Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

✨ Add MegaLinter #871

Merged
merged 8 commits into from
May 17, 2024
Merged

✨ Add MegaLinter #871

merged 8 commits into from
May 17, 2024
+80 βˆ’1

Conversation

connormaglynn
Copy link
Contributor

@connormaglynn connormaglynn commented Feb 19, 2024
edited
Loading

πŸ‘€ Purpose

  • To add static analysis checks to Pull Requests, raising awareness of security issues in configuration

♻️ What's changed

  • Added MegaLinter with several tools for static analysis

πŸ“ Notes

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Feb 19, 2024
edited
Loading

πŸ¦™ MegaLinter status: βœ… SUCCESS

Descriptor Linter Files Fixed Errors Elapsed time
βœ… ACTION actionlint 2 0 0.01s
βœ… REPOSITORY gitleaks yes no 0.71s
βœ… REPOSITORY trivy yes no 8.97s
βœ… YAML prettier 4 0 0.72s

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by OX Security

@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

1 similar comment
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@connormaglynn connormaglynn marked this pull request as ready for review May 7, 2024 19:14
@connormaglynn connormaglynn requested a review from a team as a code owner May 7, 2024 19:14
@connormaglynn connormaglynn changed the title ✨ Add megalinter base code ✨ Add MegaLinter May 7, 2024
davidkelliott
davidkelliott approved these changes May 15, 2024
View reviewed changes
.github/workflows/format-code.yml
@@ -2,7 +2,7 @@ name: code-formatter

on:
pull_request:
types: [opened, edited, reopened, synchronize]
branches: [main]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the reason for changing this? Just curious

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By default, it already does opened, reopened and synchronize (REF)

So we'll just be removing edited with this change, which I believe only triggers uniquely for PR meta-data changes like PR Title, PR Description etc. ♻️

And the pipeline running for a PR Title change seems like a waste πŸ‘€

@connormaglynn connormaglynn merged commit d6d5228 into main May 17, 2024
7 checks passed
@connormaglynn connormaglynn deleted the add-megalinter branch May 17, 2024 16:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@davidkelliott davidkelliott davidkelliott approved these changes

Assignees
No one assigned
Labels
None yet
Projects
βš™οΈ Operations Engineering
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@connormaglynn @davidkelliott