NextCommunity
diff --git a/‎.eleventy.js‎
Lines changed: 8 additions & 5 deletions b/‎.eleventy.js‎
Lines changed: 8 additions & 5 deletions
diff --git a/‎.github/CODEOWNERS‎
Lines changed: 1 addition & 0 deletions b/‎.github/CODEOWNERS‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎.github/dependabot.yml‎
Lines changed: 17 additions & 2 deletions b/‎.github/dependabot.yml‎
Lines changed: 17 additions & 2 deletions
diff --git a/‎.github/linters/.markdown-lint.yml‎
Lines changed: 2 additions & 24 deletions b/‎.github/linters/.markdown-lint.yml‎
Lines changed: 2 additions & 24 deletions
diff --git a/‎.github/workflows/deploy.yml‎
Lines changed: 4 additions & 3 deletions b/‎.github/workflows/deploy.yml‎
Lines changed: 4 additions & 3 deletions
diff --git a/‎.github/workflows/lint.yml‎
Lines changed: 0 additions & 26 deletions b/‎.github/workflows/lint.yml‎
Lines changed: 0 additions & 26 deletions
diff --git a/‎.github/workflows/pre-commit.yml‎
Lines changed: 35 additions & 0 deletions b/‎.github/workflows/pre-commit.yml‎
Lines changed: 35 additions & 0 deletions
diff --git a/‎.github/workflows/super-linter.yml‎
Lines changed: 17 additions & 4 deletions b/‎.github/workflows/super-linter.yml‎
Lines changed: 17 additions & 4 deletions
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎.pre-commit-config.yaml‎
Lines changed: 142 additions & 0 deletions b/‎.pre-commit-config.yaml‎
Lines changed: 142 additions & 0 deletions
@@ -1,6 +1,9 @@
 const yaml = require("js-yaml");
 
-module.exports = function(eleventyConfig) {
+module.exports = function (eleventyConfig) {
+  eleventyConfig.addShortcode("currentYear", function () {
+    return new Date().getFullYear();
+  });
   // Add this line to copy your external assets
   eleventyConfig.addPassthroughCopy("src/assets");
   // 1. Recognize YAML as a template format
@@ -20,11 +23,11 @@ module.exports = function(eleventyConfig) {
       const fs = require("fs/promises");
       const content = await fs.readFile(inputPath, "utf-8");
       return yaml.load(content);
-    }
+    },
   });
 
   // 2. The Randomized Collection
-  eleventyConfig.addCollection("randomPeople", function(collectionApi) {
+  eleventyConfig.addCollection("randomPeople", function (collectionApi) {
     // Grab all yaml files from the users folder
     const people = collectionApi.getFilteredByGlob("src/users/*.yaml");
 
@@ -44,7 +47,7 @@ module.exports = function(eleventyConfig) {
     dir: {
       input: "src",
       output: "_site",
-      includes: "_includes"
-    }
+      includes: "_includes",
+    },
   };
 };
@@ -0,0 +1 @@
+* @jbampton
@@ -1,8 +1,23 @@
-# https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically
 version: 2
 updates:
-  # Maintain dependencies for GitHub Actions
   - package-ecosystem: "github-actions"
     directory: "/"
     schedule:
       interval: "daily"
+    groups:
+      github-dependencies:
+        patterns:
+          - "*"
+    cooldown:
+      default-days: 7
+
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    groups:
+      github-dependencies:
+        patterns:
+          - "*"
+    cooldown:
+      default-days: 7
@@ -1,29 +1,7 @@
 # https://github.com/DavidAnson/markdownlint#rules--aliases
-# markdownlint -c .github/linters/.markdown-lint.yml .
-
-# MD001/heading-increment/header-increment Heading levels should only increment by one level at a time
-MD001: false
 
 # MD013/line-length Line length
 MD013: false
 
-# MD024/no-duplicate-heading/no-duplicate-header
-MD024: false
-
-# MD026/no-trailing-punctuation Trailing punctuation in heading
-MD026: false
-
-# MD029/ol-prefix Ordered list item prefix
-MD029: false
-
-# MD033/no-inline-html Inline HTML
-MD033: false
-
-# MD040 fenced-code-language - Fenced code blocks should have a language specified
-MD040: false
-
-# MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading
-MD041: false
-
-# MD059/descriptive-link-text Link text should be descriptive
-MD059: false
+# MD036/no-emphasis-as-heading Emphasis used instead of a heading
+MD036: false
@@ -7,9 +7,10 @@ on:
 
 jobs:
   deployment:
+    if: github.repository == 'NextCommunity/NextCommunity.github.io'
     permissions:
-      pages: write      # to deploy to Pages
-      id-token: write   # to verify the deployment originates from an appropriate source
+      pages: write # to deploy to Pages
+      id-token: write # to verify the deployment originates from an appropriate source
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
@@ -25,7 +26,7 @@ jobs:
       - name: Upload artifact
         uses: actions/upload-pages-artifact@v4
         with:
-          path: '_site' # The directory that contains the deployable files
+          path: "_site" # The directory that contains the deployable files
       - name: Deploy to GitHub Pages
         id: deployment
         uses: actions/deploy-pages@v4
@@ -0,0 +1,35 @@
+name: pre-commit
+
+permissions:
+  contents: read
+
+on: [pull_request]
+
+jobs:
+  pre-commit:
+    name: Run pre-commit
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v6
+        with:
+          # Fetch all history so pre-commit can compare if needed
+          fetch-depth: 0
+      - name: Set up Python
+        uses: actions/setup-python@v6
+        with:
+          python-version: "3.x"
+          architecture: "x64" # optional x64 or x86. Defaults to x64 if not specified
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install pre-commit
+      - name: Set PY
+        run: echo "PY=$(python -VV | sha256sum | cut -d' ' -f1)" >> $GITHUB_ENV
+      - name: Cache Pre-commit Hooks
+        uses: actions/cache@v5
+        with:
+          path: ~/.cache/pre-commit
+          key: pre-commit|${{ env.PY }}|${{ hashFiles('.pre-commit-config.yaml') }}
+      - name: Run pre-commit hooks
+        run: pre-commit run --all-files --show-diff-on-failure --color always
@@ -1,17 +1,30 @@
-name: Lint
+name: Super-Linter
 
 on: [pull_request]
 
+permissions: {}
+
 jobs:
   build:
-    name: GitHub Super-Linter
+    name: Run Super-Linter
     runs-on: ubuntu-latest
+    permissions:
+      # contents permission to clone the repository
+      contents: read
     steps:
-      - uses: actions/checkout@v4
-      - uses: super-linter/super-linter@v7.2.1
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        with:
+          # super-linter needs the full git history to get the
+          # list of files that changed across commits
+          fetch-depth: 0
+          persist-credentials: false
+      - name: Super-Linter
+        uses: super-linter/super-linter@v7.2.1
         env:
           ERROR_ON_MISSING_EXEC_BIT: true
           VALIDATE_EDITORCONFIG: true
+          VALIDATE_MARKDOWN: true
           VALIDATE_YAML: true
           VALIDATE_BIOME: true
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -2,3 +2,4 @@ _site
 .jekyll-cache
 node_modules
 vendor
+.venv
@@ -0,0 +1,142 @@
+default_stages: [pre-commit, pre-push]
+minimum_prek_version: "0.2.22"
+default_language_version:
+  python: python3
+  node: 24.13.0
+exclude: |
+  (?x)^(
+    \.git/|
+    _site/|
+    node_modules/|
+    package-lock\.json$
+  )
+
+repos:
+  - repo: meta
+    hooks:
+      - id: identity
+        name: Run identity
+        description: Run the identity check
+      - id: check-hooks-apply
+        name: run check-hooks-apply
+        description: check that all the hooks apply to the repository
+
+  - repo: local
+    hooks:
+      - id: check-zip-file-is-not-committed
+        name: check no zip files are committed
+        description: Zip files are not allowed in the repository
+        language: fail
+        entry: |
+          Zip files are not allowed in the repository as they are hard to
+          track and have security implications. Please remove the zip file from the repository.
+        files: (?i)\.zip$
+      - id: npm-ci
+        name: run npm-ci
+        description: Install Node dependencies
+        entry: npm ci
+        language: system
+        pass_filenames: false
+      - id: eleventy-build-check
+        name: run eleventy-build-check
+        description: Eleventy build and output check
+        entry: npm run build
+        language: system
+        pass_filenames: false
+      - id: npm-audit
+        name: run npm-audit
+        description: Run npm audit
+        entry: npm audit --audit-level=high
+        language: system
+        pass_filenames: false
+
+  # GO-based
+  # - repo: https://github.com/gitleaks/gitleaks
+  #   rev: v8.30.0
+  #   hooks:
+  #     - id: gitleaks
+  #       name: Run gitleaks
+  #       description: Check for secrets with gitleaks
+
+  - repo: https://github.com/Lucas-C/pre-commit-hooks
+    rev: v1.5.6
+    hooks:
+      - id: chmod
+        name: Set file permissions
+        description: Does not run on Windows so setup as a manual hook
+        args: ["644"]
+        files: \.md$
+        stages: [manual]
+
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v6.0.0
+    hooks:
+      - id: trailing-whitespace
+        name: run trailing-whitespace
+        description: trims trailing whitespace
+        args: [--markdown-linebreak-ext=md]
+      - id: end-of-file-fixer
+        name: run end-of-file-fixer
+        description: makes sure files end in a newline and only a newline
+      - id: fix-byte-order-marker
+        name: run fix-byte-order-marker
+        description: removes UTF-8 byte order marker
+      - id: forbid-submodules
+        name: run forbid-submodules
+        description: forbids any submodules in the repository
+      - id: check-yaml
+        name: run check-yaml
+        description: attempts to load all yaml files to verify syntax
+      - id: check-added-large-files
+        name: run check-added-large-files
+        description: prevent giant files from being committed
+      - id: check-json
+        name: run check-json
+        description: check JSON files for syntax errors
+      - id: check-merge-conflict
+        name: run check-merge-conflict
+        description: check for merge conflict markers
+      - id: check-case-conflict
+        name: run check-case-conflict
+        description: check for case conflicts in file names
+      - id: check-vcs-permalinks
+        name: run check-vcs-permalinks
+        description: ensures that links to vcs websites are permalinks
+      - id: detect-aws-credentials
+        name: run detect-aws-credentials
+        description: checks for the existence of AWS secrets that you have set up with the AWS CLI
+        args: [--allow-missing-credentials]
+      - id: detect-private-key
+        name: run detect-private-key
+        description: checks for the existence of private keys
+      - id: mixed-line-ending
+        name: run mixed-line-ending
+        description: replaces or checks mixed line ending
+
+  - repo: https://github.com/pre-commit/mirrors-prettier
+    rev: v4.0.0-alpha.8
+    hooks:
+      - id: prettier
+        name: run prettier
+        types_or: [css, html, javascript, json, markdown, yaml]
+        additional_dependencies: ["prettier@3.8.1"]
+
+  - repo: https://github.com/igorshubovych/markdownlint-cli
+    rev: v0.47.0
+    hooks:
+      - id: markdownlint
+        name: run markdownlint
+        description: check Markdown files with markdownlint
+        args: [--config=.github/linters/.markdown-lint.yml]
+        types: [markdown]
+        files: \.md$
+
+  - repo: https://github.com/adrienverge/yamllint
+    rev: v1.38.0
+    hooks:
+      - id: yamllint
+        name: run yamllint
+        description: check YAML files with yamllint
+        args: [--strict, -c=.github/linters/.yaml-lint.yml]
+        types: [yaml]
+        files: \.ya?ml$