[chore] set permissions to read explicitly #19348
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: check-links | |
| on: | |
| push: | |
| branches: [ main ] | |
| pull_request: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| changedfiles: | |
| name: changed files | |
| runs-on: ubuntu-latest | |
| env: | |
| PR_HEAD: ${{ github.event.pull_request.head.sha }} | |
| outputs: | |
| md: ${{ steps.changes.outputs.md }} | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get changed files | |
| id: changes | |
| run: | | |
| echo "md=$(git diff --name-only --diff-filter=ACMRTUXB $(git merge-base origin/main $PR_HEAD) $PR_HEAD | grep .md$ | xargs)" >> $GITHUB_OUTPUT | |
| check-links: | |
| runs-on: ubuntu-latest | |
| needs: changedfiles | |
| if: ${{needs.changedfiles.outputs.md}} | |
| steps: | |
| - name: Checkout Repo | |
| uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Install markdown-link-check | |
| run: npm install -g markdown-link-check@3.11.2 | |
| - name: Run markdown-link-check | |
| run: | | |
| markdown-link-check \ | |
| --verbose \ | |
| --config .github/workflows/check_links_config.json \ | |
| ${{needs.changedfiles.outputs.md}} \ | |
| || { echo "Check that anchor links are lowercase"; exit 1; } |