Add broken link checking Action

Also adjusts the entire workflow to only run if a PR or push contains changes to a markdown file

Author: wolf99

.github/workflows/lint-docs.yml

@@ -4,16 +4,51 @@ on:
   workflow_dispatch:
   push:
     branches: [ main, linux ]
+    paths:
+      - '**.md'
+      - '.github/workflows/lint-docs.yml'
   pull_request:
     branches: [ main, linux ]
+    paths:
+      - '**.md'
+      - '.github/workflows/lint-docs.yml'
 
 jobs:
   lint-markdown:
     name: Lint markdown files
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
 
       - uses: DavidAnson/markdownlint-cli2-action@744f913a124058ee903768d3adb92a4847e5d132
         with:
           globs: "**/*.md"
+
+  check-links:
+    name: Check for broken links
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+
+      - name: Run link checker
+        # For any troubleshooting, see:
+        # https://github.com/lycheeverse/lychee/blob/master/docs/TROUBLESHOOTING.md
+        uses: lycheeverse/lychee-action@76ab977fedbeaeb32029313724a2e56a8a393548
+
+        with:
+          # user-agent: if a user agent is not specified, some websites (e.g.
+          # GitHub Docs) return HTTP errors which Lychee will interpret as
+          # a broken link.
+          # no-progress: do not show progress bar. Recommended for
+          # non-interactive shells (e.g. for CI)
+          # inputs: by default (.), this action checks files matching the
+          # patterns: './**/*.md' './**/*.html'
+          args: >-
+            --user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36"
+            --no-progress .
+          fail: true
+        env:
+          # A token is used to avoid GitHub rate limiting. A personal token with
+          # no extra permissions is enough to be able to check public repos
+          # See: https://github.com/lycheeverse/lychee#github-token
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

.lycheeignore

@@ -0,0 +1,2 @@
+godaddy\.com[\\/]?$
+file:[\\/][\\/][\\/].*

README.md

@@ -6,7 +6,7 @@
 
 [Git Credential Manager](https://github.com/GitCredentialManager/git-credential-manager) (GCM) is a secure Git credential helper built on [.NET](https://dotnet.microsoft.com) that runs on Windows, macOS, and Linux.
 
-Compared to Git's [built-in credential helpers]((https://git-scm.com/book/en/v2/Git-Tools-Credential-Storage)) (Windows: wincred, macOS: osxkeychain, Linux: gnome-keyring/libsecret) which provides single-factor authentication support working on any HTTP-enabled Git repository, GCM provides multi-factor authentication support for [Azure DevOps](https://dev.azure.com/), Azure DevOps Server (formerly Team Foundation Server), GitHub, Bitbucket, and GitLab.
+Compared to Git's [built-in credential helpers](https://git-scm.com/book/en/v2/Git-Tools-Credential-Storage) (Windows: wincred, macOS: osxkeychain, Linux: gnome-keyring/libsecret) which provides single-factor authentication support working on any HTTP-enabled Git repository, GCM provides multi-factor authentication support for [Azure DevOps](https://dev.azure.com/), Azure DevOps Server (formerly Team Foundation Server), GitHub, Bitbucket, and GitLab.
 
 Git Credential Manager (GCM) replaces the .NET Framework-based [Git Credential Manager for Windows](https://github.com/microsoft/Git-Credential-Manager-for-Windows) (GCM), and the Java-based [Git Credential Manager for Mac and Linux](https://github.com/microsoft/Git-Credential-Manager-for-Mac-and-Linux) (Java GCM), providing a consistent authentication experience across all platforms.
 

docs/netconfig.md

@@ -114,7 +114,7 @@ $ git clone https://ghe.example.com/john.doe/myrepo
 fatal: The remote certificate is invalid according to the validation procedure.
 ```
 
-The **recommended and safest option** is to acquire a TLS certificate signed by a public trusted certificate authority (CA). There are multiple public CAs; here is a non-exhaustive list to consider: [Let's Encrypt](https://letsencrypt.org/), [Comodo](https://www.comodoca.com/), [Digicert](https://www.digicert.com/), [GoDaddy](https://www.godaddy.com/web-security/ssl-certificate), [GlobalSign](https://www.globalsign.com/en/ssl/).
+The **recommended and safest option** is to acquire a TLS certificate signed by a public trusted certificate authority (CA). There are multiple public CAs; here is a non-exhaustive list to consider: [Let's Encrypt](https://letsencrypt.org/), [Comodo](https://www.comodoca.com/), [Digicert](https://www.digicert.com/), [GoDaddy](https://www.godaddy.com/), [GlobalSign](https://www.globalsign.com).
 
 If it is not possible to **obtain a TLS certificate from a trusted 3rd party** then you should try to add the _specific_ self-signed certificate or one of the CA certificates in the verification chain to your operating system's trusted certificate store ([macOS](https://support.apple.com/en-gb/guide/keychain-access/kyca2431/mac), [Windows](https://blogs.technet.microsoft.com/sbs/2008/05/08/installing-a-self-signed-certificate-as-a-trusted-root-ca-in-windows-vista/)).