build(deps): bump megalinter/megalinter from 7.8.0 to 7.10.0 by dependabot[bot] · Pull Request #24 · Create-action/act

dependabot · 2024-03-11T11:08:07Z

Bumps megalinter/megalinter from 7.8.0 to 7.10.0.

Release notes

Sourced from megalinter/megalinter's releases.

v7.10.0

What's Changed

Core

Update dotnet linters to .NET 8, by @bdovaz in oxsecurity/megalinter#3182

Media

How to use MegaLinter with Jenkins, by Darin Pope / Cloudbees

Fixes

Trivy: use misconfig instead of the deprecated config scanner, updating the default arguments, by @pjungermann in oxsecurity/megalinter#3376

Update calls to sfdx-scanner to output a CSV file for Aura & LWC, by @nvuillam in oxsecurity/megalinter#3398

Kics: fixed error count in the summary table, by @TommyE123 in oxsecurity/megalinter#3402

Fix issue with EXTENDS using private repository by sending GITHUB_TOKEN as HTTP auth header, by @nvuillam in oxsecurity/megalinter#3404

Fix SPELL_VALE_CONFIG_FILE not working (handle the override of linter CONFIG_FILE if the linter is activated only if some files are found), by @nvuillam in oxsecurity/megalinter#3409

CI

Enable dependabot updates for devcontainer and other Docker directories, by @echoix in oxsecurity/megalinter#3390

Doc

Removed obsolete warning for semgrep as the issue has been fixed, by @Jayllyz in oxsecurity/megalinter#3374

docs: fix docs in TrivySbomLinter.py, by @pjungermann in oxsecurity/megalinter#3377

Linter versions upgrades

actionlint from 1.6.26 to 1.6.27

bandit from 1.7.7 to 1.7.8

bicep_linter from 0.25.3 to 0.25.53

black from 24.1.1 to 24.2.0

cfn-lint from 0.85.1 to 0.86.0

checkov from 3.2.20 to 3.2.21

checkstyle from 10.13.0 to 10.14.0

clj-kondo from 2023.12.15 to 2024.03.05

csharpier from 0.27.2 to 0.27.3

cspell from 8.3.2 to 8.6.0

devskim from 1.0.28 to 1.0.32

dotnet-format from 7.0.115 to 8.0.102

eslint from 8.56.0 to 8.57.0

golangci-lint from 1.56.1 to 1.56.2

grype from 0.74.5 to 0.74.7

helm from 3.13.2 to 3.14.2

kics from 1.7.12 to 1.7.13

ktlint from 1.1.1 to 1.2.1

lightning-flow-scanner from 2.16.0 to 2.18.0

mypy from 1.8.0 to 1.9.0

npm-groovy-lint from 14.2.1 to 14.2.3

phpcs from 3.8.1 to 3.9.0

phpstan from 1.10.57 to 1.10.60

powershell from 7.4.0 to 7.4.1

powershell_formatter from 7.4.0 to 7.4.1

protolint from 0.47.5 to 0.48.0

... (truncated)

Changelog

Sourced from megalinter/megalinter's changelog.

[v7.10.0] - 2024-03-10

Core

Media

How to use MegaLinter with Jenkins, by Darin Pope / Cloudbees

Fixes

Trivy: use misconfig instead of the deprecated config scanner, updating the default arguments

Update calls to sfdx-scanner to output a CSV file for Aura & LWC

Kics: fixed error count in the summary table

Fix issue with EXTENDS using private repository by sending GITHUB_TOKEN as HTTP auth header

Fix SPELL_VALE_CONFIG_FILE not working (handle the override of linter CONFIG_FILE if the linter is activated only if some files are found)

Doc

Removed obsolete warning for semgrep as the issue has been fixed

Linter versions upgrades

actionlint from 1.6.26 to 1.6.27

bandit from 1.7.7 to 1.7.8

bicep_linter from 0.25.3 to 0.25.53

black from 24.1.1 to 24.2.0

cfn-lint from 0.85.1 to 0.86.0

checkov from 3.2.20 to 3.2.21

checkstyle from 10.13.0 to 10.14.0

clj-kondo from 2023.12.15 to 2024.03.05

csharpier from 0.27.2 to 0.27.3

cspell from 8.3.2 to 8.6.0

devskim from 1.0.28 to 1.0.32

dotnet-format from 7.0.115 to 8.0.102

eslint from 8.56.0 to 8.57.0

golangci-lint from 1.56.1 to 1.56.2

grype from 0.74.5 to 0.74.7

helm from 3.13.2 to 3.14.2

kics from 1.7.12 to 1.7.13

ktlint from 1.1.1 to 1.2.1

lightning-flow-scanner from 2.16.0 to 2.18.0

mypy from 1.8.0 to 1.9.0

npm-groovy-lint from 14.2.1 to 14.2.3

phpcs from 3.8.1 to 3.9.0

phpstan from 1.10.57 to 1.10.60

powershell from 7.4.0 to 7.4.1

powershell_formatter from 7.4.0 to 7.4.1

protolint from 0.47.5 to 0.48.0

psalm from Psalm.5.21.1@ to Psalm.5.23.0@

pylint from 3.0.3 to 3.1.0

pyright from 1.1.350 to 1.1.353

rubocop from 1.60.2 to 1.62.0

ruff from 0.2.1 to 0.3.2

scalafix from 0.11.1 to 0.12.0

... (truncated)

Commits

a7a0163 Release MegaLinter v7.10.0
57f3000 Media: How to use MegaLinter with Jenkins (#3414)
147f452 [automation] Auto-update linters version, help and documentation (#3413)
4416336 [automation] Auto-update linters version, help and documentation (#3411)
3efbff3 Fix issue with EXTENDS using private repository by sending GITHUB_TOKEN as HT...
dafb4df [automation] Auto-update linters version, help and documentation (#3410)
df36617 Fix SPELL_VALE_CONFIG_FILE not working (#3409)
2d0e209 [automation] Auto-update linters version, help and documentation (#3406)
fed8f3e Added Kics Error count properties TEST_KEYWORDS=repository_kics_test (#3402)
31c5e1d [automation] Auto-update linters version, help and documentation (#3401)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [megalinter/megalinter](https://github.com/megalinter/megalinter) from 7.8.0 to 7.10.0. - [Release notes](https://github.com/megalinter/megalinter/releases) - [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md) - [Commits](oxsecurity/megalinter@v7.8.0...v7.10.0) --- updated-dependencies: - dependency-name: megalinter/megalinter dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 11, 2024

dependabot bot mentioned this pull request Mar 11, 2024

build(deps): bump megalinter/megalinter from 7.8.0 to 7.9.0 #20

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump megalinter/megalinter from 7.8.0 to 7.10.0#24

build(deps): bump megalinter/megalinter from 7.8.0 to 7.10.0#24
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/github_actions/megalinter/megalinter-7.10.0

dependabot bot commented on behalf of github Mar 11, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Mar 11, 2024

v7.10.0

What's Changed

[v7.10.0] - 2024-03-10

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants