search

AReid987 / CodeQuest

0 stars 0 forks source link

chore(deps): update oxsecurity/megalinter action to v7.12.0 #19

Closed renovate[bot] closed 4 weeks ago

renovate[bot] commented 1 month ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
oxsecurity/megalinter action minor v7.11.1 -> v7.12.0

Release Notes

oxsecurity/megalinter (oxsecurity/megalinter) ### [`v7.12.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v7120---2024-06-02) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.11.1...v7.12.0) - Core - Add new logs (at debug level) on each linter activation/deactivation - Clean MegaLinter own CVE exceptions and order the remaining ones with links to related issues - Upgrade to Java 21 except for npm-groovy-lint that requires Java 17 - Media - Add blog post [5 ways MegaLinter upped our DevSecOps game](https://flexion.us/blog/5-ways-megalinter-upped-our-devsecops-game/) to the list of English articles by [@​wesley-dean-flexion](https://togithub.com/wesley-dean-flexion) in [#​3596](https://togithub.com/oxsecurity/megalinter/pull/3596) - Linters - Add PHP fixer by [@​llaville](https://togithub.com/llaville) in [#​3598](https://togithub.com/oxsecurity/megalinter/pull/3598) - `API_SPECTRAL` was added as replacement for `OPENAPI_SPECTRAL` (deprecated), supporting AsyncAPI and OpenAPI by default. Uses Spectral's standard config file name `.spectral.yaml` instead of `.openapirc.yml` with a default config with rulesets for AsyncAPI and OpenAPI enabled. Fixes [#​3387](https://togithub.com/oxsecurity/megalinter/issues/3387) - Disable SQL_TSQLLINT until security issues are solved. Related to [tsqllint/tsqllint#333](https://togithub.com/tsqllint/tsqllint/issues/333) - PHP linters (PHP_PHPCS, PHP_PHPLINT, PHP_PHPSTAN) add support to SARIF report output format with help of - Php psalm improvement by [@​llaville](https://togithub.com/llaville) in [#​3541](https://togithub.com/oxsecurity/megalinter/pull/3541) - `KOTLIN_KTLINT` now supports `list_of_files` mode, and has better error counting - Upgrade `KOTLIN_DETEKT` and make it work with cli_lint_mode = project - Reporters - Fixes - Change `golangci-lint` lint mode to `project`, by [@​wandering-tales](https://togithub.com/wandering-tales) in [#​3509](https://togithub.com/oxsecurity/megalinter/pull/3509) - Disable sql-lint as it is no longer maintained - Add new entries `findUnusedCode` and `findUnusedBaselineEntry` in default `psalm.xml` configuration file for PHP_PSALM linter. Related to [#​3538](https://togithub.com/oxsecurity/megalinter/issues/3538) - fix(pylint): overgeneral-exceptions fully qualified name by [@​gardar](https://togithub.com/gardar) in [#​3576](https://togithub.com/oxsecurity/megalinter/pull/3576) - Update `ktlint` descriptor to support `list_of_files` and better error counting by [@​Yann-J](https://togithub.com/Yann-J) in [#​3575](https://togithub.com/oxsecurity/megalinter/pull/3575) - Sync PowerShell version in arm.megalinter-descriptor.yml by [@​echoix](https://togithub.com/echoix) in [#​3586](https://togithub.com/oxsecurity/megalinter/pull/3586) - Adjust find commands to clean up files in same step by [@​echoix](https://togithub.com/echoix) in [#​3588](https://togithub.com/oxsecurity/megalinter/pull/3588) - Upgrade KOTLIN_DETEKT and make it work with cli_lint_mode = project by [@​nvuillam](https://togithub.com/nvuillam) in [#​3590](https://togithub.com/oxsecurity/megalinter/pull/3590) - Doc - Handle disabled_reason property in descriptors - Sort enums in json schema, by [@​echoix](https://togithub.com/echoix) in [#​3595](https://togithub.com/oxsecurity/megalinter/pull/3595) - Flavors - CI - Build: take in account disabled linters for workflow auto-update - Remove useless package-lock.json that was in python tests folder - Fix SARIF_REPORTER that was wrongly sent to `true` to format & fix test methods - Build: Write ARG lines at the top of Dockerfiles if they are used by FROM variables - Remove Github Actions Workflow telemetry to improve performances - Update Docker image for Gitpod to run on Ubuntu Noble, by [@​echoix](https://togithub.com/echoix) - Update makefile bootstrap config (gitpod or local) to use uv for package installation, by [@​echoix](https://togithub.com/echoix) - Use uv to install Python deps for CI by [@​echoix](https://togithub.com/echoix) in [#​3561](https://togithub.com/oxsecurity/megalinter/pull/3561) - Use a single find command to delete pycache files by [@​echoix](https://togithub.com/echoix) in [#​3562](https://togithub.com/oxsecurity/megalinter/pull/3562) - Sort schema enums by [@​echoix](https://togithub.com/echoix) in [#​3595](https://togithub.com/oxsecurity/megalinter/pull/3595) - Linter versions upgrades - [actionlint](https://rhysd.github.io/actionlint/) from 1.6.27 to **1.7.1** on 2024-05-28 - [ansible-lint](https://ansible-lint.readthedocs.io/) from 24.2.2 to **24.2.3** on 2024-05-20 - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.26.170 to **0.27.1** on 2024-05-07 - [black](https://black.readthedocs.io/en/stable/) from 24.4.0 to **24.4.2** on 2024-04-26 - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.86.4 to **0.87.4** on 2024-05-28 - [checkov](https://www.checkov.io/) from 3.2.74 to **3.2.122** on 2024-05-04 - [checkstyle](https://checkstyle.org/) from 10.15.0 to **10.17.0** on 2024-05-27 - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.77 to **0.1.78** on 2024-05-04 - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2024.03.13 to **2024.05.24** on 2024-05-25 - [csharpier](https://csharpier.com/) from 0.28.1 to **0.28.2** on 2024-04-26 - [cspell](https://togithub.com/streetsidesoftware/cspell/tree/master/packages/cspell) from 8.7.0 to **8.8.3** on 2024-05-24 - [detekt](https://detekt.dev/) from 1.23.5 to **1.23.6** on 2024-05-28 - [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 8.0.104 to **8.0.106** on 2024-06-01 - [editorconfig-checker](https://editorconfig-checker.github.io/) from 2.7.2 to **3.0.1** on 2024-04-30 - [git_diff](https://git-scm.com) from 2.43.0 to **2.43.4** on 2024-05-18 - [golangci-lint](https://golangci-lint.run/) from 1.57.2 to **1.59.0** on 2024-05-27 - [grype](https://togithub.com/anchore/grype) from 0.77.0 to **0.78.0** on 2024-05-28 - [jscpd](https://togithub.com/kucherenko/jscpd/tree/master/packages/jscpd) from 3.5.10 to **4.0.4** on 2024-05-28 - [kics](https://www.kics.io) from 2.0.0 to **2.0.1** on 2024-05-04 - [kubeconform](https://togithub.com/yannh/kubeconform) from 0.6.4 to **0.6.6** on 2024-05-12 - [lightning-flow-scanner](https://togithub.com/Lightning-Flow-Scanner) from 2.22.0 to **2.24.0** on 2024-05-20 - [luacheck](https://luacheck.readthedocs.io) from 1.1.2 to **1.2.0** on 2024-05-25 - [lychee](https://lychee.cli.rs) from 0.14.3 to **0.15.1** on 2024-05-13 - [markdown-link-check](https://togithub.com/tcort/markdown-link-check) from 3.12.1 to **3.12.2** on 2024-05-22 - [markdown-table-formatter](https://www.npmjs.com/package/markdown-table-formatter) from 1.5.0 to **1.6.0** on 2024-04-27 - [markdownlint](https://togithub.com/DavidAnson/markdownlint) from 0.39.0 to **0.41.0** on 2024-05-26 - [mypy](https://mypy.readthedocs.io/en/stable/) from 1.9.0 to **1.10.0** on 2024-04-26 - [npm-groovy-lint](https://nvuillam.github.io/npm-groovy-lint/) from 14.4.1 to **14.6.0** on 2024-05-12 - [phpcs](https://togithub.com/PHPCSStandards/PHP_CodeSniffer) from 3.9.1 to **3.10.1** on 2024-04-23 - [phplint](https://togithub.com/overtrue/phplint) from 9.1.2 to **9.3.1** on 2024-05-18 - [phpstan](https://phpstan.org/) from 1.10.67 to **1.11.0** to **1.11.3** on 2024-05-31 - [pmd](https://pmd.github.io/) from 6.55.0 to **7.1.0** on 2024-04-28 - [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.4.1 to **7.4.2** on 2024-04-28 - [powershell_formatter](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.4.1 to **7.4.2** on 2024-04-28 - [prettier](https://prettier.io/) from 3.2.5 to **3.3.0** on 2024-06-01 - [proselint](https://togithub.com/amperser/proselint) from 0.13.0 to **0.14.0** on 2024-05-24 - [protolint](https://togithub.com/yoheimuta/protolint) from 0.49.6 to **0.49.7** on 2024-05-04 - [psalm](https://psalm.dev) from Psalm.5.23.1@​ to **Psalm.5.24.0@​** on 2024-05-04 - [pylint](https://pylint.readthedocs.io) from 3.1.0 to **3.2.2** on 2024-05-20 - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.359 to **1.1.365** on 2024-05-31 - [roslynator](https://togithub.com/dotnet/Roslynator) from 0.8.6.0 to **0.8.9.0** on 2024-06-01 - [rubocop](https://rubocop.org/) from 1.63.3 to **1.64.1** on 2024-05-31 - [ruff](https://togithub.com/astral-sh/ruff) from 0.4.1 to **0.4.7** on 2024-05-31 - [scalafix](https://scalacenter.github.io/scalafix/) from 0.12.0 to **0.12.1** on 2024-05-04 - [secretlint](https://togithub.com/secretlint/secretlint) from 8.2.3 to **8.2.4** on 2024-04-29 - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.23.0 to **3.25.0** on 2024-05-28 - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.23.0 to **3.25.0** on 2024-05-28 - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.23.0 to **3.25.0** on 2024-05-28 - [snakefmt](https://togithub.com/snakemake/snakefmt) from 0.10.1 to **0.10.2** on 2024-05-12 - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 8.10.8 to **8.12.0** on 2024-05-27 - [sqlfluff](https://www.sqlfluff.com/) from 3.0.5 to **3.0.7** on 2024-05-24 - [stylelint](https://stylelint.io) from 16.4.0 to **16.6.1** on 2024-05-28 - [syft](https://togithub.com/anchore/syft) from 1.2.0 to **1.5.0** on 2024-05-28 - [tekton-lint](https://togithub.com/IBM/tekton-lint) from 1.0.2 to **1.1.0** on 2024-05-25 - [terraform-fmt](https://developer.hashicorp.com/terraform/cli/commands/fmt) from 1.8.1 to **1.8.4** on 2024-05-25 - [terragrunt](https://terragrunt.gruntwork.io) from 0.57.5 to **0.58.10** on 2024-05-27 - [tflint](https://togithub.com/terraform-linters/tflint) from 0.50.3 to **0.51.1** on 2024-06-02 - [trivy-sbom](https://aquasecurity.github.io/trivy/) from 0.50.2 to **0.51.4** on 2024-05-25 - [trivy](https://aquasecurity.github.io/trivy/) from 0.50.2 to **0.51.4** on 2024-05-25 - [trufflehog](https://togithub.com/trufflesecurity/trufflehog) from 3.73.0 to **3.77.0** on 2024-05-28 - [vale](https://vale.sh/) from 3.4.0 to **3.4.2** on 2024-05-04 - [xmllint](https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home) from 21107 to **21108** on 2024-05-18

Configuration

πŸ“… Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

β™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

πŸ”• Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

deepsource-io[bot] commented 1 month ago

Here's the code health analysis summary for commits 804eff1..1a41469. View details on DeepSource β†—.

Analysis Summary

AnalyzerStatusSummaryLink
DeepSource Docker LogoDockerβœ… SuccessView Check β†—
DeepSource JavaScript LogoJavaScriptβœ… SuccessView Check β†—
DeepSource Secrets LogoSecretsβœ… SuccessView Check β†—
DeepSource SQL LogoSQLβœ… SuccessView Check β†—
DeepSource Test coverage LogoTest coverage⚠️ Artifact not reportedTimed out: Artifact was never reportedView Check β†—
πŸ’‘ If you’re a repository administrator, you can configure the quality gates from the settings.
codspeed-hq[bot] commented 1 month ago

CodSpeed Performance Report

Merging #19 will create unknown performance changes

Comparing renovate/oxsecurity-megalinter-7.x (1a41469) with main (0868869)

Summary

:warning: No benchmarks were detected in both the base of the PR and the PR.

github-actions[bot] commented 1 month ago

πŸ¦™ MegaLinter status: ❌ ERROR

Descriptor Linter Files Fixed Errors Elapsed time
βœ… ACTION actionlint 9 0 0.06s
βœ… COPYPASTE jscpd yes no 1.25s
βœ… JSON jsonlint 4 0 0.19s
βœ… JSON prettier 4 0 0 0.61s
βœ… JSON v8r 4 0 3.22s
⚠️ MARKDOWN markdownlint 3 0 4 0.76s
❌ MARKDOWN markdown-link-check 3 2 11.44s
βœ… MARKDOWN markdown-table-formatter 3 0 0 0.33s
❌ REPOSITORY checkov yes 9 10.56s
βœ… REPOSITORY gitleaks yes no 0.09s
βœ… REPOSITORY git_diff yes no 0.0s
βœ… REPOSITORY grype yes no 10.05s
❌ REPOSITORY kics yes 13 2.57s
βœ… REPOSITORY secretlint yes no 0.63s
βœ… REPOSITORY trivy yes no 4.61s
βœ… REPOSITORY trivy-sbom yes no 4.18s
βœ… REPOSITORY trufflehog yes no 2.64s
❌ SPELL cspell 22 41 3.83s
❌ SPELL lychee 18 1 1.55s
βœ… YAML prettier 11 2 0 0.82s
βœ… YAML v8r 11 0 7.41s
βœ… YAML yamllint 11 0 0.29s

See detailed report in MegaLinter reports

_MegaLinter is graciously provided by OX Security_