From 4d56f031716218065fe6ae69f86bb1ca22c7d8b4 Mon Sep 17 00:00:00 2001 From: Nicolas Vuillamy Date: Sun, 28 May 2023 17:06:27 +0000 Subject: [PATCH 01/10] [automation] Auto-update linters version, help and documentation --- .automation/generated/flavors-stats.json | 64 +++++++++++++++++++ .automation/generated/linter-helps.json | 8 +-- .automation/generated/linter-versions.json | 4 +- CHANGELOG.md | 2 + README.md | 2 +- docs/all_linters.md | 4 +- docs/descriptors/kubernetes_kubescape.md | 4 +- docs/descriptors/powershell_powershell.md | 2 +- .../powershell_powershell_formatter.md | 2 +- docs/descriptors/repository_checkov.md | 2 +- .../salesforce_sfdx_scanner_apex.md | 2 +- .../salesforce_sfdx_scanner_aura.md | 2 +- .../salesforce_sfdx_scanner_lwc.md | 2 +- docs/descriptors/xml_xmllint.md | 2 +- docs/used-by-stats.md | 38 +++++------ .../megalinter-configuration.jsonschema.json | 4 +- 16 files changed, 106 insertions(+), 38 deletions(-) diff --git a/.automation/generated/flavors-stats.json b/.automation/generated/flavors-stats.json index 81c7738988a..d8a915c040d 100644 --- a/.automation/generated/flavors-stats.json +++ b/.automation/generated/flavors-stats.json @@ -1523,6 +1523,10 @@ [ "2023-05-27T17:04:12", 2971966 + ], + [ + "2023-05-28T17:03:24", + 2972895 ] ], "ci_light": [ @@ -3049,6 +3053,10 @@ [ "2023-05-27T17:04:12", 66727 + ], + [ + "2023-05-28T17:03:24", + 66788 ] ], "cupcake": [ @@ -3555,6 +3563,10 @@ [ "2023-05-27T17:04:12", 12625 + ], + [ + "2023-05-28T17:03:24", + 12641 ] ], "dart": [ @@ -5991,6 +6003,10 @@ [ "2023-05-27T17:04:12", 152034 + ], + [ + "2023-05-28T17:03:24", + 152191 ] ], "dotnet": [ @@ -7517,6 +7533,10 @@ [ "2023-05-27T17:04:12", 388936 + ], + [ + "2023-05-28T17:03:24", + 389016 ] ], "go": [ @@ -9043,6 +9063,10 @@ [ "2023-05-27T17:04:12", 21294 + ], + [ + "2023-05-28T17:03:24", + 21334 ] ], "java": [ @@ -10569,6 +10593,10 @@ [ "2023-05-27T17:04:12", 120494 + ], + [ + "2023-05-28T17:03:24", + 120553 ] ], "javascript": [ @@ -12095,6 +12123,10 @@ [ "2023-05-27T17:04:12", 268377 + ], + [ + "2023-05-28T17:03:24", + 268641 ] ], "php": [ @@ -13621,6 +13653,10 @@ [ "2023-05-27T17:04:12", 49926 + ], + [ + "2023-05-28T17:03:24", + 49930 ] ], "python": [ @@ -15147,6 +15183,10 @@ [ "2023-05-27T17:04:12", 210946 + ], + [ + "2023-05-28T17:03:24", + 211066 ] ], "ruby": [ @@ -16669,6 +16709,10 @@ [ "2023-05-27T17:04:12", 3640 + ], + [ + "2023-05-28T17:03:24", + 3644 ] ], "rust": [ @@ -18191,6 +18235,10 @@ [ "2023-05-27T17:04:12", 5699 + ], + [ + "2023-05-28T17:03:24", + 5703 ] ], "salesforce": [ @@ -19717,6 +19765,10 @@ [ "2023-05-27T17:04:12", 20060 + ], + [ + "2023-05-28T17:03:24", + 20076 ] ], "scala": [ @@ -21241,6 +21293,10 @@ [ "2023-05-27T17:04:12", 10996 + ], + [ + "2023-05-28T17:03:24", + 11028 ] ], "swift": [ @@ -22763,6 +22819,10 @@ [ "2023-05-27T17:04:12", 3797 + ], + [ + "2023-05-28T17:03:24", + 3801 ] ], "terraform": [ @@ -24289,6 +24349,10 @@ [ "2023-05-27T17:04:12", 245380 + ], + [ + "2023-05-28T17:03:24", + 245717 ] ] } \ No newline at end of file diff --git a/.automation/generated/linter-helps.json b/.automation/generated/linter-helps.json index a6815e634ef..8cd813646ea 100644 --- a/.automation/generated/linter-helps.json +++ b/.automation/generated/linter-helps.json @@ -3028,7 +3028,7 @@ " completion Generate autocompletion script", " config Handle cached configurations", " delete Delete configurations in Kubescape SaaS version", - " download Download artifacts,attack-tracks,controls-inputs,exceptions,control,framework", + " download Download controls-inputs,exceptions,control,framework,artifacts,attack-tracks", " fix Fix misconfiguration in files", " help Help about any command", " list List frameworks/controls will list the supported frameworks and controls", @@ -6868,7 +6868,7 @@ " scanner run dfa scan codebase with all DFA rules", "", "WARNING: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA", - "(node:1442) Warning: Deprecated config name: apiVersion. Please use org-api-version instead.", + "(node:1450) Warning: Deprecated config name: apiVersion. Please use org-api-version instead.", "(Use `node --trace-warnings ...` to show where the warning was created)", " NAME LANGUAGES CATEGORIES RULESETS [DEP] ENGINE IS DFA IS PILOT", " \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500", @@ -7160,7 +7160,7 @@ " scanner run dfa scan codebase with all DFA rules", "", "WARNING: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA", - "(node:1583) Warning: Deprecated config name: apiVersion. Please use org-api-version instead.", + "(node:1591) Warning: Deprecated config name: apiVersion. Please use org-api-version instead.", "(Use `node --trace-warnings ...` to show where the warning was created)", " NAME LANGUAGES CATEGORIES RULESETS [DEP] ENGINE IS DFA IS PILOT", " \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500", @@ -7452,7 +7452,7 @@ " scanner run dfa scan codebase with all DFA rules", "", "WARNING: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA", - "(node:1724) Warning: Deprecated config name: apiVersion. Please use org-api-version instead.", + "(node:1732) Warning: Deprecated config name: apiVersion. Please use org-api-version instead.", "(Use `node --trace-warnings ...` to show where the warning was created)", " NAME LANGUAGES CATEGORIES RULESETS [DEP] ENGINE IS DFA IS PILOT", " \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500", diff --git a/.automation/generated/linter-versions.json b/.automation/generated/linter-versions.json index 225a9b9f3f9..70431af377c 100644 --- a/.automation/generated/linter-versions.json +++ b/.automation/generated/linter-versions.json @@ -8,7 +8,7 @@ "black": "23.3.0", "cfn-lint": "0.77.5", "checkmake": "0.2.0", - "checkov": "2.3.259", + "checkov": "2.3.261", "checkstyle": "10.12.0", "chktex": "1.7.6", "clippy": "0.1.69", @@ -44,7 +44,7 @@ "kics": "1.7.1", "ktlint": "0.49.1", "kubeconform": "0.6.1", - "kubescape": "2.3.3", + "kubescape": "2.3.4", "kubeval": "0.16.1", "lintr": "0.0.0", "luacheck": "1.1.0", diff --git a/CHANGELOG.md b/CHANGELOG.md index 2fea12e9110..1389eb82e66 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,8 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l - Linter versions upgrades - [checkstyle](https://checkstyle.sourceforge.io) from 10.11.0 to **10.12.0** on 2023-05-27 + - [kubescape](https://github.com/kubescape/kubescape) from 2.3.3 to **2.3.4** on 2023-05-28 + - [checkov](https://www.checkov.io/) from 2.3.259 to **2.3.261** on 2023-05-28 ## [v7.0.2] - 2023-05-27 diff --git a/README.md b/README.md index d815c735690..945b3a1058f 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ [![MegaLinter](https://github.com/oxsecurity/megalinter/workflows/MegaLinter/badge.svg?branch=main)](https://github.com/oxsecurity/megalinter/actions?query=workflow%3AMegaLinter+branch%3Amain) [![codecov](https://codecov.io/gh/oxsecurity/megalinter/branch/main/graph/badge.svg)](https://codecov.io/gh/oxsecurity/megalinter) -[![](https://img.shields.io/static/v1?label=Used%20by&message=2381&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) +[![](https://img.shields.io/static/v1?label=Used%20by&message=2385&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) [![Secured with Trivy](https://img.shields.io/badge/Trivy-secured-green?logo=docker)](https://github.com/aquasecurity/trivy) [![GitHub contributors](https://img.shields.io/github/contributors/oxsecurity/megalinter.svg)](https://github.com/oxsecurity/megalinter/graphs/contributors/) [![GitHub Sponsors](https://img.shields.io/github/sponsors/nvuillam)](https://github.com/sponsors/nvuillam) diff --git a/docs/all_linters.md b/docs/all_linters.md index e64dde30b0a..68321001cc7 100644 --- a/docs/all_linters.md +++ b/docs/all_linters.md @@ -14,7 +14,7 @@ | [**black**](https://github.com/psf/black){target=_blank} | 23.3.0 | [MIT](licenses/black.md) | [![GitHub stars](https://img.shields.io/github/stars/psf/black?cacheSeconds=3600)](https://github.com/psf/black){target=_blank} | [PYTHON](descriptors/python_black.md) | :white_circle: | [Repository](https://github.com/psf/black){target=_blank} | | [**cfn-lint**](https://github.com/aws-cloudformation/cfn-lint){target=_blank} | 0.77.5 | [MIT-0](licenses/cfn-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/aws-cloudformation/cfn-lint?cacheSeconds=3600)](https://github.com/aws-cloudformation/cfn-lint){target=_blank} | [CLOUDFORMATION](descriptors/cloudformation_cfn_lint.md) | :white_circle: | [Repository](https://github.com/aws-cloudformation/cfn-lint){target=_blank} | | [**checkmake**](https://github.com/mrtazz/checkmake){target=_blank} | 0.2.0 | [MIT](licenses/checkmake.md) | [![GitHub stars](https://img.shields.io/github/stars/mrtazz/checkmake?cacheSeconds=3600)](https://github.com/mrtazz/checkmake){target=_blank} | [MAKEFILE](descriptors/makefile_checkmake.md) | :white_circle: | [Repository](https://github.com/mrtazz/checkmake){target=_blank} | -| [**checkov**](https://github.com/bridgecrewio/checkov){target=_blank} | 2.3.259 | [Apache-2.0](licenses/checkov.md) | [![GitHub stars](https://img.shields.io/github/stars/bridgecrewio/checkov?cacheSeconds=3600)](https://github.com/bridgecrewio/checkov){target=_blank} | [REPOSITORY](descriptors/repository_checkov.md) | :no_entry_sign: | [Repository](https://github.com/bridgecrewio/checkov){target=_blank} | +| [**checkov**](https://github.com/bridgecrewio/checkov){target=_blank} | 2.3.261 | [Apache-2.0](licenses/checkov.md) | [![GitHub stars](https://img.shields.io/github/stars/bridgecrewio/checkov?cacheSeconds=3600)](https://github.com/bridgecrewio/checkov){target=_blank} | [REPOSITORY](descriptors/repository_checkov.md) | :no_entry_sign: | [Repository](https://github.com/bridgecrewio/checkov){target=_blank} | | [**checkstyle**](https://github.com/checkstyle/checkstyle){target=_blank} | 10.12.0 | [LGPL-2.1](licenses/checkstyle.md) | [![GitHub stars](https://img.shields.io/github/stars/checkstyle/checkstyle?cacheSeconds=3600)](https://github.com/checkstyle/checkstyle){target=_blank} | [JAVA](descriptors/java_checkstyle.md) | :heart: | [MegaLinter reference](https://checkstyle.sourceforge.io/index.html#Related_Tools_Active_Tools){target=_blank} | | [**chktex**](https://www.nongnu.org/chktex){target=_blank} | 1.7.6 | | | [LATEX](descriptors/latex_chktex.md) | :white_circle: | [Web Site](https://www.nongnu.org/chktex){target=_blank} | | [**clippy**](https://github.com/rust-lang/rust-clippy){target=_blank} | 0.1.69 | [Other](licenses/clippy.md) | [![GitHub stars](https://img.shields.io/github/stars/rust-lang/rust-clippy?cacheSeconds=3600)](https://github.com/rust-lang/rust-clippy){target=_blank} | [RUST](descriptors/rust_clippy.md) | :white_circle: | [Repository](https://github.com/rust-lang/rust-clippy){target=_blank} | @@ -48,7 +48,7 @@ | [**kics**](https://github.com/checkmarx/kics){target=_blank} | 1.7.1 | [Apache-2.0](licenses/kics.md) | [![GitHub stars](https://img.shields.io/github/stars/checkmarx/kics?cacheSeconds=3600)](https://github.com/checkmarx/kics){target=_blank} | [REPOSITORY](descriptors/repository_kics.md) | :heart: | [MegaLinter reference](https://docs.kics.io/latest/integrations/){target=_blank} | | [**ktlint**](https://github.com/pinterest/ktlint){target=_blank} | 0.49.1 | [MIT](licenses/ktlint.md) | [![GitHub stars](https://img.shields.io/github/stars/pinterest/ktlint?cacheSeconds=3600)](https://github.com/pinterest/ktlint){target=_blank} | [KOTLIN](descriptors/kotlin_ktlint.md) | :heart: | [MegaLinter reference](https://github.com/pinterest/ktlint#-with-continuous-integration){target=_blank} | | [**kubeconform**](https://github.com/yannh/kubeconform){target=_blank} | 0.6.1 | [Apache-2.0](licenses/kubeconform.md) | [![GitHub stars](https://img.shields.io/github/stars/yannh/kubeconform?cacheSeconds=3600)](https://github.com/yannh/kubeconform){target=_blank} | [KUBERNETES](descriptors/kubernetes_kubeconform.md) | :white_circle: | [Repository](https://github.com/yannh/kubeconform){target=_blank} | -| [**kubescape**](https://github.com/kubescape/kubescape){target=_blank} | 2.3.3 | [Apache-2.0](licenses/kubescape.md) | [![GitHub stars](https://img.shields.io/github/stars/kubescape/kubescape?cacheSeconds=3600)](https://github.com/kubescape/kubescape){target=_blank} | [KUBERNETES](descriptors/kubernetes_kubescape.md) | :white_circle: | [Repository](https://github.com/kubescape/kubescape){target=_blank} | +| [**kubescape**](https://github.com/kubescape/kubescape){target=_blank} | 2.3.4 | [Apache-2.0](licenses/kubescape.md) | [![GitHub stars](https://img.shields.io/github/stars/kubescape/kubescape?cacheSeconds=3600)](https://github.com/kubescape/kubescape){target=_blank} | [KUBERNETES](descriptors/kubernetes_kubescape.md) | :white_circle: | [Repository](https://github.com/kubescape/kubescape){target=_blank} | | [**lintr**](https://github.com/r-lib/lintr){target=_blank} | N/A | [Other](licenses/lintr.md) | [![GitHub stars](https://img.shields.io/github/stars/r-lib/lintr?cacheSeconds=3600)](https://github.com/r-lib/lintr){target=_blank} | [R](descriptors/r_lintr.md) | :heart: | [MegaLinter reference](https://cran.r-project.org/web/packages/lintr/vignettes/continuous-integration.html){target=_blank} | | [**luacheck**](https://github.com/luarocks/luacheck){target=_blank} | 1.1.0 | [MIT](licenses/luacheck.md) | [![GitHub stars](https://img.shields.io/github/stars/luarocks/luacheck?cacheSeconds=3600)](https://github.com/luarocks/luacheck){target=_blank} | [LUA](descriptors/lua_luacheck.md) | :no_entry_sign: | [Repository](https://github.com/luarocks/luacheck){target=_blank} | | [**markdown-link-check**](https://github.com/tcort/markdown-link-check){target=_blank} | 3.11.2 | [ISC](licenses/markdown-link-check.md) | [![GitHub stars](https://img.shields.io/github/stars/tcort/markdown-link-check?cacheSeconds=3600)](https://github.com/tcort/markdown-link-check){target=_blank} | [MARKDOWN](descriptors/markdown_markdown_link_check.md) | :heart: | [MegaLinter reference](https://github.com/tcort/markdown-link-check#run-in-other-tools){target=_blank} | diff --git a/docs/descriptors/kubernetes_kubescape.md b/docs/descriptors/kubernetes_kubescape.md index 303918acc86..4346a5503d4 100644 --- a/docs/descriptors/kubernetes_kubescape.md +++ b/docs/descriptors/kubernetes_kubescape.md @@ -17,7 +17,7 @@ description: How to use kubescape (configure, ignore files, ignore errors, help ## kubescape documentation -- Version in MegaLinter: **2.3.3** +- Version in MegaLinter: **2.3.4** - Visit [Official Web Site](https://github.com/kubescape/kubescape#readme){target=_blank} [![kubescape - GitHub](https://gh-card.dev/repos/kubescape/kubescape.svg?fullname=)](https://github.com/kubescape/kubescape){target=_blank} @@ -121,7 +121,7 @@ Available Commands: completion Generate autocompletion script config Handle cached configurations delete Delete configurations in Kubescape SaaS version - download Download artifacts,attack-tracks,controls-inputs,exceptions,control,framework + download Download controls-inputs,exceptions,control,framework,artifacts,attack-tracks fix Fix misconfiguration in files help Help about any command list List frameworks/controls will list the supported frameworks and controls diff --git a/docs/descriptors/powershell_powershell.md b/docs/descriptors/powershell_powershell.md index 0fe2de4a44c..5aafef91272 100644 --- a/docs/descriptors/powershell_powershell.md +++ b/docs/descriptors/powershell_powershell.md @@ -38,7 +38,7 @@ description: How to use powershell (configure, ignore files, ignore errors, help | POWERSHELL_POWERSHELL_RULES_PATH | Path where to find linter configuration file | Workspace folder, then MegaLinter default rules | | POWERSHELL_POWERSHELL_DISABLE_ERRORS | Run linter but consider errors as warnings | `false` | | POWERSHELL_POWERSHELL_DISABLE_ERRORS_IF_LESS_THAN | Maximum number of errors allowed | `0` | -| POWERSHELL_POWERSHELL_CLI_EXECUTABLE | Override CLI executable | `['powershell']` | +| POWERSHELL_POWERSHELL_CLI_EXECUTABLE | Override CLI executable | `['pwsh']` | ## IDE Integration diff --git a/docs/descriptors/powershell_powershell_formatter.md b/docs/descriptors/powershell_powershell_formatter.md index dbd36c2ddc8..67cecc13e8b 100644 --- a/docs/descriptors/powershell_powershell_formatter.md +++ b/docs/descriptors/powershell_powershell_formatter.md @@ -39,7 +39,7 @@ description: How to use powershell_formatter (configure, ignore files, ignore er | POWERSHELL_POWERSHELL_FORMATTER_RULES_PATH | Path where to find linter configuration file | Workspace folder, then MegaLinter default rules | | POWERSHELL_POWERSHELL_FORMATTER_DISABLE_ERRORS | Run linter but consider errors as warnings | `true` | | POWERSHELL_POWERSHELL_FORMATTER_DISABLE_ERRORS_IF_LESS_THAN | Maximum number of errors allowed | `0` | -| POWERSHELL_POWERSHELL_FORMATTER_CLI_EXECUTABLE | Override CLI executable | `['powershell']` | +| POWERSHELL_POWERSHELL_FORMATTER_CLI_EXECUTABLE | Override CLI executable | `['pwsh']` | ## IDE Integration diff --git a/docs/descriptors/repository_checkov.md b/docs/descriptors/repository_checkov.md index 5cb8a0dd4ef..3b371fdbcc7 100644 --- a/docs/descriptors/repository_checkov.md +++ b/docs/descriptors/repository_checkov.md @@ -15,7 +15,7 @@ description: How to use checkov (configure, ignore files, ignore errors, help & ## checkov documentation -- Version in MegaLinter: **2.3.259** +- Version in MegaLinter: **2.3.261** - Visit [Official Web Site](https://www.checkov.io/){target=_blank} - See [How to configure checkov rules](https://github.com/bridgecrewio/checkov#configuration-using-a-config-file){target=_blank} - If custom `.checkov.yml` config file isn't found, [.checkov.yml](https://github.com/oxsecurity/megalinter/tree/main/TEMPLATES/.checkov.yml){target=_blank} will be used diff --git a/docs/descriptors/salesforce_sfdx_scanner_apex.md b/docs/descriptors/salesforce_sfdx_scanner_apex.md index 7ab2069734a..ba07ea3695b 100644 --- a/docs/descriptors/salesforce_sfdx_scanner_apex.md +++ b/docs/descriptors/salesforce_sfdx_scanner_apex.md @@ -162,7 +162,7 @@ COMMANDS scanner run dfa scan codebase with all DFA rules WARNING: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA -(node:1442) Warning: Deprecated config name: apiVersion. Please use org-api-version instead. +(node:1450) Warning: Deprecated config name: apiVersion. Please use org-api-version instead. (Use `node --trace-warnings ...` to show where the warning was created) NAME LANGUAGES CATEGORIES RULESETS [DEP] ENGINE IS DFA IS PILOT ────────────────────────────────────────────────────── ─────────── ───────────────────── ──────────────────────────────────────────────── ───────────────── ────── ──────── diff --git a/docs/descriptors/salesforce_sfdx_scanner_aura.md b/docs/descriptors/salesforce_sfdx_scanner_aura.md index 3c32d60d2dd..8209bf4aa94 100644 --- a/docs/descriptors/salesforce_sfdx_scanner_aura.md +++ b/docs/descriptors/salesforce_sfdx_scanner_aura.md @@ -158,7 +158,7 @@ COMMANDS scanner run dfa scan codebase with all DFA rules WARNING: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA -(node:1583) Warning: Deprecated config name: apiVersion. Please use org-api-version instead. +(node:1591) Warning: Deprecated config name: apiVersion. Please use org-api-version instead. (Use `node --trace-warnings ...` to show where the warning was created) NAME LANGUAGES CATEGORIES RULESETS [DEP] ENGINE IS DFA IS PILOT ────────────────────────────────────────────────────── ─────────── ───────────────────── ──────────────────────────────────────────────── ───────────────── ────── ──────── diff --git a/docs/descriptors/salesforce_sfdx_scanner_lwc.md b/docs/descriptors/salesforce_sfdx_scanner_lwc.md index e1da95c6418..e02fbcc5ccb 100644 --- a/docs/descriptors/salesforce_sfdx_scanner_lwc.md +++ b/docs/descriptors/salesforce_sfdx_scanner_lwc.md @@ -158,7 +158,7 @@ COMMANDS scanner run dfa scan codebase with all DFA rules WARNING: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA -(node:1724) Warning: Deprecated config name: apiVersion. Please use org-api-version instead. +(node:1732) Warning: Deprecated config name: apiVersion. Please use org-api-version instead. (Use `node --trace-warnings ...` to show where the warning was created) NAME LANGUAGES CATEGORIES RULESETS [DEP] ENGINE IS DFA IS PILOT ────────────────────────────────────────────────────── ─────────── ───────────────────── ──────────────────────────────────────────────── ───────────────── ────── ──────── diff --git a/docs/descriptors/xml_xmllint.md b/docs/descriptors/xml_xmllint.md index 3821a397df2..2a0f09b98f8 100644 --- a/docs/descriptors/xml_xmllint.md +++ b/docs/descriptors/xml_xmllint.md @@ -25,7 +25,7 @@ To apply file formatting you must set `XML_XMLLINT_CLI_LINT_MODE: file` and `XML | Variable | Description | Default value | |-----------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------| | XML_XMLLINT_AUTOFORMAT | If set to `true`, it will reformat and reindent the output | `false` | -| XML_XMLLINT_INDENT | The number of indentation spaces when `XML_XMLLINT_AUTOFORMAT` is `true` | `` | +| XML_XMLLINT_INDENT | The number of indentation spaces when `XML_XMLLINT_AUTOFORMAT` is `true` | ` ` | | XML_XMLLINT_ARGUMENTS | User custom arguments to add in linter CLI call
Ex: `-s --foo "bar"` | | | XML_XMLLINT_FILTER_REGEX_INCLUDE | Custom regex including filter
Ex: `(src\|lib)` | Include every file | | XML_XMLLINT_FILTER_REGEX_EXCLUDE | Custom regex excluding filter
Ex: `(test\|examples)` | Exclude no file | diff --git a/docs/used-by-stats.md b/docs/used-by-stats.md index 61b23a03ea4..2f2404dd798 100644 --- a/docs/used-by-stats.md +++ b/docs/used-by-stats.md @@ -1,33 +1,33 @@ # Dependents stats for oxsecurity/megalinter -[![](https://img.shields.io/static/v1?label=Used%20by&message=2381&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) +[![](https://img.shields.io/static/v1?label=Used%20by&message=2385&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) [![](https://img.shields.io/static/v1?label=Used%20by%20(public)&message=1605&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) -[![](https://img.shields.io/static/v1?label=Used%20by%20(private)&message=776&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) -[![](https://img.shields.io/static/v1?label=Used%20by%20(stars)&message=62765&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) +[![](https://img.shields.io/static/v1?label=Used%20by%20(private)&message=780&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) +[![](https://img.shields.io/static/v1?label=Used%20by%20(stars)&message=62817&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) | Repository | Stars | |:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------:| -| [nektos/act](https://github.com/nektos/act) | 38703 | -| [PRQL/prql](https://github.com/PRQL/prql) | 7138 | +| [nektos/act](https://github.com/nektos/act) | 38738 | +| [PRQL/prql](https://github.com/PRQL/prql) | 7141 | | [stepancheg/rust-protobuf](https://github.com/stepancheg/rust-protobuf) | 2428 | | [IlanCosman/tide](https://github.com/IlanCosman/tide) | 2013 | | [PowerDNS-Admin/PowerDNS-Admin](https://github.com/PowerDNS-Admin/PowerDNS-Admin) | 2008 | -| [dorssel/usbipd-win](https://github.com/dorssel/usbipd-win) | 2004 | +| [dorssel/usbipd-win](https://github.com/dorssel/usbipd-win) | 2006 | | [microsoft/code-with-engineering-playbook](https://github.com/microsoft/code-with-engineering-playbook) | 1702 | | [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter) | 1281 | -| [ever-co/ever-gauzy](https://github.com/ever-co/ever-gauzy) | 1181 | +| [ever-co/ever-gauzy](https://github.com/ever-co/ever-gauzy) | 1182 | | [flosse/sloc](https://github.com/flosse/sloc) | 932 | | [unixorn/git-extra-commands](https://github.com/unixorn/git-extra-commands) | 878 | | [unixorn/zsh-quickstart-kit](https://github.com/unixorn/zsh-quickstart-kit) | 648 | | [secureCodeBox/secureCodeBox](https://github.com/secureCodeBox/secureCodeBox) | 593 | | [awslabs/aws-deployment-framework](https://github.com/awslabs/aws-deployment-framework) | 567 | -| [Romanitho/Winget-AutoUpdate](https://github.com/Romanitho/Winget-AutoUpdate) | 513 | +| [Romanitho/Winget-AutoUpdate](https://github.com/Romanitho/Winget-AutoUpdate) | 514 | | [cattle-ops/terraform-aws-gitlab-runner](https://github.com/cattle-ops/terraform-aws-gitlab-runner) | 493 | | [practicalli/clojure-cli-config](https://github.com/practicalli/clojure-cli-config) | 459 | | [meichthys/foss_photo_libraries](https://github.com/meichthys/foss_photo_libraries) | 445 | -| [ruzickap/packer-templates](https://github.com/ruzickap/packer-templates) | 377 | +| [ruzickap/packer-templates](https://github.com/ruzickap/packer-templates) | 378 | | [llaville/php-compatinfo](https://github.com/llaville/php-compatinfo) | 363 | -| [xUnholy/k8s-gitops](https://github.com/xUnholy/k8s-gitops) | 341 | +| [xUnholy/k8s-gitops](https://github.com/xUnholy/k8s-gitops) | 342 | | [ministryofjustice/modernisation-platform](https://github.com/ministryofjustice/modernisation-platform) | 315 | | [bjw-s/home-ops](https://github.com/bjw-s/home-ops) | 309 | | [ahmadnassri/action-dependabot-auto-merge](https://github.com/ahmadnassri/action-dependabot-auto-merge) | 306 | @@ -37,7 +37,7 @@ | [OCSInventory-NG/OCSInventory-ocsreports](https://github.com/OCSInventory-NG/OCSInventory-ocsreports) | 199 | | [toboshii/home-ops](https://github.com/toboshii/home-ops) | 190 | | [pantheon-systems/documentation](https://github.com/pantheon-systems/documentation) | 179 | -| [unixorn/fzf-zsh-plugin](https://github.com/unixorn/fzf-zsh-plugin) | 156 | +| [unixorn/fzf-zsh-plugin](https://github.com/unixorn/fzf-zsh-plugin) | 157 | | [carpenike/k8s-gitops](https://github.com/carpenike/k8s-gitops) | 152 | | [unixorn/tumult.plugin.zsh](https://github.com/unixorn/tumult.plugin.zsh) | 148 | | [nvuillam/npm-groovy-lint](https://github.com/nvuillam/npm-groovy-lint) | 147 | @@ -55,7 +55,7 @@ | [szinn/k8s-homelab](https://github.com/szinn/k8s-homelab) | 72 | | [rasa/scoops](https://github.com/rasa/scoops) | 71 | | [practicalli/clojure](https://github.com/practicalli/clojure) | 66 | -| [IQEngine/IQEngine](https://github.com/IQEngine/IQEngine) | 64 | +| [IQEngine/IQEngine](https://github.com/IQEngine/IQEngine) | 66 | | [hardisgroupcom/sfdx-hardis](https://github.com/hardisgroupcom/sfdx-hardis) | 63 | | [nvuillam/vscode-groovy-lint](https://github.com/nvuillam/vscode-groovy-lint) | 60 | | [0dragosh/homelab](https://github.com/0dragosh/homelab) | 59 | @@ -235,6 +235,7 @@ | [svt/junit5-redis-extension](https://github.com/svt/junit5-redis-extension) | 4 | | [Nautilus-Cyberneering/chinese-ideographs](https://github.com/Nautilus-Cyberneering/chinese-ideographs) | 4 | | [cbg-ethz/pareg](https://github.com/cbg-ethz/pareg) | 4 | +| [actinia-org/actinia-stac-plugin](https://github.com/actinia-org/actinia-stac-plugin) | 4 | | [mimmi20/monolog-streamformatter](https://github.com/mimmi20/monolog-streamformatter) | 4 | | [I-Language-Development/I-language-python](https://github.com/I-Language-Development/I-language-python) | 4 | | [FiveGuys-DevOps/MiniTwit](https://github.com/FiveGuys-DevOps/MiniTwit) | 4 | @@ -260,6 +261,7 @@ | [flexion/bash_shell_script_starter](https://github.com/flexion/bash_shell_script_starter) | 4 | | [jan-guenter/action-class](https://github.com/jan-guenter/action-class) | 3 | | [ruzickap/ruzickap.github.io](https://github.com/ruzickap/ruzickap.github.io) | 3 | +| [ruzickap/popular-containers-vulnerability-checks](https://github.com/ruzickap/popular-containers-vulnerability-checks) | 3 | | [rafyco/ytrss](https://github.com/rafyco/ytrss) | 3 | | [SueyGuey/Infidelity](https://github.com/SueyGuey/Infidelity) | 3 | | [Woll0r/k8s-cluster](https://github.com/Woll0r/k8s-cluster) | 3 | @@ -271,8 +273,8 @@ | [wenzeslaus/foss4g-2022-developing-custom-grass-tools](https://github.com/wenzeslaus/foss4g-2022-developing-custom-grass-tools) | 3 | | [Nautilus-Cyberneering/nautilus-librarian](https://github.com/Nautilus-Cyberneering/nautilus-librarian) | 3 | | [Iudicael/home-ops](https://github.com/Iudicael/home-ops) | 3 | +| [drae/k8s-home-ops](https://github.com/drae/k8s-home-ops) | 3 | | [bsrodrigs/terraform-aws-selfconfig-cgw](https://github.com/bsrodrigs/terraform-aws-selfconfig-cgw) | 3 | -| [actinia-org/actinia-stac-plugin](https://github.com/actinia-org/actinia-stac-plugin) | 3 | | [cbg-ethz/SARS-CoV-2_Analysis](https://github.com/cbg-ethz/SARS-CoV-2_Analysis) | 3 | | [KohaAloha/Koha-Dev](https://github.com/KohaAloha/Koha-Dev) | 3 | | [miracum/charts](https://github.com/miracum/charts) | 3 | @@ -303,7 +305,6 @@ | [ahmadnassri/node-error](https://github.com/ahmadnassri/node-error) | 3 | | [lpsm-dev/helm-recursive-library](https://github.com/lpsm-dev/helm-recursive-library) | 2 | | [diggsweden/digg-open-source-project-template](https://github.com/diggsweden/digg-open-source-project-template) | 2 | -| [ruzickap/popular-containers-vulnerability-checks](https://github.com/ruzickap/popular-containers-vulnerability-checks) | 2 | | [FaserF/homeassistant](https://github.com/FaserF/homeassistant) | 2 | | [ruzickap/k8s-eks-rancher](https://github.com/ruzickap/k8s-eks-rancher) | 2 | | [AlbanAndrieu/nabla-servers-bower-sample](https://github.com/AlbanAndrieu/nabla-servers-bower-sample) | 2 | @@ -315,7 +316,6 @@ | [Athe-kunal/Verge_Scraper](https://github.com/Athe-kunal/Verge_Scraper) | 2 | | [ncsu-geoforall-lab/grass-gis-on-hpc-henry2](https://github.com/ncsu-geoforall-lab/grass-gis-on-hpc-henry2) | 2 | | [xoap-io/xoap-powershell-dsc-configurations](https://github.com/xoap-io/xoap-powershell-dsc-configurations) | 2 | -| [drae/k8s-home-ops](https://github.com/drae/k8s-home-ops) | 2 | | [DamianFlynn/k8s-at-home](https://github.com/DamianFlynn/k8s-at-home) | 2 | | [sp3nx0r/cluster-securimancy](https://github.com/sp3nx0r/cluster-securimancy) | 2 | | [sob/home-ops](https://github.com/sob/home-ops) | 2 | @@ -323,9 +323,9 @@ | [matejkosiarcik/millipng](https://github.com/matejkosiarcik/millipng) | 2 | | [nvuillam/nvuillam](https://github.com/nvuillam/nvuillam) | 2 | | [danistrebel/devrel](https://github.com/danistrebel/devrel) | 2 | -| [matejkosiarcik/azlint](https://github.com/matejkosiarcik/azlint) | 2 | -| [matejkosiarcik/dotfiles](https://github.com/matejkosiarcik/dotfiles) | 2 | | [mimmi20/coding-standard](https://github.com/mimmi20/coding-standard) | 2 | +| [matejkosiarcik/dotfiles](https://github.com/matejkosiarcik/dotfiles) | 2 | +| [matejkosiarcik/azlint](https://github.com/matejkosiarcik/azlint) | 2 | | [GenZmeY/KF2-LootedTraderInventory](https://github.com/GenZmeY/KF2-LootedTraderInventory) | 2 | | [devcontainers-community/templates](https://github.com/devcontainers-community/templates) | 2 | | [Samidaites2/megalizer](https://github.com/Samidaites2/megalizer) | 2 | @@ -574,6 +574,7 @@ | [fuhraih/-hassio-addons](https://github.com/fuhraih/-hassio-addons) | 0 | | [ruzickap/myteam-adr](https://github.com/ruzickap/myteam-adr) | 0 | | [recursion-ninja/efficient-implied-alignment](https://github.com/recursion-ninja/efficient-implied-alignment) | 0 | +| [janderssonse/sariftool](https://github.com/janderssonse/sariftool) | 0 | | [recursion-ninja/personal-website](https://github.com/recursion-ninja/personal-website) | 0 | | [brandonmcclure/megalinter_repro](https://github.com/brandonmcclure/megalinter_repro) | 0 | | [coolhead/CodeSecurity](https://github.com/coolhead/CodeSecurity) | 0 | @@ -1008,7 +1009,6 @@ | [xoap-io/terraform-aws-networking-vpc-endpoint](https://github.com/xoap-io/terraform-aws-networking-vpc-endpoint) | 0 | | [xoap-io/terraform-aws-networking-vpc](https://github.com/xoap-io/terraform-aws-networking-vpc) | 0 | | [AV3RG/.github](https://github.com/AV3RG/.github) | 0 | -| [matejkosiarcik/scripts](https://github.com/matejkosiarcik/scripts) | 0 | | [yagnesh150415/taskB](https://github.com/yagnesh150415/taskB) | 0 | | [Shaydc/repo1](https://github.com/Shaydc/repo1) | 0 | | [VenkateswaraReddy5/pocapigee](https://github.com/VenkateswaraReddy5/pocapigee) | 0 | @@ -1170,6 +1170,8 @@ | [rciam/simplesamlphp-module-assurance](https://github.com/rciam/simplesamlphp-module-assurance) | 0 | | [rciam/simplesamlphp-module-userid](https://github.com/rciam/simplesamlphp-module-userid) | 0 | | [Teasel-Ian/terraform](https://github.com/Teasel-Ian/terraform) | 0 | +| [molier-net/repo-template-old](https://github.com/molier-net/repo-template-old) | 0 | +| [matejkosiarcik/scripts](https://github.com/matejkosiarcik/scripts) | 0 | | [kinJen39/alt-jenkins-actions](https://github.com/kinJen39/alt-jenkins-actions) | 0 | | [TheLx0980/X-wiLeech](https://github.com/TheLx0980/X-wiLeech) | 0 | | [Ryan-McD/cloud-self-hosted-ops](https://github.com/Ryan-McD/cloud-self-hosted-ops) | 0 | diff --git a/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json b/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json index d5cb2030619..4047833b2b2 100644 --- a/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json +++ b/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json @@ -9274,7 +9274,7 @@ "$id": "#/properties/POWERSHELL_POWERSHELL_CLI_EXECUTABLE", "default": [ [ - "powershell" + "pwsh" ] ], "items": { @@ -9373,7 +9373,7 @@ "$id": "#/properties/POWERSHELL_POWERSHELL_FORMATTER_CLI_EXECUTABLE", "default": [ [ - "powershell" + "pwsh" ] ], "items": { From d7456e2f927b357a609244e2dc4bdcaa14c4a1d6 Mon Sep 17 00:00:00 2001 From: nvuillam Date: Sun, 28 May 2023 17:11:59 +0000 Subject: [PATCH 02/10] [MegaLinter] Apply linters fixes --- docs/descriptors/xml_xmllint.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/descriptors/xml_xmllint.md b/docs/descriptors/xml_xmllint.md index 2a0f09b98f8..3821a397df2 100644 --- a/docs/descriptors/xml_xmllint.md +++ b/docs/descriptors/xml_xmllint.md @@ -25,7 +25,7 @@ To apply file formatting you must set `XML_XMLLINT_CLI_LINT_MODE: file` and `XML | Variable | Description | Default value | |-----------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------| | XML_XMLLINT_AUTOFORMAT | If set to `true`, it will reformat and reindent the output | `false` | -| XML_XMLLINT_INDENT | The number of indentation spaces when `XML_XMLLINT_AUTOFORMAT` is `true` | ` ` | +| XML_XMLLINT_INDENT | The number of indentation spaces when `XML_XMLLINT_AUTOFORMAT` is `true` | `` | | XML_XMLLINT_ARGUMENTS | User custom arguments to add in linter CLI call
Ex: `-s --foo "bar"` | | | XML_XMLLINT_FILTER_REGEX_INCLUDE | Custom regex including filter
Ex: `(src\|lib)` | Include every file | | XML_XMLLINT_FILTER_REGEX_EXCLUDE | Custom regex excluding filter
Ex: `(test\|examples)` | Exclude no file | From 352ab1d31e121b79afbee405e543af666271807f Mon Sep 17 00:00:00 2001 From: nvuillam Date: Sun, 28 May 2023 20:21:36 +0200 Subject: [PATCH 03/10] TERRAFORM_TFLINT_SECURED_ENV management --- CHANGELOG.md | 1 + .../descriptors/terraform.megalinter-descriptor.yml | 6 ++++++ megalinter/linters/TfLintLinter.py | 13 ++++++++++++- 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1389eb82e66..da1c86a9e11 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l - Secure PRE_COMMANDS and POST_COMMANDS by default - Can be disabled with **secured_env: false** in the command definition +- New variable **TERRAFORM_TFLINT_SECURED_ENV** with default value `true`. Set to `false` to allow `tflint --init` to access your env vars. - Linter versions upgrades - [checkstyle](https://checkstyle.sourceforge.io) from 10.11.0 to **10.12.0** on 2023-05-27 diff --git a/megalinter/descriptors/terraform.megalinter-descriptor.yml b/megalinter/descriptors/terraform.megalinter-descriptor.yml index f22c9531885..5a990cce5f0 100644 --- a/megalinter/descriptors/terraform.megalinter-descriptor.yml +++ b/megalinter/descriptors/terraform.megalinter-descriptor.yml @@ -20,10 +20,16 @@ linters: linter_rules_url: https://github.com/terraform-linters/tflint/tree/master/docs/rules#rules linter_rules_configuration_url: https://github.com/terraform-linters/tflint/blob/master/docs/guides/config.md linter_rules_inline_disable_url: https://github.com/terraform-linters/tflint/blob/master/docs/guides/annotations.md + linter_text: | + Set variable TERRAFORM_TFLINT_SECURED_ENV to `false` if you need `tflint --init` to be called with all ENV variables. config_file_name: .tflint.hcl cli_sarif_args: - --format - sarif + variables: + - name: TERRAFORM_TFLINT_SECURED_ENV + default_value: true + description: Allows to send the full env to **tflint --init**. Initialized with default value `true`. Set to `false` to allow `tflint --init` to access your env vars. examples: - "tflint myfile.tf" - "tflint -c .tflint.hcl myfile.tf" diff --git a/megalinter/linters/TfLintLinter.py b/megalinter/linters/TfLintLinter.py index 577e4b5e9bd..7013b1847be 100644 --- a/megalinter/linters/TfLintLinter.py +++ b/megalinter/linters/TfLintLinter.py @@ -6,6 +6,7 @@ import logging import megalinter +from megalinter import config class TfLintLinter(megalinter.Linter): @@ -17,7 +18,17 @@ def before_lint_files(self): tflint_init_command += f" --config {self.config_file}" logging.debug("tflint before_lint_files: " + tflint_init_command) # Add to pre-commands - tflint_pre_command = {"command": tflint_init_command, "cwd": self.workspace} + tflint_secured_env = ( + False + if config.get(self.request_id, "TERRAFORM_TFLINT_SECURED_ENV", "true") + == "false" + else True + ) + tflint_pre_command = { + "command": tflint_init_command, + "cwd": self.workspace, + "secured_env": tflint_secured_env, + } if self.pre_commands is None: self.pre_commands = [] self.pre_commands.append(tflint_pre_command) From f47163798291ac3c9eeca7bc5e02d79b9ef3bb48 Mon Sep 17 00:00:00 2001 From: nvuillam Date: Sun, 28 May 2023 18:59:43 +0000 Subject: [PATCH 04/10] [MegaLinter] Apply linters fixes --- megalinter/descriptors/terraform.megalinter-descriptor.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/megalinter/descriptors/terraform.megalinter-descriptor.yml b/megalinter/descriptors/terraform.megalinter-descriptor.yml index 5a990cce5f0..6ddcf72a7eb 100644 --- a/megalinter/descriptors/terraform.megalinter-descriptor.yml +++ b/megalinter/descriptors/terraform.megalinter-descriptor.yml @@ -26,7 +26,7 @@ linters: cli_sarif_args: - --format - sarif - variables: + variables: - name: TERRAFORM_TFLINT_SECURED_ENV default_value: true description: Allows to send the full env to **tflint --init**. Initialized with default value `true`. Set to `false` to allow `tflint --init` to access your env vars. From dd48bdbfc4c05c6a9b7ecb8ccfa03238f7ced5fe Mon Sep 17 00:00:00 2001 From: nvuillam Date: Sun, 28 May 2023 21:06:20 +0200 Subject: [PATCH 05/10] Fix FILTER_REGEX_EXCLUDE regression Fixes https://github.com/oxsecurity/megalinter/issues/2697 --- CHANGELOG.md | 8 +++++-- .../tests/test_megalinter/filters_test.py | 22 +++++++++++++++++++ megalinter/utils.py | 4 ++-- 3 files changed, 30 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index da1c86a9e11..1e7a43efe80 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,9 +8,13 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-linter.yml file, or with `oxsecurity/megalinter:beta` docker image -- Secure PRE_COMMANDS and POST_COMMANDS by default +- Linter enhancements & fixes + - New variable **TERRAFORM_TFLINT_SECURED_ENV** with default value `true`. Set to `false` to allow `tflint --init` to access your env vars. + +- Core + - Secure PRE_COMMANDS and POST_COMMANDS by default - Can be disabled with **secured_env: false** in the command definition -- New variable **TERRAFORM_TFLINT_SECURED_ENV** with default value `true`. Set to `false` to allow `tflint --init` to access your env vars. + - Fix FILTER_REGEX_EXCLUDE when regex contains **^** - Linter versions upgrades - [checkstyle](https://checkstyle.sourceforge.io) from 10.11.0 to **10.12.0** on 2023-05-27 diff --git a/megalinter/tests/test_megalinter/filters_test.py b/megalinter/tests/test_megalinter/filters_test.py index 845519cd033..eb0e9ea6c24 100644 --- a/megalinter/tests/test_megalinter/filters_test.py +++ b/megalinter/tests/test_megalinter/filters_test.py @@ -105,6 +105,28 @@ def test_filter_files_with_file_extensions(self): sorted(filtered_files), sorted(expected), f"check {file_extensions}" ) + + def test_filter_regex_exclude_single_level(self): + all_files = [ + "index.html", + "target/index.html", + ] + filtered_files = utils.filter_files( + all_files=all_files, + filter_regex_include=None, + filter_regex_exclude=["(^index.html)"], + file_names_regex=[], + file_extensions=["*"], + ignored_files=[], + ignore_generated_files=False, + ) + self.assertListEqual( + sorted(filtered_files), + sorted(["target/index.html"]), + "check regex_exclude_multilevel", + ) + + def test_filter_regex_exclude_multilevel(self): all_files = [ "should/be/excluded/descriptor-level/test.md", diff --git a/megalinter/utils.py b/megalinter/utils.py index 665f1f49d62..2fc49e34b56 100644 --- a/megalinter/utils.py +++ b/megalinter/utils.py @@ -152,14 +152,14 @@ def filter_files( _, file_extension = os.path.splitext(base_file_name) # Skip according to FILTER_REGEX_INCLUDE if filter_regex_include_object and not filter_regex_include_object.search( - file_with_workspace + file ): continue # Skip according to FILTER_REGEX_EXCLUDE list excluded_by_regex = False for filter_regex_exclude_object in filter_regex_exclude_objects: if filter_regex_exclude_object and filter_regex_exclude_object.search( - file_with_workspace + file ): excluded_by_regex = True break From e58112c59eb056c61a6460244365812a2c45d512 Mon Sep 17 00:00:00 2001 From: nvuillam Date: Sun, 28 May 2023 19:26:12 +0000 Subject: [PATCH 06/10] [MegaLinter] Apply linters fixes --- megalinter/tests/test_megalinter/filters_test.py | 2 -- megalinter/utils.py | 8 ++------ 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/megalinter/tests/test_megalinter/filters_test.py b/megalinter/tests/test_megalinter/filters_test.py index eb0e9ea6c24..16317c483b4 100644 --- a/megalinter/tests/test_megalinter/filters_test.py +++ b/megalinter/tests/test_megalinter/filters_test.py @@ -105,7 +105,6 @@ def test_filter_files_with_file_extensions(self): sorted(filtered_files), sorted(expected), f"check {file_extensions}" ) - def test_filter_regex_exclude_single_level(self): all_files = [ "index.html", @@ -126,7 +125,6 @@ def test_filter_regex_exclude_single_level(self): "check regex_exclude_multilevel", ) - def test_filter_regex_exclude_multilevel(self): all_files = [ "should/be/excluded/descriptor-level/test.md", diff --git a/megalinter/utils.py b/megalinter/utils.py index 2fc49e34b56..dda643b08fe 100644 --- a/megalinter/utils.py +++ b/megalinter/utils.py @@ -151,16 +151,12 @@ def filter_files( base_file_name = os.path.basename(file) _, file_extension = os.path.splitext(base_file_name) # Skip according to FILTER_REGEX_INCLUDE - if filter_regex_include_object and not filter_regex_include_object.search( - file - ): + if filter_regex_include_object and not filter_regex_include_object.search(file): continue # Skip according to FILTER_REGEX_EXCLUDE list excluded_by_regex = False for filter_regex_exclude_object in filter_regex_exclude_objects: - if filter_regex_exclude_object and filter_regex_exclude_object.search( - file - ): + if filter_regex_exclude_object and filter_regex_exclude_object.search(file): excluded_by_regex = True break if excluded_by_regex is True: From e99ff2ffa72dcdda7bbc80e297666fc361be4b6b Mon Sep 17 00:00:00 2001 From: nvuillam Date: Sun, 28 May 2023 21:28:14 +0200 Subject: [PATCH 07/10] tflint test class --- megalinter/linters/TfLintLinter.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/megalinter/linters/TfLintLinter.py b/megalinter/linters/TfLintLinter.py index 7013b1847be..c9aac893a36 100644 --- a/megalinter/linters/TfLintLinter.py +++ b/megalinter/linters/TfLintLinter.py @@ -32,3 +32,6 @@ def before_lint_files(self): if self.pre_commands is None: self.pre_commands = [] self.pre_commands.append(tflint_pre_command) + + def pre_test(self): + config.set_value(self.request_id, "TERRAFORM_TFLINT_SECURED_ENV", "false") From 33c11108d49fc75c40775c77fb8c28176c49e6d3 Mon Sep 17 00:00:00 2001 From: nvuillam Date: Sun, 28 May 2023 21:31:53 +0200 Subject: [PATCH 08/10] Build doc --- docs/descriptors/powershell_powershell.md | 2 +- docs/descriptors/powershell_powershell_formatter.md | 2 +- docs/descriptors/terraform_tflint.md | 3 +++ .../schemas/megalinter-configuration.jsonschema.json | 4 ++-- 4 files changed, 7 insertions(+), 4 deletions(-) diff --git a/docs/descriptors/powershell_powershell.md b/docs/descriptors/powershell_powershell.md index 5aafef91272..0fe2de4a44c 100644 --- a/docs/descriptors/powershell_powershell.md +++ b/docs/descriptors/powershell_powershell.md @@ -38,7 +38,7 @@ description: How to use powershell (configure, ignore files, ignore errors, help | POWERSHELL_POWERSHELL_RULES_PATH | Path where to find linter configuration file | Workspace folder, then MegaLinter default rules | | POWERSHELL_POWERSHELL_DISABLE_ERRORS | Run linter but consider errors as warnings | `false` | | POWERSHELL_POWERSHELL_DISABLE_ERRORS_IF_LESS_THAN | Maximum number of errors allowed | `0` | -| POWERSHELL_POWERSHELL_CLI_EXECUTABLE | Override CLI executable | `['pwsh']` | +| POWERSHELL_POWERSHELL_CLI_EXECUTABLE | Override CLI executable | `['powershell']` | ## IDE Integration diff --git a/docs/descriptors/powershell_powershell_formatter.md b/docs/descriptors/powershell_powershell_formatter.md index 67cecc13e8b..dbd36c2ddc8 100644 --- a/docs/descriptors/powershell_powershell_formatter.md +++ b/docs/descriptors/powershell_powershell_formatter.md @@ -39,7 +39,7 @@ description: How to use powershell_formatter (configure, ignore files, ignore er | POWERSHELL_POWERSHELL_FORMATTER_RULES_PATH | Path where to find linter configuration file | Workspace folder, then MegaLinter default rules | | POWERSHELL_POWERSHELL_FORMATTER_DISABLE_ERRORS | Run linter but consider errors as warnings | `true` | | POWERSHELL_POWERSHELL_FORMATTER_DISABLE_ERRORS_IF_LESS_THAN | Maximum number of errors allowed | `0` | -| POWERSHELL_POWERSHELL_FORMATTER_CLI_EXECUTABLE | Override CLI executable | `['pwsh']` | +| POWERSHELL_POWERSHELL_FORMATTER_CLI_EXECUTABLE | Override CLI executable | `['powershell']` | ## IDE Integration diff --git a/docs/descriptors/terraform_tflint.md b/docs/descriptors/terraform_tflint.md index 09fb1cc75da..c0543133241 100644 --- a/docs/descriptors/terraform_tflint.md +++ b/docs/descriptors/terraform_tflint.md @@ -7,6 +7,8 @@ description: How to use tflint (configure, ignore files, ignore errors, help & v # tflint [![GitHub stars](https://img.shields.io/github/stars/terraform-linters/tflint?cacheSeconds=3600)](https://github.com/terraform-linters/tflint) ![sarif](https://shields.io/badge/-SARIF-orange) [![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/terraform-linters/tflint?sort=semver)](https://github.com/terraform-linters/tflint/releases) [![GitHub last commit](https://img.shields.io/github/last-commit/terraform-linters/tflint)](https://github.com/terraform-linters/tflint/commits) [![GitHub commit activity](https://img.shields.io/github/commit-activity/y/terraform-linters/tflint)](https://github.com/terraform-linters/tflint/graphs/commit-activity/) [![GitHub contributors](https://img.shields.io/github/contributors/terraform-linters/tflint)](https://github.com/terraform-linters/tflint/graphs/contributors/) +Set variable TERRAFORM_TFLINT_SECURED_ENV to `false` if you need `tflint --init` to be called with all ENV variables. + ## tflint documentation - Version in MegaLinter: **0.46.1** @@ -25,6 +27,7 @@ description: How to use tflint (configure, ignore files, ignore errors, help & v | Variable | Description | Default value | |----------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------| +| TERRAFORM_TFLINT_SECURED_ENV | Allows to send the full env to **tflint --init**. Initialized with default value `true`. Set to `false` to allow `tflint --init` to access your env vars. | `True` | | TERRAFORM_TFLINT_ARGUMENTS | User custom arguments to add in linter CLI call
Ex: `-s --foo "bar"` | | | TERRAFORM_TFLINT_FILTER_REGEX_INCLUDE | Custom regex including filter
Ex: `(src\|lib)` | Include every file | | TERRAFORM_TFLINT_FILTER_REGEX_EXCLUDE | Custom regex excluding filter
Ex: `(test\|examples)` | Exclude no file | diff --git a/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json b/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json index 4047833b2b2..d5cb2030619 100644 --- a/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json +++ b/megalinter/descriptors/schemas/megalinter-configuration.jsonschema.json @@ -9274,7 +9274,7 @@ "$id": "#/properties/POWERSHELL_POWERSHELL_CLI_EXECUTABLE", "default": [ [ - "pwsh" + "powershell" ] ], "items": { @@ -9373,7 +9373,7 @@ "$id": "#/properties/POWERSHELL_POWERSHELL_FORMATTER_CLI_EXECUTABLE", "default": [ [ - "pwsh" + "powershell" ] ], "items": { From 51d17212e25cb04bf177e9f15d278aeec707f5ac Mon Sep 17 00:00:00 2001 From: nvuillam Date: Sun, 28 May 2023 21:41:12 +0200 Subject: [PATCH 09/10] Retrocompatiblity of FILTER_REGEX_EXCLUDE with v6 --- megalinter/utils.py | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/megalinter/utils.py b/megalinter/utils.py index dda643b08fe..00c90312d67 100644 --- a/megalinter/utils.py +++ b/megalinter/utils.py @@ -151,12 +151,20 @@ def filter_files( base_file_name = os.path.basename(file) _, file_extension = os.path.splitext(base_file_name) # Skip according to FILTER_REGEX_INCLUDE - if filter_regex_include_object and not filter_regex_include_object.search(file): + if filter_regex_include_object and ( + not filter_regex_include_object.search(file) + # Compatibility with v6 regexes + and not filter_regex_include_object.search(file_with_workspace) + ): continue # Skip according to FILTER_REGEX_EXCLUDE list excluded_by_regex = False for filter_regex_exclude_object in filter_regex_exclude_objects: - if filter_regex_exclude_object and filter_regex_exclude_object.search(file): + if filter_regex_exclude_object and ( + filter_regex_exclude_object.search(file) + # Compatibility with v6 regexes + or filter_regex_exclude_object.search(file_with_workspace) + ): excluded_by_regex = True break if excluded_by_regex is True: From 4de35c39a946b2d69de84f365425bf8dfe655bab Mon Sep 17 00:00:00 2001 From: nvuillam Date: Sun, 28 May 2023 21:42:10 +0200 Subject: [PATCH 10/10] label --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1e7a43efe80..e2d5a711efa 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,7 +14,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l - Core - Secure PRE_COMMANDS and POST_COMMANDS by default - Can be disabled with **secured_env: false** in the command definition - - Fix FILTER_REGEX_EXCLUDE when regex contains **^** + - Manage retrocompatibility with FILTER_REGEX_INCLUDE and FILTER_REGEX_EXCLUDE expression - Linter versions upgrades - [checkstyle](https://checkstyle.sourceforge.io) from 10.11.0 to **10.12.0** on 2023-05-27