chore(deps): bump oxsecurity/megalinter from 7.13.0 to 8.0.0

[dependabot[bot]]

Bumps oxsecurity/megalinter from 7.13.0 to 8.0.0.

Release notes

Sourced from oxsecurity/megalinter's releases.

v8.0.0

What's Changed

Run npx mega-linter-runner@latest --upgrade to upgrade to MegaLinter v8 :)

• Reporters
  • New ApiReporter (can be used to build Grafana dashboards), by @​nvuillam in oxsecurity/megalinter#3540

• Removed deprecated linters, by @​nvuillam in oxsecurity/megalinter#3854

  • CSS_SCSSLINT: Project discontinued and advising to use stylelint
  • OPENAPI_SPECTRAL: Replaced by API_SPECTRAL (same linter but more formats handled)
  • SQL_SQL_LINT: Project no longer maintained

• Core

  • Hide to linters by default all environment variables that contain TOKEN, USERNAME or PASSWORD, by @​nvuillam in oxsecurity/megalinter#3881
  • Allow to override CLI_LINT_MODE when defined as project, by @​nvuillam in oxsecurity/megalinter#3772
  • Allow to use absolute paths for LINTER_RULES_PATH, by @​nvuillam in oxsecurity/megalinter#3775
  • Allow to update variables from PRE/POST Commands using output_variables property, by @​nvuillam in oxsecurity/megalinter#3861

• Media

  • MegaLinter: un linter pour les gouverner tous (FR), by Guillaume Arnaud from WeScale
  • MegaLinter, by Stéphane Robert, from 3DS OutScale
  • 30 Seconds to Setup MegaLinter: Your Go-To Tool for Automated Code Quality, by Peng Cao |

• Linters enhancements

  • bandit Call bandit with quiet mode to generate less logs, by @​nvuillam in oxsecurity/megalinter#3892
  • grype Count number of errors returned by Grype, by @​nvuillam in oxsecurity/megalinter#3906
  • yamllint Fix yamllint default format to avoid special characters or GitHub sections in text logs, by @​nvuillam in oxsecurity/megalinter#3898

• Fixes

  • terrascan fixed errors and removed redundant code, by @​TommyE123 in oxsecurity/megalinter#3767
  • dotnet-format various performance improvements and ability to specify sln or proj paths, by @​TommyE123 in oxsecurity/megalinter#3741
  • swiftlint Remove deprecated argument --path
  • Salesforce linters: Disable SF CLI auto update warning, by @​nvuillam in oxsecurity/megalinter#3883

• Doc

  • Add images and links to Git, CI/CD & other tools integrations at the beginning of the README, by @​nvuillam in oxsecurity/megalinter#3885
  • Create README animated GIF presentation of MegaLinter, by @​nvuillam in oxsecurity/megalinter#3910
  • Format mkdocs search index in place, by @​echoix in oxsecurity/megalinter#3890
  • Use consistent spelling of 'flavor', by @​InputUsername in oxsecurity/megalinter#3789

• CI

  • Fix docker warnings, by @​nvuillam in oxsecurity/megalinter#3853
    • FromAsCasing: 'as' and 'FROM' keywords' casing do not match
    • NoEmptyContinuation: Empty continuation line
    • SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data
  • Port Beta workflows to use docker/metadata-action, by @​echoix in oxsecurity/megalinter#3860
  • AutoUpdate linters: Always create a PR if the job has been started manually, by @​nvuillam in oxsecurity/megalinter#3863

... (truncated)

Changelog

Sourced from oxsecurity/megalinter's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased] (beta, main branch content)

Note: Can be used with oxsecurity/megalinter@beta in your GitHub Action mega-linter.yml file, or with oxsecurity/megalinter:beta docker image

• Core

• Media

• Linters enhancements

• Fixes

• Reporters

• Doc

• Flavors

• CI

  • Free space in release job to avoid no space left on device

• mega-linter-runner

• Linter versions upgrades

  • checkov from 3.2.232 to 3.2.234 on 2024-08-20
  • syft from 1.11.0 to 1.11.1 on 2024-08-20
  • cspell from 8.14.1 to 8.14.2 on 2024-08-20
  • golangci-lint from 1.60.1 to 1.60.2 on 2024-08-21
  • pyright from 1.1.376 to 1.1.377 on 2024-08-21
  • checkov from 3.2.234 to 3.2.235 on 2024-08-21
  • snakemake from 8.18.1 to 8.18.2 on 2024-08-21
  • sqlfluff from 3.1.0 to 3.1.1 on 2024-08-21
  • terrascan from 1.18.11 to 1.19.1 on 2024-08-21
  • ruff from 0.6.1 to 0.6.2 on 2024-08-22
  • golangci-lint from 1.60.2 to 1.60.3 on 2024-08-23
  • csharpier from 0.29.0 to 0.29.1 on 2024-08-23
  • mypy from 1.11.1 to 1.11.2 on 2024-08-25
  • lightning-flow-scanner from 2.33.0 to 2.34.0 on 2024-08-25
  • swiftlint from 0.56.1 to 0.56.2 on 2024-08-25
  • checkstyle from 10.17.0 to 10.18.0 on 2024-08-25
  • v8r from 4.0.1 to 4.1.0 on 2024-08-25

[v8.0.0] - 2024-08-19

... (truncated)

Commits

• c217fe8 Release MegaLinter v8.0.0
• 86cbb00 changelog
• 1c2e933 [automation] Auto-update linters version, help and documentation (#3912)
• 7e48b0b Fix upgrade script (#3911)
• 434c5a7 Add GIF presentation & fix Table of contents (#3910)
• 9e8becc Add gif header
• 1b80507 [automation] Auto-update linters version, help and documentation (#3909)
• 96b1bd0 [automation] Auto-update linters version, help and documentation (#3907)
• d8cbb09 Count number of errors in Grype (#3906)
• d133868 [automation] Auto-update linters version, help and documentation (#3905)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	1		0	0.04s
✅ EDITORCONFIG	editorconfig-checker	1		0	0.03s
✅ REPOSITORY	gitleaks	yes		no	1.46s
✅ REPOSITORY	git_diff	yes		no	0.02s
✅ REPOSITORY	grype	yes		no	13.12s
✅ REPOSITORY	secretlint	yes		no	0.98s
✅ REPOSITORY	trivy	yes		no	6.97s
✅ REPOSITORY	trivy-sbom	yes		no	1.42s
✅ REPOSITORY	trufflehog	yes		no	4.39s
✅ SPELL	cspell	2		0	3.6s
✅ SPELL	lychee	1		0	0.09s
✅ YAML	prettier	1	0	0	0.45s
✅ YAML	v8r	1		0	2.54s
✅ YAML	yamllint	1		0	0.57s

See detailed report in MegaLinter reports _Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff_

_MegaLinter is graciously provided by _