# Checks the spelling on all non-third-party files.

name: Codespell

on:
  workflow_dispatch:
  push:
    branches-ignore:
      - 'dependabot/**'
    paths-ignore:
      - 'm4/**'
      - COPYING
  pull_request:
    paths-ignore:
      - 'm4/**'
      - COPYING

permissions:  # added using https://github.com/step-security/secure-workflows
  contents: read

jobs:
  codespell:
    runs-on: ubuntu-22.04
    timeout-minutes: 5
    steps:
    - name: Harden Runner
      uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142
      with:
        egress-policy: block
        allowed-endpoints: >
          archive.ubuntu.com:80
          azure.archive.ubuntu.com:80
          github.com:443
          packages.microsoft.com:443
          ppa.launchpadcontent.net:443
          security.ubuntu.com:80
    - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
    - name: update package information
      run: sudo apt-get update -qy
    - name: install dependencies
      run: sudo apt-get install -qy codespell
    - name: print env
      run: ./ci/printenv.sh
    - name: configure
      run: ./configure || (cat config.log; exit 1)
    - run: codespell --version
    - name: codespell
      run: make codespell