Skip to content
You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
shield

GitHub Action

markdown-safe-link-action

1.0.0

markdown-safe-link-action

shield

markdown-safe-link-action

Check if the links pass Google Safe Web

Installation

Copy and paste the following snippet into your .yml file.

 
              
- name: markdown-safe-link-action

              
  uses: markbattistella/markdown-safe-link-action@1.0.0
Learn more about this action in markbattistella/markdown-safe-link-action

Choose a version

Markdown URL sanitiser - Github Action

Markdown URL Sanitiser

Help donate Buy me a coffee

Search and replace any unsafe urls in your repos using the Google Safe Browsing API

Background

I started with this tweet by @seanallen where he added a URL into a YouTube video description.

The URL became compromised within the week of adding it, and his channel was flagged with strike 1.

I realised there isn't anything out there to prevent this from happening to anyone's repository.

Usage

Github Action

  1. Get an API for Google Safe Browsing

  2. Add the step to your workflow (required minimum):

    # You can change this to use a specific version
- uses: markbattistella/markdown-safe-links@v1
  with:

    # scope of markdown files (required)
    directory: "."

    # Google Safe Browsing API (required)
    api: ${{ secrets.GOOGLE_API }}

    # replace malicious urls text (required)
    replace: "~~UNSAFE_URL~~"

    # Github token (required)
    github_token: ${{ secrets.GITHUB_TOKEN }}

Configuration

Name Value Required Default Description
directory string Y '.' Scope of where to scan urls
api string Y nil Google API for scanning URLs
replace string Y ~~UNSAFE_URL~~ What to replace the URLs with
github_token string Y ${{ secrets.GITHUB_TOKEN }} Token for the repository
author_email string Github bot email Email for commit
author_name string Github Bot Name for commit
message string Sanitised URLs on DATE Message for commit
branch string main Destination branch to push changes
empty boolean false Allow empty commits
force boolean false Determines if force push is used
tags boolean false Determines if --tags is used
commit_directory string '.' Directory to change to before pushing

Examples

Normal use

name: Markdown URL Sanitiser
on:
  [push]
jobs:
  markdown-safe-link:
    name: markdown-safe-link
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Markdown Safe Link Sanitisation
        uses: markbattistella/markdown-safe-links@v1
        id: sanitise
        with:
          directory:  "."
          api: ${{ secrets.GOOGLE_API }}
          replace: "~~UNSAFE_URL~~"
          github_token: ${{ secrets.GITHUB_TOKEN }}

On CRON schedule

name: Markdown URL Sanitiser
on:
  schedule:
  - cron: "30 1 * * *"
jobs:
  markdown-safe-link:
    name: markdown-safe-link
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Markdown Safe Link Sanitisation
        uses: markbattistella/markdown-safe-links@v1
        id: sanitise
        with:
          directory:  "."
          api: ${{ secrets.GOOGLE_API }}
          replace: "~~UNSAFE_URL~~"
          github_token: ${{ secrets.GITHUB_TOKEN }}