chore(deps): update oxsecurity/megalinter-javascript docker tag to v8

[renovate]

This PR contains the following updates:

Package	Update	Change
oxsecurity/megalinter-javascript (source)	major	v7.3.0 -> v8.3.0

---

Release Notes

oxsecurity/megalinter (oxsecurity/megalinter-javascript)

v8.3.0

Compare Source

• Core

  • Display command log (truncated to 250 chars) even when LOG_LEVEL is not DEBUG
  • Allow to replace an ENV var value with the value of another ENV var before calling a PRE_COMMAND (helps for tflint run from GitHub Enterprise)
  • Fix handling of git submodule paths

• Fixes

  • trivy: retry in case of BLOB_UNKNOWN while downloading vulnerability list

• Reporters

  • Fix UpdatedSourcesReporter when APPLY_FIXES is list (array)
  • Fix AzureCommentReporter when the repo is not found: fallback using BUILD_REPOSITORY_ID. (+ disable space replacement in repo name with AZURE_COMMENT_REPORTER_REPLACE_WITH_SPACES: false)

• CI

  • Fix Docker mirroring job for release context
  • Remove max parallel jobs for release linters workflow

• Linter versions upgrades (13)

  • cfn-lint from 1.19.0 to 1.20.0
  • checkov from 3.2.298 to 3.2.311
  • csharpier from 0.29.2 to 0.30.2
  • markdownlint from 0.42.0 to 0.43.0
  • phpstan from 2.0.1 to 2.0.2
  • ruff from 0.7.4 to 0.8.0
  • spectral from 6.14.1 to 6.14.2
  • stylua from 0.20.0 to 2.0.0
  • syft from 1.16.0 to 1.17.0
  • trivy-sbom from 0.57.0 to 0.57.1
  • trivy from 0.57.0 to 0.57.1
  • trufflehog from 3.83.7 to 3.84.1
  • vale from 3.9.0 to 3.9.1

v8.2.0

Compare Source

• Media

  • 10 MegaLinter Tips and Tricks Unlock its Full Potential by Wes Dean
  • MegaLinter Performance Tuning for Maximum Efficiency by Wes Dean

• Linters enhancements

  • detekt Enable SARIF output + count errors
  • lintr: Support files in subdirectories, fix unit tests
  • phpcs: Activate APPLY_FIXES
  • Salesforce linters: Add SF_CLI_DISABLE_AUTOUPDATE for SF CLI JIT plugins
  • trivy: handle retry if failed to download Java DB is detected
  • tsqllint Re-enabled after .net 8 and security updates

• Fixes

  • Add message in PR comment if FAIL_IF_UPDATED_SOURCES is triggered
  • Fix linting errors in GitHub Actions template

• Reporters

  • UpdatedSourcesReporter will git commit & push fixed files to source branch if APPLY_FIXES is set
  • Fix AzureCommentReporter not adding comments to PR
  • Fix AzureCommentReporter fails when target repo contains spaces

• Doc

  • Updated documentation with Azure central pipeline use case
  • Update DevSkim documentation to show a valid exclusion config file
  • Note about risky rules and how to fix rule violations with PHP-CS-Fixer

• CI

  • Also prune volumes before pulling and pushing to docker hub
  • Externalize mirroring from ghcr.io to docker hub in another workflow to avoid memory issues
  • Squash docker images to have less layers and size
  • Comment jobs related to GitHub Worker images, as CodeTotal is not actively maintained
  • Make gitpod workflow not blocking until uv install is fixed
  • Update stale comment
  • Try several times to embed trivy db during Docker build, as a workaround to the random failures
  • Wait 10 secondes instead of 1 before retrying a failing test method, to avoid race conditions

• Linter versions upgrades (104)

  • actionlint from 1.7.3 to 1.7.4
  • ansible-lint from 24.9.2 to 24.10.0
  • bicep_linter from 0.30.23 to 0.31.92
  • cfn-lint from 1.16.1 to 1.19.0
  • checkov from 3.2.257 to 3.2.298
  • checkstyle from 10.18.2 to 10.20.1
  • clippy from 0.1.81 to 0.1.82
  • clj-kondo from 2024.09.27 to 2024.11.14
  • cspell from 8.15.1 to 8.16.0
  • devskim from 1.0.33 to 1.0.44
  • djlint from 1.35.2 to 1.36.1
  • dotnet-format from 8.0.110 to 8.0.111
  • gitleaks from 8.20.1 to 8.21.2
  • golangci-lint from 1.61.0 to 1.62.0
  • ktlint from 1.3.1 to 1.4.1
  • lightning-flow-scanner from 2.34.0 to 2.36.0
  • lychee from 0.16.1 to 0.17.0
  • mypy from 1.11.2 to 1.13.0
  • perlcritic from 1.152 to 1.156
  • phpcs from 3.10.3 to 3.11.1
  • phplint from 9.5.3 to 9.5.4
  • phpstan from 1.12.6 to 2.0.1
  • pmd from 7.6.0 to 7.7.0
  • pyright from 1.1.384 to 1.1.389
  • revive from 1.4.0 to 1.5.1
  • roslynator from 0.9.1.0 to 0.9.3.0
  • rubocop from 1.66.1 to 1.68.0
  • ruff from 0.6.9 to 0.7.4
  • secretlint from 8.4.0 to 9.0.0
  • sfdx-scanner-apex from 4.6.0 to 4.7.0
  • sfdx-scanner-aura from 4.6.0 to 4.7.0
  • sfdx-scanner-lwc from 4.6.0 to 4.7.0
  • shfmt from 3.9.0 to 3.10.0
  • snakemake from 8.21.0 to 8.25.3
  • spectral from 6.13.1 to 6.14.1
  • sqlfluff from 3.2.3 to 3.2.5
  • syft from 1.14.0 to 1.16.0
  • terraform-fmt from 1.9.5 to 1.9.8
  • terragrunt from 0.67.5 to 0.68.14
  • tflint from 0.53.0 to 0.54.0
  • trivy-sbom from 0.56.2 to 0.57.0
  • trivy from 0.56.2 to 0.57.0
  • trufflehog from 3.82.11 to 3.83.7
  • tsqllint from 1.15.3.0 to 1.16.0.0
  • v8r from 4.1.0 to 4.2.0
  • vale from 3.7.1 to 3.9.0

v8.1.0

Compare Source

• Core

  • Allow to tag PRE_COMMANDS to run them before loading plugins, by @​nvuillam in #​3944
  • Replace usage of setup.py with a pyproject.toml package install, by @​echoix in #​3893
  • Allow to add custom messages at the end of PR / MR MegaLinter Summary using variable JOB_SUMMARY_ADDITIONAL_MARKDOWN

• New linters

  • New LUA linter: selene, by @​AlejandroSuero in #​3978
  • New LUA formatter: stylua, by @​AlejandroSuero in #​3985

• Linters enhancements

  • Trivy
    • Embed vulnerability database in Docker Image for running trivy on internet-free network
    • Retry 5 times after 3 seconds in case of TooManyRequests when downloading vulnerability database
    • If the retries did not succeed, call trivy with --skip-db-update --skip-check-update (not ideal but better than nothing)
  • Bash/Perl: Support shell scripts with no extension and only support perl shebangs at the beginning of a file in #​4076

• Fixes

  • APPLY_FIXES and for PHP_PHPCSFIXER linter, by @​llaville in #​3963
  • Add debug traces to investigate reporters activation
  • Add more traces for ApiReporter
  • Activate ApiReporter by default

• Reporters

  • Fix ApiReporter not called in MegaLinter flavors

• Doc

  • Fix Grafana Home Dashboard to add missing criteria
  • Update PRE_COMMANDS documentation to describe all properties
  • Update Grafana documentation to fix secrets typo

• CI

  • Free space in release job to avoid no space left on device, by @​nvuillam in #​3914
  • Add pytest-rerunfailures to improve CI control jobs success, by @​AlejandroSuero in #​3993
  • Send GITHUB_TOKEN to trivy-action
  • Workaround to avoid to reach Docker Hub rate limits: Build & push first on ghcr.io, then login to docker hub, then push to docker hub

• Linter versions upgrades

  • actionlint from 1.7.1 to 1.7.3
  • ansible-lint from 24.7.0 to 24.9.2
  • bandit from 1.7.9 to 1.7.10
  • bicep_linter from 0.29.47 to 0.30.23
  • black from 24.8.0 to 24.10.0
  • cfn-lint from 1.10.3 to 1.16.1
  • checkov from 3.2.232 to 3.2.257
  • checkstyle from 10.17.0 to 10.18.2
  • clippy from 0.1.80 to 0.1.81
  • clj-kondo from 2024.08.01 to 2024.09.27
  • cpplint from 1.6.1 to 2.0.0
  • csharpier from 0.29.0 to 0.29.2
  • cspell from 8.14.1 to 8.15.1
  • detekt from 1.23.6 to 1.23.7
  • djlint from 1.34.1 to 1.35.2
  • dotnet-format from 8.0.108 to 8.0.110
  • eslint from 8.57.0 to 8.57.1
  • gitleaks from 8.18.4 to 8.20.1
  • golangci-lint from 1.60.1 to 1.61.0
  • kics from 2.1.2 to 2.1.3
  • lightning-flow-scanner from 2.33.0 to 2.34.0
  • lychee from 0.15.1 to 0.16.1
  • markdownlint from 0.41.0 to 0.42.0
  • mypy from 1.11.1 to 1.11.2
  • npm-groovy-lint from 14.6.0 to 15.0.2
  • php-cs-fixer from 3.62.0 to 3.64.0
  • phpcs from 3.10.2 to 3.10.3
  • phplint from 9.4.1 to 9.5.3
  • phpstan from 1.11.11 to 1.12.6
  • pmd from 7.4.0 to 7.6.0
  • psalm from Psalm.5.25.0@​ to Psalm.5.26.1@​
  • pylint from 3.2.6 to 3.3.1
  • pyright from 1.1.376 to 1.1.384
  • revive from 1.3.9 to 1.4.0
  • roslynator from 0.8.9.0 to 0.9.1.0
  • rubocop from 1.65.1 to 1.66.1
  • ruff from 0.6.1 to 0.6.9
  • scalafix from 0.12.1 to 0.13.0
  • secretlint from 8.2.4 to 8.4.0
  • sfdx-scanner-apex from 4.4.0 to 4.6.0
  • sfdx-scanner-aura from 4.4.0 to 4.6.0
  • sfdx-scanner-lwc from 4.4.0 to 4.6.0
  • shfmt from 3.8.0 to 3.9.0
  • snakemake from 8.18.1 to 8.21.0
  • spectral from 6.11.1 to 6.13.1
  • sqlfluff from 3.1.0 to 3.2.3
  • standard from 17.1.0 to 17.1.2
  • stylelint from 16.8.2 to 16.10.0
  • swiftlint from 0.56.1 to 0.57.0
  • syft from 1.11.0 to 1.14.0
  • terraform-fmt from 1.9.4 to 1.9.5
  • terragrunt from 0.66.8 to 0.67.5
  • terrascan from 1.18.11 to 1.19.9
  • trivy-sbom from 0.54.1 to 0.56.2
  • trivy from 0.54.1 to 0.56.2
  • trufflehog from 3.81.10 to 3.82.8
  • v8r from 4.0.1 to 4.1.0
  • vale from 3.7.0 to 3.7.1

v8.0.0

Compare Source

• Reporters
  • New ApiReporter (can be used to build Grafana dashboards), by @​nvuillam in #​3540

• Removed deprecated linters, by @​nvuillam in #​3854

  • CSS_SCSSLINT: Project discontinued and advising to use stylelint
  • OPENAPI_SPECTRAL: Replaced by API_SPECTRAL (same linter but more formats handled)
  • SQL_SQL_LINT: Project no longer maintained

• Core

  • Hide to linters by default all environment variables that contain TOKEN, USERNAME or PASSWORD, by @​nvuillam in #​3881
  • Allow to override CLI_LINT_MODE when defined as project, by @​nvuillam in #​3772
  • Allow to use absolute paths for LINTER_RULES_PATH, by @​nvuillam in #​3775
  • Allow to update variables from PRE/POST Commands using output_variables property, by @​nvuillam in #​3861

• Media

  • MegaLinter: un linter pour les gouverner tous (FR), by Guillaume Arnaud from WeScale
  • MegaLinter, by Stéphane Robert, from 3DS OutScale
  • 30 Seconds to Setup MegaLinter: Your Go-To Tool for Automated Code Quality, by Peng Cao |

• Linters enhancements

  • bandit Call bandit with quiet mode to generate less logs, by @​nvuillam in #​3892
  • grype Count number of errors returned by Grype, by @​nvuillam in #​3906
  • yamllint Fix yamllint default format to avoid special characters or GitHub sections in text logs, by @​nvuillam in #​3898

• Fixes

  • terrascan fixed errors and removed redundant code, by @​TommyE123 in #​3767
  • dotnet-format various performance improvements and ability to specify sln or proj paths, by @​TommyE123 in #​3741
  • swiftlint Remove deprecated argument --path
  • Salesforce linters: Disable SF CLI auto update warning, by @​nvuillam in #​3883

• Doc

  • Add images and links to Git, CI/CD & other tools integrations at the beginning of the README, by @​nvuillam in #​3885
  • Create README animated GIF presentation of MegaLinter, by @​nvuillam in #​3910
  • Format mkdocs search index in place, by @​echoix in #​3890
  • Use consistent spelling of 'flavor', by @​InputUsername in #​3789

• CI

  • Fix docker warnings, by @​nvuillam in #​3853
    • FromAsCasing: 'as' and 'FROM' keywords' casing do not match
    • NoEmptyContinuation: Empty continuation line
    • SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data
  • Port Beta workflows to use docker/metadata-action, by @​echoix in #​3860
  • AutoUpdate linters: Always create a PR if the job has been started manually, by @​nvuillam in #​3863
  • Add skip_checkout: true to default MegaLinter GitHub Action template
  • Remove path filters in deploy-DEV workflow as it is a required check by @​echoix in #​3894

• mega-linter-runner

  • Add new rules to upgrade to MegaLinter v8, by @​nvuillam in #​3896
  • Replace glob-promise by glob library, by @​nvuillam in #​3902
    • Minimum NodeJs version is now 20.x

• Linter versions upgrades

  • ansible-lint from 24.6.1 to 24.7.0
  • bicep_linter from 0.28.1 to 0.29.47
  • black from 24.4.2 to 24.8.0
  • cfn-lint from 1.5.0 to 1.10.3
  • checkov from 3.2.174 to 3.2.232
  • clippy from 0.1.79 to 0.1.80
  • clj-kondo from 2024.05.24 to 2024.08.01
  • csharpier from 0.28.2 to 0.29.0
  • cspell from 8.10.4 to 8.14.1
  • dotnet-format from 8.0.106 to 8.0.108
  • flake8 from 7.1.0 to 7.1.1
  • golangci-lint from 1.59.1 to 1.60.1
  • grype from 0.79.2 to 0.79.5
  • jsonlint from 14.0.3 to 16.0.0
  • kics from 2.1.1 to 2.1.2
  • kubeconform from 0.6.6 to 0.6.7
  • lightning-flow-scanner from 2.28.0 to 2.33.0
  • mypy from 1.10.1 to 1.11.1
  • php-cs-fixer from 3.59.3 to 3.62.0
  • phpcs from 3.10.1 to 3.10.2
  • phpstan from 1.11.9 to 1.11.11
  • pmd from 7.3.0 to 7.4.0
  • prettier from 3.3.2 to 3.3.3
  • protolint from 0.50.2 to 0.50.5
  • pylint from 3.2.5 to 3.2.6
  • pyright from 1.1.370 to 1.1.376
  • revive from 1.3.7 to 1.3.9
  • rstcheck from 6.2.1 to 6.2.4
  • rubocop from 1.64.1 to 1.65.1
  • ruff from 0.5.1 to 0.6.1
  • sfdx-scanner-apex from 4.3.2 to 4.4.0
  • sfdx-scanner-aura from 4.3.2 to 4.4.0
  • sfdx-scanner-lwc from 4.3.2 to 4.4.0
  • snakemake from 8.15.2 to 8.18.1
  • stylelint from 16.6.1 to 16.8.2
  • swiftlint from 0.55.1 to 0.56.1
  • syft from 1.8.0 to 1.11.0
  • terraform-fmt from 1.9.0 to 1.9.4
  • terragrunt from 0.59.6 to 0.66.8
  • tflint from 0.52.0 to 0.53.0
  • trivy-sbom from 0.53.0 to 0.54.1
  • trivy from 0.53.0 to 0.54.1
  • trufflehog from 3.79.0 to 3.81.9
  • v8r from 3.1.0 to 4.0.1
  • vale from 3.6.0 to 3.7.0

v7.13.0

Compare Source

• New linters

  • Add ls-lint, file and folder linter, by @​scolladon in #​3681

• Core

  • Handle renovate version comments in build script, by @​echoix in #​3617 , #​3627 , #​3643 , #​3699 , #​3700
  • Update base image to python:3.12.4-alpine3.20
  • Use dotnet8-sdk available in the main repository, by @​TommyE123 in #​3696

• Media

  • Introducing MegaLinter: Streamlining Code Quality Checks Across Multiple Languages, by Cloud Tuned
  • Infrastructure as Code GitHub Codespace Template, by Luke Murray
  • Video: How to: Secrets scanning, by Hackitect's playground

• Linters enhancements

  • Add SARIF support (v2) for all PHP linters by @​llaville in #​3745 , #​3729
  • Add python package Pygments to rst-lint venv, by @​bobidle in #​3631
  • CSharpier added ability to override config filename and path, by @​TommyE123 in #​3664
  • xmllint added support for xsd files, by @​TommyE123 in #​3665

• Fixes

  • Improve support for single argument in get_list_args function, by @​TommyE123 in #​3589
  • ansible-lint Improved activation by checking for .ansible-lint config file, by @​TommyE123 in #​3697
  • DevSkim fixed fatal errors when scanning and ability to override config path, by @​TommyE123 in #​3673
  • GitLeaks add missing schema properties, by @​TommyE123 in #​3675
  • Powershell Error table truncation improvements, by @​TommyE123 in #​3620
  • Powershell added missing schema property POWERSHELL_POWERSHELL_FORMATTER_OUTPUT_ENCODING, by @​TommyE123 in #​3678
  • syft use scan instead of deprecated packages arg, by @​TommyE123 in #​3613
  • tflint added missing schema property TERRAFORM_TFLINT_SECURED_ENV, by @​TommyE123 in #​3679
  • tflint fixed deprecated argument and other improvements to default .tflint.hcl template, by @​TommyE123 in #​3688
  • xmllint added missing schema properties XML_XMLLINT_AUTOFORMAT and XML_XMLLINT_INDENT, by @​TommyE123 in #​3677
  • yamllint fix error/warning count to work with different log output formats, by @​TommyE123 in #​3612

• Doc

  • Update documentation icons by @​nvuillam in #​3625

• Flavors

  • Add gherkin-lint in c_cpp flavor, by @​nvuillam in #​3698

• CI

  • Bump actions/checkout from 3 to 4, by @​KristjanESPERANTO in #​2994
  • Reduce dependabot PR frequency to weekly by @​echoix in #​3642

• Linter versions upgrades

  • ansible-lint from 24.2.3 to 24.6.1
  • bandit from 1.7.8 to 1.7.9
  • bash-exec from 5.2.21 to 5.2.26
  • bicep_linter from 0.27.1 to 0.28.1
  • cfn-lint from 0.87.4 to 1.5.0
  • checkov from 3.2.122 to 3.2.174
  • clang-format from 17.0.5 to 17.0.6
  • clippy from 0.1.78 to 0.1.79
  • cspell from 8.8.3 to 8.10.4
  • editorconfig-checker from 3.0.1 to 3.0.3
  • flake8 from 7.0.0 to 7.1.0
  • git_diff from 2.43.4 to 2.45.2
  • gitleaks from 8.18.2 to 8.18.4
  • golangci-lint from 1.59.0 to 1.59.1
  • grype from 0.78.0 to 0.79.2
  • helm from 3.14.2 to 3.14.3
  • jscpd from 4.0.4 to 4.0.5
  • kics from 2.0.1 to 2.1.1
  • ktlint from 1.2.1 to 1.3.1
  • lightning-flow-scanner from 2.26.0 to 2.28.0
  • markdown-table-formatter from 1.6.0 to 1.6.1
  • mypy from 1.10.0 to 1.10.1
  • npm-package-json-lint from 7.1.0 to 8.0.0
  • php-cs-fixer from 3.58.1 to 3.59.3
  • phplint from 9.3.1 to 9.4.1
  • phpstan from 1.11.3 to 1.11.7
  • pmd from 7.1.0 to 7.3.0
  • prettier from 3.3.0 to 3.3.2
  • protolint from 0.49.7 to 0.50.2
  • psalm from Psalm.5.24.0@​ to Psalm.5.25.0@​
  • pylint from 3.2.2 to 3.2.5
  • pyright from 1.1.365 to 1.1.370
  • ruff from 0.4.10 to 0.5.1
  • sfdx-scanner-apex from 3.25.0 to 4.3.2
  • sfdx-scanner-aura from 3.25.0 to 4.3.2
  • sfdx-scanner-lwc from 3.25.0 to 4.3.2
  • snakemake from 8.12.0 to 8.15.2
  • sqlfluff from 3.0.7 to 3.1.0
  • swiftlint from 0.54.0 to 0.55.1
  • syft from 1.5.0 to 1.8.0
  • terraform-fmt from 1.8.4 to 1.9.0
  • terragrunt from 0.58.13 to 0.59.6
  • tflint from 0.51.1 to 0.52.0
  • trivy-sbom from 0.51.4 to 0.53.0
  • trivy from 0.51.4 to 0.53.0
  • trufflehog from 3.77.0 to 3.79.0
  • v8r from 3.0.0 to 3.1.0
  • vale from 3.4.2 to 3.6.0
  • xmllint from 21108 to 21207

v7.12.0

Compare Source

• Core

  • Add new logs (at debug level) on each linter activation/deactivation
  • Clean MegaLinter own CVE exceptions and order the remaining ones with links to related issues
  • Upgrade to Java 21 except for npm-groovy-lint that requires Java 17

• Media

  • Add blog post 5 ways MegaLinter upped our DevSecOps game to the list of English articles by @​wesley-dean-flexion in #​3596

• Linters

  • Add PHP fixer by @​llaville in #​3598
  • API_SPECTRAL was added as replacement for OPENAPI_SPECTRAL (deprecated), supporting AsyncAPI and OpenAPI by default. Uses Spectral's standard config file name .spectral.yaml instead of .openapirc.yml with a default config with rulesets for AsyncAPI and OpenAPI enabled. Fixes #​3387
  • Disable SQL_TSQLLINT until security issues are solved. Related to tsqllint/tsqllint#333
  • PHP linters (PHP_PHPCS, PHP_PHPLINT, PHP_PHPSTAN) add support to SARIF report output format with help of https://github.com/llaville/sarif-php-sdk
  • Php psalm improvement by @​llaville in #​3541
  • KOTLIN_KTLINT now supports list_of_files mode, and has better error counting
  • Upgrade KOTLIN_DETEKT and make it work with cli_lint_mode = project

• Reporters

• Fixes

  • Change golangci-lint lint mode to project, by @​wandering-tales in #​3509
  • Disable sql-lint as it is no longer maintained
  • Add new entries findUnusedCode and findUnusedBaselineEntry in default psalm.xml configuration file for PHP_PSALM linter. Related to #​3538
  • fix(pylint): overgeneral-exceptions fully qualified name by @​gardar in #​3576
  • Update ktlint descriptor to support list_of_files and better error counting by @​Yann-J in #​3575
  • Sync PowerShell version in arm.megalinter-descriptor.yml by @​echoix in #​3586
  • Adjust find commands to clean up files in same step by @​echoix in #​3588
  • Upgrade KOTLIN_DETEKT and make it work with cli_lint_mode = project by @​nvuillam in #​3590

• Doc

  • Handle disabled_reason property in descriptors
  • Sort enums in json schema, by @​echoix in #​3595

• Flavors

• CI

  • Build: take in account disabled linters for workflow auto-update
  • Remove useless package-lock.json that was in python tests folder
  • Fix SARIF_REPORTER that was wrongly sent to true to format & fix test methods
  • Build: Write ARG lines at the top of Dockerfiles if they are used by FROM variables
  • Remove Github Actions Workflow telemetry to improve performances
  • Update Docker image for Gitpod to run on Ubuntu Noble, by @​echoix
  • Update makefile bootstrap config (gitpod or local) to use uv for package installation, by @​echoix
  • Use uv to install Python deps for CI by @​echoix in #​3561
  • Use a single find command to delete pycache files by @​echoix in #​3562
  • Sort schema enums by @​echoix in #​3595

• Linter versions upgrades

  • actionlint from 1.6.27 to 1.7.1
  • ansible-lint from 24.2.2 to 24.2.3
  • bicep_linter from 0.26.170 to 0.27.1
  • black from 24.4.0 to 24.4.2
  • cfn-lint from 0.86.4 to 0.87.4
  • checkov from 3.2.74 to 3.2.122
  • checkstyle from 10.15.0 to 10.17.0
  • clippy from 0.1.77 to 0.1.78
  • clj-kondo from 2024.03.13 to 2024.05.24
  • csharpier from 0.28.1 to 0.28.2
  • cspell from 8.7.0 to 8.8.3
  • detekt from 1.23.5 to 1.23.6
  • dotnet-format from 8.0.104 to 8.0.106
  • editorconfig-checker from 2.7.2 to 3.0.1
  • git_diff from 2.43.0 to 2.43.4
  • golangci-lint from 1.57.2 to 1.59.0
  • grype from 0.77.0 to 0.78.0
  • jscpd from 3.5.10 to 4.0.4
  • kics from 2.0.0 to 2.0.1
  • kubeconform from 0.6.4 to 0.6.6
  • lightning-flow-scanner from 2.22.0 to 2.24.0
  • luacheck from 1.1.2 to 1.2.0
  • lychee from 0.14.3 to 0.15.1
  • markdown-link-check from 3.12.1 to 3.12.2
  • markdown-table-formatter from 1.5.0 to 1.6.0
  • markdownlint from 0.39.0 to 0.41.0
  • mypy from 1.9.0 to 1.10.0
  • npm-groovy-lint from 14.4.1 to 14.6.0
  • phpcs from 3.9.1 to 3.10.1
  • phplint from 9.1.2 to 9.3.1
  • phpstan from 1.10.67 to 1.11.0 to 1.11.3
  • pmd from 6.55.0 to 7.1.0
  • powershell from 7.4.1 to 7.4.2
  • powershell_formatter from 7.4.1 to 7.4.2
  • prettier from 3.2.5 to 3.3.0
  • proselint from 0.13.0 to 0.14.0
  • protolint from 0.49.6 to 0.49.7
  • psalm from Psalm.5.23.1@​ to Psalm.5.24.0@​
  • pylint from 3.1.0 to 3.2.2
  • pyright from 1.1.359 to 1.1.365
  • roslynator from 0.8.6.0 to 0.8.9.0
  • rubocop from 1.63.3 to 1.64.1
  • ruff from 0.4.1 to 0.4.7
  • scalafix from 0.12.0 to 0.12.1
  • secretlint from 8.2.3 to 8.2.4
  • sfdx-scanner-apex from 3.23.0 to 3.25.0
  • sfdx-scanner-aura from 3.23.0 to 3.25.0
  • sfdx-scanner-lwc from 3.23.0 to 3.25.0
  • snakefmt from 0.10.1 to 0.10.2
  • snakemake from 8.10.8 to 8.12.0
  • sqlfluff from 3.0.5 to 3.0.7
  • stylelint from 16.4.0 to 16.6.1
  • syft from 1.2.0 to 1.5.0
  • tekton-lint from 1.0.2 to 1.1.0
  • terraform-fmt from 1.8.1 to 1.8.4
  • terragrunt from 0.57.5 to 0.58.10
  • tflint from 0.50.3 to 0.51.1
  • trivy-sbom from 0.50.2 to 0.51.4
  • trivy from 0.50.2 to 0.51.4
  • trufflehog from 3.73.0 to 3.77.0
  • vale from 3.4.0 to 3.4.2
  • xmllint from 21107 to 21108

v7.11.1

Compare Source

• Fixes

  • Implement fallback in case git diff does not work with merge-base

• Linter versions upgrades

  • stylelint from 16.3.1 to 16.4.0

v7.11.0

Compare Source

• Core

  • Allow to override the number of parallel cores used, with variable PARALLEL_PROCESS_NUMBER, by @​nvuillam in #​3428
  • Upgrade base python image from 3.12.2-alpine3.19 to 3.12.3-alpine3.19
  • Upgrade PHP 8.1 to 8.3 by @​llaville in #​3464
  • Add descriptor pre / post commands, by @​bdovaz in #​3468
  • Allow merge lists with EXTENDS, by @​bdovaz in #​3469

• Media

• New linters

  • Add Kotlin detekt linter, by @​enciyo in #​3408

• Reporters

  • Add ruff sarif support, by @​Skitionek in #​3486

• Fixes

  • Fix listing of modified files, by @​vkucera in #​3472. Fixes #​2125.
  • Fix conflict between prettier and yamllint about spaces, by @​apeyrat in #​3426
  • Ensure trufflehog does not auto-update itself, by @​wandering-tales in #​3430
  • Salesforce linters: use sf + default Flow Scanner rules, by @​nvuillam in #​3435
  • Disable JSON_ESLINT_PLUGIN_JSONC until ota-meshi/eslint-plugin-jsonc#328 is fixed
  • Upgrade tar in mega-linter-runner
  • secretlint: remove default .secretlintignore that was never used but .gitignore is used instead. Fixes #​3328
  • Add jpeg, xlsx to .gitleaks.toml, by @​rasa in #​3434
  • Fix Json Schema, by @​nvuillam in #​3470
  • Remove TEMPLATES/.secretlintignore, by @​pjungermann in #​3476

• Doc

  • Update R2DevOps logo, by @​nvuillam in #​3436
  • Update Roslynator repo url and logo, by @​TommyE123 in #​3444
  • Fix clang-format documentation links to point to the correct version. Fixes #​3452, by @​daltonv in #​3453
  • Add copy to clipboard button in code block (documentation), by @​nikkii86 in #​3491

• Flavors

  • Add C & C++ linters in Python flavor by @​nvuillam in #​3456

• CI

  • Make SPELL_LYCHEE non blocking for internal CI jobs
  • Remove old unused automerge workflows by @​echoix in #​3432
  • Add consistent python3/python handling at build.sh, by @​pjungermann in #​3475

• Linter versions upgrades

  • ansible-lint from 24.2.0 to 24.2.2
  • bicep_linter from 0.25.53 to 0.26.170
  • black from 24.2.0 to 24.4.0
  • cfn-lint from 0.86.0 to 0.86.4
  • checkov from 3.2.34 to 3.2.74
  • checkstyle from 10.14.0 to 10.15.0
  • clippy from 0.1.76 to 0.1.77
  • clj-kondo from 2024.03.05 to 2024.03.13
  • csharpier from 0.27.3 to 0.28.1
  • cspell from 8.6.0 to 8.7.0
  • devskim from 1.0.32 to 1.0.33
  • dotnet-format from 8.0.102 to 8.0.104
  • eslint-plugin-jsonc from 2.13.0 to 2.15.1
  • golangci-lint from 1.56.2 to 1.57.2
  • grype from 0.74.7 to 0.77.0
  • kics from 1.7.13 to 2.0.0
  • lightning-flow-scanner from 2.18.0 to 2.22.0
  • markdown-link-check from 3.11.2 to 3.12.1
  • npm-groovy-lint from 14.2.3 to 14.4.1
  • phpcs from 3.9.0 to 3.9.1
  • phpstan from 1.10.60 to 1.10.67
  • protolint from 0.48.0 to 0.49.6
  • psalm from Psalm.5.23.0@​ to Psalm.5.23.1@​
  • pyright from 1.1.353 to 1.1.359
  • roslynator from 0.8.3.0 to 0.8.6.0
  • rstcheck from 6.2.0 to 6.2.1
  • rubocop from 1.62.0 to 1.63.3
  • ruff from 0.3.2 to 0.4.1
  • secretlint from 8.1.2 to 8.2.3
  • sfdx-scanner-apex from 3.21.0 to 3.23.0
  • sfdx-scanner-aura from 3.21.0 to 3.23.0
  • sfdx-scanner-lwc from 3.21.0 to 3.23.0
  • snakefmt from 0.10.0 to 0.10.1
  • snakemake from 8.5.5 to 8.10.8
  • spectral from 6.11.0 to 6.11.1
  • sqlfluff from 2.3.5 to 3.0.5
  • stylelint from 16.2.1 to 16.3.1
  • syft from 1.0.1 to 1.2.0
  • tekton-lint from 1.0.0 to 1.0.2
  • terraform-fmt from 1.7.4 to 1.8.1
  • terragrunt from 0.55.13 to 0.57.5
  • trivy-sbom from 0.49.1 to 0.50.2
  • trivy from 0.49.1 to 0.50.2
  • trufflehog from 3.69.0 to 3.73.0
  • vale from 3.2.2 to 3.4.0

v7.10.0

Compare Source

• Core
  • Update dotnet linters to .N

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[sourcery-ai]

Reviewer's Guide by Sourcery

This PR updates the oxsecurity/megalinter-javascript Docker image from v7.3.0 to v8.3.0. This is a major version upgrade that includes several new features, improvements, and linter version updates across multiple releases.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change	Details	Files
Major version upgrade of MegaLinter with breaking changes	Removed deprecated linters (CSS_SCSSLINT, OPENAPI_SPECTRAL, SQL_SQL_LINT) Environment variables containing TOKEN, USERNAME or PASSWORD are now hidden from linters by default Minimum NodeJS version requirement increased to 20.x Added new ApiReporter for building Grafana dashboards Added ability to override parallel process number with PARALLEL_PROCESS_NUMBER	docker-compose.yml
Multiple linter enhancements and fixes	Added support for SARIF output format for PHP linters Fixed conflict between prettier and yamllint about spaces Improved error counting for various linters Added ability to specify solution/project paths for dotnet-format Fixed listing of modified files	docker-compose.yml
Infrastructure and dependency updates	Upgraded base Python image to 3.12.4-alpine3.20 Upgraded PHP from 8.1 to 8.3 Upgraded to Java 21 (except for npm-groovy-lint requiring Java 17) Updated numerous linter versions to their latest releases	docker-compose.yml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time. You can also use
  this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[sourcery-ai]

We have skipped reviewing this pull request. It seems to have been created by a bot (hey, renovate[bot]!). We assume it knows what it's doing!