You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+8-8Lines changed: 8 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -20,18 +20,18 @@ The public lead-capture forms are the inbound channel for the highest-value deal
20
20
21
21
Every form found on the site is listed here. Both forms submit to Brevo (`sibforms.com`) via `src/lib/brevo.ts` — there is no server-side form handling in this repo.
The contact modal is one component with three separate page-level trigger wirings; a page-specific JS error can break one page while the others keep working, so each path submits for real.
31
31
32
-
Each weekly run creates **3 real Brevo contact inquiries and 1 newsletter subscription** (double that in the worst case, since CI retries a failed test once).
32
+
Each weekly run creates **3 real Brevo contact inquiries and 1 newsletter attempt** (double that in the worst case, since CI retries a failed test once).
33
33
34
-
**reCAPTCHA history:** the forms originally attached reCAPTCHA v3 tokens, and the newsletter form enforced them in Brevo — which blocked this monitor, since automated browsers always score too low to pass v3. Enforcement was turned off in Brevo in July 2026 and the client-side integration was commented out in `src/lib/brevo.ts` (spam protection is now the honeypot field plus newsletter double opt-in). If the newsletter test ever fails with `BREVO REJECTED SUBMISSION` mentioning a captcha error, someone re-enabled enforcement in Brevo — either turn it back off, or accept that the newsletter form can only be monitored up to Brevo's bot-protection boundary (the pre-July-2026 version of `e2e/newsletter.spec.ts` in git history did exactly that).
34
+
**Newsletter caveat:** the newsletter form has reCAPTCHA v3 enforcement enabled in Brevo, and automated browsers always score too low to pass — verified July 2026 that this is score-based bot protection, not a config mismatch (Brevo's own hosted form uses the same site key and the same `submit` action as `src/lib/brevo.ts`). The newsletter spec therefore verifies everything up to that boundary: the form renders, clicking Subscribe fires the POST (catching the "click does nothing" failure mode), Brevo receives and parses the submission, and the UI gives the user feedback. It cannot confirm that a real human's subscription is accepted — worth a quick manual subscribe check if the form is ever suspect. If Brevo ever accepts the automated submission, the spec asserts the full success UI as well.
35
35
36
36
### Sentinel convention — keeping test data out of the lead list
0 commit comments