search

rwaltr / home-ops

Code and configuration used to manage the fleets of k8s and Terraform clusters managing the Waltr.Tech environment
MIT License
28 stars 0 forks source link

chore(deps): update oxsecurity/megalinter action to v7 #718

Closed teletraan-x[bot] closed 1 year ago

teletraan-x[bot] commented 1 year ago

This PR contains the following updates:

Package Type Update Change
oxsecurity/megalinter action major v6.22.2 -> v7.0.1

Release Notes

oxsecurity/megalinter ### [`v7.0.1`](https://togithub.com/oxsecurity/megalinter/releases/tag/v7.0.1): MegaLinter v7.0.1 [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.0...v7.0.1) #### What's Changed To upgrade to MegaLinter v7, run `npx mega-linter-runner@latest --upgrade` , comment [here](https://togithub.com/oxsecurity/megalinter/issues/2692) if you have any issue :) - MAJOR Updates - [SECURED_ENV_VARIABLES](https://megalinter.io/latest/config-variables-security/) & core scoped configuration by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2601](https://togithub.com/oxsecurity/megalinter/pull/2601) - New configuration variables **SECURED_ENV_VARIABLES** and SECURED_ENV_VARIABLES_DEFAULT to hide your environment sensitive variables to the linters called by MegaLinter - Read [documentation](https://megalinter.io/latest/config-variables-security/) to enhance security using MegaLinter - Use **relative file paths** to call linters by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/1877](https://togithub.com/oxsecurity/megalinter/pull/1877) - This can be a breaking change for customizations, post an issue if you see a problem ! - New linters - Add linter [cljstyle](https://togithub.com/greglook/cljstyle), Clojure formatter, by [@​practicalli-john](https://togithub.com/practicalli-john) in [https://github.com/oxsecurity/megalinter/pull/2115](https://togithub.com/oxsecurity/megalinter/pull/2115) - Add [kubescape](https://togithub.com/kubescape/kubescape), kubernetes linter, by [@​muandane](https://togithub.com/muandane) in [https://github.com/oxsecurity/megalinter/pull/2531](https://togithub.com/oxsecurity/megalinter/pull/2531) - Add [Vale](https://vale.sh/), a powerful enforcer of writing style, by [@​wesley-dean-flexion](https://togithub.com/wesley-dean-flexion) in [https://github.com/oxsecurity/megalinter/pull/2406](https://togithub.com/oxsecurity/megalinter/pull/2406) - Removed linters - KUBERNETES_KUBEVAL: Not maintained anymore (kubeconform recommended by the authors) - REPOSITORY_GOODCHECK: Not open-source anymore - SPELL_MISSPELL: Not maintained anymore (last commit in 2018) - TERRAFORM_CHECKOV: Replaced by REPOSITORY_CHECKOV - TERRAFORM_KICS: Replaced by REPOSITORY_KICS - Medias - Article: [Use the Workflows JSON schema in your IDE](https://cloud.google.com/workflows/docs/use-workflows-json-schema-with-ide), by [Google Cloud](https://cloud.google.com/) - Video: [Ortelius Architecture Meeting](https://www.youtube.com/watch?v=oegOSmVegiQ\&t=1510s), with a review of MegaLinter, by [Steve Taylor](https://togithub.com/sbtaylor15) from [Ortelius](https://ortelius.io/) - Web site: [my-devops-lab.com](https://www.my-devops-lab.com/tools) - Linter enhancements & fixes - [cspell](https://megalinter.io/latest/descriptors/spell_cspell/) - Fix corrective .cspell.json file generated from cspell output by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2562](https://togithub.com/oxsecurity/megalinter/pull/2562) - [eslint](https://megalinter.io/latest/descriptors/javascript_eslint/) - Ensure ESLint actually runs in project mode ([#​1572](https://togithub.com/oxsecurity/megalinter/issues/1572)) by [@​Kurt-von-Laven](https://togithub.com/Kurt-von-Laven) in [https://github.com/oxsecurity/megalinter/pull/2455](https://togithub.com/oxsecurity/megalinter/pull/2455) - [jscpd](https://megalinter.io/latest/descriptors/copypaste_jscpd/) - Prevent jscpd to create output folder if the repo is not writable by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2556](https://togithub.com/oxsecurity/megalinter/pull/2556) - [Gitleaks](https://megalinter.io/latest/descriptors/repository_gitleaks/) - Add support to scan PR commits only on PRs when `VALIDATE_ALL_CODEBASE` is set to `false`, by [@​DariuszPorowski](https://togithub.com/DariuszPorowski) [#​2504](https://togithub.com/oxsecurity/megalinter/pull/2504) - [KICS](https://megalinter.io/latest/descriptors/repository_kics/) - Move KICS to REPOSITORY descriptor, so it can analyze all types of files, not terraform only, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2689](https://togithub.com/oxsecurity/megalinter/pull/2689) - KICS can now output SARIF - The new version can have performance issues: customize of disable REPOSITORY_KICS if necessary - [KubeConform](https://megalinter.io/latest/descriptors/kubernetes_kubeconform/) - Simplify kubeconform install & get version by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2629](https://togithub.com/oxsecurity/megalinter/pull/2629) - [PHPLint](https://megalinter.io/latest/descriptors/php_phplint/) - Upgrade PHPLint to v9 by [@​bdovaz](https://togithub.com/bdovaz) in [https://github.com/oxsecurity/megalinter/pull/2638](https://togithub.com/oxsecurity/megalinter/pull/2638) - [sqlfluff](https://megalinter.io/latest/descriptors/sql_sqlfluff/) - Remove old options from SQLFluff config file by [@​tunetheweb](https://togithub.com/tunetheweb) in [https://github.com/oxsecurity/megalinter/pull/2560](https://togithub.com/oxsecurity/megalinter/pull/2560) - [v8r](https://megalinter.io/latest/descriptors/json_v8r/) - Allow use of configuration files with v8r by [@​bdovaz](https://togithub.com/bdovaz) in [https://github.com/oxsecurity/megalinter/pull/1982](https://togithub.com/oxsecurity/megalinter/pull/1982) - Core - Upgrade base Docker image to python:3.11.3-alpine3.17 by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2537](https://togithub.com/oxsecurity/megalinter/pull/2537) - Allow simultaneous regex filtering at descriptor and linter levels by [@​nvuillam](https://togithub.com/nvuillam) & [@​seaneagan](https://togithub.com/seaneagan) in [https://github.com/oxsecurity/megalinter/pull/2669](https://togithub.com/oxsecurity/megalinter/pull/2669) - Allow MEGALINTER_CONFIG to contain a full path to a MegaLinter config file by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2649](https://togithub.com/oxsecurity/megalinter/pull/2649) - Fix issue preventing plugins to work with flavors by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2532](https://togithub.com/oxsecurity/megalinter/pull/2532) - Fix crash in case of unreachable symlinks by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2538](https://togithub.com/oxsecurity/megalinter/pull/2538) - mega-linter-runner: Use --platform also for docker run by [@​nvuillam](https://togithub.com/nvuillam) , [@​Kurt-Von-Laven](https://togithub.com/Kurt-Von-Laven) & [@​cam-barts](https://togithub.com/cam-barts) in [https://github.com/oxsecurity/megalinter/pull/2690](https://togithub.com/oxsecurity/megalinter/pull/2690) - Replace deprecated distutils.copy_tree by shutil.copytree - Reporters - [SARIF_REPORTER](https://megalinter.io/latest/reporters/SarifReporter/) - Add option to skip def_ws prefix in sarif reports by [@​janderssonse](https://togithub.com/janderssonse) in [https://github.com/oxsecurity/megalinter/pull/2383](https://togithub.com/oxsecurity/megalinter/pull/2383) - update schema to pass official SARIF validator by [@​DariuszPorowski](https://togithub.com/DariuszPorowski) in [https://github.com/oxsecurity/megalinter/pull/2645](https://togithub.com/oxsecurity/megalinter/pull/2645) - [CONFIG_REPORTER](https://megalinter.io/latest/reporters/ConfigReporter/) - Add support for idea plugins auto-install by [@​waterfoul](https://togithub.com/waterfoul) in [https://github.com/oxsecurity/megalinter/pull/2553](https://togithub.com/oxsecurity/megalinter/pull/2553) - [CONSOLE_REPORTER](https://megalinter.io/latest/reporters/ConsoleReporter/) - Updated cases in console/log output to use ⚠ `Warning Sign (U+26A0)` instead of ◬ `White Up-Pointing Triangle with Dot (U+25EC)`, by [@​Doommius](https://togithub.com/Doommius) - [GITLAB_COMMENT_REPORTER](https://megalinter.io/latest/reporters/GitlabCommentReporter/) - Enhancement & fixes for GitlabCommentReporter by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2564](https://togithub.com/oxsecurity/megalinter/pull/2564) - New var GITLAB_COMMENT_REPORTER_OVERWRITE_COMMENT to allow to disable the overwrite of existing MegaLinter comment in case of new run - In case of overwrite activated (by default), fetch all Merge Request comments, not the first 20. - Display a different message in log when a Merge Request comment is created or updated. - [AZURE_COMMENT_REPORTER](https://megalinter.io/latest/reporters/AzureCommentReporter/) - Downgrade Azure DevOps pipy package to avoid crash by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2576](https://togithub.com/oxsecurity/megalinter/pull/2576) - Documentation - Improve documentation pages split by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2688](https://togithub.com/oxsecurity/megalinter/pull/2688) - Now Installation and Configuration menus have their own child menus - Doc about how to use fine grained PAT by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2662](https://togithub.com/oxsecurity/megalinter/pull/2662) - Fixed incorrect link in Azure to Gitlab reporters pages. by [@​Doommius](https://togithub.com/Doommius) in [https://github.com/oxsecurity/megalinter/pull/2613](https://togithub.com/oxsecurity/megalinter/pull/2613) - Added bitbucket job template + Fix icon in console logs by [@​Doommius](https://togithub.com/Doommius) in [https://github.com/oxsecurity/megalinter/pull/2617](https://togithub.com/oxsecurity/megalinter/pull/2617) - Exclude licenses pages from online search results by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2665](https://togithub.com/oxsecurity/megalinter/pull/2665) - Improve HTML tables display by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2670](https://togithub.com/oxsecurity/megalinter/pull/2670) - Remove ASCII characters from linters helps displayed in MegaLinter documentation - Internal CI - Upgrade GitHub Actions to change automated comments and increase timeout by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2536](https://togithub.com/oxsecurity/megalinter/pull/2536) - Use Github Permissions instead of PAT by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2652](https://togithub.com/oxsecurity/megalinter/pull/2652) - Update GitHub Actions workflows environments by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2657](https://togithub.com/oxsecurity/megalinter/pull/2657) - Automate External Plugins table generation using **.automation/plugins.yml** file by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2667](https://togithub.com/oxsecurity/megalinter/pull/2667) - Fix MegaLinter build issue by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2539](https://togithub.com/oxsecurity/megalinter/pull/2539) - Fix for trivy-action (new naming for input) by [@​DariuszPorowski](https://togithub.com/DariuszPorowski) in [https://github.com/oxsecurity/megalinter/pull/2541](https://togithub.com/oxsecurity/megalinter/pull/2541) - Fix `/build` slash command to checkout the correct PR branch by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/2542](https://togithub.com/oxsecurity/megalinter/pull/2542) - Fix local run of python test cases by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2565](https://togithub.com/oxsecurity/megalinter/pull/2565) - Fix mkdocs documentation generation by downgrading mkdocs-glightbox to 0.3.2 by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2582](https://togithub.com/oxsecurity/megalinter/pull/2582) - Do not push to docker from dev PRs by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2639](https://togithub.com/oxsecurity/megalinter/pull/2639) - Update stale workflow: remove trigger on comments and explicit permissions by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/2641](https://togithub.com/oxsecurity/megalinter/pull/2641) - Decouple updating docker pull stats from building docs by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/2677](https://togithub.com/oxsecurity/megalinter/pull/2677) - Review MegaLinter's own cspell word list for outdated exclusions by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/2676](https://togithub.com/oxsecurity/megalinter/pull/2676) - Run stale workflow only on schedule, by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/2641](https://togithub.com/oxsecurity/megalinter/pull/2641) - Add explicit permissions to stale workflow, by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/2641](https://togithub.com/oxsecurity/megalinter/pull/2641) - Linter versions upgrades - [actionlint](https://rhysd.github.io/actionlint/) from 1.6.23 to **1.6.24** - [ansible-lint](https://ansible-lint.readthedocs.io/) from 6.14.4 to **6.16.2** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.15.31 to **0.17.1** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.76.1 to **0.77.5** - [checkov](https://www.checkov.io/) from 2.3.149 to **2.3.259** - [checkstyle](https://checkstyle.sourceforge.io) from 10.9.3 to **10.11.0** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.68 to **0.1.69** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2023.03.17 to **2023.05.18** - [csharpier](https://csharpier.com/) from 0.23.0 to **0.24.2** - [djlint](https://djlint.com/) from 1.19.16 to **1.29.0** - [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 6.0.407 to **6.0.408** - [eslint-plugin-jsonc](https://ota-meshi.github.io/eslint-plugin-jsonc/) from 2.7.0 to **2.8.0** - [eslint](https://eslint.org) from 8.37.0 to **8.41.0** - [git_diff](https://git-scm.com) from 2.38.4 to **2.38.5** - [gitleaks](https://togithub.com/zricethezav/gitleaks) from 8.16.1 to **8.16.3** - [jscpd](https://togithub.com/kucherenko/jscpd/tree/master/packages/jscpd) from 3.5.4 to **3.5.9** - [jsonlint](https://togithub.com/prantlf/jsonlint) from 14.0.2 to **14.0.3** - [kics](https://www.kics.io) from 1.6.13 to **1.7.1** - [ktlint](https://ktlint.github.io) from 0.48.2 to **0.49.1** - [kubeconform](https://togithub.com/yannh/kubeconform) from 0.5.0 to **0.6.1** - [kubescape](https://togithub.com/kubescape/kubescape) from 2.3.1 to **2.3.3** - [markdown-link-check](https://togithub.com/tcort/markdown-link-check) from 3.10.3 to **3.11.2** - [mypy](https://mypy.readthedocs.io/en/stable/) from 1.1.1 to **1.3.0** - [phplint](https://togithub.com/overtrue/phplint) from 5.5 to **9.0.4** - [phpstan](https://phpstan.org/) from 1.10.10 to **1.10.15** - [pmd](https://pmd.github.io/) from 6.48.0 to **6.55.0** - [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.3 to **7.3.4** - [powershell_formatter](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.3 to **7.3.4** - [prettier](https://prettier.io/) from 2.8.7 to **2.8.8** - [protolint](https://togithub.com/yoheimuta/protolint) from 0.43.1 to **0.44.0** - [psalm](https://psalm.dev) from Psalm.5.9.0@​ to **Psalm.5.12.0@​** - [puppet-lint](http://puppet-lint.com/) from 3.3.0 to **4.0.0** - [pylint](https://pylint.pycqa.org) from 2.17.2 to **2.17.4** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.301 to **1.1.310** - [revive](https://revive.run/) from 1.3.1 to **1.3.2** - [rubocop](https://rubocop.org/) from 1.49.0 to **1.51.0** - [ruff](https://togithub.com/charliermarsh/ruff) from 0.0.260 to **0.0.270** - [semgrep](https://semgrep.dev/) from 1.16.0 to **1.23.0** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0** - [snakefmt](https://togithub.com/snakemake/snakefmt) from 0.8.3 to **0.8.4** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.25.0 to **7.26.0** - [spectral](https://meta.stoplight.io/docs/spectral/README.md) from 6.6.0 to **6.8.0** - [sqlfluff](https://www.sqlfluff.com/) from 2.0.2 to **2.1.1** - [stylelint](https://stylelint.io) from 15.4.0 to **15.6.2** - [swiftlint](https://togithub.com/realm/SwiftLint) from 0.51.0 to **0.52.2** - [syft](https://togithub.com/anchore/syft) from 0.76.0 to **0.82.0** - [terraform-fmt](https://www.terraform.io/docs/cli/commands/fmt.html) from 1.4.4 to **1.4.6** - [terragrunt](https://terragrunt.gruntwork.io) from 0.45.0 to **0.45.11** - [terrascan](https://www.accurics.com/products/terrascan/) from 1.18.0 to **1.18.1** - [tflint](https://togithub.com/terraform-linters/tflint) from 0.45.0 to **0.46.1** - [trivy](https://aquasecurity.github.io/trivy/) from 0.39.0 to **0.41.0** - [v8r](https://togithub.com/chris48s/v8r) from 1.0.0 to **2.0.0** - [vale](https://vale.sh/) from 2.24.0 to **2.27.0** - [xmllint](http://xmlsoft.org/xmllint.html) from 21003 to **21004** - [yamllint](https://yamllint.readthedocs.io/) from 1.30.0 to **1.32.0** #### New Contributors - [@​waterfoul](https://togithub.com/waterfoul) made their first contribution in [https://github.com/oxsecurity/megalinter/pull/2553](https://togithub.com/oxsecurity/megalinter/pull/2553) - [@​Doommius](https://togithub.com/Doommius) made their first contribution in [https://github.com/oxsecurity/megalinter/pull/2613](https://togithub.com/oxsecurity/megalinter/pull/2613) - [@​muandane](https://togithub.com/muandane) made their first contribution in [https://github.com/oxsecurity/megalinter/pull/2531](https://togithub.com/oxsecurity/megalinter/pull/2531) *MegaLinter is graciously provided by [![OX Security](https://www.ox.security/wp-content/uploads/2022/06/logo.svg?ref=megalinter_comment)](https://www.ox.security/?ref=megalinter)* **Full Changelog**: https://github.com/oxsecurity/megalinter/compare/v6.22.2...v7.0.1 ### [`v7.0.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v700---2023-05-27) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v6.22.2...v7.0.0) To upgrade to MegaLinter v7, run `npx mega-linter-runner@latest --upgrade` , comment [here](https://togithub.com/oxsecurity/megalinter/issues/2692) if you have any issue :) - MAJOR Updates - [SECURED_ENV_VARIABLES](https://megalinter.io/latest/config-variables-security/) & core scoped configuration by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2601](https://togithub.com/oxsecurity/megalinter/pull/2601) - New configuration variables **SECURED_ENV_VARIABLES** and SECURED_ENV_VARIABLES_DEFAULT to hide your environment sensitive variables to the linters called by MegaLinter - Read [documentation](https://megalinter.io/latest/config-variables-security/) to enhance security using MegaLinter - Use **relative file paths** to call linters by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/1877](https://togithub.com/oxsecurity/megalinter/pull/1877) - This can be a breaking change for customizations, post an issue if you see a problem ! - New linters - Add linter [cljstyle](https://togithub.com/greglook/cljstyle), Clojure formatter, by [@​practicalli-john](https://togithub.com/practicalli-john) in [https://github.com/oxsecurity/megalinter/pull/2115](https://togithub.com/oxsecurity/megalinter/pull/2115) - Add [kubescape](https://togithub.com/kubescape/kubescape), kubernetes linter, by [@​muandane](https://togithub.com/muandane) in [https://github.com/oxsecurity/megalinter/pull/2531](https://togithub.com/oxsecurity/megalinter/pull/2531) - Add [Vale](https://vale.sh/), a powerful enforcer of writing style, by [@​wesley-dean-flexion](https://togithub.com/wesley-dean-flexion) in [https://github.com/oxsecurity/megalinter/pull/2406](https://togithub.com/oxsecurity/megalinter/pull/2406) - Removed linters - KUBERNETES_KUBEVAL: Not maintained anymore (kubeconform recommended by the authors) - REPOSITORY_GOODCHECK: Not open-source anymore - SPELL_MISSPELL: Not maintained anymore (last commit in 2018) - TERRAFORM_CHECKOV: Replaced by REPOSITORY_CHECKOV - TERRAFORM_KICS: Replaced by REPOSITORY_KICS - Medias - Article: [Use the Workflows JSON schema in your IDE](https://cloud.google.com/workflows/docs/use-workflows-json-schema-with-ide), by [Google Cloud](https://cloud.google.com/) - Video: [Ortelius Architecture Meeting](https://www.youtube.com/watch?v=oegOSmVegiQ\&t=1510s), with a review of MegaLinter, by [Steve Taylor](https://togithub.com/sbtaylor15) from [Ortelius](https://ortelius.io/) - Web site: [my-devops-lab.com](https://www.my-devops-lab.com/tools) - Linter enhancements & fixes - [cspell](https://megalinter.io/latest/descriptors/spell_cspell/) - Fix corrective .cspell.json file generated from cspell output by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2562](https://togithub.com/oxsecurity/megalinter/pull/2562) - [eslint](https://megalinter.io/latest/descriptors/javascript_eslint/) - Ensure ESLint actually runs in project mode ([#​1572](https://togithub.com/oxsecurity/megalinter/issues/1572)) by [@​Kurt-von-Laven](https://togithub.com/Kurt-von-Laven) in [https://github.com/oxsecurity/megalinter/pull/2455](https://togithub.com/oxsecurity/megalinter/pull/2455) - [jscpd](https://megalinter.io/latest/descriptors/copypaste_jscpd/) - Prevent jscpd to create output folder if the repo is not writable by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2556](https://togithub.com/oxsecurity/megalinter/pull/2556) - [Gitleaks](https://megalinter.io/latest/descriptors/repository_gitleaks/) - Add support to scan PR commits only on PRs when `VALIDATE_ALL_CODEBASE` is set to `false`, by [@​DariuszPorowski](https://togithub.com/DariuszPorowski) [#​2504](https://togithub.com/oxsecurity/megalinter/pull/2504) - [KICS](https://megalinter.io/latest/descriptors/repository_kics/) - Move KICS to REPOSITORY descriptor, so it can analyze all types of files, not terraform only, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2689](https://togithub.com/oxsecurity/megalinter/pull/2689) - KICS can now output SARIF - The new version can have performance issues: customize of disable REPOSITORY_KICS if necessary - [KubeConform](https://megalinter.io/latest/descriptors/kubernetes_kubeconform/) - Simplify kubeconform install & get version by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2629](https://togithub.com/oxsecurity/megalinter/pull/2629) - [PHPLint](https://megalinter.io/latest/descriptors/php_phplint/) - Upgrade PHPLint to v9 by [@​bdovaz](https://togithub.com/bdovaz) in [https://github.com/oxsecurity/megalinter/pull/2638](https://togithub.com/oxsecurity/megalinter/pull/2638) - [sqlfluff](https://megalinter.io/latest/descriptors/sql_sqlfluff/) - Remove old options from SQLFluff config file by [@​tunetheweb](https://togithub.com/tunetheweb) in [https://github.com/oxsecurity/megalinter/pull/2560](https://togithub.com/oxsecurity/megalinter/pull/2560) - [v8r](https://megalinter.io/latest/descriptors/json_v8r/) - Allow use of configuration files with v8r by [@​bdovaz](https://togithub.com/bdovaz) in [https://github.com/oxsecurity/megalinter/pull/1982](https://togithub.com/oxsecurity/megalinter/pull/1982) - Core - Upgrade base Docker image to python:3.11.3-alpine3.17 by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2537](https://togithub.com/oxsecurity/megalinter/pull/2537) - Allow simultaneous regex filtering at descriptor and linter levels by [@​nvuillam](https://togithub.com/nvuillam) & [@​seaneagan](https://togithub.com/seaneagan) in [https://github.com/oxsecurity/megalinter/pull/2669](https://togithub.com/oxsecurity/megalinter/pull/2669) - Allow MEGALINTER_CONFIG to contain a full path to a MegaLinter config file by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2649](https://togithub.com/oxsecurity/megalinter/pull/2649) - Fix issue preventing plugins to work with flavors by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2532](https://togithub.com/oxsecurity/megalinter/pull/2532) - Fix crash in case of unreachable symlinks by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2538](https://togithub.com/oxsecurity/megalinter/pull/2538) - mega-linter-runner: Use --platform also for docker run by [@​nvuillam](https://togithub.com/nvuillam) , [@​Kurt-Von-Laven](https://togithub.com/Kurt-Von-Laven) & [@​cam-barts](https://togithub.com/cam-barts) in [https://github.com/oxsecurity/megalinter/pull/2690](https://togithub.com/oxsecurity/megalinter/pull/2690) - Replace deprecated distutils.copy_tree by shutil.copytree - Reporters - [SARIF_REPORTER](https://megalinter.io/latest/reporters/SarifReporter/) - Add option to skip def_ws prefix in sarif reports by [@​janderssonse](https://togithub.com/janderssonse) in [https://github.com/oxsecurity/megalinter/pull/2383](https://togithub.com/oxsecurity/megalinter/pull/2383) - update schema to pass official SARIF validator by [@​DariuszPorowski](https://togithub.com/DariuszPorowski) in [https://github.com/oxsecurity/megalinter/pull/2645](https://togithub.com/oxsecurity/megalinter/pull/2645) - [CONFIG_REPORTER](https://megalinter.io/latest/reporters/ConfigReporter/) - Add support for idea plugins auto-install by [@​waterfoul](https://togithub.com/waterfoul) in [https://github.com/oxsecurity/megalinter/pull/2553](https://togithub.com/oxsecurity/megalinter/pull/2553) - [CONSOLE_REPORTER](https://megalinter.io/latest/reporters/ConsoleReporter/) - Updated cases in console/log output to use ⚠ `Warning Sign (U+26A0)` instead of ◬ `White Up-Pointing Triangle with Dot (U+25EC)`, by [@​Doommius](https://togithub.com/Doommius) - [GITLAB_COMMENT_REPORTER](https://megalinter.io/latest/reporters/GitlabCommentReporter/) - Enhancement & fixes for GitlabCommentReporter by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2564](https://togithub.com/oxsecurity/megalinter/pull/2564) - New var GITLAB_COMMENT_REPORTER_OVERWRITE_COMMENT to allow to disable the overwrite of existing MegaLinter comment in case of new run - In case of overwrite activated (by default), fetch all Merge Request comments, not the first 20. - Display a different message in log when a Merge Request comment is created or updated. - [AZURE_COMMENT_REPORTER](https://megalinter.io/latest/reporters/AzureCommentReporter/) - Downgrade Azure DevOps pipy package to avoid crash by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2576](https://togithub.com/oxsecurity/megalinter/pull/2576) - Documentation - Improve documentation pages split by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2688](https://togithub.com/oxsecurity/megalinter/pull/2688) - Now Installation and Configuration menus have their own child menus - Doc about how to use fine grained PAT by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2662](https://togithub.com/oxsecurity/megalinter/pull/2662) - Fixed incorrect link in Azure to Gitlab reporters pages. by [@​Doommius](https://togithub.com/Doommius) in [https://github.com/oxsecurity/megalinter/pull/2613](https://togithub.com/oxsecurity/megalinter/pull/2613) - Added bitbucket job template + Fix icon in console logs by [@​Doommius](https://togithub.com/Doommius) in [https://github.com/oxsecurity/megalinter/pull/2617](https://togithub.com/oxsecurity/megalinter/pull/2617) - Exclude licenses pages from online search results by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2665](https://togithub.com/oxsecurity/megalinter/pull/2665) - Improve HTML tables display by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2670](https://togithub.com/oxsecurity/megalinter/pull/2670) - Remove ASCII characters from linters helps displayed in MegaLinter documentation - Internal CI - Upgrade GitHub Actions to change automated comments and increase timeout by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2536](https://togithub.com/oxsecurity/megalinter/pull/2536) - Use Github Permissions instead of PAT by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2652](https://togithub.com/oxsecurity/megalinter/pull/2652) - Update GitHub Actions workflows environments by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2657](https://togithub.com/oxsecurity/megalinter/pull/2657) - Automate External Plugins table generation using **.automation/plugins.yml** file by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2667](https://togithub.com/oxsecurity/megalinter/pull/2667) - Fix MegaLinter build issue by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2539](https://togithub.com/oxsecurity/megalinter/pull/2539) - Fix for trivy-action (new naming for input) by [@​DariuszPorowski](https://togithub.com/DariuszPorowski) in [https://github.com/oxsecurity/megalinter/pull/2541](https://togithub.com/oxsecurity/megalinter/pull/2541) - Fix `/build` slash command to checkout the correct PR branch by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/2542](https://togithub.com/oxsecurity/megalinter/pull/2542) - Fix local run of python test cases by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2565](https://togithub.com/oxsecurity/megalinter/pull/2565) - Fix mkdocs documentation generation by downgrading mkdocs-glightbox to 0.3.2 by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2582](https://togithub.com/oxsecurity/megalinter/pull/2582) - Do not push to docker from dev PRs by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/2639](https://togithub.com/oxsecurity/megalinter/pull/2639) - Update stale workflow: remove trigger on comments and explicit permissions by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/2641](https://togithub.com/oxsecurity/megalinter/pull/2641) - Decouple updating docker pull stats from building docs by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/2677](https://togithub.com/oxsecurity/megalinter/pull/2677) - Review MegaLinter's own cspell word list for outdated exclusions by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/2676](https://togithub.com/oxsecurity/megalinter/pull/2676) - Run stale workflow only on schedule, by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/2641](https://togithub.com/oxsecurity/megalinter/pull/2641) - Add explicit permissions to stale workflow, by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/2641](https://togithub.com/oxsecurity/megalinter/pull/2641) - Linter versions upgrades - [actionlint](https://rhysd.github.io/actionlint/) from 1.6.23 to **1.6.24** - [ansible-lint](https://ansible-lint.readthedocs.io/) from 6.14.4 to **6.16.2** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.15.31 to **0.17.1** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.76.1 to **0.77.5** - [checkov](https://www.checkov.io/) from 2.3.149 to **2.3.259** - [checkstyle](https://checkstyle.sourceforge.io) from 10.9.3 to **10.11.0** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.68 to **0.1.69** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2023.03.17 to **2023.05.18** - [csharpier](https://csharpier.com/) from 0.23.0 to **0.24.2** - [djlint](https://djlint.com/) from 1.19.16 to **1.29.0** - [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 6.0.407 to **6.0.408** - [eslint-plugin-jsonc](https://ota-meshi.github.io/eslint-plugin-jsonc/) from 2.7.0 to **2.8.0** - [eslint](https://eslint.org) from 8.37.0 to **8.41.0** - [git_diff](https://git-scm.com) from 2.38.4 to **2.38.5** - [gitleaks](https://togithub.com/zricethezav/gitleaks) from 8.16.1 to **8.16.3** - [jscpd](https://togithub.com/kucherenko/jscpd/tree/master/packages/jscpd) from 3.5.4 to **3.5.9** - [jsonlint](https://togithub.com/prantlf/jsonlint) from 14.0.2 to **14.0.3** - [kics](https://www.kics.io) from 1.6.13 to **1.7.1** - [ktlint](https://ktlint.github.io) from 0.48.2 to **0.49.1** - [kubeconform](https://togithub.com/yannh/kubeconform) from 0.5.0 to **0.6.1** - [kubescape](https://togithub.com/kubescape/kubescape) from 2.3.1 to **2.3.3** - [markdown-link-check](https://togithub.com/tcort/markdown-link-check) from 3.10.3 to **3.11.2** - [mypy](https://mypy.readthedocs.io/en/stable/) from 1.1.1 to **1.3.0** - [phplint](https://togithub.com/overtrue/phplint) from 5.5 to **9.0.4** - [phpstan](https://phpstan.org/) from 1.10.10 to **1.10.15** - [pmd](https://pmd.github.io/) from 6.48.0 to **6.55.0** - [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.3 to **7.3.4** - [powershell_formatter](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.3 to **7.3.4** - [prettier](https://prettier.io/) from 2.8.7 to **2.8.8** - [protolint](https://togithub.com/yoheimuta/protolint) from 0.43.1 to **0.44.0** - [psalm](https://psalm.dev) from Psalm.5.9.0@​ to **Psalm.5.12.0@​** - [puppet-lint](http://puppet-lint.com/) from 3.3.0 to **4.0.0** - [pylint](https://pylint.pycqa.org) from 2.17.2 to **2.17.4** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.301 to **1.1.310** - [revive](https://revive.run/) from 1.3.1 to **1.3.2** - [rubocop](https://rubocop.org/) from 1.49.0 to **1.51.0** - [ruff](https://togithub.com/charliermarsh/ruff) from 0.0.260 to **0.0.270** - [semgrep](https://semgrep.dev/) from 1.16.0 to **1.23.0** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0** - [snakefmt](https://togithub.com/snakemake/snakefmt) from 0.8.3 to **0.8.4** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.25.0 to **7.26.0** - [spectral](https://meta.stoplight.io/docs/spectral/README.md) from 6.6.0 to **6.8.0** - [sqlfluff](https://www.sqlfluff.com/) from 2.0.2 to **2.1.1** - [stylelint](https://stylelint.io) from 15.4.0 to **15.6.2** - [swiftlint](https://togithub.com/realm/SwiftLint) from 0.51.0 to **0.52.2** - [syft](https://togithub.com/anchore/syft) from 0.76.0 to **0.82.0** - [terraform-fmt](https://www.terraform.io/docs/cli/commands/fmt.html) from 1.4.4 to **1.4.6** - [terragrunt](https://terragrunt.gruntwork.io) from 0.45.0 to **0.45.11** - [terrascan](https://www.accurics.com/products/terrascan/) from 1.18.0 to **1.18.1** - [tflint](https://togithub.com/terraform-linters/tflint) from 0.45.0 to **0.46.1** - [trivy](https://aquasecurity.github.io/trivy/) from 0.39.0 to **0.41.0** - [v8r](https://togithub.com/chris48s/v8r) from 1.0.0 to **2.0.0** - [vale](https://vale.sh/) from 2.24.0 to **2.27.0** - [xmllint](http://xmlsoft.org/xmllint.html) from 21003 to **21004** - [yamllint](https://yamllint.readthedocs.io/) from 1.30.0 to **1.32.0**

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Renovate Bot.

teletraan-x[bot] commented 1 year ago

🦙 MegaLinter status: ✅ SUCCESS

Descriptor Linter Files Fixed Errors Elapsed time
✅ ACTION actionlint 1 0 0.01s
✅ REPOSITORY git_diff yes no 0.01s
✅ REPOSITORY secretlint yes no 1.12s
✅ YAML prettier 1 0 0.52s
✅ YAML yamllint 1 0 0.27s

See detailed report in MegaLinter reports _Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff_

_MegaLinter is graciously provided by OX Security_