[WIP] Create necessary automation workflows

[Copilot]

Create Required Automation Workflows

Creating necessary GitHub Actions automation workflows for the documentation repository.

Plan

• Explore repository structure and understand build/test setup
• Create .github/workflows directory
• Create CI workflow for pull requests (build, lint, type-check)
• Create deployment preview workflow
• Create dependency update workflow (Dependabot)
• Create link checking workflow for documentation
• Create PR auto-labeling workflow
• Verify workflow configuration files are valid
• Address code review feedback (multiple rounds)
• Fix security vulnerabilities (explicit permissions)
• Pin action versions for security and reproducibility

Workflows Created

1. CI Workflow (.github/workflows/ci.yml)

   • Runs on pull requests and pushes to main branch
   • Installs dependencies with npm ci (using package-lock.json)
   • Runs TypeScript type checking with npx tsc --noEmit
   • Builds the Next.js application
   • Uploads build artifacts for 7 days
   • Uses pinned action versions (checkout@v4, setup-node@v4, upload-artifact@v4)
   • Security: Explicit contents: read permission

2. Link Check Workflow (.github/workflows/link-check.yml)

   • Checks links in content directory (all .md and .mdx files)
   • Checks links in README.md
   • Runs on PRs that modify content (checks only modified files)
   • Scheduled weekly on Mondays at 00:00 UTC (checks all files)
   • Can be triggered manually via workflow_dispatch
   • Uses pinned action version (markdown-link-check@v1.0.15)
   • Security: Explicit contents: read permission

3. Preview Deployment Workflow (.github/workflows/preview.yml)

   • Automatically comments on PRs with deployment information
   • Provides context about Vercel deployments and available languages
   • Uses pinned action versions (checkout@v4, github-script@v7)
   • Security: Explicit contents: read and pull-requests: write permissions

4. PR Labeler Workflow (.github/workflows/label.yml)

   • Automatically labels PRs based on changed files
   • Labels: documentation, i18n, ui, configuration, dependencies, workflows
   • Uses pinned action version (labeler@v5.0.0)
   • Already has explicit permissions defined

5. Dependabot Configuration (.github/dependabot.yml)

   • Weekly npm dependency updates on Mondays
   • Monthly GitHub Actions version updates
   • Automatic PR creation with proper labels and commit message prefixes

Supporting Files

• .github/labeler.yml - Configuration for PR labeling based on file paths
• .github/markdown-link-check-config.json - Link checker configuration with timeouts, retries, and status codes

Security & Best Practices

• ✅ All workflows have explicit GITHUB_TOKEN permissions (principle of least privilege)
• ✅ All actions pinned to specific versions for reproducibility and security
• ✅ CodeQL security checks: PASSED (0 alerts)
• ✅ All YAML/JSON syntax validated
• ✅ TypeScript type checking tested and working
• ✅ Build command tested successfully

Original prompt

创建必须的自动化工作流

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
docs	Ready	Preview, Comment	Jan 16, 2026 5:27am

[github-actions]

🚀 Preview Deployment

This pull request will be automatically deployed to Vercel.

Preview Links

• 📝 Documentation: Will be available once Vercel deployment completes
• 🌍 Languages: English (/en/docs) and Chinese (/zh-CN/docs)

Build Status

Check the CI workflow for build status and any errors.

---

Automated preview information for PR #6

[huangyiirene]

@copilot 继续

[github-actions]

🚀 Preview Deployment

This pull request will be automatically deployed to Vercel.

Preview Links

• 📝 Documentation: Will be available once Vercel deployment completes
• 🌍 Languages: English (/en/docs) and Chinese (/zh-CN/docs)

Build Status

Check the CI workflow for build status and any errors.

---

Automated preview information for PR #6

[Copilot]

Pull request overview

This pull request adds comprehensive GitHub Actions automation workflows to the documentation repository. The PR creates CI/CD workflows, automated dependency management, link checking, PR labeling, and deployment preview notifications.

Changes:

• Added CI workflow for building, type-checking, and testing the Next.js documentation site
• Added automated link checking for markdown files with weekly scheduled runs
• Added PR auto-labeling based on file changes
• Added Dependabot configuration for npm and GitHub Actions dependency updates
• Added preview deployment notification workflow for pull requests

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
.github/workflows/ci.yml	CI workflow for building and testing the documentation site on PRs and main branch
.github/workflows/link-check.yml	Automated link checking for markdown files with scheduled runs and PR triggers
.github/workflows/label.yml	Automatic PR labeling based on file path patterns
.github/workflows/preview.yml	Posts preview deployment information as PR comments
.github/dependabot.yml	Configures automated dependency updates for npm and GitHub Actions
.github/labeler.yml	Configuration file defining label rules based on file patterns
.github/markdown-link-check-config.json	Configuration for link checker with timeout and retry settings

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The preview workflow will create a new comment on every PR update (synchronize event). This could lead to comment spam on PRs with multiple commits. Consider checking for existing comments and updating them instead, or use a bot identifier and delete previous comments before creating a new one.

[Copilot]

The checkout step is unnecessary in this workflow since the script doesn't interact with repository files. Removing this step would make the workflow faster and more efficient.

Suggested change

	- name: Checkout code
	uses: actions/checkout@v4

[Copilot]

The pattern '.tsx' only matches TypeScript files in the root directory. If the intent is to match all TSX files, use '**/.tsx'. However, since 'app/**/*.tsx' is already specified, this pattern seems redundant unless there are TSX files expected in the root.

Suggested change

- '*.tsx'

[Copilot]

The link check workflow uses 'yes'/'no' string values. While this works with the action, using boolean values (true/false) without quotes would be more idiomatic for GitHub Actions workflows and clearer in intent.

Suggested change

	use-quiet-mode: 'yes'
	use-verbose-mode: 'no'
	config-file: '.github/markdown-link-check-config.json'
	folder-path: 'content/'
	check-modified-files-only: ${{ github.event_name == 'pull_request' && 'yes' || 'no' }}
	- name: Check links in root markdown files
	uses: gaurav-nelson/github-action-markdown-link-check@v1.0.15
	with:
	use-quiet-mode: 'yes'
	use-verbose-mode: 'no'
	config-file: '.github/markdown-link-check-config.json'
	file-path: './README.md'
	check-modified-files-only: ${{ github.event_name == 'pull_request' && 'yes' || 'no' }}
	use-quiet-mode: true
	use-verbose-mode: false
	config-file: '.github/markdown-link-check-config.json'
	folder-path: 'content/'
	check-modified-files-only: ${{ github.event_name == 'pull_request' }}
	- name: Check links in root markdown files
	uses: gaurav-nelson/github-action-markdown-link-check@v1.0.15
	with:
	use-quiet-mode: true
	use-verbose-mode: false
	config-file: '.github/markdown-link-check-config.json'
	file-path: './README.md'
	check-modified-files-only: ${{ github.event_name == 'pull_request' }}