body: output
            })
  # check that only released Gradle versions are used in the wrapper
  check_wrapper:
    permissions:
      contents: read
    runs-on: ubuntu-latest

    steps:
      - name: Checkout code
        uses: actions/checkout@v6
        with:
          fetch-depth: 0
      - name: Check used wrapper
        run: |
          set -eu

name: "Check markdown links"

on:
  push:
    branches:
      - master
  pull_request:
  workflow_dispatch:

permissions: {}

jobs:
  check-links:
    permissions:
      contents: read
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v6

      - name: Check links
        uses: lycheeverse/lychee-action@v2.7.0
        with:
          # excluded:

      - name: GitHub CODEOWNERS Validator
        uses: mszostok/codeowners-validator@v0.7.4
        with:
          checks: "files,duppatterns,syntax"
          experimental_checks: "notowned,avoid-shadowing"

      # downgrading to 0.7.2 for owners check to avoid issues with token permissions check,
      # see https://github.com/mszostok/codeowners-validator/issues/224
      - name: GitHub CODEOWNERS Validator

		check(t, "TestBasicOperations (1)", &buf, "")

		buf.Reset()
		check(t, "TestBasicOperations (2)", &buf, "")

		buf.Truncate(0)
		check(t, "TestBasicOperations (3)", &buf, "")

		n, err := buf.Write(testBytes[0:1])
		if want := 1; err != nil || n != want {
			t.Errorf("Write: got (%d, %v), want (%d, %v)", n, err, want, nil)
		}
		check(t, "TestBasicOperations (4)", &buf, "a")

    rev: v6.0.0
    hooks:
      - id: check-added-large-files
        args: ['--maxkb=750']
      - id: check-toml
      - id: check-yaml
        args:
        - --unsafe
      - id: end-of-file-fixer
      - id: trailing-whitespace

  - repo: local
    hooks:
      - id: local-ruff-check
        name: ruff check
        entry: uv run ruff check --force-exclude --fix --exit-non-zero-on-fix

                                        <div class="form-check">
                                            <la:checkbox styleId="webApiJson" styleClass="form-check-input" property="webApiJson"/>
                                            <label for="webApiJson" class="form-check-label">
                                                 <la:message key="labels.enabled"/>

                                        <div class="form-check">
                                            <la:checkbox styleId="jobLogging" styleClass="form-check-input" property="jobLogging"/>
                                            <label for="jobLogging" class="form-check-label">
                                                <la:message key="labels.enabled"/>

    subprocess.run(
        ["git", "config", "user.email", "github-actions[bot]@users.noreply.github.com"],
        check=True,
    )
    branch_name = f"fastapi-topic-repos-{secrets.token_hex(4)}"
    logging.info(f"Creating a new branch {branch_name}")
    subprocess.run(["git", "checkout", "-b", branch_name], check=True)
    logging.info("Adding updated file")

    subprocess.run(
        ["git", "config", "user.email", "github-actions[bot]@users.noreply.github.com"],
        check=True,
    )
    branch_name = f"fastapi-people-sponsors-{secrets.token_hex(4)}"
    logging.info(f"Creating a new branch {branch_name}")
    subprocess.run(["git", "checkout", "-b", branch_name], check=True)
    logging.info("Adding updated file")

name: Scorecard supply-chain security
on:
  # For Branch-Protection check. Only the default branch is supported. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
  branch_protection_rule:
  # To guarantee Maintained check is occasionally updated. See
  # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
  schedule:
    - cron: '45 9 * * 0'
  push:
    branches: [ "master" ]