Update check-spelling/check-spelling action to v0.0.24

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
check-spelling/check-spelling	action	patch	v0.0.22 -> v0.0.24

---

Release Notes

check-spelling/check-spelling (check-spelling/check-spelling)

v0.0.24: Release 0.0.24

Compare Source

⏩ Upgrading

• 🏷️ Test first on a branch by changing your workflow tags/references to this release. See 🐣 Breaking Changes for how to adapt your workflow.
• 🐛 See Known Issues for known issues

✨ Highlights

• SARIF reporting should work for push events and workflows that use checkout: true
• If you use a second job for commenting and the most recent comment was collapsed in response to a previous commit and the latest commit doesn't trigger a new comment, a new job will be not be dispatched
• Files with Mac OS classic line endings (\r) should be properly handled (previously they'd erroneously trigger a minified-file warning)

🐛 Known issues

Check the list of regressions with target milestone v0.0.25 for more information about issues that should be fixed soon.

• Running the check-spelling action on Windows runners doesn't work
  • This appears to be an incompatibility involving StrawberryPerl, cpanm, and ExtUtils::Manifest
  • Note that running check-spelling on a GitHub hosted runner other than ubuntu-* doesn't really
    make sense as the Windows and macOS runners are much more expensive per minute and check-spelling
    itself doesn't need any facilities from the OS -- it should be checking the spelling of files
    as they are present in commits.
  • While the check-spelling action won't work on Windows, apply.pl and the output check-spelling produces are expected to work on Windows.

Full Changelog

v0.0.23: Release 0.0.23

Compare Source

⏩ Upgrading

• 🏷️ Test first on a branch by changing your workflow tags/references to this release. See 🐣 Breaking Changes for how to adapt your workflow.
• 🐛 See Known Issues for known issues

🐣 Breaking Changes

use_magic_file is now enabled by default

Background

magic file enables check-spelling to automatically recognize more files to exclude. It has been pretty reliable/helpful.

Migrating

When you upgrade, if there are files that magic file detects as worthy of excluding, it will suggest adding them to excludes. If they turn out to be files that shouldn't be excluded, you can add use_magic_file: 0 to turn it off (and please file an issue with a sample showing why the files were falsely suggested for exclusion).

If you had previously set use_magic_file: 1, you can remove that setting, as that's now the new default. (You can also leave the value set, it's basically harmless, but it is now superfluous.)

cache-dictionaries has been removed

... along with all other caching -- check-spelling should be faster now than in previous versions, so the lack of this caching shouldn't be a concern.

Migrating

If you're using this setting, just remove it (you'll get a warning from GitHub when the workflow runs).

check-spelling now requires actions/upload-artifact@v4 / actions/checkout@v4

It is quite possible that GHES does not support these yet.

Migrating

Users of GHES instances that don't have access to those actions should not upgrade until they're available.

Comment block before forbidden-patterns is now shown when patterns are tripped

When a forbidden-pattern matches content, lines immediately preceding it that start with # will be shown in the GitHub Step Summary.

Migrating

You should change such comments to start with # (a single # that isn't followed by a space is assumed to be a commented out pattern). And you should ensure that comments are easy for readers to understand.

For example, in spell-check-this, lines that used to say # s.b. ... have been changed to # Should be ...

See 💬 Report associated comment for forbidden patterns

Events not listed in warnings and notices will not be promoted to errors

Events can now be categorized directly. In previous versions, anything not set via warnings/notices would be promoted to errors. In this release, events have default states and if you want to make something else an error, you need to set it via errors.

https://github.com/check-spelling/check-spelling/wiki/Feature%3A-Set-event-severity

• introduce ignored events (this takes priority over the other cases)
• introduce errors events (this allows explicit promotion to error)
• fixes using notices to demote events

Migrating

If you're using warnings:/notices:, you can consider moving things to ignored: and errors: instead.
If you like the defaults, you can also just remove the warnings:/notices: fields.

✨ Highlights

• ⚡ The action should start faster because GitHub will only download the dependencies it needs as it uses them instead of eagerly

• 🏃 Run from command line

• 💬 There's now a summary for forbidden pattern matches with each matching pattern's description listed before the pattern (similar to how candidate patterns works)

• Fix unknown word reporting when one of the items is x'abc

• Add inputs.wait-for-sarif-processing -- by default check-spelling uploads sarif files asynchronously and finishes its work. If you want to see error reports from the sarif upload you can enable this feature

• Improve talk-to-bot message for step summary

• Provide better messaging for checkout failures

  • Prevent merge conflicts/missing merge commits with sarif reporting enabled from triggering a failure

• Drop html dictionaries that are proper subsets

• Include commands to create a merge when someone creates a PR to a branch with check-spelling and their head branch doesn't have check-spelling.

• Remove confusing warning message

• Automatically detect available CPUs

  GitHub runners now have 4 cpu for open source repositories instead of 2 for Windows/Linux:
  https://github.blog/2024-01-17-github-hosted-runners-double-the-power-for-open-source/

• Replace actions/download-artifact with gh

• Detect missing permissions: actions: read

  Reference:
  https://github.com/check-spelling/check-spelling/wiki/Workflow-Permissions#contents-read

• Add support for checkout-token

  The expectation is that this be a fine-grained token PAT with just Contents: (Read-only|Read and write) as applicable

• Add support for sarif-token

  The expectation is that this be a fine-grained token PAT with just "Code scanning alerts"

• Warn about compounded words in expect files -- previously words in expect files that weren't valid were just ignored -- now you'll see a message explaining that they being ignored

• Add support for comments in expect files (use # as the comment prefix)

• Add inputs.unrecognized-words-before-collapsing

  To have check-spelling always collapse the unknown word list, set the value to 0.

• Explain how case folding is handled

• Rewrite "previously acknowledged" message

• Suggest patterns for files without unknown words

• Tolerate 502 errors from GitHub

• Improve handling for PRs from forks

• Improve links to PR checks from Push event

• Handle suppress_push_for_open_pull_request when there's no on: / pull_request(_target) event handler

• Use ⚠️ icon for warnings

• Add support for running unknown-words.sh standalone -- without a GitHub environment

• Remove GitHub caching

• Improve apply.pl

  Structure apply.pl around Capture::Tiny, but don't actually use it because it isn't included with Perl.

🐛 Known issues

Check the list of regressions with target milestone v0.0.24 for more information about issues that should be fixed soon.

• SARIF reporting is broken for push events and workflows that don't use checkout: true https://github.com/check-spelling/check-spelling/issues/71

• If you use a second job for commenting and the most recent comment was collapsed in response to a previous commit and the latest commit doesn't trigger a new comment, a new job will be dispatched needlessly to try to collapse the comment again. https://github.com/check-spelling/check-spelling/issues/70

  • For open source repositories, this probably just means you're spending a minute of cpu time that could be used by another job in your org
  • For private repositories, this time is billable
  • This is fixed in prerelease so if it's a problem for your repository you should be able to pin to a fixed release

• Running the check-spelling action on Windows runners doesn't work

  • This appears to be an incompatibility involving StrawberryPerl, cpanm, and ExtUtils::Manifest
  • Note that running check-spelling on a GitHub hosted runner other than ubuntu-* doesn't really
    make sense as the Windows and macOS runners are much more expensive per minute and check-spelling
    itself doesn't need any facilities from the OS -- it should be checking the spelling of files
    as they are present in commits.
  • While the check-spelling action won't work on Windows, apply.pl and the output check-spelling produces are expected to work on Windows.

Full Changelog

---

Note that there are 200 commits in this release, the above is not a complete list of features.

---

Configuration

📅 Schedule: Branch creation - "after 7am and before 11am every weekday" in timezone Europe/London, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

@check-spelling-bot Report

🔴 Please review

See the 📂 files view, the 📜action log, or 📝 job summary for details.

Unrecognized words (4)

optimisation
prioritisation
roadmap
webpage

To accept these unrecognized words as correct, you could run the following commands

... in a clone of the [email protected]:hmcts/hmcts.github.io.git repository
on the renovate/check-spelling-check-spelling-0.x branch (ℹ️ how do I use this?):

curl -s -S -L 'https://raw.githubusercontent.com/check-spelling/check-spelling/v0.0.24/apply.pl' |
perl - 'https://github.com/hmcts/hmcts.github.io/actions/runs/11631456446/attempts/1'

---

🖊️ Please consider adding a word to the allow list if it is flagged as a spelling error but is genuinely used within the project.
🤔 Think we might see a flagged mistake in another PR in the future? Please consider adding it as an expected pattern.