ci: use tcort/github-action-markdown-link-check

[nschonni]

Description

Change the remaining HTTP links to HTTPS and use the upstream markdown-link-check GitHub Action that Dependabot can update

Motivation and Context

Alternate take on #2296 to not ignore some of the domains.

Testing Details

Locally I was still getting a 403 for the npmjs.com link, so there might still need to be an ignore for that.

Example Output(if appropriate)

Types of changes

• Documentation
• Version change (Update, remove or add more Node.js versions)
• Variant change (Update, remove or add more variants, or versions of variants)
• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Other (none of the above)

Checklist

• My code follows the code style of this project.
• My change requires a change to the documentation.
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING.md document.
• All new and existing tests passed.

[nschonni]

@MikeMcC399 if you want to adopt these changes into your own PR it can land instead. I was just playing around to see about a minimal change, plus remembering that there was an "official" GitHub Action for that tool now

[MikeMcC399]

@nschonni

This PR is addressing some different goals from #2296.

Domains

I've described in #2296 (comment) why there are three domains that need exceptions adding.
PR #2296 has since been merged.

Migration from http to https

I submitted PR #2298 for this enhancement. I felt it was cleaner to keep this change separate.

Migration to tcort/github-action-markdown-link-check action

Regarding the proposal to migrate from the npm package markdown-link-check to the GitHub Action tcort/github-action-markdown-link-check, I have several misgivings.

The action tcort/github-action-markdown-link-check appears to be based on using an EOL Docker version node:21.7.3-alpine3.18. This version of Node.js transitioned into end-of-life on June 1, 2024.

The repo has a low level of activity and does not track releases of markdown-link-check one-for-one. The lack of issues and PRs in the repo https://github.com/tcort/github-action-markdown-link-check suggests that it is not widely used.

Given that the npm package markdown-link-check has a history of releases with major shortcomings, and slow response to issues, I would recommend sticking with the npm package so that exact releases can be selected. Even if this means that Dependabot won't be able to update it. Before manually updating the package it would be worthwhile checking on open issues in the markdown-link-check repo. A couple of examples of serious issues that were released and that have since been fixed:

• failure to recognize and use the config file
• package returned success even if there were bad links

It may be worthwhile submitting an issue / PR to tcort/github-action-markdown-link-check to get the base Docker image updated to a supported version. Given the impending transition of Node.js 24 to LTS, that would probably be the best target version after waiting for the LTS transition.

[MikeMcC399]

Also it appears that the verbose mode does not live up to how I understand the documentation description:

use-verbose-mode
Specify yes to show detailed HTTP status for checked links.

Using markdown-link-check configuration file: markdown_link_check_config.json
USE_QUIET_MODE: no
USE_VERBOSE_MODE: yes
FOLDER_PATH: .
MAX_DEPTH: -1
CHECK_MODIFIED_FILES: no
FILE_EXTENSION: .md
FILE_PATH: 
+ find . -name '*.md' -not -path './node_modules/*' -exec markdown-link-check '{}' --config markdown_link_check_config.json -v ';'
+ set +x
=========================> MARKDOWN LINK CHECK <=========================

[✔] All links are good!

=========================================================================

[nschonni]

Good point around the Dockerfile. I've opened up tcort/github-action-markdown-link-check#3 to see if it should get converted.