Closed renovate[bot] closed 3 months ago
Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
---|---|---|---|---|---|
❌ ACTION | actionlint | 11 | 10 | 0.09s | |
❌ API | spectral | 2 | 1 | 7.51s | |
⚠️ BASH | bash-exec | 107 | 65 | 0.27s | |
❌ BASH | shellcheck | 107 | 814 | 5.33s | |
✅ BASH | shfmt | 107 | 96 | 0 | 0.42s |
❌ COPYPASTE | jscpd | yes | 4166 | 339.89s | |
❌ CSS | stylelint | 2 | 1 | 1 | 2.69s |
❌ DOCKERFILE | hadolint | 26 | 1 | 0.53s | |
❌ HTML | djlint | 2 | 10 | 0.67s | |
❌ HTML | htmlhint | 2 | 2 | 0.25s | |
✅ JSON | jsonlint | 6 | 0 | 0.21s | |
✅ JSON | prettier | 6 | 4 | 0 | 1.28s |
✅ JSON | v8r | 6 | 0 | 4.42s | |
⚠️ MARKDOWN | markdownlint | 638 | 446 | 3549 | 28.28s |
❌ MARKDOWN | markdown-link-check | 638 | 267 | 576.6s | |
✅ MARKDOWN | markdown-table-formatter | 638 | 480 | 0 | 2.14s |
❌ OPENAPI | spectral | 2 | 1 | 6.81s | |
✅ PROTOBUF | protolint | 11 | 10 | 0 | 5.48s |
❌ REPOSITORY | checkov | yes | 58 | 113.09s | |
❌ REPOSITORY | gitleaks | yes | 26 | 40.97s | |
❌ REPOSITORY | git_diff | yes | 1 | 0.33s | |
❌ REPOSITORY | grype | yes | 1 | 10.63s | |
❌ REPOSITORY | secretlint | yes | 1 | 403.14s | |
❌ REPOSITORY | trivy | yes | 1 | 9.48s | |
✅ REPOSITORY | trivy-sbom | yes | no | 1.05s | |
✅ REPOSITORY | trufflehog | yes | no | 14.17s | |
❌ SPELL | cspell | 8375 | 266371 | 5269.01s | |
❌ SPELL | lychee | 819 | 2318 | 55.09s | |
✅ XML | xmllint | 1 | 0 | 0 | 0.34s |
✅ YAML | prettier | 139 | 92 | 0 | 7.26s |
❌ YAML | v8r | 139 | 1 | 326.38s | |
❌ YAML | yamllint | 139 | 1 | 5.12s |
See detailed report in MegaLinter reports
This PR contains the following updates:
v1.31.0
->v1.33.0
GitHub Vulnerability Alerts
CVE-2024-24786
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
Release Notes
protocolbuffers/protobuf-go (google.golang.org/protobuf)
### [`v1.33.0`](https://togithub.com/protocolbuffers/protobuf-go/compare/v1.32.0...v1.33.0) [Compare Source](https://togithub.com/protocolbuffers/protobuf-go/compare/v1.32.0...v1.33.0) ### [`v1.32.0`](https://togithub.com/protocolbuffers/protobuf-go/releases/tag/v1.32.0) [Compare Source](https://togithub.com/protocolbuffers/protobuf-go/compare/v1.31.0...v1.32.0) **Full Changelog**: https://github.com/protocolbuffers/protobuf-go/compare/v1.31.0...v1.32.0 This release contains commit https://github.com/protocolbuffers/protobuf-go/commit/bfcd6476a38e41247d6bb43dc8f00b23ec9fffc2, which fixes a denial of service vulnerability by preventing a stack overflow through a default maximum recursion limit. See [https://github.com/golang/protobuf/issues/1583](https://togithub.com/golang/protobuf/issues/1583) and [https://github.com/golang/protobuf/issues/1584](https://togithub.com/golang/protobuf/issues/1584) for details.Configuration
📅 Schedule: Branch creation - "" in timezone UTC, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Never, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.