chore(deps): update github-actions (major) #105

renovate · 2024-09-01T01:16:55Z

This PR contains the following updates:

Package	Type	Update	Change
oxsecurity/megalinter	action	major	`v7.11.1` -> `v8.8.0`
ubuntu	github-runner	major	`22.04` -> `24.04`

Release Notes

oxsecurity/megalinter (oxsecurity/megalinter)

`v8.8.0`

Compare Source

Core
- Retrieve SARIF errors and warnings correctly, by @bdovaz in #4837
Linters enhancements
- More config file name checks for ansible-lint activation, by @nvuillam in #5590
Fixes
- Fix crash when the markdown table summary is empty, by @nvuillam in #5363
- Downgrade click to make rstcheck work again, by @nvuillam in #5387
Doc
- Display hash as plain text in markdown, by @johndutchover in #5420
Flavors
- Add Gherkin descriptor in java flavor, by @nvuillam in #5592
CI
- Fix rust setup & disable codecov-cli, by @nvuillam in #5579
Linter versions upgrades (50)
- ansible-lint from 25.4.0 to 25.5.0
- bicep_linter from 0.35.1 to 0.36.1
- cfn-lint from 1.34.2 to 1.36.0
- checkstyle from 10.23.1 to 10.25.0
- clippy from 0.1.86 to 0.1.87
- clj-kondo from 2025.04.07 to 2025.06.05
- csharpier from 1.0.1 to 1.0.2
- cspell from 8.19.4 to 9.1.1
- dartanalyzer from 3.7.3 to 3.8.1
- devskim from 1.0.56 to 1.0.59
- dotnet-format from 9.0.105 to 9.0.106
- editorconfig-checker from 3.2.1 to 3.3.0
- gitleaks from 8.25.1 to 8.27.2
- golangci-lint from 2.1.5 to 2.1.6
- grype from 0.91.2 to 0.94.0
- htmlhint from 1.1.4 to 1.5.1
- kics from 2.1.7 to 2.1.10
- ktlint from 1.5.0 to 1.6.0
- kubeconform from 0.6.7 to 0.7.0
- lightning-flow-scanner from 3.8.0 to 3.23.0
- ls-lint from 2.3.0 to 2.3.1
- markdownlint from 0.44.0 to 0.45.0
- mypy from 1.15.0 to 1.16.0
- npm-groovy-lint from 15.1.0 to 15.2.0
- phpcs from 3.12.2 to 3.13.1
- phpstan from 2.1.14 to 2.1.17
- pmd from 7.13.0 to 7.14.0
- protolint from 0.54.1 to 0.55.6
- psalm from Psalm.6.10.2@ to Psalm.6.12.0@
- pylint from 3.3.6 to 3.3.7
- pyright from 1.1.400 to 1.1.402
- revive from 1.9.0 to 1.10.0
- rstcheck from 6.2.4 to 6.2.5
- rubocop from 1.75.4 to 1.76.1
- ruff from 0.11.8 to 0.11.13
- ruff-format from 0.11.8 to 0.11.13
- scalafix from 0.14.2 to 0.14.3
- secretlint from 9.3.2 to 10.1.0
- semgrep from 3.12 to 3.13
- sfdx-scanner-apex from 4.11.0 to 4.12.0
- sfdx-scanner-aura from 4.11.0 to 4.12.0
- sfdx-scanner-lwc from 4.11.0 to 4.12.0
- snakemake from 8.27.1 to 9.5.1
- sqlfluff from 3.4.0 to 3.4.1
- stylelint from 16.19.1 to 16.20.0
- syft from 1.23.1 to 1.27.1
- terraform-fmt from 1.11.4 to 1.12.2
- terragrunt from 0.78.0 to 0.81.6
- tflint from 0.57.0 to 0.58.0
- trivy from 0.62.0 to 0.63.0
- trivy-sbom from 0.62.0 to 0.63.0
- trufflehog from 3.88.27 to 3.89.1
- v8r from 4.4.0 to 5.0.0

`v8.7.0`

Compare Source

Core
- Replace pychalk (not maintained for 7 years) by termcolor, by @nvuillam in #5316
- Update make scripts so they also work on Windows, by @nvuillam in #5316
- Align number columns of markdown tables in reports, by @nvuillam in #4835
Linters enhancements
- Add new CSharpier supported file extensions, by @bdovaz in #5292
Fixes
- Exclude from sanitization the regular expressions that have awful performances, by @nvuillam in #5308
- New variable SKIP_LINTER_OUTPUT_SANITIZATION to skip sanitization to improve performances if you are on a private repository with secured access, by @nvuillam in #5308
Linter versions upgrades (27)
- ansible-lint from 25.2.1 to 25.4.0
- bicep_linter from 0.34.44 to 0.35.1
- cfn-lint from 1.34.1 to 1.34.2
- checkov from 3.2.404 to 3.2.413
- checkstyle from 10.23.0 to 10.23.1
- csharpier from 0.30.6 to 1.0.1
- cspell from 8.19.2 to 8.19.4
- gitleaks from 8.24.3 to 8.25.1
- golangci-lint from 1.64.8 to 2.1.5
- lightning-flow-scanner from 3.4.0 to 3.8.0
- phpstan from 2.1.12 to 2.1.14
- pmd from 7.12.0 to 7.13.0
- powershell from 7.5.0 to 7.5.1
- protolint from 0.53.0 to 0.54.1
- psalm from 6.10.1 to 6.10.2
- rubocop from 1.75.3 to 1.75.4
- ruff from 0.11.6 to 0.11.8
- ruff-format from 0.11.6 to 0.11.8
- secretlint from 9.3.1 to 9.3.2
- stylelint from 16.19.0 to 16.19.1
- terragrunt from 0.77.22 to 0.78.0
- tflint from 0.56.0 to 0.57.0
- trivy from 0.61.1 to 0.62.0
- trivy-sbom from 0.61.1 to 0.62.0
- v8r from 4.3.0 to 4.4.0
- yamllint from 1.37.0 to 1.37.1

`v8.6.0`

Compare Source

Core
- New config property ENABLE_ERRORS_LINTERS. If set, only the listed linters will be considered as blocking
New linters
- Add cppcheck linter, by @bdovaz in #5224
Media
- Integrating MegaLinter to Automate Linting Across Multiple Codebases. A Technical Description, by Thorsten Foltz
Linters enhancements
- editorconfig_checker Changes default EditorConfig-Checker config filename by @llaville in #5061
- TruffleHog: Ignore .git by default if not already done using --exclude-paths option
Fixes
- Sanitize all linter outputs by default, by @nvuillam in #5266
Doc
- Add j2lint to plugins, by @wesley-dean in #5151
- Add fmlint (frontmatter linter) to plugins list by @wesley-dean in #5257
- Remove trailing spaces by @parkerbxyz in #5185
CI
- Initial Renovate automerge configuration, by @echoix in #5057
- Set update schedule for checkov updates, by @echoix in #5064
- Always upgrade packages from base image for updated security fixes, by @echoix in #5152
- build-command: Unshallow pull or full pull before committing changes, by @echoix in #5201
Linter versions upgrades (50)
- ansible-lint from 25.1.3 to 25.2.1
- bicep_linter from 0.34.1 to 0.34.44
- cfn-lint from 1.32.0 to 1.34.1
- checkov from 3.2.390 to 3.2.404
- checkstyle from 10.21.4 to 10.23.0
- clippy from 0.1.85 to 0.1.86
- clj-kondo from 2025.02.20 to 2025.04.07
- cpplint from 2.0.0 to 2.0.2
- cspell from 8.17.5 to 8.19.2
- dartanalyzer from 3.7.2 to 3.7.3
- devskim from 1.0.52 to 1.0.56
- dotnet-format from 9.0.104 to 9.0.105
- flake8 from 7.1.2 to 7.2.0
- gitleaks from 8.24.2 to 8.24.3
- grype from 0.90.0 to 0.91.2
- kics from 2.1.6 to 2.1.7
- kubescape from 3.0.32 to 3.0.34
- lightning-flow-scanner from 3.2.0 to 3.4.0
- ls-lint from 2.2.3 to 2.3.0
- phplint from 9.5.6 to 9.6.2
- php-cs-fixer from 3.73.1 to 3.75.0
- phpcs from 3.12.0 to 3.12.2
- phpstan from 2.1.8 to 2.1.12
- pmd from 7.11.0 to 7.12.0
- psalm from Psalm.6.9.4@ to Psalm.6.10.1@
- pyright from 1.1.397 to 1.1.400
- revive from 1.7.0 to 1.9.0
- rubocop from 1.74.0 to 1.75.3
- ruff from 0.11.2 to 0.11.6
- ruff-format from 0.11.2 to 0.11.6
- secretlint from 9.2.0 to 9.3.1
- sfdx-scanner-apex from 4.10.0 to 4.11.0
- sfdx-scanner-aura from 4.10.0 to 4.11.0
- sfdx-scanner-lwc from 4.10.0 to 4.11.0
- spectral from 6.14.3 to 6.15.0
- sqlfluff from 3.3.1 to 3.4.0
- stylelint from 16.16.0 to 16.19.0
- swiftlint from 0.58.2 to 0.59.1
- syft from 1.21.0 to 1.23.1
- terraform-fmt from 1.11.2 to 1.11.4
- terragrunt from 0.76.6 to 0.77.22
- tflint from 0.55.1 to 0.56.0
- trivy from 0.60.0 to 0.61.1
- trivy-sbom from 0.60.0 to 0.61.1
- trufflehog from 3.88.18 to 3.88.25
- v8r from 4.2.1 to 4.3.0
- vale from 3.9.4 to 3.11.2
- yamllint from 1.36.2 to 1.37.0

`v8.5.0`

Compare Source

Core
- Addition of warnings to reporters and logic changes to surface warnings even when there are no errors. Addition of cli_lint_warning_count / cli_lint_warning_regex variables to the JSON schema. #4476, by @bdovaz in #4556
Linters enhancements
- kubescape Remove downgraded_version from kubescape, by @bdovaz in #4712
- npm-groovy-lint: Undowngrade npm-groovy-lint as there is a new release with issue fixed by @nvuillam in #4834
- syft: Add SBOM file by default in report folder + remove useless debug statement
- trivy-sbom: Add SBOM file by default in report folder + remove useless debug statement
Fixes
- Use npm to install pyright
- Undowngrade npm-groovy-lint as there is a new release with issue fix
- jscpd: remove forced --exitCode 1 to fix #4631
- Use --with-all-dependencies to install phpcs-fixer, by @nvuillam in #4672
- Remove Composer config PHP 8.3 compatibility platform for PSALM 6.0, by @llaville in #4930
- Fix lychee upgrade issue (lycheeignore upgrade), by @wesley-dean in #4964
Doc
- Remove reference to R2DevOps jobs as it has been discontinued (see #4678)
- Improve contributing doc by adding reference to source .venv/Scripts/activate on Windows
- Better apk package url, by @bdovaz in #4707
- Better package version docs, by @bdovaz in #4721
- Correct default SARIF_REPORTER_FILE_NAME, by @yxtay in #4783
- Use github private email for megalinter-bot, by @yxtay in #4786
- Update plugins.md to add raw link to JSON schema, by @wesley-dean in #4932
Flavors
- Add syft in all flavors
CI
- Update .devcontainer configuration, by @bdovaz in #4843
- Configure Renovate for gem, cargo, pip and npm dependencies, by @bdovaz in #4673
- Configure Renovate for composer dependencies, by @bdovaz in #4916
- Use packagist data source, by @bdovaz in #4922
- Bring back codecov, by @nvuillam in #4836
Plugins
- Add docker-compose-linter (dclint) to plugins list, by @wesley-dean in #4962
- Add repolinter to the list of plugins, by @wesley-dean in #4972
Linter versions upgrades (55)
- ansible-lint from 25.1.1 to 25.1.3
- bandit from 1.8.2 to 1.8.3
- bicep_linter from 0.33.13 to 0.34.1
- cfn-lint from 1.22.7 to 1.32.0
- checkov from 3.2.360 to 3.2.390
- checkstyle from 10.21.2 to 10.21.4
- clippy from 0.1.84 to 0.1.85
- clj-kondo from 2025.01.16 to 2025.02.20
- cspell from 8.17.3 to 8.17.5
- dartanalyzer from 3.6.2 to 3.7.2
- detekt from 1.23.7 to 1.23.8
- dotnet-format from 9.0.102 to 9.0.104
- editorconfig-checker from 3.2.0 to 3.2.1
- flake8 from 7.1.1 to 7.1.2
- gitleaks from 8.23.3 to 8.24.2
- golangci-lint from 1.63.4 to 1.64.8
- grype from 0.87.0 to 0.90.0
- isort from 6.0.0 to 6.0.1
- kics from 2.1.3 to 2.1.6
- kubescape from 2.9.0 to 3.0.32
- lightning-flow-scanner from 2.43.0 to 3.2.0
- mypy from 1.14.1 to 1.15.0
- npm-groovy-lint from 15.0.0 to 15.1.0
- php-cs-fixer from 3.68.5 to 3.73.1
- phpcs from 3.11.3 to 3.12.0
- phpstan from 2.1.2 to 2.1.8
- pmd from 7.9.0 to 7.11.0
- prettier from 3.4.2 to 3.5.3
- protolint from 0.52.0 to 0.53.0
- psalm from Psalm.6.1.0@ to Psalm.6.9.4@
- puppet-lint from 4.2.4 to 4.3.0
- pylint from 3.3.4 to 3.3.6
- pyright from 1.1.393 to 1.1.397
- revive from 1.6.0 to 1.7.0
- roslynator from 0.10.0.0 to 0.10.1.0
- rubocop from 1.71.0 to 1.74.0
- ruff-format from 0.9.4 to 0.11.2
- ruff from 0.9.4 to 0.11.2
- scalafix from 0.14.0 to 0.14.2
- secretlint from 9.0.0 to 9.2.0
- sfdx-scanner-apex from 4.9.0 to 4.10.0
- sfdx-scanner-aura from 4.9.0 to 4.10.0
- sfdx-scanner-lwc from 4.9.0 to 4.10.0
- shfmt from 3.10.0 to 3.11.0
- snakefmt from 0.10.2 to 0.11.0
- spectral from 6.14.2 to 6.14.3
- sqlfluff from 3.3.0 to 3.3.1
- stylelint from 16.14.1 to 16.16.0
- syft from 1.19.0 to 1.21.0
- terraform-fmt from 1.10.3 to 1.11.2
- terragrunt from 0.71.1 to 0.76.6
- trivy-sbom from 0.59.0 to 0.60.0
- trivy from 0.59.0 to 0.60.0
- trufflehog from 3.88.4 to 3.88.14
- yamllint from 1.35.1 to 1.36.2

`v8.4.2`

Compare Source

Media
- New video (Brazilian) MegaLinter: Como Automatizar a Qualidade do Código para Todas Plataformas , by Codando TV
Fixes
- Fix .NET linters issue: Add --allow-roll-forward to dotnet tool install commands, by @bdovaz in #4619
- GH-4610 : PHP CS Fixer linter version available is not correct since running on PHP 8.4 runtime, by @llaville in #4611
- Allow cspell to work with CLI_LINT_MODE=project
- Downgrade npm-groovy-lint until it's fixed, by @nvuillam in #4628
Linter versions upgrades (31)
- ansible-lint from 25.1.0 to 25.1.1
- black from 24.10.0 to 25.1.0
- cfn-lint from 1.22.7 to 1.23.1
- checkov from 3.2.357 to 3.2.360
- cspell from 8.17.2 to 8.17.3
- dartanalyzer from 3.6.1 to 3.6.2
- devskim from 1.0.51 to 1.0.52
- editorconfig-checker from 3.1.2 to 3.2.0
- gitleaks from 8.23.2 to 8.23.3
- isort from 5.13.2 to 6.0.0
- lightning-flow-scanner from 2.39.0 to 2.43.0
- npm-groovy-lint from 15.0.2 to 15.0.0
- php-cs-fixer from 3.68.0 to 3.68.5
- powershell from 7.4.6 to 7.5.0
- powershell_formatter from 7.4.6 to 7.5.0
- psalm from Psalm.6.0.0@ to Psalm.6.1.0@
- pylint from 3.3.3 to 3.3.4
- pyright from 1.1.392 to 1.1.393
- raku from 2024.10 to 2024.12
- roslynator from 0.9.3.0 to 0.10.0.0
- rubocop from 1.71.0 to 1.71.1
- ruff-format from 0.9.3 to 0.9.4
- ruff from 0.9.3 to 0.9.4
- sfdx-scanner-apex from 4.8.0 to 4.9.0
- sfdx-scanner-aura from 4.8.0 to 4.9.0
- sfdx-scanner-lwc from 4.8.0 to 4.9.0
- tflint from 0.55.0 to 0.55.1
- trivy-sbom from 0.58.2 to 0.59.0
- trivy from 0.58.2 to 0.59.0
- trufflehog from 3.88.2 to 3.88.4

`v8.4.1`

Compare Source

Quick fix about PRE_COMMANDS crash (see #4591)
Linter versions upgrades (2)
- checkstyle from 10.21.1 to 10.21.2
- stylelint from 16.14.0 to 16.14.1

`v8.4.0`

Compare Source

Core
- PHP Linters use now the bartlett/sarif-php-converters first official release 1.0.0 to generate SARIF reports, by @llaville in #4357
- Upgrade PHP engine from 8.3 to 8.4 and allow Psalm 5.26 to run on this context (by @llaville)
- Linters can specify in the pre/post commands with a run_before_linters / run_after_linters parameter whether the command is to be executed before/after the execution of the linters themselves (by @bdovaz in #4482)
- Bump python version to 3.12.8, by @echoix in #4372
- Update to .NET 9, by @bdovaz in #4488
- Upgrade PHP engine from 8.3 to 8.4, by @llaville in #4524
New linters
- Reactivate clj-style (Clojure formatter) since its bug is fixed, by @nvuillam in #4369
- New python formatter: PYTHON_RUFF_FORMAT, by @nvuillam in #4329
Disabled linters
- Snakemake has been disabled, because its dependency datrie not maintained, and issue open in snakemake repo since july is still pending
Linters enhancements
- Add support to phpstan/extension-installer Composer plugin for automatic installation of PHPStan extensions, by @llaville in #4337
  - Learn more about context on GH-4328
- Allow Terrascan to lint in file lint mode, by @bdovaz in #4498
- Add sarif output to golangci-lint, by @bdovaz in #4557
Plugins
- Add prettier for markdown, by Qin Li
Fixes
- swiftlint Fix swiftlint error where linter is unable to find lintable files. Fixes #440, by @Noraldeno in #4427
- jscpd url fixes, by @alexanderbazhenoff in #4352
- Don't call get_pr_data if GitLeaks linter is not active, by @bdovaz in #4469
- Fix linter disabled reason usage, by @bdovaz in #4466
Doc
- Add contributing docs on venv, by @bdovaz in #4479
- Add disabled linter badge, by @bdovaz in #4477
- Add AzureCommentReporter instructions, by @bdovaz in #4480
CI
- Fix up gitpod config and workflow to support uv 0.5.0+ by @echoix in #4373
- Use uv.lock file to build docker images, by @echoix in #4374
- Update Renovate schedules for uv and sfdx-hardis, by @echoix in #4568
- Variabilize version and use renovate for updates for the following linters:
  - all GO linters
  - all REPOSITORY linters
  - arm-ttk
  - bash-shfmt
  - bicep
  - clj-kondo
  - cljstyle
  - csharpier
  - dart
  - ktlint
  - kubescape
  - lychee
  - luacheck
  - markdown-link-check
  - perlcritic
  - raku
  - tsqllint
Linter versions upgrades (66)
- actionlint from 1.7.6 to 1.7.7
- ansible-lint from 24.12.2 to 25.1.0
- banditto 1.8.2
- bash-exec from 5.2.26 to 5.2.37
- bicep_linter from to 0.33.13
- cfn-lint 1.22.7
- checkov from to 3.2.357
- checkstyle from 10.20.1 to 10.21.1
- clang-format from 17.0.6 to 19.1.4
- clippy 0.1.84
- clj-kondo from 2024.11.14 to 2025.01.16
- cljstyle from 0.15.0 to 0.17.642
- csharpier from 0.30.2 to 0.30.6
- cspell from 8.16.0 to 8.17.2
- devskim from 1.0.44 to 1.0.51
- djlint from 1.36.1 to 1.36.4
- dotnet-format from 8.0.111 to 9.0.102
- editorconfig-checker from 3.0.3 to 3.1.2
- git_diff from 2.45.2 to 2.47.2
- gitleaks from 8.21.2 to 8.23.2
- golangci-lint from 1.62.0 to 1.63.4
- grype from 0.79.5 to 0.87.0
- helm from 3.14.3 to 3.16.3
- ktlint from 1.4.1 to 1.5.0
- lightning-flow-scanner from 2.36.0 to 2.39.0
- lychee from 0.17.0 to 0.18.0
- markdownlint from 0.43.0 to 0.44.0
- mypy from 1.13.0 to 1.14.0
- mypy from 1.14.0 to 1.14.1
- php-cs-fixer from 3.64.0 to 7.4.0
- phpcs from 3.11.1 to 3.11.3
- phplint from 9.5.4 to 9.5.6
- phpstan from 2.0.2 to 2.1.2
- pmd from 7.7.0 to 7.9.0
- powershell from 7.4.2 to 7.4.6
- powershell_formatter from 7.4.2 to 7.4.6
- prettier from 3.3.3 to 3.4.2
- protolint from 0.50.5 to 0.52.0
- psalm from Psalm.5.26.1@ to Psalm.6.0.0@
- pylint from 3.3.1 to 3.3.3
- pyright from 1.1.389 to 1.1.392
- raku from 2020.10 to 2024.10
- revive from 1.5.1 to 1.6.0
- rubocop from 1.68.0 to 1.71.0
- ruff-format from 0.8.6 to 0.9.3
- ruff from 0.8.0 to 0.9.3
- scalafix from 0.13.0 to 0.14.0
- selene from 0.27.1 to 0.28.0
- sfdx-scanner-apex from 4.7.0 to 4.8.0
- sfdx-scanner-aura from 4.7.0 to 4.8.0
- sfdx-scanner-lwc from 4.7.0 to 4.8.0
- snakemake from 8.25.3 to 8.27.1
- sqlfluff from 3.2.5 to 3.3.0
- stylelint from 16.10.0 to 16.14.0
- swiftlint from 0.57.0 to 0.58.2
- syft from 1.17.0 to 1.19.0
- terraform-fmt from 1.10.0 to 1.10.3
- terraform-fmt from 1.9.8 to 1.10.0
- terragrunt from 0.68.14 to 0.69.13
- tflint from 0.54.0 to 0.55.0
- trivy-sbom from 0.57.1 to 0.58.2
- trivy from 0.57.1 to 0.58.2
- trufflehog from 3.84.1 to 3.88.2
- v8r from 4.2.0 to 4.2.1
- vale from 3.9.1 to 3.9.4
- xmllint from 21207 to 21304

`v8.3.0`

Compare Source

Core
- Display command log (truncated to 250 chars) even when LOG_LEVEL is not DEBUG
- Allow to replace an ENV var value with the value of another ENV var before calling a PRE_COMMAND (helps for tflint run from GitHub Enterprise)
- Fix handling of git submodule paths
Fixes
- trivy: retry in case of BLOB_UNKNOWN while downloading vulnerability list
Reporters
- Fix UpdatedSourcesReporter when APPLY_FIXES is list (array)
- Fix AzureCommentReporter when the repo is not found: fallback using BUILD_REPOSITORY_ID. (+ disable space replacement in repo name with AZURE_COMMENT_REPORTER_REPLACE_WITH_SPACES: false)
CI
- Fix Docker mirroring job for release context
- Remove max parallel jobs for release linters workflow
Linter versions upgrades (13)
- cfn-lint from 1.19.0 to 1.20.0
- checkov from 3.2.298 to 3.2.311
- csharpier from 0.29.2 to 0.30.2
- markdownlint from 0.42.0 to 0.43.0
- phpstan from 2.0.1 to 2.0.2
- ruff from 0.7.4 to 0.8.0
- spectral from 6.14.1 to 6.14.2
- stylua from 0.20.0 to 2.0.0
- syft from 1.16.0 to 1.17.0
- trivy-sbom from 0.57.0 to 0.57.1
- trivy from 0.57.0 to 0.57.1
- trufflehog from 3.83.7 to 3.84.1
- vale from 3.9.0 to 3.9.1

`v8.2.0`

Compare Source

Media
- 10 MegaLinter Tips and Tricks Unlock its Full Potential by Wes Dean
- MegaLinter Performance Tuning for Maximum Efficiency by Wes Dean
Linters enhancements
- detekt Enable SARIF output + count errors
- lintr: Support files in subdirectories, fix unit tests
- phpcs: Activate APPLY_FIXES
- Salesforce linters: Add SF_CLI_DISABLE_AUTOUPDATE for SF CLI JIT plugins
- trivy: handle retry if failed to download Java DB is detected
- tsqllint Re-enabled after .net 8 and security updates
Fixes
- Add message in PR comment if FAIL_IF_UPDATED_SOURCES is triggered
- Fix linting errors in GitHub Actions template
Reporters
- UpdatedSourcesReporter will git commit & push fixed files to source branch if APPLY_FIXES is set
- Fix AzureCommentReporter not adding comments to PR
- Fix AzureCommentReporter fails when target repo contains spaces
Doc
- Updated documentation with Azure central pipeline use case
- Update DevSkim documentation to show a valid exclusion config file
- Note about risky rules and how to fix rule violations with PHP-CS-Fixer
CI
- Also prune volumes before pulling and pushing to docker hub
- Externalize mirroring from ghcr.io to docker hub in another workflow to avoid memory issues
- Squash docker images to have less layers and size
- Comment jobs related to GitHub Worker images, as CodeTotal is not actively maintained
- Make gitpod workflow not blocking until uv install is fixed
- Update stale comment
- Try several times to embed trivy db during Docker build, as a workaround to the random failures
- Wait 10 secondes instead of 1 before retrying a failing test method, to avoid race conditions
Linter versions upgrades (104)
- actionlint from 1.7.3 to 1.7.4
- ansible-lint from 24.9.2 to 24.10.0
- bicep_linter from 0.30.23 to 0.31.92
- cfn-lint from 1.16.1 to 1.19.0
- checkov from 3.2.257 to 3.2.298
- checkstyle from 10.18.2 to 10.20.1
- clippy from 0.1.81 to 0.1.82
- clj-kondo from 2024.09.27 to 2024.11.14
- cspell from 8.15.1 to 8.16.0
- devskim from 1.0.33 to 1.0.44
- djlint from 1.35.2 to 1.36.1
- dotnet-format from 8.0.110 to 8.0.111
- gitleaks from 8.20.1 to 8.21.2
- golangci-lint from 1.61.0 to 1.62.0
- ktlint from 1.3.1 to 1.4.1
- lightning-flow-scanner from 2.34.0 to 2.36.0
- lychee from 0.16.1 to 0.17.0
- mypy from 1.11.2 to 1.13.0
- perlcritic from 1.152 to 1.156
- phpcs from 3.10.3 to 3.11.1
- phplint from 9.5.3 to 9.5.4
- phpstan from 1.12.6 to 2.0.1
- pmd from 7.6.0 to 7.7.0
- pyright from 1.1.384 to 1.1.389
- revive from 1.4.0 to 1.5.1
- roslynator from 0.9.1.0 to 0.9.3.0
- rubocop from 1.66.1 to 1.68.0
- ruff from 0.6.9 to 0.7.4
- secretlint from 8.4.0 to 9.0.0
- sfdx-scanner-apex from 4.6.0 to 4.7.0
- sfdx-scanner-aura from 4.6.0 to 4.7.0
- sfdx-scanner-lwc from 4.6.0 to 4.7.0
- shfmt from 3.9.0 to 3.10.0
- snakemake from 8.21.0 to 8.25.3
- spectral from 6.13.1 to 6.14.1
- sqlfluff from 3.2.3 to 3.2.5
- syft from 1.14.0 to 1.16.0
- terraform-fmt from 1.9.5 to 1.9.8
- terragrunt from 0.67.5 to 0.68.14
- tflint from 0.53.0 to 0.54.0
- trivy-sbom from 0.56.2 to 0.57.0
- trivy from 0.56.2 to 0.57.0
- trufflehog from 3.82.11 to 3.83.7
- tsqllint from 1.15.3.0 to 1.16.0.0
- v8r from 4.1.0 to 4.2.0
- vale from 3.7.1 to 3.9.0

`v8.1.0`

Compare Source

Core
- Allow to tag PRE_COMMANDS to run them before loading plugins, by @nvuillam in #3944
- Replace usage of setup.py with a pyproject.toml package install, by @echoix in #3893
- Allow to add custom messages at the end of PR / MR MegaLinter Summary using variable JOB_SUMMARY_ADDITIONAL_MARKDOWN
New linters
- New LUA linter: selene, by @AlejandroSuero in #3978
- New LUA formatter: stylua, by @AlejandroSuero in #3985
Linters enhancements
- Trivy
  - Embed vulnerability database in Docker Image for running trivy on internet-free network
  - Retry 5 times after 3 seconds in case of TooManyRequests when downloading vulnerability database
  - If the retries did not succeed, call trivy with --skip-db-update --skip-check-update (not ideal but better than nothing)
- Bash/Perl: Support shell scripts with no extension and only support perl shebangs at the beginning of a file in #4076
Fixes
- APPLY_FIXES and for PHP_PHPCSFIXER linter, by @llaville in #3963
- Add debug traces to investigate reporters activation
- Add more traces for ApiReporter
- Activate ApiReporter by default
Reporters
- Fix ApiReporter not called in MegaLinter flavors
Doc
- Fix Grafana Home Dashboard to add missing criteria
- Update PRE_COMMANDS documentation to describe all properties
- Update Grafana documentation to fix secrets typo
CI
- Free space in release job to avoid no space left on device, by @nvuillam in #3914
- Add pytest-rerunfailures to improve CI control jobs success, by @AlejandroSuero in #3993
- Send GITHUB_TOKEN to trivy-action
- Workaround to avoid to reach Docker Hub rate limits: Build & push first on ghcr.io, then login to docker hub, then push to docker hub
Linter versions upgrades
- actionlint from 1.7.1 to 1.7.3
- ansible-lint from 24.7.0 to 24.9.2
- bandit from 1.7.9 to 1.7.10
- bicep_linter from 0.29.47 to 0.30.23
- black from 24.8.0 to 24.10.0
- cfn-lint from 1.10.3 to 1.16.1
- checkov from 3.2.232 to 3.2.257
- checkstyle from 10.17.0 to 10.18.2
- clippy from 0.1.80 to 0.1.81
- clj-kondo from 2024.08.01 to 2024.09.27
- cpplint from 1.6.1 to 2.0.0
- csharpier from 0.29.0 to 0.29.2
- cspell from 8.14.1 to 8.15.1
- detekt from 1.23.6 to 1.23.7
- djlint from 1.34.1 to 1.35.2
- dotnet-format from 8.0.108 to 8.0.110
- eslint from 8.57.0 to 8.57.1
- gitleaks from 8.18.4 to 8.20.1
- golangci-lint from 1.60.1 to 1.61.0
- kics from 2.1.2 to 2.1.3
- lightning-flow-scanner from 2.33.0 to 2.34.0
- lychee from 0.15.1 to 0.16.1
- markdownlint from 0.41.0 to 0.42.0
- mypy from 1.11.1 to 1.11.2
- npm-groovy-lint from 14.6.0 to 15.0.2
- php-cs-fixer from 3.62.0 to 3.64.0
- phpcs from 3.10.2 to 3.10.3
- phplint from 9.4.1 to 9.5.3
- phpstan from 1.11.11 to 1.12.6
- pmd from 7.4.0 to 7.6.0
- psalm from Psalm.5.25.0@ to Psalm.5.26.1@
- pylint from 3.2.6 to 3.3.1
- pyright from 1.1.376 to 1.1.384
- revive from 1.3.9 to 1.4.0
- roslynator from 0.8.9.0 to 0.9.1.0
- rubocop from 1.65.1 to 1.66.1
- ruff from 0.6.1 to 0.6.9
- scalafix from 0.12.1 to 0.13.0
- secretlint from 8.2.4 to 8.4.0
- sfdx-scanner-apex from 4.4.0 to 4.6.0
- sfdx-scanner-aura from 4.4.0 to 4.6.0
- sfdx-scanner-lwc from 4.4.0 to 4.6.0
- shfmt from 3.8.0 to 3.9.0
- snakemake from 8.18.1 to 8.21.0
- spectral from 6.11.1 to 6.13.1
- sqlfluff from 3.1.0 to 3.2.3
- standard from 17.1.0 to 17.1.2
- stylelint from 16.8.2 to 16.10.0
- swiftlint from 0.56.1 to 0.57.0
- syft from 1.11.0 to 1.14.0
- terraform-fmt from 1.9.4 to 1.9.5
- terragrunt from 0.66.8 to 0.67.5
- terrascan from 1.18.11 to 1.19.9
- trivy-sbom from 0.54.1 to 0.56.2
- trivy from 0.54.1 to 0.56.2
- trufflehog from 3.81.10 to 3.82.8
- v8r from 4.0.1 to 4.1.0
- vale from 3.7.0 to 3.7.1

`v8.0.0`

Compare Source

Reporters
- New ApiReporter (can be used to build Grafana dashboards), by @nvuillam in #3540

Removed deprecated linters, by @nvuillam in #3854
- CSS_SCSSLINT: Project discontinued and advising to use stylelint
- OPENAPI_SPECTRAL: Re

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, on day 1 of the month ( * 0-3 1 * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

github-actions · 2024-09-01T01:19:31Z

🦙 MegaLinter status: ⚠️ WARNING

Descriptor	Linter	Files	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	3	0	0	0.01s
⚠️ CSHARP	csharpier	29	1	0	5.82s
✅ EDITORCONFIG	editorconfig-checker	54	0	0	0.23s
✅ JSON	jsonlint	9	0	0	0.15s
⚠️ JSON	prettier	9	1	0	0.83s
✅ JSON	v8r	9	0	0	5.94s
✅ MARKDOWN	markdownlint	1	0	0	0.55s
✅ MARKDOWN	markdown-link-check	1	0	0	2.48s
✅ MARKDOWN	markdown-table-formatter	1	0	0	0.24s
✅ REPOSITORY	checkov	yes	no	no	16.06s
✅ REPOSITORY	dustilock	yes	no	no	0.01s
✅ REPOSITORY	gitleaks	yes	no	no	0.17s
✅ REPOSITORY	git_diff	yes	no	no	0.01s
✅ REPOSITORY	grype	yes	no	no	29.13s
✅ REPOSITORY	kics	yes	no	no	2.5s
✅ REPOSITORY	secretlint	yes	no	no	1.12s
✅ REPOSITORY	syft	yes	no	no	1.64s
✅ REPOSITORY	trivy	yes	no	no	10.33s
✅ REPOSITORY	trivy-sbom	yes	no	no	0.12s
✅ REPOSITORY	trufflehog	yes	no	no	3.83s
✅ YAML	prettier	6	0	0	0.5s
✅ YAML	v8r	6	0	0	4.84s
✅ YAML	yamllint	6	0	0	0.38s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

Click here to request the new flavor

renovate bot enabled auto-merge (rebase) September 1, 2024 01:16

renovate bot force-pushed the renovate/major-github-actions branch from c2f5c89 to 35cd80d Compare September 26, 2024 20:16

renovate bot changed the title ~~chore(deps): update oxsecurity/megalinter action to v8~~ chore(deps): update github-actions (major) Sep 26, 2024

renovate bot force-pushed the renovate/major-github-actions branch from 35cd80d to a325a2c Compare October 13, 2024 12:14

renovate bot force-pushed the renovate/major-github-actions branch 2 times, most recently from eca6c8c to 31f87b0 Compare November 23, 2024 11:12

renovate bot force-pushed the renovate/major-github-actions branch 3 times, most recently from 438d105 to 2e358ed Compare February 2, 2025 13:18

renovate bot force-pushed the renovate/major-github-actions branch from 2e358ed to 88da681 Compare March 23, 2025 21:41

renovate bot force-pushed the renovate/major-github-actions branch 2 times, most recently from 99c7cbe to 7237d35 Compare May 4, 2025 17:39

chore(deps): update github-actions

b40b720

renovate bot force-pushed the renovate/major-github-actions branch from 7237d35 to b40b720 Compare June 15, 2025 17:35

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): update github-actions (major) #105

chore(deps): update github-actions (major) #105

Uh oh!

renovate bot commented Sep 1, 2024 •

edited

Loading

Uh oh!

github-actions bot commented Sep 1, 2024 •

edited

Loading

Uh oh!

Uh oh!

chore(deps): update github-actions (major) #105

Are you sure you want to change the base?

chore(deps): update github-actions (major) #105

Uh oh!

Conversation

renovate bot commented Sep 1, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

Configuration

Uh oh!

github-actions bot commented Sep 1, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

🦙 MegaLinter status: ⚠️ WARNING

Uh oh!

Uh oh!

renovate bot commented Sep 1, 2024 •

edited

Loading

github-actions bot commented Sep 1, 2024 •

edited

Loading