action.yml

name: 'Check Spelling'
description: 'Spell check code and commits'
author: 'jsoref'
branding:
  icon: 'edit-3'
  color: 'red'
inputs:
  GITHUB_TOKEN:
    description: 'The GITHUB_TOKEN secret'
    default: "${{ github.token }}"
    required: true
  bucket:
    description: 'Container for spelling configuration'
    required: false
  project:
    description: 'Folder/Branch within bucket containing spelling configuration'
    required: false
  config:
    description: 'Spelling configuration directory'
    default: ".github/actions/spelling"
    required: false
  experimental_path:
    description: 'Directory root to check for spelling (note that bucket/project/config are independent of this)'
    default: '.'
    required: false
  dictionary_url:
    description: "Location of dictionary (if you aren't providing one in your repository)"
    default: 'https://raw.githubusercontent.com/check-spelling/check-spelling/dictionary-$DICTIONARY_VERSION/dict.txt'
    required: false
  dictionary_version:
    description: 'Version of the dictionary (only used if the url includes $DICTIONARY_VERSION)'
    default: "20200211"
    required: false
  debug:
    description: 'Debug'
    required: false
  experimental_apply_changes_via_bot:
    description: '(Experimental) Allow users to quote-reply to the bot comment to update the PR'
    default: "0"
    required: false
  experimental_parallel_jobs:
    description: 'Number of CPUs available for running checks'
    required: false
    default: '2'
  post_comment:
    description: 'Post comment with report'
    required: false
    default: '1'
  capture_output_unknown_words:
    description: ''
    required: false
    deprecationMessage: 'Obsolete: outputs are always captured'
    default: ''
  capture_output_stale_words:
    description: ''
    deprecationMessage: 'Obsolete: outputs are always captured'
    required: false
    default: ''
  capture_output_skipped_files:
    description: ''
    deprecationMessage: 'Obsolete: outputs are always captured'
    required: false
    default: ''
  dictionary_source_prefixes:
    description: 'JSON map of prefixes for dictionary urls'
    required: false
    default: '{"cspell": "https://raw.githubusercontent.com/check-spelling/cspell-dicts/v20220816/dictionaries/"}'
  extra_dictionaries:
    description: 'Space delimited list of URLs (or `prefix:`+path) to additional word lists'
    required: false
    default: ''
  check_extra_dictionaries:
    description: 'Compare unknown tokens against these dictionaries and suggest if applicable'
    required: false
    default:
      cspell:ada/ada.txt
      cspell:aws/aws.txt
      cspell:bash/bash-words.txt
      cspell:clojure/src/clojure.txt
      cspell:companies/src/companies.txt
      cspell:cpp/src/compiler-clang-attributes.txt
      cspell:cpp/src/compiler-gcc.txt
      cspell:cpp/src/compiler-msvc.txt
      cspell:cpp/src/cpp.txt
      cspell:cpp/src/ecosystem.txt
      cspell:cpp/src/lang-jargon.txt
      cspell:cpp/src/lang-keywords.txt
      cspell:cpp/src/people.txt
      cspell:cpp/src/stdlib-c.txt
      cspell:cpp/src/stdlib-cerrno.txt
      cspell:cpp/src/stdlib-cmath.txt
      cspell:cpp/src/stdlib-cpp.txt
      cspell:cpp/src/template-strings.txt
      cspell:cryptocurrencies/cryptocurrencies.txt
      cspell:csharp/csharp.txt
      cspell:css/css.txt
      cspell:dart/src/dart.txt
      cspell:django/django.txt
      cspell:django/requirements.txt
      cspell:docker/src/docker-words.txt
      cspell:dotnet/dotnet.txt
      cspell:elixir/elixir.txt
      cspell:filetypes/filetypes.txt
      cspell:fonts/fonts.txt
      cspell:fullstack/fullstack.txt
      cspell:golang/go.txt
      cspell:haskell/haskell.txt
      cspell:html-symbol-entities/entities.txt
      cspell:html/html.txt
      cspell:java/java.txt
      cspell:latex/latex.txt
      cspell:latex/samples/sample-words.txt
      cspell:lorem-ipsum/dictionary.txt
      cspell:lua/lua.txt
      cspell:mnemonics/src/mnemonics.txt
      cspell:monkeyc/src/monkeyc_keywords.txt
      cspell:node/additional_words.txt
      cspell:node/node.txt
      cspell:node/src/node-old.txt
      cspell:npm/npm.txt
      cspell:php/php.txt
      cspell:powershell/powershell.txt
      cspell:public-licenses/src/additional-licenses.txt
      cspell:public-licenses/src/generated/public-licenses.txt
      cspell:python/src/additional_words.txt
      cspell:python/src/common/extra.txt
      cspell:python/src/python/python-lib.txt
      cspell:python/src/python/python.txt
      cspell:r/src/r.txt
      cspell:ruby/ruby.txt
      cspell:rust/rust.txt
      cspell:scala/scala.txt
      cspell:software-terms/src/network-os.txt
      cspell:software-terms/src/network-protocols.txt
      cspell:software-terms/src/software-terms.txt
      cspell:software-terms/src/software-tools.txt
      cspell:sql/src/sql.txt
      cspell:sql/src/tsql.txt
      cspell:swift/src/swift.txt
      cspell:typescript/typescript.txt
      cspell:win32/src/win32.txt
  extra_dictionary_limit:
    description: 'Limit the number of suggested extra dictionaries.'
    required: false
    default: '5'
  event_aliases:
    description: >-
      Try to treat a GitHub event "a" as GitHub event "b" (JSON map).
      If this flag was available before this tool recognized `pull_request_target`,
      `{"pull_request_target":"pull_request"}` would have mapped it to `pull_request`.
    required: false
    default: ''
  shortest_word:
    description: 'Shortest word'
    required: false
    default: '3'
  longest_word:
    description: 'Longest word'
    required: false
    default: ''
  experimental_commit_note:
    description: 'If set, commit updates to expect automatically with this note'
    required: false
    default: ''
  suppress_push_for_open_pull_request:
    description: "If set, do not do work in response to `push` if there is an open `pull` request to the repository for the branch (this assumes there's a `pull_request_target` event configured)."
    required: false
    default: ''
  report_title_suffix:
    description: 'Suffix for report title (useful if you are using a matrix strategy or are using experimental_path)'
    required: false
    default: ''
  only_check_changed_files:
    description: 'If set, only check files changed since the last push'
    required: false
    default: ''
  custom_task:
    description: 'Run an internal task instead of responding to a GitHub event. Values: "comment"'
    # This will be superseded by task
    required: false
    default: ''
  internal_state_directory:
    description: 'Used for passing internal state from the (default) check mode to the comment module'
    required: false
    default: ''
  check_file_names:
    description: 'Spell check file paths'
    required: false
    default: ''
  check_commit_messages:
    description: 'List of extra text to check (latest `commit` message, messages for pending `commits`, PR `title`, PR `description`)'
    required: false
    default: ''
  anonymize_secpoll_source:
    description: 'Perform secpoll queries via a public dns server'
    required: false
    default: ''
  ignore_security_advisory:
    description: 'Set to the value of the current security advisory to accept the reported risk -- value must match -- do not set if there is no current advisory'
    required: false
    default: ''
  largest_file:
    description: 'File size limit'
    required: false
    default: '1048576'
  unknown_word_limit:
    description: 'Only report an unknown word this many times'
    required: false
    default: '5'
  warnings:
    description: 'List of events that are warnings (items that are neither warnings nor notices will result in an :x:)'
    required: false
    default: bad-regex,binary-file,deprecated-feature,large-file,limited-references,no-newline-at-eof,noisy-file,non-alpha-in-dictionary,unexpected-line-ending,whitespace-in-dictionary,minified-file,unsupported-configuration
  notices:
    description: 'List of events that are notices (items that are neither warnings nor notices will result in an :x:)'
    required: false
    default: candidate-pattern
  quit_without_error:
    description: 'Suppress failure code exit code -- it will be available via outputs.result_code'
    required: false
    default: ''
  spell_check_this:
    description: 'Repository with default configuration to use if no configuration is found in a .github/actions/spelling directory'
    required: false
    default: ''
  ssh_key:
    description: 'Key for checking out / pushing to updates (and trigger workflow cascades)'
    required: false
    default: ''
  checkout:
    description: 'Whether to check out a repository'
    required: false
    default: ''
  task:
    description: 'Task to perform (spelling, comment, ...)'
    required: false
    default: ''
  disable_checks:
    description: 'Some heuristics might not do what you want, it may be possible to suppress them'
    required: false
    default: ''
  alternate_engine:
    description: 'Alternate engine to use'
    required: false
    default: ''
  alternate_engine_key:
    description: 'ssh key to retrieve alternate engine'
    required: false
    default: ''
  use_sarif:
    description: 'Publish Sarif report'
    required: false
    default: ''
  use_magic_file:
    description: 'Use magic file to skip binary files'
    required: false
    default: ''
  caller_container:
    description: "Hack for nektos/act - pass the outputs.docker_container to give check-spelling a way to retrieve data it needs to report a comment"
    required: false

outputs:
  unknown_words:
    description: "Unrecognized words (should be added to expect.txt)"
    value: ${{ steps.spelling.outputs.unknown_words }}
  stale_words:
    description: "Stale words (should be removed from expect.txt) as an output"
    value: ${{ steps.spelling.outputs.stale_words }}
  skipped_files:
    description: "Skipped files (could be added to excludes.txt)"
    value: ${{ steps.spelling.outputs.skipped_files }}
  suggested_dictionaries:
    description: "Suggested dictionaries (could be added to extra_dictionaries)"
    value: ${{ steps.spelling.outputs.suggested_dictionaries }}
  warnings:
    description: "Warnings"
    value: ${{ steps.spelling.outputs.warnings }}
  internal_state_directory:
    description: 'Used for passing internal state from the (default) check mode to the comment module'
    value: ${{ steps.spelling.outputs.internal_state_directory }}
  result_code:
    description: "Result (indicates unrecognized words were found or comment needs to be collapsed)"
    value: ${{ steps.spelling.outputs.result_code }}
  followup:
    description: "Next task"
    value: ${{ steps.spelling.outputs.followup }}
  docker_container:
    description: "Hack for nektos/act - pass to inputs.caller_container to give check-spelling a way to retrieve data it needs to report a comment"
    value: ${{ steps.spelling.outputs.docker_container }}

runs:
  using: 'composite'
  steps:
    - name: parse alternate engine
      id: parse-alternate-engine
      if: inputs.alternate_engine
      shell: bash
      run: |
        echo "repo=$(echo '${{ inputs.alternate_engine }}' | perl -pe 's/\@.*//')" >> "$GITHUB_OUTPUT"
        echo "branch=$(echo '${{ inputs.alternate_engine }}' | perl -ne 'next unless s/.*\@//; print')" >> "$GITHUB_OUTPUT"
    - name: alternate-engine
      if: inputs.alternate_engine
      uses: actions/checkout@v3
      with:
        path: alternate-engine
        repository: ${{ steps.parse-alternate-engine.outputs.repo }}
        ref: ${{ steps.parse-alternate-engine.outputs.branch }}
        ssh-key: ${{ inputs.alternate_engine_key }}
        persist-credentials: false
    - name: install-alternate-engine
      if: inputs.alternate_engine
      shell: bash
      run: |
        rsync --delete --exclude=.git -a alternate-engine/ "${{ github.action_path }}"
        rm -rf alternate-engine/
    - name: check-actions
      id: check-actions
      env:
        spellchecker: ${{ github.action_path }}
        GH_ACTION_REPOSITORY: ${{ github.action_repository || github.repository }}
        GH_ACTION_REF: ${{ github.action_ref || github.ref_name }}
      run:
        stdbuf -i0 -o0 -e0 "${{ github.action_path }}/secpoll.sh"
      shell: bash
    - name: checkout
      id: checkout-replacement
      if: inputs.checkout && inputs.checkout != 'false' && !inputs.custom_task && env.replace_v3_actions_checkout
      uses: check-spelling/actions-checkout@v3
      with:
        path: ${{ inputs.experimental_path }}
        ssh-key: ${{ inputs.ssh_key }}
        fetch-depth: ${{ !contains(inputs.check_commit_messages, 'commits') && '1' || '0' }}
        token: ${{ inputs.GITHUB_TOKEN }}
    - name: checkout
      if: inputs.checkout && inputs.checkout != 'false' && !inputs.custom_task && !env.replace_v3_actions_checkout
      uses: actions/checkout@v3
      with:
        path: ${{ inputs.experimental_path }}
        ssh-key: ${{ inputs.ssh_key }}
        fetch-depth: ${{ !contains(inputs.check_commit_messages, 'commits') && '1' || '0' }}
        token: ${{ inputs.GITHUB_TOKEN }}
    - name: checkout-merge
      if: (contains(github.event_name, 'pull_request')) && (inputs.checkout && inputs.checkout != 'false' && !inputs.custom_task && !inputs.task)
      uses: check-spelling/checkout-merge@v0.0.3
      with:
        path: ${{ inputs.experimental_path }}
    - name: save sha
      if: (contains(github.event_name, 'pull_request')) && (inputs.checkout && inputs.checkout != 'false' && !inputs.custom_task && !inputs.task) && inputs.use_sarif
      shell: bash
      run: |
        cd "${{ inputs.experimental_path }}"
        git show HEAD
        PRIVATE_SARIF_REF="refs/pull/${{ github.event.pull_request.number }}/merge"
        echo "PRIVATE_SARIF_REF=$PRIVATE_SARIF_REF" >> "$GITHUB_ENV"
        git fetch origin "$PRIVATE_SARIF_REF"
        echo "PRIVATE_SARIF_SHA=$(git rev-parse FETCH_HEAD)" >> "$GITHUB_ENV"
    - name: prepare
      if: inputs.task && inputs.task != 'spelling' && (!env.ACT || github.token)
      run: |
        mkdir -p /tmp/data;
        echo "INPUT_INTERNAL_STATE_DIRECTORY=/tmp/data" >> "$GITHUB_ENV"
      shell: bash
    - name: retrieve-comment
      if: inputs.task && inputs.task != 'spelling' && (!env.ACT || github.token)
      uses: actions/download-artifact@v3
      with:
        name: "check-spelling-comment"
        path: /tmp/data
    - name: check-spelling
      id: spelling
      if: env.MERGE_FAILED != '1'
      env:
        INPUTS: ${{ toJSON(inputs) }}
        DEBUG: ${{ inputs.debug }}
        spellchecker: ${{ github.action_path }}
        GH_ACTION_REPOSITORY: ${{ github.action_repository || github.repository }}
        GH_ACTION_REF: ${{ github.action_ref || github.ref_name }}
      run:
        stdbuf -i0 -o0 -e0 "${{ github.action_path }}/unknown-words.sh"
      shell: bash
    - name: store-comment
      if: (contains(github.event_name, 'pull_request') ||
          github.event_name == 'push') &&
        inputs.custom_task != 'comment' &&
        (failure() || steps.spelling.outputs.followup) &&
        steps.spelling.outputs.internal_state_directory
      uses: actions/upload-artifact@v3
      with:
        name: "check-spelling-comment"
        path: |
          ${{ steps.spelling.outputs.internal_state_directory }}
    - name: Shim Sarif
      id: shim-sarif
      if: (success() || failure()) && env.UPLOAD_SARIF != '' && env.PRIVATE_SARIF_SHA != ''
      shell: bash
      run: |
        cd "${{ inputs.experimental_path }}"
        git reset "$PRIVATE_SARIF_SHA"
    - name: artifact-sarif
      id: artifact-sarif
      if: (success() || failure()) && env.UPLOAD_SARIF != ''
      uses: actions/upload-artifact@v3
      with:
        name: "check-spelling-sarif"
        retention-days: 1
        path: |
          ${{ env.UPLOAD_SARIF }}
    - name: upload-sarif
      id: upload-sarif
      if: always() && env.UPLOAD_SARIF != ''
      uses: github/codeql-action/upload-sarif@v2
      with:
        wait-for-processing: false
        sarif_file: ${{ env.UPLOAD_SARIF }}
        category: check-spelling
        checkout_path: ${{ inputs.experimental_path }}
        ref: ${{ env.PRIVATE_SARIF_REF }}
        sha: ${{ env.PRIVATE_SARIF_SHA }}