Add GitHub Action to update nonce query parameter on issue trigger (#5)

* Initial plan

* Add GitHub Action to update nonce on issue open

Co-authored-by: hesreallyhim <172150522+hesreallyhim@users.noreply.github.com>

* Fix security issue and improve sed command clarity

Co-authored-by: hesreallyhim <172150522+hesreallyhim@users.noreply.github.com>

* Add explicit GITHUB_TOKEN permissions to workflow

Co-authored-by: hesreallyhim <172150522+hesreallyhim@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: hesreallyhim <172150522+hesreallyhim@users.noreply.github.com>

Author: Copilot

.github/workflows/update-nonce.yml

@@ -0,0 +1,61 @@
+---
+name: Update Nonce on Issue Open
+
+'on':
+  issues:
+    types: [opened]
+
+jobs:
+  update-nonce:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      issues: read
+
+    steps:
+      - name: Check if issue body contains "nonce"
+        id: check-nonce
+        env:
+          ISSUE_BODY: ${{ github.event.issue.body }}
+        run: |
+          if echo "$ISSUE_BODY" | grep -qi "nonce"; then
+            echo "contains_nonce=true" >> $GITHUB_OUTPUT
+            echo "Issue body contains 'nonce' - proceeding"
+          else
+            echo "contains_nonce=false" >> $GITHUB_OUTPUT
+            echo "Issue body does not contain 'nonce' - stopping"
+          fi
+
+      - name: Checkout repository
+        if: steps.check-nonce.outputs.contains_nonce == 'true'
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Update nonce in README
+        if: steps.check-nonce.outputs.contains_nonce == 'true'
+        run: |
+          # Generate a random 6-digit number
+          NEW_NONCE=$(printf "%06d" $((RANDOM % 1000000)))
+          echo "Generated new nonce: $NEW_NONCE"
+
+          # Find and replace nonce=NNNNNN pattern with new nonce
+          # Only within the NONCE section markers
+          NONCE_PATTERN='/<!-- NONCE -->/,/<!-- NONCE-END -->/'
+          NONCE_REPLACEMENT='s/nonce=[0-9]\{6\}/nonce='"$NEW_NONCE"'/g'
+          sed -i "${NONCE_PATTERN}${NONCE_REPLACEMENT}" README.md
+
+          echo "Updated README.md with new nonce value"
+
+      - name: Commit and push changes
+        if: steps.check-nonce.outputs.contains_nonce == 'true'
+        run: |
+          git config user.name "github-actions[bot]"
+          git config user.email "github-actions[bot]@users.noreply.github.com"
+          git add README.md
+          if git diff --staged --quiet; then
+            echo "No changes to commit"
+          else
+            git commit -m "Update nonce value in README [skip ci]"
+            git push
+          fi