feat: CI/CD pipeline with security scanning #97

	name: Documentation

	on:
	push:
	paths:
	- "**.md"
	- ".markdownlint.json"
	pull_request:
	paths:
	- "**.md"
	- ".markdownlint.json"
	workflow_dispatch:

	permissions: read-all

	jobs:
	lint-markdown:
	name: Lint Markdown
	runs-on: ubuntu-latest
	timeout-minutes: 5
	permissions:
	contents: read
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
	with:
	egress-policy: audit

	- name: Checkout
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

	- name: Lint Markdown files
	uses: DavidAnson/markdownlint-cli2-action@v19
	with:
	globs: "*/.md"
	config: ".markdownlint.json"

	check-links:
	name: Check Links
	runs-on: ubuntu-latest
	timeout-minutes: 10
	permissions:
	contents: read
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
	with:
	egress-policy: audit

	- name: Checkout
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

	- name: Check Markdown links
	uses: gaurav-nelson/github-action-markdown-link-check@v1
	with:
	use-quiet-mode: "yes"
	config-file: ".markdown-link-check.json"

	spell-check:
	name: Spell Check
	runs-on: ubuntu-latest
	timeout-minutes: 5
	permissions:
	contents: read
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
	with:
	egress-policy: audit

	- name: Checkout
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

	- name: Check spelling
	uses: crate-ci/typos@v1
	with:
	config: .typos.toml

Provide feedback