From 566ca4d4a9af91d702ac688af199d6a3cc2d36f6 Mon Sep 17 00:00:00 2001 From: shenxianpeng Date: Wed, 13 May 2026 21:51:35 +0300 Subject: [PATCH 1/5] Pin GitHub Actions to commit hashes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Replace version tags with full git commit hashes for all GitHub Actions to improve supply-chain security, with exact version annotations: - actions/checkout@v6 → @de0fac2e... # v6.0.2 - actions/setup-python@v6 → @a309ff8... # v6.2.0 - actions/setup-node@v6 → @48b55a0... # v6.4.0 - codecov/codecov-action@v6 → @57e3a13... # v6 - pypa/gh-action-pypi-publish@release/v1 → @6733eb7... # v1.14.0 - pypa/gh-action-pip-audit@v1.1.0 → @1220774... # v1.1.0 Closes #64 --- .github/workflows/ci.yml | 20 ++++++++++---------- .github/workflows/docs.yml | 8 ++++---- .github/workflows/release-drafter.yml | 4 ++-- .github/workflows/release.yml | 6 +++--- .github/workflows/security.yml | 6 +++--- docs/getting-started.md | 8 +++----- mkdocs.yml | 4 ++++ 7 files changed, 29 insertions(+), 27 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7a90113b..c95a9252 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -37,9 +37,9 @@ jobs: test-script: test:test runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Python ${{ matrix.python-version }} - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies @@ -55,7 +55,7 @@ jobs: shell: bash - name: Upload Codecov Results if: success() && matrix.upload-coverage - uses: codecov/codecov-action@v6 + uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6 with: file: ./coverage.xml flags: unittests @@ -80,9 +80,9 @@ jobs: py: pypy3 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Python ${{ matrix.python-version }} - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: ${{ matrix.python-version }} - name: Install dependencies @@ -99,16 +99,16 @@ jobs: lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.11' - name: Install Python dependencies run: | python -m pip install --upgrade hatch pre-commit - name: Setup Node - uses: actions/setup-node@v6 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: 24 - name: Run repository checks @@ -121,9 +121,9 @@ jobs: package: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.11' - name: Install dependencies diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 4a07d68c..ce86dd95 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -18,9 +18,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Download source - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Install Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.11' - name: Install dependencies @@ -36,9 +36,9 @@ jobs: contents: write steps: - name: Download source - uses: actions/checkout@v6 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Install Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.11' - name: Install dependencies diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index b2f10bbe..818ca6ec 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -17,9 +17,9 @@ jobs: draft-release: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.11" - id: notes diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4042aba5..b5daf8b5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,9 +9,9 @@ jobs: id-token: write runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.11' - name: Install dependencies @@ -19,4 +19,4 @@ jobs: - name: Build package run: python -m build - name: Publish to PyPI - uses: pypa/gh-action-pypi-publish@release/v1 + uses: pypa/gh-action-pypi-publish@6733eb7d741f0b11ec6a39b58540dab7590f9b7d # v1.14.0 diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 71e721c7..48de6fd6 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -21,13 +21,13 @@ jobs: pip-audit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Python - uses: actions/setup-python@v6 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: '3.11' - name: Audit Python dependencies - uses: pypa/gh-action-pip-audit@v1.1.0 + uses: pypa/gh-action-pip-audit@1220774d901786e6f652ae159f7b6bc8fea6d266 # v1.1.0 with: inputs: . summary: true diff --git a/docs/getting-started.md b/docs/getting-started.md index 68a39cb3..413867ad 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -12,7 +12,7 @@ To install MkDocs, run the following command from the command line: pip install mkdocs-ng ``` -For more details, see the [Installation Guide]. +For more details, see the [Installation]. ## Creating a new project @@ -126,7 +126,7 @@ theme: readthedocs Save your changes, and you'll see the ReadTheDocs theme being used. -![Screenshot](img/readthedocs.png) +![Screenshot](img/.png) ## Changing the Favicon Icon @@ -200,13 +200,11 @@ you're done. For specific instructions on a number of common hosts, see the See the [User Guide] for more complete documentation of all of MkDocs' features. -For help with MkDocs, use [GitHub Discussions] for questions and general help, +For help with MkDocs, use [GitHub] for questions and general help, and [GitHub issues] to report bugs or request features. -[Installation Guide]: user-guide/installation.md [docs_dir]: user-guide/configuration.md#docs_dir [deploy]: user-guide/deploying-your-docs.md -[GitHub Discussions]: https://github.com/orgs/mkdocs-ng/discussions [nav]: user-guide/configuration.md#nav [GitHub issues]: https://github.com/mkdocs-ng/mkdocs/issues [site_name]: user-guide/configuration.md#site_name diff --git a/mkdocs.yml b/mkdocs.yml index 933c19af..983293de 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -77,3 +77,7 @@ plugins: watch: - mkdocs + +validation: + links: + unrecognized_links: warn From 00dc0b42157a55586fbd7f5192b3ede0bdd152d6 Mon Sep 17 00:00:00 2001 From: shenxianpeng Date: Wed, 13 May 2026 21:58:12 +0300 Subject: [PATCH 2/5] Add --strict flag to mkdocs build and serve commands --- pyproject.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index 37bffb20..c06efd1e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -163,8 +163,8 @@ path = "mkdocs.yml" [tool.hatch.envs.docs] detached = false [tool.hatch.envs.docs.scripts] -build = "mkdocs build" -serve = "mkdocs serve" +build = "mkdocs build --strict" +serve = "mkdocs serve --strict" deploy = "mkdocs gh-deploy --force" [tool.isort] From ae28ef51f1bffb68575ba147dc27cdb50a3477dc Mon Sep 17 00:00:00 2001 From: shenxianpeng Date: Wed, 13 May 2026 22:04:03 +0300 Subject: [PATCH 3/5] Fix image path and update help references in getting started guide --- docs/getting-started.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/getting-started.md b/docs/getting-started.md index 413867ad..611b7732 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -126,7 +126,7 @@ theme: readthedocs Save your changes, and you'll see the ReadTheDocs theme being used. -![Screenshot](img/.png) +![Screenshot](img/readthedocs.png) ## Changing the Favicon Icon @@ -200,11 +200,12 @@ you're done. For specific instructions on a number of common hosts, see the See the [User Guide] for more complete documentation of all of MkDocs' features. -For help with MkDocs, use [GitHub] for questions and general help, +For help with MkDocs, use [GitHub Discussions] for questions and general help, and [GitHub issues] to report bugs or request features. [docs_dir]: user-guide/configuration.md#docs_dir [deploy]: user-guide/deploying-your-docs.md +[GitHub Discussions]: https://github.com/orgs/mkdocs-ng/discussions [nav]: user-guide/configuration.md#nav [GitHub issues]: https://github.com/mkdocs-ng/mkdocs/issues [site_name]: user-guide/configuration.md#site_name From 058827da4c52d6b8e345d141a19307756d1506ee Mon Sep 17 00:00:00 2001 From: shenxianpeng Date: Wed, 13 May 2026 22:07:51 +0300 Subject: [PATCH 4/5] Update installation guide reference and remove validation links warning --- docs/getting-started.md | 3 ++- mkdocs.yml | 4 ---- pyproject.toml | 4 ++-- 3 files changed, 4 insertions(+), 7 deletions(-) diff --git a/docs/getting-started.md b/docs/getting-started.md index 611b7732..68a39cb3 100644 --- a/docs/getting-started.md +++ b/docs/getting-started.md @@ -12,7 +12,7 @@ To install MkDocs, run the following command from the command line: pip install mkdocs-ng ``` -For more details, see the [Installation]. +For more details, see the [Installation Guide]. ## Creating a new project @@ -203,6 +203,7 @@ See the [User Guide] for more complete documentation of all of MkDocs' features. For help with MkDocs, use [GitHub Discussions] for questions and general help, and [GitHub issues] to report bugs or request features. +[Installation Guide]: user-guide/installation.md [docs_dir]: user-guide/configuration.md#docs_dir [deploy]: user-guide/deploying-your-docs.md [GitHub Discussions]: https://github.com/orgs/mkdocs-ng/discussions diff --git a/mkdocs.yml b/mkdocs.yml index 983293de..933c19af 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -77,7 +77,3 @@ plugins: watch: - mkdocs - -validation: - links: - unrecognized_links: warn diff --git a/pyproject.toml b/pyproject.toml index c06efd1e..37bffb20 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -163,8 +163,8 @@ path = "mkdocs.yml" [tool.hatch.envs.docs] detached = false [tool.hatch.envs.docs.scripts] -build = "mkdocs build --strict" -serve = "mkdocs serve --strict" +build = "mkdocs build" +serve = "mkdocs serve" deploy = "mkdocs gh-deploy --force" [tool.isort] From 0d7f131928b524eacbf08a6369743369f7241e1b Mon Sep 17 00:00:00 2001 From: Xianpeng Shen Date: Wed, 13 May 2026 22:13:58 +0300 Subject: [PATCH 5/5] Add DISABLE_MKDOCS_2_WARNING environment variable Set environment variable to disable MkDocs warning. --- .github/workflows/docs.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index ce86dd95..8ff1e228 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -9,6 +9,9 @@ on: schedule: - cron: '0 6 * * 6' +env: + DISABLE_MKDOCS_2_WARNING: true + concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }} cancel-in-progress: true