github-actions[bot]
commented
2 months ago 🦙 MegaLinter status: ❌ ERROR
| Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|---|---|---|---|---|
| ✅ ACTION | actionlint | 4 | 0 | 0.04s | |
| ✅ DOCKERFILE | hadolint | 2 | 0 | 0.1s | |
| ✅ EDITORCONFIG | editorconfig-checker | 66 | 0 | 0.26s | |
| ✅ GROOVY | npm-groovy-lint | 2 | 0 | 9.23s | |
| ✅ JAVA | checkstyle | 18 | 0 | 4.73s | |
| ✅ JSON | jsonlint | 5 | 0 | 0.23s | |
| ✅ JSON | prettier | 5 | 0 | 1.85s | |
| ✅ JSON | v8r | 5 | 0 | 3.81s | |
| ✅ MARKDOWN | markdownlint | 2 | 0 | 0.75s | |
| ✅ PYTHON | bandit | 1 | 0 | 0.85s | |
| ✅ PYTHON | black | 1 | 0 | 0.6s | |
| ✅ PYTHON | flake8 | 1 | 0 | 0.4s | |
| ✅ PYTHON | isort | 1 | 0 | 0.36s | |
| ✅ PYTHON | mypy | 1 | 0 | 7.68s | |
| ✅ PYTHON | ruff | 1 | 0 | 0.04s | |
| ✅ REPOSITORY | checkov | yes | no | 15.35s | |
| ✅ REPOSITORY | gitleaks | yes | no | 1.73s | |
| ✅ REPOSITORY | git_diff | yes | no | 0.05s | |
| ✅ REPOSITORY | grype | yes | no | 14.48s | |
| ✅ REPOSITORY | kics | yes | no | 4.84s | |
| ✅ REPOSITORY | secretlint | yes | no | 0.92s | |
| ✅ REPOSITORY | syft | yes | no | 2.36s | |
| ❌ REPOSITORY | trivy | yes | 1 | 7.4s | |
| ✅ REPOSITORY | trivy-sbom | yes | no | 5.86s | |
| ✅ REPOSITORY | trufflehog | yes | no | 3.65s | |
| ✅ XML | xmllint | 1 | 0 | 0.03s | |
| ✅ YAML | prettier | 17 | 0 | 1.11s | |
| ✅ YAML | yamllint | 17 | 0 | 0.52s |
See detailed report in MegaLinter reports
You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.
_MegaLinter is graciously provided by 
_
miracum-bot
This PR contains the following updates:
v4.1.4->v4.1.7v4.1.4->v4.1.7e9fabac->0723387v3.25.3->v3.25.11v1.8.3->v1.10.2v2.3.1->v2.3.3Release Notes
actions/checkout (actions/checkout)
### [`v4.1.7`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v417) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.6...v4.1.7) - Bump the minor-npm-dependencies group across 1 directory with 4 updates by [@dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1739](https://togithub.com/actions/checkout/pull/1739) - Bump actions/checkout from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1697](https://togithub.com/actions/checkout/pull/1697) - Check out other refs/\* by commit by [@orhantoy](https://togithub.com/orhantoy) in [https://github.com/actions/checkout/pull/1774](https://togithub.com/actions/checkout/pull/1774) - Pin actions/checkout's own workflows to a known, good, stable version. by [@jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1776](https://togithub.com/actions/checkout/pull/1776) ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1732](https://togithub.com/actions/checkout/pull/1732) ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703) - Bump github/codeql-action from 2 to 3 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694) - Bump actions/setup-node from 1 to 4 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696) - Bump actions/upload-artifact from 2 to 4 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695) - README: Suggest `user.email` to be `41898282+github-actions[bot]@users.noreply.github.com` by [@cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707) **Full Changelog**: https://github.com/actions/checkout/compare/v4.1.4...v4.1.5actions/download-artifact (actions/download-artifact)
### [`v4.1.7`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.7) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.6...v4.1.7) #### What's Changed - Update [@actions/artifact](https://togithub.com/actions/artifact) dependency by [@bethanyj28](https://togithub.com/bethanyj28) in [https://github.com/actions/download-artifact/pull/325](https://togithub.com/actions/download-artifact/pull/325) **Full Changelog**: https://github.com/actions/download-artifact/compare/v4.1.6...v4.1.7 ### [`v4.1.6`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.6) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.5...v4.1.6) #### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/download-artifact/pull/324](https://togithub.com/actions/download-artifact/pull/324) **Full Changelog**: https://github.com/actions/download-artifact/compare/v4.1.5...v4.1.6 ### [`v4.1.5`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.4...v4.1.5) #### What's Changed - Update readme with v3/v2/v1 deprecation notice by [@robherley](https://togithub.com/robherley) in [https://github.com/actions/download-artifact/pull/322](https://togithub.com/actions/download-artifact/pull/322) - Update dependencies `@actions/core` to v1.10.1 and `@actions/artifact` to v2.1.5 **Full Changelog**: https://github.com/actions/download-artifact/compare/v4.1.4...v4.1.5github/codeql-action (github/codeql-action)
### [`v3.25.11`](https://togithub.com/github/codeql-action/compare/v3.25.10...v3.25.11) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.10...v3.25.11) ### [`v3.25.10`](https://togithub.com/github/codeql-action/compare/v3.25.9...v3.25.10) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.9...v3.25.10) ### [`v3.25.9`](https://togithub.com/github/codeql-action/compare/v3.25.8...v3.25.9) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.8...v3.25.9) ### [`v3.25.8`](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8) ### [`v3.25.7`](https://togithub.com/github/codeql-action/compare/v3.25.6...v3.25.7) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.6...v3.25.7) ### [`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)miracum/.github (miracum/.github)
### [`v1.10.2`](https://togithub.com/miracum/.github/releases/tag/v1.10.2) [Compare Source](https://togithub.com/miracum/.github/compare/v1.10.1...v1.10.2) ##### Bug Fixes - set trivy ignore-unfixed to `true` by default ([#65](https://togithub.com/miracum/.github/issues/65)) ([db8574b](https://togithub.com/miracum/.github/commit/db8574b42e0c528f9cddc1ce84a40a837283cee0)) ### [`v1.10.1`](https://togithub.com/miracum/.github/releases/tag/v1.10.1) [Compare Source](https://togithub.com/miracum/.github/compare/v1.10.0...v1.10.1) ##### CI/CD - create scorecard.yaml ([#62](https://togithub.com/miracum/.github/issues/62)) ([f5c80e0](https://togithub.com/miracum/.github/commit/f5c80e07c8fc2075aef9d34f4c3bc0aa168de313)) ##### Miscellaneous Chores - **deps:** update docker/build-push-action action to v6 ([#64](https://togithub.com/miracum/.github/issues/64)) ([e658df8](https://togithub.com/miracum/.github/commit/e658df8deaac2d762eb91585c81d9e7cae0230f7)) - **deps:** update github-actions ([#63](https://togithub.com/miracum/.github/issues/63)) ([9df18a3](https://togithub.com/miracum/.github/commit/9df18a3ffadf0c24b306e24226bb7f0449c2b286)) ### [`v1.10.0`](https://togithub.com/miracum/.github/releases/tag/v1.10.0) [Compare Source](https://togithub.com/miracum/.github/compare/v1.9.2...v1.10.0) ##### Features - harden runner for build and release jobs ([#61](https://togithub.com/miracum/.github/issues/61)) ([d53f448](https://togithub.com/miracum/.github/commit/d53f448b46aa81c7c877e45a0ae641bb93d5fd7c)) ### [`v1.9.2`](https://togithub.com/miracum/.github/releases/tag/v1.9.2) [Compare Source](https://togithub.com/miracum/.github/compare/v1.9.1...v1.9.2) ##### Miscellaneous Chores - **deps:** update all non-major dependencies ([#57](https://togithub.com/miracum/.github/issues/57)) ([54ebc8d](https://togithub.com/miracum/.github/commit/54ebc8d668bc1882e69e92b58ae29eb542cd3fad)) - **deps:** update gcr.io/distroless/python3-debian12:nonroot docker digest to [`14c62b8`](https://togithub.com/miracum/.github/commit/14c62b8) ([#56](https://togithub.com/miracum/.github/issues/56)) ([5eab4c7](https://togithub.com/miracum/.github/commit/5eab4c7bf6a5b1475f0c8b4d1e38e379a48f7a0a)) - **deps:** update github-actions ([#60](https://togithub.com/miracum/.github/issues/60)) ([dee5806](https://togithub.com/miracum/.github/commit/dee5806b344d4370c1edc52ac4fd196c3160aec7)) ### [`v1.9.1`](https://togithub.com/miracum/.github/releases/tag/v1.9.1) [Compare Source](https://togithub.com/miracum/.github/compare/v1.9.0...v1.9.1) ##### Miscellaneous Chores - **deps:** update github-actions ([#58](https://togithub.com/miracum/.github/issues/58)) ([614627d](https://togithub.com/miracum/.github/commit/614627d88ea531acb0b0f321f507b2c7c91a721d)) ### [`v1.9.0`](https://togithub.com/miracum/.github/releases/tag/v1.9.0) [Compare Source](https://togithub.com/miracum/.github/compare/v1.8.3...v1.9.0) ##### Features - show vuln severity counts in summary ([a12c29b](https://togithub.com/miracum/.github/commit/a12c29b6632a76314d8ccbb5a508e3be4111a5ee)) ##### Miscellaneous Chores - migrate to gradle/actions/wrapper-validation ([#59](https://togithub.com/miracum/.github/issues/59)) ([6687811](https://togithub.com/miracum/.github/commit/6687811887c6afb0cbbc3ee61eb5ae2f1365a06a))ossf/scorecard-action (ossf/scorecard-action)
### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - :seedling: Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1366](https://togithub.com/ossf/scorecard-action/pull/1366) - :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1374](https://togithub.com/ossf/scorecard-action/pull/1374) - :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1377](https://togithub.com/ossf/scorecard-action/pull/1377) For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - :book: Move token discussion out of main README. by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1279](https://togithub.com/ossf/scorecard-action/pull/1279) - :book: link to `ossf/scorecard` workflow instead of maintaining an example by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1352](https://togithub.com/ossf/scorecard-action/pull/1352) - :book: update api links to new scorecard.dev site by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1376](https://togithub.com/ossf/scorecard-action/pull/1376) **Full Changelog**: https://github.com/ossf/scorecard-action/compare/v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)Configuration
📅 Schedule: Branch creation - "every 3 months on the first day of the month" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Mend Renovate. View repository job log here.