bench: add clean SearXNG stock baseline board (2026-06-15) (#105) #209
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: actionlint | |
| # Validates GitHub Actions workflow YAML against actionlint's rule set. | |
| # Catches interpolation/quoting bugs, bad `needs:` refs, and the | |
| # untrusted-input-in-run-script class of injection risk that otherwise | |
| # only surfaces at workflow-fire time. | |
| on: | |
| # Runs on every PR + every push to master, not just workflow changes. | |
| # Path-filtered required checks can never report on PRs that don't | |
| # touch the filter — leaves merges permanently blocked. 30s of CI on | |
| # unrelated PRs is cheaper than that failure mode. | |
| pull_request: | |
| push: | |
| branches: [master] | |
| workflow_dispatch: {} | |
| permissions: | |
| contents: read | |
| jobs: | |
| actionlint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 | |
| - name: Install actionlint v1.7.1 | |
| # Official release tarball, pinned to a specific version. CI-only | |
| # lint tool; a broken build here won't ship to users, so a | |
| # checksum pin isn't essential. | |
| run: | | |
| set -euo pipefail | |
| curl -fsSL -o actionlint.tgz \ | |
| https://github.com/rhysd/actionlint/releases/download/v1.7.1/actionlint_1.7.1_linux_amd64.tar.gz | |
| tar xzf actionlint.tgz actionlint | |
| chmod +x actionlint | |
| ./actionlint -version | |
| - name: Run actionlint | |
| run: ./actionlint -color |