Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update oxsecurity/megalinter action to v7 (#93)
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [oxsecurity/megalinter](https://togithub.com/oxsecurity/megalinter) | action | major | `v6.22.2` -> `v7.2.1` | --- ### Release Notes <details> <summary>oxsecurity/megalinter (oxsecurity/megalinter)</summary> ### [`v7.2.1`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v721---2023-07-26) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.2.0...v7.2.1) - Fixes - Fix TAP reporter (3 real dots instead if 3 dots character) - Call trufflehog with `--only-verified` to avoid false positives in .git/config - Linter versions upgrades - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.78.2 to **0.79.2** - [checkov](https://www.checkov.io/) from 2.3.340 to **2.3.343** - [pylint](https://pylint.pycqa.org) from 2.17.4 to **2.17.5** - [rubocop](https://rubocop.org/) from 1.54.2 to **1.55.0** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.30.2 to **7.31.0** - [spectral](https://meta.stoplight.io/docs/spectral/README.md) from 6.8.0 to **6.10.0** - [sqlfluff](https://www.sqlfluff.com/) from 2.1.3 to **2.1.4** - [trufflehog](https://togithub.com/trufflesecurity/trufflehog) from 3.44.0 to **3.45.1** ### [`v7.2.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v720---2023-07-25) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.1.0...v7.2.0) - New linters - Add [Lychee](https://togithub.com/lycheeverse/lychee) - links and email addresses checker, by [@​DariuszPorowski](https://togithub.com/DariuszPorowski) in [#​2673](https://togithub.com/oxsecurity/megalinter/pull/2673) - Add [grype](https://togithub.com/anchore/grype) security linter - Add [trufflehog](https://togithub.com/trufflesecurity/trufflehog) security linter - New flavor **dotnetweb**: dotnet flavor linters + Javascript & Typescript linters - Media - [8 Tools to Scan Node.js Applications for Security Vulnerability](https://geekflare.com/nodejs-security-scanner/), by [Chandan Kumar](https://www.linkedin.com/in/chandank){target=\_blank} on [GeekFlare.com](https://geekflare.com/) - [Shift Left Just Become Easier (Black Hat Arsenal Session)](https://www.blackhat.com/us-23/arsenal/schedule/index.html#codetotal-shift-left-just-became-easier-33596) - Core - MegaLinter Server for [CodeTotal](https://www.blackhat.com/us-23/arsenal/schedule/index.html#codetotal-shift-left-just-became-easier-33596) - Improvements to Gitpod workspace and addition of Makefile for automation, by [@​ThomasSanson](https://togithub.com/ThomasSanson) in [#​2737](https://togithub.com/oxsecurity/megalinter/pull/2737) - Fixes - Handle reporter crashes without making all ML crash - Devskim: Remove default --ignore-globs argument - mypy: Use /tmp as cache folder by default with ENV MYPY_CACHE_DIR=/tmp in Dockerfile - Fix `hadolint` to use its default configuration file properly, by [@​KihyeokK](https://togithub.com/KihyeokK) in [#​2763](https://togithub.com/oxsecurity/megalinter/pull/2763) - Remove linters not in flavor before calling reporters - Undowngrade devskim, by [@​nvuillam](https://togithub.com/nvuillam) in [#​2748](https://togithub.com/oxsecurity/megalinter/pull/2748) - Add ts-standard linter for ts standard, by [@​janderssonse](https://togithub.com/janderssonse) in [#​2746](https://togithub.com/oxsecurity/megalinter/pull/2746) - Remove additional `--update` for apk in Dockerfile by [@​PeterDaveHello](https://togithub.com/PeterDaveHello) in [#​2619](https://togithub.com/oxsecurity/megalinter/pull/2619) - Fix V8R config arg usage ([#​2756](https://togithub.com/oxsecurity/megalinter/issues/2756)), by [@​bdovaz](https://togithub.com/bdovaz) in [#​2819](https://togithub.com/oxsecurity/megalinter/pull/2819) - Reporters - New Redis reporter (beta) - CI - Clean docker build cache to avoid no space left on device during Build Dev job - Linter versions upgrades - [actionlint](https://rhysd.github.io/actionlint/) from 1.6.24 to **1.6.25** - [ansible-lint](https://ansible-lint.readthedocs.io/) from 6.16.2 to **6.17.2** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.17.1 to **0.19.5** - [black](https://black.readthedocs.io/en/stable/) from 23.3.0 to **23.7.0** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.77.10 to **0.78.2** - [checkov](https://www.checkov.io/) from 2.3.285 to **2.3.340** - [checkstyle](https://checkstyle.sourceforge.io) from 10.12.0 to **10.12.1** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.70 to **0.1.71** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2023.05.26 to **2023.07.13** - [csharpier](https://csharpier.com/) from 0.24.2 to **0.25.0** - [cspell](https://togithub.com/streetsidesoftware/cspell/tree/master/packages/cspell) from 6.31.1 to **6.31.2** - [devskim](https://togithub.com/microsoft/DevSkim) from 0.7.104 to **1.0.11** - [djlint](https://djlint.com/) from 1.30.2 to **1.32.1** - [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 6.0.408 to **6.0.412** - [eslint-plugin-jsonc](https://ota-meshi.github.io/eslint-plugin-jsonc/) from 2.8.0 to **2.9.0** - [eslint](https://eslint.org) from 8.42.0 to **8.45.0** - [gitleaks](https://togithub.com/gitleaks/gitleaks) from 8.16.4 to **8.17.0** - [golangci-lint](https://golangci-lint.run/) from 1.53.2 to **1.53.3** - [grype](https://togithub.com/anchore/grype) from 0.63.1 to **0.63.1** - [kics](https://www.kics.io) from 1.7.1 to **1.7.4** - [ktlint](https://ktlint.github.io) from 0.49.1 to **0.50.0** - [kubeconform](https://togithub.com/yannh/kubeconform) from 0.6.2 to **2.3.6** - [markdownlint](https://togithub.com/DavidAnson/markdownlint) from 0.34.0 to **0.35.0** - [mypy](https://mypy.readthedocs.io/en/stable/) from 1.3.0 to **1.4.1** - [npm-package-json-lint](https://npmpackagejsonlint.org/) from 6.4.0 to **7.0.0** - [phpstan](https://phpstan.org/) from 1.10.18 to **1.10.26** - [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.4 to **7.3.6** - [powershell_formatter](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.4 to **7.3.6** - [prettier](https://prettier.io/) from 2.8.8 to **3.0.0** - [protolint](https://togithub.com/yoheimuta/protolint) from 0.44.0 to **0.45.0** - [psalm](https://psalm.dev) from Psalm.5.12.0@​ to **Psalm.5.13.1@​** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.313 to **1.1.318** - [rubocop](https://rubocop.org/) from 1.52.0 to **1.54.2** - [ruff](https://togithub.com/charliermarsh/ruff) from 0.0.272 to **0.0.280** - [secretlint](https://togithub.com/secretlint/secretlint) from 6.2.3 to **7.0.3** - [semgrep](https://semgrep.dev/) from 1.26.0 to **1.33.2** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.13.0 to **3.14.0** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.13.0 to **3.14.0** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.13.0 to **3.14.0** - [shfmt](https://togithub.com/mvdan/sh) from 3.6.0 to **3.7.0** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.26.0 to **7.30.2** - [sqlfluff](https://www.sqlfluff.com/) from 2.1.1 to **2.1.3** - [stylelint](https://stylelint.io) from 15.10.0 to **15.10.0** - [swiftlint](https://togithub.com/realm/SwiftLint) from 0.52.2 to **0.52.4** - [syft](https://togithub.com/anchore/syft) from 0.83.0 to **0.85.0** - [terraform-fmt](https://developer.hashicorp.com/terraform/cli/commands/fmt) from 1.4.6 to **1.5.3** - [terragrunt](https://terragrunt.gruntwork.io) from 0.46.3 to **0.48.4** - [tflint](https://togithub.com/terraform-linters/tflint) from 0.46.1 to **0.47.0** - [trivy](https://aquasecurity.github.io/trivy/) from 0.42.1 to **0.43.1** - [vale](https://vale.sh/) from 2.27.0 to **2.28.1** ### [`v7.1.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v710---2023-06-11) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.4...v7.1.0) - Core - Upgrade base image to **python:3.11.4-alpine3.17**, by [@​nvuillam](https://togithub.com/nvuillam) in [#​2738](https://togithub.com/oxsecurity/megalinter/pull/2738) - Linter enhancements & fixes - cljstyle: Remove default value for configuration file name, by [@​nvuillam](https://togithub.com/nvuillam) in [#​2717](https://togithub.com/oxsecurity/megalinter/pull/2717) - golangci-lint : Add autofix capability using **--fix** argument, by [@​seaneagan](https://togithub.com/seaneagan) in [#​2700](https://togithub.com/oxsecurity/megalinter/pull/2700) - Linter versions upgrades - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.77.5 to **0.77.7** - [checkov](https://www.checkov.io/) from 2.3.267 to **2.3.285** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.69 to **0.1.70** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2023.05.18 to **2023.05.26** - [djlint](https://djlint.com/) from 1.30.0 to **1.30.2** - [eslint](https://eslint.org) from 8.41.0 to **8.42.0** - [gitleaks](https://togithub.com/gitleaks/gitleaks) from 8.16.3 to **8.16.4** - [golangci-lint](https://golangci-lint.run/) from 1.52.2 to **1.53.2** - [kubeconform](https://togithub.com/yannh/kubeconform) from 0.6.1 to **0.6.2** - [kubescape](https://togithub.com/kubescape/kubescape) from 2.3.4 to **2.3.5** - [luacheck](https://luacheck.readthedocs.io) from 1.1.0 to **1.1.1** - [markdownlint](https://togithub.com/DavidAnson/markdownlint) from 0.33.0 to **0.34.0** - [phpstan](https://phpstan.org/) from 1.10.15 to **1.10.18** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.311 to **1.1.313** - [rubocop](https://rubocop.org/) from 1.51.0 to **1.52.0** - [ruff](https://togithub.com/charliermarsh/ruff) from 0.0.270 to **0.0.272** - [scalafix](https://scalacenter.github.io/scalafix/) from 0.10.4 to **0.11.0** - [semgrep](https://semgrep.dev/) from 1.24.0 to **1.26.0** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.12.0 to **3.13.0** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.12.0 to **3.13.0** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.12.0 to **3.13.0** - [stylelint](https://stylelint.io) from 15.6.2 to **15.7.0** - [syft](https://togithub.com/anchore/syft) from 0.82.0 to **0.83.0** - [terragrunt](https://terragrunt.gruntwork.io) from 0.45.17 to **0.46.3** - [trivy](https://aquasecurity.github.io/trivy/) from 0.41.0 to **0.42.1** ### [`v7.0.4`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v704---2023-05-31) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.3...v7.0.4) - Core - Allow to define `linterkey_UNSECURED_ENV_VARIABLES` for specific linters to make them visible when necessary (ex: GITHUB_TOKEN for TERRAFORM_TFLINT) - Documentation - Add note to terraform_tflint about TERRAFORM_TFLINT_UNSECURED_ENV_VARIABLES by [@​ruzickap](https://togithub.com/ruzickap) in [#​2706](https://togithub.com/oxsecurity/megalinter/pull/2706) - Linter versions upgrades - [checkov](https://www.checkov.io/) from 2.3.261 to **2.3.267** - [djlint](https://djlint.com/) from 1.29.0 to **1.30.0** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.310 to **1.1.311** - [semgrep](https://semgrep.dev/) from 1.23.0 to **1.24.0** - [standard](https://standardjs.com/) from 17.0.0 to **17.1.0** - [terragrunt](https://terragrunt.gruntwork.io) from 0.45.16 to **0.45.17** ### [`v7.0.3`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v703---2023-05-29) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.2...v7.0.3) - Linter enhancements & fixes - New variable **TERRAFORM_TFLINT_SECURED_ENV** with default value `true`. Set to `false` to allow `tflint --init` to access your env vars. - Core - Secure PRE_COMMANDS and POST_COMMANDS by default - Can be disabled with **secured_env: false** in the command definition - Manage v6 retrocompatibility with FILTER_REGEX_INCLUDE and FILTER_REGEX_EXCLUDE expression - Linter versions upgrades - [checkstyle](https://checkstyle.sourceforge.io) from 10.11.0 to **10.12.0** - [kubescape](https://togithub.com/kubescape/kubescape) from 2.3.3 to **2.3.4** - [checkov](https://www.checkov.io/) from 2.3.259 to **2.3.261** ### [`v7.0.2`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v702---2023-05-27) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.1...v7.0.2) - Quick Fix mega-linter-runner --upgrade (Warning: bug with npm, not publish yet in mega-linter-runner) - Dead link to configuration.md - Regex issue with megalinter-reports ### [`v7.0.1`](https://togithub.com/oxsecurity/megalinter/compare/v7.0.0...v7.0.1) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.0.0...v7.0.1) ### [`v7.0.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v700---2023-05-27) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v6.22.2...v7.0.0) To upgrade to MegaLinter v7, run `npx mega-linter-runner@latest --upgrade` , comment [here](https://togithub.com/oxsecurity/megalinter/issues/2692) if you have any issue :) - MAJOR Updates - [SECURED_ENV_VARIABLES](https://megalinter.io/latest/config-variables-security/) & core scoped configuration by [@​nvuillam](https://togithub.com/nvuillam) in [#​2601](https://togithub.com/oxsecurity/megalinter/pull/2601) - New configuration variables **SECURED_ENV_VARIABLES** and SECURED_ENV_VARIABLES_DEFAULT to hide your environment sensitive variables to the linters called by MegaLinter - Read [documentation](https://megalinter.io/latest/config-variables-security/) to enhance security using MegaLinter - Use **relative file paths** to call linters by [@​nvuillam](https://togithub.com/nvuillam) in [#​1877](https://togithub.com/oxsecurity/megalinter/pull/1877) - This can be a breaking change for customizations, post an issue if you see a problem ! - New linters - Add linter [cljstyle](https://togithub.com/greglook/cljstyle), Clojure formatter, by [@​practicalli-john](https://togithub.com/practicalli-john) in [#​2115](https://togithub.com/oxsecurity/megalinter/pull/2115) - Add [kubescape](https://togithub.com/kubescape/kubescape), kubernetes linter, by [@​muandane](https://togithub.com/muandane) in [#​2531](https://togithub.com/oxsecurity/megalinter/pull/2531) - Add [Vale](https://vale.sh/), a powerful enforcer of writing style, by [@​wesley-dean-flexion](https://togithub.com/wesley-dean-flexion) in [#​2406](https://togithub.com/oxsecurity/megalinter/pull/2406) - Removed linters - KUBERNETES_KUBEVAL: Not maintained anymore (kubeconform recommended by the authors) - REPOSITORY_GOODCHECK: Not open-source anymore - SPELL_MISSPELL: Not maintained anymore (last commit in 2018) - TERRAFORM_CHECKOV: Replaced by REPOSITORY_CHECKOV - TERRAFORM_KICS: Replaced by REPOSITORY_KICS - Medias - Article: [Use the Workflows JSON schema in your IDE](https://cloud.google.com/workflows/docs/use-workflows-json-schema-with-ide), by [Google Cloud](https://cloud.google.com/) - Video: [Ortelius Architecture Meeting](https://www.youtube.com/watch?v=oegOSmVegiQ\&t=1510s), with a review of MegaLinter, by [Steve Taylor](https://togithub.com/sbtaylor15) from [Ortelius](https://ortelius.io/) - Web site: [my-devops-lab.com](https://www.my-devops-lab.com/tools) - Linter enhancements & fixes - [cspell](https://megalinter.io/latest/descriptors/spell_cspell/) - Fix corrective .cspell.json file generated from cspell output by [@​nvuillam](https://togithub.com/nvuillam) in [#​2562](https://togithub.com/oxsecurity/megalinter/pull/2562) - [eslint](https://megalinter.io/latest/descriptors/javascript_eslint/) - Ensure ESLint actually runs in project mode ([#​1572](https://togithub.com/oxsecurity/megalinter/issues/1572)) by [@​Kurt-von-Laven](https://togithub.com/Kurt-von-Laven) in [#​2455](https://togithub.com/oxsecurity/megalinter/pull/2455) - [jscpd](https://megalinter.io/latest/descriptors/copypaste_jscpd/) - Prevent jscpd to create output folder if the repo is not writable by [@​nvuillam](https://togithub.com/nvuillam) in [#​2556](https://togithub.com/oxsecurity/megalinter/pull/2556) - [Gitleaks](https://megalinter.io/latest/descriptors/repository_gitleaks/) - Add support to scan PR commits only on PRs when `VALIDATE_ALL_CODEBASE` is set to `false`, by [@​DariuszPorowski](https://togithub.com/DariuszPorowski) [#​2504](https://togithub.com/oxsecurity/megalinter/pull/2504) - [KICS](https://megalinter.io/latest/descriptors/repository_kics/) - Move KICS to REPOSITORY descriptor, so it can analyze all types of files, not terraform only, by [@​nvuillam](https://togithub.com/nvuillam) in [#​2689](https://togithub.com/oxsecurity/megalinter/pull/2689) - KICS can now output SARIF - The new version can have performance issues: customize of disable REPOSITORY_KICS if necessary - [KubeConform](https://megalinter.io/latest/descriptors/kubernetes_kubeconform/) - Simplify kubeconform install & get version by [@​nvuillam](https://togithub.com/nvuillam) in [#​2629](https://togithub.com/oxsecurity/megalinter/pull/2629) - [PHPLint](https://megalinter.io/latest/descriptors/php_phplint/) - Upgrade PHPLint to v9 by [@​bdovaz](https://togithub.com/bdovaz) in [#​2638](https://togithub.com/oxsecurity/megalinter/pull/2638) - [sqlfluff](https://megalinter.io/latest/descriptors/sql_sqlfluff/) - Remove old options from SQLFluff config file by [@​tunetheweb](https://togithub.com/tunetheweb) in [#​2560](https://togithub.com/oxsecurity/megalinter/pull/2560) - [v8r](https://megalinter.io/latest/descriptors/json_v8r/) - Allow use of configuration files with v8r by [@​bdovaz](https://togithub.com/bdovaz) in [#​1982](https://togithub.com/oxsecurity/megalinter/pull/1982) - Core - Upgrade base Docker image to python:3.11.3-alpine3.17 by [@​nvuillam](https://togithub.com/nvuillam) in [#​2537](https://togithub.com/oxsecurity/megalinter/pull/2537) - Allow simultaneous regex filtering at descriptor and linter levels by [@​nvuillam](https://togithub.com/nvuillam) & [@​seaneagan](https://togithub.com/seaneagan) in [#​2669](https://togithub.com/oxsecurity/megalinter/pull/2669) - Allow MEGALINTER_CONFIG to contain a full path to a MegaLinter config file by [@​nvuillam](https://togithub.com/nvuillam) in [#​2649](https://togithub.com/oxsecurity/megalinter/pull/2649) - Fix issue preventing plugins to work with flavors by [@​nvuillam](https://togithub.com/nvuillam) in [#​2532](https://togithub.com/oxsecurity/megalinter/pull/2532) - Fix crash in case of unreachable symlinks by [@​nvuillam](https://togithub.com/nvuillam) in [#​2538](https://togithub.com/oxsecurity/megalinter/pull/2538) - mega-linter-runner: Use --platform also for docker run by [@​nvuillam](https://togithub.com/nvuillam) , [@​Kurt-Von-Laven](https://togithub.com/Kurt-Von-Laven) & [@​cam-barts](https://togithub.com/cam-barts) in [#​2690](https://togithub.com/oxsecurity/megalinter/pull/2690) - Replace deprecated distutils.copy_tree by shutil.copytree - Reporters - [SARIF_REPORTER](https://megalinter.io/latest/reporters/SarifReporter/) - Add option to skip def_ws prefix in sarif reports by [@​janderssonse](https://togithub.com/janderssonse) in [#​2383](https://togithub.com/oxsecurity/megalinter/pull/2383) - update schema to pass official SARIF validator by [@​DariuszPorowski](https://togithub.com/DariuszPorowski) in [#​2645](https://togithub.com/oxsecurity/megalinter/pull/2645) - [CONFIG_REPORTER](https://megalinter.io/latest/reporters/ConfigReporter/) - Add support for idea plugins auto-install by [@​waterfoul](https://togithub.com/waterfoul) in [#​2553](https://togithub.com/oxsecurity/megalinter/pull/2553) - [CONSOLE_REPORTER](https://megalinter.io/latest/reporters/ConsoleReporter/) - Updated cases in console/log output to use ⚠ `Warning Sign (U+26A0)` instead of ◬ `White Up-Pointing Triangle with Dot (U+25EC)`, by [@​Doommius](https://togithub.com/Doommius) - [GITLAB_COMMENT_REPORTER](https://megalinter.io/latest/reporters/GitlabCommentReporter/) - Enhancement & fixes for GitlabCommentReporter by [@​nvuillam](https://togithub.com/nvuillam) in [#​2564](https://togithub.com/oxsecurity/megalinter/pull/2564) - New var GITLAB_COMMENT_REPORTER_OVERWRITE_COMMENT to allow to disable the overwrite of existing MegaLinter comment in case of new run - In case of overwrite activated (by default), fetch all Merge Request comments, not the first 20. - Display a different message in log when a Merge Request comment is created or updated. - [AZURE_COMMENT_REPORTER](https://megalinter.io/latest/reporters/AzureCommentReporter/) - Downgrade Azure DevOps pipy package to avoid crash by [@​nvuillam](https://togithub.com/nvuillam) in [#​2576](https://togithub.com/oxsecurity/megalinter/pull/2576) - Documentation - Improve documentation pages split by [@​nvuillam](https://togithub.com/nvuillam) in [#​2688](https://togithub.com/oxsecurity/megalinter/pull/2688) - Now Installation and Configuration menus have their own child menus - Doc about how to use fine grained PAT by [@​nvuillam](https://togithub.com/nvuillam) in [#​2662](https://togithub.com/oxsecurity/megalinter/pull/2662) - Fixed incorrect link in Azure to Gitlab reporters pages. by [@​Doommius](https://togithub.com/Doommius) in [#​2613](https://togithub.com/oxsecurity/megalinter/pull/2613) - Added bitbucket job template + Fix icon in console logs by [@​Doommius](https://togithub.com/Doommius) in [#​2617](https://togithub.com/oxsecurity/megalinter/pull/2617) - Exclude licenses pages from online search results by [@​nvuillam](https://togithub.com/nvuillam) in [#​2665](https://togithub.com/oxsecurity/megalinter/pull/2665) - Improve HTML tables display by [@​nvuillam](https://togithub.com/nvuillam) in [#​2670](https://togithub.com/oxsecurity/megalinter/pull/2670) - Remove ASCII characters from linters helps displayed in MegaLinter documentation - Internal CI - Upgrade GitHub Actions to change automated comments and increase timeout by [@​nvuillam](https://togithub.com/nvuillam) in [#​2536](https://togithub.com/oxsecurity/megalinter/pull/2536) - Use Github Permissions instead of PAT by [@​nvuillam](https://togithub.com/nvuillam) in [#​2652](https://togithub.com/oxsecurity/megalinter/pull/2652) - Update GitHub Actions workflows environments by [@​nvuillam](https://togithub.com/nvuillam) in [#​2657](https://togithub.com/oxsecurity/megalinter/pull/2657) - Automate External Plugins table generation using **.automation/plugins.yml** file by [@​nvuillam](https://togithub.com/nvuillam) in [#​2667](https://togithub.com/oxsecurity/megalinter/pull/2667) - Fix MegaLinter build issue by [@​nvuillam](https://togithub.com/nvuillam) in [#​2539](https://togithub.com/oxsecurity/megalinter/pull/2539) - Fix for trivy-action (new naming for input) by [@​DariuszPorowski](https://togithub.com/DariuszPorowski) in [#​2541](https://togithub.com/oxsecurity/megalinter/pull/2541) - Fix `/build` slash command to checkout the correct PR branch by [@​echoix](https://togithub.com/echoix) in [#​2542](https://togithub.com/oxsecurity/megalinter/pull/2542) - Fix local run of python test cases by [@​nvuillam](https://togithub.com/nvuillam) in [#​2565](https://togithub.com/oxsecurity/megalinter/pull/2565) - Fix mkdocs documentation generation by downgrading mkdocs-glightbox to 0.3.2 by [@​nvuillam](https://togithub.com/nvuillam) in [#​2582](https://togithub.com/oxsecurity/megalinter/pull/2582) - Do not push to docker from dev PRs by [@​nvuillam](https://togithub.com/nvuillam) in [#​2639](https://togithub.com/oxsecurity/megalinter/pull/2639) - Update stale workflow: remove trigger on comments and explicit permissions by [@​echoix](https://togithub.com/echoix) in [#​2641](https://togithub.com/oxsecurity/megalinter/pull/2641) - Decouple updating docker pull stats from building docs by [@​echoix](https://togithub.com/echoix) in [#​2677](https://togithub.com/oxsecurity/megalinter/pull/2677) - Review MegaLinter's own cspell word list for outdated exclusions by [@​echoix](https://togithub.com/echoix) in [#​2676](https://togithub.com/oxsecurity/megalinter/pull/2676) - Run stale workflow only on schedule, by [@​echoix](https://togithub.com/echoix) in [#​2641](https://togithub.com/oxsecurity/megalinter/pull/2641) - Add explicit permissions to stale workflow, by [@​echoix](https://togithub.com/echoix) in [#​2641](https://togithub.com/oxsecurity/megalinter/pull/2641) - Linter versions upgrades - [actionlint](https://rhysd.github.io/actionlint/) from 1.6.23 to **1.6.24** - [ansible-lint](https://ansible-lint.readthedocs.io/) from 6.14.4 to **6.16.2** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.15.31 to **0.17.1** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.76.1 to **0.77.5** - [checkov](https://www.checkov.io/) from 2.3.149 to **2.3.259** - [checkstyle](https://checkstyle.sourceforge.io) from 10.9.3 to **10.11.0** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.68 to **0.1.69** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2023.03.17 to **2023.05.18** - [csharpier](https://csharpier.com/) from 0.23.0 to **0.24.2** - [djlint](https://djlint.com/) from 1.19.16 to **1.29.0** - [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 6.0.407 to **6.0.408** - [eslint-plugin-jsonc](https://ota-meshi.github.io/eslint-plugin-jsonc/) from 2.7.0 to **2.8.0** - [eslint](https://eslint.org) from 8.37.0 to **8.41.0** - [git_diff](https://git-scm.com) from 2.38.4 to **2.38.5** - [gitleaks](https://togithub.com/zricethezav/gitleaks) from 8.16.1 to **8.16.3** - [jscpd](https://togithub.com/kucherenko/jscpd/tree/master/packages/jscpd) from 3.5.4 to **3.5.9** - [jsonlint](https://togithub.com/prantlf/jsonlint) from 14.0.2 to **14.0.3** - [kics](https://www.kics.io) from 1.6.13 to **1.7.1** - [ktlint](https://ktlint.github.io) from 0.48.2 to **0.49.1** - [kubeconform](https://togithub.com/yannh/kubeconform) from 0.5.0 to **0.6.1** - [kubescape](https://togithub.com/kubescape/kubescape) from 2.3.1 to **2.3.3** - [markdown-link-check](https://togithub.com/tcort/markdown-link-check) from 3.10.3 to **3.11.2** - [mypy](https://mypy.readthedocs.io/en/stable/) from 1.1.1 to **1.3.0** - [phplint](https://togithub.com/overtrue/phplint) from 5.5 to **9.0.4** - [phpstan](https://phpstan.org/) from 1.10.10 to **1.10.15** - [pmd](https://pmd.github.io/) from 6.48.0 to **6.55.0** - [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.3 to **7.3.4** - [powershell_formatter](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.3.3 to **7.3.4** - [prettier](https://prettier.io/) from 2.8.7 to **2.8.8** - [protolint](https://togithub.com/yoheimuta/protolint) from 0.43.1 to **0.44.0** - [psalm](https://psalm.dev) from Psalm.5.9.0@​ to **Psalm.5.12.0@​** - [puppet-lint](http://puppet-lint.com/) from 3.3.0 to **4.0.0** - [pylint](https://pylint.pycqa.org) from 2.17.2 to **2.17.4** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.301 to **1.1.310** - [revive](https://revive.run/) from 1.3.1 to **1.3.2** - [rubocop](https://rubocop.org/) from 1.49.0 to **1.51.0** - [ruff](https://togithub.com/charliermarsh/ruff) from 0.0.260 to **0.0.270** - [semgrep](https://semgrep.dev/) from 1.16.0 to **1.23.0** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.11.0 to **3.12.0** - [snakefmt](https://togithub.com/snakemake/snakefmt) from 0.8.3 to **0.8.4** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 7.25.0 to **7.26.0** - [spectral](https://meta.stoplight.io/docs/spectral/README.md) from 6.6.0 to **6.8.0** - [sqlfluff](https://www.sqlfluff.com/) from 2.0.2 to **2.1.1** - [stylelint](https://stylelint.io) from 15.4.0 to **15.6.2** - [swiftlint](https://togithub.com/realm/SwiftLint) from 0.51.0 to **0.52.2** - [syft](https://togithub.com/anchore/syft) from 0.76.0 to **0.82.0** - [terraform-fmt](https://www.terraform.io/docs/cli/commands/fmt.html) from 1.4.4 to **1.4.6** - [terragrunt](https://terragrunt.gruntwork.io) from 0.45.0 to **0.45.11** - [terrascan](https://www.accurics.com/products/terrascan/) from 1.18.0 to **1.18.1** - [tflint](https://togithub.com/terraform-linters/tflint) from 0.45.0 to **0.46.1** - [trivy](https://aquasecurity.github.io/trivy/) from 0.39.0 to **0.41.0** - [v8r](https://togithub.com/chris48s/v8r) from 1.0.0 to **2.0.0** - [vale](https://vale.sh/) from 2.24.0 to **2.27.0** - [xmllint](http://xmlsoft.org/xmllint.html) from 21003 to **21004** - [yamllint](https://yamllint.readthedocs.io/) from 1.30.0 to **1.32.0** </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/quiltdata/nf-quilt). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xMDIuNCIsInVwZGF0ZWRJblZlciI6IjM2LjExLjAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIn0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
](https://renovatebot.com){kind=link}
- Loading branch information
1 parent
e3b42bf
commit 78a1b84