feat: Initial release

Author: amanstep

.github/workflows/actions_release.yml

@@ -0,0 +1,22 @@
+name: Release GitHub Actions
+
+on:
+  workflow_dispatch:
+    inputs:
+      tag:
+        description: "Tag for the release"
+        required: true
+
+permissions:
+  contents: read
+
+jobs:
+  release:
+    permissions:
+      actions: read
+      id-token: write
+      contents: write
+
+    uses: step-security/reusable-workflows/.github/workflows/actions_release.yaml@v1
+    with:
+      tag: "${{ github.event.inputs.tag }}"

.github/workflows/audit_package.yml

@@ -0,0 +1,28 @@
+name: NPM Audit Fix Run
+
+on:
+  workflow_dispatch:
+    inputs:
+      force:
+        description: "Use --force flag for npm audit fix?"
+        required: true
+        type: boolean
+      base_branch:
+        description: "Specify a base branch"
+        required: false
+        default: "main"
+  schedule:
+    - cron: "0 0 * * 1"
+
+jobs:
+  audit-fix:
+    uses: step-security/reusable-workflows/.github/workflows/audit_fix.yml@v1
+    with:
+      force: ${{ inputs.force || false }}
+      base_branch: ${{ inputs.base_branch || 'main' }}
+
+permissions:
+  contents: write
+  pull-requests: write
+  packages: read
+  issues: write

.github/workflows/depup.yml

@@ -0,0 +1,60 @@
+name: depup
+on:
+  schedule:
+    - cron:  '14 14 * * *' # Runs at 14:14 UTC every day
+  repository_dispatch:
+    types: [depup]
+  workflow_dispatch:
+
+jobs:
+  markdownlint-cli:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: haya14busa/action-depup@94a1aaf4e4923064019214b48a43276218af7ad5 # v1.6.4
+        id: depup
+        with:
+          file: Dockerfile
+          version_name: MARKDOWNLINT_CLI_VERSION
+          repo: igorshubovych/markdownlint-cli
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          title: "chore(deps): update markdownlint-cli to ${{ steps.depup.outputs.latest }}"
+          commit-message: "chore(deps): update markdownlint-cli to ${{ steps.depup.outputs.latest }}"
+          body: |
+            Update markdownlint-cli to [v${{ steps.depup.outputs.latest }}](https://github.com/igorshubovych/markdownlint-cli/tag/v${{ steps.depup.outputs.latest }})
+            Compare [v${{ steps.depup.outputs.current }}...v${{ steps.depup.outputs.latest }}](https://github.com/igorshubovych/markdownlint-cli/compare/v${{ steps.depup.outputs.current }}...v${{ steps.depup.outputs.latest }})
+
+            This PR is auto generated by [depup workflow](https://github.com/${{ github.repository }}/actions?query=workflow%3Adepup).
+          branch: depup/markdownlint-cli
+          base: main
+          labels: "bump:minor"
+
+  reviewdog:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: haya14busa/action-depup@94a1aaf4e4923064019214b48a43276218af7ad5 # v1.6.4
+        id: depup
+        with:
+          file: Dockerfile
+          version_name: REVIEWDOG_VERSION
+          repo: reviewdog/reviewdog
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          title: "chore(deps): update reviewdog to ${{ steps.depup.outputs.latest }}"
+          commit-message: "chore(deps): update reviewdog to ${{ steps.depup.outputs.latest }}"
+          body: |
+            Update reviewdog to [v${{ steps.depup.outputs.latest }}](https://github.com/reviewdog/reviewdog/releases/tag/v${{ steps.depup.outputs.latest }})
+            Compare [v${{ steps.depup.outputs.current }}...v${{ steps.depup.outputs.latest }}](https://github.com/reviewdog/reviewdog/compare/v${{ steps.depup.outputs.current }}...v${{ steps.depup.outputs.latest }})
+
+            This PR is auto generated by [depup workflow](https://github.com/${{ github.repository }}/actions?query=workflow%3Adepup).
+          branch: depup/reviewdog
+          base: main
+          labels: "bump:minor"

.github/workflows/dockerimage.yml

@@ -0,0 +1,14 @@
+name: Docker Image CI
+
+on: [push]
+
+jobs:
+
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+    - name: Build the Docker image
+      run: docker build --file Dockerfile --tag action-markdownlint:$(date +%s) .

.github/workflows/guarddog.yml

@@ -0,0 +1,14 @@
+name: Run GuardDog Scan on PRs
+
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+
+permissions:
+  contents: read
+
+jobs:
+  call-guarddog-scan:
+    uses: step-security/reusable-workflows/.github/workflows/guarddog.yml@v1

.github/workflows/reviewdog.yml

@@ -0,0 +1,21 @@
+name: reviewdog
+on: [pull_request]
+jobs:
+  markdownlint:
+    name: runner / markdownlint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - name: markdownlint-github-check
+        uses: ./
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          reporter: github-check
+          level: warning
+          filter_mode: nofilter
+
+      - name: markdownlint-github-pr-review
+        uses: ./
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          reporter: github-pr-review

Dockerfile

@@ -0,0 +1,22 @@
+FROM node:20-bullseye-slim
+
+ENV MARKDOWNLINT_CLI_VERSION=v0.41.0
+
+RUN npm install -g "markdownlint-cli@$MARKDOWNLINT_CLI_VERSION"
+
+ENV REVIEWDOG_VERSION=v0.20.2
+
+RUN apt-get update \
+    && apt-get install -y --no-install-recommends \
+        ca-certificates \
+        git \
+        wget \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+RUN wget -O - -q https://raw.githubusercontent.com/reviewdog/reviewdog/fd59714416d6d9a1c0692d872e38e7f8448df4fc/install.sh \
+    | sh -s -- -b /usr/local/bin/ ${REVIEWDOG_VERSION}
+
+COPY entrypoint.sh /entrypoint.sh
+
+ENTRYPOINT ["/entrypoint.sh"]
+CMD []

LICENSE

@@ -0,0 +1,22 @@
+The MIT License (MIT)
+
+Copyright (c) 2020 James Mills / prologic
+Copyright (c) 2025 StepSecurity
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

README.md

@@ -1 +1,74 @@
-# action-markdownlint
+# GitHub Action: Run markdownlint with reviewdog
+
+Based on [reviewdog/action-shellcheck](https://github.com/reviewdog/action-shellcheck)
+
+[![Docker Image CI](https://github.com/prologic/action-markdownlint/workflows/Docker%20Image%20CI/badge.svg)](https://github.com/prologic/action-markdownlint/actions)
+[![Release](https://img.shields.io/github/release/prologic/action-markdownlint.svg?maxAge=43200)](https://github.com/prologic/action-markdownlint/releases)
+
+This action runs [markdownlint](https://github.com/DavidAnson/markdownlint) with
+[reviewdog](https://github.com/reviewdog/reviewdog) on pull requests to improve
+code review experience.
+
+## Inputs
+
+<!-- markdownlint-disable MD013 -->
+```yml
+inputs:
+  github_token:
+    description: 'GITHUB_TOKEN.'
+    default: '${{ github.token }}'
+  ### Flags for reviewdog ###
+  level:
+    description: 'Report level for reviewdog [info,warning,error]'
+    default: 'error'
+  reporter:
+    description: 'Reporter of reviewdog command [github-check,github-pr-review].'
+    default: 'github-check'
+  filter_mode:
+    description: |
+      Filtering mode for the reviewdog command [added,diff_context,file,nofilter].
+      Default is added.
+    default: 'added'
+  fail_level:
+    description: |
+      If set to `none`, always use exit code 0 for reviewdog.
+      Otherwise, exit code 1 for reviewdog if it finds at least 1 issue with severity greater than or equal to the given level.
+      Possible values: [none,any,info,warning,error]
+      Default is `none`.
+    default: 'none'
+  fail_on_error:
+    description: |
+      Deprecated, use `fail_level` instead.
+      Exit code for reviewdog when errors are found [true,false]
+      Default is `false`.
+    deprecationMessage: Deprecated, use `fail_level` instead.
+    default: 'false'
+  reviewdog_flags:
+    description: 'Additional reviewdog flags'
+    default: ''
+  ### Flags for markdownlint-cli ###
+  markdownlint_flags:
+    description: "Options of markdownlint-cli command. Default: '.'"
+    default: '.'
+```
+<!-- markdownlint-enable MD013 -->
+
+## Example usage
+
+### [.github/workflows/reviewdog.yml](.github/workflows/reviewdog.yml)
+
+```yml
+name: reviewdog
+on: [pull_request]
+jobs:
+  markdownlint:
+    name: runner / markdownlint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - name: markdownlint
+        uses: step-security/action-markdownlint@3667398db9118d7e78f7a63d10e26ce454ba5f58 # v0.26.2
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          reporter: github-pr-review
+```

SECURITY.md

@@ -0,0 +1,5 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please report security vulnerabilities to [email protected]