Closed renovate[bot] closed 6 months ago
sonarcloud[bot]
commented
6 months ago 
Quality Gate passedIssues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
No data about Coverage
No data about Duplication
github-actions[bot]
commented
6 months ago | Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|---|---|---|---|---|
| ❌ ACTION | actionlint | 4 | 9 | 0.07s | |
| ⚠️ BASH | bash-exec | 16 | 7 | 0.04s | |
| ❌ BASH | shellcheck | 16 | 64 | 0.36s | |
| ✅ BASH | shfmt | 16 | 11 | 0 | 0.67s |
| ❌ COPYPASTE | jscpd | yes | 738 | 36.34s | |
| ❌ CSS | stylelint | 10 | 5 | 1 | 4.02s |
| ❌ DOCKERFILE | hadolint | 1 | 1 | 0.13s | |
| ❌ HTML | djlint | 23 | 5077 | 168.9s | |
| ❌ HTML | htmlhint | 23 | 37 | 0.61s | |
| ❌ JAVASCRIPT | standard | 61 | 61 | 1 | 22.58s |
| ❌ JSON | jsonlint | 55 | 1 | 0.24s | |
| ⚠️ JSON | prettier | 55 | 43 | 1 | 7.04s |
| ✅ JSON | v8r | 55 | 0 | 82.03s | |
| ⚠️ MARKDOWN | markdownlint | 273 | 237 | 721 | 11.08s |
| ❌ MARKDOWN | markdown-link-check | 273 | 132 | 172.73s | |
| ✅ MARKDOWN | markdown-table-formatter | 273 | 239 | 0 | 2.03s |
| ❌ REPOSITORY | checkov | yes | 5 | 61.39s | |
| ❌ REPOSITORY | gitleaks | yes | 2 | 59.49s | |
| ✅ REPOSITORY | git_diff | yes | no | 1.1s | |
| ❌ REPOSITORY | grype | yes | 1 | 10.74s | |
| ✅ REPOSITORY | secretlint | yes | no | 36.5s | |
| ❌ REPOSITORY | trivy | yes | 1 | 11.42s | |
| ✅ REPOSITORY | trivy-sbom | yes | no | 1.05s | |
| ✅ REPOSITORY | trufflehog | yes | no | 8.52s | |
| ❌ SPELL | cspell | 2561 | 59501 | 741.22s | |
| ❌ SPELL | lychee | 1077 | 156 | 90.24s | |
| ✅ YAML | prettier | 705 | 695 | 0 | 23.89s |
| ❌ YAML | v8r | 705 | 1 | 243.85s | |
| ❌ YAML | yamllint | 705 | 1 | 46.06s |
See detailed report in MegaLinter reports
_MegaLinter is graciously provided by 
_
This PR contains the following updates:
==7.31.1->==8.10.0GitHub Vulnerability Alerts
CVE-2023-24816
IPython provides an interactive Python shell and Jupyter kernel to use Python interactively. Versions prior to 8.10.0 are vulnerable to command injection in the
set_term_titlefunction under specific conditions. This has been patched in version 8.10.0.Impact
Users are only vulnerable when calling this function in Windows in a Python environment where ctypes is not available. The dependency on ctypes in
IPython.utils._process_win32prevents the vulnerable code from ever being reached (making it effectively dead code). However, as a library that could be used by another tool,set_term_titlecould introduce a vulnerability for dependencies. Currentlyset_term_titleis only called with (semi-)trusted input that contain the current working directory of the current IPython session. If an attacker can control directory names, and manage to get a user tocdinto this directory, then the attacker can execute arbitrary commands contained in the folder names.Release Notes
ipython/ipython (ipython)
### [`v8.10.0`](https://togithub.com/ipython/ipython/compare/8.9.0...8.10.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.9.0...8.10.0) ### [`v8.9.0`](https://togithub.com/ipython/ipython/compare/8.8.0...8.9.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.8.0...8.9.0) ### [`v8.8.0`](https://togithub.com/ipython/ipython/compare/8.7.0...8.8.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.7.0...8.8.0) ### [`v8.7.0`](https://togithub.com/ipython/ipython/compare/8.6.0...8.7.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.6.0...8.7.0) ### [`v8.6.0`](https://togithub.com/ipython/ipython/compare/8.5.0...8.6.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.5.0...8.6.0) ### [`v8.5.0`](https://togithub.com/ipython/ipython/compare/8.4.0...8.5.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.4.0...8.5.0) ### [`v8.4.0`](https://togithub.com/ipython/ipython/compare/8.3.0...8.4.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.3.0...8.4.0) ### [`v8.3.0`](https://togithub.com/ipython/ipython/compare/8.2.0...8.3.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.2.0...8.3.0) ### [`v8.2.0`](https://togithub.com/ipython/ipython/compare/8.1.1...8.2.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.1.1...8.2.0) ### [`v8.1.1`](https://togithub.com/ipython/ipython/compare/8.1.0...8.1.1) [Compare Source](https://togithub.com/ipython/ipython/compare/8.1.0...8.1.1) ### [`v8.1.0`](https://togithub.com/ipython/ipython/compare/8.0.1...8.1.0) [Compare Source](https://togithub.com/ipython/ipython/compare/8.0.1...8.1.0) ### [`v8.0.1`](https://togithub.com/ipython/ipython/compare/8.0.0...8.0.1) [Compare Source](https://togithub.com/ipython/ipython/compare/8.0.0...8.0.1) ### [`v8.0.0`](https://togithub.com/ipython/ipython/compare/7.34.0...8.0.0) [Compare Source](https://togithub.com/ipython/ipython/compare/7.34.0...8.0.0) ### [`v7.34.0`](https://togithub.com/ipython/ipython/compare/7.33.0...7.34.0) [Compare Source](https://togithub.com/ipython/ipython/compare/7.33.0...7.34.0) ### [`v7.33.0`](https://togithub.com/ipython/ipython/compare/7.32.0...7.33.0) [Compare Source](https://togithub.com/ipython/ipython/compare/7.32.0...7.33.0) ### [`v7.32.0`](https://togithub.com/ipython/ipython/compare/7.31.1...7.32.0) [Compare Source](https://togithub.com/ipython/ipython/compare/7.31.1...7.32.0)Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.