Skip to content

Add privacy notice and harden deployment tooling#10

Merged
adewale merged 1 commit into
mainfrom
privacy-and-deploy-hardening
Jul 11, 2026
Merged

Add privacy notice and harden deployment tooling#10
adewale merged 1 commit into
mainfrom
privacy-and-deploy-hardening

Conversation

@adewale

@adewale adewale commented Jul 11, 2026

Copy link
Copy Markdown
Owner

Summary

Publish a globally linked privacy notice for runner submissions, operational logs, Invisible Turnstile, cookies, and optional browser CDNs, while making production deployment fail early unless it uses Node 22 and a fresh Python vendor sync.

Why

The production audit found no privacy notice despite session-scoped Invisible Turnstile. The first deployment attempt also exposed a tooling failure: Node 26 could not start Pywrangler's Pyodide interpreter, and a stale sync token allowed python_modules/ to remain empty until Cloudflare rejected the upload for missing FastAPI.

What changed

  • Add /privacy, canonical/OG/JSON-LD metadata, sitemap coverage, global footer links, and a 1200×630 social card.
  • Disclose Cloudflare request metadata, structured event fields, submitted-code processing, Turnstile and its clearance cookie, esm.sh requests, retention, and contact options.
  • Add /privacy to deployment smoke checks and SEO/social-card gates.
  • Require Node 22 for Pywrangler commands and force pywrangler sync --force before deployment.
  • Document the deployment failure mode and update setup guidance.

Verification

  • make verify — 224 tests, browser contracts, 109 examples, SEO/cache, quality, Ruff, and generated checks
  • scripts/format_examples.py --check
  • make verify-python-version VERSION=3.13
  • npm audit --audit-level=high
  • git diff --check
  • Confirmed the new privacy-route tests failed before implementation
  • Confirmed Node 26 fails the deploy preflight and Node 22 passes
  • Social-card provenance and JPEG validation pass for 120 cards

Risk

The content route is read-only and uses existing page/layout primitives. Deployment changes intentionally reject unsupported local Node versions; CI already runs Node 22. The forced vendor sync costs additional deploy time but prevents dependency-free Worker uploads.

@adewale adewale merged commit 8882061 into main Jul 11, 2026
1 check passed
@adewale adewale deleted the privacy-and-deploy-hardening branch July 11, 2026 19:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant