Closed renovate[bot] closed 4 months ago
sonarcloud[bot]
commented
4 months ago 
Quality Gate passedIssues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
No data about Coverage
No data about Duplication
github-actions[bot]
commented
4 months ago | Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|---|---|---|---|---|
| ❌ ACTION | actionlint | 4 | 9 | 0.07s | |
| ⚠️ BASH | bash-exec | 16 | 7 | 0.06s | |
| ❌ BASH | shellcheck | 16 | 64 | 0.43s | |
| ✅ BASH | shfmt | 16 | 11 | 0 | 0.25s |
| ❌ COPYPASTE | jscpd | yes | 738 | 42.96s | |
| ❌ CSS | stylelint | 10 | 5 | 1 | 3.47s |
| ❌ DOCKERFILE | hadolint | 1 | 1 | 0.14s | |
| ❌ HTML | djlint | 23 | 5077 | 194.47s | |
| ❌ HTML | htmlhint | 23 | 37 | 0.62s | |
| ❌ JAVASCRIPT | standard | 61 | 61 | 1 | 22.25s |
| ❌ JSON | eslint-plugin-jsonc | 55 | 0 | 1 | 5.11s |
| ❌ JSON | jsonlint | 55 | 1 | 0.23s | |
| ⚠️ JSON | prettier | 55 | 43 | 1 | 6.53s |
| ✅ JSON | v8r | 55 | 0 | 134.68s | |
| ⚠️ MARKDOWN | markdownlint | 273 | 237 | 721 | 10.74s |
| ❌ MARKDOWN | markdown-link-check | 273 | 18 | 21.26s | |
| ✅ MARKDOWN | markdown-table-formatter | 273 | 239 | 0 | 1.58s |
| ❌ REPOSITORY | checkov | yes | 6 | 69.19s | |
| ❌ REPOSITORY | gitleaks | yes | 2 | 63.09s | |
| ✅ REPOSITORY | git_diff | yes | no | 0.98s | |
| ❌ REPOSITORY | grype | yes | 1 | 11.4s | |
| ✅ REPOSITORY | secretlint | yes | no | 42.32s | |
| ❌ REPOSITORY | trivy | yes | 1 | 9.77s | |
| ✅ REPOSITORY | trivy-sbom | yes | no | 8.28s | |
| ✅ REPOSITORY | trufflehog | yes | no | 13.62s | |
| ❌ SPELL | cspell | 2561 | 59501 | 1282.16s | |
| ❌ SPELL | lychee | 1077 | 146 | 90.59s | |
| ✅ YAML | prettier | 705 | 695 | 0 | 23.94s |
| ❌ YAML | v8r | 705 | 1 | 618.12s | |
| ❌ YAML | yamllint | 705 | 1 | 47.52s |
See detailed report in MegaLinter reports
_MegaLinter is graciously provided by 
_
This PR contains the following updates:
==7.31.1->==8.10.0GitHub Vulnerability Alerts
CVE-2023-24816
IPython provides an interactive Python shell and Jupyter kernel to use Python interactively. Versions prior to 8.10.0 are vulnerable to command injection in the
set_term_titlefunction under specific conditions. This has been patched in version 8.10.0.Impact
Users are only vulnerable when calling this function in Windows in a Python environment where ctypes is not available. The dependency on ctypes in
IPython.utils._process_win32prevents the vulnerable code from ever being reached (making it effectively dead code). However, as a library that could be used by another tool,set_term_titlecould introduce a vulnerability for dependencies. Currentlyset_term_titleis only called with (semi-)trusted input that contain the current working directory of the current IPython session. If an attacker can control directory names, and manage to get a user tocdinto this directory, then the attacker can execute arbitrary commands contained in the folder names.Release Notes
ipython/ipython (ipython)
### [`v8.10.0`](https://togithub.com/ipython/ipython/compare/8.9.0...8.10.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.9.0...8.10.0) ### [`v8.9.0`](https://togithub.com/ipython/ipython/compare/8.8.0...8.9.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.8.0...8.9.0) ### [`v8.8.0`](https://togithub.com/ipython/ipython/compare/8.7.0...8.8.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.7.0...8.8.0) ### [`v8.7.0`](https://togithub.com/ipython/ipython/compare/8.6.0...8.7.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.6.0...8.7.0) ### [`v8.6.0`](https://togithub.com/ipython/ipython/compare/8.5.0...8.6.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.5.0...8.6.0) ### [`v8.5.0`](https://togithub.com/ipython/ipython/compare/8.4.0...8.5.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.4.0...8.5.0) ### [`v8.4.0`](https://togithub.com/ipython/ipython/compare/8.3.0...8.4.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.3.0...8.4.0) ### [`v8.3.0`](https://togithub.com/ipython/ipython/compare/8.2.0...8.3.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.2.0...8.3.0) ### [`v8.2.0`](https://togithub.com/ipython/ipython/compare/8.1.1...8.2.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.1.1...8.2.0) ### [`v8.1.1`](https://togithub.com/ipython/ipython/compare/8.1.0...8.1.1) [Compare Source](https://togithub.com/ipython/ipython/compare/8.1.0...8.1.1) ### [`v8.1.0`](https://togithub.com/ipython/ipython/compare/8.0.1...8.1.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.0.1...8.1.0) ### [`v8.0.1`](https://togithub.com/ipython/ipython/compare/8.0.0...8.0.1) [Compare Source](https://togithub.com/ipython/ipython/compare/8.0.0...8.0.1) ### [`v8.0.0`](https://togithub.com/ipython/ipython/compare/7.34.0...8.0.0) [Compare Source](https://togithub.com/ipython/ipython/compare/7.34.0...8.0.0) ### [`v7.34.0`](https://togithub.com/ipython/ipython/compare/7.33.0...7.34.0) [Compare Source](https://togithub.com/ipython/ipython/compare/7.33.0...7.34.0) ### [`v7.33.0`](https://togithub.com/ipython/ipython/compare/7.32.0...7.33.0) [Compare Source](https://togithub.com/ipython/ipython/compare/7.32.0...7.33.0) ### [`v7.32.0`](https://togithub.com/ipython/ipython/compare/7.31.1...7.32.0) [Compare Source](https://togithub.com/ipython/ipython/compare/7.31.1...7.32.0)Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.