docs: simplify mermaid diagrams for visual clarity (#17) #56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Security | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| schedule: | |
| - cron: "0 0 * * 0" # Weekly on Sunday | |
| jobs: | |
| security-scan: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Check for secrets in documentation | |
| run: | | |
| # Check for common secret patterns in docs | |
| if grep -r -E '(api_key|secret|password|token).*=.*["\047][A-Za-z0-9+/]{20,}' docs/ README.md || true; then | |
| echo "Warning: Potential secrets found in documentation" | |
| fi | |
| - name: Check for hardcoded URLs with credentials | |
| run: | | |
| if grep -r -E 'https?://[^:]+:[^@]+@' docs/ README.md || true; then | |
| echo "Warning: URLs with credentials found in documentation" | |
| fi | |
| - name: Verify no .env files committed | |
| run: | | |
| if find . -name ".env*" -not -path "./.git/*" -not -name ".env.example" | grep -q .; then | |
| echo "Error: .env files should not be committed" | |
| exit 1 | |
| fi |