.github/workflows/publish.yml

@@ -1,48 +1,34 @@
-# https://docusaurus.io/docs/deployment#triggering-deployment-with-github-actions
+# https://docusaurus.io/docs/deployment#deploying-to-github-pages
 name: publish
 
 on:
   push:
     branches: [main]
-  
+
 jobs:
-  build:
-    name: Build Docusaurus
+  publish:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-          
-      - uses: actions/setup-node@v5
+      - uses: actions/checkout@v1
+      - uses: actions/setup-node@v1
         with:
           node-version: "20.x"
-          cache: yarn
-        
+      - uses: webfactory/ssh-agent@v0.5.0
+        with:
+          ssh-private-key: ${{ secrets.GH_PAGES_DEPLOY }}
       - name: Release to GitHub Pages
         working-directory: foomo
+        env:
+          USE_SSH: true
+          GIT_USER: git
         run: |
-          yarn install --frozen-lockfile
-          npm run build
-          
-      - uses: actions/upload-pages-artifact@v3
-        with:
-          path: foomo/build
-  
-  deploy:
-    name: Deploy to GitHub Pages
-    runs-on: ubuntu-latest
-    needs: build
-
-    permissions:
-      pages: write
-      id-token: write
-
-    environment:
-      name: github-pages
-      url: ${{ steps.deployment.outputs.page_url }}
-
-    steps:
-      - name: Deploy to GitHub Pages
-        id: deployment
-        uses: actions/deploy-pages@v4
+          git config --global user.email "publisher@foomo.org"
+          git config --global user.name "gh-actions"
+          if [ -e yarn.lock ]; then
+            yarn install --frozen-lockfile
+          elif [ -e package-lock.json ]; then
+            npm ci
+          else
+            npm i
+          fi
+          npm run deploy

.github/workflows/validate.yml

@@ -1,26 +1,26 @@
-# https://docusaurus.io/docs/deployment#triggering-deployment-with-github-actions
+# https://docusaurus.io/docs/deployment#deploying-to-github-pages
 name: validate
 
 on:
   pull_request:
     branches: [main]
-  workflow_dispatch:
 
 jobs:
   validate:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
-        with:
-          fetch-depth: 0
-          
-      - uses: actions/setup-node@v5
+      - uses: actions/checkout@v1
+      - uses: actions/setup-node@v1
         with:
           node-version: "20.x"
-          cache: yarn
-          
       - name: Test Build
         working-directory: foomo
         run: |
-          yarn install --frozen-lockfile
+          if [ -e yarn.lock ]; then
+            yarn install --frozen-lockfile
+          elif [ -e package-lock.json ]; then
+            npm ci
+          else
+            npm i
+          fi
           npm run build

foomo/docs/security/pentests.md

@@ -212,8 +212,8 @@ Repository documents referenced:
 
 Canonical references:
 
-- OWASP WSTG v4.2: [https://owasp.org/www-project-web-security-testing-guide/]
-- OWASP API Security Top‑10: [https://owasp.org/API-Security/]
-- CVSS v3.1: [https://www.first.org/cvss/]
+- OWASP WSTG v4.2: <https://owasp.org/www-project-web-security-testing-guide/>
+- OWASP API Security Top‑10: <https://owasp.org/API-Security/>
+- CVSS v3.1: <https://www.first.org/cvss/>