Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore(deps): update oxsecurity/megalinter action to v8 (#73)
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [oxsecurity/megalinter](https://togithub.com/oxsecurity/megalinter) | action | major | `v7.10.0` -> `v8.0.0` | --- ### Release Notes <details> <summary>oxsecurity/megalinter (oxsecurity/megalinter)</summary> ### [`v8.0.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v800---2024-08-19) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.13.0...v8.0.0) - Reporters - New [**ApiReporter**](https://megalinter.io/beta/reporters/ApiReporter/) (can be used to build Grafana dashboards), by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3540](https://togithub.com/oxsecurity/megalinter/pull/3540) [](https://www.youtube.com/watch?v=vbx-ifa1oXE) - Removed deprecated linters, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3854](https://togithub.com/oxsecurity/megalinter/pull/3854) - CSS_SCSSLINT: [Project discontinued and advising to use stylelint](https://togithub.com/sds/scss-lint#notice-consider-other-tools-before-adopting-scss-lint) - OPENAPI_SPECTRAL: Replaced by [API_SPECTRAL](https://megalinter.io/latest/descriptors/api_spectral/) (same linter but more formats handled) - SQL_SQL_LINT: [Project no longer maintained](https://togithub.com/joereynolds/sql-lint/issues/262) - Core - Hide to linters by default all environment variables that contain **TOKEN**, **USERNAME** or **PASSWORD**, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3881](https://togithub.com/oxsecurity/megalinter/pull/3881) - Allow to override CLI_LINT_MODE when defined as project, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3772](https://togithub.com/oxsecurity/megalinter/pull/3772) - Allow to use absolute paths for LINTER_RULES_PATH, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3775](https://togithub.com/oxsecurity/megalinter/pull/3775) - Allow to update variables from [PRE/POST Commands](https://megalinter.io/latest/config-precommands/) using `output_variables` property, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3861](https://togithub.com/oxsecurity/megalinter/pull/3861) - Media - [MegaLinter: un linter pour les gouverner tous](https://blog.wescale.fr/megalinter-un-linter-pour-les-gouverner-tous) (FR), by [Guillaume Arnaud](https://www.linkedin.com/in/guillaume-arnaud/) from [WeScale](https://www.wescale.fr/) - [MegaLinter](https://blog.stephane-robert.info/docs/developper/autres-outils/linters/megalinter/), by [Stéphane Robert](https://www.linkedin.com/in/stephanerobert1/), from [3DS OutScale](https://fr.outscale.com/) - [30 Seconds to Setup MegaLinter: Your Go-To Tool for Automated Code Quality](https://medium.com/@​caodanju/30-seconds-to-setup-megalinter-your-go-to-tool-for-automated-code-quality-and-iac-security-969d90a5a99c), by [Peng Cao](https://www.linkedin.com/in/peng-cao-83b6a2103/) | - Linters enhancements - [bandit](https://megalinter.io/latest/descriptors/python_bandit/) Call bandit with quiet mode to generate less logs, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3892](https://togithub.com/oxsecurity/megalinter/pull/3892) - [grype](https://megalinter.io/latest/descriptors/repository_grype/) Count number of errors returned by Grype, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3906](https://togithub.com/oxsecurity/megalinter/pull/3906) - [yamllint](https://megalinter.io/latest/descriptors/yaml_yamllint) Fix yamllint default format to avoid special characters or GitHub sections in text logs, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3898](https://togithub.com/oxsecurity/megalinter/pull/3898) - Fixes - [terrascan](https://runterrascan.io/) fixed errors and removed redundant code, by [@​TommyE123](https://togithub.com/TommyE123) in [https://github.com/oxsecurity/megalinter/pull/3767](https://togithub.com/oxsecurity/megalinter/pull/3767) - [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) various performance improvements and ability to specify sln or proj paths, by [@​TommyE123](https://togithub.com/TommyE123) in [https://github.com/oxsecurity/megalinter/pull/3741](https://togithub.com/oxsecurity/megalinter/pull/3741) - [swiftlint](https://togithub.com/realm/SwiftLint) Remove deprecated argument --path - Salesforce linters: Disable SF CLI auto update warning, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3883](https://togithub.com/oxsecurity/megalinter/pull/3883) - Doc - Add images and links to Git, CI/CD & other tools integrations at the beginning of the README, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3885](https://togithub.com/oxsecurity/megalinter/pull/3885) - Create README animated GIF presentation of MegaLinter, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3910](https://togithub.com/oxsecurity/megalinter/pull/3910) - Format mkdocs search index in place, by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/3890](https://togithub.com/oxsecurity/megalinter/pull/3890) - Use consistent spelling of 'flavor', by [@​InputUsername](https://togithub.com/InputUsername) in [https://github.com/oxsecurity/megalinter/pull/3789](https://togithub.com/oxsecurity/megalinter/pull/3789) - CI - Fix docker warnings, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3853](https://togithub.com/oxsecurity/megalinter/pull/3853) - FromAsCasing: 'as' and 'FROM' keywords' casing do not match - NoEmptyContinuation: Empty continuation line - SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data - Port Beta workflows to use docker/metadata-action, by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/3860](https://togithub.com/oxsecurity/megalinter/pull/3860) - AutoUpdate linters: Always create a PR if the job has been started manually, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3863](https://togithub.com/oxsecurity/megalinter/pull/3863) - Add `skip_checkout: true` to default MegaLinter GitHub Action template - Remove path filters in deploy-DEV workflow as it is a required check by [@​echoix](https://togithub.com/echoix) in [https://github.com/oxsecurity/megalinter/pull/3894](https://togithub.com/oxsecurity/megalinter/pull/3894) - mega-linter-runner - Add new rules to upgrade to MegaLinter v8, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3896](https://togithub.com/oxsecurity/megalinter/pull/3896) - Replace glob-promise by glob library, by [@​nvuillam](https://togithub.com/nvuillam) in [https://github.com/oxsecurity/megalinter/pull/3902](https://togithub.com/oxsecurity/megalinter/pull/3902) - **Minimum NodeJs version is now 20.x** - Linter versions upgrades - [ansible-lint](https://ansible-lint.readthedocs.io/) from 24.6.1 to **24.7.0** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.28.1 to **0.29.47** - [black](https://black.readthedocs.io/en/stable/) from 24.4.2 to **24.8.0** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 1.5.0 to **1.10.3** - [checkov](https://www.checkov.io/) from 3.2.174 to **3.2.232** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.79 to **0.1.80** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2024.05.24 to **2024.08.01** - [csharpier](https://csharpier.com/) from 0.28.2 to **0.29.0** - [cspell](https://togithub.com/streetsidesoftware/cspell/tree/master/packages/cspell) from 8.10.4 to **8.14.1** - [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 8.0.106 to **8.0.108** - [flake8](https://flake8.pycqa.org) from 7.1.0 to **7.1.1** - [golangci-lint](https://golangci-lint.run/) from 1.59.1 to **1.60.1** - [grype](https://togithub.com/anchore/grype) from 0.79.2 to **0.79.5** - [jsonlint](https://togithub.com/prantlf/jsonlint) from 14.0.3 to **16.0.0** - [kics](https://www.kics.io) from 2.1.1 to **2.1.2** - [kubeconform](https://togithub.com/yannh/kubeconform) from 0.6.6 to **0.6.7** - [lightning-flow-scanner](https://togithub.com/Lightning-Flow-Scanner) from 2.28.0 to **2.33.0** - [mypy](https://mypy.readthedocs.io/en/stable/) from 1.10.1 to **1.11.1** - [php-cs-fixer](https://cs.symfony.com/) from 3.59.3 to **3.62.0** - [phpcs](https://togithub.com/PHPCSStandards/PHP_CodeSniffer) from 3.10.1 to **3.10.2** - [phpstan](https://phpstan.org/) from 1.11.9 to **1.11.11** - [pmd](https://pmd.github.io/) from 7.3.0 to **7.4.0** - [prettier](https://prettier.io/) from 3.3.2 to **3.3.3** - [protolint](https://togithub.com/yoheimuta/protolint) from 0.50.2 to **0.50.5** - [pylint](https://pylint.readthedocs.io) from 3.2.5 to **3.2.6** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.370 to **1.1.376** - [revive](https://revive.run/) from 1.3.7 to **1.3.9** - [rstcheck](https://togithub.com/myint/rstcheck) from 6.2.1 to **6.2.4** - [rubocop](https://rubocop.org/) from 1.64.1 to **1.65.1** - [ruff](https://togithub.com/astral-sh/ruff) from 0.5.1 to **0.6.1** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 4.3.2 to **4.4.0** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 4.3.2 to **4.4.0** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 4.3.2 to **4.4.0** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 8.15.2 to **8.18.1** - [stylelint](https://stylelint.io) from 16.6.1 to **16.8.2** - [swiftlint](https://togithub.com/realm/SwiftLint) from 0.55.1 to **0.56.1** - [syft](https://togithub.com/anchore/syft) from 1.8.0 to **1.11.0** - [terraform-fmt](https://developer.hashicorp.com/terraform/cli/commands/fmt) from 1.9.0 to **1.9.4** - [terragrunt](https://terragrunt.gruntwork.io) from 0.59.6 to **0.66.8** - [tflint](https://togithub.com/terraform-linters/tflint) from 0.52.0 to **0.53.0** - [trivy-sbom](https://aquasecurity.github.io/trivy/) from 0.53.0 to **0.54.1** - [trivy](https://aquasecurity.github.io/trivy/) from 0.53.0 to **0.54.1** - [trufflehog](https://togithub.com/trufflesecurity/trufflehog) from 3.79.0 to **3.81.9** - [v8r](https://togithub.com/chris48s/v8r) from 3.1.0 to **4.0.1** - [vale](https://vale.sh/) from 3.6.0 to **3.7.0** ### [`v7.13.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v7130---2024-07-06) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.12.0...v7.13.0) - New linters - Add [**ls-lint**](https://ls-lint.org/), file and folder linter, by [@​scolladon](https://togithub.com/scolladon) in [#​3681](https://togithub.com/oxsecurity/megalinter/pull/3681) - Core - Handle renovate version comments in build script, by [@​echoix](https://togithub.com/echoix) in [#​3617](https://togithub.com/oxsecurity/megalinter/pull/3617) , [#​3627](https://togithub.com/oxsecurity/megalinter/pull/3627) , [#​3643](https://togithub.com/oxsecurity/megalinter/pull/3643) , [#​3699](https://togithub.com/oxsecurity/megalinter/pull/3699) , [#​3700](https://togithub.com/oxsecurity/megalinter/pull/3700) - Update base image to python:3.12.4-alpine3.20 - Use `dotnet8-sdk` available in the main repository, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3696](https://togithub.com/oxsecurity/megalinter/pull/3696) - Media - [Introducing MegaLinter: Streamlining Code Quality Checks Across Multiple Languages](https://cloudtuned.hashnode.dev/introducing-megalinter-streamlining-code-quality-checks-across-multiple-languages), by Cloud Tuned - [Infrastructure as Code GitHub Codespace Template](https://luke.geek.nz/azure/iac-github-codespace/), by [Luke Murray](https://www.linkedin.com/in/ljmurray/) - [Video: How to: Secrets scanning](https://youtu.be/iBMWAk5QIfM?si=EVcJilkz7Y2jdn6e\&t=649), by [Hackitect's playground](https://www.youtube.com/@​hackitectsplayground) - Linters enhancements - Add SARIF support (v2) for all PHP linters by [@​llaville](https://togithub.com/llaville) in [#​3745](https://togithub.com/oxsecurity/megalinter/pull/3745) , [#​3729](https://togithub.com/oxsecurity/megalinter/pull/3729) - Add python package Pygments to rst-lint venv, by [@​bobidle](https://togithub.com/bobidle) in [#​3631](https://togithub.com/oxsecurity/megalinter/pull/3631) - [CSharpier](https://csharpier.com) added ability to override config filename and path, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3664](https://togithub.com/oxsecurity/megalinter/pull/3664) - [xmllint](https://gnome.pages.gitlab.gnome.org/libxml2/xmllint.html) added support for `xsd` files, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3665](https://togithub.com/oxsecurity/megalinter/pull/3665) - Fixes - Improve support for single argument in `get_list_args` function, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3589](https://togithub.com/oxsecurity/megalinter/pull/3589) - [ansible-lint](https://ansible-lint.readthedocs.io) Improved activation by checking for `.ansible-lint` config file, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3697](https://togithub.com/oxsecurity/megalinter/pull/3697) - [DevSkim](https://togithub.com/microsoft/DevSkim) fixed fatal errors when scanning and ability to override config path, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3673](https://togithub.com/oxsecurity/megalinter/pull/3673) - [GitLeaks](https://togithub.com/gitleaks/gitleaks) add missing schema properties, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3675](https://togithub.com/oxsecurity/megalinter/pull/3675) - [Powershell](https://togithub.com/PowerShell/PSScriptAnalyzer#readme) Error table truncation improvements, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3620](https://togithub.com/oxsecurity/megalinter/pull/3620) - [Powershell](https://togithub.com/PowerShell/PSScriptAnalyzer#readme) added missing schema property `POWERSHELL_POWERSHELL_FORMATTER_OUTPUT_ENCODING`, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3678](https://togithub.com/oxsecurity/megalinter/pull/3678) - [syft](https://togithub.com/anchore/syft) use `scan` instead of deprecated `packages` arg, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3613](https://togithub.com/oxsecurity/megalinter/pull/3613) - [tflint](https://togithub.com/terraform-linters/tflint) added missing schema property `TERRAFORM_TFLINT_SECURED_ENV`, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3679](https://togithub.com/oxsecurity/megalinter/pull/3679) - [tflint](https://togithub.com/terraform-linters/tflint) fixed deprecated argument and other improvements to default `.tflint.hcl` template, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3688](https://togithub.com/oxsecurity/megalinter/pull/3688) - [xmllint](https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home) added missing schema properties `XML_XMLLINT_AUTOFORMAT` and `XML_XMLLINT_INDENT`, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3677](https://togithub.com/oxsecurity/megalinter/pull/3677) - [yamllint](https://togithub.com/adrienverge/yamllint) fix error/warning count to work with different log output formats, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3612](https://togithub.com/oxsecurity/megalinter/pull/3612) - Doc - Update documentation icons by [@​nvuillam](https://togithub.com/nvuillam) in [#​3625](https://togithub.com/oxsecurity/megalinter/pull/3625) - Flavors - Add gherkin-lint in c_cpp flavor, by [@​nvuillam](https://togithub.com/nvuillam) in [#​3698](https://togithub.com/oxsecurity/megalinter/pull/3698) - CI - Bump actions/checkout from 3 to 4, by [@​KristjanESPERANTO](https://togithub.com/KristjanESPERANTO) in [#​2994](https://togithub.com/oxsecurity/megalinter/pull/2994) - Reduce dependabot PR frequency to weekly by [@​echoix](https://togithub.com/echoix) in [#​3642](https://togithub.com/oxsecurity/megalinter/pull/3642) - Linter versions upgrades - [ansible-lint](https://ansible-lint.readthedocs.io/) from 24.2.3 to **24.6.1** - [bandit](https://bandit.readthedocs.io/en/latest/) from 1.7.8 to **1.7.9** - [bash-exec](https://www.gnu.org/software/bash/) from 5.2.21 to **5.2.26** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.27.1 to **0.28.1** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.87.4 to **1.5.0** - [checkov](https://www.checkov.io/) from 3.2.122 to **3.2.174** - [clang-format](https://releases.llvm.org/17.0.1/tools/clang/docs/ClangFormat.html) from 17.0.5 to **17.0.6** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.78 to **0.1.79** - [cspell](https://togithub.com/streetsidesoftware/cspell/tree/master/packages/cspell) from 8.8.3 to **8.10.4** - [editorconfig-checker](https://editorconfig-checker.github.io/) from 3.0.1 to **3.0.3** - [flake8](https://flake8.pycqa.org) from 7.0.0 to **7.1.0** - [git_diff](https://git-scm.com) from 2.43.4 to **2.45.2** - [gitleaks](https://togithub.com/gitleaks/gitleaks) from 8.18.2 to **8.18.4** - [golangci-lint](https://golangci-lint.run/) from 1.59.0 to **1.59.1** - [grype](https://togithub.com/anchore/grype) from 0.78.0 to **0.79.2** - [helm](https://helm.sh/docs/helm/helm_lint/) from 3.14.2 to **3.14.3** - [jscpd](https://togithub.com/kucherenko/jscpd/tree/master/packages/jscpd) from 4.0.4 to **4.0.5** - [kics](https://www.kics.io) from 2.0.1 to **2.1.1** - [ktlint](https://ktlint.github.io) from 1.2.1 to **1.3.1** - [lightning-flow-scanner](https://togithub.com/Lightning-Flow-Scanner) from 2.26.0 to **2.28.0** - [markdown-table-formatter](https://www.npmjs.com/package/markdown-table-formatter) from 1.6.0 to **1.6.1** - [mypy](https://mypy.readthedocs.io/en/stable/) from 1.10.0 to **1.10.1** - [npm-package-json-lint](https://npmpackagejsonlint.org/) from 7.1.0 to **8.0.0** - [php-cs-fixer](https://cs.symfony.com/) from 3.58.1 to **3.59.3** - [phplint](https://togithub.com/overtrue/phplint) from 9.3.1 to **9.4.1** - [phpstan](https://phpstan.org/) from 1.11.3 to **1.11.7** - [pmd](https://pmd.github.io/) from 7.1.0 to **7.3.0** - [prettier](https://prettier.io/) from 3.3.0 to **3.3.2** - [protolint](https://togithub.com/yoheimuta/protolint) from 0.49.7 to **0.50.2** - [psalm](https://psalm.dev) from Psalm.5.24.0@​ to **Psalm.5.25.0@​** - [pylint](https://pylint.readthedocs.io) from 3.2.2 to **3.2.5** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.365 to **1.1.370** - [ruff](https://togithub.com/astral-sh/ruff) from 0.4.10 to **0.5.1** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.25.0 to **4.3.2** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.25.0 to **4.3.2** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.25.0 to **4.3.2** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 8.12.0 to **8.15.2** - [sqlfluff](https://www.sqlfluff.com/) from 3.0.7 to **3.1.0** - [swiftlint](https://togithub.com/realm/SwiftLint) from 0.54.0 to **0.55.1** - [syft](https://togithub.com/anchore/syft) from 1.5.0 to **1.8.0** - [terraform-fmt](https://developer.hashicorp.com/terraform/cli/commands/fmt) from 1.8.4 to **1.9.0** - [terragrunt](https://terragrunt.gruntwork.io) from 0.58.13 to **0.59.6** - [tflint](https://togithub.com/terraform-linters/tflint) from 0.51.1 to **0.52.0** - [trivy-sbom](https://aquasecurity.github.io/trivy/) from 0.51.4 to **0.53.0** - [trivy](https://aquasecurity.github.io/trivy/) from 0.51.4 to **0.53.0** - [trufflehog](https://togithub.com/trufflesecurity/trufflehog) from 3.77.0 to **3.79.0** - [v8r](https://togithub.com/chris48s/v8r) from 3.0.0 to **3.1.0** - [vale](https://vale.sh/) from 3.4.2 to **3.6.0** - [xmllint](https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home) from 21108 to **21207** ### [`v7.12.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v7120---2024-06-02) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.11.1...v7.12.0) - Core - Add new logs (at debug level) on each linter activation/deactivation - Clean MegaLinter own CVE exceptions and order the remaining ones with links to related issues - Upgrade to Java 21 except for npm-groovy-lint that requires Java 17 - Media - Add blog post [5 ways MegaLinter upped our DevSecOps game](https://flexion.us/blog/5-ways-megalinter-upped-our-devsecops-game/) to the list of English articles by [@​wesley-dean-flexion](https://togithub.com/wesley-dean-flexion) in [#​3596](https://togithub.com/oxsecurity/megalinter/pull/3596) - Linters - Add PHP fixer by [@​llaville](https://togithub.com/llaville) in [#​3598](https://togithub.com/oxsecurity/megalinter/pull/3598) - `API_SPECTRAL` was added as replacement for `OPENAPI_SPECTRAL` (deprecated), supporting AsyncAPI and OpenAPI by default. Uses Spectral's standard config file name `.spectral.yaml` instead of `.openapirc.yml` with a default config with rulesets for AsyncAPI and OpenAPI enabled. Fixes [#​3387](https://togithub.com/oxsecurity/megalinter/issues/3387) - Disable SQL_TSQLLINT until security issues are solved. Related to [tsqllint/tsqllint#333](https://togithub.com/tsqllint/tsqllint/issues/333) - PHP linters (PHP_PHPCS, PHP_PHPLINT, PHP_PHPSTAN) add support to SARIF report output format with help of <https://github.com/llaville/sarif-php-sdk> - Php psalm improvement by [@​llaville](https://togithub.com/llaville) in [#​3541](https://togithub.com/oxsecurity/megalinter/pull/3541) - `KOTLIN_KTLINT` now supports `list_of_files` mode, and has better error counting - Upgrade `KOTLIN_DETEKT` and make it work with cli_lint_mode = project - Reporters - Fixes - Change `golangci-lint` lint mode to `project`, by [@​wandering-tales](https://togithub.com/wandering-tales) in [#​3509](https://togithub.com/oxsecurity/megalinter/pull/3509) - Disable sql-lint as it is no longer maintained - Add new entries `findUnusedCode` and `findUnusedBaselineEntry` in default `psalm.xml` configuration file for PHP_PSALM linter. Related to [#​3538](https://togithub.com/oxsecurity/megalinter/issues/3538) - fix(pylint): overgeneral-exceptions fully qualified name by [@​gardar](https://togithub.com/gardar) in [#​3576](https://togithub.com/oxsecurity/megalinter/pull/3576) - Update `ktlint` descriptor to support `list_of_files` and better error counting by [@​Yann-J](https://togithub.com/Yann-J) in [#​3575](https://togithub.com/oxsecurity/megalinter/pull/3575) - Sync PowerShell version in arm.megalinter-descriptor.yml by [@​echoix](https://togithub.com/echoix) in [#​3586](https://togithub.com/oxsecurity/megalinter/pull/3586) - Adjust find commands to clean up files in same step by [@​echoix](https://togithub.com/echoix) in [#​3588](https://togithub.com/oxsecurity/megalinter/pull/3588) - Upgrade KOTLIN_DETEKT and make it work with cli_lint_mode = project by [@​nvuillam](https://togithub.com/nvuillam) in [#​3590](https://togithub.com/oxsecurity/megalinter/pull/3590) - Doc - Handle disabled_reason property in descriptors - Sort enums in json schema, by [@​echoix](https://togithub.com/echoix) in [#​3595](https://togithub.com/oxsecurity/megalinter/pull/3595) - Flavors - CI - Build: take in account disabled linters for workflow auto-update - Remove useless package-lock.json that was in python tests folder - Fix SARIF_REPORTER that was wrongly sent to `true` to format & fix test methods - Build: Write ARG lines at the top of Dockerfiles if they are used by FROM variables - Remove Github Actions Workflow telemetry to improve performances - Update Docker image for Gitpod to run on Ubuntu Noble, by [@​echoix](https://togithub.com/echoix) - Update makefile bootstrap config (gitpod or local) to use uv for package installation, by [@​echoix](https://togithub.com/echoix) - Use uv to install Python deps for CI by [@​echoix](https://togithub.com/echoix) in [#​3561](https://togithub.com/oxsecurity/megalinter/pull/3561) - Use a single find command to delete pycache files by [@​echoix](https://togithub.com/echoix) in [#​3562](https://togithub.com/oxsecurity/megalinter/pull/3562) - Sort schema enums by [@​echoix](https://togithub.com/echoix) in [#​3595](https://togithub.com/oxsecurity/megalinter/pull/3595) - Linter versions upgrades - [actionlint](https://rhysd.github.io/actionlint/) from 1.6.27 to **1.7.1** - [ansible-lint](https://ansible-lint.readthedocs.io/) from 24.2.2 to **24.2.3** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.26.170 to **0.27.1** - [black](https://black.readthedocs.io/en/stable/) from 24.4.0 to **24.4.2** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.86.4 to **0.87.4** - [checkov](https://www.checkov.io/) from 3.2.74 to **3.2.122** - [checkstyle](https://checkstyle.org/) from 10.15.0 to **10.17.0** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.77 to **0.1.78** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2024.03.13 to **2024.05.24** - [csharpier](https://csharpier.com/) from 0.28.1 to **0.28.2** - [cspell](https://togithub.com/streetsidesoftware/cspell/tree/master/packages/cspell) from 8.7.0 to **8.8.3** - [detekt](https://detekt.dev/) from 1.23.5 to **1.23.6** - [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 8.0.104 to **8.0.106** - [editorconfig-checker](https://editorconfig-checker.github.io/) from 2.7.2 to **3.0.1** - [git_diff](https://git-scm.com) from 2.43.0 to **2.43.4** - [golangci-lint](https://golangci-lint.run/) from 1.57.2 to **1.59.0** - [grype](https://togithub.com/anchore/grype) from 0.77.0 to **0.78.0** - [jscpd](https://togithub.com/kucherenko/jscpd/tree/master/packages/jscpd) from 3.5.10 to **4.0.4** - [kics](https://www.kics.io) from 2.0.0 to **2.0.1** - [kubeconform](https://togithub.com/yannh/kubeconform) from 0.6.4 to **0.6.6** - [lightning-flow-scanner](https://togithub.com/Lightning-Flow-Scanner) from 2.22.0 to **2.24.0** - [luacheck](https://luacheck.readthedocs.io) from 1.1.2 to **1.2.0** - [lychee](https://lychee.cli.rs) from 0.14.3 to **0.15.1** - [markdown-link-check](https://togithub.com/tcort/markdown-link-check) from 3.12.1 to **3.12.2** - [markdown-table-formatter](https://www.npmjs.com/package/markdown-table-formatter) from 1.5.0 to **1.6.0** - [markdownlint](https://togithub.com/DavidAnson/markdownlint) from 0.39.0 to **0.41.0** - [mypy](https://mypy.readthedocs.io/en/stable/) from 1.9.0 to **1.10.0** - [npm-groovy-lint](https://nvuillam.github.io/npm-groovy-lint/) from 14.4.1 to **14.6.0** - [phpcs](https://togithub.com/PHPCSStandards/PHP_CodeSniffer) from 3.9.1 to **3.10.1** - [phplint](https://togithub.com/overtrue/phplint) from 9.1.2 to **9.3.1** - [phpstan](https://phpstan.org/) from 1.10.67 to **1.11.0** to **1.11.3** - [pmd](https://pmd.github.io/) from 6.55.0 to **7.1.0** - [powershell](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.4.1 to **7.4.2** - [powershell_formatter](https://togithub.com/PowerShell/PSScriptAnalyzer) from 7.4.1 to **7.4.2** - [prettier](https://prettier.io/) from 3.2.5 to **3.3.0** - [proselint](https://togithub.com/amperser/proselint) from 0.13.0 to **0.14.0** - [protolint](https://togithub.com/yoheimuta/protolint) from 0.49.6 to **0.49.7** - [psalm](https://psalm.dev) from Psalm.5.23.1@​ to **Psalm.5.24.0@​** - [pylint](https://pylint.readthedocs.io) from 3.1.0 to **3.2.2** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.359 to **1.1.365** - [roslynator](https://togithub.com/dotnet/Roslynator) from 0.8.6.0 to **0.8.9.0** - [rubocop](https://rubocop.org/) from 1.63.3 to **1.64.1** - [ruff](https://togithub.com/astral-sh/ruff) from 0.4.1 to **0.4.7** - [scalafix](https://scalacenter.github.io/scalafix/) from 0.12.0 to **0.12.1** - [secretlint](https://togithub.com/secretlint/secretlint) from 8.2.3 to **8.2.4** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.23.0 to **3.25.0** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.23.0 to **3.25.0** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.23.0 to **3.25.0** - [snakefmt](https://togithub.com/snakemake/snakefmt) from 0.10.1 to **0.10.2** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 8.10.8 to **8.12.0** - [sqlfluff](https://www.sqlfluff.com/) from 3.0.5 to **3.0.7** - [stylelint](https://stylelint.io) from 16.4.0 to **16.6.1** - [syft](https://togithub.com/anchore/syft) from 1.2.0 to **1.5.0** - [tekton-lint](https://togithub.com/IBM/tekton-lint) from 1.0.2 to **1.1.0** - [terraform-fmt](https://developer.hashicorp.com/terraform/cli/commands/fmt) from 1.8.1 to **1.8.4** - [terragrunt](https://terragrunt.gruntwork.io) from 0.57.5 to **0.58.10** - [tflint](https://togithub.com/terraform-linters/tflint) from 0.50.3 to **0.51.1** - [trivy-sbom](https://aquasecurity.github.io/trivy/) from 0.50.2 to **0.51.4** - [trivy](https://aquasecurity.github.io/trivy/) from 0.50.2 to **0.51.4** - [trufflehog](https://togithub.com/trufflesecurity/trufflehog) from 3.73.0 to **3.77.0** - [vale](https://vale.sh/) from 3.4.0 to **3.4.2** - [xmllint](https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home) from 21107 to **21108** ### [`v7.11.1`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v7111---2024-04-23) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.11.0...v7.11.1) - Fixes - Implement fallback in case git diff does not work with merge-base - Linter versions upgrades - [stylelint](https://stylelint.io) from 16.3.1 to **16.4.0** ### [`v7.11.0`](https://togithub.com/oxsecurity/megalinter/blob/HEAD/CHANGELOG.md#v7110---2024-04-23) [Compare Source](https://togithub.com/oxsecurity/megalinter/compare/v7.10.0...v7.11.0) - Core - Allow to override the number of parallel cores used, with variable **PARALLEL_PROCESS_NUMBER**, by [@​nvuillam](https://togithub.com/nvuillam) in [#​3428](https://togithub.com/oxsecurity/megalinter/pull/3428) - Upgrade base python image from 3.12.2-alpine3.19 to 3.12.3-alpine3.19 - Upgrade PHP 8.1 to 8.3 by [@​llaville](https://togithub.com/llaville) in [#​3464](https://togithub.com/oxsecurity/megalinter/pull/3464) - Add descriptor pre / post commands, by [@​bdovaz](https://togithub.com/bdovaz) in [#​3468](https://togithub.com/oxsecurity/megalinter/pull/3468) - Allow merge lists with **EXTENDS**, by [@​bdovaz](https://togithub.com/bdovaz) in [#​3469](https://togithub.com/oxsecurity/megalinter/pull/3469) - Media - New linters - Add Kotlin detekt linter, by [@​enciyo](https://togithub.com/enciyo) in [#​3408](https://togithub.com/oxsecurity/megalinter/pull/3408) - Reporters - Add ruff sarif support, by [@​Skitionek](https://togithub.com/Skitionek) in [#​3486](https://togithub.com/oxsecurity/megalinter/pull/3486) - Fixes - Fix listing of modified files, by [@​vkucera](https://togithub.com/vkucera) in [#​3472](https://togithub.com/oxsecurity/megalinter/pull/3472). Fixes [#​2125](https://togithub.com/oxsecurity/megalinter/issues/2125). - Fix conflict between prettier and yamllint about spaces, by [@​apeyrat](https://togithub.com/apeyrat) in [#​3426](https://togithub.com/oxsecurity/megalinter/pull/3426) - Ensure [trufflehog](https://togithub.com/trufflesecurity/trufflehog) does not auto-update itself, by [@​wandering-tales](https://togithub.com/wandering-tales) in [#​3430](https://togithub.com/oxsecurity/megalinter/pull/3430) - Salesforce linters: use sf + default Flow Scanner rules, by [@​nvuillam](https://togithub.com/nvuillam) in [#​3435](https://togithub.com/oxsecurity/megalinter/pull/3435) - Disable JSON_ESLINT_PLUGIN_JSONC until [ota-meshi/eslint-plugin-jsonc#328](https://togithub.com/ota-meshi/eslint-plugin-jsonc/issues/328) is fixed - Upgrade tar in mega-linter-runner - secretlint: remove default `.secretlintignore` that was never used but `.gitignore` is used instead. Fixes [#​3328](https://togithub.com/oxsecurity/megalinter/issues/3328) - Add jpeg, xlsx to .gitleaks.toml, by [@​rasa](https://togithub.com/rasa) in [#​3434](https://togithub.com/oxsecurity/megalinter/pull/3434) - Fix Json Schema, by [@​nvuillam](https://togithub.com/nvuillam) in [#​3470](https://togithub.com/oxsecurity/megalinter/pull/3470) - Remove `TEMPLATES/.secretlintignore`, by [@​pjungermann](https://togithub.com/pjungermann) in [#​3476](https://togithub.com/oxsecurity/megalinter/pull/3476) - Doc - Update R2DevOps logo, by [@​nvuillam](https://togithub.com/nvuillam) in [#​3436](https://togithub.com/oxsecurity/megalinter/pull/3436) - Update [Roslynator](https://togithub.com/dotnet/roslynator) repo url and logo, by [@​TommyE123](https://togithub.com/TommyE123) in [#​3444](https://togithub.com/oxsecurity/megalinter/pull/3444) - Fix clang-format documentation links to point to the correct version. Fixes [#​3452](https://togithub.com/oxsecurity/megalinter/issues/3452), by [@​daltonv](https://togithub.com/daltonv) in [#​3453](https://togithub.com/oxsecurity/megalinter/pull/3453) - Add copy to clipboard button in code block (documentation), by [@​nikkii86](https://togithub.com/nikkii86) in [#​3491](https://togithub.com/oxsecurity/megalinter/pull/3491) - Flavors - Add C & C++ linters in Python flavor by [@​nvuillam](https://togithub.com/nvuillam) in [#​3456](https://togithub.com/oxsecurity/megalinter/pull/3456) - CI - Make SPELL_LYCHEE non blocking for internal CI jobs - Remove old unused automerge workflows by [@​echoix](https://togithub.com/echoix) in [#​3432](https://togithub.com/oxsecurity/megalinter/pull/3432) - Add consistent python3/python handling at build.sh, by [@​pjungermann](https://togithub.com/pjungermann) in [#​3475](https://togithub.com/oxsecurity/megalinter/pull/3475) - Linter versions upgrades - [ansible-lint](https://ansible-lint.readthedocs.io/) from 24.2.0 to **24.2.2** - [bicep_linter](https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter) from 0.25.53 to **0.26.170** - [black](https://black.readthedocs.io/en/stable/) from 24.2.0 to **24.4.0** - [cfn-lint](https://togithub.com/aws-cloudformation/cfn-lint) from 0.86.0 to **0.86.4** - [checkov](https://www.checkov.io/) from 3.2.34 to **3.2.74** - [checkstyle](https://checkstyle.org/) from 10.14.0 to **10.15.0** - [clippy](https://togithub.com/rust-lang/rust-clippy) from 0.1.76 to **0.1.77** - [clj-kondo](https://togithub.com/borkdude/clj-kondo) from 2024.03.05 to **2024.03.13** - [csharpier](https://csharpier.com/) from 0.27.3 to **0.28.1** - [cspell](https://togithub.com/streetsidesoftware/cspell/tree/master/packages/cspell) from 8.6.0 to **8.7.0** - [devskim](https://togithub.com/microsoft/DevSkim) from 1.0.32 to **1.0.33** - [dotnet-format](https://docs.microsoft.com/en-us/dotnet/core/tools/dotnet-format) from 8.0.102 to **8.0.104** - [eslint-plugin-jsonc](https://ota-meshi.github.io/eslint-plugin-jsonc/) from 2.13.0 to **2.15.1** - [golangci-lint](https://golangci-lint.run/) from 1.56.2 to **1.57.2** - [grype](https://togithub.com/anchore/grype) from 0.74.7 to **0.77.0** - [kics](https://www.kics.io) from 1.7.13 to **2.0.0** - [lightning-flow-scanner](https://togithub.com/Lightning-Flow-Scanner) from 2.18.0 to **2.22.0** - [markdown-link-check](https://togithub.com/tcort/markdown-link-check) from 3.11.2 to **3.12.1** - [npm-groovy-lint](https://nvuillam.github.io/npm-groovy-lint/) from 14.2.3 to **14.4.1** - [phpcs](https://togithub.com/PHPCSStandards/PHP_CodeSniffer) from 3.9.0 to **3.9.1** - [phpstan](https://phpstan.org/) from 1.10.60 to **1.10.67** - [protolint](https://togithub.com/yoheimuta/protolint) from 0.48.0 to **0.49.6** - [psalm](https://psalm.dev) from Psalm.5.23.0@​ to **Psalm.5.23.1@​** - [pyright](https://togithub.com/Microsoft/pyright) from 1.1.353 to **1.1.359** - [roslynator](https://togithub.com/dotnet/Roslynator) from 0.8.3.0 to **0.8.6.0** - [rstcheck](https://togithub.com/myint/rstcheck) from 6.2.0 to **6.2.1** - [rubocop](https://rubocop.org/) from 1.62.0 to **1.63.3** - [ruff](https://togithub.com/astral-sh/ruff) from 0.3.2 to **0.4.1** - [secretlint](https://togithub.com/secretlint/secretlint) from 8.1.2 to **8.2.3** - [sfdx-scanner-apex](https://forcedotcom.github.io/sfdx-scanner/) from 3.21.0 to **3.23.0** - [sfdx-scanner-aura](https://forcedotcom.github.io/sfdx-scanner/) from 3.21.0 to **3.23.0** - [sfdx-scanner-lwc](https://forcedotcom.github.io/sfdx-scanner/) from 3.21.0 to **3.23.0** - [snakefmt](https://togithub.com/snakemake/snakefmt) from 0.10.0 to **0.10.1** - [snakemake](https://snakemake.readthedocs.io/en/stable/) from 8.5.5 to **8.10.8** - [spectral](https://docs.stoplight.io/docs/spectral/674b27b261c3c-overview) from 6.11.0 to **6.11.1** - [sqlfluff](https://www.sqlfluff.com/) from 2.3.5 to **3.0.5** - [stylelint](https://stylelint.io) from 16.2.1 to **16.3.1** - [syft](https://togithub.com/anchore/syft) from 1.0.1 to **1.2.0** - [tekton-lint](https://togithub.com/IBM/tekton-lint) from 1.0.0 to **1.0.2** - [terraform-fmt](https://developer.hashicorp.com/terraform/cli/commands/fmt) from 1.7.4 to **1.8.1** - [terragrunt](https://terragrunt.gruntwork.io) from 0.55.13 to **0.57.5** - [trivy-sbom](https://aquasecurity.github.io/trivy/) from 0.49.1 to **0.50.2** - [trivy](https://aquasecurity.github.io/trivy/) from 0.49.1 to **0.50.2** - [trufflehog](https://togithub.com/trufflesecurity/trufflehog) from 3.69.0 to **3.73.0** - [vale](https://vale.sh/) from 3.2.2 to **3.4.0** </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 2am" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View the [repository job log](https://developer.mend.io/github/chill-viking/npm-ci). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yNi4xIiwidXBkYXRlZEluVmVyIjoiMzguMjYuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiYXV0byA6cm9ib3Q6IiwiZGVwZW5kZW5jaWVzIDpzY3JvbGw6Il19--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Peter Jokumsen <pjokumsen@gmail.com>
](https://renovatebot.com){kind=link}
](https://www.youtube.com/watch?v=vbx-ifa1oXE){kind=link}
- Loading branch information
1 parent
a432db4
commit e23ad08