⬆️ Updates pymdown-extensions to v10 [SECURITY] #1449
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Spell Check | |
| # Comment management is handled through a secondary job, for details see: | |
| # https://github.com/check-spelling/check-spelling/wiki/Feature%3A-Restricted-Permissions | |
| # | |
| # `jobs.comment-push` runs when a push is made to a repository and the `jobs.spelling` job needs to make a comment | |
| # (in odd cases, it might actually run just to collapse a comment, but that's fairly rare) | |
| # it needs `contents: write` in order to add a comment. | |
| # | |
| # `jobs.comment-pr` runs when a pull_request is made to a repository and the `jobs.spelling` job needs to make a comment | |
| # or collapse a comment (in the case where it had previously made a comment and now no longer needs to show a comment) | |
| # it needs `pull-requests: write` in order to manipulate those comments. | |
| on: | |
| push: | |
| branches: | |
| - "**" | |
| tags-ignore: | |
| - "**" | |
| # Switch from `pull_request_target` event to reduce distraction from comments | |
| # regarding errors reported in unmodified files. | |
| pull_request: | |
| branches: | |
| - "**" | |
| tags-ignore: | |
| - "**" | |
| types: | |
| - 'opened' | |
| - 'reopened' | |
| - 'synchronize' | |
| jobs: | |
| spelling: | |
| name: Spell Check | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| actions: read | |
| outputs: | |
| followup: ${{ steps.spelling.outputs.followup }} | |
| timeout-minutes: 10 | |
| runs-on: "ubuntu-latest" | |
| if: "contains(github.event_name, 'pull_request') || github.event_name == 'push'" | |
| concurrency: | |
| group: spelling-${{ github.event.pull_request.number || github.ref }} | |
| # note: If you use only_check_changed_files, you do not want cancel-in-progress | |
| cancel-in-progress: true | |
| steps: | |
| - name: check-spelling | |
| id: spelling | |
| uses: check-spelling/check-spelling@v0.0.21 | |
| with: | |
| suppress_push_for_open_pull_request: 1 | |
| checkout: true | |
| post_comment: 0 | |
| use_magic_file: 1 | |
| extra_dictionaries: | |
| cspell:software-terms/src/software-terms.txt | |
| cspell:aws/aws.txt | |
| cspell:filetypes/filetypes.txt | |
| cspell:html/html.txt | |
| cspell:django/django.txt | |
| cspell:fullstack/fullstack.txt | |
| check_extra_dictionaries: '' | |
| comment-push: | |
| name: Report (Push) | |
| timeout-minutes: 10 | |
| runs-on: "ubuntu-latest" | |
| # If your workflow isn't running on push, you can remove this job | |
| needs: spelling | |
| permissions: | |
| contents: write | |
| if: (success() || failure()) && needs.spelling.outputs.followup && github.event_name == 'push' | |
| steps: | |
| - name: comment | |
| uses: check-spelling/check-spelling@v0.0.21 | |
| with: | |
| checkout: true | |
| task: ${{ needs.spelling.outputs.followup }} | |
| comment-pr: | |
| name: Report (PR) | |
| timeout-minutes: 10 | |
| runs-on: "ubuntu-latest" | |
| # If you workflow isn't running on pull_request*, you can remove this job | |
| needs: spelling | |
| permissions: | |
| pull-requests: write | |
| if: (success() || failure()) && needs.spelling.outputs.followup && contains(github.event_name, 'pull_request') | |
| steps: | |
| - name: comment | |
| uses: check-spelling/check-spelling@v0.0.21 | |
| with: | |
| checkout: true | |
| task: ${{ needs.spelling.outputs.followup }} |