chore: add/update default repository files

- Add standardized GitHub workflows
- Update linting and security configurations
- Add documentation templates
- Update development tools configuration

Generated by multi-gitter

Author: ruzickap

.github/ISSUE_TEMPLATE/config.yml

@@ -1,8 +1,8 @@
 blank_issues_enabled: false
 contact_links:
-  - name: GitHub Actions Community Forum
-    url: https://github.com/orgs/community/discussions/
-    about: Please ask questions about GitHub Actions here.
-  - name: GitHub Pages help
-    url: https://help.github.com/en/github/working-with-github-pages
-    about: GitHub Pages documentation here.
+  - name: 📚 Documentation
+    url: https://github.com/ruzickap/action-my-broken-link-checker/blob/main/README.md
+    about: Read the documentation before reporting issues
+  - name: 🔒 Security Vulnerabilities
+    url: https://github.com/ruzickap/action-my-broken-link-checker/blob/main/SECURITY.md
+    about: Report security vulnerabilities privately following our security policy

.github/renovate.json5

@@ -40,6 +40,8 @@
     enabled: true,
     schedule: ["before 6am on Sunday"],
   },
+  // Wait for releases to be at least 3 days old before creating PRs (reduces risk of buggy releases)
+  minimumReleaseAge: "3 days",
   // Package-specific Update Rules
   packageRules: [
     {

.github/workflows/codeql.yml

@@ -14,13 +14,14 @@ on:
   schedule:
     - cron: 17 10 * * 2
 
-permissions:
-  security-events: write
-  packages: read
+permissions: read-all
 
 jobs:
   codeql:
     runs-on: ubuntu-latest
+    permissions:
+      security-events: write
+      packages: read
     steps:
       - name: Checkout repository
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

.github/workflows/docker-image.yml

@@ -29,9 +29,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os:
-          - ubuntu-latest
-          - ubuntu-24.04-arm
+        os: [ubuntu-latest, ubuntu-24.04-arm]
     steps:
       - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
 

.github/workflows/mega-linter.yml

@@ -20,22 +20,49 @@ jobs:
     steps:
       - name: Checkout Code
         uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        with:
+          fetch-depth: 2
+
+      - name: Get changed files
+        id: changed-files
+        uses: tj-actions/changed-files@e0021407031f5be11a464abee9a0776171c79891 # v47.0.1
+        with:
+          files: |
+            **/*.md
 
       # Extract shell commands from markdown code blocks for validation
-      # This creates a README.sh file containing all bash/shell/sh code blocks
+      # This creates a shell_commands_from_md.sh file containing all bash/shell/sh code blocks
       # from markdown files to ensure they are syntactically correct
       - name: Extract commands from markdown files
+        if: steps.changed-files.outputs.any_changed == 'true'
+        env:
+          ALL_CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_and_modified_files }}
         run: |
           set -euxo pipefail
           eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
-          brew install mdq
-          echo '#!/usr/bin/env bash' > README.sh
-          readarray -d '' MD_FILES < <(find . -type f -name "*.md" -print0)
-          mdq '```/^bash$|^shell$|^sh$/' --br -o plain "${MD_FILES[@]}" >> README.sh || true
-          chmod a+x README.sh
+          brew install mq
+          echo '#!/usr/bin/env bash' > shell_commands_from_md.sh
+          read -ra FILES <<< "${ALL_CHANGED_FILES}"
+          mq 'select(.code.lang == "bash" || .code.lang == "shell" || .code.lang == "sh") | to_text()' "${FILES[@]}" >> shell_commands_from_md.sh
+          chmod a+x shell_commands_from_md.sh
+
+      - name: Restore lychee cache
+        id: restore-cache
+        uses: actions/cache/restore@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
+        with:
+          path: .lycheecache
+          key: cache-lychee-${{ github.sha }}
+          restore-keys: cache-lychee-
 
       - name: 💡 MegaLinter
         uses: oxsecurity/megalinter@55a59b24a441e0e1943080d4a512d827710d4a9d # v9.2.0
         env:
           GITHUB_COMMENT_REPORTER: false
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Save lychee cache
+        uses: actions/cache/save@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
+        if: always() && steps.restore-cache.outputs.cache-primary-key
+        with:
+          path: .lycheecache
+          key: ${{ steps.restore-cache.outputs.cache-primary-key }}

.github/workflows/pr-slack-notification.yml

@@ -47,7 +47,7 @@ jobs:
           echo "${TS}" > slack-message-timestamp.txt
 
       - name: Cache slack message timestamp
-        uses: actions/cache/save@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache/save@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
         with:
           path: slack-message-timestamp.txt
           key: slack-message-timestamp-${{ github.event.pull_request.html_url }}-${{ steps.message.outputs.ts }}

.github/workflows/readme-commands-check.yml

@@ -22,10 +22,10 @@ permissions: read-all
 
 jobs:
   readme-commands-check:
+    runs-on: ${{ matrix.os }}
     strategy:
       matrix:
         os: [ubuntu-latest, ubuntu-24.04-arm]
-    runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
 

lychee.toml

@@ -6,6 +6,11 @@
 # Enable link caching to avoid checking the same links on multiple runs
 cache = true
 
+# Exclude certain status codes from cache (temporary failures may succeed later):
+#   403 = Forbidden (bot blocking can be intermittent)
+#   429 = Too Many Requests (rate limiting is temporary)
+cache_exclude_status = [403, 429]
+
 #############################  Requests  ############################
 
 # Accept these status codes as valid (200 = OK, 429 = rate limited)