build(deps): bump actions/checkout from 5 to 6 in the dependencies group (#40)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Romain Lespinasse <romain.lespinasse@gmail.com>

.github/CODEOWNERS

@@ -0,0 +1 @@
+*       @rlespinasse

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,23 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: bug
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Additional context**
+Add any other context about the problem here.

.github/ISSUE_TEMPLATE/feature_request.md

@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: enhancement
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.

.github/dependabot.yml

@@ -0,0 +1,11 @@
+version: 2
+updates:
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'weekly'
+    groups:
+      dependencies:
+        patterns:
+          - '*'
+    labels: []

.github/workflows/linter.yml

@@ -0,0 +1,30 @@
+---
+name: Lint Code Base
+
+on: pull_request
+
+permissions: read-all
+
+jobs:
+  build:
+    name: Lint Code Base
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: read
+      statuses: write
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v6
+        with:
+          # Full git history is needed to get a proper
+          # list of changed files within `super-linter`
+          fetch-depth: 0
+
+      - name: Lint Code Base
+        uses: super-linter/super-linter@v8
+        env:
+          VALIDATE_ALL_CODEBASE: false
+          VALIDATE_GITHUB_ACTIONS_ZIZMOR: false
+          VALIDATE_YAML_PRETTIER: false
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/slugify-value.yaml

@@ -1,9 +1,15 @@
+---
 name: Slugify Value
 on:
   push:
     branches:
       - v1.x
   pull_request:
+  
+permissions: read-all
+
+# Disable line length check due to the content of the tests
+# yamllint disable rule:line-length
 jobs:
   os-testing:
     strategy:
@@ -13,7 +19,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v6
 
       # Test 1
       - name: Slugify key only
@@ -24,7 +30,11 @@ jobs:
         env:
           KEY_ONLY: "refs/head/$-Key_Only.test--value-%-+"
       - name: Validate // Slugify key only
+        # Disable SC2193 because the first line of the test is flag by shellcheck
+        # as the comparison can never be equal but the test pass.
+        # Seem a false-positive due to the test context.
         run: |
+          # shellcheck disable=SC2193
           [[ "${{ env.KEY_ONLY }}" == "refs/head/$-Key_Only.test--value-%-+" ]]
           [[ "${{ env.KEY_ONLY_SLUG }}" == "key_only.test--value" ]]
           [[ "${{ env.KEY_ONLY_SLUG_CS }}" == "Key_Only.test--value" ]]
@@ -79,8 +89,8 @@ jobs:
       - name: Validate // Slugify with another max length
         run: |
           [[ "${{ env.ANOTHER_MAX_LENGTH }}" == "Never gonna give you up Never gonna let you down" ]]
-          [[ "${{ env.ANOTHER_MAX_LENGTH_SLUG }}" == "never-gonna-give-you-up-" ]]
-          [[ "${{ env.ANOTHER_MAX_LENGTH_SLUG_CS }}" == "Never-gonna-give-you-up-" ]]
+          [[ "${{ env.ANOTHER_MAX_LENGTH_SLUG }}" == "never-gonna-give-you-up" ]]
+          [[ "${{ env.ANOTHER_MAX_LENGTH_SLUG_CS }}" == "Never-gonna-give-you-up" ]]
           [[ "${{ env.ANOTHER_MAX_LENGTH_SLUG_URL }}" == "never-gonna-give-you-up" ]]
           [[ "${{ env.ANOTHER_MAX_LENGTH_SLUG_URL_CS }}" == "Never-gonna-give-you-up" ]]
         shell: bash
@@ -166,14 +176,23 @@ jobs:
 
   release:
     runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      issues: write
+      id-token: write
+      packages: write
     concurrency:
       group: release-${{ github.ref }}
     needs:
       - os-testing
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v6
+        with:
+          persist-credentials: false
 
       # Release
       - name: Release this GitHub Action
         uses: rlespinasse/release-that@v1
+        with:
+          github-token: ${{ secrets.GH_TOKEN }}

CODE_OF_CONDUCT.md

@@ -6,8 +6,8 @@ We as members, contributors, and leaders pledge to make participation in our
 community a harassment-free experience for everyone, regardless of age, body
 size, visible or invisible disability, ethnicity, sex characteristics, gender
 identity and expression, level of experience, education, socio-economic status,
-nationality, personal appearance, race, religion, or sexual identity
-and orientation.
+nationality, personal appearance, race, caste, color, religion, or sexual
+identity and orientation.
 
 We pledge to act and interact in ways that contribute to an open, welcoming,
 diverse, inclusive, and healthy community.
@@ -22,17 +22,17 @@ community include:
 * Giving and gracefully accepting constructive feedback
 * Accepting responsibility and apologizing to those affected by our mistakes,
   and learning from the experience
-* Focusing on what is best not just for us as individuals, but for the
-  overall community
+* Focusing on what is best not just for us as individuals, but for the overall
+  community
 
 Examples of unacceptable behavior include:
 
-* The use of sexualized language or imagery, and sexual attention or
-  advances of any kind
+* The use of sexualized language or imagery, and sexual attention or advances of
+  any kind
 * Trolling, insulting or derogatory comments, and personal or political attacks
 * Public or private harassment
-* Publishing others' private information, such as a physical or email
-  address, without their explicit permission
+* Publishing others' private information, such as a physical or email address,
+  without their explicit permission
 * Other conduct which could reasonably be considered inappropriate in a
   professional setting
 
@@ -52,7 +52,7 @@ decisions when appropriate.
 
 This Code of Conduct applies within all community spaces, and also applies when
 an individual is officially representing the community in public spaces.
-Examples of representing our community include using an official e-mail address,
+Examples of representing our community include using an official email address,
 posting via an official social media account, or acting as an appointed
 representative at an online or offline event.
 
@@ -60,7 +60,7 @@ representative at an online or offline event.
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
 reported to the community leaders responsible for enforcement at
-romain.lespinasse@gmail.com.
+<romain.lespinasse@gmail.com>.
 All complaints will be reviewed and investigated promptly and fairly.
 
 All community leaders are obligated to respect the privacy and security of the
@@ -82,15 +82,15 @@ behavior was inappropriate. A public apology may be requested.
 
 ### 2. Warning
 
-**Community Impact**: A violation through a single incident or series
-of actions.
+**Community Impact**: A violation through a single incident or series of
+actions.
 
 **Consequence**: A warning with consequences for continued behavior. No
 interaction with the people involved, including unsolicited interaction with
 those enforcing the Code of Conduct, for a specified period of time. This
 includes avoiding interactions in community spaces as well as external channels
-like social media. Violating these terms may lead to a temporary or
-permanent ban.
+like social media. Violating these terms may lead to a temporary or permanent
+ban.
 
 ### 3. Temporary Ban
 
@@ -106,23 +106,27 @@ Violating these terms may lead to a permanent ban.
 ### 4. Permanent Ban
 
 **Community Impact**: Demonstrating a pattern of violation of community
-standards, including sustained inappropriate behavior,  harassment of an
+standards, including sustained inappropriate behavior, harassment of an
 individual, or aggression toward or disparagement of classes of individuals.
 
-**Consequence**: A permanent ban from any sort of public interaction within
-the community.
+**Consequence**: A permanent ban from any sort of public interaction within the
+community.
 
 ## Attribution
 
 This Code of Conduct is adapted from the [Contributor Covenant][homepage],
-version 2.0, available at
-https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
 
-Community Impact Guidelines were inspired by [Mozilla's code of conduct
-enforcement ladder](https://github.com/mozilla/diversity).
-
-[homepage]: https://www.contributor-covenant.org
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
 
 For answers to common questions about this code of conduct, see the FAQ at
-https://www.contributor-covenant.org/faq. Translations are available at
-https://www.contributor-covenant.org/translations.
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
+[https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations

CONTRIBUTING.md

@@ -0,0 +1,33 @@
+# How to contribute to Slugify Value
+
+## Did you find a bug
+
+* **Do not open up a GitHub issue if the bug is a security vulnerability**, and instead to refer to our [security policy][1].
+
+* **Ensure the bug was not already reported** by searching on GitHub under [Issues][2].
+
+* If you're unable to find an open issue addressing the problem, [open a 'Bug' issue][4].
+Be sure to include a **title and clear description**, as much relevant information as possible, and a **code sample** or an **executable test case** demonstrating the expected behavior that is not occurring.
+
+## Did you write a patch that fixes a bug
+
+* Open a new GitHub pull request with the patch.
+
+* Ensure the PR description clearly describes the problem and solution.
+Include the relevant issue number if applicable.
+
+## Do you intend to add a new feature or change an existing one
+
+* Suggest your change by [opening a 'Feature request' issue][5]
+
+## Do you have questions about the source code
+
+* [open an issue][3] with your question.
+
+Thanks!
+
+[1]: https://github.com/rlespinasse/slugify-value/security/policy
+[2]: https://github.com/rlespinasse/slugify-value/issues
+[3]: https://github.com/rlespinasse/slugify-value/issues/new
+[4]: https://github.com/rlespinasse/slugify-value/issues/new?assignees=&labels=bug&template=bug_report.md&title=
+[5]: https://github.com/rlespinasse/slugify-value/issues/new?assignees=&labels=enhancement&template=feature_request.md&title=

README.md

@@ -1,24 +1,25 @@
 # Slugify
 
-> Github Action to slugify a value
+> [!NOTE]
+> A GitHub Action that transforms input strings into URL-friendly slugs
 
-Produce some `slug`-ed environment variables based on the input one.
+This action creates standardized slug versions of your input variables, offering multiple formatting options:
+
+## Output Formats
 
 - `<env name>_SLUG`
-
-  - put the variable content in lower case
-  - replace any character by `-` except `0-9`, `a-z`, `.`, and `_`
-  - remove leading and trailing `-` character
-  - limit the string size to 63 characters
-
+  - Converts text to lowercase
+  - Replaces special characters with **-** (except **0-9**, **a-z**, **.**, and **_**)
+  - Removes leading and trailing **-$*
+  - Limits string length to **63** characters
 - `<env name>_SLUG_CS`
+  - Same as `_SLUG` but preserves original case sensitivity
+- `<env name>_SLUG_URL` and `<env name>_SLUG_URL_CS`
+  - Same as their respective base versions (`_SLUG` or `_SLUG_CS`)
+  - Additionally replaces **.** and **_** with **-**
+  - Perfect for URL-safe strings
 
-  - like `<env name>_SLUG` but the content is not put in lower case
-
-- `<env name>_SLUG_URL` (or `<env name>_SLUG_URL_CS`)
-
-  - like `<env name>_SLUG` (or `<env name>_SLUG_CS`) with the `.`, and `_` characters also replaced by `-`
-  - will not end with `-`
+Each output variable maintains consistent formatting rules while serving different use cases, from basic slugification to URL-ready strings.
 
 ## Usage
 
@@ -100,6 +101,7 @@ Produce some `slug`-ed environment variables based on the input one.
     with:
       key: KEY_NAME
       value: value_to_slugify
+      publish-env: false
   ```
 
   Will **not** make available

SECURITY.md

@@ -0,0 +1,22 @@
+# Security Policy
+
+## Supported Versions and Branches
+
+| Version | Supported          | End of Support | Branch | Specific Tags |
+| ------- | ------------------ | -------------- | ------ | ------------- |
+| 1.x     | :white_check_mark: |                | v1.x   | v1            |
+
+A GitHub repository can use one of the available branches as an action inside its workflows.
+
+### End of Life of a branch
+
+Since `2024-10-26`, when a new major version is released,
+
+- The previous one will continue to receive security patches for 3 months,
+- After the 3 months, the branch is deleted, and only the tags remain.
+
+## Reporting a Vulnerability
+
+In this project, you can report a Vulnerability by creating a [draft security advisory](https://github.com/rlespinasse/slugify-value/security/advisories).
+
+If the vulnerability is confirmed, a fix will be produced and the advisory will be published.

slugify.sh

@@ -30,31 +30,26 @@ fi
 slug() {
   # 1st : Remove refs prefix
   # 2d : Replace unwanted characters
-  # 3d : Remove leading dashes
-  # 4d : Remove trailing dashes
-  output=$(sed -E 's#refs/[^\/]*/##;s/[^a-zA-Z0-9._-]+/-/g;s/^-*//;s/-*$//' <<<"$1")
-  reduce "$output" false
+  # 3d : Remove leading hypens
+  output=$(sed -E 's#refs/[^\/]*/##;s/[^a-zA-Z0-9._-]+/-/g;s/^-*//' <<<"$1")
+  reduce "$output"
 }
 
 slug_url() {
   # 1st : Remove refs prefix
   # 2d : Replace unwanted characters
-  # 3d : Remove leading dashes
-  # 4d : Remove trailing dashes
-  output=$(sed -E 's#refs/[^\/]*/##;s/[^a-zA-Z0-9-]+/-/g;s/^-*//;s/-*$//' <<<"$1")
-  reduce "$output" true
+  # 3d : Remove leading hypens
+  output=$(sed -E 's#refs/[^\/]*/##;s/[^a-zA-Z0-9-]+/-/g;s/^-*//' <<<"$1")
+  reduce "$output"
 }
 
 reduce() {
   reduced_value="$1"
-  remove_ending_hypen="$2"
   if [ "${MAX_LENGTH}" != "nolimit" ]; then
-    reduced_value=$(cut -c1-"${MAX_LENGTH}" <<<"$1")
+    reduced_value=$(cut -c1-"${MAX_LENGTH}" <<<"$reduced_value")
   fi
-  if [ "$remove_ending_hypen" == "true" ]; then
-    reduced_value=$(sed -E 's/-*$//' <<<"$reduced_value")
-  fi
-  echo "$reduced_value"
+  # 1st : Remove trailing hypens
+  sed -E 's/-*$//' <<<"$reduced_value"
 }
 
 SLUG_VALUE=$(slug "$VALUE")
@@ -62,11 +57,21 @@ SLUG_CS_VALUE=$(slug "$CS_VALUE")
 SLUG_URL_VALUE=$(slug_url "$VALUE")
 SLUG_URL_CS_VALUE=$(slug_url "$CS_VALUE")
 
-echo "::set-output name=value::${CS_VALUE}"
-echo "::set-output name=slug::${SLUG_VALUE}"
-echo "::set-output name=slug-cs::${SLUG_CS_VALUE}"
-echo "::set-output name=slug-url::${SLUG_URL_VALUE}"
-echo "::set-output name=slug-url-cs::${SLUG_URL_CS_VALUE}"
+if [ -f "$GITHUB_OUTPUT" ]; then
+  {
+    echo "value=${CS_VALUE}" 
+    echo "slug=${SLUG_VALUE}"
+    echo "slug-cs=${SLUG_CS_VALUE}"
+    echo "slug-url=${SLUG_URL_VALUE}"
+    echo "slug-url-cs=${SLUG_URL_CS_VALUE}"
+  } >> "$GITHUB_OUTPUT"
+else
+  echo "::set-output name=value::${CS_VALUE}" 
+  echo "::set-output name=slug::${SLUG_VALUE}"
+  echo "::set-output name=slug-cs::${SLUG_CS_VALUE}"
+  echo "::set-output name=slug-url::${SLUG_URL_VALUE}"
+  echo "::set-output name=slug-url-cs::${SLUG_URL_CS_VALUE}"
+fi
 
 if [ "${INPUT_PUBLISH_ENV}" == "true" ]; then
   {