chore(deps): update github-actions

renovate[bot] commented 1 year ago

This PR contains the following updates:

Package	Type	Update	Change
actions/checkout	action	minor	`v3.1.0` -> `v3.2.0`
actions/checkout	action	digest	`2541b12` -> `755da8c`
actions/download-artifact	action	patch	`v3.0.0` -> `v3.0.1`
actions/upload-artifact	action	patch	`v3.1.0` -> `v3.1.1`
aquasecurity/trivy-action	action	minor	`0.7.1` -> `0.8.0`
docker/build-push-action	action	digest	`c84f382` -> `c56af95`
docker/login-action	action	digest	`49ed152` -> `f4ef78c`
docker/metadata-action	action	digest	`69f6fc9` -> `5739616`
docker/setup-buildx-action	action	digest	`dc7b971` -> `8c0edbc`
docker/setup-qemu-action	action	digest	`8b12248` -> `e81a89b`
github/codeql-action	action	patch	`v2.1.27` -> `v2.1.37`
github/codeql-action	action	digest	`4c8f137` -> `959cbb7`
helm/kind-action	action	minor	`v1.4.0` -> `v1.5.0`
iter8-tools/iter8	action	patch	`v0.12.3` -> `v0.12.4`
marocchino/sticky-pull-request-comment	action	minor	`v2.2.0` -> `v2.3.1`
ossf/scorecard-action	action	minor	`v2.0.6` -> `v2.1.2`
oxsecurity/megalinter	action	minor	`v6.11.1` -> `v6.17.0`
sigstore/cosign-installer	action	minor	`v2.6.0` -> `v2.8.1`

Release Notes

actions/checkout

### [`v3.2.0`](https://togithub.com/actions/checkout/releases/tag/v3.2.0) [Compare Source](https://togithub.com/actions/checkout/compare/v3.1.0...v3.2.0) #### What's Changed - Add GitHub Action to perform release by [@rentziass](https://togithub.com/rentziass) in [https://github.com/actions/checkout/pull/942](https://togithub.com/actions/checkout/pull/942) - Fix status badge by [@ScottBrenner](https://togithub.com/ScottBrenner) in [https://github.com/actions/checkout/pull/967](https://togithub.com/actions/checkout/pull/967) - Replace datadog/squid with ubuntu/squid Docker image by [@cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1002](https://togithub.com/actions/checkout/pull/1002) - Wrap pipeline commands for submoduleForeach in quotes by [@jokreliable](https://togithub.com/jokreliable) in [https://github.com/actions/checkout/pull/964](https://togithub.com/actions/checkout/pull/964) - Update [@actions/io](https://togithub.com/actions/io) to 1.1.2 by [@cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1029](https://togithub.com/actions/checkout/pull/1029) - Upgrading version to 3.2.0 by [@vmjoseph](https://togithub.com/vmjoseph) in [https://github.com/actions/checkout/pull/1039](https://togithub.com/actions/checkout/pull/1039) #### New Contributors - [@ScottBrenner](https://togithub.com/ScottBrenner) made their first contribution in [https://github.com/actions/checkout/pull/967](https://togithub.com/actions/checkout/pull/967) - [@cory-miller](https://togithub.com/cory-miller) made their first contribution in [https://github.com/actions/checkout/pull/1002](https://togithub.com/actions/checkout/pull/1002) - [@jokreliable](https://togithub.com/jokreliable) made their first contribution in [https://github.com/actions/checkout/pull/964](https://togithub.com/actions/checkout/pull/964) - [@vmjoseph](https://togithub.com/vmjoseph) made their first contribution in [https://github.com/actions/checkout/pull/1039](https://togithub.com/actions/checkout/pull/1039) **Full Changelog**: https://github.com/actions/checkout/compare/v3...v3.2.0

actions/download-artifact

### [`v3.0.1`](https://togithub.com/actions/download-artifact/releases/tag/v3.0.1) [Compare Source](https://togithub.com/actions/download-artifact/compare/v3.0.0...v3.0.1) - [Bump @actions/core to 1.10.0](https://togithub.com/actions/download-artifact/pull/178)

actions/upload-artifact

### [`v3.1.1`](https://togithub.com/actions/upload-artifact/releases/tag/v3.1.1) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v3.1.0...v3.1.1) - Update actions/core package to latest version to remove `set-output` deprecation warning [#351](https://togithub.com/actions/upload-artifact/issues/351)

aquasecurity/trivy-action

### [`v0.8.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.8.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.7.1...0.8.0) #### What's Changed - Add npm to action Dockerfile by [@VaismanLior](https://togithub.com/VaismanLior) in [https://github.com/aquasecurity/trivy-action/pull/176](https://togithub.com/aquasecurity/trivy-action/pull/176) - Add 0.34.0 release by [@L1ghtman2k](https://togithub.com/L1ghtman2k) in [https://github.com/aquasecurity/trivy-action/pull/177](https://togithub.com/aquasecurity/trivy-action/pull/177) #### New Contributors - [@VaismanLior](https://togithub.com/VaismanLior) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/176](https://togithub.com/aquasecurity/trivy-action/pull/176) - [@L1ghtman2k](https://togithub.com/L1ghtman2k) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/177](https://togithub.com/aquasecurity/trivy-action/pull/177) **Full Changelog**: https://github.com/aquasecurity/trivy-action/compare/0.7.1...0.8.0

github/codeql-action

### [`v2.1.37`](https://togithub.com/github/codeql-action/compare/v2.1.36...v2.1.37) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.1.36...v2.1.37) ### [`v2.1.36`](https://togithub.com/github/codeql-action/compare/v2.1.35...v2.1.36) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.1.35...v2.1.36) ### [`v2.1.35`](https://togithub.com/github/codeql-action/compare/v2.1.34...v2.1.35) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.1.34...v2.1.35) ### [`v2.1.34`](https://togithub.com/github/codeql-action/compare/v2.1.33...v2.1.34) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.1.33...v2.1.34) ### [`v2.1.33`](https://togithub.com/github/codeql-action/compare/v2.1.32...v2.1.33) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.1.32...v2.1.33) ### [`v2.1.32`](https://togithub.com/github/codeql-action/compare/v2.1.31...v2.1.32) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.1.31...v2.1.32) ### [`v2.1.31`](https://togithub.com/github/codeql-action/compare/v2.1.30...v2.1.31) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.1.30...v2.1.31) ### [`v2.1.30`](https://togithub.com/github/codeql-action/compare/v2.1.29...v2.1.30) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.1.29...v2.1.30) ### [`v2.1.29`](https://togithub.com/github/codeql-action/compare/v2.1.28...v2.1.29) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.1.28...v2.1.29) ### [`v2.1.28`](https://togithub.com/github/codeql-action/compare/v2.1.27...v2.1.28) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.1.27...v2.1.28)

helm/kind-action

### [`v1.5.0`](https://togithub.com/helm/kind-action/releases/tag/v1.5.0) [Compare Source](https://togithub.com/helm/kind-action/compare/v1.4.0...v1.5.0) #### What's Changed - Fixing issue [#68](https://togithub.com/helm/kind-action/issues/68) - kind.sh: line 60: dpkg: command not found by [@tglaeser](https://togithub.com/tglaeser) in [https://github.com/helm/kind-action/pull/69](https://togithub.com/helm/kind-action/pull/69) - fix: add aarch64 for uname case by [@JorTurFer](https://togithub.com/JorTurFer) in [https://github.com/helm/kind-action/pull/71](https://togithub.com/helm/kind-action/pull/71) - Update version in the example workflow by [@tomplus](https://togithub.com/tomplus) in [https://github.com/helm/kind-action/pull/72](https://togithub.com/helm/kind-action/pull/72) - bump kind to use v0.17.0 and kubectl v1.25.5 by [@cpanato](https://togithub.com/cpanato) in [https://github.com/helm/kind-action/pull/73](https://togithub.com/helm/kind-action/pull/73) #### New Contributors - [@tglaeser](https://togithub.com/tglaeser) made their first contribution in [https://github.com/helm/kind-action/pull/69](https://togithub.com/helm/kind-action/pull/69) - [@tomplus](https://togithub.com/tomplus) made their first contribution in [https://github.com/helm/kind-action/pull/72](https://togithub.com/helm/kind-action/pull/72) **Full Changelog**: https://github.com/helm/kind-action/compare/v1...v1.5.0

iter8-tools/iter8

### [`v0.12.4`](https://togithub.com/iter8-tools/iter8/releases/tag/v0.12.4): Version 0.12.4 of Iter8 [Compare Source](https://togithub.com/iter8-tools/iter8/compare/v0.12.3...v0.12.4) #### What’s Changed - [#1379](https://togithub.com/iter8-tools/iter8/issues/1379): Fixing post-release tests that use GHA

marocchino/sticky-pull-request-comment

### [`v2.3.1`](https://togithub.com/marocchino/sticky-pull-request-comment/releases/tag/v2.3.1) [Compare Source](https://togithub.com/marocchino/sticky-pull-request-comment/compare/v2.3.0...v2.3.1) - Update deps - Change ignore empty default from true to false (This change will fix bug delete or hide comment not works) ### [`v2.3.0`](https://togithub.com/marocchino/sticky-pull-request-comment/releases/tag/v2.3.0) [Compare Source](https://togithub.com/marocchino/sticky-pull-request-comment/compare/v2.2.1...v2.3.0) - Support glob path - Add `follow_symbolic_links` for path - Add `ignore_empty` for skip empty body - Update README for new output syntax ### [`v2.2.1`](https://togithub.com/marocchino/sticky-pull-request-comment/releases/tag/v2.2.1): Update deps [Compare Source](https://togithub.com/marocchino/sticky-pull-request-comment/compare/v2.2.0...v2.2.1) - Use node 16 - Update npm deps

ossf/scorecard-action

### [`v2.1.2`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.1.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2) #### What's Changed ##### Fixes - 🌱 Bump scorecard dependency to v4.10.2 to remove a CODEOWNERS printf statement. by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1054](https://togithub.com/ossf/scorecard-action/pull/1054) **Full Changelog**: https://github.com/ossf/scorecard-action/compare/v2.1.1...v2.1.2 ### [`v2.1.1`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.1.1) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1) #### Scorecard version This release use [Scorecard's v4.10.1](https://togithub.com/ossf/scorecard/releases/tag/v4.10.1) **Full Changelog**: https://github.com/ossf/scorecard-action/compare/v2.1.0...v2.1.1 ### [`v2.1.0`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.1.0) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.0.6...v2.1.0) #### What's Changed ##### Scorecard version This release uses [scorecard v4.10.0](https://togithub.com/ossf/scorecard/releases/tag/v4.10.0). ##### Improvements - Docker build workflow by [@naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/ossf/scorecard-action/pull/981](https://togithub.com/ossf/scorecard-action/pull/981) - Use root user in distroless to support GitHub Actions by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/994](https://togithub.com/ossf/scorecard-action/pull/994) - Disable pull_request_target by [@laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/ossf/scorecard-action/pull/1031](https://togithub.com/ossf/scorecard-action/pull/1031) ##### Documentation - Add PAT section explaining risks by [@olivekl](https://togithub.com/olivekl) in [https://github.com/ossf/scorecard-action/pull/1024](https://togithub.com/ossf/scorecard-action/pull/1024) - Make the badge text easier to copy by [@rajbos](https://togithub.com/rajbos) in [https://github.com/ossf/scorecard-action/pull/1026](https://togithub.com/ossf/scorecard-action/pull/1026) #### New Contributors - [@joycebrum](https://togithub.com/joycebrum) made their first contribution in [https://github.com/ossf/scorecard-action/pull/984](https://togithub.com/ossf/scorecard-action/pull/984) - [@rajbos](https://togithub.com/rajbos) made their first contribution in [https://github.com/ossf/scorecard-action/pull/1026](https://togithub.com/ossf/scorecard-action/pull/1026) **Full Changelog**: https://github.com/ossf/scorecard-action/compare/v2.0.6...v2.1.0

oxsecurity/megalinter

### [`v6.17.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v6170---2022-12-27) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v6.16.0...v6.17.0) - New linters - Add PowerShell formatter, by [@bdovaz](https://togithub.com/bdovaz) ([#2176](https://togithub.com/oxsecurity/megalinter/pull/2176)) - Documentation - Improve meta tags in HTML documentation - Clarify how npm-package-json-lint files can be ignored, by [@bdovaz](https://togithub.com/bdovaz) ([#2184](https://togithub.com/oxsecurity/megalinter/pull/2184)) - Linter versions upgrades - [djlint](https://djlint.com/) from 1.19.9 to **1.19.10** - [dotenv-linter](https://dotenv-linter.github.io/) from 3.2.0 to **3.3.0** - [powershell_formatter](https://togithub.com/PowerShell/PSScriptAnalyzer) from 5.1.22621 to **7.3.1** - [tflint](https://togithub.com/terraform-linters/tflint) from 0.43.0 to **0.44.0** ### [`v6.16.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v6160---2022-12-24) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v6.15.0...v6.16.0) - New linters - Add [npm-package-json-lint](https://togithub.com/tclindner/npm-package-json-lint) linter, by [@bdovaz](https://togithub.com/bdovaz) ([#2150](https://togithub.com/oxsecurity/megalinter/pull/2150)) - Evolutions - Upgrade to alpine 3.16 - Disable php7 & upgrade php8 to php81 - Add Makefile linters to documentation flavor - PowershellLinter autofix capability, by [@bdovaz](https://togithub.com/bdovaz) ([#2175](https://togithub.com/oxsecurity/megalinter/pull/2175)) - Allow local files with EXTENDS configuration, by [@bdovaz](https://togithub.com/bdovaz) ([#2151](https://togithub.com/oxsecurity/megalinter/pull/2151)) - Add Trivy config file parameters, by [@bdovaz](https://togithub.com/bdovaz) ([#2154](https://togithub.com/oxsecurity/megalinter/pull/2154)) - Fixes - Change reporter text for better UX, by [@ashokm](https://togithub.com/ashokm) ([#2168](https://togithub.com/oxsecurity/megalinter/pull/2168)) - Remove workspace prefix from aggregate sarif report, by [@janderssonse](https://togithub.com/janderssonse) ([#2119](https://togithub.com/oxsecurity/megalinter/pull/2119)) - CSpell file name linting does not use (custom) CSpell configuration ([#2058](https://togithub.com/oxsecurity/megalinter/issues/2058)) - HTML email not rendering correctly ([#2120](https://togithub.com/oxsecurity/megalinter/issues/2120)). Set `REPORTERS_MARKDOWN_TYPE` to `simple` to avoid external images in PR/MR markdown comments. - mega-linter-runner: Fix Value for container-name of type String required, by [@AlbanAndrieu](https://togithub.com/AlbanAndrieu) ([#2123](https://togithub.com/oxsecurity/megalinter/pull/2123) - Use warning emoji in reporters, by [@ashokm](https://togithub.com/ashokm) ([#2156](https://togithub.com/oxsecurity/megalinter/pull/2156)) - Fix branding to use the correct 'OX Security' name, by [@ashokm](https://togithub.com/ashokm) - Doc - Enclose System.TeamProject in Azure Pipelines, by [@ashokm](https://togithub.com/ashokm) ([#2131](https://togithub.com/oxsecurity/megalinter/pull/2131)) - Better contributing docs, by [@bdovaz](https://togithub.com/bdovaz) ([#2162](https://togithub.com/oxsecurity/megalinter/pull/2162)) - Linter versions upgrades - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.12.40 to **0.13.1** - [black](https://black.readthedocs.io/en/stable/) from 22.10.0 to **22.12.0** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.72.0 to **0.72.5** - [checkstyle](https://checkstyle.sourceforge.io) from 10.4 to **10.5.0** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.65 to **0.1.66** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2022.10.14 to **2022.12.10** - [cspell](https://togithub.com/streetsidesoftware/cspell/tree/master/packages/cspell) from 6.14.3 to **6.18.0** - [djlint](https://djlint.com/) from 1.19.7 to **1.19.9** - [eslint](https://eslint.org) from 8.28.0 to **8.29.0** to **8.30.0** - [git_diff](https://git-scm.com) from 2.34.5 to **2.36.3** - [gitleaks](https://togithub.com/zricethezav/gitleaks) from 8.15.0 to **8.15.2** - [isort](https://pycqa.github.io/isort/) from 5.10.1 to **5.11.4** - [kics](https://www.kics.io) from 1.6.5 to **1.6.6** - [ktlint](https://ktlint.github.io) from 0.47.1 to **0.48.0** - [luacheck](https://luacheck.readthedocs.io) from 1.0.0 to **1.1.0** - [perlcritic](https://metacpan.org/pod/Perl::Critic) from 1.140 to **1.146** - [phplint](https://togithub.com/overtrue/phplint) from 3.0 to **5.4** - [phpstan](https://phpstan.org/) from 1.9.2 to **1.9.4** - [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.0 to **7.3.1** - [prettier](https://prettier.io/) from 2.8.0 to **2.8.1** - [psalm](https://psalm.dev) from Psalm.4.x-dev@ to **Psalm.dev-master@** - [pylint](https://pylint.pycqa.org) from 2.15.6 to **2.15.9** - [rubocop](https://rubocop.org/) from 1.39.0 to **1.41.1** - [semgrep](https://semgrep.dev/) from 0.122.0 to **1.2.1** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.6.2 to **3.7.1** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.6.2 to **3.7.1** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.6.2 to **3.7.1** - [shellcheck](https://togithub.com/koalaman/shellcheck) from 0.8.0 to **0.9.0** - [snakefmt](https://togithub.com/snakemake/snakefmt) from 0.7.0 to **0.8.0** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.18.2 to **7.19.1** - [sqlfluff](https://www.sqlfluff.com/) from 1.4.2 to **1.4.5** - [stylelint](https://stylelint.io) from 14.15.0 to **14.16.0** - [swiftlint](https://togithub.com/realm/SwiftLint) from 0.50.0 to **0.50.3** - [syft](https://togithub.com/anchore/syft) from 0.62.1 to **0.64.0** - [terraform-fmt](https://www.terraform.io/docs/cli/commands/fmt.html) from 1.3.5 to **1.3.6** - [terragrunt](https://terragrunt.gruntwork.io) from 0.40.2 to **0.42.3** - [terrascan](https://www.accurics.com/products/terrascan/) from 1.17.0 to **1.16.0** - [tflint](https://togithub.com/terraform-linters/tflint) from 0.42.1 to **0.43.0** - [trivy](https://aquasecurity.github.io/trivy/) from 0.29.2 to **0.35.0** - [v8r](https://togithub.com/chris48s/v8r) from 0.13.0 to **0.13.1** ### [`v6.15.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v6150---2022-11-23) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v6.14.0...v6.15.0) - Switch to - Initial Drone CI documentation - Automatically generate "Used by" markdown documentation with [github-dependents-info](https://togithub.com/nvuillam/github-dependents-info) - Add Docker container documentation - Linter versions upgrades - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.12.1 to **0.12.40** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.70.1 to **0.72.0** - [coffeelint](http://www.coffeelint.org) from 5.2.10 to **5.2.11** - [cspell](https://togithub.com/streetsidesoftware/cspell/tree/master/packages/cspell) from 6.14.0 to **6.14.3** - [djlint](https://djlint.com/) from 1.19.4 to **1.19.7** - [eslint](https://eslint.org) from 8.27.0 to **8.28.0** - [flake8](https://flake8.pycqa.org) from 5.0.4 to **6.0.0** - [hadolint](https://togithub.com/hadolint/hadolint) from 2.10.0 to **2.12.0** - [kics](https://www.kics.io) from 1.6.3 to **1.6.5** - [mypy](https://mypy.readthedocs.io/en/stable/) from 0.982 to **0.991** - [phpstan](https://phpstan.org/) from 1.9.1 to **1.9.2** - [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.2.7 to **7.3.0** - [prettier](https://prettier.io/) from 2.7.1 to **2.8.0** - [protolint](https://togithub.com/yoheimuta/protolint) from 0.41.0 to **0.42.2** - [psalm](https://psalm.dev) from Psalm.5.x-dev@ to **Psalm.4.x-dev@** - [pylint](https://pylint.pycqa.org) from 2.15.5 to **2.15.6** - [rstcheck](https://togithub.com/myint/rstcheck) from 6.1.0 to **6.1.1** - [rubocop](https://rubocop.org/) from 1.38.0 to **1.39.0** - [semgrep](https://semgrep.dev/) from 0.120.0 to **0.122.0** - [snakefmt](https://togithub.com/snakemake/snakefmt) from 0.6.1 to **0.7.0** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.18.1 to **7.18.2** - [sqlfluff](https://www.sqlfluff.com/) from 1.4.1 to **1.4.2** - [stylelint](https://stylelint.io) from 14.14.1 to **14.15.0** - [swiftlint](https://togithub.com/realm/SwiftLint) from 0.46.5 to **0.50.0** - [syft](https://togithub.com/anchore/syft) from 0.60.3 to **0.62.1** - [terraform-fmt](https://www.terraform.io/docs/cli/commands/fmt.html) from 1.3.4 to **1.3.5** - [terragrunt](https://terragrunt.gruntwork.io) from 0.40.0 to **0.40.2** - [terrascan](https://www.accurics.com/products/terrascan/) from 1.16.0 to **1.17.0** ### [`v6.14.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v6140---2022-11-06) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v6.13.0...v6.14.0) - Core - Replace `set-output` usage with `GITHUB_OUTPUT` to handle [Github deprecation notice](https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/) - Allow [PRE_COMMANDS](https://oxsecurity.github.io/megalinter/latest/configuration/#pre-commands) to be defined within a python venv ([#2017](https://togithub.com/oxsecurity/megalinter/issues/2017)) - Correct behavior of `EXTENDS` property in `.megalinter.yml` config file ([#1516](https://togithub.com/oxsecurity/megalinter/issues/1516)) - Fix flavor suggestion message in reporters - New MegaLinter plugin: [mustache](https://togithub.com/one-acre-fund/mega-linter-plugin-logstash): Plugin to validate [Logstash](https://www.elastic.co/guide/en/logstash/current/configuration.html) pipeline definition files using [mustache](https://togithub.com/breml/logstash-config), by [Yann Jouanique](https://togithub.com/Yann-J) - Linters - Bring back [rstfmt](https://oxsecurity.github.io/megalinter/latest/descriptors/rst_rstfmt/) RestructuredText formatter - Add the SPELL_\*\_FILE_EXTENSIONS parameter for each SPELL type linter. If set, it will use this value to filter instead of the default behavior which is to parse the files of all other linters executed ([#1997](https://togithub.com/oxsecurity/megalinter/issues/1997)). - Allow cspell to also analyze file names (new variable SPELL_CSPELL_ANALYZE_FILE_NAMES) ([#2009](https://togithub.com/oxsecurity/megalinter/issues/2009)) - Fix bicep version regex - Linter versions upgrades - [actionlint](https://rhysd.github.io/actionlint/) from 1.6.21 to **1.6.22** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.11.1 to to **0.12.1** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.68.1 to **0.70.1** - [checkstyle](https://checkstyle.sourceforge.io) from 10.3.4 to **10.4** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.64 to **0.1.65** - [cspell](https://togithub.com/streetsidesoftware/cspell/tree/master/packages/cspell) from 6.12.0 to **6.14.0** - [djlint](https://djlint.com/) from 1.19.2 to **1.19.4** - [eslint-plugin-jsonc](https://ota-meshi.github.io/eslint-plugin-jsonc/) from 2.4.0 to **2.5.0** - [eslint](https://eslint.org) from 8.26.0 to **8.27.0** - [kics](https://www.kics.io) from 1.6.2 to **1.6.3** - [kubeconform](https://togithub.com/yannh/kubeconform) from 0.4.12 to **0.5.0** - [npm-groovy-lint](https://nvuillam.github.io/npm-groovy-lint/) from 11.0.0 to **11.1.1** - [phpstan](https://phpstan.org/) from 1.8.10 to **1.9.1** - [revive](https://revive.run/) from 0.0.0 to **1.2.4** - [rstfmt](https://togithub.com/dzhu/rstfmt) from 0.0.10 to **0.0.11** - [rubocop](https://rubocop.org/) from 1.37.0 to **1.38.0** - [secretlint](https://togithub.com/secretlint/secretlint) from 5.2.4 to **5.3.0** - [semgrep](https://semgrep.dev/) from 0.118.0 to **0.120.0** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 2.13.9 to **3.6.2** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 2.13.9 to **3.6.2** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 2.13.9 to **3.6.2** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.16.1 to **7.18.1** - [sqlfluff](https://www.sqlfluff.com/) from 1.3.2 to **1.4.1** - [stylelint](https://stylelint.io) from 14.14.0 to **14.14.1** - [syft](https://togithub.com/anchore/syft) from 0.59.0 to **0.60.3** - [terraform-fmt](https://www.terraform.io/docs/cli/commands/fmt.html) from 1.3.3 to **1.3.4** - [terragrunt](https://terragrunt.gruntwork.io) from 0.39.2 to **0.40.0** - [tflint](https://togithub.com/terraform-linters/tflint) from 0.41.0 to **0.42.1** - [yamllint](https://yamllint.readthedocs.io/) from 1.26.3 to **1.26.3** ### [`v6.13.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v6130---2022-10-24) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v6.12.0...v6.13.0) - New [cupcake flavor](https://oxsecurity.github.io/megalinter/beta/flavors/cupcake/#readme) with 78 instead of 108 linters - Don't add literal double quote character to filenames in mega-linter-runner ([#1942](https://togithub.com/oxsecurity/megalinter/issues/1942)). - Remove default npm-groovy-lint extra arguments ([#1872](https://togithub.com/oxsecurity/megalinter/issues/1872)) - Replace yaml.load by yaml.safe_load for better security - Linter versions upgrades - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.67.0 to **0.68.1** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2022.10.05 to **2022.10.14** - [djlint](https://djlint.com/) from 1.19.1 to **1.19.2** - [eslint](https://eslint.org) from 8.25.0 to **8.26.0** - [git_diff](https://git-scm.com) from 2.34.4 to **2.34.5** - [gitleaks](https://togithub.com/zricethezav/gitleaks) from 8.14.1 to **8.15.0** - [golangci-lint](https://golangci-lint.run/) from 1.50.0 to **1.50.1** - [phpstan](https://phpstan.org/) from 1.8.9 to **1.8.10** - [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.2.6 to **7.2.7** - [puppet-lint](http://puppet-lint.com/) from 3.0.0 to **3.0.1** - [pylint](https://pylint.pycqa.org) from 2.15.4 to **2.15.5** - [rubocop](https://rubocop.org/) from 1.36.0 to **1.37.0** - [semgrep](https://semgrep.dev/) from 0.117.0 to **0.118.0** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.16.0 to **7.16.1** - [syft](https://togithub.com/anchore/syft) from 0.58.0 to **0.59.0** - [terraform-fmt](https://www.terraform.io/docs/cli/commands/fmt.html) from 1.3.2 to **1.3.3** - [terragrunt](https://terragrunt.gruntwork.io) from 0.39.1 to **0.39.2** - [terrascan](https://www.accurics.com/products/terrascan/) from 1.15.2 to **1.16.0** ### [`v6.12.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v6120---2022-10-16) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v6.11.1...v6.12.0) - Add Makefile linter in go flavor - Fix invalid Docker container names in .pre-commit-hooks.yaml ([#1932](https://togithub.com/oxsecurity/megalinter/issues/1932)) - Correct removeContainer casing in runner ([#1917](https://togithub.com/oxsecurity/megalinter/issues/1917)) - Fix use of TERRAFORM_KICS_ARGUMENTS ([#1947](https://togithub.com/oxsecurity/megalinter/issues/1947)) - Use -p argument for pyright custom config file path ([#1946](https://togithub.com/oxsecurity/megalinter/issues/1946)) - Fix incorrect link to pytype for pyright ([#1967](https://togithub.com/oxsecurity/megalinter/issues/1967)) - Deduplicate SHOW_ELAPSED_TIME properties to address v8r error ([#1962](https://togithub.com/oxsecurity/megalinter/issues/1962)) - Linter versions upgrades - [actionlint](https://rhysd.github.io/actionlint/) from 1.6.16 to **1.6.21** - [ansible-lint](https://ansible-lint.readthedocs.io/en/latest/) from 6.7.0 to **6.7.0** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.10.61 to **0.11.1** - [black](https://black.readthedocs.io/en/stable/) from 22.8.0 to **22.10.0** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.66.0 to **0.67.0** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2022.09.08 to **2022.10.05** - [djlint](https://djlint.com/) from 1.18.0 to **1.19.1** - [eslint](https://eslint.org) from 8.24.0 to **8.25.0** - [gitleaks](https://togithub.com/zricethezav/gitleaks) from 8.13.0 to **8.14.1** - [golangci-lint](https://golangci-lint.run/) from 1.49.0 to **1.50.0** - [kics](https://www.kics.io) from 1.6.1 to **1.6.2** - [mypy](https://mypy.readthedocs.io/en/stable/) from 0.981 to **0.982** - [npm-groovy-lint](https://nvuillam.github.io/npm-groovy-lint/) from 10.1.0 to **11.0.0** - [phpstan](https://phpstan.org/) from 1.8.6 to **1.8.9** - [puppet-lint](http://puppet-lint.com/) from 2.5.2 to **3.0.0** - [pylint](https://pylint.pycqa.org) from 2.15.3 to **2.15.4** - [scalafix](https://scalacenter.github.io/scalafix/) from 0.10.3 to **0.10.4** - [semgrep](https://semgrep.dev/) from 0.115.0 to **0.117.0** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.14.2 to **7.16.0** - [stylelint](https://stylelint.io) from 14.13.0 to **14.14.0** - [terraform-fmt](https://www.terraform.io/docs/cli/commands/fmt.html) from 1.3.1 to **1.3.2** - [terragrunt](https://terragrunt.gruntwork.io) from 0.39.0 to **0.39.1**

sigstore/cosign-installer

### [`v2.8.1`](https://togithub.com/sigstore/cosign-installer/releases/tag/v2.8.1) [Compare Source](https://togithub.com/sigstore/cosign-installer/compare/v2.8.0...v2.8.1) #### What's Changed - bump cosign install to use release v1.13.1 by [@cpanato](https://togithub.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/98](https://togithub.com/sigstore/cosign-installer/pull/98) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v2...v2.8.1 ### [`v2.8.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v2.8.0) [Compare Source](https://togithub.com/sigstore/cosign-installer/compare/v2.7.0...v2.8.0) #### What's Changed - bump cosign to v1.13.0 by [@cpanato](https://togithub.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/95](https://togithub.com/sigstore/cosign-installer/pull/95) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v2.7.0...v2.8.0 ### [`v2.7.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v2.7.0) [Compare Source](https://togithub.com/sigstore/cosign-installer/compare/v2.6.0...v2.7.0) #### What's Changed - bump cosign to v1.12.1 by [@cpanato](https://togithub.com/cpanato) in [https://github.com/sigstore/cosign-installer/pull/94](https://togithub.com/sigstore/cosign-installer/pull/94) **Full Changelog**: https://github.com/sigstore/cosign-installer/compare/v2...v2.7.0

Configuration

📅 Schedule: Branch creation - "before 3am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

[ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

github-actions[bot] commented 1 year ago

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Errors	Elapsed time
✅ ACTION	actionlint	5	0	0.68s
✅ EDITORCONFIG	editorconfig-checker	5	0	0.1s
✅ REPOSITORY	checkov	yes	no	14.26s
✅ REPOSITORY	dustilock	yes	no	0.07s
✅ REPOSITORY	gitleaks	yes	no	0.26s
✅ REPOSITORY	git_diff	yes	no	0.01s
✅ REPOSITORY	secretlint	yes	no	1.85s
✅ REPOSITORY	syft	yes	no	0.48s
✅ REPOSITORY	trivy	yes	no	6.34s
✅ YAML	prettier	5	0	0.68s
✅ YAML	v8r	5	0	3.79s
✅ YAML	yamllint	5	0	0.36s

See detailed report in MegaLinter reports _Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff_

_MegaLinter is graciously provided by _

renovate[bot] commented 1 year ago

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above.

⚠ Warning: custom changes will be lost.

github-actions[bot] commented 1 year ago

Package	Line Rate	Branch Rate	Health
FhirPseudonymizer.Tests	99%	100%	✔
FhirPseudonymizer	77%	76%	✔
Summary	81% (481 / 591)	78% (62 / 80)	✔

Minimum allowed line rate is 50%

iter8 report


Experiment summary:
*******************

  Experiment completed: true
  No task failures: true
  Total number of tasks: 7
  Number of completed tasks: 7

Whether or not service level objectives (SLOs) are satisfied:
*************************************************************

  SLO Conditions                 | Satisfied
  --------------                 | ---------
  http/error-count <= 0          | true
  http/latency-mean (msec) <= 25 | true
  http/latency-p99 (msec) <= 50  | true

Latest observed values for metrics:
***********************************

  Metric                     | value
  -------                    | -----
  http/error-count           | 0.00
  http/error-rate            | 0.00
  http/latency-max (msec)    | 1166.85
  http/latency-mean (msec)   | 8.93
  http/latency-min (msec)    | 2.84
  http/latency-p50 (msec)    | 7.89
  http/latency-p75 (msec)    | 9.63
  http/latency-p90 (msec)    | 12.04
  http/latency-p95 (msec)    | 14.98
  http/latency-p99 (msec)    | 24.73
  http/latency-p99.9 (msec)  | 63.33
  http/latency-stddev (msec) | 15.27
  http/request-count         | 25000.00

miracum-bot commented 1 year ago

:tada: This PR is included in version 2.15.0 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket:

miracum / fhir-pseudonymizer