Releases: oxsecurity/megalinter
Releases · oxsecurity/megalinter
v7.9.0
What's Changed
-
Core
-
Fixes
- Format powershell linter output into terminal-wide table, and count errors, by @efrecon in #3318
- Allow active_only_if_file_found to work in specified subdirectory (_DIRECTORY), fixes #2873, by @TimothyEarley in #3323
- Activate CI servers reporters only if we find a related default env variable, by @nvuillam in #3321
-
Doc
-
CI
- Free more disk space before docker build
- Upgrade peter-evans/create-pull-request from v5 to v6 in GitHub Actions workflows
-
Linter versions upgrades
- ansible-lint from 6.22.2 to 24.2.0
- bandit from 1.7.6 to 1.7.7
- bicep_linter from 0.24.24 to 0.25.3
- black from 23.12.1 to 24.1.1
- cfn-lint from 0.84.0 to 0.85.1
- checkov from 3.1.67 to 3.2.20
- checkstyle from 10.12.7 to 10.13.0
- clippy from 0.1.75 to 0.1.76
- csharpier from 0.27.0 to 0.27.2
- eslint-plugin-jsonc from 2.12.2 to 2.13.0
- gitleaks from 8.18.1 to 8.18.2
- golangci-lint from 1.55.2 to 1.56.1
- grype from 0.63.1 to 0.74.5
- lychee from 0.14.1 to 0.14.3
- markdownlint from 0.38.0 to 0.39.0
- npm-groovy-lint from 14.2.0 to 14.2.1
- phplint from 9.1.0 to 9.1.2
- phpstan from 1.10.56 to 1.10.57
- prettier from 3.2.4 to 3.2.5
- psalm from Psalm.5.20.0@ to Psalm.5.21.1@
- puppet-lint from 4.2.3 to 4.2.4
- pyright from 1.1.347 to 1.1.350
- revive from 1.3.6 to 1.3.7
- roslynator from 0.8.2.0 to 0.8.3.0
- rubocop from 1.60.1 to 1.60.2
- ruff from 0.1.14 to 0.2.1
- secretlint from 8.1.0 to 8.1.1
- sfdx-scanner-apex from 3.20.0 to 3.21.0
- sfdx-scanner-aura from 3.20.0 to 3.21.0
- sfdx-scanner-lwc from 3.20.0 to 3.21.0
- shfmt from 3.7.0 to 3.8.0
- snakefmt from 0.9.0 to 0.10.0
- snakemake from 8.2.3 to 8.4.8
- stylelint from 16.2.0 to 16.2.1
- syft from 0.101.1 to 0.104.0
- terraform-fmt from 1.7.0 to 1.7.3
- terragrunt from 0.54.20 to 0.55.1
- tflint from 0.50.1 to 0.50.3
- trivy-sbom from 0.48.3 to 0.49.1
- trivy from 0.48.3 to 0.49.1
- trufflehog from 3.63.10 to 3.67.5
- v8r from 2.1.0 to 3.0.0
- yamllint from 1.33.0 to 1.34.0
New Contributors
- @Jayllyz made their first contribution in #3327
- @TimothyEarley made their first contribution in #3323
- @efrecon made their first contribution in #3318
MegaLinter is graciously provided by
Full Changelog: v7.8.0...v7.9.0
Contributors
TimothyEarley, efrecon, and 2 other contributors
Assets 2
v7.8.0
What's Changed
-
Reporters
- New reporter MARKDOWN_SUMMARY_REPORTER, allows saving MegaLinter results summary as a markdown file. This file can be further utilised to add comments on the pull request (PR) from Jenkins and other continuous integration (CI) tools by @saishivarcr in #3250
- New reporter BITBUCKET_COMMENT_REPORTER allowing to post MegaLinter results as comments on Bitbucket pull requests by @saishivarcr in #3256
-
Media
- (FR) MegaLinter presentation at DevCon 20 / Programmez Magazine, by Nicolas Vuillamy
-
Core
- mega-linter-runner: Remove container by default, except of
no-remove-containeroption is sent by @nvuillam in #3203 - Upgrade base image from python:3.11.6-alpine3.18 to python:3.11.7-alpine3.18, by @echoix in #3212
- Upgrade to python 3.12.0 by @nvuillam in #3006
- Upgrade actions/upload-artifact@v3 to actions/upload-artifact@v4 in default workflows by @nvuillam in #3225
- mega-linter-runner: Improve check if running as script or module, by @echoix in #3233
- mega-linter-runner: Remove container by default, except of
-
Fixes
- tekton-lint is now published as @ibm/tekton-lint, by @echoix in #3210
- PHP PHIVE: Use keys.openpgp.org and fingerprint for phive key verification, by @echoix in #3230
- Undowngrade sass linters, by @echoix in #3260
- Upgrade lychee default configuration to handle breaking change between 0.13.0 and 0.14.0
- Hadolint: support both
ContainerfileandDockerfileby @sanmai-NL in #3217
-
Doc
- Upgrade url to PHP CodeSniffer, as now the original repo is not maintained anymore by @nvuillam in #3201
-
CI
-
Linter versions upgrades
- ansible-lint from 6.22.1 to 6.22.2
- bash-exec from 5.2.15 to 5.2.21
- bicep_linter from 0.23.1 to 0.24.24 on 2023-12-14
- black from 23.11.0 to 23.12.1 on 2023-12-23
- cfn-lint from 0.83.4 to 0.84.0
- checkov from 3.1.27 to 3.1.67
- checkstyle from 10.12.6 to 10.12.7
- clippy from 0.1.74 to 0.1.75 on 2023-12-28
- clj-kondo from 2023.10.20 to 2023.12.15 on 2023-12-15
- csharpier from 0.26.4 to 0.27.0
- cspell from 8.1.3 to 8.3.2
- devskim from 1.0.23 to 1.0.28
- djlint from 1.34.0 to 1.34.1 on 2023-12-22
- dotnet-format from 7.0.114 to 7.0.115
- eslint-plugin-jsonc from 2.10.0 to 2.12.2
- eslint from 8.55.0 to 8.56.0 on 2023-12-16
- flake8 from 6.1.0 to 7.0.0
- git_diff from 2.40.1 to 2.43.0
- helm from 3.11.3 to 3.13.2
- isort from 5.13.0 to 5.13.2 on 2023-12-13
- kics from 1.7.11 to 1.7.12 on 2023-12-22
- ktlint from 1.0.1 to 1.1.1
- lychee from 0.13.0 to 0.14.1
- mypy from 1.7.1 to 1.8.0 on 2023-12-22
- npm-groovy-lint from 13.0.2 to 14.2.0
- phpcs from 3.8.0 to 3.8.1
- phplint from 9.0.6 to 9.1.0 on 2023-12-17
- phpstan from 1.10.48 to 1.10.56
- prettier from 3.1.0 to 3.2.4
- protolint from 0.46.3 to 0.47.5
- psalm from Psalm.5.17.0@ to Psalm.5.20.0@
- pylint from 3.0.2 to 3.0.3 on 2023-12-13
- pyright from 1.1.339 to 1.1.347
- revive from 1.3.4 to 1.3.6
- roslynator from 0.8.1.0 to 0.8.2.0
- rubocop from 1.58.0 to 1.60.1
- ruff from 0.1.7 to 0.1.14 on 2023-12-13
- secretlint from 8.0.0 to 8.1.0 on 2023-12-28
- sfdx-scanner-apex from 3.19.0 to 3.20.0
- sfdx-scanner-aura from 3.19.0 to 3.20.0
- sfdx-scanner-lwc from 3.19.0 to 3.20.0
- snakefmt from 0.8.5 to 0.9.0
- snakemake from 7.32.4 to 8.2.3
- stylelint from 15.11.0 to 16.2.0
- syft from 0.98.0 to 0.101.1 on 2023-12-22
- tekton-lint from 0.6.0 to 1.0.0
- terraform-fmt from 1.6.5 to 1.7.0
- terragrunt from 0.54.0 to 0.54.20
- terrascan from 1.18.3 to 1.18.11
- tflint from 0.49.0 to 0.50.1
- trivy-sbom from 0.48.0 to 0.48.3
- trivy from 0.48.0 to 0.48.3
- trufflehog from 3.63.2 to 3.63.10
- vale from 2.30.0 to 3.0.5
New Contributors
- @saishivarcr made their first contribution in #3250
MegaLinter is graciously provided by
Full Changelog: v7.7.0...v7.8.0
Contributors
sanmai-NL, nvuillam, and 2 other contributors
Assets 2
v7.7.0
What's Changed
-
Core
-
Media
-
New linters
- Add clang-format c & cpp formatting linter including "apply fix" support by @daltonv in #3089
- Add Roslynator C# linter by @bdovaz in #3155
-
Fixes
- Call jscpd with
--gitignoreto ignore copy-pastes in files matching.gitignore - cpplint: Dynamically add the list of extensions from list of files in --extensions parameter by @nvuillam in #3149
- Fix mkdocs generation + CI control job by @nvuillam in #3135
- Add semgrep ruleset to validation schema by @wesley-dean-flexion in #3164
- Downgrade stylelint to avoid crash with not v16 compliant dependencies
- Fix count of yaml-lint errors by @nvuillam in #3198
- Remove openssl reinstall, as base image has updated version from alpine 3.18.5 by @echoix in #3181
- Call jscpd with
-
CI
-
Linter versions upgrades
- ansible-lint from 6.22.0 to 6.22.1
- bandit from 1.7.5 to 1.7.6
- cfn-lint from 0.83.3 to 0.83.4
- checkov from 3.0.39 to 3.1.25
- checkstyle from 10.12.5 to 10.12.6
- csharpier from 0.26.2 to 0.26.4
- cspell from 8.0.0 to 8.1.3
- dotnet-format from 6.0.417 to 7.0.114
- eslint from 8.54.0 to 8.55.0
- gitleaks from 8.18.0 to 8.18.1
- isort from 5.12.0 to 5.13.0
- lightning-flow-scanner from 2.15.0 to 2.16.0
- luacheck from 1.1.1 to 1.1.2
- markdown-table-formatter from 1.4.0 to 1.5.0
- markdownlint from 0.37.0 to 0.38.0
- mypy from 1.7.0 to 1.7.1
- npm-groovy-lint from 12.1.0 to 13.0.2
- phpcs from 3.7.2 to 3.8.0
- phplint from 9.0.4 to 9.0.6
- phpstan from 1.10.42 to 1.10.48
- psalm from Psalm.5.15.0@ to Psalm.5.17.0@
- puppet-lint from 4.2.1 to 4.2.3
- pyright from 1.1.336 to 1.1.339
- roslynator from 0.8.0.0 to 0.8.1.0
- rubocop from 1.57.2 to 1.58.0
- ruff from 0.1.6 to 0.1.7
- secretlint from 7.1.0 to 8.0.0
- semgrep from 1.50.0 to 1.52.0
- sfdx-scanner-apex from 3.18.0 to 3.19.0
- sfdx-scanner-aura from 3.18.0 to 3.19.0
- sfdx-scanner-lwc from 3.18.0 to 3.19.0
- syft from 0.97.1 to 0.98.0
- terraform-fmt from 1.6.4 to 1.6.5
- terragrunt from 0.53.4 to 0.54.0
- trivy from 0.47.0 to 0.48.0
- trufflehog from 3.63.0 to 3.63.2
- vale from 2.29.7 to 2.30.0
MegaLinter will be presented at DevCon20, in Paris on 14 december (french)
MegaLinter is graciously provided by
Full Changelog: v7.6.0...v7.7.0
Contributors
bdovaz, daltonv, and 3 other contributors
Assets 2
v7.6.0
What's Changed
-
Major enhancements
- New flavor c_cpp: New flavor for pure C/C++ projects, by @daltonv in #3067
- New flavor formatters: Contains only formatter linters, by @nvuillam in #3071
- Add Salesforce Lightning Flow Scanner, by @nvuillam in #3092
-
Core
-
Fixes
- Fix issue Gitleaks
--no-gitdoes not work anymore, #2945, in #3112 - Fix way to install powershell on Alpine linux image
- Fix issue with VS Code devcontainer not building #3114
- Fix Default Workflow to handle latest ActionLint rules, by @nvuillam in #3130
- Write checkov SARIF report
results_sarif.sarifinREPORT_FOLDER, by @gmeligio in #3121 - Updated lintr config template to use
linters_with_defaults()(formerlywith_defaults()) - Fix csharp installation dependencies, by @nvuillam in #3075
- Fix powershell installation by @nvuillam in #3126
- Fix issue Gitleaks
-
Doc
-
CI
- Upgrade pymdown-extensions and markdown, by @BryanQuigley in #3053
- Use docker/metadata-action for some internal CI, by @echoix in #3110
- Call docker buildx prune instead of docker builder prune, by @echoix in #3127
- Set schedule earlier for auto-update-linters.yml, allow manual runs, by @echoix in #3066
- Add mike to dev/requirements.txt, by @echoix in #3070
- Modernize dependabot.yml in correct directories, by @echoix in #3093
- Fix devcontainer Dockerfile typo (fixes #3114) by @daltonv in #3115
-
Linter versions upgrades
- ansible-lint from 6.21.1 to 6.22.0
- bicep_linter from 0.22.6 to 0.23.1
- black from 23.10.1 to 23.11.0
- cfn-lint from 0.83.0 to 0.83.3
- checkov from 3.0.12 to 3.0.39
- checkstyle from 10.12.4 to 10.12.5
- clippy from 0.1.73 to 0.1.74
- csharpier from 0.25.0 to 0.26.2
- cspell from 7.3.8 to 8.0.0
- dotnet-format from 6.0.416 to 6.0.417
- eslint from 8.52.0 to 8.54.0
- golangci-lint from 1.55.1 to 1.55.2
- kics from 1.7.10 to 1.7.11
- kubeconform from 0.6.3 to 0.6.4
- mypy from 1.6.1 to 1.7.0
- npm-groovy-lint from 11.1.1 to 12.1.0
- npm-package-json-lint from 7.0.0 to 7.1.0
- phpstan from 1.10.39 to 1.10.42
- powershell from 7.3.9 to 7.4.0
- powershell_formatter from 7.3.9 to 7.4.0
- prettier from 3.0.3 to 3.1.0
- protolint from 0.46.2 to 0.46.3
- pyright from 1.1.333 to 1.1.336
- ruff from 0.1.3 to 0.1.6
- secretlint from 7.0.7 to 7.1.0
- semgrep from 1.46.0 to 1.50.0
- sfdx-scanner-apex from 3.17.0 to 3.18.0
- sfdx-scanner-aura from 3.17.0 to 3.18.0
- sfdx-scanner-lwc from 3.17.0 to 3.18.0
- swiftlint from 0.53.0 to 0.54.0
- syft from 0.94.0 to 0.97.1
- terraform-fmt from 1.6.2 to 1.6.4
- terragrunt from 0.53.0 to 0.53.4
- tflint from 0.48.0 to 0.49.0
- trivy-sbom from 0.46.1 to 0.47.0
- trivy from 0.46.1 to 0.47.0
- trufflehog from 3.61.0 to 3.63.0
- vale from 2.29.5 to 2.29.7
- xmllint from 21104 to 21106
- yamllint from 1.32.0 to 1.33.0
New Contributors
- @BryanQuigley made their first contribution in #3053
- @daltonv made their first contribution in #3067
- @VictorRos made their first contribution in #3112
- @gmeligio made their first contribution in #3121
MegaLinter will be presented at DevCon20, in Paris on 14 december (french)
MegaLinter is graciously provided by
Full Changelog: v7.5.0...v7.6.0
Contributors
BryanQuigley, VictorRos, and 4 other contributors
Assets 2
v7.5.0
What's Changed
-
Core
- mega-linter-runner: Convert to ES6 and upgrade npm dependencies. Node 18 minimum version is now required. by @nvuillam in #2976
- Allow to define
COMPILER_ONLYvirtual package as cargo dependency in descriptors to embed rust compiler in the Dockerfile - Optimize
@generatedmarker scanning (#2654) by @sanmai-NL in #2654
-
Media
-
Fixes
- build.py: Remove exclusivity between pip, gem & cargo packages
- Salesforce linters: Switch sfdx-cli to @salesforce/cli
- Fixed issue with
actionlintthrowing an error onifstatements in the generated workflow file - Added default
.devskim.jsonto mitigate errors introduced when no config exists (closes #3017) by @andrewvaughan in #3024 - Fix: Removed curly-brackets from if (closes #3025) by @andrewvaughan in #3029
-
Doc
-
CI
- Add the other maintainers globally to the CODEOWNERS file (#3008)
- Free disk space earlier in the process to avoid failure during docker build
- Set flavors-stats.json as a generated file in .gitattributes (#3023)
- Update and fix our ChatOps automations to only run on pull request comments, by @echoix in #3034
- Use App::cpm to install perlcritic faster, and clean
.perl-cpmcache, by @echoix in #3036 - Add failure message in ChatOps build-command and Slash dispatcher, by @echoix in #3037
- TEMPLATES/mega-linter.yml: DRY the ifs by @rasa in #2957
-
Linter versions upgrades
- ansible-lint from 6.20.0 6.21.1
- bicep_linter from 0.21.1 to 0.22.6
- black from 23.9.1 to 23.10.1
- cfn-lint from 0.80.2 to 0.83.0
- checkov from 2.4.48 to 3.0.12
- checkstyle from 10.12.3 to 10.12.4
- clippy from 0.1.72 to 0.1.73
- clj-kondo from 2023.09.07 to 2023.10.20
- cspell from 7.3.6 to 7.3.8
- devskim from 1.0.22 to 1.0.23
- dotnet-format from 6.0.414 to 6.0.416
- editorconfig-checker from 2.7.1 to 2.7.2
- eslint-plugin-jsonc from 2.9.0 to 2.10.0
- eslint from 8.49.0 to 8.52.0
- golangci-lint from 1.54.2 to 1.55.1
- kics from 1.7.8 to 1.7.10
- ktlint from 1.0.0 to 1.0.1
- mypy from 1.5.1 to 1.6.1
- perlcritic from 1.150 to 1.152
- phpstan from 1.10.35 to 1.10.39
- powershell from 7.3.7 to 7.3.9
- powershell_formatter from 7.3.7 to 7.3.9
- protolint from 0.46.0 to 0.46.2
- puppet-lint from 4.2.0 to 4.2.1
- pylint from 2.17.5 to 3.0.2
- pyright from 1.1.327 to 1.1.333
- rubocop from 1.56.3 to 1.57.2
- ruff from 0.1.2 to 0.1.3
- ruff from 0.0.290 to 0.1.2
- semgrep from 1.41.0 to 1.46.0
- sfdx-scanner-apex from 3.16.0 to 3.17.0
- sfdx-scanner-aura from 3.16.0 to 3.17.0
- sfdx-scanner-lwc from 3.16.0 to 3.17.0
- snakefmt from 0.8.4 to 0.8.5
- sqlfluff from 2.3.2 to 2.3.5
- stylelint from 15.10.3 to 15.11.0
- swiftlint from 0.52.4 to 0.53.0
- syft from 0.91.0 to 0.94.0
- terraform-fmt from 1.5.7 to 1.6.2
- terragrunt from 0.51.4 to 0.53.0
- trivy-sbom from 0.45.1 to 0.46.1
- trivy from 0.45.1 to 0.46.1
- trufflehog from 3.56.1 to 3.61.0
- v8r from 2.0.0 to 2.1.0
- vale from 2.29.0 to 2.29.5
New Contributors
- @adhil0 made their first contribution in #2993
- @sanmai-NL made their first contribution in #2654
MegaLinter is graciously provided by
Full Changelog: v7.4.0...v7.5.0
Contributors
rasa, andrewvaughan, and 4 other contributors
Assets 2
MegaLinter v7.4.0
What's Changed
-
Core
-
Media
-
Fixes
- Fix IGNORE_GITIGNORED_FILES not working anymore , by @iisisrael in #2967
- Fix v7 issue when using MEGALINTER_FILES_TO_LINT (thanks @pfiaux !) by @nvuillam in #2917
- Fix Ignore symlink files when VALIDATE_ALL_CODEBASE is false by @nvuillam in #2964
- Fix rstcheck options & install by @nvuillam in #2899
- Undowngrade Kubescape by @nvuillam in #2901
-
Doc
-
CI
- Reformatted config files to not fail common linters (closes #2890) by @andrewvaughan in #2891
- Workflow job name changed from
buildtomegalinterto prevent conflicts with other workflows - Add support for master branch in TEMPLATES/mega-linter.yml by @rasa in #2888
- Upgrade editorconfig-checker & setup-node by @nvuillam in #2898
-
Deprecations
- Deprecate SCSS LINT as not maintained anymore (https://github.com/sds/scss-lint#notice-consider-other-tools-before-adopting-scss-lint) by @nvuillam in #2902
-
Linter versions upgrades
- actionlint from 1.6.25 to 1.6.26
- ansible-lint from 6.17.2 to 6.20.0
- bicep_linter from 0.20.4 to 0.21.1
- black from 23.7.0 to 23.9.1
- cfn-lint from 0.79.6 to 0.80.2
- checkov from 2.3.360 to 2.4.10
- checkstyle from 10.12.2 to 10.12.3
- chktex from 1.7.6 to 1.7.8
- clippy from 0.1.71 to 0.1.72
- clj-kondo from 2023.07.13 to 2023.09.07
- cspell from 6.31.3 to 7.3.6
- devskim from 1.0.18 to 1.0.22
- djlint from 1.32.1 to 1.34.0
- dotnet-format from 6.0.413 to 6.0.414
- editorconfig-checker from 2.7.0 to 2.7.1
- eslint from 8.46.0 to 8.49.0
- git_diff from 2.38.5 to 2.40.1
- gitleaks from 8.17.0 to 8.18.0
- golangci-lint from 1.54.0 to 1.54.2
- helm from 3.10.2 to 3.11.3
- jscpd from 3.5.9 to 3.5.10
- kics from 1.7.5 to 1.7.8
- ktlint from 0.50.0 to 1.0.0
- kubescape from 2.3.6 to 2.9.0
- markdownlint from 0.35.0 to 0.36.0
- mypy from 1.4.1 to 1.5.1
- phpstan from 1.10.28 to 1.10.35
- powershell from 7.3.6 to 7.3.7
- powershell_formatter from 7.3.6 to 7.3.7
- prettier from 3.0.1 to 3.0.3
- protolint from 0.45.0 to 0.46.0
- psalm from Psalm.5.14.1@ to Psalm.5.15.0@
- puppet-lint from 4.0.1 to 4.2.0
- pyright from 1.1.321 to 1.1.327
- revive from 1.3.2 to 1.3.4
- rstcheck from 6.1.2 to 6.2.0
- rstfmt from 0.0.13 to 0.0.14
- rubocop from 1.56.0 to 1.56.3
- ruff from 0.0.284 to 0.0.290
- scalafix from 0.11.0 to 0.11.1
- semgrep from 1.34.1 to 1.41.0
- sfdx-scanner-apex from 3.15.0 to 3.16.0
- sfdx-scanner-aura from 3.15.0 to 3.16.0
- sfdx-scanner-lwc from 3.15.0 to 3.16.0
- snakemake from 7.32.3 to 7.32.4
- spectral from 6.10.1 to 6.11.0
- sqlfluff from 2.2.1 to 2.3.2
- stylelint from 15.10.2 to 15.10.3
- syft from 0.86.1 to 0.91.0
- terraform-fmt from 1.5.4 to 1.5.7
- terragrunt from 0.48.6 to 0.51.3
- terrascan from 1.18.2 to 1.18.3
- tflint from 0.47.0 to 0.48.0
- trivy-sbom from 0.44.0 to 0.45.1
- trivy from 0.44.0 to 0.45.1
- trufflehog from 3.47.0 to 3.56.1
- vale from 2.28.1 to 2.29.0
- xmllint from 21004 to 21104
New Contributors
MegaLinter is graciously provided by
Full Changelog: v7.3.0...v7.4.0
Contributors
rasa, iisisrael, and 5 other contributors
Assets 2
MegaLinter v7.3.0
What's Changed
-
Features
-
Media
- Article: Azure Devops & MegaLinter Auto PR, by @EtienneDeneuve
-
Fixes
- Replace
https://megalinter.io/config-filebyhttps://megalinter.io/latest/config-fileto avoid lychee 404 detection, by @nvuillam in #2871 - Improve docs for posting comments to PRs in GitHub Enterprise
- Configured Grype to automatically ignore CVE-2018-20225 which is disputed, by @andrewvaughan in #2864
- docs: improve wording for GHE API endpoint, by @mihaigalos in #2876
- Update Azure Installation doc to handle auto-commit, by @EtienneDeneuve in #2848
- Replace
-
Linter versions upgrades
- bicep_linter from 0.19.5 to 0.20.4
- cfn-lint from 0.79.2 to 0.79.6
- checkov from 2.3.343 to 2.3.360
- checkstyle from 10.12.1 to 10.12.2
- cspell from 6.31.2 to 6.31.3
- devskim from 1.0.1 to 1.0.18
- dotnet-format from 6.0.412 to 6.0.413
- eslint from 8.45.0 to 8.46.0
- flake8 from 6.0.0 to 6.1.0
- golangci-lint from 1.53.3 to 1.54.0
- kics from 1.7.4 to 1.7.5
- phpstan from 1.10.26 to 1.10.28
- prettier from 3.0.0 to 3.0.1
- psalm from Psalm.5.13.1@ to Psalm.5.14.1@
- puppet-lint from 4.0.0 to 4.0.1
- pyright from 1.1.318 to 1.1.321
- rubocop from 1.55.0 to 1.56.0
- ruff from 0.0.280 to 0.0.284
- secretlint from 7.0.3 to 7.0.7
- semgrep from 1.33.2 to 1.34.1
- sfdx-scanner-apex from 3.14.0 to 3.15.0
- sfdx-scanner-aura from 3.14.0 to 3.15.0
- sfdx-scanner-lwc from 3.14.0 to 3.15.0
- snakemake from 7.31.0 to 7.32.3
- spectral from 6.10.0 to 6.10.1
- sqlfluff from 2.1.4 to 2.2.1
- syft from 0.85.0 to 0.86.1
- terraform-fmt from 1.5.3 to 1.5.4
- terragrunt from 0.48.4 to 0.48.6
- terrascan from 1.18.1 to 1.18.2
- trivy-sbom from 0.43.1 to 0.44.0
- trivy from 0.43.1 to 0.44.0
- trufflehog from 3.45.1 to 3.47.0
New Contributors
- @andrewvaughan made their first contribution in #2864
- @mihaigalos made their first contribution in #2876
MegaLinter is graciously provided by
Full Changelog: v7.2.1...v7.3.0
Contributors
EtienneDeneuve, andrewvaughan, and 2 other contributors
Assets 2
MegaLinter v7.2.1
What's Changed
-
Fixes
- Fix TAP reporter (3 real dots instead if 3 dots character), by @nvuillam & @maxilampert in #2837
- Call trufflehog with
--only-verifiedto avoid false positives in .git/config, by @nvuillam , @quotidian-ennui , @iggy & @dochang in #2838- If you added
REPOSITORY_TRUFFLEHOG_ARGUMENTS: "--only-verified"as workaround, just remove it to upgrade to 7.2.1
- If you added
-
Linter versions upgrades
MegaLinter is graciously provided by
Discover CodeTotal , a new way to use MegaLinter, at BlackHat USA on August 10 !
Full Changelog: v7.2.0...v7.2.1
Contributors
iggy, dochang, and 3 other contributors
Assets 2
MegaLinter v7.2.0
Discover CodeTotal , a new way to use MegaLinter, at BlackHat USA on August 10 !
What's Changed
-
New linters
- Add Lychee - links and email addresses checker, by @DariuszPorowski in #2673
- Add grype security linter
- Add trufflehog security linter
-
New flavor dotnetweb: dotnet flavor linters + Javascript & Typescript linters
-
Media
-
Core
- MegaLinter Server for CodeTotal
- Improvements to Gitpod workspace and addition of Makefile for automation, by @ThomasSanson in #2737
-
Fixes
- Handle reporter crashes without making all ML crash
- Devskim: Remove default --ignore-globs argument
- mypy: Use /tmp as cache folder by default with ENV MYPY_CACHE_DIR=/tmp in Dockerfile
- Fix
hadolintto use its default configuration file properly, by @KihyeokK in #2763 - Remove linters not in flavor before calling reporters
- Undowngrade devskim, by @nvuillam in #2748
- Add ts-standard linter for ts standard, by @janderssonse in #2746
- Remove additional
--updatefor apk in Dockerfile by @PeterDaveHello in #2619 - Fix V8R config arg usage (#2756), by @bdovaz in #2819
-
Reporters
- New Redis reporter (beta)
-
CI
- Clean docker build cache to avoid no space left on device during Build Dev job
-
Linter versions upgrades
- actionlint from 1.6.24 to 1.6.25
- ansible-lint from 6.16.2 to 6.17.2
- bicep_linter from 0.17.1 to 0.19.5
- black from 23.3.0 to 23.7.0
- cfn-lint from 0.77.10 to 0.78.2
- checkov from 2.3.285 to 2.3.340
- checkstyle from 10.12.0 to 10.12.1
- clippy from 0.1.70 to 0.1.71
- clj-kondo from 2023.05.26 to 2023.07.13
- csharpier from 0.24.2 to 0.25.0
- cspell from 6.31.1 to 6.31.2
- devskim from 0.7.104 to 1.0.11
- djlint from 1.30.2 to 1.32.1
- dotnet-format from 6.0.408 to 6.0.412
- eslint-plugin-jsonc from 2.8.0 to 2.9.0
- eslint from 8.42.0 to 8.45.0
- gitleaks from 8.16.4 to 8.17.0
- golangci-lint from 1.53.2 to 1.53.3
- grype from 0.63.1 to 0.63.1
- kics from 1.7.1 to 1.7.4
- ktlint from 0.49.1 to 0.50.0
- kubeconform from 0.6.2 to 2.3.6
- markdownlint from 0.34.0 to 0.35.0
- mypy from 1.3.0 to 1.4.1
- npm-package-json-lint from 6.4.0 to 7.0.0
- phpstan from 1.10.18 to 1.10.26
- powershell from 7.3.4 to 7.3.6
- powershell_formatter from 7.3.4 to 7.3.6
- prettier from 2.8.8 to 3.0.0
- protolint from 0.44.0 to 0.45.0
- psalm from Psalm.5.12.0@ to Psalm.5.13.1@
- pyright from 1.1.313 to 1.1.318
- rubocop from 1.52.0 to 1.54.2
- ruff from 0.0.272 to 0.0.280
- secretlint from 6.2.3 to 7.0.3
- semgrep from 1.26.0 to 1.33.2
- sfdx-scanner-apex from 3.13.0 to 3.14.0
- sfdx-scanner-aura from 3.13.0 to 3.14.0
- sfdx-scanner-lwc from 3.13.0 to 3.14.0
- shfmt from 3.6.0 to 3.7.0
- snakemake from 7.26.0 to 7.30.2
- sqlfluff from 2.1.1 to 2.1.3
- stylelint from 15.10.0 to 15.10.0
- swiftlint from 0.52.2 to 0.52.4
- syft from 0.83.0 to 0.85.0
- terraform-fmt from 1.4.6 to 1.5.3
- terragrunt from 0.46.3 to 0.48.4
- tflint from 0.46.1 to 0.47.0
- trivy from 0.42.1 to 0.43.1
- vale from 2.27.0 to 2.28.1
New Contributors
- @KihyeokK made their first contribution in #2763
- @PeterDaveHello made their first contribution in #2619
MegaLinter is graciously provided by
Full Changelog: v7.1.0...v7.2.0
Contributors
bdovaz, DariuszPorowski, and 5 other contributors
Assets 2
MegaLinter v7.1.0
What's Changed
-
Core
-
Linter enhancements & fixes
- cljstyle: Remove default value for configuration file name, by @nvuillam in #2717
- golangci-lint : Add autofix capability using --fix argument, by @seaneagan in #2700
-
Linter versions upgrades
- cfn-lint from 0.77.5 to 0.77.7
- checkov from 2.3.267 to 2.3.285
- clippy from 0.1.69 to 0.1.70
- clj-kondo from 2023.05.18 to 2023.05.26
- djlint from 1.30.0 to 1.30.2
- eslint from 8.41.0 to 8.42.0
- gitleaks from 8.16.3 to 8.16.4
- golangci-lint from 1.52.2 to 1.53.2
- kubeconform from 0.6.1 to 0.6.2
- kubescape from 2.3.4 to 2.3.5
- luacheck from 1.1.0 to 1.1.1
- markdownlint from 0.33.0 to 0.34.0
- phpstan from 1.10.15 to 1.10.18
- pyright from 1.1.311 to 1.1.313
- rubocop from 1.51.0 to 1.52.0
- ruff from 0.0.270 to 0.0.272
- scalafix from 0.10.4 to 0.11.0
- semgrep from 1.24.0 to 1.26.0
- sfdx-scanner-apex from 3.12.0 to 3.13.0
- sfdx-scanner-aura from 3.12.0 to 3.13.0
- sfdx-scanner-lwc from 3.12.0 to 3.13.0
- stylelint from 15.6.2 to 15.7.0
- syft from 0.82.0 to 0.83.0
- terragrunt from 0.45.17 to 0.46.3
- trivy from 0.41.0 to 0.42.1
New Contributors
- @seaneagan made their first contribution in #2700
MegaLinter is graciously provided by
Full Changelog: v7.0.4...v7.1.0
Contributors
seaneagan and nvuillam