Releases: oxsecurity/megalinter
Releases · oxsecurity/megalinter
v7.11.0
What's Changed
-
Core
- Allow to override the number of parallel cores used, with variable PARALLEL_PROCESS_NUMBER, by @nvuillam in #3428
- Upgrade base python image from 3.12.2-alpine3.19 to 3.12.3-alpine3.19
- Upgrade PHP 8.1 to 8.3 by @llaville in #3464
- Add descriptor pre / post commands, by @bdovaz in #3468
- Allow merge lists with EXTENDS, by @bdovaz in #3469
-
Media
-
New linters
-
Reporters
- Add ruff sarif support, by @Skitionek in #3486
-
Fixes
- Fix listing of modified files, by @vkucera in #3472. Fixes #2125.
- Fix conflict between prettier and yamllint about spaces, by @apeyrat in #3426
- Ensure trufflehog does not auto-update itself, by @wandering-tales in #3430
- Salesforce linters: use sf + default Flow Scanner rules, by @nvuillam in #3435
- Disable JSON_ESLINT_PLUGIN_JSONC until ota-meshi/eslint-plugin-jsonc#328 is fixed
- Upgrade tar in mega-linter-runner
- secretlint: remove default
.secretlintignorethat was never used but.gitignoreis used instead. Fixes #3328 - Add jpeg, xlsx to .gitleaks.toml, by @rasa in #3434
- Fix Json Schema, by @nvuillam in #3470
- Remove
TEMPLATES/.secretlintignore, by @pjungermann in #3476
-
Doc
- Update R2DevOps logo, by @nvuillam in #3436
- Update Roslynator repo url and logo, by @TommyE123 in #3444
- Fix clang-format documentation links to point to the correct version. Fixes #3452, by @daltonv in #3453
- Add copy to clipboard button in code block (documentation), by @nikkii86 in #3491
-
Flavors
-
CI
- Make SPELL_LYCHEE non blocking for internal CI jobs
- Remove old unused automerge workflows by @echoix in #3432
- Add consistent python3/python handling at build.sh, by @pjungermann in #3475
-
Linter versions upgrades
- ansible-lint from 24.2.0 to 24.2.2
- bicep_linter from 0.25.53 to 0.26.170
- black from 24.2.0 to 24.4.0
- cfn-lint from 0.86.0 to 0.86.4
- checkov from 3.2.34 to 3.2.74
- checkstyle from 10.14.0 to 10.15.0
- clippy from 0.1.76 to 0.1.77
- clj-kondo from 2024.03.05 to 2024.03.13
- csharpier from 0.27.3 to 0.28.1
- cspell from 8.6.0 to 8.7.0
- devskim from 1.0.32 to 1.0.33
- dotnet-format from 8.0.102 to 8.0.104
- eslint-plugin-jsonc from 2.13.0 to 2.15.1
- golangci-lint from 1.56.2 to 1.57.2
- grype from 0.74.7 to 0.77.0
- kics from 1.7.13 to 2.0.0
- lightning-flow-scanner from 2.18.0 to 2.22.0
- markdown-link-check from 3.11.2 to 3.12.1
- npm-groovy-lint from 14.2.3 to 14.4.1
- phpcs from 3.9.0 to 3.9.1
- phpstan from 1.10.60 to 1.10.67
- protolint from 0.48.0 to 0.49.6
- psalm from Psalm.5.23.0@ to Psalm.5.23.1@
- pyright from 1.1.353 to 1.1.359
- roslynator from 0.8.3.0 to 0.8.6.0
- rstcheck from 6.2.0 to 6.2.1
- rubocop from 1.62.0 to 1.63.3
- ruff from 0.3.2 to 0.4.1
- secretlint from 8.1.2 to 8.2.3
- sfdx-scanner-apex from 3.21.0 to 3.23.0
- sfdx-scanner-aura from 3.21.0 to 3.23.0
- sfdx-scanner-lwc from 3.21.0 to 3.23.0
- snakefmt from 0.10.0 to 0.10.1
- snakemake from 8.5.5 to 8.10.8
- spectral from 6.11.0 to 6.11.1
- sqlfluff from 2.3.5 to 3.0.5
- stylelint from 16.2.1 to 16.3.1
- syft from 1.0.1 to 1.2.0
- tekton-lint from 1.0.0 to 1.0.2
- terraform-fmt from 1.7.4 to 1.8.1
- terragrunt from 0.55.13 to 0.57.5
- trivy-sbom from 0.49.1 to 0.50.2
- trivy from 0.49.1 to 0.50.2
- trufflehog from 3.69.0 to 3.73.0
- vale from 3.2.2 to 3.4.0
New Contributors
- @apeyrat made their first contribution in #3426
- @wandering-tales made their first contribution in #3430
- @enciyo made their first contribution in #3408
- @Skitionek made their first contribution in #3486
- @nikkii86 made their first contribution in #3491
MegaLinter is graciously provided by
Full Changelog: v7.10.0...v7.11.0
Contributors
rasa, llaville, and 12 other contributors
Assets 2
v7.10.0
What's Changed
-
Core
-
Media
-
Fixes
- Trivy: use
misconfiginstead of the deprecatedconfigscanner, updating the default arguments, by @pjungermann in #3376 - Update calls to sfdx-scanner to output a CSV file for Aura & LWC, by @nvuillam in #3398
- Kics: fixed error count in the summary table, by @TommyE123 in #3402
- Fix issue with EXTENDS using private repository by sending GITHUB_TOKEN as HTTP auth header, by @nvuillam in #3404
- Fix SPELL_VALE_CONFIG_FILE not working (handle the override of linter CONFIG_FILE if the linter is activated only if some files are found), by @nvuillam in #3409
- Trivy: use
-
CI
-
Doc
- Removed obsolete warning for semgrep as the issue has been fixed, by @Jayllyz in #3374
- docs: fix docs in TrivySbomLinter.py, by @pjungermann in #3377
-
Linter versions upgrades
- actionlint from 1.6.26 to 1.6.27
- bandit from 1.7.7 to 1.7.8
- bicep_linter from 0.25.3 to 0.25.53
- black from 24.1.1 to 24.2.0
- cfn-lint from 0.85.1 to 0.86.0
- checkov from 3.2.20 to 3.2.21
- checkstyle from 10.13.0 to 10.14.0
- clj-kondo from 2023.12.15 to 2024.03.05
- csharpier from 0.27.2 to 0.27.3
- cspell from 8.3.2 to 8.6.0
- devskim from 1.0.28 to 1.0.32
- dotnet-format from 7.0.115 to 8.0.102
- eslint from 8.56.0 to 8.57.0
- golangci-lint from 1.56.1 to 1.56.2
- grype from 0.74.5 to 0.74.7
- helm from 3.13.2 to 3.14.2
- kics from 1.7.12 to 1.7.13
- ktlint from 1.1.1 to 1.2.1
- lightning-flow-scanner from 2.16.0 to 2.18.0
- mypy from 1.8.0 to 1.9.0
- npm-groovy-lint from 14.2.1 to 14.2.3
- phpcs from 3.8.1 to 3.9.0
- phpstan from 1.10.57 to 1.10.60
- powershell from 7.4.0 to 7.4.1
- powershell_formatter from 7.4.0 to 7.4.1
- protolint from 0.47.5 to 0.48.0
- psalm from Psalm.5.21.1@ to Psalm.5.23.0@
- pylint from 3.0.3 to 3.1.0
- pyright from 1.1.350 to 1.1.353
- rubocop from 1.60.2 to 1.62.0
- ruff from 0.2.1 to 0.3.2
- scalafix from 0.11.1 to 0.12.0
- secretlint from 8.1.1 to 8.1.2
- shellcheck from 0.9.0 to 0.10.0
- snakemake from 8.4.8 to 8.5.5
- syft from 0.104.0 to 1.0.1
- terraform-fmt from 1.7.3 to 1.7.4
- terragrunt from 0.55.1 to 0.55.13
- trufflehog from 3.67.5 to 3.69.0
- vale from 3.0.5 to 3.2.2
- xmllint from 21106 to 21107
- yamllint from 1.34.0 to 1.35.1
New Contributors
- @TommyE123 made their first contribution in #3402
MegaLinter is graciously provided by
Full Changelog: v7.9.0...v7.10.0
Contributors
bdovaz, pjungermann, and 4 other contributors
Assets 2
v7.9.0
What's Changed
-
Core
-
Fixes
- Format powershell linter output into terminal-wide table, and count errors, by @efrecon in #3318
- Allow active_only_if_file_found to work in specified subdirectory (_DIRECTORY), fixes #2873, by @TimothyEarley in #3323
- Activate CI servers reporters only if we find a related default env variable, by @nvuillam in #3321
-
Doc
-
CI
- Free more disk space before docker build
- Upgrade peter-evans/create-pull-request from v5 to v6 in GitHub Actions workflows
-
Linter versions upgrades
- ansible-lint from 6.22.2 to 24.2.0
- bandit from 1.7.6 to 1.7.7
- bicep_linter from 0.24.24 to 0.25.3
- black from 23.12.1 to 24.1.1
- cfn-lint from 0.84.0 to 0.85.1
- checkov from 3.1.67 to 3.2.20
- checkstyle from 10.12.7 to 10.13.0
- clippy from 0.1.75 to 0.1.76
- csharpier from 0.27.0 to 0.27.2
- eslint-plugin-jsonc from 2.12.2 to 2.13.0
- gitleaks from 8.18.1 to 8.18.2
- golangci-lint from 1.55.2 to 1.56.1
- grype from 0.63.1 to 0.74.5
- lychee from 0.14.1 to 0.14.3
- markdownlint from 0.38.0 to 0.39.0
- npm-groovy-lint from 14.2.0 to 14.2.1
- phplint from 9.1.0 to 9.1.2
- phpstan from 1.10.56 to 1.10.57
- prettier from 3.2.4 to 3.2.5
- psalm from Psalm.5.20.0@ to Psalm.5.21.1@
- puppet-lint from 4.2.3 to 4.2.4
- pyright from 1.1.347 to 1.1.350
- revive from 1.3.6 to 1.3.7
- roslynator from 0.8.2.0 to 0.8.3.0
- rubocop from 1.60.1 to 1.60.2
- ruff from 0.1.14 to 0.2.1
- secretlint from 8.1.0 to 8.1.1
- sfdx-scanner-apex from 3.20.0 to 3.21.0
- sfdx-scanner-aura from 3.20.0 to 3.21.0
- sfdx-scanner-lwc from 3.20.0 to 3.21.0
- shfmt from 3.7.0 to 3.8.0
- snakefmt from 0.9.0 to 0.10.0
- snakemake from 8.2.3 to 8.4.8
- stylelint from 16.2.0 to 16.2.1
- syft from 0.101.1 to 0.104.0
- terraform-fmt from 1.7.0 to 1.7.3
- terragrunt from 0.54.20 to 0.55.1
- tflint from 0.50.1 to 0.50.3
- trivy-sbom from 0.48.3 to 0.49.1
- trivy from 0.48.3 to 0.49.1
- trufflehog from 3.63.10 to 3.67.5
- v8r from 2.1.0 to 3.0.0
- yamllint from 1.33.0 to 1.34.0
New Contributors
- @Jayllyz made their first contribution in #3327
- @TimothyEarley made their first contribution in #3323
- @efrecon made their first contribution in #3318
MegaLinter is graciously provided by
Full Changelog: v7.8.0...v7.9.0
Contributors
TimothyEarley, efrecon, and 2 other contributors
Assets 2
v7.8.0
What's Changed
-
Reporters
- New reporter MARKDOWN_SUMMARY_REPORTER, allows saving MegaLinter results summary as a markdown file. This file can be further utilised to add comments on the pull request (PR) from Jenkins and other continuous integration (CI) tools by @saishivarcr in #3250
- New reporter BITBUCKET_COMMENT_REPORTER allowing to post MegaLinter results as comments on Bitbucket pull requests by @saishivarcr in #3256
-
Media
- (FR) MegaLinter presentation at DevCon 20 / Programmez Magazine, by Nicolas Vuillamy
-
Core
- mega-linter-runner: Remove container by default, except of
no-remove-containeroption is sent by @nvuillam in #3203 - Upgrade base image from python:3.11.6-alpine3.18 to python:3.11.7-alpine3.18, by @echoix in #3212
- Upgrade to python 3.12.0 by @nvuillam in #3006
- Upgrade actions/upload-artifact@v3 to actions/upload-artifact@v4 in default workflows by @nvuillam in #3225
- mega-linter-runner: Improve check if running as script or module, by @echoix in #3233
- mega-linter-runner: Remove container by default, except of
-
Fixes
- tekton-lint is now published as @ibm/tekton-lint, by @echoix in #3210
- PHP PHIVE: Use keys.openpgp.org and fingerprint for phive key verification, by @echoix in #3230
- Undowngrade sass linters, by @echoix in #3260
- Upgrade lychee default configuration to handle breaking change between 0.13.0 and 0.14.0
- Hadolint: support both
ContainerfileandDockerfileby @sanmai-NL in #3217
-
Doc
- Upgrade url to PHP CodeSniffer, as now the original repo is not maintained anymore by @nvuillam in #3201
-
CI
-
Linter versions upgrades
- ansible-lint from 6.22.1 to 6.22.2
- bash-exec from 5.2.15 to 5.2.21
- bicep_linter from 0.23.1 to 0.24.24 on 2023-12-14
- black from 23.11.0 to 23.12.1 on 2023-12-23
- cfn-lint from 0.83.4 to 0.84.0
- checkov from 3.1.27 to 3.1.67
- checkstyle from 10.12.6 to 10.12.7
- clippy from 0.1.74 to 0.1.75 on 2023-12-28
- clj-kondo from 2023.10.20 to 2023.12.15 on 2023-12-15
- csharpier from 0.26.4 to 0.27.0
- cspell from 8.1.3 to 8.3.2
- devskim from 1.0.23 to 1.0.28
- djlint from 1.34.0 to 1.34.1 on 2023-12-22
- dotnet-format from 7.0.114 to 7.0.115
- eslint-plugin-jsonc from 2.10.0 to 2.12.2
- eslint from 8.55.0 to 8.56.0 on 2023-12-16
- flake8 from 6.1.0 to 7.0.0
- git_diff from 2.40.1 to 2.43.0
- helm from 3.11.3 to 3.13.2
- isort from 5.13.0 to 5.13.2 on 2023-12-13
- kics from 1.7.11 to 1.7.12 on 2023-12-22
- ktlint from 1.0.1 to 1.1.1
- lychee from 0.13.0 to 0.14.1
- mypy from 1.7.1 to 1.8.0 on 2023-12-22
- npm-groovy-lint from 13.0.2 to 14.2.0
- phpcs from 3.8.0 to 3.8.1
- phplint from 9.0.6 to 9.1.0 on 2023-12-17
- phpstan from 1.10.48 to 1.10.56
- prettier from 3.1.0 to 3.2.4
- protolint from 0.46.3 to 0.47.5
- psalm from Psalm.5.17.0@ to Psalm.5.20.0@
- pylint from 3.0.2 to 3.0.3 on 2023-12-13
- pyright from 1.1.339 to 1.1.347
- revive from 1.3.4 to 1.3.6
- roslynator from 0.8.1.0 to 0.8.2.0
- rubocop from 1.58.0 to 1.60.1
- ruff from 0.1.7 to 0.1.14 on 2023-12-13
- secretlint from 8.0.0 to 8.1.0 on 2023-12-28
- sfdx-scanner-apex from 3.19.0 to 3.20.0
- sfdx-scanner-aura from 3.19.0 to 3.20.0
- sfdx-scanner-lwc from 3.19.0 to 3.20.0
- snakefmt from 0.8.5 to 0.9.0
- snakemake from 7.32.4 to 8.2.3
- stylelint from 15.11.0 to 16.2.0
- syft from 0.98.0 to 0.101.1 on 2023-12-22
- tekton-lint from 0.6.0 to 1.0.0
- terraform-fmt from 1.6.5 to 1.7.0
- terragrunt from 0.54.0 to 0.54.20
- terrascan from 1.18.3 to 1.18.11
- tflint from 0.49.0 to 0.50.1
- trivy-sbom from 0.48.0 to 0.48.3
- trivy from 0.48.0 to 0.48.3
- trufflehog from 3.63.2 to 3.63.10
- vale from 2.30.0 to 3.0.5
New Contributors
- @saishivarcr made their first contribution in #3250
MegaLinter is graciously provided by
Full Changelog: v7.7.0...v7.8.0
Contributors
sanmai-NL, nvuillam, and 2 other contributors
Assets 2
v7.7.0
What's Changed
-
Core
-
Media
-
New linters
- Add clang-format c & cpp formatting linter including "apply fix" support by @daltonv in #3089
- Add Roslynator C# linter by @bdovaz in #3155
-
Fixes
- Call jscpd with
--gitignoreto ignore copy-pastes in files matching.gitignore - cpplint: Dynamically add the list of extensions from list of files in --extensions parameter by @nvuillam in #3149
- Fix mkdocs generation + CI control job by @nvuillam in #3135
- Add semgrep ruleset to validation schema by @wesley-dean-flexion in #3164
- Downgrade stylelint to avoid crash with not v16 compliant dependencies
- Fix count of yaml-lint errors by @nvuillam in #3198
- Remove openssl reinstall, as base image has updated version from alpine 3.18.5 by @echoix in #3181
- Call jscpd with
-
CI
-
Linter versions upgrades
- ansible-lint from 6.22.0 to 6.22.1
- bandit from 1.7.5 to 1.7.6
- cfn-lint from 0.83.3 to 0.83.4
- checkov from 3.0.39 to 3.1.25
- checkstyle from 10.12.5 to 10.12.6
- csharpier from 0.26.2 to 0.26.4
- cspell from 8.0.0 to 8.1.3
- dotnet-format from 6.0.417 to 7.0.114
- eslint from 8.54.0 to 8.55.0
- gitleaks from 8.18.0 to 8.18.1
- isort from 5.12.0 to 5.13.0
- lightning-flow-scanner from 2.15.0 to 2.16.0
- luacheck from 1.1.1 to 1.1.2
- markdown-table-formatter from 1.4.0 to 1.5.0
- markdownlint from 0.37.0 to 0.38.0
- mypy from 1.7.0 to 1.7.1
- npm-groovy-lint from 12.1.0 to 13.0.2
- phpcs from 3.7.2 to 3.8.0
- phplint from 9.0.4 to 9.0.6
- phpstan from 1.10.42 to 1.10.48
- psalm from Psalm.5.15.0@ to Psalm.5.17.0@
- puppet-lint from 4.2.1 to 4.2.3
- pyright from 1.1.336 to 1.1.339
- roslynator from 0.8.0.0 to 0.8.1.0
- rubocop from 1.57.2 to 1.58.0
- ruff from 0.1.6 to 0.1.7
- secretlint from 7.1.0 to 8.0.0
- semgrep from 1.50.0 to 1.52.0
- sfdx-scanner-apex from 3.18.0 to 3.19.0
- sfdx-scanner-aura from 3.18.0 to 3.19.0
- sfdx-scanner-lwc from 3.18.0 to 3.19.0
- syft from 0.97.1 to 0.98.0
- terraform-fmt from 1.6.4 to 1.6.5
- terragrunt from 0.53.4 to 0.54.0
- trivy from 0.47.0 to 0.48.0
- trufflehog from 3.63.0 to 3.63.2
- vale from 2.29.7 to 2.30.0
MegaLinter will be presented at DevCon20, in Paris on 14 december (french)
MegaLinter is graciously provided by
Full Changelog: v7.6.0...v7.7.0
Contributors
bdovaz, daltonv, and 3 other contributors
Assets 2
v7.6.0
What's Changed
-
Major enhancements
- New flavor c_cpp: New flavor for pure C/C++ projects, by @daltonv in #3067
- New flavor formatters: Contains only formatter linters, by @nvuillam in #3071
- Add Salesforce Lightning Flow Scanner, by @nvuillam in #3092
-
Core
-
Fixes
- Fix issue Gitleaks
--no-gitdoes not work anymore, #2945, in #3112 - Fix way to install powershell on Alpine linux image
- Fix issue with VS Code devcontainer not building #3114
- Fix Default Workflow to handle latest ActionLint rules, by @nvuillam in #3130
- Write checkov SARIF report
results_sarif.sarifinREPORT_FOLDER, by @gmeligio in #3121 - Updated lintr config template to use
linters_with_defaults()(formerlywith_defaults()) - Fix csharp installation dependencies, by @nvuillam in #3075
- Fix powershell installation by @nvuillam in #3126
- Fix issue Gitleaks
-
Doc
-
CI
- Upgrade pymdown-extensions and markdown, by @BryanQuigley in #3053
- Use docker/metadata-action for some internal CI, by @echoix in #3110
- Call docker buildx prune instead of docker builder prune, by @echoix in #3127
- Set schedule earlier for auto-update-linters.yml, allow manual runs, by @echoix in #3066
- Add mike to dev/requirements.txt, by @echoix in #3070
- Modernize dependabot.yml in correct directories, by @echoix in #3093
- Fix devcontainer Dockerfile typo (fixes #3114) by @daltonv in #3115
-
Linter versions upgrades
- ansible-lint from 6.21.1 to 6.22.0
- bicep_linter from 0.22.6 to 0.23.1
- black from 23.10.1 to 23.11.0
- cfn-lint from 0.83.0 to 0.83.3
- checkov from 3.0.12 to 3.0.39
- checkstyle from 10.12.4 to 10.12.5
- clippy from 0.1.73 to 0.1.74
- csharpier from 0.25.0 to 0.26.2
- cspell from 7.3.8 to 8.0.0
- dotnet-format from 6.0.416 to 6.0.417
- eslint from 8.52.0 to 8.54.0
- golangci-lint from 1.55.1 to 1.55.2
- kics from 1.7.10 to 1.7.11
- kubeconform from 0.6.3 to 0.6.4
- mypy from 1.6.1 to 1.7.0
- npm-groovy-lint from 11.1.1 to 12.1.0
- npm-package-json-lint from 7.0.0 to 7.1.0
- phpstan from 1.10.39 to 1.10.42
- powershell from 7.3.9 to 7.4.0
- powershell_formatter from 7.3.9 to 7.4.0
- prettier from 3.0.3 to 3.1.0
- protolint from 0.46.2 to 0.46.3
- pyright from 1.1.333 to 1.1.336
- ruff from 0.1.3 to 0.1.6
- secretlint from 7.0.7 to 7.1.0
- semgrep from 1.46.0 to 1.50.0
- sfdx-scanner-apex from 3.17.0 to 3.18.0
- sfdx-scanner-aura from 3.17.0 to 3.18.0
- sfdx-scanner-lwc from 3.17.0 to 3.18.0
- swiftlint from 0.53.0 to 0.54.0
- syft from 0.94.0 to 0.97.1
- terraform-fmt from 1.6.2 to 1.6.4
- terragrunt from 0.53.0 to 0.53.4
- tflint from 0.48.0 to 0.49.0
- trivy-sbom from 0.46.1 to 0.47.0
- trivy from 0.46.1 to 0.47.0
- trufflehog from 3.61.0 to 3.63.0
- vale from 2.29.5 to 2.29.7
- xmllint from 21104 to 21106
- yamllint from 1.32.0 to 1.33.0
New Contributors
- @BryanQuigley made their first contribution in #3053
- @daltonv made their first contribution in #3067
- @VictorRos made their first contribution in #3112
- @gmeligio made their first contribution in #3121
MegaLinter will be presented at DevCon20, in Paris on 14 december (french)
MegaLinter is graciously provided by
Full Changelog: v7.5.0...v7.6.0
Contributors
BryanQuigley, VictorRos, and 4 other contributors
Assets 2
v7.5.0
What's Changed
-
Core
- mega-linter-runner: Convert to ES6 and upgrade npm dependencies. Node 18 minimum version is now required. by @nvuillam in #2976
- Allow to define
COMPILER_ONLYvirtual package as cargo dependency in descriptors to embed rust compiler in the Dockerfile - Optimize
@generatedmarker scanning (#2654) by @sanmai-NL in #2654
-
Media
-
Fixes
- build.py: Remove exclusivity between pip, gem & cargo packages
- Salesforce linters: Switch sfdx-cli to @salesforce/cli
- Fixed issue with
actionlintthrowing an error onifstatements in the generated workflow file - Added default
.devskim.jsonto mitigate errors introduced when no config exists (closes #3017) by @andrewvaughan in #3024 - Fix: Removed curly-brackets from if (closes #3025) by @andrewvaughan in #3029
-
Doc
-
CI
- Add the other maintainers globally to the CODEOWNERS file (#3008)
- Free disk space earlier in the process to avoid failure during docker build
- Set flavors-stats.json as a generated file in .gitattributes (#3023)
- Update and fix our ChatOps automations to only run on pull request comments, by @echoix in #3034
- Use App::cpm to install perlcritic faster, and clean
.perl-cpmcache, by @echoix in #3036 - Add failure message in ChatOps build-command and Slash dispatcher, by @echoix in #3037
- TEMPLATES/mega-linter.yml: DRY the ifs by @rasa in #2957
-
Linter versions upgrades
- ansible-lint from 6.20.0 6.21.1
- bicep_linter from 0.21.1 to 0.22.6
- black from 23.9.1 to 23.10.1
- cfn-lint from 0.80.2 to 0.83.0
- checkov from 2.4.48 to 3.0.12
- checkstyle from 10.12.3 to 10.12.4
- clippy from 0.1.72 to 0.1.73
- clj-kondo from 2023.09.07 to 2023.10.20
- cspell from 7.3.6 to 7.3.8
- devskim from 1.0.22 to 1.0.23
- dotnet-format from 6.0.414 to 6.0.416
- editorconfig-checker from 2.7.1 to 2.7.2
- eslint-plugin-jsonc from 2.9.0 to 2.10.0
- eslint from 8.49.0 to 8.52.0
- golangci-lint from 1.54.2 to 1.55.1
- kics from 1.7.8 to 1.7.10
- ktlint from 1.0.0 to 1.0.1
- mypy from 1.5.1 to 1.6.1
- perlcritic from 1.150 to 1.152
- phpstan from 1.10.35 to 1.10.39
- powershell from 7.3.7 to 7.3.9
- powershell_formatter from 7.3.7 to 7.3.9
- protolint from 0.46.0 to 0.46.2
- puppet-lint from 4.2.0 to 4.2.1
- pylint from 2.17.5 to 3.0.2
- pyright from 1.1.327 to 1.1.333
- rubocop from 1.56.3 to 1.57.2
- ruff from 0.1.2 to 0.1.3
- ruff from 0.0.290 to 0.1.2
- semgrep from 1.41.0 to 1.46.0
- sfdx-scanner-apex from 3.16.0 to 3.17.0
- sfdx-scanner-aura from 3.16.0 to 3.17.0
- sfdx-scanner-lwc from 3.16.0 to 3.17.0
- snakefmt from 0.8.4 to 0.8.5
- sqlfluff from 2.3.2 to 2.3.5
- stylelint from 15.10.3 to 15.11.0
- swiftlint from 0.52.4 to 0.53.0
- syft from 0.91.0 to 0.94.0
- terraform-fmt from 1.5.7 to 1.6.2
- terragrunt from 0.51.4 to 0.53.0
- trivy-sbom from 0.45.1 to 0.46.1
- trivy from 0.45.1 to 0.46.1
- trufflehog from 3.56.1 to 3.61.0
- v8r from 2.0.0 to 2.1.0
- vale from 2.29.0 to 2.29.5
New Contributors
- @adhil0 made their first contribution in #2993
- @sanmai-NL made their first contribution in #2654
MegaLinter is graciously provided by
Full Changelog: v7.4.0...v7.5.0
Contributors
rasa, andrewvaughan, and 4 other contributors
Assets 2
MegaLinter v7.4.0
What's Changed
-
Core
-
Media
-
Fixes
- Fix IGNORE_GITIGNORED_FILES not working anymore , by @iisisrael in #2967
- Fix v7 issue when using MEGALINTER_FILES_TO_LINT (thanks @pfiaux !) by @nvuillam in #2917
- Fix Ignore symlink files when VALIDATE_ALL_CODEBASE is false by @nvuillam in #2964
- Fix rstcheck options & install by @nvuillam in #2899
- Undowngrade Kubescape by @nvuillam in #2901
-
Doc
-
CI
- Reformatted config files to not fail common linters (closes #2890) by @andrewvaughan in #2891
- Workflow job name changed from
buildtomegalinterto prevent conflicts with other workflows - Add support for master branch in TEMPLATES/mega-linter.yml by @rasa in #2888
- Upgrade editorconfig-checker & setup-node by @nvuillam in #2898
-
Deprecations
- Deprecate SCSS LINT as not maintained anymore (https://github.com/sds/scss-lint#notice-consider-other-tools-before-adopting-scss-lint) by @nvuillam in #2902
-
Linter versions upgrades
- actionlint from 1.6.25 to 1.6.26
- ansible-lint from 6.17.2 to 6.20.0
- bicep_linter from 0.20.4 to 0.21.1
- black from 23.7.0 to 23.9.1
- cfn-lint from 0.79.6 to 0.80.2
- checkov from 2.3.360 to 2.4.10
- checkstyle from 10.12.2 to 10.12.3
- chktex from 1.7.6 to 1.7.8
- clippy from 0.1.71 to 0.1.72
- clj-kondo from 2023.07.13 to 2023.09.07
- cspell from 6.31.3 to 7.3.6
- devskim from 1.0.18 to 1.0.22
- djlint from 1.32.1 to 1.34.0
- dotnet-format from 6.0.413 to 6.0.414
- editorconfig-checker from 2.7.0 to 2.7.1
- eslint from 8.46.0 to 8.49.0
- git_diff from 2.38.5 to 2.40.1
- gitleaks from 8.17.0 to 8.18.0
- golangci-lint from 1.54.0 to 1.54.2
- helm from 3.10.2 to 3.11.3
- jscpd from 3.5.9 to 3.5.10
- kics from 1.7.5 to 1.7.8
- ktlint from 0.50.0 to 1.0.0
- kubescape from 2.3.6 to 2.9.0
- markdownlint from 0.35.0 to 0.36.0
- mypy from 1.4.1 to 1.5.1
- phpstan from 1.10.28 to 1.10.35
- powershell from 7.3.6 to 7.3.7
- powershell_formatter from 7.3.6 to 7.3.7
- prettier from 3.0.1 to 3.0.3
- protolint from 0.45.0 to 0.46.0
- psalm from Psalm.5.14.1@ to Psalm.5.15.0@
- puppet-lint from 4.0.1 to 4.2.0
- pyright from 1.1.321 to 1.1.327
- revive from 1.3.2 to 1.3.4
- rstcheck from 6.1.2 to 6.2.0
- rstfmt from 0.0.13 to 0.0.14
- rubocop from 1.56.0 to 1.56.3
- ruff from 0.0.284 to 0.0.290
- scalafix from 0.11.0 to 0.11.1
- semgrep from 1.34.1 to 1.41.0
- sfdx-scanner-apex from 3.15.0 to 3.16.0
- sfdx-scanner-aura from 3.15.0 to 3.16.0
- sfdx-scanner-lwc from 3.15.0 to 3.16.0
- snakemake from 7.32.3 to 7.32.4
- spectral from 6.10.1 to 6.11.0
- sqlfluff from 2.2.1 to 2.3.2
- stylelint from 15.10.2 to 15.10.3
- syft from 0.86.1 to 0.91.0
- terraform-fmt from 1.5.4 to 1.5.7
- terragrunt from 0.48.6 to 0.51.3
- terrascan from 1.18.2 to 1.18.3
- tflint from 0.47.0 to 0.48.0
- trivy-sbom from 0.44.0 to 0.45.1
- trivy from 0.44.0 to 0.45.1
- trufflehog from 3.47.0 to 3.56.1
- vale from 2.28.1 to 2.29.0
- xmllint from 21004 to 21104
New Contributors
MegaLinter is graciously provided by
Full Changelog: v7.3.0...v7.4.0
Contributors
rasa, iisisrael, and 5 other contributors
Assets 2
MegaLinter v7.3.0
What's Changed
-
Features
-
Media
- Article: Azure Devops & MegaLinter Auto PR, by @EtienneDeneuve
-
Fixes
- Replace
https://megalinter.io/config-filebyhttps://megalinter.io/latest/config-fileto avoid lychee 404 detection, by @nvuillam in #2871 - Improve docs for posting comments to PRs in GitHub Enterprise
- Configured Grype to automatically ignore CVE-2018-20225 which is disputed, by @andrewvaughan in #2864
- docs: improve wording for GHE API endpoint, by @mihaigalos in #2876
- Update Azure Installation doc to handle auto-commit, by @EtienneDeneuve in #2848
- Replace
-
Linter versions upgrades
- bicep_linter from 0.19.5 to 0.20.4
- cfn-lint from 0.79.2 to 0.79.6
- checkov from 2.3.343 to 2.3.360
- checkstyle from 10.12.1 to 10.12.2
- cspell from 6.31.2 to 6.31.3
- devskim from 1.0.1 to 1.0.18
- dotnet-format from 6.0.412 to 6.0.413
- eslint from 8.45.0 to 8.46.0
- flake8 from 6.0.0 to 6.1.0
- golangci-lint from 1.53.3 to 1.54.0
- kics from 1.7.4 to 1.7.5
- phpstan from 1.10.26 to 1.10.28
- prettier from 3.0.0 to 3.0.1
- psalm from Psalm.5.13.1@ to Psalm.5.14.1@
- puppet-lint from 4.0.0 to 4.0.1
- pyright from 1.1.318 to 1.1.321
- rubocop from 1.55.0 to 1.56.0
- ruff from 0.0.280 to 0.0.284
- secretlint from 7.0.3 to 7.0.7
- semgrep from 1.33.2 to 1.34.1
- sfdx-scanner-apex from 3.14.0 to 3.15.0
- sfdx-scanner-aura from 3.14.0 to 3.15.0
- sfdx-scanner-lwc from 3.14.0 to 3.15.0
- snakemake from 7.31.0 to 7.32.3
- spectral from 6.10.0 to 6.10.1
- sqlfluff from 2.1.4 to 2.2.1
- syft from 0.85.0 to 0.86.1
- terraform-fmt from 1.5.3 to 1.5.4
- terragrunt from 0.48.4 to 0.48.6
- terrascan from 1.18.1 to 1.18.2
- trivy-sbom from 0.43.1 to 0.44.0
- trivy from 0.43.1 to 0.44.0
- trufflehog from 3.45.1 to 3.47.0
New Contributors
- @andrewvaughan made their first contribution in #2864
- @mihaigalos made their first contribution in #2876
MegaLinter is graciously provided by
Full Changelog: v7.2.1...v7.3.0
Contributors
EtienneDeneuve, andrewvaughan, and 2 other contributors
Assets 2
MegaLinter v7.2.1
What's Changed
-
Fixes
- Fix TAP reporter (3 real dots instead if 3 dots character), by @nvuillam & @maxilampert in #2837
- Call trufflehog with
--only-verifiedto avoid false positives in .git/config, by @nvuillam , @quotidian-ennui , @iggy & @dochang in #2838- If you added
REPOSITORY_TRUFFLEHOG_ARGUMENTS: "--only-verified"as workaround, just remove it to upgrade to 7.2.1
- If you added
-
Linter versions upgrades
MegaLinter is graciously provided by
Discover CodeTotal , a new way to use MegaLinter, at BlackHat USA on August 10 !
Full Changelog: v7.2.0...v7.2.1
Contributors
iggy, dochang, and 3 other contributors