Closed wesley-dean-gsa closed 2 weeks ago
Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
---|---|---|---|---|---|
✅ ACTION | actionlint | 4 | 0 | 0.1s | |
⚠️ CSS | scss-lint | 2 | 1 | 3.44s | |
✅ JAVASCRIPT | prettier | 6 | 0 | 0 | 1.09s |
✅ JSON | jsonlint | 7 | 0 | 0.37s | |
✅ JSON | npm-package-json-lint | yes | no | 0.66s | |
✅ JSON | prettier | 7 | 0 | 0 | 1.4s |
✅ JSON | v8r | 7 | 0 | 11.23s | |
✅ MARKDOWN | markdownlint | 20 | 0 | 0 | 1.98s |
✅ MARKDOWN | markdown-link-check | 20 | 0 | 10.24s | |
✅ MARKDOWN | markdown-table-formatter | 20 | 0 | 0 | 0.45s |
✅ REPOSITORY | checkov | yes | no | 14.75s | |
✅ REPOSITORY | gitleaks | yes | no | 0.2s | |
✅ REPOSITORY | git_diff | yes | no | 0.24s | |
⚠️ REPOSITORY | grype | yes | 3 | 14.3s | |
✅ REPOSITORY | secretlint | yes | no | 2.59s | |
⚠️ REPOSITORY | trivy | yes | 1 | 9.1s | |
✅ REPOSITORY | trivy-sbom | yes | no | 1.45s | |
✅ REPOSITORY | trufflehog | yes | no | 4.94s | |
⚠️ SPELL | cspell | 20 | 1 | 2.7s | |
✅ YAML | prettier | 14 | 0 | 0 | 1.47s |
✅ YAML | v8r | 11 | 0 | 13.23s | |
✅ YAML | yamllint | 14 | 0 | 0.61s |
See detailed report in MegaLinter reports
For over 50 years, GSA has been...
• Error: Duplicate id attribute value "svg-bedding" found on the web page. ├── WCAG2AA.Principle4.Guideline4_1.4_1_1.F77 ├── #svg-bedding └──For over 50 years, GSA has been...
• Error: Duplicate id attribute value "svg-bedding" found on the web page. ├── WCAG2AA.Principle4.Guideline4_1.4_1_1.F77 ├── #svg-bedding └──~We have opted not to enable script integrity hashes at this time. Accepting this poses minimal risk given that of the three libraries being imported, two are TTS-supported (DAP and Search). The decision will be further documented in an ADR.~
This comment was for a different PR
I closed the wrong PR. Oopsies.
For over 50 years, GSA has been...
1 Errors ```The repo is configured to require that commits must be signed. Without signing, branches can't be merged:
Those unsigned commits are coming from MegaLinter:
This will add commit signing with a GPG key. Documentation on the commit action may be found here:
https://github.com/stefanzweifel/git-auto-commit-action#signing-commits
..and importing the GPG key may be found here:
https://github.com/crazy-max/ghaction-import-gpg
security considerations
This will help us maintain the "force signed commits" option.