Merge pull request #215 from commerce-docs/ds_url-linter

Add a linter to validate external links

.remarkrc.mjs

@@ -1,6 +1,7 @@
-import remarkValidateLinks from 'remark-validate-links';
-import remarkFrontmatter from 'remark-frontmatter';
-import remarkLintFrontmatterSchema from 'remark-lint-frontmatter-schema';
+import remarkValidateLinks from "remark-validate-links";
+import remarkFrontmatter from "remark-frontmatter";
+import remarkLintFrontmatterSchema from "remark-lint-frontmatter-schema";
+import remarkLintNoDeadUrls from "remark-lint-no-dead-urls";
 
 const remarkConfig = {
 	plugins: [
@@ -11,13 +12,25 @@ const remarkConfig = {
 			{
 				schemas: {
 					/* One schema for many files */
-					'./.github/linters/metadata.schema.yml': [
+					"./.github/linters/metadata.schema.yml": [
 						/* Support glob patterns ———v */
-						'./src/pages/**/*.md',
+						"./src/pages/**/*.md",
 					],
 				},
 			},
 		],
+		[
+			remarkLintNoDeadUrls,
+			{
+				skipUrlPatterns: [
+					"https://www.php.net",
+					"https://cardinalcommerce.com/",
+					"https://www.cyberciti.biz"
+
+				],
+				skipOffline: "true"
+			}
+		],
 	],
 };
-export default remarkConfig;
+export default remarkConfig;

package.json

@@ -15,6 +15,7 @@
     "remark-cli": "^10.0.1",
     "remark-frontmatter": "4.0.1",
     "remark-lint-frontmatter-schema": "^3.15.2",
+    "remark-lint-no-dead-urls": "^1.1.0",
     "remark-validate-links": "^11.0.2"
   },
   "scripts": {

src/pages/architecture/basics/security.md

@@ -26,9 +26,9 @@ The Commerce framework has adopted conventions that regulate the escaping of dat
 
 Starting in version 2.0.6, the Commerce framework no longer explicitly sets file system permissions. Instead, we recommend that certain files and directories be writable in a development environment and read-only in a production environment.
 
-To provide you with a simple way to restrict access to the file system in production, we provide the flexibility for you to further restrict those permissions using a [umask](http://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html).
+To provide you with a simple way to restrict access to the file system in production, we provide the flexibility for you to further restrict those permissions using a [umask](https://www.cyberciti.biz/tips/understanding-linux-unix-umask-value-usage.html).
 
-For an overview, see [Overview of ownership and permissions](https://devdocs.magento.com/guides/v2.4/install-gde/prereq/file-sys-perms-over.html).
+For an overview, see [Overview of ownership and permissions](https://experienceleague.adobe.com/docs/commerce-operations/installation-guide/prerequisites/file-system/overview.html).
 
 For details about ownership and permissions in development and production, see [ownership and permissions in development and production](https://experienceleague.adobe.com/docs/commerce-operations/configuration-guide/deployment/file-system-permissions.html).
 

src/pages/best-practices/extensions/faq.md

@@ -12,7 +12,7 @@ This page is a compilation of frequently asked coding questions by the Magento O
 ## What do I need to know to work with the framework?
 
 *  [SOLID principles](https://en.wikipedia.org/wiki/SOLID_(object-oriented_design)) - The essential principles needed to create maintainable and extendable code.
-*  [PHP](http://php.net/) - This is the programming language used for developing application code.
+*  [PHP](https://www.php.net/) - This is the programming language used for developing application code.
 *  [HTML](https://en.wikipedia.org/wiki/HTML), [CSS](https://en.wikipedia.org/wiki/Cascading_Style_Sheets), and [JavaScript](https://www.javascript.com/) - Languages used for [frontend development](https://developer.adobe.com/commerce/frontend-core/guide/).
 *  [Architecture basics overview](../../architecture/basics/index.md) - Developers should be familiar with the architectural concepts, such as the [Model-View-Controller](https://en.wikipedia.org/wiki/Model%E2%80%93view%E2%80%93controller) pattern and the [Command Query Responsibility Segregation](http://martinfowler.com/bliki/CQRS.html) principle.
 *  [Dependency Injection](../../development/components/dependency-injection.md) - An important design pattern used to handle dependencies across classes and modules.

src/pages/best-practices/extensions/security.md

@@ -37,7 +37,7 @@ We recommend using the InnoDB storage engine because other storage engines are n
 
 ## Avoid raw SQL queries
 
-Raw SQL queries can lead to potential security vulnerabilities and database portability issues. Use data adapter capabilities ([`Magento\Framework\DB\Adapter\Pdo\Mysql`](https://github.com/magento/magento2/blob/2.4}/lib/internal/Magento/Framework/DB/Adapter/Pdo/Mysql.php) by default) to build and execute queries and move all data access code to a resource model. Use prepared statements to make sure that queries are safe to execute.
+Raw SQL queries can lead to potential security vulnerabilities and database portability issues. Use data adapter capabilities ([`Magento\Framework\DB\Adapter\Pdo\Mysql`](https://github.com/magento/magento2/blob/2.4/lib/internal/Magento/Framework/DB/Adapter/Pdo/Mysql.php) by default) to build and execute queries and move all data access code to a resource model. Use prepared statements to make sure that queries are safe to execute.
 
 <InlineAlert variant="warning" slots="text"/>
 
@@ -111,12 +111,12 @@ public function getCustomerCart()
 
 Make sure that your observer or plugin is declared in the proper area:
 
--  [`adminhtml`](https://github.com/magento/magento2/blob/2.4}/app/code/Magento/Backend/etc/di.xml)
--  [`crontab`](https://github.com/magento/magento2/blob/2.4}/app/code/Magento/Cron/etc/di.xml)
--  [`frontend`](https://github.com/magento/magento2/blob/2.4}/app/code/Magento/Store/etc/di.xml)
--  [`graphql`](https://github.com/magento/magento2/blob/2.4}/app/code/Magento/GraphQl/etc/di.xml)
--  [`webapi_rest`](https://github.com/magento/magento2/blob/2.4}/app/code/Magento/Webapi/etc/di.xml)
--  [`webapi_soap`](https://github.com/magento/magento2/blob/2.4}/app/code/Magento/Webapi/etc/di.xml)
+-  [`adminhtml`](https://github.com/magento/magento2/blob/2.4/app/code/Magento/Backend/etc/di.xml)
+-  [`crontab`](https://github.com/magento/magento2/blob/2.4/app/code/Magento/Cron/etc/di.xml)
+-  [`frontend`](https://github.com/magento/magento2/blob/2.4/app/code/Magento/Store/etc/di.xml)
+-  [`graphql`](https://github.com/magento/magento2/blob/2.4/app/code/Magento/GraphQl/etc/di.xml)
+-  [`webapi_rest`](https://github.com/magento/magento2/blob/2.4/app/code/Magento/Webapi/etc/di.xml)
+-  [`webapi_soap`](https://github.com/magento/magento2/blob/2.4/app/code/Magento/Webapi/etc/di.xml)
 
 The plugins and observers should be declared in the `<module-dir>/etc/<area>/` directory.
 

src/pages/best-practices/phpstorm/run-configuration.md

@@ -41,7 +41,7 @@ These are the main components of the Upgrade Compatibility Tool Run Configuratio
 *  *Message*: Message that appears if the Upgrade Compatibility Tool cannot be located for the current PHPStorm plugin project.
 *  *Link*: Link to install the Upgrade Compatibility Tool for the current PHPStorm plugin project.
 
-See [Run](https://experienceleague.adobe.com/docs/commerce-operations/upgrade-guide/upgrade-compatibility-tool/run.html) topic for more information on these specific options of the Upgrade Compatibility Tool.
+See [run the tool](https://experienceleague.adobe.com/docs/commerce-operations/upgrade-guide/upgrade-compatibility-tool/use-upgrade-compatibility-tool/run.html) for more information on these specific options of the Upgrade Compatibility Tool.
 
 After you correctly configure the template, you can run the Upgrade Compatibility Tool with a single click in your Run Configuration GUI.
 

src/pages/best-practices/phpstorm/upgrade-compatibility-tool.md

@@ -68,7 +68,7 @@ For this inspection type you do not need to have UCT inspections enabled for you
 
 Before using it, you should configure the built-in UCT in a same way to the CLI Run Configuration.
 All fields, as above, are described in the Upgrade Compatibility Tool Run Configuration section and are more detailed
-in the [official documentation](https://experienceleague.adobe.com/docs/commerce-operations/upgrade-guide/upgrade-compatibility-tool/run.html).
+in the [official documentation](https://experienceleague.adobe.com/docs/commerce-operations/upgrade-guide/upgrade-compatibility-tool/use-upgrade-compatibility-tool/run.html).
 
 Go to the UCT configuration dialog `Tools -> Configure The Upgrade Compatibility Tool` and configure it as required:
 

src/pages/best-practices/security/index.md

@@ -16,16 +16,16 @@ As a developer, you should avoid using features that introduce vulnerabilities i
 The following is a list of PHP functions that are known to be vulnerable and exploitable.
 Avoid using these functions in your code.
 
-*  [`eval`](http://php.net/manual/en/function.eval.php) - Using `eval` is considered bad practice because of its ability to [execute arbitrary PHP code](https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet#Code_Injection).
-*  [`serialize`](http://php.net/manual/en/function.serialize.php)/[`unserialize`](http://php.net/manual/en/function.unserialize.php) - Attackers can create an exploit for these functions by passing a string with a serialized arbitrary object to the `unserialize` function to [run arbitrary code](https://www.owasp.org/index.php/PHP_Object_Injection).
-*  [`md5`](http://php.net/manual/en/function.md5.php) - The algorithm for this function is known to have [cryptographic weaknesses](https://www.owasp.org/index.php/Guide_to_Cryptography#Hashes).
+*  [`eval`](https://www.php.net/manual/en/function.eval.php) - Using `eval` is considered bad practice because of its ability to [execute arbitrary PHP code](https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet#Code_Injection).
+*  [`serialize`](https://www.php.net/manual/en/function.serialize.php)/[`unserialize`](https://www.php.net/manual/en/function.unserialize.php) - Attackers can create an exploit for these functions by passing a string with a serialized arbitrary object to the `unserialize` function to [run arbitrary code](https://www.owasp.org/index.php/PHP_Object_Injection).
+*  [`md5`](https://www.php.net/manual/en/function.md5.php) - The algorithm for this function is known to have [cryptographic weaknesses](https://www.owasp.org/index.php/Guide_to_Cryptography#Hashes).
    You should never use this function for hashing passwords or any other sensitive data.
-*  [`srand`](http://php.net/manual/en/function.srand.php) - Using a predetermined number to seed the random number generator results in a [predictable sequence of numbers](http://programmers.stackexchange.com/questions/76229/predicting-the-output-of-phps-rand).
-*  [`mt_srand`](http://php.net/manual/en/function.mt-rand.php) - This function is a pseudo-random number generator (PRNG) and is [not cryptographically secure](http://phpsecurity.readthedocs.io/en/latest/Insufficient-Entropy-For-Random-Values.html).
+*  [`srand`](https://www.php.net/manual/en/function.srand.php) - Using a predetermined number to seed the random number generator results in a [predictable sequence of numbers](http://programmers.stackexchange.com/questions/76229/predicting-the-output-of-phps-rand).
+*  [`mt_srand`](https://www.php.net/manual/en/function.mt-rand.php) - This function is a pseudo-random number generator (PRNG) and is [not cryptographically secure](http://phpsecurity.readthedocs.io/en/latest/Insufficient-Entropy-For-Random-Values.html).
 
 ## Standard PHP library classes to avoid
 
-*  [`ArrayObject`](http://php.net/manual/en/class.arrayobject.php) - Using `ArrayObject` class is not recommended because it contains `unserialize` method, which attackers can use to create an exploit.
+*  [`ArrayObject`](https://www.php.net/manual/en/class.arrayobject.php) - Using `ArrayObject` class is not recommended because it contains `unserialize` method, which attackers can use to create an exploit.
 
    If you need to use the `ArrayObject` class, override the `serialize`/`unserialize` methods so that they use secure logic.
    Convert objects into arrays to serialize them, and reconstruct the objects using arrays during unserialization.

src/pages/coding-standards/php.md

@@ -33,7 +33,7 @@ Learn more about using rule sets with PHP CodeSniffer [ruleset](http://pear.php.
 
 ### Literal Namespace Rule
 
-For class name resolution, use the [`::class`](http://php.net/manual/en/language.oop5.basic.php#language.oop5.basic.class.class) keyword instead of a string literal for every class name reference outside of that class.
+For class name resolution, use the [`::class`](https://www.php.net/manual/en/language.oop5.basic.php#language.oop5.basic.class.class) keyword instead of a string literal for every class name reference outside of that class.
 This includes references to:
 
 *  Fully qualified class name

src/pages/development/backward-incompatible-changes/highlights.md

@@ -95,7 +95,7 @@ The following major backward-incompatible changes were introduced in the 2.4.7-b
 
 ### New interface and method for ApplicationServer module
 
-State management has been enabled for all GraphQL APIs (excluding B2B and service-related processes). The 2.4.7-beta1 release introduces a new PHP application server that is implemented on a Swoole PHP extension. The [ApplicationServer](https://developer.adobe.com/commerce/php/module-reference/module-application-server/) module enables Adobe Commerce to maintain state between Commerce GraphQL API requests and eliminates the need for request bootstrapping. By sharing application state among processes, API requests become significantly more efficient, and API response times potentially decrease by 50 to 60 milliseconds.
+State management has been enabled for all GraphQL APIs (excluding B2B and service-related processes). The 2.4.7-beta1 release introduces a new PHP application server that is implemented on a Swoole PHP extension. The [ApplicationServer](https://experienceleague.adobe.com/docs/commerce-operations/performance-best-practices/performance-best-practices/application-server.html) module enables Adobe Commerce to maintain state between Commerce GraphQL API requests and eliminates the need for request bootstrapping. By sharing application state among processes, API requests become significantly more efficient, and API response times potentially decrease by 50 to 60 milliseconds.
 
 The `ResetAfterRequestInterface` interface and `_resetState()` method were added to enable the PHP application server. The `__debugInfo()` method was also added to fix issues with `var_dump` calls.
 

src/pages/development/build/composer-integration.md

@@ -221,7 +221,7 @@ Using Adobe Commerce and Magento Open Source code as an example, marketing versi
 [2]: https://packagist.org/
 [3]: https://getcomposer.org/doc/05-repositories.md#path
 [4]: https://www.iso.org/iso-639-language-codes.html
-[5]: https://developer.adobe.com/commerce/marketplace/guides/sellers/profile-company/
+[5]: https://developer.adobe.com/commerce/marketplace/guides/sellers/profile-information/
 [6]: https://marketplace.magento.com/
 [7]: https://marketplace.magento.com
 [8]: ../package/component.md#metapackage-example

src/pages/development/build/dependency-injection-file.md

@@ -169,7 +169,7 @@ Node Format:
 
 `<argument xsi:type="number">{numericValue}</argument>`
 
-Acceptable values for this type include: integers, floats, or [numeric strings](http://us3.php.net/is_numeric).
+Acceptable values for this type include: integers, floats, or [numeric strings](https://www.php.net/is_numeric).
 
 ---
 

src/pages/development/build/development-environment.md

@@ -33,21 +33,21 @@ The following is a list of the different ways you can install Adobe Commerce or
 
    You can use a VM tool, such as [VirtualBox](https://www.virtualbox.org/wiki/VirtualBox), together with a virtual environment tool, such as [Vagrant](https://www.vagrantup.com/) or [Docker](https://www.docker.com/), to create reusable and shareable instances for development.
 
-   A search for ["magento developer box"](https://github.com/search?utf8=%E2%9C%93&q=magento+developer+box) in GitHub provides a list of unofficial virtual machines configured for development.
+   A search for "magento developer box" in GitHub provides a list of unofficial virtual machines configured for development.
 
 ### Optimal configuration
 
 The following is a list of optimizations you can make on your local development machine
 
 *  We recommend installing and using the latest supported version of PHP 8 to increase performance.
 *  Replace your MySQL database with [Percona](https://www.percona.com/software/mysql-database/percona-server).
-*  Make sure you install and enable [PHP OPcache](http://php.net/manual/en/intro.opcache.php).
+*  Make sure you install and enable [PHP OPcache](https://www.php.net/manual/en/intro.opcache.php).
 *  Xdebug is off by default. Enable this feature only when you need it because it requires a lot of memory and degrades performance.
    The `xdebug.max_nesting_level` configuration needs to be set to 200 or greater for Magento.
    You can increase the memory available to PHP to get an increase in performance with Xdebug on.
 *  If you need sample data, you can install it using [composer](https://devdocs.magento.com/guides/v2.4/install-gde/install/web/install-web-sample-data-composer.html) or by [cloning repositories](https://devdocs.magento.com/guides/v2.4/install-gde/install/web/install-web-sample-data-clone.html).
 *  To speed up frontend development, [turn off merging of CSS and JavaScript](https://docs.magento.com/user-guide/system/file-optimization.html).
 *  Make sure [caching](https://experienceleague.adobe.com/docs/commerce-operations/configuration-guide/cache/caching-overview.html) is turned on (this is the default behavior).
    Generally, only page cache and block cache should be turned off for development and turned back on when testing.
-*  [Opcache timestamp validation](http://php.net/manual/en/opcache.configuration.php#ini.opcache.validate-timestamps) should always be on for development.
+*  [Opcache timestamp validation](https://www.php.net/manual/en/opcache.configuration.php#ini.opcache.validate-timestamps) should always be on for development.
    Development is impossible with opcache on and revalidation off because any PHP modification would require a cache reset.