maxmind · horgh · Jun 5, 2026 · Jun 4, 2026 · Jun 4, 2026 · Jun 5, 2026
diff --git a/.github/workflows/links.yml b/.github/workflows/links.yml
@@ -0,0 +1,32 @@
+name: Links
+
+on:
+  push:
+  pull_request:
+  schedule:
+    - cron: "0 13 * * 1" # weekly, to catch external link rot without a commit
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  linkChecker:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        with:
+          persist-credentials: false
+
+      - name: Setup mise
+        uses: jdx/mise-action@6d1e696aa24c1aa1bcc1adea0212707c71ab78a8 # v3.6.1
+        with:
+          install: false
+
+      # Install only lychee (not the repo's full toolchain) and run the check.
+      - name: Check links
+        env:
+          MISE_AUTO_INSTALL: "false"
+        run: |
+          mise install lychee
+          mise run check-links
diff --git a/.gitignore b/.gitignore
@@ -46,3 +46,4 @@ Makefile.in
 Testing/
 install_manifest.txt
 build/
+.lycheecache
diff --git a/README.dev.md b/README.dev.md
@@ -20,7 +20,8 @@ You may want to refer to the section about prerequisites.
 In order to upload a PPA, you have to create a launchpad.net account and
 register a GPG key with that account. You also need to be added to the MaxMind
 team. Ask in the dev channel for someone to add you. See
-https://help.launchpad.net/Packaging/PPA for more details.
+https://documentation.ubuntu.com/launchpad/user/reference/packaging/ppas/ppa/
+for more details.
 
 The PPA release script is at `dev-bin/ppa-release.sh`. Running it should guide
 you though the release, although it may require some changes to run on
@@ -40,7 +41,7 @@ non-trivial update to the formula or in the case where we want the Homebrew
 version updated promptly for some reason.
 
 - Go to
-  https://github.com/Homebrew/homebrew-core/edit/master/Formula/libmaxminddb.rb
+  https://github.com/Homebrew/homebrew-core/blob/main/Formula/lib/libmaxminddb.rb
 - Edit the file to update the url and sha256. You can get the sha256 for the
   tarball with the `sha256sum` command line utility.
 - Make a commit with the summary `libmaxminddb <VERSION>`

diff --git a/README.md b/README.md
@@ -128,7 +128,7 @@ You can install libmaxminddb on macOS using [Homebrew](https://brew.sh):
 brew install libmaxminddb
 ```
 
-Or with [MacPorts](https://ports.macports.org/port/libmaxminddb):
+Or with [MacPorts](https://ports.macports.org/port/libmaxminddb/):
 
 ```bash
 sudo port install libmaxminddb

diff --git a/lychee.toml b/lychee.toml
@@ -0,0 +1,60 @@
+# Lychee link checker configuration
+# https://lychee.cli.rs/#/usage/config
+#
+# Run locally with:
+#   lychee './**/*.md' './src/**/*.c' './include/**/*.h'
+
+# Include URL fragments in checks
+include_fragments = true
+
+# Don't allow any redirects, so links that have moved are surfaced and updated
+# to their canonical destination.
+max_redirects = 0
+
+# Accept these HTTP status codes
+# 100-103: Informational responses
+# 200-299: Success responses
+# 403: Forbidden (some sites use this for rate limiting)
+# 429: Too Many Requests
+# 500-599: Server errors (temporary issues shouldn't fail CI)
+# 999: LinkedIn's custom status code
+accept = ["100..=103", "200..=299", "403", "429", "500..=599", "999"]
-accept = ["100..=103", "200..=299", "403", "429", "500..=599", "999"]
+accept = ["100..=103", "200..=299", "403", "429", "999"]
-accept = ["100..=103", "200..=299", "403", "429", "500..=599", "999"]
+accept = ["100..=103", "200..=299", "403", "429", "999"]
+
+# Exclude URL patterns from checking (treated as regular expressions)
+exclude = [
+    # Local / template file URLs (e.g. Hugo layout placeholders)
+    '^file://',
+    # Live / auth-gated endpoints that require login or are queried at runtime
+    '^https://geoip\.maxmind\.com',
+    '^https://geolite\.info',
+    '^https://updates\.maxmind\.com',
+    '^https://www\.maxmind\.com/en/accounts/',
+    # Placeholders / local
+    '^https?://example\.(com|org|net)',
+    '^http://localhost',
+    '127\.0\.0\.1',
+]
+
+# Exclude file paths from getting checked (treated as regular expressions)
+exclude_path = [
+    '(^|/)\.git/',
+    # Build / generated directories
+    '(^|/)build/',
+    '(^|/)\.libs/',
+    '(^|/)autom4te\.cache/',
+    '(^|/)generated/',
+    # Generated Hugo site output
+    '(^|/)docs/public/',
+    # Vendored submodules and test harness/fixtures
+    '(^|/)maxmind-db/',
+    '(^|/)t/',
+    # Changelog: historical entries are preserved as-is, not rewritten
+    '(^|/)Changes\.md$',
+]
+
+# Cache results for 1 day to speed up repeated checks
+cache = true
+max_cache_age = "1d"
+
+# Skip missing input files instead of erroring
+skip_missing = true
diff --git a/mise.lock b/mise.lock
@@ -338,6 +338,34 @@ url = "https://github.com/gohugoio/hugo/releases/download/v0.161.1/hugo_0.161.1_
 checksum = "sha256:7f8d030b37600c60bf2a782611257e6a768934fbe7724c1f3a1a501e6724cf0d"
 url = "https://github.com/gohugoio/hugo/releases/download/v0.161.1/hugo_0.161.1_windows-amd64.zip"
 
+[[tools.lychee]]
+version = "0.23.0"
+backend = "aqua:lycheeverse/lychee"
+
+[tools.lychee."platforms.linux-arm64"]
+checksum = "sha256:97eb93b02a7d78a752fc33e5b0983439ccaadbf3db952b68a0a4401acd92e6e0"
+url = "https://github.com/lycheeverse/lychee/releases/download/lychee-v0.23.0/lychee-aarch64-unknown-linux-gnu.tar.gz"
+
+[tools.lychee."platforms.linux-arm64-musl"]
+checksum = "sha256:97eb93b02a7d78a752fc33e5b0983439ccaadbf3db952b68a0a4401acd92e6e0"
+url = "https://github.com/lycheeverse/lychee/releases/download/lychee-v0.23.0/lychee-aarch64-unknown-linux-gnu.tar.gz"
+
+[tools.lychee."platforms.linux-x64"]
+checksum = "sha256:5538440d2c69a45a0a09983271e5dee0c2fe7137d8035d25b2632e10a66a090a"
+url = "https://github.com/lycheeverse/lychee/releases/download/lychee-v0.23.0/lychee-x86_64-unknown-linux-musl.tar.gz"
+
+[tools.lychee."platforms.linux-x64-musl"]
+checksum = "sha256:5538440d2c69a45a0a09983271e5dee0c2fe7137d8035d25b2632e10a66a090a"
+url = "https://github.com/lycheeverse/lychee/releases/download/lychee-v0.23.0/lychee-x86_64-unknown-linux-musl.tar.gz"
+
+[tools.lychee."platforms.macos-arm64"]
+checksum = "sha256:4c8034900e11083b68ac6f6582c377ff1f704e268991999e09d717973e493e7f"
+url = "https://github.com/lycheeverse/lychee/releases/download/lychee-v0.23.0/lychee-arm64-macos.dmg"
+
+[tools.lychee."platforms.windows-x64"]
+checksum = "sha256:0fda7ff0a60c0250939fc25361c2d4e6e7853c31c996733fdd5a1dd760bcb824"
+url = "https://github.com/lycheeverse/lychee/releases/download/lychee-v0.23.0/lychee-x86_64-windows.exe"
+
 [[tools.node]]
 version = "25.6.1"
 backend = "core:node"

diff --git a/mise.toml b/mise.toml
@@ -9,6 +9,7 @@ disable_backends = [
 
 [tools]
 hugo = "latest"
+lychee = "latest"
 node = "latest"
 "pipx:clang-format" = "21.1.8"
 "github:houseabsolute/precious" = "latest"
@@ -21,3 +22,7 @@ run = "hugo --source docs --minify"
 [tasks.serve-docs]
 description = "Serve the docs site locally with Hugo dev server"
 run = "hugo server --source docs"
+
+[tasks.check-links]
+description = "Check links with lychee"
+run = "lychee --no-progress './**/*.md' './src/**/*.c' './include/**/*.h'"