Skip to content

Scan your repository for unsafe urls and remove them so you don't get flagged, banned, or spread bad stuff!

License

Notifications You must be signed in to change notification settings

markbattistella/markdown-safe-link-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Repository files navigation

Markdown URL sanitiser - Github Action

Markdown URL Sanitiser

Help donate Buy me a coffee


Search and replace any unsafe urls in your repos using the Google Safe Browsing API

Background

I started with this tweet by @seanallen where he added a URL into a YouTube video description.

The URL became compromised within the week of adding it, and his channel was flagged with strike 1.

I realised there isn't anything out there to prevent this from happening to anyone's repository.

Usage

Github Action

  1. Get an API for Google Safe Browsing

  2. Add the step to your workflow (required minimum):

    # You can change this to use a specific version
    - uses: markbattistella/markdown-safe-links-action@v1
      with:
    
        # scope of markdown files (required)
        directory: "."
    
        # Google Safe Browsing API (required)
        api: ${{ secrets.GOOGLE_API }}
    
        # replace malicious urls text (required)
        replace: "~~UNSAFE_URL~~"
    
        # Github token (required)
        github_token: ${{ secrets.GITHUB_TOKEN }}

Configuration

Name Value Required Default Description
directory string Y '.' Scope of where to scan urls
api string Y nil Google API for scanning URLs
replace string Y ~~UNSAFE_URL~~ What to replace the URLs with
github_token string Y ${{ secrets.GITHUB_TOKEN }} Token for the repository
author_email string Github bot email Email for commit
author_name string Github Bot Name for commit
message string Sanitised URLs on DATE Message for commit
branch string main Destination branch to push changes
empty boolean false Allow empty commits
force boolean false Determines if force push is used

Examples

Normal use

name: Markdown URL Sanitiser
on:
  [push]
jobs:
  markdown-safe-link:
    name: markdown-safe-link
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Markdown Safe Link Sanitisation
        uses: markbattistella/[email protected]
        id: sanitise
        with:
          directory:  "."
          api: ${{ secrets.GOOGLE_API }}
          replace: "~~UNSAFE_URL~~"
          github_token: ${{ secrets.GITHUB_TOKEN }}

Full use

name: Markdown URL Sanitiser
on:
  [push]
jobs:
  markdown-safe-link:
    name: markdown-safe-link
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Markdown Safe Link Sanitisation
        uses: markbattistella/[email protected]
        id: sanitise
        with:
          directory:  "."
          api: ${{ secrets.GOOGLE_API }}
          replace: "~~UNSAFE_URL~~"
          github_token: ${{ secrets.GITHUB_TOKEN }}
          author_email: "[email protected]"
          author_name: "My Name"
          message: "Sanitised message - not default"
          branch: "master" # if your branch hasn't changed to `main`
          empty: true
          force: true

On CRON schedule

This is perfect if you want it to scan on an interval if you don't commit frequently.

name: Markdown URL Sanitiser
on:
  schedule:
  - cron: "30 1 * * *"
jobs:
  markdown-safe-link:
    name: markdown-safe-link
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - name: Markdown Safe Link Sanitisation
        uses: markbattistella/[email protected]
        id: sanitise
        with:
          directory:  "."
          api: ${{ secrets.GOOGLE_API }}
          replace: "~~UNSAFE_URL~~"
          github_token: ${{ secrets.GITHUB_TOKEN }}

Locally

You can use the node module from Github or from npm.

Installing it for the command line:

# locally
npm i @markbattistella/markdown-safe-link

# globally
npm i @markbattistella/markdown-safe-link -g