From 0307cb841c3c4b588bc4afdd36d82d7800047dfe Mon Sep 17 00:00:00 2001 From: Nicolas Vuillamy Date: Fri, 3 Oct 2025 08:49:42 +0000 Subject: [PATCH 1/2] [automation] Auto-update linters version, help and documentation --- .automation/generated/linter-helps.json | 8 ++++---- .automation/generated/linter-versions.json | 2 +- CHANGELOG.md | 1 + docs/all_linters.md | 2 +- docs/descriptors/ansible_ansible_lint.md | 6 +++--- docs/descriptors/json_eslint_plugin_jsonc.md | 2 +- docs/descriptors/makefile_checkmake.md | 2 +- docs/descriptors/markdown_remark_lint.md | 2 +- docs/descriptors/puppet_puppet_lint.md | 2 +- docs/descriptors/repository_checkov.md | 4 ++-- docs/descriptors/repository_gitleaks.md | 10 +++++----- docs/descriptors/salesforce_lightning_flow_scanner.md | 2 +- docs/descriptors/snakemake_snakemake.md | 8 ++++---- 13 files changed, 26 insertions(+), 25 deletions(-) diff --git a/.automation/generated/linter-helps.json b/.automation/generated/linter-helps.json index bb3757648d7..711782f7732 100644 --- a/.automation/generated/linter-helps.json +++ b/.automation/generated/linter-helps.json @@ -9600,7 +9600,7 @@ " [--summary] [--detailed-summary] [--archive FILE]", " [--cleanup-metadata FILE [FILE ...]] [--cleanup-shadow]", " [--skip-script-cleanup] [--unlock]", - " [--list-changes {code,params,input}] [--list-input-changes]", + " [--list-changes {input,params,code}] [--list-input-changes]", " [--list-params-changes] [--list-untracked]", " [--delete-all-output | --delete-temp-output]", " [--keep-incomplete] [--drop-metadata] [--version]", @@ -9645,7 +9645,7 @@ " [--apptainer-args ARGS] [--use-envmodules]", " [--deploy-sources QUERY CHECKSUM]", " [--target-jobs TARGET_JOBS [TARGET_JOBS ...]]", - " [--mode {subprocess,remote,default}]", + " [--mode {remote,subprocess,default}]", " [--scheduler-solver-path SCHEDULER_SOLVER_PATH]", " [--max-jobs-per-second MAX_JOBS_PER_SECOND]", " [--report-html-path VALUE]", @@ -10133,7 +10133,7 @@ " (default: False)", " --unlock Remove a lock on the working directory. (default:", " False)", - " --list-changes, --lc {code,params,input}", + " --list-changes, --lc {input,params,code}", " List all output files for which the given items (code,", " input, params) have changed since creation.", " --list-input-changes, --li", @@ -10488,7 +10488,7 @@ " --target-jobs TARGET_JOBS [TARGET_JOBS ...]", " Internal use only: Target particular jobs by", " RULE:WILDCARD1=VALUE,WILDCARD2=VALUE,...", - " --mode {subprocess,remote,default}", + " --mode {remote,subprocess,default}", " Internal use only: Set execution mode of Snakemake.", " (default: default)", " --scheduler-solver-path SCHEDULER_SOLVER_PATH", diff --git a/.automation/generated/linter-versions.json b/.automation/generated/linter-versions.json index 8e19ae1289a..54731c2157e 100644 --- a/.automation/generated/linter-versions.json +++ b/.automation/generated/linter-versions.json @@ -1,6 +1,6 @@ { "actionlint": "1.7.7", - "ansible-lint": "25.9.0", + "ansible-lint": "25.9.1", "arm-ttk": "0.0.0", "bandit": "1.8.6", "bash-exec": "5.2.37", diff --git a/CHANGELOG.md b/CHANGELOG.md index 12a963b6a19..9f7b4e237bb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -52,6 +52,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l - [checkstyle](https://checkstyle.org/) from 11.0.1 to **11.1.0** on 2025-09-28 - [isort](https://pycqa.github.io/isort/) from 6.0.1 to **6.1.0** on 2025-10-01 - [robocop](https://github.com/MarketSquare/robotframework-robocop) from 6.7.0 to **6.7.1** on 2025-10-01 + - [ansible-lint](https://ansible-lint.readthedocs.io/) from 25.9.0 to **25.9.1** on 2025-10-03 ## [v9.0.1] - 2025-09-21 diff --git a/docs/all_linters.md b/docs/all_linters.md index 9e9ddf3b5ba..51ddbad6c40 100644 --- a/docs/all_linters.md +++ b/docs/all_linters.md @@ -6,7 +6,7 @@ | Linter | Version | License | Popularity | Descriptors | Ref | URL | |:-------------------------------------------------------------------------------------------------------------------|:-------------:|:---------------------------------------------------------------:|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------:|:---------------------------------------------------------------------------------------------------------------------------------------------------:| | [**actionlint**](https://github.com/rhysd/actionlint){target=_blank} | 1.7.7 | [MIT](licenses/actionlint.md) | [![GitHub stars](https://img.shields.io/github/stars/rhysd/actionlint?cacheSeconds=3600)](https://github.com/rhysd/actionlint){target=_blank} | [ACTION](descriptors/action_actionlint.md) | :white_circle: | [Repository](https://github.com/rhysd/actionlint){target=_blank} | -| [**ansible-lint**](https://github.com/ansible/ansible-lint){target=_blank} | 25.9.0 | [GPL-3.0-only](licenses/ansible-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/ansible/ansible-lint?cacheSeconds=3600)](https://github.com/ansible/ansible-lint){target=_blank} | [ANSIBLE](descriptors/ansible_ansible_lint.md) | :white_circle: | [Repository](https://github.com/ansible/ansible-lint){target=_blank} | +| [**ansible-lint**](https://github.com/ansible/ansible-lint){target=_blank} | 25.9.1 | [GPL-3.0-only](licenses/ansible-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/ansible/ansible-lint?cacheSeconds=3600)](https://github.com/ansible/ansible-lint){target=_blank} | [ANSIBLE](descriptors/ansible_ansible_lint.md) | :white_circle: | [Repository](https://github.com/ansible/ansible-lint){target=_blank} | | [**arm-ttk**](https://github.com/Azure/arm-ttk){target=_blank} | N/A | [MIT](licenses/arm-ttk.md) | [![GitHub stars](https://img.shields.io/github/stars/Azure/arm-ttk?cacheSeconds=3600)](https://github.com/Azure/arm-ttk){target=_blank} | [ARM](descriptors/arm_arm_ttk.md) | :white_circle: | [Repository](https://github.com/Azure/arm-ttk){target=_blank} | | [**bandit**](https://github.com/PyCQA/bandit){target=_blank} | 1.8.6 | [Apache-2.0](licenses/bandit.md) | [![GitHub stars](https://img.shields.io/github/stars/PyCQA/bandit?cacheSeconds=3600)](https://github.com/PyCQA/bandit){target=_blank} | [PYTHON](descriptors/python_bandit.md) | :white_circle: | [Repository](https://github.com/PyCQA/bandit){target=_blank} | | [**bash-exec**](https://www.gnu.org/software/bash/){target=_blank} | 5.2.37 | GPL-3.0-or-later | | [BASH](descriptors/bash_bash_exec.md) | | [Web Site](https://www.gnu.org/software/bash/){target=_blank} | diff --git a/docs/descriptors/ansible_ansible_lint.md b/docs/descriptors/ansible_ansible_lint.md index 4b069b55e47..a46a6c175c1 100644 --- a/docs/descriptors/ansible_ansible_lint.md +++ b/docs/descriptors/ansible_ansible_lint.md @@ -30,7 +30,7 @@ Ansible-lint helps teams maintain consistent, secure, and well-structured Ansibl ## ansible-lint documentation -- Version in MegaLinter: **25.9.0** +- Version in MegaLinter: **25.9.1** - Visit [Official Web Site](https://ansible-lint.readthedocs.io/){target=_blank} - See [How to configure ansible-lint rules](https://ansible-lint.readthedocs.io/configuring/#configuration-file){target=_blank} - If custom `.ansible-lint` config file isn't found, [.ansible-lint](https://github.com/oxsecurity/megalinter/tree/main/TEMPLATES/.ansible-lint){target=_blank} will be used @@ -195,8 +195,8 @@ ANSIBLE_LINT_NODEPS: Avoids installing content dependencies and avoids performin - Dockerfile commands : ```dockerfile # renovate: datasource=pypi depName=ansible-lint -ARG PIP_ANSIBLE_LINT_VERSION=25.9.0 +ARG PIP_ANSIBLE_LINT_VERSION=25.9.1 ``` - PIP packages (Python): - - [ansible-lint==25.9.0](https://pypi.org/project/ansible-lint/25.9.0) + - [ansible-lint==25.9.1](https://pypi.org/project/ansible-lint/25.9.1) diff --git a/docs/descriptors/json_eslint_plugin_jsonc.md b/docs/descriptors/json_eslint_plugin_jsonc.md index a075779c935..efa405b86e7 100644 --- a/docs/descriptors/json_eslint_plugin_jsonc.md +++ b/docs/descriptors/json_eslint_plugin_jsonc.md @@ -15,7 +15,7 @@ description: How to use eslint-plugin-jsonc (configure, ignore files, ignore err _This linter has been disabled in this version_ -_Disabled reason: Bug in eslint-plugin-jsonc: _ +_Disabled reason: Bug in eslint-plugin-jsonc: https://github.com/ota-meshi/eslint-plugin-jsonc/issues/328_ **eslint-plugin-jsonc** uses eslint to lint [**json**](https://www.json.org/), [**jsonc**](https://github.com/microsoft/node-jsonc-parser) and [**json5**](https://json5.org/) (extended JSON with comments & more). diff --git a/docs/descriptors/makefile_checkmake.md b/docs/descriptors/makefile_checkmake.md index 69db977412c..33c9fbd6d9a 100644 --- a/docs/descriptors/makefile_checkmake.md +++ b/docs/descriptors/makefile_checkmake.md @@ -9,7 +9,7 @@ description: How to use checkmake (configure, ignore files, ignore errors, help _This linter has been disabled in this version_ -_Disabled reason: Security issues: _ +_Disabled reason: Security issues: https://github.com/checkmake/checkmake/issues/99_ **checkmake** is a linter for Makefiles that helps enforce best practices and identify common issues in Makefile syntax and structure. It helps prevent common Makefile pitfalls and makes build processes more reliable and maintainable. diff --git a/docs/descriptors/markdown_remark_lint.md b/docs/descriptors/markdown_remark_lint.md index 8a079790b28..b1176d136ee 100644 --- a/docs/descriptors/markdown_remark_lint.md +++ b/docs/descriptors/markdown_remark_lint.md @@ -9,7 +9,7 @@ description: How to use remark-lint (configure, ignore files, ignore errors, hel _This linter has been disabled in this version_ -_Disabled reason: Bug in remark-lint: _ +_Disabled reason: Bug in remark-lint: https://github.com/remarkjs/remark-lint/issues/322_ **remark-lint** is a powerful plugin for the remark markdown processor that provides comprehensive linting and formatting capabilities for Markdown files. Built on the unified collective's remark ecosystem, it offers extensive rule-based validation with automatic fixing capabilities and a rich plugin architecture for customized Markdown processing workflows. diff --git a/docs/descriptors/puppet_puppet_lint.md b/docs/descriptors/puppet_puppet_lint.md index 2ef555bc8ba..c962ba335af 100644 --- a/docs/descriptors/puppet_puppet_lint.md +++ b/docs/descriptors/puppet_puppet_lint.md @@ -9,7 +9,7 @@ description: How to use puppet-lint (configure, ignore files, ignore errors, hel _This linter has been disabled in this version_ -_Disabled reason: _ +_Disabled reason: https://github.com/puppetlabs/puppet-lint/issues/251_ **puppet-lint** is the standard linting tool for Puppet code that enforces the recommended Puppet language style guide and ensures consistent code formatting across Puppet manifests. It focuses on style and formatting rather than syntax validation. diff --git a/docs/descriptors/repository_checkov.md b/docs/descriptors/repository_checkov.md index 0dfcd943cb8..61c0936822e 100644 --- a/docs/descriptors/repository_checkov.md +++ b/docs/descriptors/repository_checkov.md @@ -15,7 +15,7 @@ description: How to use checkov (configure, ignore files, ignore errors, help & _This linter has been disabled in this version_ -_Disabled reason: _ +_Disabled reason: https://github.com/bridgecrewio/checkov/issues/7263_ **Checkov** is a comprehensive static code analysis tool for Infrastructure as Code (IaC) that prevents cloud security misconfigurations before they reach production. @@ -490,7 +490,7 @@ config file values which override defaults. - Dockerfile commands : ```dockerfile # renovate: datasource=pypi depName=checkov -ARG PIP_CHECKOV_VERSION=3.2.471 +ARG PIP_CHECKOV_VERSION=3.2.473 ``` - PIP packages (Python): diff --git a/docs/descriptors/repository_gitleaks.md b/docs/descriptors/repository_gitleaks.md index 93dfb1d0cac..fa946d07373 100644 --- a/docs/descriptors/repository_gitleaks.md +++ b/docs/descriptors/repository_gitleaks.md @@ -33,17 +33,17 @@ description: How to use gitleaks (configure, ignore files, ignore errors, help & If MegaLinter with gitleaks runs against a PR on a platform not listed above, analysis is performed on the whole repository (this is the default gitleaks behavior; the commits scanned depend on the fetch-depth configuration). You can still choose to scan only PR commits in your CI/CD platform by setting the following MegaLinter environment variables: -- `PULL_REQUEST=true`\* -- `REPOSITORY_GITLEAKS_PR_COMMITS_SCAN: true` -- `REPOSITORY_GITLEAKS_PR_SOURCE_SHA` with last commit sha from your PR and `REPOSITORY_GITLEAKS_PR_TARGET_SHA` commit sha from your target branch (for example, `main` if you do PR to main branch) + - `PULL_REQUEST=true`\* + - `REPOSITORY_GITLEAKS_PR_COMMITS_SCAN: true` + - `REPOSITORY_GITLEAKS_PR_SOURCE_SHA` with last commit sha from your PR and `REPOSITORY_GITLEAKS_PR_TARGET_SHA` commit sha from your target branch (for example, `main` if you do PR to main branch) Example commands: - - Source commit SHA: + - Source commit SHA: ```bash git rev-list -n 1 refs/remotes/origin/ ``` - - Target commit SHA: + - Target commit SHA: ```bash git rev-parse refs/remotes/origin/ ``` diff --git a/docs/descriptors/salesforce_lightning_flow_scanner.md b/docs/descriptors/salesforce_lightning_flow_scanner.md index b8ab189287b..9753dd2cf5c 100644 --- a/docs/descriptors/salesforce_lightning_flow_scanner.md +++ b/docs/descriptors/salesforce_lightning_flow_scanner.md @@ -15,7 +15,7 @@ description: How to use lightning-flow-scanner (configure, ignore files, ignore _This linter has been disabled in this version_ -_Disabled reason: Repo archived -> _ +_Disabled reason: Repo archived -> https://github.com/Lightning-Flow-Scanner_ **Lightning Flow Scanner** is a specialized SFDX plugin that analyzes Salesforce Flows for integrity issues, performance problems, and adherence to best practices. It helps developers build reliable and maintainable Flow automations. diff --git a/docs/descriptors/snakemake_snakemake.md b/docs/descriptors/snakemake_snakemake.md index d9f70fb7b5e..7de22ed77d3 100644 --- a/docs/descriptors/snakemake_snakemake.md +++ b/docs/descriptors/snakemake_snakemake.md @@ -149,7 +149,7 @@ usage: snakemake [-h] [--dry-run] [--profile PROFILE] [--summary] [--detailed-summary] [--archive FILE] [--cleanup-metadata FILE [FILE ...]] [--cleanup-shadow] [--skip-script-cleanup] [--unlock] - [--list-changes {code,params,input}] [--list-input-changes] + [--list-changes {input,params,code}] [--list-input-changes] [--list-params-changes] [--list-untracked] [--delete-all-output | --delete-temp-output] [--keep-incomplete] [--drop-metadata] [--version] @@ -194,7 +194,7 @@ usage: snakemake [-h] [--dry-run] [--profile PROFILE] [--apptainer-args ARGS] [--use-envmodules] [--deploy-sources QUERY CHECKSUM] [--target-jobs TARGET_JOBS [TARGET_JOBS ...]] - [--mode {subprocess,remote,default}] + [--mode {remote,subprocess,default}] [--scheduler-solver-path SCHEDULER_SOLVER_PATH] [--max-jobs-per-second MAX_JOBS_PER_SECOND] [--report-html-path VALUE] @@ -682,7 +682,7 @@ UTILITIES: (default: False) --unlock Remove a lock on the working directory. (default: False) - --list-changes, --lc {code,params,input} + --list-changes, --lc {input,params,code} List all output files for which the given items (code, input, params) have changed since creation. --list-input-changes, --li @@ -1037,7 +1037,7 @@ INTERNAL: --target-jobs TARGET_JOBS [TARGET_JOBS ...] Internal use only: Target particular jobs by RULE:WILDCARD1=VALUE,WILDCARD2=VALUE,... - --mode {subprocess,remote,default} + --mode {remote,subprocess,default} Internal use only: Set execution mode of Snakemake. (default: default) --scheduler-solver-path SCHEDULER_SOLVER_PATH From e735da3bc9a889f62ce567354dde8fe700eb182d Mon Sep 17 00:00:00 2001 From: nvuillam <17500430+nvuillam@users.noreply.github.com> Date: Fri, 3 Oct 2025 08:57:33 +0000 Subject: [PATCH 2/2] [MegaLinter] Apply linters fixes --- docs/descriptors/json_eslint_plugin_jsonc.md | 2 +- docs/descriptors/makefile_checkmake.md | 2 +- docs/descriptors/markdown_remark_lint.md | 2 +- docs/descriptors/puppet_puppet_lint.md | 2 +- docs/descriptors/repository_checkov.md | 2 +- docs/descriptors/repository_gitleaks.md | 10 +++++----- docs/descriptors/salesforce_lightning_flow_scanner.md | 2 +- 7 files changed, 11 insertions(+), 11 deletions(-) diff --git a/docs/descriptors/json_eslint_plugin_jsonc.md b/docs/descriptors/json_eslint_plugin_jsonc.md index efa405b86e7..a075779c935 100644 --- a/docs/descriptors/json_eslint_plugin_jsonc.md +++ b/docs/descriptors/json_eslint_plugin_jsonc.md @@ -15,7 +15,7 @@ description: How to use eslint-plugin-jsonc (configure, ignore files, ignore err _This linter has been disabled in this version_ -_Disabled reason: Bug in eslint-plugin-jsonc: https://github.com/ota-meshi/eslint-plugin-jsonc/issues/328_ +_Disabled reason: Bug in eslint-plugin-jsonc: _ **eslint-plugin-jsonc** uses eslint to lint [**json**](https://www.json.org/), [**jsonc**](https://github.com/microsoft/node-jsonc-parser) and [**json5**](https://json5.org/) (extended JSON with comments & more). diff --git a/docs/descriptors/makefile_checkmake.md b/docs/descriptors/makefile_checkmake.md index 33c9fbd6d9a..69db977412c 100644 --- a/docs/descriptors/makefile_checkmake.md +++ b/docs/descriptors/makefile_checkmake.md @@ -9,7 +9,7 @@ description: How to use checkmake (configure, ignore files, ignore errors, help _This linter has been disabled in this version_ -_Disabled reason: Security issues: https://github.com/checkmake/checkmake/issues/99_ +_Disabled reason: Security issues: _ **checkmake** is a linter for Makefiles that helps enforce best practices and identify common issues in Makefile syntax and structure. It helps prevent common Makefile pitfalls and makes build processes more reliable and maintainable. diff --git a/docs/descriptors/markdown_remark_lint.md b/docs/descriptors/markdown_remark_lint.md index b1176d136ee..8a079790b28 100644 --- a/docs/descriptors/markdown_remark_lint.md +++ b/docs/descriptors/markdown_remark_lint.md @@ -9,7 +9,7 @@ description: How to use remark-lint (configure, ignore files, ignore errors, hel _This linter has been disabled in this version_ -_Disabled reason: Bug in remark-lint: https://github.com/remarkjs/remark-lint/issues/322_ +_Disabled reason: Bug in remark-lint: _ **remark-lint** is a powerful plugin for the remark markdown processor that provides comprehensive linting and formatting capabilities for Markdown files. Built on the unified collective's remark ecosystem, it offers extensive rule-based validation with automatic fixing capabilities and a rich plugin architecture for customized Markdown processing workflows. diff --git a/docs/descriptors/puppet_puppet_lint.md b/docs/descriptors/puppet_puppet_lint.md index c962ba335af..2ef555bc8ba 100644 --- a/docs/descriptors/puppet_puppet_lint.md +++ b/docs/descriptors/puppet_puppet_lint.md @@ -9,7 +9,7 @@ description: How to use puppet-lint (configure, ignore files, ignore errors, hel _This linter has been disabled in this version_ -_Disabled reason: https://github.com/puppetlabs/puppet-lint/issues/251_ +_Disabled reason: _ **puppet-lint** is the standard linting tool for Puppet code that enforces the recommended Puppet language style guide and ensures consistent code formatting across Puppet manifests. It focuses on style and formatting rather than syntax validation. diff --git a/docs/descriptors/repository_checkov.md b/docs/descriptors/repository_checkov.md index 61c0936822e..5d02f49e42d 100644 --- a/docs/descriptors/repository_checkov.md +++ b/docs/descriptors/repository_checkov.md @@ -15,7 +15,7 @@ description: How to use checkov (configure, ignore files, ignore errors, help & _This linter has been disabled in this version_ -_Disabled reason: https://github.com/bridgecrewio/checkov/issues/7263_ +_Disabled reason: _ **Checkov** is a comprehensive static code analysis tool for Infrastructure as Code (IaC) that prevents cloud security misconfigurations before they reach production. diff --git a/docs/descriptors/repository_gitleaks.md b/docs/descriptors/repository_gitleaks.md index fa946d07373..93dfb1d0cac 100644 --- a/docs/descriptors/repository_gitleaks.md +++ b/docs/descriptors/repository_gitleaks.md @@ -33,17 +33,17 @@ description: How to use gitleaks (configure, ignore files, ignore errors, help & If MegaLinter with gitleaks runs against a PR on a platform not listed above, analysis is performed on the whole repository (this is the default gitleaks behavior; the commits scanned depend on the fetch-depth configuration). You can still choose to scan only PR commits in your CI/CD platform by setting the following MegaLinter environment variables: - - `PULL_REQUEST=true`\* - - `REPOSITORY_GITLEAKS_PR_COMMITS_SCAN: true` - - `REPOSITORY_GITLEAKS_PR_SOURCE_SHA` with last commit sha from your PR and `REPOSITORY_GITLEAKS_PR_TARGET_SHA` commit sha from your target branch (for example, `main` if you do PR to main branch) +- `PULL_REQUEST=true`\* +- `REPOSITORY_GITLEAKS_PR_COMMITS_SCAN: true` +- `REPOSITORY_GITLEAKS_PR_SOURCE_SHA` with last commit sha from your PR and `REPOSITORY_GITLEAKS_PR_TARGET_SHA` commit sha from your target branch (for example, `main` if you do PR to main branch) Example commands: - - Source commit SHA: + - Source commit SHA: ```bash git rev-list -n 1 refs/remotes/origin/ ``` - - Target commit SHA: + - Target commit SHA: ```bash git rev-parse refs/remotes/origin/ ``` diff --git a/docs/descriptors/salesforce_lightning_flow_scanner.md b/docs/descriptors/salesforce_lightning_flow_scanner.md index 9753dd2cf5c..b8ab189287b 100644 --- a/docs/descriptors/salesforce_lightning_flow_scanner.md +++ b/docs/descriptors/salesforce_lightning_flow_scanner.md @@ -15,7 +15,7 @@ description: How to use lightning-flow-scanner (configure, ignore files, ignore _This linter has been disabled in this version_ -_Disabled reason: Repo archived -> https://github.com/Lightning-Flow-Scanner_ +_Disabled reason: Repo archived -> _ **Lightning Flow Scanner** is a specialized SFDX plugin that analyzes Salesforce Flows for integrity issues, performance problems, and adherence to best practices. It helps developers build reliable and maintainable Flow automations.