search

oxsecurity / megalinter

🦙 MegaLinter analyzes 50 languages, 22 formats, 21 tooling formats, excessive copy-pastes, spelling mistakes and security issues in your repository sources with a GitHub Action, other CI tools or locally.
https://megalinter.io
GNU Affero General Public License v3.0
1.9k stars 231 forks source link

chore(deps): update alpine/terragrunt docker tag to v1.4.0 #3720

Closed renovate[bot] closed 3 months ago

renovate[bot] commented 3 months ago

Mend Renovate

This PR contains the following updates:

Package Update Change
alpine/terragrunt (source) patch 1.9.0 -> 1.4.0

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

echoix commented 3 months ago

Again same bug with renovate (a P1-Critical one)

github-actions[bot] commented 3 months ago

🦙 MegaLinter status: ⚠️ WARNING

Descriptor Linter Files Fixed Errors Elapsed time
✅ API spectral 2 0 2.98s
✅ BASH bash-exec 5 0 0.02s
✅ BASH shellcheck 5 0 0.09s
✅ BASH shfmt 5 0 0 0.56s
✅ COPYPASTE jscpd yes no 4.89s
✅ DOCKERFILE hadolint 129 0 17.89s
✅ JSON jsonlint 18 0 0.22s
✅ JSON v8r 20 0 30.74s
⚠️ MARKDOWN markdownlint 266 0 272 35.01s
✅ MARKDOWN markdown-table-formatter 266 0 0 142.97s
✅ OPENAPI spectral 2 0 3.01s
⚠️ PYTHON bandit 212 64 4.21s
✅ PYTHON black 212 0 0 5.75s
✅ PYTHON flake8 212 0 3.38s
✅ PYTHON isort 212 0 0 1.25s
✅ PYTHON mypy 212 0 18.0s
✅ PYTHON pylint 212 0 24.75s
✅ PYTHON ruff 212 0 0 0.71s
✅ REPOSITORY checkov yes no 42.84s
✅ REPOSITORY git_diff yes no 0.59s
⚠️ REPOSITORY grype yes 1 14.56s
✅ REPOSITORY secretlint yes no 12.32s
✅ REPOSITORY trivy yes no 19.2s
✅ REPOSITORY trivy-sbom yes no 8.34s
⚠️ REPOSITORY trufflehog yes 1 15.15s
✅ SPELL cspell 694 0 26.33s
⚠️ SPELL lychee 347 5 6.74s
✅ XML xmllint 3 0 0 0.56s
✅ YAML prettier 161 0 0 5.93s
✅ YAML v8r 102 0 184.47s
✅ YAML yamllint 162 0 2.26s

See detailed report in MegaLinter reports

_MegaLinter is graciously provided by OX Security_

nvuillam commented 3 months ago

That's scary :o

echoix commented 3 months ago

The release that they made to prevent downgrades while searching for the root cause is out, but the jobs today didn't use that new version yet. https://github.com/renovatebot/renovate/issues/29919 and multiple discussions too.