github-actions[bot]
commented
3 months ago 🦙 MegaLinter status: ❌ ERROR
| Descriptor | Linter | Files | Fixed | Errors | Elapsed time |
|---|---|---|---|---|---|
| ❌ ACTION | actionlint | 11 | 10 | 0.09s | |
| ❌ API | spectral | 2 | 1 | 7.51s | |
| ⚠️ BASH | bash-exec | 107 | 65 | 0.27s | |
| ❌ BASH | shellcheck | 107 | 814 | 5.33s | |
| ✅ BASH | shfmt | 107 | 96 | 0 | 0.42s |
| ❌ COPYPASTE | jscpd | yes | 4166 | 339.89s | |
| ❌ CSS | stylelint | 2 | 1 | 1 | 2.69s |
| ❌ DOCKERFILE | hadolint | 26 | 1 | 0.53s | |
| ❌ HTML | djlint | 2 | 10 | 0.67s | |
| ❌ HTML | htmlhint | 2 | 2 | 0.25s | |
| ✅ JSON | jsonlint | 6 | 0 | 0.21s | |
| ✅ JSON | prettier | 6 | 4 | 0 | 1.28s |
| ✅ JSON | v8r | 6 | 0 | 4.42s | |
| ⚠️ MARKDOWN | markdownlint | 638 | 446 | 3549 | 28.28s |
| ❌ MARKDOWN | markdown-link-check | 638 | 267 | 576.6s | |
| ✅ MARKDOWN | markdown-table-formatter | 638 | 480 | 0 | 2.14s |
| ❌ OPENAPI | spectral | 2 | 1 | 6.81s | |
| ✅ PROTOBUF | protolint | 11 | 10 | 0 | 5.48s |
| ❌ REPOSITORY | checkov | yes | 58 | 113.09s | |
| ❌ REPOSITORY | gitleaks | yes | 26 | 40.97s | |
| ❌ REPOSITORY | git_diff | yes | 1 | 0.33s | |
| ❌ REPOSITORY | grype | yes | 1 | 10.63s | |
| ❌ REPOSITORY | secretlint | yes | 1 | 403.14s | |
| ❌ REPOSITORY | trivy | yes | 1 | 9.48s | |
| ✅ REPOSITORY | trivy-sbom | yes | no | 1.05s | |
| ✅ REPOSITORY | trufflehog | yes | no | 14.17s | |
| ❌ SPELL | cspell | 8375 | 266371 | 5269.01s | |
| ❌ SPELL | lychee | 819 | 2318 | 55.09s | |
| ✅ XML | xmllint | 1 | 0 | 0 | 0.34s |
| ✅ YAML | prettier | 139 | 92 | 0 | 7.26s |
| ❌ YAML | v8r | 139 | 1 | 326.38s | |
| ❌ YAML | yamllint | 139 | 1 | 5.12s |
See detailed report in MegaLinter reports
_MegaLinter is graciously provided by 
_
This PR contains the following updates:
v1.31.0->v1.33.0GitHub Vulnerability Alerts
CVE-2024-24786
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.
Release Notes
protocolbuffers/protobuf-go (google.golang.org/protobuf)
### [`v1.33.0`](https://togithub.com/protocolbuffers/protobuf-go/compare/v1.32.0...v1.33.0) [Compare Source](https://togithub.com/protocolbuffers/protobuf-go/compare/v1.32.0...v1.33.0) ### [`v1.32.0`](https://togithub.com/protocolbuffers/protobuf-go/releases/tag/v1.32.0) [Compare Source](https://togithub.com/protocolbuffers/protobuf-go/compare/v1.31.0...v1.32.0) **Full Changelog**: https://github.com/protocolbuffers/protobuf-go/compare/v1.31.0...v1.32.0 This release contains commit https://github.com/protocolbuffers/protobuf-go/commit/bfcd6476a38e41247d6bb43dc8f00b23ec9fffc2, which fixes a denial of service vulnerability by preventing a stack overflow through a default maximum recursion limit. See [https://github.com/golang/protobuf/issues/1583](https://togithub.com/golang/protobuf/issues/1583) and [https://github.com/golang/protobuf/issues/1584](https://togithub.com/golang/protobuf/issues/1584) for details.Configuration
📅 Schedule: Branch creation - "" in timezone UTC, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Never, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.