller
bbc3cbae4e Update README and workflows for release process: Clarified branch usage and workflow steps in README.md, emphasizing the new ci branch for integration. Adjusted Gitea and GitHub workflows to reflect the change from dev to ci for triggering release builds, ensuring a streamlined and consistent obfuscation process for production assets. 2026-05-29 10:42:08 +02:00
smueller
e9d5b55459 Refactor release build process: Updated README.md to clarify branch usage and workflow for development and production. Enhanced Gitea and GitHub workflows to automate merging from dev to main, ensuring consistent obfuscation and asset management during releases. Improved commit messages and streamlined the build process for better clarity and efficiency. 2026-05-28 17:42:06 +02:00
smueller
8f985da61f Enhance obfuscation workflow and asset processing: Updated the Gitea workflow to skip CI for specific commit messages, improving efficiency. Refactored the obfuscation script to include better asset handling, validation, and cleanup processes, ensuring only valid files are processed. Introduced temporary directories for intermediate files during obfuscation, enhancing reliability and reducing errors. 2026-05-28 17:32:21 +02:00
16 changed files with 369 additions and 77 deletions
Expand all files Collapse all files

29
.gitea/workflows/obfuscate-main.yml
View File

@@ -1,9 +1,9 @@
name: Obfuscate Main Build
name: Release Build (ci → main)
on:
push:
branches:
- main
- ci
workflow_dispatch:
env:
@@ -11,18 +11,17 @@ env:
REPO_PATH: smueller/HexaHost-Frontend
jobs:
obfuscate:
# Kein erneuter Lauf nach dem Bot-Commit
release-build:
if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }}
runs-on: ubuntu-latest
steps:
- name: Checkout
- name: Checkout ci (Integration)
uses: actions/checkout@v4
with:
fetch-depth: 0
# Gitea liefert intern oft eine IP; Zertifikat gilt für git.hexahost.dev
repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend
ref: ci
- name: Setup Python
uses: actions/setup-python@v5
@@ -37,17 +36,27 @@ jobs:
- name: Run release obfuscation
run: python scripts/obfuscate_release.py --root . --hash-assets
- name: Commit obfuscated build
- name: Publish release to main
env:
GITEA_TOKEN: ${{ github.token }}
run: |
git config user.name "gitea-actions"
git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git fetch origin main ci
git add -A
if git diff --cached --quiet; then
echo "No build changes to commit."
echo "No release changes to publish."
exit 0
fi
git commit -m "chore(release): obfuscate and hash production assets [skip ci]"
git push origin HEAD:main
TREE=$(git write-tree)
MSG="chore(release): obfuscate and hash production assets [skip ci]"
if git show-ref --verify --quiet refs/remotes/origin/main; then
PARENT=$(git rev-parse origin/main)
COMMIT=$(git commit-tree "$TREE" -p "$PARENT" -m "$MSG")
else
COMMIT=$(git commit-tree "$TREE" -m "$MSG")
fi
git push origin "${COMMIT}:refs/heads/main"

29
.githooks/commit-msg Normal file
View File

@@ -0,0 +1,29 @@
#!/bin/sh
# Validiert Commit-Messages nach Conventional Commits
# https://www.conventionalcommits.org/
commit_msg_file="$1"
first_line=$(sed '/^#/d;/^$/d' "$commit_msg_file" | head -n 1)
# Merge/Revert von Git erlauben
case "$first_line" in
Merge\ *|Revert\ *)
exit 0
;;
esac
pattern='^(feat|fix|docs|style|refactor|perf|test|build|ci|chore)(\([a-z0-9._-]+\))?!?: .+'
if ! printf '%s\n' "$first_line" | grep -qE "$pattern"; then
echo >&2 "❌ Commit-Message entspricht nicht Conventional Commits."
echo >&2 ""
echo >&2 " Format: type(scope): description"
echo >&2 " Beispiel: feat(products): hide vpc in navigation"
echo >&2 ""
echo >&2 " Erlaubte types: feat, fix, docs, style, refactor, perf, test, build, ci, chore"
echo >&2 " Überspringen: git commit --no-verify"
exit 1
fi
exit 0

45
.github/workflows/obfuscate-main.yml vendored
View File

@@ -1,44 +1,63 @@
name: Obfuscate Main Build
# Hinweis: Gitea nutzt .gitea/workflows/obfuscate-main.yml (identischer Ablauf).
name: Release Build (ci → main)
on:
push:
branches:
- main
- ci
workflow_dispatch:
permissions:
contents: write
env:
GITEA_HOST: git.hexahost.dev
REPO_PATH: smueller/HexaHost-Frontend
jobs:
obfuscate:
if: github.actor != 'github-actions[bot]'
release-build:
if: ${{ !contains(github.event.head_commit.message, '[skip ci]') }}
runs-on: ubuntu-latest
steps:
- name: Checkout
- name: Checkout ci (Integration)
uses: actions/checkout@v4
with:
fetch-depth: 0
repository-url: https://git.hexahost.dev/smueller/HexaHost-Frontend
ref: ci
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: '3.12'
python-version: "3.12"
- name: Setup Node
uses: actions/setup-node@v4
with:
node-version: '20'
node-version: "20"
- name: Run release obfuscation
run: python scripts/obfuscate_release.py --root . --hash-assets
- name: Commit obfuscated build
- name: Publish release to main
env:
GITEA_TOKEN: ${{ github.token }}
run: |
git config user.name "gitea-actions"
git config user.email "actions@local"
git remote set-url origin "https://oauth2:${GITEA_TOKEN}@${GITEA_HOST}/${REPO_PATH}.git"
git fetch origin main ci
git add -A
if git diff --cached --quiet; then
echo "No build changes to commit."
echo "No release changes to publish."
exit 0
fi
git commit -m "chore(release): obfuscate and hash production assets [skip ci]"
git push
TREE=$(git write-tree)
MSG="chore(release): obfuscate and hash production assets [skip ci]"
if git show-ref --verify --quiet refs/remotes/origin/main; then
PARENT=$(git rev-parse origin/main)
COMMIT=$(git commit-tree "$TREE" -p "$PARENT" -m "$MSG")
else
COMMIT=$(git commit-tree "$TREE" -m "$MSG")
fi
git push origin "${COMMIT}:refs/heads/main"

1
.gitignore vendored
View File

@@ -13,6 +13,7 @@ build/
# Environment variables
.env
.cursorrules
.cursor/
.cursorrules.txt
.env.local
.env.development.local

16
.gitmessage Normal file
View File

@@ -0,0 +1,16 @@
# Conventional Commits nur die erste nicht-kommentierte Zeile wird verwendet
# Format: type(scope): description
#
# feat Neues Feature
# fix Bugfix
# docs Dokumentation
# style Formatierung (keine Logik)
# refactor Umbau ohne Feature/Fix
# perf Performance
# test Tests
# build Build / Dependencies
# ci CI/CD
# chore Sonstiges
#
# Beispiel (diese Zeile anpassen und Kommentare löschen oder stehen lassen):
# feat(products): hide vpc and vps in navigation

35
README.md
View File

@@ -166,9 +166,38 @@ Für den Produktivbetrieb `public/` als Webroot konfigurieren.
### Production-Build & Veröffentlichung
Der Quellcode bleibt auf `dev`, der veröffentlichte Stand liegt auf `main`.
| Branch | Zweck |
|--------|--------|
| **`dev`** | Entwicklung (lesbarer Code, Kommentare) |
| **`ci`** | Integration (du mergst `dev` hierher) |
| **`main`** | Release/Produktion (obfuskiert, gehashte Assets — nur per Pipeline) |
Bei jedem Push/Merge auf `main` läuft die GitHub Action `.github/workflows/obfuscate-main.yml` automatisch und führt aus:
**Ablauf: `dev` → `ci` → `main`**
1. Auf **`dev`** entwickeln und pushen
2. **`dev` nach `ci` mergen** (manuell, z. B. in Gitea oder lokal)
3. **`ci` pushen** → startet `.gitea/workflows/obfuscate-main.yml`
4. Pipeline obfuskiert im Runner-Workspace und publiziert nach **`main`**
```powershell
# Nach fertigen Änderungen auf dev:
git checkout ci
git pull origin ci
git merge dev
git push origin ci
```
Bei jedem Push auf **`ci`**:
1. Checkout von `ci` im temporären Runner-Workspace
2. Obfuscation-Build (`scripts/obfuscate_release.py --hash-assets`)
3. Ergebnis nach `main` pushen (Bot-Commit mit `[skip ci]`)
**Nicht** `dev` oder `ci` direkt nach `main` mergen. Der Branch **`ci` bleibt lesbar** — Obfuscation wird nur nach `main` publiziert.
`ci`-Branch einmalig anlegen (falls noch nicht vorhanden): `git checkout -b ci dev && git push -u origin ci`
Der Build führt aus:
- Entfernen von Kommentaren (inkl. Block-Kommentaren) in PHP/JS/CSS
- Minify + Obfuscate für JavaScript
@@ -176,7 +205,7 @@ Bei jedem Push/Merge auf `main` läuft die GitHub Action `.github/workflows/obfu
- Kein Source-Map-Output
- Hashing von JS/CSS-Dateinamen + automatische Referenz-Anpassung
Lokal ausführbar:
Lokal testen (nur in Kopie, nicht committen):
```bash
python scripts/obfuscate_release.py --root . --hash-assets

2
backend/config/mail-config.php
View File

@@ -13,7 +13,7 @@ define('SMTP_TO_EMAIL', 'info@hexahost.de'); // Empfänger-E-Mail für Kon
// Sicherheitseinstellungen
define('ENABLE_CSRF_PROTECTION', true); // CSRF-Schutz aktivieren
define('ENABLE_RATE_LIMITING', true); // Rate-Limiting aktivieren
define('MAX_REQUESTS_PER_HOUR', 10); // Max. Anfragen pro Stunde
define('MAX_REQUESTS_PER_HOUR', 5); // Max. Anfragen pro Stunde
// Spam-Schutz Einstellungen
define('ENABLE_SPAM_PROTECTION', true); // Spam-Schutz aktivieren

33
backend/config/products-config.php
View File

@@ -443,10 +443,43 @@ $PRODUCTS['webhosting'] = [
],
];
// Sichtbarkeit in Navigation, Footer und auf der Startseite (Seiten bleiben per URL erreichbar)
$PRODUCT_VISIBILITY = [
'vpc' => false,
'vps' => false,
'mail-gateway' => false,
'webhosting' => true,
];
// ============================================================================
// HILFSFUNKTIONEN
// ============================================================================
/**
* Prüft, ob eine Produktkategorie in der Navigation angezeigt wird
*/
function isProductVisible(string $productId): bool {
global $PRODUCT_VISIBILITY;
return $PRODUCT_VISIBILITY[$productId] ?? true;
}
/**
* HTML hidden-Attribut für ausgeblendete Produktkategorien
*/
function productHiddenAttr(string $productId): string {
return isProductVisible($productId) ? '' : ' hidden';
}
/**
* Aktive Navigationsseiten für sichtbare Produktkategorien
*
* @return string[]
*/
function getVisibleProductPageIds(): array {
global $PRODUCT_VISIBILITY;
return array_keys(array_filter($PRODUCT_VISIBILITY, static fn(bool $visible): bool => $visible));
}
/**
* Alle Produkte abrufen
*/

15
backend/includes/footer.php
View File

@@ -15,10 +15,17 @@
<div class="footer-section">
<h4>Produkte</h4>
<ul>
<li><a href="/vpc">Virtual Private Container</a></li>
<li><a href="/vps">Virtual Private Server</a></li>
<li><a href="/mail-gateway">Mail Gateway</a></li>
<li><a href="/webhosting">Webhosting</a></li>
<li<?php echo productHiddenAttr('vpc'); ?>><a href="/vpc">Virtual Private Container</a></li>
<li<?php echo productHiddenAttr('vps'); ?>><a href="/vps">Virtual Private Server</a></li>
<li<?php echo productHiddenAttr('mail-gateway'); ?>><a href="/mail-gateway">Mail Gateway</a></li>
<li<?php echo productHiddenAttr('webhosting'); ?>><a href="/webhosting">Webhosting</a></li>
</ul>
</div>
<div class="footer-section">
<h4>Andere Dienste</h4>
<ul>
<li><a href="https://hexadns.de" target="_blank" rel="noopener noreferrer">hexadns.de</a></li>
<li><a href="https://www.hexa-mail.de/" target="_blank" rel="noopener noreferrer">hexa-mail.de</a></li>
</ul>
</div>
<div class="footer-section">

2
backend/includes/functions.php
View File

@@ -3,6 +3,8 @@
* Helper functions for HexaHost.de
*/
require_once __DIR__ . '/../config/products-config.php';
// Sichere Session-Konfiguration
if (session_status() === PHP_SESSION_NONE) {
// Session-Cookie-Sicherheit

10
backend/includes/header.php
View File

@@ -59,12 +59,12 @@
<ul class="nav-menu">
<li><a href="/" class="nav-link <?php echo ($current_page === 'home') ? 'active' : ''; ?>">Home</a></li>
<li class="nav-dropdown">
<a href="#" class="nav-link <?php echo (in_array($current_page, ['vpc', 'vps', 'mail-gateway', 'webhosting'])) ? 'active' : ''; ?>">Produkte</a>
<a href="#" class="nav-link <?php echo (in_array($current_page, getVisibleProductPageIds(), true)) ? 'active' : ''; ?>">Produkte</a>
<ul class="dropdown-menu">
<li><a href="/vpc" class="<?php echo ($current_page === 'vpc') ? 'active' : ''; ?>">Virtual Private Container</a></li>
<li><a href="/vps" class="<?php echo ($current_page === 'vps') ? 'active' : ''; ?>">Virtual Private Server</a></li>
<li><a href="/mail-gateway" class="<?php echo ($current_page === 'mail-gateway') ? 'active' : ''; ?>">Mail Gateway</a></li>
<li><a href="/webhosting" class="<?php echo ($current_page === 'webhosting') ? 'active' : ''; ?>">Webhosting</a></li>
<li<?php echo productHiddenAttr('vpc'); ?>><a href="/vpc" class="<?php echo ($current_page === 'vpc') ? 'active' : ''; ?>">Virtual Private Container</a></li>
<li<?php echo productHiddenAttr('vps'); ?>><a href="/vps" class="<?php echo ($current_page === 'vps') ? 'active' : ''; ?>">Virtual Private Server</a></li>
<li<?php echo productHiddenAttr('mail-gateway'); ?>><a href="/mail-gateway" class="<?php echo ($current_page === 'mail-gateway') ? 'active' : ''; ?>">Mail Gateway</a></li>
<li<?php echo productHiddenAttr('webhosting'); ?>><a href="/webhosting" class="<?php echo ($current_page === 'webhosting') ? 'active' : ''; ?>">Webhosting</a></li>
</ul>
</li>
<li><a href="/it-dienstleistungen" class="nav-link <?php echo ($current_page === 'it-dienstleistungen') ? 'active' : ''; ?>">IT-Dienstleistungen</a></li>

12
public/assets/css/custom.css
View File

@@ -45,8 +45,10 @@
.legal-section h3,
.legal-block p,
.legal-block li,
.breadcrumb,
.breadcrumb span {
.legal-hero .breadcrumb,
.legal-hero .breadcrumb span,
.legal-content .breadcrumb,
.legal-content .breadcrumb span {
color: #000000;
}
@@ -81,12 +83,14 @@
}
.legal-block a,
.breadcrumb a {
.legal-hero .breadcrumb a,
.legal-content .breadcrumb a {
color: #0b57d0;
}
.legal-block a:hover,
.breadcrumb a:hover {
.legal-hero .breadcrumb a:hover,
.legal-content .breadcrumb a:hover {
color: #0b57d0;
text-decoration: none;
}

6
public/index.php
View File

@@ -54,7 +54,7 @@ includeHeader($page_title, $page_description, $current_page);
</p>
</div>
<div class="products-grid">
<div class="product-card glass-card">
<div class="product-card glass-card"<?php echo productHiddenAttr('vpc'); ?>>
<div class="product-icon">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
<path d="M4 7V4a2 2 0 0 1 2-2h8a2 2 0 0 1 2 2v3"/>
@@ -74,7 +74,7 @@ includeHeader($page_title, $page_description, $current_page);
</ul>
<a href="/vpc" class="btn btn-primary">Mehr erfahren</a>
</div>
<div class="product-card glass-card">
<div class="product-card glass-card"<?php echo productHiddenAttr('vps'); ?>>
<div class="product-icon">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
<rect x="2" y="3" width="20" height="14" rx="2" ry="2"/>
@@ -92,7 +92,7 @@ includeHeader($page_title, $page_description, $current_page);
</ul>
<a href="/vps" class="btn btn-primary">Mehr erfahren</a>
</div>
<div class="product-card glass-card">
<div class="product-card glass-card"<?php echo productHiddenAttr('mail-gateway'); ?>>
<div class="product-icon">
<svg viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2">
<path d="M4 4h16c1.1 0 2 .9 2 2v12c0 1.1-.9 2-2 2H4c-1.1 0-2-.9-2-2V6c0-1.1.9-2 2-2z"/>

BIN
scripts/__pycache__/obfuscate_release.cpython-314.pyc
View File

Binary file not shown.

190
scripts/obfuscate_release.py
View File

@@ -3,15 +3,17 @@ from __future__ import annotations
import argparse
import hashlib
import os
import re
import shutil
import subprocess
import sys
import tempfile
from collections import defaultdict
from pathlib import Path
TEXT_EXTENSIONS = {".php", ".html", ".htm", ".xml", ".txt", ".js", ".css"}
HASH_SUFFIX_RE = re.compile(r"\.[a-f0-9]{12}$", re.I)
def strip_comments_keep_strings(text: str) -> str:
@@ -174,42 +176,124 @@ def minify_js_fallback(text: str) -> str:
return text.strip()
def run_cmd(command: list[str], cwd: Path, input_text: str | None = None) -> str:
def canonical_asset_base(stem: str) -> str:
name = stem
while HASH_SUFFIX_RE.search(name):
name = HASH_SUFFIX_RE.sub("", name)
return name
def is_skipped_asset(path: Path) -> bool:
lowered = path.as_posix().lower()
if ".min." in path.name or ".obf." in path.name or ".deob." in path.name:
return True
if "deobfuscated" in lowered:
return True
return False
def is_valid_source_content(content: str) -> bool:
if "[javascript-obfuscator-cli]" in content:
return False
return len(content.strip()) >= 20
def collect_asset_groups(asset_root: Path) -> dict[tuple[Path, str, str], list[Path]]:
groups: dict[tuple[Path, str, str], list[Path]] = defaultdict(list)
for ext in (".js", ".css"):
for file_path in sorted(asset_root.rglob(f"*{ext}")):
if is_skipped_asset(file_path):
continue
base = canonical_asset_base(file_path.stem)
key = (file_path.parent, base, ext)
groups[key].append(file_path)
return groups
def pick_source_file(paths: list[Path], base: str, ext: str) -> Path | None:
if not paths:
return None
parent = paths[0].parent
plain = parent / f"{base}{ext}"
ordered: list[Path] = []
if plain in paths:
ordered.append(plain)
for candidate in sorted(paths, key=lambda p: len(p.name)):
if candidate not in ordered:
ordered.append(candidate)
for candidate in ordered:
try:
content = candidate.read_text(encoding="utf-8")
except (OSError, UnicodeDecodeError):
continue
if is_valid_source_content(content):
return candidate
return None
def cleanup_invalid_siblings(paths: list[Path], source: Path) -> None:
for path in paths:
if path == source or not path.exists():
continue
try:
content = path.read_text(encoding="utf-8")
except (OSError, UnicodeDecodeError):
content = ""
if not is_valid_source_content(content):
path.unlink()
def run_cmd(command: list[str], cwd: Path) -> None:
proc = subprocess.run(
command,
cwd=str(cwd),
input=input_text,
text=True,
capture_output=True,
check=False,
)
if proc.returncode != 0:
raise RuntimeError(proc.stderr.strip() or "command failed")
return proc.stdout
raise RuntimeError(proc.stderr.strip() or proc.stdout.strip() or "command failed")
def process_js(path: Path, cwd: Path) -> None:
original = path.read_text(encoding="utf-8")
if not is_valid_source_content(original):
raise ValueError(
f"invalid or corrupted JS source: {path} "
f"(restore e.g. 'git checkout dev -- {path.as_posix()}')"
)
if shutil.which("npx"):
tmpdir = Path(tempfile.mkdtemp())
try:
minified = run_cmd(
src = tmpdir / "input.js"
out = tmpdir / "output.js"
src.write_text(original, encoding="utf-8")
run_cmd(
[
"npx",
"--yes",
"terser",
str(src),
"-o",
str(src),
"--compress",
"--mangle",
"--comments",
"false",
],
cwd,
input_text=original,
)
obfuscated = run_cmd(
run_cmd(
[
"npx",
"--yes",
"javascript-obfuscator",
str(src),
"--output",
str(out),
"--compact",
"true",
"--control-flow-flattening",
@@ -224,38 +308,51 @@ def process_js(path: Path, cwd: Path) -> None:
"browser-no-eval",
"--source-map",
"false",
"--output",
"stdout",
],
cwd,
input_text=minified,
)
path.write_text(obfuscated.strip() + "\n", encoding="utf-8")
if not out.exists():
raise RuntimeError("obfuscator produced no output file")
result = out.read_text(encoding="utf-8")
if not is_valid_source_content(result):
raise RuntimeError("obfuscator output looks invalid")
path.write_text(result.strip() + "\n", encoding="utf-8")
return
except Exception:
pass
finally:
shutil.rmtree(tmpdir, ignore_errors=True)
path.write_text(minify_js_fallback(original) + "\n", encoding="utf-8")
def process_css(path: Path, cwd: Path) -> None:
original = path.read_text(encoding="utf-8")
if shutil.which("npx"):
tmpdir = Path(tempfile.mkdtemp())
try:
minified = run_cmd(
src = tmpdir / "input.css"
out = tmpdir / "output.css"
src.write_text(original, encoding="utf-8")
run_cmd(
[
"npx",
"--yes",
"clean-css-cli",
str(src),
"-o",
str(out),
"--skip-rebase",
"-O2",
],
cwd,
input_text=original,
)
path.write_text(minified.strip() + "\n", encoding="utf-8")
path.write_text(out.read_text(encoding="utf-8").strip() + "\n", encoding="utf-8")
return
except Exception:
pass
finally:
shutil.rmtree(tmpdir, ignore_errors=True)
path.write_text(minify_css_fallback(original) + "\n", encoding="utf-8")
@@ -266,8 +363,7 @@ def process_php(path: Path) -> None:
def hash_file(path: Path) -> str:
digest = hashlib.sha256(path.read_bytes()).hexdigest()[:12]
return digest
return hashlib.sha256(path.read_bytes()).hexdigest()[:12]
def replace_references(root: Path, mapping: dict[str, str]) -> None:
@@ -279,7 +375,7 @@ def replace_references(root: Path, mapping: dict[str, str]) -> None:
except UnicodeDecodeError:
continue
updated = content
for src, dst in mapping.items():
for src, dst in sorted(mapping.items(), key=lambda item: len(item[0]), reverse=True):
updated = updated.replace(src, dst)
updated = updated.replace("/" + src, "/" + dst)
if updated != content:
@@ -289,17 +385,32 @@ def replace_references(root: Path, mapping: dict[str, str]) -> None:
def build_hash_mapping(public_root: Path) -> dict[str, str]:
mapping: dict[str, str] = {}
asset_root = public_root / "assets"
for ext in (".js", ".css"):
for file_path in sorted(asset_root.rglob(f"*{ext}")):
if ".min." in file_path.name or ".obf." in file_path.name:
if not asset_root.exists():
return mapping
groups = collect_asset_groups(asset_root)
for (parent, base, ext), paths in groups.items():
source = pick_source_file(paths, base, ext)
if source is None:
continue
digest = hash_file(file_path)
new_name = f"{file_path.stem}.{digest}{file_path.suffix}"
new_path = file_path.with_name(new_name)
file_path.rename(new_path)
rel_old = file_path.relative_to(public_root).as_posix()
rel_new = new_path.relative_to(public_root).as_posix()
digest = hash_file(source)
target = parent / f"{base}.{digest}{ext}"
rel_new = target.relative_to(public_root).as_posix()
for old in paths:
rel_old = old.relative_to(public_root).as_posix()
if rel_old != rel_new:
mapping[rel_old] = rel_new
if source != target:
if target.exists():
target.unlink()
source.replace(target)
for old in paths:
if old != target and old.exists():
old.unlink()
return mapping
@@ -316,11 +427,26 @@ def main() -> int:
print("public directory not found", file=sys.stderr)
return 1
for js in sorted(public_root.rglob("*.js")):
process_js(js, repo_root)
for css in sorted(public_root.rglob("*.css")):
process_css(css, repo_root)
for php in sorted((repo_root / "public").rglob("*.php")):
asset_root = public_root / "assets"
if asset_root.exists():
groups = collect_asset_groups(asset_root)
for (parent, base, ext), paths in sorted(groups.items()):
source = pick_source_file(paths, base, ext)
if source is None:
rel = (parent / f"{base}{ext}").relative_to(public_root)
print(
f"ERROR: No valid source for {rel}. "
f"Restore from dev, e.g.: git checkout dev -- {rel}",
file=sys.stderr,
)
return 1
cleanup_invalid_siblings(paths, source)
if ext == ".js":
process_js(source, repo_root)
else:
process_css(source, repo_root)
for php in sorted(public_root.rglob("*.php")):
process_php(php)
for php in sorted((repo_root / "backend").rglob("*.php")):
process_php(php)

17
scripts/setup-git-hooks.ps1 Normal file
View File

@@ -0,0 +1,17 @@
# Einmal pro Clone ausführen: Commit-Template + Conventional-Commits-Hook aktivieren
$ErrorActionPreference = "Stop"
$repoRoot = Resolve-Path (Join-Path $PSScriptRoot "..")
Push-Location $repoRoot
try {
git config --local commit.template .gitmessage
git config --local core.hooksPath .githooks
Write-Host "Git Hooks aktiv:" -ForegroundColor Green
Write-Host " commit.template = .gitmessage"
Write-Host " core.hooksPath = .githooks"
Write-Host ""
Write-Host "Commit-Format: feat(scope): beschreibung"
} finally {
Pop-Location
}