oxsecurity/megalinter (oxsecurity/megalinter)
### [`v7.2.1`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v721---2023-07-26)
[Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.2.0...v7.2.1)
- Fixes
- Fix TAP reporter (3 real dots instead if 3 dots character)
- Call trufflehog with `--only-verified` to avoid false positives in .git/config
- Linter versions upgrades
- [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.78.2 to **0.79.2**
- [checkov](https://www.checkov.io/) from 2.3.340 to **2.3.343**
- [pylint](https://pylint.pycqa.org) from 2.17.4 to **2.17.5**
- [rubocop](https://rubocop.org/) from 1.54.2 to **1.55.0**
- [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.30.2 to **7.31.0**
- [spectral](https://meta.stoplight.io/docs/spectral/README.md) from 6.8.0 to **6.10.0**
- [sqlfluff](https://www.sqlfluff.com/) from 2.1.3 to **2.1.4**
- [trufflehog](https://togithub.com/trufflesecurity/trufflehog) from 3.44.0 to **3.45.1**
### [`v7.2.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v720---2023-07-25)
[Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.1.0...v7.2.0)
- New linters
- Add [Lychee](https://togithub.com/lycheeverse/lychee) - links and email addresses checker, by [@DariuszPorowski](https://togithub.com/DariuszPorowski) in [#2673](https://togithub.com/oxsecurity/megalinter/pull/2673)
- Add [grype](https://togithub.com/anchore/grype) security linter
- Add [trufflehog](https://togithub.com/trufflesecurity/trufflehog) security linter
- New flavor **dotnetweb**: dotnet flavor linters + Javascript & Typescript linters
- Media
- [8 Tools to Scan Node.js Applications for Security Vulnerability](https://geekflare.com/nodejs-security-scanner/), by [Chandan Kumar](https://www.linkedin.com/in/chandank){target=\_blank} on [GeekFlare.com](https://geekflare.com/)
- [Shift Left Just Become Easier (Black Hat Arsenal Session)](https://www.blackhat.com/us-23/arsenal/schedule/index.html#codetotal-shift-left-just-became-easier-33596)
- Core
- MegaLinter Server for [CodeTotal](https://www.blackhat.com/us-23/arsenal/schedule/index.html#codetotal-shift-left-just-became-easier-33596)
- Improvements to Gitpod workspace and addition of Makefile for automation, by [@ThomasSanson](https://togithub.com/ThomasSanson) in [#2737](https://togithub.com/oxsecurity/megalinter/pull/2737)
- Fixes
- Handle reporter crashes without making all ML crash
- Devskim: Remove default --ignore-globs argument
- mypy: Use /tmp as cache folder by default with ENV MYPY_CACHE_DIR=/tmp in Dockerfile
- Fix `hadolint` to use its default configuration file properly, by [@KihyeokK](https://togithub.com/KihyeokK) in [#2763](https://togithub.com/oxsecurity/megalinter/pull/2763)
- Remove linters not in flavor before calling reporters
- Undowngrade devskim, by [@nvuillam](https://togithub.com/nvuillam) in [#2748](https://togithub.com/oxsecurity/megalinter/pull/2748)
- Add ts-standard linter for ts standard, by [@janderssonse](https://togithub.com/janderssonse) in [#2746](https://togithub.com/oxsecurity/megalinter/pull/2746)
- Remove additional `--update` for apk in Dockerfile by [@PeterDaveHello](https://togithub.com/PeterDaveHello) in [#2619](https://togithub.com/oxsecurity/megalinter/pull/2619)
- Fix V8R config arg usage ([#2756](https://togithub.com/oxsecurity/megalinter/issues/2756)), by [@bdovaz](https://togithub.com/bdovaz) in [#2819](https://togithub.com/oxsecurity/megalinter/pull/2819)
- Reporters
- New Redis reporter (beta)
- CI
- Clean docker build cache to avoid no space left on device during Build Dev job
- Linter versions upgrades
- [actionlint](https://rhysd.github.io/actionlint/) from 1.6.24 to **1.6.25**
- [ansible-lint](https://ansible-lint.readthedocs.io/) from 6.16.2 to **6.17.2**
- [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.17.1 to **0.19.5**
- [black](https://black.readthedocs.io/en/stable/) from 23.3.0 to **23.7.0**
- [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.77.10 to **0.78.2**
- [checkov](https://www.checkov.io/) from 2.3.285 to **2.3.340**
- [checkstyle](https://checkstyle.sourceforge.io) from 10.12.0 to **10.12.1**
- [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.70 to **0.1.71**
- [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2023.05.26 to **2023.07.13**
- [csharpier](https://csharpier.com/) from 0.24.2 to **0.25.0**
- [cspell](https://togithub.com/streetsidesoftware/cspell/tree/master/packages/cspell) from 6.31.1 to **6.31.2**
- [devskim](https://togithub.com/microsoft/DevSkim) from 0.7.104 to **1.0.11**
- [djlint](https://djlint.com/) from 1.30.2 to **1.32.1**
- [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 6.0.408 to **6.0.412**
- [eslint-plugin-jsonc](https://ota-meshi.github.io/eslint-plugin-jsonc/) from 2.8.0 to **2.9.0**
- [eslint](https://eslint.org) from 8.42.0 to **8.45.0**
- [gitleaks](https://togithub.com/gitleaks/gitleaks) from 8.16.4 to **8.17.0**
- [golangci-lint](https://golangci-lint.run/) from 1.53.2 to **1.53.3**
- [grype](https://togithub.com/anchore/grype) from 0.63.1 to **0.63.1**
- [kics](https://www.kics.io) from 1.7.1 to **1.7.4**
- [ktlint](https://ktlint.github.io) from 0.49.1 to **0.50.0**
- [kubeconform](https://togithub.com/yannh/kubeconform) from 0.6.2 to **2.3.6**
- [markdownlint](https://togithub.com/DavidAnson/markdownlint) from 0.34.0 to **0.35.0**
- [mypy](https://mypy.readthedocs.io/en/stable/) from 1.3.0 to **1.4.1**
- [npm-package-json-lint](https://npmpackagejsonlint.org/) from 6.4.0 to **7.0.0**
- [phpstan](https://phpstan.org/) from 1.10.18 to **1.10.26**
- [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.4 to **7.3.6**
- [powershell_formatter](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.4 to **7.3.6**
- [prettier](https://prettier.io/) from 2.8.8 to **3.0.0**
- [protolint](https://togithub.com/yoheimuta/protolint) from 0.44.0 to **0.45.0**
- [psalm](https://psalm.dev) from Psalm.5.12.0@ to **Psalm.5.13.1@**
- [pyright](https://togithub.com/Microsoft/pyright) from 1.1.313 to **1.1.318**
- [rubocop](https://rubocop.org/) from 1.52.0 to **1.54.2**
- [ruff](https://togithub.com/charliermarsh/ruff) from 0.0.272 to **0.0.280**
- [secretlint](https://togithub.com/secretlint/secretlint) from 6.2.3 to **7.0.3**
- [semgrep](https://semgrep.dev/) from 1.26.0 to **1.33.2**
- [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.13.0 to **3.14.0**
- [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.13.0 to **3.14.0**
- [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.13.0 to **3.14.0**
- [shfmt](https://togithub.com/mvdan/sh) from 3.6.0 to **3.7.0**
- [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.26.0 to **7.30.2**
- [sqlfluff](https://www.sqlfluff.com/) from 2.1.1 to **2.1.3**
- [stylelint](https://stylelint.io) from 15.10.0 to **15.10.0**
- [swiftlint](https://togithub.com/realm/SwiftLint) from 0.52.2 to **0.52.4**
- [syft](https://togithub.com/anchore/syft) from 0.83.0 to **0.85.0**
- [terraform-fmt](https://developer.hashicorp.com/terraform/cli/commands/fmt) from 1.4.6 to **1.5.3**
- [terragrunt](https://terragrunt.gruntwork.io) from 0.46.3 to **0.48.4**
- [tflint](https://togithub.com/terraform-linters/tflint) from 0.46.1 to **0.47.0**
- [trivy](https://aquasecurity.github.io/trivy/) from 0.42.1 to **0.43.1**
- [vale](https://vale.sh/) from 2.27.0 to **2.28.1**
### [`v7.1.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v710---2023-06-11)
[Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.4...v7.1.0)
- Core
- Upgrade base image to **python:3.11.4-alpine3.17**, by [@nvuillam](https://togithub.com/nvuillam) in [#2738](https://togithub.com/oxsecurity/megalinter/pull/2738)
- Linter enhancements & fixes
- cljstyle: Remove default value for configuration file name, by [@nvuillam](https://togithub.com/nvuillam) in [#2717](https://togithub.com/oxsecurity/megalinter/pull/2717)
- golangci-lint : Add autofix capability using **--fix** argument, by [@seaneagan](https://togithub.com/seaneagan) in [#2700](https://togithub.com/oxsecurity/megalinter/pull/2700)
- Linter versions upgrades
- [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.77.5 to **0.77.7**
- [checkov](https://www.checkov.io/) from 2.3.267 to **2.3.285**
- [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.69 to **0.1.70**
- [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2023.05.18 to **2023.05.26**
- [djlint](https://djlint.com/) from 1.30.0 to **1.30.2**
- [eslint](https://eslint.org) from 8.41.0 to **8.42.0**
- [gitleaks](https://togithub.com/gitleaks/gitleaks) from 8.16.3 to **8.16.4**
- [golangci-lint](https://golangci-lint.run/) from 1.52.2 to **1.53.2**
- [kubeconform](https://togithub.com/yannh/kubeconform) from 0.6.1 to **0.6.2**
- [kubescape](https://togithub.com/kubescape/kubescape) from 2.3.4 to **2.3.5**
- [luacheck](https://luacheck.readthedocs.io) from 1.1.0 to **1.1.1**
- [markdownlint](https://togithub.com/DavidAnson/markdownlint) from 0.33.0 to **0.34.0**
- [phpstan](https://phpstan.org/) from 1.10.15 to **1.10.18**
- [pyright](https://togithub.com/Microsoft/pyright) from 1.1.311 to **1.1.313**
- [rubocop](https://rubocop.org/) from 1.51.0 to **1.52.0**
- [ruff](https://togithub.com/charliermarsh/ruff) from 0.0.270 to **0.0.272**
- [scalafix](https://scalacenter.github.io/scalafix/) from 0.10.4 to **0.11.0**
- [semgrep](https://semgrep.dev/) from 1.24.0 to **1.26.0**
- [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.12.0 to **3.13.0**
- [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.12.0 to **3.13.0**
- [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.12.0 to **3.13.0**
- [stylelint](https://stylelint.io) from 15.6.2 to **15.7.0**
- [syft](https://togithub.com/anchore/syft) from 0.82.0 to **0.83.0**
- [terragrunt](https://terragrunt.gruntwork.io) from 0.45.17 to **0.46.3**
- [trivy](https://aquasecurity.github.io/trivy/) from 0.41.0 to **0.42.1**
### [`v7.0.4`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v704---2023-05-31)
[Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.3...v7.0.4)
- Core
- Allow to define `linterkey_UNSECURED_ENV_VARIABLES` for specific linters to make them visible when necessary (ex: GITHUB_TOKEN for TERRAFORM_TFLINT)
- Documentation
- Add note to terraform_tflint about TERRAFORM_TFLINT_UNSECURED_ENV_VARIABLES by [@ruzickap](https://togithub.com/ruzickap) in [#2706](https://togithub.com/oxsecurity/megalinter/pull/2706)
- Linter versions upgrades
- [checkov](https://www.checkov.io/) from 2.3.261 to **2.3.267**
- [djlint](https://djlint.com/) from 1.29.0 to **1.30.0**
- [pyright](https://togithub.com/Microsoft/pyright) from 1.1.310 to **1.1.311**
- [semgrep](https://semgrep.dev/) from 1.23.0 to **1.24.0**
- [standard](https://standardjs.com/) from 17.0.0 to **17.1.0**
- [terragrunt](https://terragrunt.gruntwork.io) from 0.45.16 to **0.45.17**
### [`v7.0.3`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v703---2023-05-29)
[Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.2...v7.0.3)
- Linter enhancements & fixes
- New variable **TERRAFORM_TFLINT_SECURED_ENV** with default value `true`. Set to `false` to allow `tflint --init` to access your env vars.
- Core
- Secure PRE_COMMANDS and POST_COMMANDS by default
- Can be disabled with **secured_env: false** in the command definition
- Manage v6 retrocompatibility with FILTER_REGEX_INCLUDE and FILTER_REGEX_EXCLUDE expression
- Linter versions upgrades
- [checkstyle](https://checkstyle.sourceforge.io) from 10.11.0 to **10.12.0**
- [kubescape](https://togithub.com/kubescape/kubescape) from 2.3.3 to **2.3.4**
- [checkov](https://www.checkov.io/) from 2.3.259 to **2.3.261**
### [`v7.0.2`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v702---2023-05-27)
[Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.1...v7.0.2)
- Quick Fix mega-linter-runner --upgrade (Warning: bug with npm, not publish yet in mega-linter-runner)
- Dead link to configuration.md
- Regex issue with megalinter-reports
### [`v7.0.1`](https://togithub.com/oxsecurity/megalinter/compare/v7.0.0...v7.0.1)
[Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.0...v7.0.1)
### [`v7.0.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v700---2023-05-27)
[Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v6.22.2...v7.0.0)
To upgrade to MegaLinter v7, run `npx mega-linter-runner@latest --upgrade` , comment [here](https://togithub.com/oxsecurity/megalinter/issues/2692) if you have any issue :)
- MAJOR Updates
- [SECURED_ENV_VARIABLES](https://megalinter.io/latest/config-variables-security/) & core scoped configuration by [@nvuillam](https://togithub.com/nvuillam) in [#2601](https://togithub.com/oxsecurity/megalinter/pull/2601)
- New configuration variables **SECURED_ENV_VARIABLES** and SECURED_ENV_VARIABLES_DEFAULT to hide your environment sensitive variables to the linters called by MegaLinter
- Read [documentation](https://megalinter.io/latest/config-variables-security/) to enhance security using MegaLinter
- Use **relative file paths** to call linters by [@nvuillam](https://togithub.com/nvuillam) in [#1877](https://togithub.com/oxsecurity/megalinter/pull/1877)
- This can be a breaking change for customizations, post an issue if you see a problem !
- New linters
- Add linter [cljstyle](https://togithub.com/greglook/cljstyle), Clojure formatter, by [@practicalli-john](https://togithub.com/practicalli-john) in [#2115](https://togithub.com/oxsecurity/megalinter/pull/2115)
- Add [kubescape](https://togithub.com/kubescape/kubescape), kubernetes linter, by [@muandane](https://togithub.com/muandane) in [#2531](https://togithub.com/oxsecurity/megalinter/pull/2531)
- Add [Vale](https://vale.sh/), a powerful enforcer of writing style, by [@wesley-dean-flexion](https://togithub.com/wesley-dean-flexion) in [#2406](https://togithub.com/oxsecurity/megalinter/pull/2406)
- Removed linters
- KUBERNETES_KUBEVAL: Not maintained anymore (kubeconform recommended by the authors)
- REPOSITORY_GOODCHECK: Not open-source anymore
- SPELL_MISSPELL: Not maintained anymore (last commit in 2018)
- TERRAFORM_CHECKOV: Replaced by REPOSITORY_CHECKOV
- TERRAFORM_KICS: Replaced by REPOSITORY_KICS
- Medias
- Article: [Use the Workflows JSON schema in your IDE](https://cloud.google.com/workflows/docs/use-workflows-json-schema-with-ide), by [Google Cloud](https://cloud.google.com/)
- Video: [Ortelius Architecture Meeting](https://www.youtube.com/watch?v=oegOSmVegiQ\&t=1510s), with a review of MegaLinter, by [Steve Taylor](https://togithub.com/sbtaylor15) from [Ortelius](https://ortelius.io/)
- Web site: [my-devops-lab.com](https://www.my-devops-lab.com/tools)
- Linter enhancements & fixes
- [cspell](https://megalinter.io/latest/descriptors/spell_cspell/)
- Fix corrective .cspell.json file generated from cspell output by [@nvuillam](https://togithub.com/nvuillam) in [#2562](https://togithub.com/oxsecurity/megalinter/pull/2562)
- [eslint](https://megalinter.io/latest/descriptors/javascript_eslint/)
- Ensure ESLint actually runs in project mode ([#1572](https://togithub.com/oxsecurity/megalinter/issues/1572)) by [@Kurt-von-Laven](https://togithub.com/Kurt-von-Laven) in [#2455](https://togithub.com/oxsecurity/megalinter/pull/2455)
- [jscpd](https://megalinter.io/latest/descriptors/copypaste_jscpd/)
- Prevent jscpd to create output folder if the repo is not writable by [@nvuillam](https://togithub.com/nvuillam) in [#2556](https://togithub.com/oxsecurity/megalinter/pull/2556)
- [Gitleaks](https://megalinter.io/latest/descriptors/repository_gitleaks/)
- Add support to scan PR commits only on PRs when `VALIDATE_ALL_CODEBASE` is set to `false`, by [@DariuszPorowski](https://togithub.com/DariuszPorowski) [#2504](https://togithub.com/oxsecurity/megalinter/pull/2504)
- [KICS](https://megalinter.io/latest/descriptors/repository_kics/)
- Move KICS to REPOSITORY descriptor, so it can analyze all types of files, not terraform only, by [@nvuillam](https://togithub.com/nvuillam) in [#2689](https://togithub.com/oxsecurity/megalinter/pull/2689)
- KICS can now output SARIF
- The new version can have performance issues: customize of disable REPOSITORY_KICS if necessary
- [KubeConform](https://megalinter.io/latest/descriptors/kubernetes_kubeconform/)
- Simplify kubeconform install & get version by [@nvuillam](https://togithub.com/nvuillam) in [#2629](https://togithub.com/oxsecurity/megalinter/pull/2629)
- [PHPLint](https://megalinter.io/latest/descriptors/php_phplint/)
- Upgrade PHPLint to v9 by [@bdovaz](https://togithub.com/bdovaz) in [#2638](https://togithub.com/oxsecurity/megalinter/pull/2638)
- [sqlfluff](https://megalinter.io/latest/descriptors/sql_sqlfluff/)
- Remove old options from SQLFluff config file by [@tunetheweb](https://togithub.com/tunetheweb) in [#2560](https://togithub.com/oxsecurity/megalinter/pull/2560)
- [v8r](https://megalinter.io/latest/descriptors/json_v8r/)
- Allow use of configuration files with v8r by [@bdovaz](https://togithub.com/bdovaz) in [#1982](https://togithub.com/oxsecurity/megalinter/pull/1982)
- Core
- Upgrade base Docker image to python:3.11.3-alpine3.17 by [@nvuillam](https://togithub.com/nvuillam) in [#2537](https://togithub.com/oxsecurity/megalinter/pull/2537)
- Allow simultaneous regex filtering at descriptor and linter levels by [@nvuillam](https://togithub.com/nvuillam) & [@seaneagan](https://togithub.com/seaneagan) in [#2669](https://togithub.com/oxsecurity/megalinter/pull/2669)
- Allow MEGALINTER_CONFIG to contain a full path to a MegaLinter config file by [@nvuillam](https://togithub.com/nvuillam) in [#2649](https://togithub.com/oxsecurity/megalinter/pull/2649)
- Fix issue preventing plugins to work with flavors by [@nvuillam](https://togithub.com/nvuillam) in [#2532](https://togithub.com/oxsecurity/megalinter/pull/2532)
- Fix crash in case of unreachable symlinks by [@nvuillam](https://togithub.com/nvuillam) in [#2538](https://togithub.com/oxsecurity/megalinter/pull/2538)
- mega-linter-runner: Use --platform also for docker run by [@nvuillam](https://togithub.com/nvuillam) , [@Kurt-Von-Laven](https://togithub.com/Kurt-Von-Laven) & [@cam-barts](https://togithub.com/cam-barts) in [#2690](https://togithub.com/oxsecurity/megalinter/pull/2690)
- Replace deprecated distutils.copy_tree by shutil.copytree
- Reporters
- [SARIF_REPORTER](https://megalinter.io/latest/reporters/SarifReporter/)
- Add option to skip def_ws prefix in sarif reports by [@janderssonse](https://togithub.com/janderssonse) in [#2383](https://togithub.com/oxsecurity/megalinter/pull/2383)
- update schema to pass official SARIF validator by [@DariuszPorowski](https://togithub.com/DariuszPorowski) in [#2645](https://togithub.com/oxsecurity/megalinter/pull/2645)
- [CONFIG_REPORTER](https://megalinter.io/latest/reporters/ConfigReporter/)
- Add support for idea plugins auto-install by [@waterfoul](https://togithub.com/waterfoul) in [#2553](https://togithub.com/oxsecurity/megalinter/pull/2553)
- [CONSOLE_REPORTER](https://megalinter.io/latest/reporters/ConsoleReporter/)
- Updated cases in console/log output to use β `Warning Sign (U+26A0)` instead of β¬ `White Up-Pointing Triangle with Dot (U+25EC)`, by [@Doommius](https://togithub.com/Doommius)
- [GITLAB_COMMENT_REPORTER](https://megalinter.io/latest/reporters/GitlabCommentReporter/)
- Enhancement & fixes for GitlabCommentReporter by [@nvuillam](https://togithub.com/nvuillam) in [#2564](https://togithub.com/oxsecurity/megalinter/pull/2564)
- New var GITLAB_COMMENT_REPORTER_OVERWRITE_COMMENT to allow to disable the overwrite of existing MegaLinter comment in case of new run
- In case of overwrite activated (by default), fetch all Merge Request comments, not the first 20.
- Display a different message in log when a Merge Request comment is created or updated.
- [AZURE_COMMENT_REPORTER](https://megalinter.io/latest/reporters/AzureCommentReporter/)
- Downgrade Azure DevOps pipy package to avoid crash by [@nvuillam](https://togithub.com/nvuillam) in [#2576](https://togithub.com/oxsecurity/megalinter/pull/2576)
- Documentation
- Improve documentation pages split by [@nvuillam](https://togithub.com/nvuillam) in [#2688](https://togithub.com/oxsecurity/megalinter/pull/2688)
- Now Installation and Configuration menus have their own child menus
- Doc about how to use fine grained PAT by [@nvuillam](https://togithub.com/nvuillam) in [#2662](https://togithub.com/oxsecurity/megalinter/pull/2662)
- Fixed incorrect link in Azure to Gitlab reporters pages. by [@Doommius](https://togithub.com/Doommius) in [#2613](https://togithub.com/oxsecurity/megalinter/pull/2613)
- Added bitbucket job template + Fix icon in console logs by [@Doommius](https://togithub.com/Doommius) in [#2617](https://togithub.com/oxsecurity/megalinter/pull/2617)
- Exclude licenses pages from online search results by [@nvuillam](https://togithub.com/nvuillam) in [#2665](https://togithub.com/oxsecurity/megalinter/pull/2665)
- Improve HTML tables display by [@nvuillam](https://togithub.com/nvuillam) in [#2670](https://togithub.com/oxsecurity/megalinter/pull/2670)
- Remove ASCII characters from linters helps displayed in MegaLinter documentation
- Internal CI
- Upgrade GitHub Actions to change automated comments and increase timeout by [@nvuillam](https://togithub.com/nvuillam) in [#2536](https://togithub.com/oxsecurity/megalinter/pull/2536)
- Use Github Permissions instead of PAT by [@nvuillam](https://togithub.com/nvuillam) in [#2652](https://togithub.com/oxsecurity/megalinter/pull/2652)
- Update GitHub Actions workflows environments by [@nvuillam](https://togithub.com/nvuillam) in [#2657](https://togithub.com/oxsecurity/megalinter/pull/2657)
- Automate External Plugins table generation using **.automation/plugins.yml** file by [@nvuillam](https://togithub.com/nvuillam) in [#2667](https://togithub.com/oxsecurity/megalinter/pull/2667)
- Fix MegaLinter build issue by [@nvuillam](https://togithub.com/nvuillam) in [#2539](https://togithub.com/oxsecurity/megalinter/pull/2539)
- Fix for trivy-action (new naming for input) by [@DariuszPorowski](https://togithub.com/DariuszPorowski) in [#2541](https://togithub.com/oxsecurity/megalinter/pull/2541)
- Fix `/build` slash command to checkout the correct PR branch by [@echoix](https://togithub.com/echoix) in [#2542](https://togithub.com/oxsecurity/megalinter/pull/2542)
- Fix local run of python test cases by [@nvuillam](https://togithub.com/nvuillam) in [#2565](https://togithub.com/oxsecurity/megalinter/pull/2565)
- Fix mkdocs documentation generation by downgrading mkdocs-glightbox to 0.3.2 by [@nvuillam](https://togithub.com/nvuillam) in [#2582](https://togithub.com/oxsecurity/megalinter/pull/2582)
- Do not push to docker from dev PRs by [@nvuillam](https://togithub.com/nvuillam) in [#2639](https://togithub.com/oxsecurity/megalinter/pull/2639)
- Update stale workflow: remove trigger on comments and explicit permissions by [@echoix](https://togithub.com/echoix) in [#2641](https://togithub.com/oxsecurity/megalinter/pull/2641)
- Decouple updating docker pull stats from building docs by [@echoix](https://togithub.com/echoix) in [#2677](https://togithub.com/oxsecurity/megalinter/pull/2677)
- Review MegaLinter's own cspell word list for outdated exclusions by [@echoix](https://togithub.com/echoix) in [#2676](https://togithub.com/oxsecurity/megalinter/pull/2676)
- Run stale workflow only on schedule, by [@echoix](https://togithub.com/echoix) in [#2641](https://togithub.com/oxsecurity/megalinter/pull/2641)
- Add explicit permissions to stale workflow, by [@echoix](https://togithub.com/echoix) in [#2641](https://togithub.com/oxsecurity/megalinter/pull/2641)
- Linter versions upgrades
- [actionlint](https://rhysd.github.io/actionlint/) from 1.6.23 to **1.6.24**
- [ansible-lint](https://ansible-lint.readthedocs.io/) from 6.14.4 to **6.16.2**
- [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.15.31 to **0.17.1**
- [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.76.1 to **0.77.5**
- [checkov](https://www.checkov.io/) from 2.3.149 to **2.3.259**
- [checkstyle](https://checkstyle.sourceforge.io) from 10.9.3 to **10.11.0**
- [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.68 to **0.1.69**
- [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2023.03.17 to **2023.05.18**
- [csharpier](https://csharpier.com/) from 0.23.0 to **0.24.2**
- [djlint](https://djlint.com/) from 1.19.16 to **1.29.0**
- [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 6.0.407 to **6.0.408**
- [eslint-plugin-jsonc](https://ota-meshi.github.io/eslint-plugin-jsonc/) from 2.7.0 to **2.8.0**
- [eslint](https://eslint.org) from 8.37.0 to **8.41.0**
- [git_diff](https://git-scm.com) from 2.38.4 to **2.38.5**
- [gitleaks](https://togithub.com/zricethezav/gitleaks) from 8.16.1 to **8.16.3**
- [jscpd](https://togithub.com/kucherenko/jscpd/tree/master/packages/jscpd) from 3.5.4 to **3.5.9**
- [jsonlint](https://togithub.com/prantlf/jsonlint) from 14.0.2 to **14.0.3**
- [kics](https://www.kics.io) from 1.6.13 to **1.7.1**
- [ktlint](https://ktlint.github.io) from 0.48.2 to **0.49.1**
- [kubeconform](https://togithub.com/yannh/kubeconform) from 0.5.0 to **0.6.1**
- [kubescape](https://togithub.com/kubescape/kubescape) from 2.3.1 to **2.3.3**
- [markdown-link-check](https://togithub.com/tcort/markdown-link-check) from 3.10.3 to **3.11.2**
- [mypy](https://mypy.readthedocs.io/en/stable/) from 1.1.1 to **1.3.0**
- [phplint](https://togithub.com/overtrue/phplint) from 5.5 to **9.0.4**
- [phpstan](https://phpstan.org/) from 1.10.10 to **1.10.15**
- [pmd](https://pmd.github.io/) from 6.48.0 to **6.55.0**
- [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.3 to **7.3.4**
- [powershell_formatter](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.3 to **7.3.4**
- [prettier](https://prettier.io/) from 2.8.7 to **2.8.8**
- [protolint](https://togithub.com/yoheimuta/protolint) from 0.43.1 to **0.44.0**
- [psalm](https://psalm.dev) from Psalm.5.9.0@ to **Psalm.5.12.0@**
- [puppet-lint](http://puppet-lint.com/) from 3.3.0 to **4.0.0**
- [pylint](https://pylint.pycqa.org) from 2.17.2 to **2.17.4**
- [pyright](https://togithub.com/Microsoft/pyright) from 1.1.301 to **1.1.310**
- [revive](https://revive.run/) from 1.3.1 to **1.3.2**
- [rubocop](https://rubocop.org/) from 1.49.0 to **1.51.0**
- [ruff](https://togithub.com/charliermarsh/ruff) from 0.0.260 to **0.0.270**
- [semgrep](https://semgrep.dev/) from 1.16.0 to **1.23.0**
- [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0**
- [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0**
- [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0**
- [snakefmt](https://togithub.com/snakemake/snakefmt) from 0.8.3 to **0.8.4**
- [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.25.0 to **7.26.0**
- [spectral](https://meta.stoplight.io/docs/spectral/README.md) from 6.6.0 to **6.8.0**
- [sqlfluff](https://www.sqlfluff.com/) from 2.0.2 to **2.1.1**
- [stylelint](https://stylelint.io) from 15.4.0 to **15.6.2**
- [swiftlint](https://togithub.com/realm/SwiftLint) from 0.51.0 to **0.52.2**
- [syft](https://togithub.com/anchore/syft) from 0.76.0 to **0.82.0**
- [terraform-fmt](https://www.terraform.io/docs/cli/commands/fmt.html) from 1.4.4 to **1.4.6**
- [terragrunt](https://terragrunt.gruntwork.io) from 0.45.0 to **0.45.11**
- [terrascan](https://www.accurics.com/products/terrascan/) from 1.18.0 to **1.18.1**
- [tflint](https://togithub.com/terraform-linters/tflint) from 0.45.0 to **0.46.1**
- [trivy](https://aquasecurity.github.io/trivy/) from 0.39.0 to **0.41.0**
- [v8r](https://togithub.com/chris48s/v8r) from 1.0.0 to **2.0.0**
- [vale](https://vale.sh/) from 2.24.0 to **2.27.0**
- [xmllint](http://xmlsoft.org/xmllint.html) from 21003 to **21004**
- [yamllint](https://yamllint.readthedocs.io/) from 1.30.0 to **1.32.0**
Configuration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
v6.22.2->v7.2.1Release Notes
oxsecurity/megalinter (oxsecurity/megalinter)
### [`v7.2.1`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v721---2023-07-26) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.2.0...v7.2.1) - Fixes - Fix TAP reporter (3 real dots instead if 3 dots character) - Call trufflehog with `--only-verified` to avoid false positives in .git/config - Linter versions upgrades - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.78.2 to **0.79.2** - [checkov](https://www.checkov.io/) from 2.3.340 to **2.3.343** - [pylint](https://pylint.pycqa.org) from 2.17.4 to **2.17.5** - [rubocop](https://rubocop.org/) from 1.54.2 to **1.55.0** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.30.2 to **7.31.0** - [spectral](https://meta.stoplight.io/docs/spectral/README.md) from 6.8.0 to **6.10.0** - [sqlfluff](https://www.sqlfluff.com/) from 2.1.3 to **2.1.4** - [trufflehog](https://togithub.com/trufflesecurity/trufflehog) from 3.44.0 to **3.45.1** ### [`v7.2.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v720---2023-07-25) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.1.0...v7.2.0) - New linters - Add [Lychee](https://togithub.com/lycheeverse/lychee) - links and email addresses checker, by [@DariuszPorowski](https://togithub.com/DariuszPorowski) in [#2673](https://togithub.com/oxsecurity/megalinter/pull/2673) - Add [grype](https://togithub.com/anchore/grype) security linter - Add [trufflehog](https://togithub.com/trufflesecurity/trufflehog) security linter - New flavor **dotnetweb**: dotnet flavor linters + Javascript & Typescript linters - Media - [8 Tools to Scan Node.js Applications for Security Vulnerability](https://geekflare.com/nodejs-security-scanner/), by [Chandan Kumar](https://www.linkedin.com/in/chandank){target=\_blank} on [GeekFlare.com](https://geekflare.com/) - [Shift Left Just Become Easier (Black Hat Arsenal Session)](https://www.blackhat.com/us-23/arsenal/schedule/index.html#codetotal-shift-left-just-became-easier-33596) - Core - MegaLinter Server for [CodeTotal](https://www.blackhat.com/us-23/arsenal/schedule/index.html#codetotal-shift-left-just-became-easier-33596) - Improvements to Gitpod workspace and addition of Makefile for automation, by [@ThomasSanson](https://togithub.com/ThomasSanson) in [#2737](https://togithub.com/oxsecurity/megalinter/pull/2737) - Fixes - Handle reporter crashes without making all ML crash - Devskim: Remove default --ignore-globs argument - mypy: Use /tmp as cache folder by default with ENV MYPY_CACHE_DIR=/tmp in Dockerfile - Fix `hadolint` to use its default configuration file properly, by [@KihyeokK](https://togithub.com/KihyeokK) in [#2763](https://togithub.com/oxsecurity/megalinter/pull/2763) - Remove linters not in flavor before calling reporters - Undowngrade devskim, by [@nvuillam](https://togithub.com/nvuillam) in [#2748](https://togithub.com/oxsecurity/megalinter/pull/2748) - Add ts-standard linter for ts standard, by [@janderssonse](https://togithub.com/janderssonse) in [#2746](https://togithub.com/oxsecurity/megalinter/pull/2746) - Remove additional `--update` for apk in Dockerfile by [@PeterDaveHello](https://togithub.com/PeterDaveHello) in [#2619](https://togithub.com/oxsecurity/megalinter/pull/2619) - Fix V8R config arg usage ([#2756](https://togithub.com/oxsecurity/megalinter/issues/2756)), by [@bdovaz](https://togithub.com/bdovaz) in [#2819](https://togithub.com/oxsecurity/megalinter/pull/2819) - Reporters - New Redis reporter (beta) - CI - Clean docker build cache to avoid no space left on device during Build Dev job - Linter versions upgrades - [actionlint](https://rhysd.github.io/actionlint/) from 1.6.24 to **1.6.25** - [ansible-lint](https://ansible-lint.readthedocs.io/) from 6.16.2 to **6.17.2** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.17.1 to **0.19.5** - [black](https://black.readthedocs.io/en/stable/) from 23.3.0 to **23.7.0** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.77.10 to **0.78.2** - [checkov](https://www.checkov.io/) from 2.3.285 to **2.3.340** - [checkstyle](https://checkstyle.sourceforge.io) from 10.12.0 to **10.12.1** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.70 to **0.1.71** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2023.05.26 to **2023.07.13** - [csharpier](https://csharpier.com/) from 0.24.2 to **0.25.0** - [cspell](https://togithub.com/streetsidesoftware/cspell/tree/master/packages/cspell) from 6.31.1 to **6.31.2** - [devskim](https://togithub.com/microsoft/DevSkim) from 0.7.104 to **1.0.11** - [djlint](https://djlint.com/) from 1.30.2 to **1.32.1** - [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 6.0.408 to **6.0.412** - [eslint-plugin-jsonc](https://ota-meshi.github.io/eslint-plugin-jsonc/) from 2.8.0 to **2.9.0** - [eslint](https://eslint.org) from 8.42.0 to **8.45.0** - [gitleaks](https://togithub.com/gitleaks/gitleaks) from 8.16.4 to **8.17.0** - [golangci-lint](https://golangci-lint.run/) from 1.53.2 to **1.53.3** - [grype](https://togithub.com/anchore/grype) from 0.63.1 to **0.63.1** - [kics](https://www.kics.io) from 1.7.1 to **1.7.4** - [ktlint](https://ktlint.github.io) from 0.49.1 to **0.50.0** - [kubeconform](https://togithub.com/yannh/kubeconform) from 0.6.2 to **2.3.6** - [markdownlint](https://togithub.com/DavidAnson/markdownlint) from 0.34.0 to **0.35.0** - [mypy](https://mypy.readthedocs.io/en/stable/) from 1.3.0 to **1.4.1** - [npm-package-json-lint](https://npmpackagejsonlint.org/) from 6.4.0 to **7.0.0** - [phpstan](https://phpstan.org/) from 1.10.18 to **1.10.26** - [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.4 to **7.3.6** - [powershell_formatter](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.4 to **7.3.6** - [prettier](https://prettier.io/) from 2.8.8 to **3.0.0** - [protolint](https://togithub.com/yoheimuta/protolint) from 0.44.0 to **0.45.0** - [psalm](https://psalm.dev) from Psalm.5.12.0@ to **Psalm.5.13.1@** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.313 to **1.1.318** - [rubocop](https://rubocop.org/) from 1.52.0 to **1.54.2** - [ruff](https://togithub.com/charliermarsh/ruff) from 0.0.272 to **0.0.280** - [secretlint](https://togithub.com/secretlint/secretlint) from 6.2.3 to **7.0.3** - [semgrep](https://semgrep.dev/) from 1.26.0 to **1.33.2** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.13.0 to **3.14.0** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.13.0 to **3.14.0** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.13.0 to **3.14.0** - [shfmt](https://togithub.com/mvdan/sh) from 3.6.0 to **3.7.0** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.26.0 to **7.30.2** - [sqlfluff](https://www.sqlfluff.com/) from 2.1.1 to **2.1.3** - [stylelint](https://stylelint.io) from 15.10.0 to **15.10.0** - [swiftlint](https://togithub.com/realm/SwiftLint) from 0.52.2 to **0.52.4** - [syft](https://togithub.com/anchore/syft) from 0.83.0 to **0.85.0** - [terraform-fmt](https://developer.hashicorp.com/terraform/cli/commands/fmt) from 1.4.6 to **1.5.3** - [terragrunt](https://terragrunt.gruntwork.io) from 0.46.3 to **0.48.4** - [tflint](https://togithub.com/terraform-linters/tflint) from 0.46.1 to **0.47.0** - [trivy](https://aquasecurity.github.io/trivy/) from 0.42.1 to **0.43.1** - [vale](https://vale.sh/) from 2.27.0 to **2.28.1** ### [`v7.1.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v710---2023-06-11) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.4...v7.1.0) - Core - Upgrade base image to **python:3.11.4-alpine3.17**, by [@nvuillam](https://togithub.com/nvuillam) in [#2738](https://togithub.com/oxsecurity/megalinter/pull/2738) - Linter enhancements & fixes - cljstyle: Remove default value for configuration file name, by [@nvuillam](https://togithub.com/nvuillam) in [#2717](https://togithub.com/oxsecurity/megalinter/pull/2717) - golangci-lint : Add autofix capability using **--fix** argument, by [@seaneagan](https://togithub.com/seaneagan) in [#2700](https://togithub.com/oxsecurity/megalinter/pull/2700) - Linter versions upgrades - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.77.5 to **0.77.7** - [checkov](https://www.checkov.io/) from 2.3.267 to **2.3.285** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.69 to **0.1.70** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2023.05.18 to **2023.05.26** - [djlint](https://djlint.com/) from 1.30.0 to **1.30.2** - [eslint](https://eslint.org) from 8.41.0 to **8.42.0** - [gitleaks](https://togithub.com/gitleaks/gitleaks) from 8.16.3 to **8.16.4** - [golangci-lint](https://golangci-lint.run/) from 1.52.2 to **1.53.2** - [kubeconform](https://togithub.com/yannh/kubeconform) from 0.6.1 to **0.6.2** - [kubescape](https://togithub.com/kubescape/kubescape) from 2.3.4 to **2.3.5** - [luacheck](https://luacheck.readthedocs.io) from 1.1.0 to **1.1.1** - [markdownlint](https://togithub.com/DavidAnson/markdownlint) from 0.33.0 to **0.34.0** - [phpstan](https://phpstan.org/) from 1.10.15 to **1.10.18** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.311 to **1.1.313** - [rubocop](https://rubocop.org/) from 1.51.0 to **1.52.0** - [ruff](https://togithub.com/charliermarsh/ruff) from 0.0.270 to **0.0.272** - [scalafix](https://scalacenter.github.io/scalafix/) from 0.10.4 to **0.11.0** - [semgrep](https://semgrep.dev/) from 1.24.0 to **1.26.0** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.12.0 to **3.13.0** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.12.0 to **3.13.0** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.12.0 to **3.13.0** - [stylelint](https://stylelint.io) from 15.6.2 to **15.7.0** - [syft](https://togithub.com/anchore/syft) from 0.82.0 to **0.83.0** - [terragrunt](https://terragrunt.gruntwork.io) from 0.45.17 to **0.46.3** - [trivy](https://aquasecurity.github.io/trivy/) from 0.41.0 to **0.42.1** ### [`v7.0.4`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v704---2023-05-31) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.3...v7.0.4) - Core - Allow to define `linterkey_UNSECURED_ENV_VARIABLES` for specific linters to make them visible when necessary (ex: GITHUB_TOKEN for TERRAFORM_TFLINT) - Documentation - Add note to terraform_tflint about TERRAFORM_TFLINT_UNSECURED_ENV_VARIABLES by [@ruzickap](https://togithub.com/ruzickap) in [#2706](https://togithub.com/oxsecurity/megalinter/pull/2706) - Linter versions upgrades - [checkov](https://www.checkov.io/) from 2.3.261 to **2.3.267** - [djlint](https://djlint.com/) from 1.29.0 to **1.30.0** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.310 to **1.1.311** - [semgrep](https://semgrep.dev/) from 1.23.0 to **1.24.0** - [standard](https://standardjs.com/) from 17.0.0 to **17.1.0** - [terragrunt](https://terragrunt.gruntwork.io) from 0.45.16 to **0.45.17** ### [`v7.0.3`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v703---2023-05-29) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.2...v7.0.3) - Linter enhancements & fixes - New variable **TERRAFORM_TFLINT_SECURED_ENV** with default value `true`. Set to `false` to allow `tflint --init` to access your env vars. - Core - Secure PRE_COMMANDS and POST_COMMANDS by default - Can be disabled with **secured_env: false** in the command definition - Manage v6 retrocompatibility with FILTER_REGEX_INCLUDE and FILTER_REGEX_EXCLUDE expression - Linter versions upgrades - [checkstyle](https://checkstyle.sourceforge.io) from 10.11.0 to **10.12.0** - [kubescape](https://togithub.com/kubescape/kubescape) from 2.3.3 to **2.3.4** - [checkov](https://www.checkov.io/) from 2.3.259 to **2.3.261** ### [`v7.0.2`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v702---2023-05-27) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.1...v7.0.2) - Quick Fix mega-linter-runner --upgrade (Warning: bug with npm, not publish yet in mega-linter-runner) - Dead link to configuration.md - Regex issue with megalinter-reports ### [`v7.0.1`](https://togithub.com/oxsecurity/megalinter/compare/v7.0.0...v7.0.1) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.0...v7.0.1) ### [`v7.0.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v700---2023-05-27) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v6.22.2...v7.0.0) To upgrade to MegaLinter v7, run `npx mega-linter-runner@latest --upgrade` , comment [here](https://togithub.com/oxsecurity/megalinter/issues/2692) if you have any issue :) - MAJOR Updates - [SECURED_ENV_VARIABLES](https://megalinter.io/latest/config-variables-security/) & core scoped configuration by [@nvuillam](https://togithub.com/nvuillam) in [#2601](https://togithub.com/oxsecurity/megalinter/pull/2601) - New configuration variables **SECURED_ENV_VARIABLES** and SECURED_ENV_VARIABLES_DEFAULT to hide your environment sensitive variables to the linters called by MegaLinter - Read [documentation](https://megalinter.io/latest/config-variables-security/) to enhance security using MegaLinter - Use **relative file paths** to call linters by [@nvuillam](https://togithub.com/nvuillam) in [#1877](https://togithub.com/oxsecurity/megalinter/pull/1877) - This can be a breaking change for customizations, post an issue if you see a problem ! - New linters - Add linter [cljstyle](https://togithub.com/greglook/cljstyle), Clojure formatter, by [@practicalli-john](https://togithub.com/practicalli-john) in [#2115](https://togithub.com/oxsecurity/megalinter/pull/2115) - Add [kubescape](https://togithub.com/kubescape/kubescape), kubernetes linter, by [@muandane](https://togithub.com/muandane) in [#2531](https://togithub.com/oxsecurity/megalinter/pull/2531) - Add [Vale](https://vale.sh/), a powerful enforcer of writing style, by [@wesley-dean-flexion](https://togithub.com/wesley-dean-flexion) in [#2406](https://togithub.com/oxsecurity/megalinter/pull/2406) - Removed linters - KUBERNETES_KUBEVAL: Not maintained anymore (kubeconform recommended by the authors) - REPOSITORY_GOODCHECK: Not open-source anymore - SPELL_MISSPELL: Not maintained anymore (last commit in 2018) - TERRAFORM_CHECKOV: Replaced by REPOSITORY_CHECKOV - TERRAFORM_KICS: Replaced by REPOSITORY_KICS - Medias - Article: [Use the Workflows JSON schema in your IDE](https://cloud.google.com/workflows/docs/use-workflows-json-schema-with-ide), by [Google Cloud](https://cloud.google.com/) - Video: [Ortelius Architecture Meeting](https://www.youtube.com/watch?v=oegOSmVegiQ\&t=1510s), with a review of MegaLinter, by [Steve Taylor](https://togithub.com/sbtaylor15) from [Ortelius](https://ortelius.io/) - Web site: [my-devops-lab.com](https://www.my-devops-lab.com/tools) - Linter enhancements & fixes - [cspell](https://megalinter.io/latest/descriptors/spell_cspell/) - Fix corrective .cspell.json file generated from cspell output by [@nvuillam](https://togithub.com/nvuillam) in [#2562](https://togithub.com/oxsecurity/megalinter/pull/2562) - [eslint](https://megalinter.io/latest/descriptors/javascript_eslint/) - Ensure ESLint actually runs in project mode ([#1572](https://togithub.com/oxsecurity/megalinter/issues/1572)) by [@Kurt-von-Laven](https://togithub.com/Kurt-von-Laven) in [#2455](https://togithub.com/oxsecurity/megalinter/pull/2455) - [jscpd](https://megalinter.io/latest/descriptors/copypaste_jscpd/) - Prevent jscpd to create output folder if the repo is not writable by [@nvuillam](https://togithub.com/nvuillam) in [#2556](https://togithub.com/oxsecurity/megalinter/pull/2556) - [Gitleaks](https://megalinter.io/latest/descriptors/repository_gitleaks/) - Add support to scan PR commits only on PRs when `VALIDATE_ALL_CODEBASE` is set to `false`, by [@DariuszPorowski](https://togithub.com/DariuszPorowski) [#2504](https://togithub.com/oxsecurity/megalinter/pull/2504) - [KICS](https://megalinter.io/latest/descriptors/repository_kics/) - Move KICS to REPOSITORY descriptor, so it can analyze all types of files, not terraform only, by [@nvuillam](https://togithub.com/nvuillam) in [#2689](https://togithub.com/oxsecurity/megalinter/pull/2689) - KICS can now output SARIF - The new version can have performance issues: customize of disable REPOSITORY_KICS if necessary - [KubeConform](https://megalinter.io/latest/descriptors/kubernetes_kubeconform/) - Simplify kubeconform install & get version by [@nvuillam](https://togithub.com/nvuillam) in [#2629](https://togithub.com/oxsecurity/megalinter/pull/2629) - [PHPLint](https://megalinter.io/latest/descriptors/php_phplint/) - Upgrade PHPLint to v9 by [@bdovaz](https://togithub.com/bdovaz) in [#2638](https://togithub.com/oxsecurity/megalinter/pull/2638) - [sqlfluff](https://megalinter.io/latest/descriptors/sql_sqlfluff/) - Remove old options from SQLFluff config file by [@tunetheweb](https://togithub.com/tunetheweb) in [#2560](https://togithub.com/oxsecurity/megalinter/pull/2560) - [v8r](https://megalinter.io/latest/descriptors/json_v8r/) - Allow use of configuration files with v8r by [@bdovaz](https://togithub.com/bdovaz) in [#1982](https://togithub.com/oxsecurity/megalinter/pull/1982) - Core - Upgrade base Docker image to python:3.11.3-alpine3.17 by [@nvuillam](https://togithub.com/nvuillam) in [#2537](https://togithub.com/oxsecurity/megalinter/pull/2537) - Allow simultaneous regex filtering at descriptor and linter levels by [@nvuillam](https://togithub.com/nvuillam) & [@seaneagan](https://togithub.com/seaneagan) in [#2669](https://togithub.com/oxsecurity/megalinter/pull/2669) - Allow MEGALINTER_CONFIG to contain a full path to a MegaLinter config file by [@nvuillam](https://togithub.com/nvuillam) in [#2649](https://togithub.com/oxsecurity/megalinter/pull/2649) - Fix issue preventing plugins to work with flavors by [@nvuillam](https://togithub.com/nvuillam) in [#2532](https://togithub.com/oxsecurity/megalinter/pull/2532) - Fix crash in case of unreachable symlinks by [@nvuillam](https://togithub.com/nvuillam) in [#2538](https://togithub.com/oxsecurity/megalinter/pull/2538) - mega-linter-runner: Use --platform also for docker run by [@nvuillam](https://togithub.com/nvuillam) , [@Kurt-Von-Laven](https://togithub.com/Kurt-Von-Laven) & [@cam-barts](https://togithub.com/cam-barts) in [#2690](https://togithub.com/oxsecurity/megalinter/pull/2690) - Replace deprecated distutils.copy_tree by shutil.copytree - Reporters - [SARIF_REPORTER](https://megalinter.io/latest/reporters/SarifReporter/) - Add option to skip def_ws prefix in sarif reports by [@janderssonse](https://togithub.com/janderssonse) in [#2383](https://togithub.com/oxsecurity/megalinter/pull/2383) - update schema to pass official SARIF validator by [@DariuszPorowski](https://togithub.com/DariuszPorowski) in [#2645](https://togithub.com/oxsecurity/megalinter/pull/2645) - [CONFIG_REPORTER](https://megalinter.io/latest/reporters/ConfigReporter/) - Add support for idea plugins auto-install by [@waterfoul](https://togithub.com/waterfoul) in [#2553](https://togithub.com/oxsecurity/megalinter/pull/2553) - [CONSOLE_REPORTER](https://megalinter.io/latest/reporters/ConsoleReporter/) - Updated cases in console/log output to use β `Warning Sign (U+26A0)` instead of β¬ `White Up-Pointing Triangle with Dot (U+25EC)`, by [@Doommius](https://togithub.com/Doommius) - [GITLAB_COMMENT_REPORTER](https://megalinter.io/latest/reporters/GitlabCommentReporter/) - Enhancement & fixes for GitlabCommentReporter by [@nvuillam](https://togithub.com/nvuillam) in [#2564](https://togithub.com/oxsecurity/megalinter/pull/2564) - New var GITLAB_COMMENT_REPORTER_OVERWRITE_COMMENT to allow to disable the overwrite of existing MegaLinter comment in case of new run - In case of overwrite activated (by default), fetch all Merge Request comments, not the first 20. - Display a different message in log when a Merge Request comment is created or updated. - [AZURE_COMMENT_REPORTER](https://megalinter.io/latest/reporters/AzureCommentReporter/) - Downgrade Azure DevOps pipy package to avoid crash by [@nvuillam](https://togithub.com/nvuillam) in [#2576](https://togithub.com/oxsecurity/megalinter/pull/2576) - Documentation - Improve documentation pages split by [@nvuillam](https://togithub.com/nvuillam) in [#2688](https://togithub.com/oxsecurity/megalinter/pull/2688) - Now Installation and Configuration menus have their own child menus - Doc about how to use fine grained PAT by [@nvuillam](https://togithub.com/nvuillam) in [#2662](https://togithub.com/oxsecurity/megalinter/pull/2662) - Fixed incorrect link in Azure to Gitlab reporters pages. by [@Doommius](https://togithub.com/Doommius) in [#2613](https://togithub.com/oxsecurity/megalinter/pull/2613) - Added bitbucket job template + Fix icon in console logs by [@Doommius](https://togithub.com/Doommius) in [#2617](https://togithub.com/oxsecurity/megalinter/pull/2617) - Exclude licenses pages from online search results by [@nvuillam](https://togithub.com/nvuillam) in [#2665](https://togithub.com/oxsecurity/megalinter/pull/2665) - Improve HTML tables display by [@nvuillam](https://togithub.com/nvuillam) in [#2670](https://togithub.com/oxsecurity/megalinter/pull/2670) - Remove ASCII characters from linters helps displayed in MegaLinter documentation - Internal CI - Upgrade GitHub Actions to change automated comments and increase timeout by [@nvuillam](https://togithub.com/nvuillam) in [#2536](https://togithub.com/oxsecurity/megalinter/pull/2536) - Use Github Permissions instead of PAT by [@nvuillam](https://togithub.com/nvuillam) in [#2652](https://togithub.com/oxsecurity/megalinter/pull/2652) - Update GitHub Actions workflows environments by [@nvuillam](https://togithub.com/nvuillam) in [#2657](https://togithub.com/oxsecurity/megalinter/pull/2657) - Automate External Plugins table generation using **.automation/plugins.yml** file by [@nvuillam](https://togithub.com/nvuillam) in [#2667](https://togithub.com/oxsecurity/megalinter/pull/2667) - Fix MegaLinter build issue by [@nvuillam](https://togithub.com/nvuillam) in [#2539](https://togithub.com/oxsecurity/megalinter/pull/2539) - Fix for trivy-action (new naming for input) by [@DariuszPorowski](https://togithub.com/DariuszPorowski) in [#2541](https://togithub.com/oxsecurity/megalinter/pull/2541) - Fix `/build` slash command to checkout the correct PR branch by [@echoix](https://togithub.com/echoix) in [#2542](https://togithub.com/oxsecurity/megalinter/pull/2542) - Fix local run of python test cases by [@nvuillam](https://togithub.com/nvuillam) in [#2565](https://togithub.com/oxsecurity/megalinter/pull/2565) - Fix mkdocs documentation generation by downgrading mkdocs-glightbox to 0.3.2 by [@nvuillam](https://togithub.com/nvuillam) in [#2582](https://togithub.com/oxsecurity/megalinter/pull/2582) - Do not push to docker from dev PRs by [@nvuillam](https://togithub.com/nvuillam) in [#2639](https://togithub.com/oxsecurity/megalinter/pull/2639) - Update stale workflow: remove trigger on comments and explicit permissions by [@echoix](https://togithub.com/echoix) in [#2641](https://togithub.com/oxsecurity/megalinter/pull/2641) - Decouple updating docker pull stats from building docs by [@echoix](https://togithub.com/echoix) in [#2677](https://togithub.com/oxsecurity/megalinter/pull/2677) - Review MegaLinter's own cspell word list for outdated exclusions by [@echoix](https://togithub.com/echoix) in [#2676](https://togithub.com/oxsecurity/megalinter/pull/2676) - Run stale workflow only on schedule, by [@echoix](https://togithub.com/echoix) in [#2641](https://togithub.com/oxsecurity/megalinter/pull/2641) - Add explicit permissions to stale workflow, by [@echoix](https://togithub.com/echoix) in [#2641](https://togithub.com/oxsecurity/megalinter/pull/2641) - Linter versions upgrades - [actionlint](https://rhysd.github.io/actionlint/) from 1.6.23 to **1.6.24** - [ansible-lint](https://ansible-lint.readthedocs.io/) from 6.14.4 to **6.16.2** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.15.31 to **0.17.1** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.76.1 to **0.77.5** - [checkov](https://www.checkov.io/) from 2.3.149 to **2.3.259** - [checkstyle](https://checkstyle.sourceforge.io) from 10.9.3 to **10.11.0** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.68 to **0.1.69** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2023.03.17 to **2023.05.18** - [csharpier](https://csharpier.com/) from 0.23.0 to **0.24.2** - [djlint](https://djlint.com/) from 1.19.16 to **1.29.0** - [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 6.0.407 to **6.0.408** - [eslint-plugin-jsonc](https://ota-meshi.github.io/eslint-plugin-jsonc/) from 2.7.0 to **2.8.0** - [eslint](https://eslint.org) from 8.37.0 to **8.41.0** - [git_diff](https://git-scm.com) from 2.38.4 to **2.38.5** - [gitleaks](https://togithub.com/zricethezav/gitleaks) from 8.16.1 to **8.16.3** - [jscpd](https://togithub.com/kucherenko/jscpd/tree/master/packages/jscpd) from 3.5.4 to **3.5.9** - [jsonlint](https://togithub.com/prantlf/jsonlint) from 14.0.2 to **14.0.3** - [kics](https://www.kics.io) from 1.6.13 to **1.7.1** - [ktlint](https://ktlint.github.io) from 0.48.2 to **0.49.1** - [kubeconform](https://togithub.com/yannh/kubeconform) from 0.5.0 to **0.6.1** - [kubescape](https://togithub.com/kubescape/kubescape) from 2.3.1 to **2.3.3** - [markdown-link-check](https://togithub.com/tcort/markdown-link-check) from 3.10.3 to **3.11.2** - [mypy](https://mypy.readthedocs.io/en/stable/) from 1.1.1 to **1.3.0** - [phplint](https://togithub.com/overtrue/phplint) from 5.5 to **9.0.4** - [phpstan](https://phpstan.org/) from 1.10.10 to **1.10.15** - [pmd](https://pmd.github.io/) from 6.48.0 to **6.55.0** - [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.3 to **7.3.4** - [powershell_formatter](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.3 to **7.3.4** - [prettier](https://prettier.io/) from 2.8.7 to **2.8.8** - [protolint](https://togithub.com/yoheimuta/protolint) from 0.43.1 to **0.44.0** - [psalm](https://psalm.dev) from Psalm.5.9.0@ to **Psalm.5.12.0@** - [puppet-lint](http://puppet-lint.com/) from 3.3.0 to **4.0.0** - [pylint](https://pylint.pycqa.org) from 2.17.2 to **2.17.4** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.301 to **1.1.310** - [revive](https://revive.run/) from 1.3.1 to **1.3.2** - [rubocop](https://rubocop.org/) from 1.49.0 to **1.51.0** - [ruff](https://togithub.com/charliermarsh/ruff) from 0.0.260 to **0.0.270** - [semgrep](https://semgrep.dev/) from 1.16.0 to **1.23.0** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0** - [snakefmt](https://togithub.com/snakemake/snakefmt) from 0.8.3 to **0.8.4** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.25.0 to **7.26.0** - [spectral](https://meta.stoplight.io/docs/spectral/README.md) from 6.6.0 to **6.8.0** - [sqlfluff](https://www.sqlfluff.com/) from 2.0.2 to **2.1.1** - [stylelint](https://stylelint.io) from 15.4.0 to **15.6.2** - [swiftlint](https://togithub.com/realm/SwiftLint) from 0.51.0 to **0.52.2** - [syft](https://togithub.com/anchore/syft) from 0.76.0 to **0.82.0** - [terraform-fmt](https://www.terraform.io/docs/cli/commands/fmt.html) from 1.4.4 to **1.4.6** - [terragrunt](https://terragrunt.gruntwork.io) from 0.45.0 to **0.45.11** - [terrascan](https://www.accurics.com/products/terrascan/) from 1.18.0 to **1.18.1** - [tflint](https://togithub.com/terraform-linters/tflint) from 0.45.0 to **0.46.1** - [trivy](https://aquasecurity.github.io/trivy/) from 0.39.0 to **0.41.0** - [v8r](https://togithub.com/chris48s/v8r) from 1.0.0 to **2.0.0** - [vale](https://vale.sh/) from 2.24.0 to **2.27.0** - [xmllint](http://xmlsoft.org/xmllint.html) from 21003 to **21004** - [yamllint](https://yamllint.readthedocs.io/) from 1.30.0 to **1.32.0**Configuration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.