From 637b05af982e53e4c594768e58777ef375a350c9 Mon Sep 17 00:00:00 2001
From: Will Anderson <will.anderson@neurontechnologies.ai>
Date: Mon, 11 May 2026 11:11:11 -0500
Subject: [PATCH] remove --obfuscate from elc JS compile step

Stage CSP blocks 'unsafe-eval' which javascript-obfuscator introduces.
checkout-auth.js IIFE was crashing before assigning window globals,
causing all checkout E2E tests to fail.
---
 .gitea/workflows/stage.yaml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.gitea/workflows/stage.yaml b/.gitea/workflows/stage.yaml
index 8ae8874..19d3724 100644
--- a/.gitea/workflows/stage.yaml
+++ b/.gitea/workflows/stage.yaml
@@ -207,11 +207,10 @@ jobs:
             [ -f "$f" ] || continue
             name=$(basename "$f" .el)
             echo "Compiling $f..."
-            "$ELC" --target=js --bundle --minify --obfuscate "$f" > /tmp/_elc_out.js || {
+            "$ELC" --target=js --bundle --minify "$f" > "dist/js/${name}.js" || {
               echo "elc FAILED on $f"
               exit 1
             }
-            sed '/^\[javascript-obfuscator/d' /tmp/_elc_out.js > "dist/js/${name}.js"
             echo "  compiled: $f -> dist/js/${name}.js"
           done
           rm -f src/js/el_runtime.js
-- 
2.52.0