chore: update workflows, linting, configs

2026-01-26 03:14:01 +00:00 · 2025-05-12 01:11:48 +03:00
parent 46c1d723b7
commit cdc7174ff9
14 changed files with 331 additions and 93 deletions
--- a/.editorconfig
+++ b/.editorconfig
@@ -10,20 +10,12 @@ max_line_length = 160
 tab_width = 2
 trim_trailing_whitespace = true
-[{*.php,*.json}]
+[{*.md}]
-indent_size = 4
+indent_size = 2
-max_line_length = 110
+tab_width = 2
-tab_width = 4
+max_line_length = 160
-
+trim_trailing_whitespace = false
 [{*.http,*.rest}]
 indent_size = 0
 [{*.markdown,*.md}]
 indent_size = 4
 tab_width = 4
 [{*.mk,GNUmakefile,makefile}]
 tab_width = 4
-
+indent_style = tab
 [{*.tf,*.tfvars}]
 tab_width = 4
--- a/.github/CODE_OF_CONDUCT.md
+++ b/.github/CODE_OF_CONDUCT.md
@@ -2,92 +2,144 @@
 ## 1. Purpose
-A primary goal of @ivuorinen's repositories is to be inclusive to the largest number of contributors, with the most varied and diverse backgrounds possible. As such, we are committed to providing a friendly, safe and welcoming environment for all, regardless of gender, sexual orientation, ability, ethnicity, socioeconomic status, and religion (or lack thereof).
+A primary goal of @ivuorinen's repositories is to be inclusive to the largest
 number of contributors, with the most varied and diverse backgrounds possible.
 As such, we are committed to providing a friendly, safe and welcoming
 environment for all, regardless of gender, sexual orientation, ability,
 ethnicity, socioeconomic status, and religion (or lack thereof).
-This code of conduct outlines our expectations for all those who participate in our community, as well as the consequences for unacceptable behavior.
+This code of conduct outlines our expectations for all those who participate in
 our community, as well as the consequences for unacceptable behavior.
-We invite all those who participate in @ivuorinen's repositories to help us create safe and positive experiences for everyone.
+We invite all those who participate in @ivuorinen's repositories to help us
 create safe and positive experiences for everyone.
 ## 2. Open [Source/Culture/Tech] Citizenship
-A supplemental goal of this Code of Conduct is to increase open [source/culture/tech] citizenship by encouraging participants to recognize and strengthen the relationships between our actions and their effects on our community.
+A supplemental goal of this Code of Conduct is to increase
 open [source/culture/tech] citizenship by encouraging participants to recognize
 and strengthen the relationships between our actions and their effects on our
 community.
-Communities mirror the societies in which they exist and positive action is essential to counteract the many forms of inequality and abuses of power that exist in society.
+Communities mirror the societies in which they exist and positive action is
 essential to counteract the many forms of inequality and abuses of power that
 exist in society.
-If you see someone who is making an extra effort to ensure our community is welcoming, friendly, and encourages all participants to contribute to the fullest extent, we want to know.
+If you see someone who is making an extra effort to ensure our community is
 welcoming, friendly, and encourages all participants to contribute to the
 fullest extent, we want to know.
 ## 3. Expected Behavior
 The following behaviors are expected and requested of all community members:
- * Participate in an authentic and active way. In doing so, you contribute to the health and longevity of this community.
+* Participate in an authentic and active way. In doing so, you contribute to the
- * Exercise consideration and respect in your speech and actions.
+  health and longevity of this community.
- * Attempt collaboration before conflict.
+* Exercise consideration and respect in your speech and actions.
- * Refrain from demeaning, discriminatory, or harassing behavior and speech.
+* Attempt collaboration before conflict.
- * Be mindful of your surroundings and of your fellow participants. Alert community leaders if you notice a dangerous situation, someone in distress, or violations of this Code of Conduct, even if they seem inconsequential.
+* Refrain from demeaning, discriminatory, or harassing behavior and speech.
- * Remember that community event venues may be shared with members of the public; please be respectful to all patrons of these locations.
+* Be mindful of your surroundings and of your fellow participants. Alert
  community leaders if you notice a dangerous situation, someone in distress, or
  violations of this Code of Conduct, even if they seem inconsequential.
 * Remember that community event venues may be shared with members of the public;
  please be respectful to all patrons of these locations.
 ## 4. Unacceptable Behavior
-The following behaviors are considered harassment and are unacceptable within our community:
+The following behaviors are considered harassment and are unacceptable within
 our community:
- * Violence, threats of violence or violent language directed against another person.
+* Violence, threats of violence or violent language directed against another
- * Sexist, racist, homophobic, transphobic, ableist or otherwise discriminatory jokes and language.
+  person.
- * Posting or displaying sexually explicit or violent material.
+* Sexist, racist, homophobic, transphobic, ableist or otherwise discriminatory
- * Posting or threatening to post other people's personally identifying information ("doxing").
+  jokes and language.
- * Personal insults, particularly those related to gender, sexual orientation, race, religion, or disability.
+* Posting or displaying sexually explicit or violent material.
- * Inappropriate photography or recording.
+* Posting or threatening to post other people's personally identifying
- * Inappropriate physical contact. You should have someone's consent before touching them.
+  information ("doxing").
- * Unwelcome sexual attention. This includes, sexualized comments or jokes; inappropriate touching, groping, and unwelcomed sexual advances.
+* Personal insults, particularly those related to gender, sexual orientation,
- * Deliberate intimidation, stalking or following (online or in person).
+  race, religion, or disability.
- * Advocating for, or encouraging, any of the above behavior.
+* Inappropriate photography or recording.
- * Sustained disruption of community events, including talks and presentations.
+* Inappropriate physical contact. You should have someone's consent before
  touching them.
 * Unwelcome sexual attention. This includes, sexualized comments or jokes;
  inappropriate touching, groping, and unwelcomed sexual advances.
 * Deliberate intimidation, stalking or following (online or in person).
 * Advocating for, or encouraging, any of the above behavior.
 * Sustained disruption of community events, including talks and presentations.
 ## 5. Weapons Policy
-No weapons will be allowed at @ivuorinen's repositories events, community spaces, or in other spaces covered by the scope of this Code of Conduct. Weapons include but are not limited to guns, explosives (including fireworks), and large knives such as those used for hunting or display, as well as any other item used for the purpose of causing injury or harm to others. Anyone seen in possession of one of these items will be asked to leave immediately, and will only be allowed to return without the weapon. Community members are further expected to comply with all state and local laws on this matter.
+No weapons will be allowed at @ivuorinen's repositories events, community
 spaces, or in other spaces covered by the scope of this Code of Conduct. Weapons
 include but are not limited to guns, explosives (including fireworks), and large
 knives such as those used for hunting or display, as well as any other item used
 for the purpose of causing injury or harm to others. Anyone seen in possession
 of one of these items will be asked to leave immediately, and will only be
 allowed to return without the weapon. Community members are further expected to
 comply with all state and local laws on this matter.
 ## 6. Consequences of Unacceptable Behavior
-Unacceptable behavior from any community member, including sponsors and those with decision-making authority, will not be tolerated.
+Unacceptable behavior from any community member, including sponsors and those
 with decision-making authority, will not be tolerated.
 Anyone asked to stop unacceptable behavior is expected to comply immediately.
-If a community member engages in unacceptable behavior, the community organizers may take any action they deem appropriate, up to and including a temporary ban or permanent expulsion from the community without warning (and without refund in the case of a paid event).
+If a community member engages in unacceptable behavior, the community organizers
 may take any action they deem appropriate, up to and including a temporary ban
 or permanent expulsion from the community without warning (and without refund in
 the case of a paid event).
 ## 7. Reporting Guidelines
-If you are subject to or witness unacceptable behavior, or have any other concerns, please notify a community organizer as soon as possible. ismo@ivuorinen.net.
+If you are subject to or witness unacceptable behavior, or have any other
 concerns, please notify a community organizer as soon as possible:
 <ismo@ivuorinen.net>
-
+Additionally, community organizers are available to help community members
-
+engage with local law enforcement or to otherwise help those experiencing
-Additionally, community organizers are available to help community members engage with local law enforcement or to otherwise help those experiencing unacceptable behavior feel safe. In the context of in-person events, organizers will also provide escorts as desired by the person experiencing distress.
+unacceptable behavior feel safe. In the context of in-person events, organizers
 will also provide escorts as desired by the person experiencing distress.
 ## 8. Addressing Grievances
-If you feel you have been falsely or unfairly accused of violating this Code of Conduct, you should notify @ivuorinen with a concise description of your grievance. Your grievance will be handled in accordance with our existing governing policies.
+If you feel you have been falsely or unfairly accused of violating this Code of
 Conduct, you should notify @ivuorinen with a concise description of your
 grievance. Your grievance will be handled in accordance with our existing
 governing policies.
 ## 9. Scope
-We expect all community participants (contributors, paid or otherwise; sponsors; and other guests) to abide by this Code of Conduct in all community venues--online and in-person--as well as in all one-on-one communications pertaining to community business.
+We expect all community participants (contributors, paid or otherwise; sponsors;
 and other guests) to abide by this Code of Conduct in all community
 venues--online and in-person--as well as in all one-on-one communications
 pertaining to community business.
-This code of conduct and its related procedures also applies to unacceptable behavior occurring outside the scope of community activities when such behavior has the potential to adversely affect the safety and well-being of community members.
+This code of conduct and its related procedures also applies to unacceptable
 behavior occurring outside the scope of community activities when such behavior
 has the potential to adversely affect the safety and well-being of community
 members.
 ## 10. Contact info
@ivuorinen
-ismo@ivuorinen.net
+<ismo@ivuorinen.net>
 ## 11. License and attribution
-The Citizen Code of Conduct is distributed by [Stumptown Syndicate](http://stumptownsyndicate.org) under a [Creative Commons Attribution-ShareAlike license](http://creativecommons.org/licenses/by-sa/3.0/).
+The Citizen Code of Conduct is distributed by [Stumptown Syndicate][stumptown]
 under a [Creative Commons Attribution-ShareAlike license][cc-by-sa].
-Portions of text derived from the [Django Code of Conduct](https://www.djangoproject.com/conduct/) and the [Geek Feminism Anti-Harassment Policy](http://geekfeminism.wikia.com/wiki/Conference_anti-harassment/Policy).
+Portions of text derived from the [Django Code of Conduct][django] and
 the [Geek Feminism Anti-Harassment Policy][geek-feminism].
-_Revision 2.3. Posted 6 March 2017._
+* _Revision 2.3. Posted 6 March 2017._
 * _Revision 2.2. Posted 4 February 2016._
 * _Revision 2.1. Posted 23 June 2014._
 * _Revision 2.0, adopted by the [Stumptown Syndicate][stumptown] board on 10
  January 2013. Posted 17 March 2013._
-_Revision 2.2. Posted 4 February 2016._
+[stumptown]: https://github.com/stumpsyn
-
+[cc-by-sa]: https://creativecommons.org/licenses/by-sa/3.0/
-_Revision 2.1. Posted 23 June 2014._
+[django]: https://www.djangoproject.com/conduct/
-
+[geek-feminism]: http://geekfeminism.wikia.com/wiki/Conference_anti-harassment/Policy
 _Revision 2.0, adopted by the [Stumptown Syndicate](http://stumptownsyndicate.org) board on 10 January 2013. Posted 17 March 2013._
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -0,0 +1,46 @@
 ---
 # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
 name: 'CodeQL'
 on:
  push:
    branches: ['main']
  pull_request:
    branches: ['main']
  schedule:
    - cron: '30 1 * * 0' # Run at 1:30 AM UTC every Sunday
  merge_group:
 permissions:
  actions: read
  contents: read
 jobs:
  analyze:
    name: Analyze
    runs-on: ubuntu-latest
    permissions:
      security-events: write
    strategy:
      fail-fast: false
      matrix:
        language: ['javascript'] # Add languages used in your actions
    steps:
      - name: Checkout repository
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
      - name: Initialize CodeQL
        uses: github/codeql-action/init@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17
        with:
          languages: ${{ matrix.language }}
          queries: security-and-quality
      - name: Autobuild
        uses: github/codeql-action/autobuild@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17
      - name: Perform CodeQL Analysis
        uses: github/codeql-action/analyze@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17
        with:
          category: '/language:${{matrix.language}}'
--- a/.github/workflows/pr-lint.yml
+++ b/.github/workflows/pr-lint.yml
@@ -1,18 +1,30 @@
 ---
-name: PR Lint
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
 name: Lint Code Base
 on:
  push:
-    branches-ignore: [master, main]
+    branches: [master, main]
    # Remove the line above to run when pushing to master
  pull_request:
    branches: [master, main]
-permissions:
+concurrency:
-  contents: read
+  group: ${{ github.workflow }}-${{ github.ref }}
-  packages: read
+  cancel-in-progress: true
-  statuses: write
+
 permissions: read-all
 jobs:
-  SuperLinter:
+  Linter:
-    uses: ivuorinen/.github/.github/workflows/pr-lint.yml@main
+    name: PR Lint
    runs-on: ubuntu-latest
    timeout-minutes: 15
    permissions:
      statuses: write
      contents: read
      packages: read
    steps:
      - name: Run PR Lint
        # https://github.com/ivuorinen/actions
        uses: ivuorinen/actions/pr-lint@2be873ebc893ab669d11d1848e5bddfe1cb9f828 # 25.5.5
--- a/.github/workflows/release-drafter.yml
+++ b/.github/workflows/release-drafter.yml
@@ -1,14 +0,0 @@
 ---
 name: Release Drafter
 # yamllint disable-line rule:truthy
 on:
  workflow_call:
 permissions:
  contents: write
  statuses: write
 jobs:
  Draft:
    uses: ivuorinen/.github/.github/workflows/sync-labels.yml@main
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -1,19 +1,26 @@
 ---
 # yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
 name: Stale
 # yamllint disable-line rule:truthy
 on:
  schedule:
-    - cron: "0 8 * * *"
+    - cron: '0 8 * * *' # Every day at 08:00
  workflow_call:
  workflow_dispatch:
 permissions:
  contents: read
  packages: read
  statuses: read
 jobs:
  stale:
    name: 🧹 Clean up stale issues and PRs
    runs-on: ubuntu-latest
    permissions:
      contents: write # only for delete-branch option
      issues: write
      pull-requests: write
    steps:
-      - uses: ivuorinen/actions/stale@main
+      - uses: ivuorinen/actions/stale@2be873ebc893ab669d11d1848e5bddfe1cb9f828 # 25.5.5
--- a/.github/workflows/sync-labels.yml
+++ b/.github/workflows/sync-labels.yml
@@ -1,23 +1,41 @@
 ---
-name: Sync labels
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
 name: Sync Labels
 # yamllint disable-line rule:truthy
 on:
  push:
    branches:
      - main
      - master
    paths:
-      - .github/workflows/sync-labels.yml
+      - '.github/labels.yml'
-      - .github/labels.yml
+      - '.github/workflows/sync-labels.yml'
  schedule:
-    - cron: "34 5 * * *"
+    - cron: '34 5 * * *' # Run every day at 05:34 AM UTC
  workflow_call:
  workflow_dispatch:
  merge_group:
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 permissions: read-all
 jobs:
-  SyncLabels:
+  labels:
-    permissions:
+    name: ♻️ Sync Labels
      issues: write
    runs-on: ubuntu-latest
    timeout-minutes: 10
    permissions:
      contents: read
      issues: write
    steps:
-      - uses: ivuorinen/actions/sync-labels@main
+      - name: ⤵️ Checkout Repository
        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
        with:
          token: ${{ secrets.GITHUB_TOKEN }}
      - name: ⤵️ Sync Latest Labels Definitions
        uses: ivuorinen/actions/sync-labels@2be873ebc893ab669d11d1848e5bddfe1cb9f828 # 25.5.5
--- a/.markdownlint.json
+++ b/.markdownlint.json
@@ -0,0 +1,13 @@
 {
  "default": true,
  "MD013": {
    "line_length": 200,
    "code_blocks": false,
    "tables": false
  },
  "MD024": {
    "siblings_only": true
  },
  "MD033": false,
  "MD041": false
 }
--- a/.mega-linter.yml
+++ b/.mega-linter.yml
@@ -0,0 +1,35 @@
 ---
 # Configuration file for MegaLinter
 # See all available variables at
 # https://megalinter.io/configuration/ and in linters documentation
 APPLY_FIXES: all
 SHOW_ELAPSED_TIME: false # Show elapsed time at the end of MegaLinter run
 PARALLEL: true
 VALIDATE_ALL_CODEBASE: true
 FILEIO_REPORTER: false # Generate file.io report
 GITHUB_STATUS_REPORTER: true # Generate GitHub status report
 IGNORE_GENERATED_FILES: true # Ignore generated files
 JAVASCRIPT_DEFAULT_STYLE: prettier # Default style for JavaScript
 PRINT_ALPACA: false # Print Alpaca logo in console
 SARIF_REPORTER: true # Generate SARIF report
 SHOW_SKIPPED_LINTERS: false # Show skipped linters in MegaLinter log
 DISABLE_LINTERS:
  - REPOSITORY_DEVSKIM
 ENABLE_LINTERS:
  - YAML_YAMLLINT
  - MARKDOWN_MARKDOWNLINT
  - YAML_PRETTIER
  - JSON_PRETTIER
  - JAVASCRIPT_ES
  - TYPESCRIPT_ES
 YAML_YAMLLINT_CONFIG_FILE: .yamllint.yml
 MARKDOWN_MARKDOWNLINT_CONFIG_FILE: .markdownlint.json
 JAVASCRIPT_ES_CONFIG_FILE: .eslintrc.json
 TYPESCRIPT_ES_CONFIG_FILE: .eslintrc.json
 FILTER_REGEX_EXCLUDE: >
  (node_modules|\.automation/test|docs/json-schemas|\.github/workflows)
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,63 @@
 ---
 repos:
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v5.0.0
    hooks:
      - id: requirements-txt-fixer
      - id: detect-private-key
      - id: trailing-whitespace
        args: [--markdown-linebreak-ext=md]
      - id: check-case-conflict
      - id: check-merge-conflict
      - id: check-executables-have-shebangs
      - id: check-shebang-scripts-are-executable
      - id: check-symlinks
      - id: check-toml
      - id: check-xml
      - id: check-yaml
        args: [--allow-multiple-documents]
      - id: end-of-file-fixer
      - id: mixed-line-ending
        args: [--fix=auto]
      - id: pretty-format-json
        args: [--autofix, --no-sort-keys]
  - repo: https://github.com/igorshubovych/markdownlint-cli
    rev: v0.44.0
    hooks:
      - id: markdownlint
        args: [-c, .markdownlint.json, --fix]
  - repo: https://github.com/adrienverge/yamllint
    rev: v1.37.0
    hooks:
      - id: yamllint
  - repo: https://github.com/scop/pre-commit-shfmt
    rev: v3.11.0-1
    hooks:
      - id: shfmt
  - repo: https://github.com/koalaman/shellcheck-precommit
    rev: v0.10.0
    hooks:
      - id: shellcheck
        args: ['--severity=warning']
  - repo: https://github.com/rhysd/actionlint
    rev: v1.7.7
    hooks:
      - id: actionlint
        args: ['-shellcheck=']
  - repo: https://github.com/renovatebot/pre-commit-hooks
    rev: 39.227.2
    hooks:
      - id: renovate-config-validator
  - repo: https://github.com/bridgecrewio/checkov.git
    rev: '3.2.400'
    hooks:
      - id: checkov
        args:
          - '--quiet'
--- a/.shellcheckrc
+++ b/.shellcheckrc
@@ -0,0 +1 @@
 disable=SC2129
--- a/.yamlignore
+++ b/.yamlignore
--- a/.yamllint.yml
+++ b/.yamllint.yml
@@ -0,0 +1,13 @@
 ---
 extends: default
 rules:
  line-length:
    max: 200
    level: warning
  truthy:
    check-keys: false
  comments:
    min-spaces-from-content: 1
  trailing-spaces:
    level: warning
--- a/LICENSE.md
+++ b/LICENSE.md
@@ -1,6 +1,6 @@
 MIT License
-Copyright (c) 2024 Ismo Vuorinen
+Copyright (c) 2025 Ismo Vuorinen
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal