Add security docs for media upload by url #1031
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Detect Moved Markdown Files | |
| on: | |
| pull_request: | |
| types: [opened, synchronize] | |
| jobs: | |
| detect-moved-files: | |
| if: ${{ github.event.pull_request.head.repo.fork == false }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| ref: ${{ github.head_ref }} | |
| - name: Detect moved markdown files | |
| id: detect_moved_files | |
| run: | | |
| # Find moved markdown files in the PR | |
| git diff --name-status origin/${{ github.base_ref }}...${{ github.head_ref }} | grep '^R' | grep '\.md$' > moved_files.txt || true | |
| if [ -s moved_files.txt ]; then | |
| echo "moved=true" >> $GITHUB_ENV | |
| cat moved_files.txt | |
| else | |
| echo "moved=false" >> $GITHUB_ENV | |
| fi | |
| - name: Detect deleted markdown files | |
| id: detect_deleted_files | |
| run: | | |
| # Find deleted markdown files in the PR | |
| git diff --name-status origin/${{ github.base_ref }}...${{ github.head_ref }} | grep '^D' | grep '\.md$' > deleted_files.txt || true | |
| if [ -s deleted_files.txt ]; then | |
| echo "deleted=true" >> $GITHUB_ENV | |
| cat deleted_files.txt | |
| else | |
| echo "deleted=false" >> $GITHUB_ENV | |
| fi | |
| - name: Add "check-redirect" label | |
| if: env.moved == 'true' | |
| uses: actions-ecosystem/action-add-labels@v1 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| labels: check-redirect | |
| - name: Add "check-deleted-file" label | |
| if: env.deleted == 'true' | |
| uses: actions-ecosystem/action-add-labels@v1 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| labels: check-deleted-file | |
| - name: Add warning comment to PR | |
| if: env.moved == 'true' | |
| uses: actions/github-script@v6 | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| const prNumber = context.payload.pull_request.number; | |
| const commentBody = "⚠️ Moved markdown files detected. Please ensure redirects are updated in .gitbook.yaml file."; | |
| // Get existing comments | |
| const { data: comments } = await github.rest.issues.listComments({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: prNumber | |
| }); | |
| // Check for existing comment with exact body | |
| const alreadyExists = comments.some(comment => comment.body === commentBody); | |
| if (!alreadyExists) { | |
| await github.rest.issues.createComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: prNumber, | |
| body: commentBody | |
| }); | |
| } |