Merge pull request #44 from trailofbits/lychee-link-checker

Lychee link checking action

.github/workflows/markdown.yml

@@ -11,16 +11,23 @@ jobs:
   markdown-link-check:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@master
-    - uses: gaurav-nelson/github-action-markdown-link-check@v1
+    - uses: actions/checkout@v4
+    - name: Restore lychee cache
+      uses: actions/cache@v4
       with:
-        use-quiet-mode: 'yes'
+         path: .lycheecache
+         key: cache-lychee-${{ github.sha }}
+         restore-keys: cache-lychee-
+    - uses: lycheeverse/lychee-action@2b973e86fc7b1f6b36a93795fe2c9c6ae1118621 # for v1.10.0
+      with:
+        args: --base . -a 100..=103,200..=299,429 --verbose --no-progress --cache --max-cache-age 1d --scheme http --scheme https './**/*.md' './layout/shortcodes/fuzzing/*.html'
+        fail: true
   # Lint Markdown files
   # Uses: a custom configuration file
   markdown-linter:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - uses: DavidAnson/markdownlint-cli2-action@v15
       with:
         globs: "**/*.md"
@@ -29,7 +36,7 @@ jobs:
   spellcheck:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - uses: tbroadley/spellchecker-cli-action@v1
       with:
         # No need to use a dictionary file with the disabled spell plugin 

.github/workflows/preview.yml

@@ -33,7 +33,7 @@ jobs:
       - name: Install Dart Sass Embedded
         run: sudo snap install dart-sass-embedded
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           submodules: recursive
       - name: Install Node.js dependencies

README.md

@@ -111,7 +111,7 @@ Your browser will be automatically refreshed with changes whenever you save a fi
 
 - The GitHub workflow in this repository verifies the correctness of Markdown files through three checks:
   1. **Markdown Link Check**: This step extracts links from Markdown files and verifies if they are valid and accessible.
-    It uses the [github-action-markdown-link-check](https://github.com/gaurav-nelson/github-action-markdown-link-check) action.
+    It uses the [lychee link checking action](https://github.com/lycheeverse/lychee-action).
   2. **Markdown Linter**: This step ensures that Markdown files adhere to the desired style and formatting rules.
     It uses a custom configuration file (`.github/workflows/.markdownlint.jsonc`) and the
      [markdownlint-cli2-action](https://github.com/DavidAnson/markdownlint-cli2-action) action.

content/docs/static-analysis/codeql/99-resources.md

@@ -23,7 +23,7 @@ weight: 99
 ### Writing custom CodeQL queries
 
 - [Practical introduction to CodeQL](https://jorgectf.github.io/blog/post/practical-codeql-introduction/)
-- [Security code reviewing with CodeQL](https://mechanicalsympathy.nl/posts/security-code-reviewing-with-codeql/)
+- [Security code reviewing with CodeQL](https://web.archive.org/web/20240529182656/https://remcovermeulen.com/posts/security-code-reviewing-with-codeql/)
 - [Sharing security expertise through CodeQL packs (Part I)](https://github.blog/2022-04-19-sharing-security-expertise-through-codeql-packs-part-i/)
 
 ### Using CodeQL for vulnerability discovery