MegaLinter v7.0.2

What's Changed

To upgrade to MegaLinter v7, run npx mega-linter-runner@latest --upgrade , comment here if you have any issue :)

• MAJOR Updates

  • SECURED_ENV_VARIABLES & core scoped configuration by @nvuillam in #2601
    • New configuration variables SECURED_ENV_VARIABLES and SECURED_ENV_VARIABLES_DEFAULT to hide your environment sensitive variables to the linters called by MegaLinter
    • Read documentation to enhance security using MegaLinter
  • Use relative file paths to call linters by @nvuillam in #1877
    • This can be a breaking change for customizations, post an issue if you see a problem !

• New linters

  • Add linter cljstyle, Clojure formatter, by @practicalli-john in #2115
  • Add kubescape, kubernetes linter, by @muandane in #2531
  • Add Vale, a powerful enforcer of writing style, by @wesley-dean-flexion in #2406

• Removed linters

  • KUBERNETES_KUBEVAL: Not maintained anymore (kubeconform recommended by the authors)
  • REPOSITORY_GOODCHECK: Not open-source anymore
  • SPELL_MISSPELL: Not maintained anymore (last commit in 2018)
  • TERRAFORM_CHECKOV: Replaced by REPOSITORY_CHECKOV
  • TERRAFORM_KICS: Replaced by REPOSITORY_KICS

• Medias

  • Article: Use the Workflows JSON schema in your IDE, by Google Cloud
  • Video: Ortelius Architecture Meeting, with a review of MegaLinter, by Steve Taylor from Ortelius
  • Web site: my-devops-lab.com

• Linter enhancements & fixes

  • cspell
    • Fix corrective .cspell.json file generated from cspell output by @nvuillam in #2562
  • eslint
    • Ensure ESLint actually runs in project mode (#1572) by @Kurt-von-Laven in #2455
  • jscpd
    • Prevent jscpd to create output folder if the repo is not writable by @nvuillam in #2556
  • Gitleaks
    • Add support to scan PR commits only on PRs when VALIDATE_ALL_CODEBASE is set to false, by @DariuszPorowski #2504
  • KICS
    • Move KICS to REPOSITORY descriptor, so it can analyze all types of files, not terraform only, by @nvuillam in #2689
    • KICS can now output SARIF
    • The new version can have performance issues: customize of disable REPOSITORY_KICS if necessary
  • KubeConform
    • Simplify kubeconform install & get version by @nvuillam in #2629
  • PHPLint
    • Upgrade PHPLint to v9 by @bdovaz in #2638
  • sqlfluff
    • Remove old options from SQLFluff config file by @tunetheweb in #2560
  • v8r
    • Allow use of configuration files with v8r by @bdovaz in #1982

• Core

  • Upgrade base Docker image to python:3.11.3-alpine3.17 by @nvuillam in #2537
  • Allow simultaneous regex filtering at descriptor and linter levels by @nvuillam & @seaneagan in #2669
  • Allow MEGALINTER_CONFIG to contain a full path to a MegaLinter config file by @nvuillam in #2649
  • Fix issue preventing plugins to work with flavors by @nvuillam in #2532
  • Fix crash in case of unreachable symlinks by @nvuillam in #2538
  • mega-linter-runner: Use --platform also for docker run by @nvuillam , @Kurt-von-Laven & @cam-barts in #2690
  • Replace deprecated distutils.copy_tree by shutil.copytree

• Reporters

  • SARIF_REPORTER
    • Add option to skip def_ws prefix in sarif reports by @janderssonse in #2383
    • update schema to pass official SARIF validator by @DariuszPorowski in #2645
  • CONFIG_REPORTER
    • Add support for idea plugins auto-install by @waterfoul in #2553
  • CONSOLE_REPORTER
    • Updated cases in console/log output to use ⚠ Warning Sign (U+26A0) instead of ◬ White Up-Pointing Triangle with Dot (U+25EC), by @Doommius
  • GITLAB_COMMENT_REPORTER
    • Enhancement & fixes for GitlabCommentReporter by @nvuillam in #2564
      • New var GITLAB_COMMENT_REPORTER_OVERWRITE_COMMENT to allow to disable the overwrite of existing MegaLinter comment in case of new run
      • In case of overwrite activated (by default), fetch all Merge Request comments, not the first 20.
      • Display a different message in log when a Merge Request comment is created or updated.
  • AZURE_COMMENT_REPORTER
    • Downgrade Azure DevOps pipy package to avoid crash by @nvuillam in #2576

• Documentation

  • Improve documentation pages split by @nvuillam in #2688
    • Now Installation and Configuration menus have their own child menus
  • Doc about how to use fine grained PAT by @nvuillam in #2662
  • Fixed incorrect link in Azure to Gitlab reporters pages. by @Doommius in #2613
  • Added bitbucket job template + Fix icon in console logs by @Doommius in #2617
  • Exclude licenses pages from online search results by @nvuillam in #2665
  • Improve HTML tables display by @nvuillam in #2670
  • Remove ASCII characters from linters helps displayed in MegaLinter documentation

• Internal CI

  • Upgrade GitHub Actions to change automated comments and increase timeout by @nvuillam in #2536
  • Use Github Permissions instead of PAT by @nvuillam in #2652
  • Update GitHub Actions workflows environments by @nvuillam in #2657
  • Automate External Plugins table generation using .automation/plugins.yml file by @nvuillam in #2667
  • Fix MegaLinter build issue by @nvuillam in #2539
  • Fix for trivy-action (new naming for input) by @DariuszPorowski in #2541
  • Fix /build slash command to checkout the correct PR branch by @echoix in #2542
  • Fix local run of python test cases by @nvuillam in #2565
  • Fix mkdocs documentation generation by downgrading mkdocs-glightbox to 0.3.2 by @nvuillam in #2582
  • Do not push to docker from dev PRs by @nvuillam in #2639
  • Update stale workflow: remove trigger on comments and explicit permissions by @echoix in #2641
  • Decouple updating docker pull stats from building docs by @echoix in #2677
  • Review MegaLinter's own cspell word list for outdated exclusions by @echoix in #2676
  • Run stale workflow only on schedule, by @echoix in #2641
  • Add explicit permissions to stale workflow, by @echoix in #2641

• Linter versions upgrades

  • actionlint from 1.6.23 to 1.6.24
  • ansible-lint from 6.14.4 to 6.16.2
  • bicep_linter from 0.15.31 to 0.17.1
  • cfn-lint from 0.76.1 to 0.77.5
  • checkov from 2.3.149 to 2.3.259
  • checkstyle from 10.9.3 to 10.11.0
  • clippy from 0.1.68 to 0.1.69
  • clj-kondo from 2023.03.17 to 2023.05.18
  • csharpier from 0.23.0 to 0.24.2
  • djlint from 1.19.16 to 1.29.0
  • dotnet-format from 6.0.407 to 6.0.408
  • eslint-plugin-jsonc from 2.7.0 to 2.8.0
  • eslint from 8.37.0 to 8.41.0
  • git_diff from 2.38.4 to 2.38.5
  • gitleaks from 8.16.1 to 8.16.3
  • jscpd from 3.5.4 to 3.5.9
  • jsonlint from 14.0.2 to 14.0.3
  • kics from 1.6.13 to 1.7.1
  • ktlint from 0.48.2 to 0.49.1
  • kubeconform from 0.5.0 to 0.6.1
  • kubescape from 2.3.1 to 2.3.3
  • markdown-link-check from 3.10.3 to 3.11.2
  • mypy from 1.1.1 to 1.3.0
  • phplint from 5.5 to 9.0.4
  • phpstan from 1.10.10 to 1.10.15
  • pmd from 6.48.0 to 6.55.0
  • powershell from 7.3.3 to 7.3.4
  • powershell_formatter from 7.3.3 to 7.3.4
  • prettier from 2.8.7 to 2.8.8
  • protolint from 0.43.1 to 0.44.0
  • psalm from Psalm.5.9.0@ to Psalm.5.12.0@
  • puppet-lint from 3.3.0 to 4.0.0
  • pylint from 2.17.2 to 2.17.4
  • pyright from 1.1.301 to 1.1.310
  • revive from 1.3.1 to 1.3.2
  • rubocop from 1.49.0 to 1.51.0
  • ruff from 0.0.260 to 0.0.270
  • semgrep from 1.16.0 to 1.23.0
  • sfdx-scanner-apex from 3.11.0 to 3.12.0
  • sfdx-scanner-aura from 3.11.0 to 3.12.0
  • sfdx-scanner-lwc from 3.11.0 to 3.12.0
  • snakefmt from 0.8.3 to 0.8.4
  • snakemake from 7.25.0 to 7.26.0
  • spectral from 6.6.0 to 6.8.0
  • sqlfluff from 2.0.2 to 2.1.1
  • stylelint from 15.4.0 to 15.6.2
  • swiftlint from 0.51.0 to 0.52.2
  • syft from 0.76.0 to 0.82.0
  • terraform-fmt from 1.4.4 to 1.4.6
  • terragrunt from 0.45.0 to 0.45.11
  • terrascan from 1.18.0 to 1.18.1
  • tflint from 0.45.0 to 0.46.1
  • trivy from 0.39.0 to 0.41.0
  • v8r from 1.0.0 to 2.0.0
  • vale from 2.24.0 to 2.27.0
  • xmllint from 21003 to 21004
  • yamllint from 1.30.0 to 1.32.0

New Contributors

• @waterfoul made their first contribution in #2553
• @Doommius made their first contribution in #2613
• @muandane made their first contribution in #2531

MegaLinter is graciously provided by

Full Changelog: v6.22.2...v7.0.2