chore(deps): update oxsecurity/megalinter action to v8.3.0

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
oxsecurity/megalinter	action	minor	v8.1.0 -> v8.3.0

---

Release Notes

oxsecurity/megalinter (oxsecurity/megalinter)

v8.3.0

Compare Source

• Core

  • Display command log (truncated to 250 chars) even when LOG_LEVEL is not DEBUG
  • Allow to replace an ENV var value with the value of another ENV var before calling a PRE_COMMAND (helps for tflint run from GitHub Enterprise)
  • Fix handling of git submodule paths

• Fixes

  • trivy: retry in case of BLOB_UNKNOWN while downloading vulnerability list

• Reporters

  • Fix UpdatedSourcesReporter when APPLY_FIXES is list (array)
  • Fix AzureCommentReporter when the repo is not found: fallback using BUILD_REPOSITORY_ID. (+ disable space replacement in repo name with AZURE_COMMENT_REPORTER_REPLACE_WITH_SPACES: false)

• CI

  • Fix Docker mirroring job for release context
  • Remove max parallel jobs for release linters workflow

• Linter versions upgrades (13)

  • cfn-lint from 1.19.0 to 1.20.0
  • checkov from 3.2.298 to 3.2.311
  • csharpier from 0.29.2 to 0.30.2
  • markdownlint from 0.42.0 to 0.43.0
  • phpstan from 2.0.1 to 2.0.2
  • ruff from 0.7.4 to 0.8.0
  • spectral from 6.14.1 to 6.14.2
  • stylua from 0.20.0 to 2.0.0
  • syft from 1.16.0 to 1.17.0
  • trivy-sbom from 0.57.0 to 0.57.1
  • trivy from 0.57.0 to 0.57.1
  • trufflehog from 3.83.7 to 3.84.1
  • vale from 3.9.0 to 3.9.1

v8.2.0

Compare Source

• Media

  • 10 MegaLinter Tips and Tricks Unlock its Full Potential by Wes Dean
  • MegaLinter Performance Tuning for Maximum Efficiency by Wes Dean

• Linters enhancements

  • detekt Enable SARIF output + count errors
  • lintr: Support files in subdirectories, fix unit tests
  • phpcs: Activate APPLY_FIXES
  • Salesforce linters: Add SF_CLI_DISABLE_AUTOUPDATE for SF CLI JIT plugins
  • trivy: handle retry if failed to download Java DB is detected
  • tsqllint Re-enabled after .net 8 and security updates

• Fixes

  • Add message in PR comment if FAIL_IF_UPDATED_SOURCES is triggered
  • Fix linting errors in GitHub Actions template

• Reporters

  • UpdatedSourcesReporter will git commit & push fixed files to source branch if APPLY_FIXES is set
  • Fix AzureCommentReporter not adding comments to PR
  • Fix AzureCommentReporter fails when target repo contains spaces

• Doc

  • Updated documentation with Azure central pipeline use case
  • Update DevSkim documentation to show a valid exclusion config file
  • Note about risky rules and how to fix rule violations with PHP-CS-Fixer

• CI

  • Also prune volumes before pulling and pushing to docker hub
  • Externalize mirroring from ghcr.io to docker hub in another workflow to avoid memory issues
  • Squash docker images to have less layers and size
  • Comment jobs related to GitHub Worker images, as CodeTotal is not actively maintained
  • Make gitpod workflow not blocking until uv install is fixed
  • Update stale comment
  • Try several times to embed trivy db during Docker build, as a workaround to the random failures
  • Wait 10 secondes instead of 1 before retrying a failing test method, to avoid race conditions

• Linter versions upgrades (104)

  • actionlint from 1.7.3 to 1.7.4
  • ansible-lint from 24.9.2 to 24.10.0
  • bicep_linter from 0.30.23 to 0.31.92
  • cfn-lint from 1.16.1 to 1.19.0
  • checkov from 3.2.257 to 3.2.298
  • checkstyle from 10.18.2 to 10.20.1
  • clippy from 0.1.81 to 0.1.82
  • clj-kondo from 2024.09.27 to 2024.11.14
  • cspell from 8.15.1 to 8.16.0
  • devskim from 1.0.33 to 1.0.44
  • djlint from 1.35.2 to 1.36.1
  • dotnet-format from 8.0.110 to 8.0.111
  • gitleaks from 8.20.1 to 8.21.2
  • golangci-lint from 1.61.0 to 1.62.0
  • ktlint from 1.3.1 to 1.4.1
  • lightning-flow-scanner from 2.34.0 to 2.36.0
  • lychee from 0.16.1 to 0.17.0
  • mypy from 1.11.2 to 1.13.0
  • perlcritic from 1.152 to 1.156
  • phpcs from 3.10.3 to 3.11.1
  • phplint from 9.5.3 to 9.5.4
  • phpstan from 1.12.6 to 2.0.1
  • pmd from 7.6.0 to 7.7.0
  • pyright from 1.1.384 to 1.1.389
  • revive from 1.4.0 to 1.5.1
  • roslynator from 0.9.1.0 to 0.9.3.0
  • rubocop from 1.66.1 to 1.68.0
  • ruff from 0.6.9 to 0.7.4
  • secretlint from 8.4.0 to 9.0.0
  • sfdx-scanner-apex from 4.6.0 to 4.7.0
  • sfdx-scanner-aura from 4.6.0 to 4.7.0
  • sfdx-scanner-lwc from 4.6.0 to 4.7.0
  • shfmt from 3.9.0 to 3.10.0
  • snakemake from 8.21.0 to 8.25.3
  • spectral from 6.13.1 to 6.14.1
  • sqlfluff from 3.2.3 to 3.2.5
  • syft from 1.14.0 to 1.16.0
  • terraform-fmt from 1.9.5 to 1.9.8
  • terragrunt from 0.67.5 to 0.68.14
  • tflint from 0.53.0 to 0.54.0
  • trivy-sbom from 0.56.2 to 0.57.0
  • trivy from 0.56.2 to 0.57.0
  • trufflehog from 3.82.11 to 3.83.7
  • tsqllint from 1.15.3.0 to 1.16.0.0
  • v8r from 4.1.0 to 4.2.0
  • vale from 3.7.1 to 3.9.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	1		0	0.01s
✅ BASH	bash-exec	9		0	0.02s
✅ BASH	shellcheck	9		0	0.06s
✅ BASH	shfmt	9		0	0.0s
✅ COPYPASTE	jscpd	yes		no	1.02s
✅ JSON	jsonlint	12		0	0.18s
✅ JSON	prettier	9		0	0.45s
✅ JSON	v8r	12		0	4.76s
✅ MARKDOWN	markdownlint	45		0	0.72s
✅ MARKDOWN	markdown-link-check	45		0	9.21s
✅ MARKDOWN	markdown-table-formatter	45		0	0.21s
✅ REPOSITORY	gitleaks	yes		no	0.46s
✅ REPOSITORY	git_diff	yes		no	0.02s
✅ REPOSITORY	grype	yes		no	10.62s
✅ REPOSITORY	secretlint	yes		no	0.93s
✅ REPOSITORY	trivy-sbom	yes		no	0.08s
✅ REPOSITORY	trufflehog	yes		no	2.42s
✅ SPELL	cspell	93		0	3.0s
✅ YAML	prettier	24		0	0.79s
✅ YAML	v8r	23		0	5.64s
✅ YAML	yamllint	25		0	0.52s

See detailed report in MegaLinter reports

MegaLinter is graciously provided by