Skip to content

build(deps): bump megalinter/megalinter from 5 to 6.1.0#25

Closed
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/github_actions/megalinter/megalinter-6.1.0
Closed

build(deps): bump megalinter/megalinter from 5 to 6.1.0#25
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/github_actions/megalinter/megalinter-6.1.0

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Jul 25, 2022

Bumps megalinter/megalinter from 5 to 6.1.0.

Release notes

Sourced from megalinter/megalinter's releases.

MegaLinter v6.1.0

Run npx mega-linter-runner@latest --upgrade to upgrade to MegaLinter v6

  • Improve console logs by using collapsible sections in GitHub Actions and Gitlab CI (disable by defining CONSOLE_REPORTER_SECTIONS: false)

  • Define CLEAR_REPORT_FOLDER=true to empty report folder at the beginning of each run (#1502)

  • Improve SARIF output

    • Replace CI paths in logs
    • Add missing required properties so SARIF is valid
    • Add MegaLinter information in SARIF linter runs
    • Allow to select linters to activate SARIF for, using SARIF_REPORTER_LINTERS
    • Fix issue when a linter is used in multiple SARIF lint results

  • Linter versions upgrades

    • cfn-lint from 0.61.2 to 0.61.3 on 2022-07-19
    • checkov from 2.1.57 to 2.1.59 on 2022-07-18
    • checkov from 2.1.59 to 2.1.60 on 2022-07-19
    • cspell from 6.2.3 to 6.3.0 on 2022-07-18
    • eslint from 8.19.0 to 8.20.0 on 2022-07-17
    • golangci-lint from 1.46.2 to 1.47.0 on 2022-07-19
    • jscpd from 3.3.26 to 3.4.5 on 2022-07-19
    • markdownlint from 0.31.1 to 0.32.0 on 2022-07-17
    • pylint from 2.14.4 to 2.14.5 on 2022-07-18

MegaLinter v6.0.5

  • Fix mega-linter-runner --upgrade so it also updates report folder to megalinter-reports in GitHub Actions Workflows #1609

  • Fix documentation and templates to use megalinter-reports folder everywhere

  • Workaround for python-markdown issue radude/mdx_truly_sane_lists#9

  • Linter versions upgrades

    • checkov from 2.1.54 to 2.1.56 on 2022-07-15
    • checkov from 2.1.56 to 2.1.57 on 2022-07-16
    • gitleaks from 8.8.7 to 8.8.12 on 2022-07-16
    • kics from 1.5.11 to 1.5.12 on 2022-07-16
    • protolint from 0.38.2 to 0.38.3 on 2022-07-15
    • sqlfluff from 1.2.0 to 1.2.1 on 2022-07-16
    • terraform-fmt from 1.2.4 to 1.2.5 on 2022-07-15
    • terragrunt from 0.38.4 to 0.38.5 on 2022-07-15

MegaLinter v6.0.4

  • Fix count of errors when using SARIF reporter

  • DevSkim: Ignore megalinter-reports by default [(#1603)](oxsecurity/megalinter#1603)

  • Load JSON when list of objects is defined in an ENV var [(#1605)](oxsecurity/megalinter#1605)

  • AutoFix pre_commands using npm install (1258)

  • Linter versions upgrades

    • checkov from 2.1.43 to 2.1.54 on 2022-07-14
    • git_diff from 2.34.2 to 2.34.4 on 2022-07-14
    • phpstan from 1.8.0 to 1.8.1 on 2022-07-14
    • sqlfluff from 1.1.0 to 1.2.0 on 2022-07-14
    • syft from 0.50.0 to 0.51.0 on 2022-07-14

... (truncated)

Changelog

Sourced from megalinter/megalinter's changelog.

[v6.1.0] - 2022-07-19

  • Improve console logs by using collapsible sections in GitHub Actions and Gitlab CI (disable by defining CONSOLE_REPORTER_SECTIONS: false)

  • Define CLEAR_REPORT_FOLDER=true to empty report folder at the beginning of each run (#1502)

  • Improve SARIF output

    • Replace CI paths in logs
    • Add missing required properties so SARIF is valid
    • Add MegaLinter information in SARIF linter runs
    • Allow to select linters to activate SARIF for, using SARIF_REPORTER_LINTERS
    • Fix issue when a linter is used in multiple SARIF lint results

  • Linter versions upgrades

    • cfn-lint from 0.61.2 to 0.61.3 on 2022-07-19
    • checkov from 2.1.57 to 2.1.59 on 2022-07-18
    • checkov from 2.1.59 to 2.1.60 on 2022-07-19
    • cspell from 6.2.3 to 6.3.0 on 2022-07-18
    • eslint from 8.19.0 to 8.20.0 on 2022-07-17
    • golangci-lint from 1.46.2 to 1.47.0 on 2022-07-19
    • jscpd from 3.3.26 to 3.4.5 on 2022-07-19
    • markdownlint from 0.31.1 to 0.32.0 on 2022-07-17
    • pylint from 2.14.4 to 2.14.5 on 2022-07-18

[v6.0.5] - 2022-07-16

  • Fix mega-linter-runner --upgrade so it also updates report folder to megalinter-reports in GitHub Actions Workflows #1609

  • Fix documentation and templates to use megalinter-reports folder everywhere

  • Workaround for python-markdown issue radude/mdx_truly_sane_lists#9

  • Linter versions upgrades

    • checkov from 2.1.54 to 2.1.56 on 2022-07-15
    • checkov from 2.1.56 to 2.1.57 on 2022-07-16
    • gitleaks from 8.8.7 to 8.8.12 on 2022-07-16
    • kics from 1.5.11 to 1.5.12 on 2022-07-16
    • protolint from 0.38.2 to 0.38.3 on 2022-07-15
    • sqlfluff from 1.2.0 to 1.2.1 on 2022-07-16
    • terraform-fmt from 1.2.4 to 1.2.5 on 2022-07-15
    • terragrunt from 0.38.4 to 0.38.5 on 2022-07-15

[v6.0.4] - 2022-07-14

... (truncated)

Commits
  • 77d6ab3 Release MegaLinter v6.1.0
  • 0ae1531 [automation] Auto-update linters version, help and documentation (#1623)
  • 2ca5163 Reorder execution of Linting process to fix section logs (#1619)
  • e315de6 [automation] Auto-update linters version, help and documentation (#1617)
  • e934a14 Logging improvements (SARIF, console sections, clean logs at startup...) (#1614)
  • 457ade4 [automation] Auto-update linters version, help and documentation (#1615)
  • 09bd8a3 Release MegaLinter v6.0.5
  • 2a28322 [automation] Auto-update linters version, help and documentation (#1613)
  • 7b31977 Add missing repository url (#1567)
  • 1856d70 Upgrade gitleaks (#1611)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump megalinter/megalinter from 5 to 6.1.0
83a9dee 
Bumps [megalinter/megalinter](https://github.com/megalinter/megalinter) from 5 to 6.1.0.
- [Release notes](https://github.com/megalinter/megalinter/releases)
- [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md)
- [Commits](oxsecurity/megalinter@v5...v6.1.0)

---
updated-dependencies:
- dependency-name: megalinter/megalinter
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 25, 2022
@dependabot dependabot bot mentioned this pull request Jul 25, 2022
Closed
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Aug 1, 2022

Superseded by #26.

@dependabot dependabot bot closed this Aug 1, 2022
@dependabot dependabot bot deleted the dependabot/github_actions/megalinter/megalinter-6.1.0 branch August 1, 2022 15:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants