[PR #1265] [CLOSED] build(deps): bump megalinter/megalinter from 5 to 6.0.5 #1866

New issue

Closed

opened 2026-03-01 21:53:00 +03:00 by kerem · 0 comments

kerem commented

2026-03-01 21:53:00 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/nektos/act/pull/1265
Author: @dependabot[bot]
Created: 7/18/2022
Status: ❌ Closed

Base: master ← Head: dependabot/github_actions/megalinter/megalinter-6.0.5

📝 Commits (1)

e4598d1 build(deps): bump megalinter/megalinter from 5 to 6.0.5

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 .github/workflows/checks.yml (+1 -1)

📄 Description

Bumps megalinter/megalinter from 5 to 6.0.5.

Release notes

Sourced from megalinter/megalinter's releases.

MegaLinter v6.0.5

Fix mega-linter-runner --upgrade so it also updates report folder to megalinter-reports in GitHub Actions Workflows #1609

Fix documentation and templates to use megalinter-reports folder everywhere

Workaround for python-markdown issue radude/mdx_truly_sane_lists#9

Linter versions upgrades

checkov from 2.1.54 to 2.1.56 on 2022-07-15

checkov from 2.1.56 to 2.1.57 on 2022-07-16

gitleaks from 8.8.7 to 8.8.12 on 2022-07-16

kics from 1.5.11 to 1.5.12 on 2022-07-16

protolint from 0.38.2 to 0.38.3 on 2022-07-15

sqlfluff from 1.2.0 to 1.2.1 on 2022-07-16

terraform-fmt from 1.2.4 to 1.2.5 on 2022-07-15

terragrunt from 0.38.4 to 0.38.5 on 2022-07-15

MegaLinter v6.0.4

Fix count of errors when using SARIF reporter

DevSkim: Ignore megalinter-reports by default [(#1603)](oxsecurity/megalinter#1603)

Load JSON when list of objects is defined in an ENV var [(#1605)](oxsecurity/megalinter#1605)

AutoFix pre_commands using npm install (1258)

Linter versions upgrades

checkov from 2.1.43 to 2.1.54 on 2022-07-14

git_diff from 2.34.2 to 2.34.4 on 2022-07-14

phpstan from 1.8.0 to 1.8.1 on 2022-07-14

sqlfluff from 1.1.0 to 1.2.0 on 2022-07-14

syft from 0.50.0 to 0.51.0 on 2022-07-14

MegaLinter v6.0.3

mega-linter-runner: Update query args when opening OX Security

Fix mega-linter-runner doesn't default to v6 for flavors (1596)

MegaLinter v6.0.2

Internal CI fixes

MegaLinter v6.0.1

Quick fixes about internal CI & documentation

= https://github.com/oxsecurity/megalinter/releases/tag/v6.0.0

MegaLinter v6.0.0

Move Repo to OX Security

Github: https://github.com/oxsecurity/megalinter

Documentation: https://oxsecurity.github.io/megalinter/

OX Security home page: https://www.ox.security/

Breaking changes: you must run npx mega-linter-runner --upgrade to use MegaLinter v6

Core architecture

New reporter SARIF_REPORTER that aggregates all SARIF output files into a single one

... (truncated)

Changelog

Sourced from megalinter/megalinter's changelog.

[v6.0.5] - 2022-07-16

Fix mega-linter-runner --upgrade so it also updates report folder to megalinter-reports in GitHub Actions Workflows #1609

Fix documentation and templates to use megalinter-reports folder everywhere

Workaround for python-markdown issue radude/mdx_truly_sane_lists#9

Linter versions upgrades

checkov from 2.1.54 to 2.1.56 on 2022-07-15

checkov from 2.1.56 to 2.1.57 on 2022-07-16

gitleaks from 8.8.7 to 8.8.12 on 2022-07-16

kics from 1.5.11 to 1.5.12 on 2022-07-16

protolint from 0.38.2 to 0.38.3 on 2022-07-15

sqlfluff from 1.2.0 to 1.2.1 on 2022-07-16

terraform-fmt from 1.2.4 to 1.2.5 on 2022-07-15

terragrunt from 0.38.4 to 0.38.5 on 2022-07-15

[v6.0.4] - 2022-07-14

Fix count of errors when using SARIF reporter

DevSkim: Ignore megalinter-reports by default [(#1603)](oxsecurity/megalinter#1603)

Load JSON when list of objects is defined in an ENV var [(#1605)](oxsecurity/megalinter#1605)

AutoFix pre_commands using npm install (1258)

Linter versions upgrades

checkov from 2.1.43 to 2.1.54 on 2022-07-14

git_diff from 2.34.2 to 2.34.4 on 2022-07-14

phpstan from 1.8.0 to 1.8.1 on 2022-07-14

sqlfluff from 1.1.0 to 1.2.0 on 2022-07-14

syft from 0.50.0 to 0.51.0 on 2022-07-14

[v6.0.3] - 2022-07-11

mega-linter-runner: Update query args when opening OX Security

Fix mega-linter-runner doesn't default to v6 for flavors (1596)

[v6.0.0] - 2022-07-10

Breaking changes: you must run npx mega-linter-runner --upgrade to use MegaLinter v6

Core architecture

New reporter SARIF_REPORTER that aggregates all SARIF output files into a single one

Correct SARIF files for known format errors

New config variable DISABLE_LINTERS_ERRORS to define a list of linters that will be considered as non blocking

Upgrade base docker image to python:3.10.4-alpine3.15

Rename default report folder from report to megalinter-reports

Display GitHub stars in linters summary table in documentation

Linters:

Add DevSkim security linter by Microsoft

Add dustilock to check for dependency confusion attacks with node and python packages

... (truncated)

Commits

09bd8a3 Release MegaLinter v6.0.5
2a28322 [automation] Auto-update linters version, help and documentation (#1613)
7b31977 Add missing repository url (#1567)
1856d70 Upgrade gitleaks (#1611)
a911824 [automation] Auto-update linters version, help and documentation (#1612)
309d9f8 Fix CI : workaround for python-markdown latest version issue
f416e3d Fix CI
d97607a Fix CI & use megalinter-reports in README & templates
a0beb1a Update report folder into megalinter-reports (#1610)
fe80279 [automation] Auto-update linters version, help and documentation (#1608)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/nektos/act/pull/1265 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 7/18/2022 **Status:** ❌ Closed **Base:** `master` ← **Head:** `dependabot/github_actions/megalinter/megalinter-6.0.5` --- ### 📝 Commits (1) - [`e4598d1`](https://github.com/nektos/act/commit/e4598d169544a1f860618636df9db9e110e89d83) build(deps): bump megalinter/megalinter from 5 to 6.0.5 ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/checks.yml` (+1 -1) </details> ### 📄 Description Bumps [megalinter/megalinter](https://github.com/megalinter/megalinter) from 5 to 6.0.5. <details> <summary>Release notes</summary> Sourced from <a href="https://github.com/megalinter/megalinter/releases">megalinter/megalinter's releases</a>. <blockquote> <h2>MegaLinter v6.0.5</h2> <ul> <li> Fix mega-linter-runner --upgrade so it also updates report folder to megalinter-reports in GitHub Actions Workflows <a href="https://github-redirect.dependabot.com/oxsecurity/megalinter/issues/1609">#1609</a> </li> <li> Fix documentation and templates to use <code>megalinter-reports</code> folder everywhere </li> <li> Workaround for python-markdown issue <a href="https://github-redirect.dependabot.com/radude/mdx_truly_sane_lists/issues/9">radude/mdx_truly_sane_lists#9</a> </li> <li> Linter versions upgrades <ul> <li><a href="https://www.checkov.io/">checkov</a> from 2.1.54 to 2.1.56 on 2022-07-15</li> <li><a href="https://www.checkov.io/">checkov</a> from 2.1.56 to 2.1.57 on 2022-07-16</li> <li><a href="https://github.com/zricethezav/gitleaks">gitleaks</a> from 8.8.7 to 8.8.12 on 2022-07-16</li> <li><a href="https://www.kics.io">kics</a> from 1.5.11 to 1.5.12 on 2022-07-16</li> <li><a href="https://github.com/yoheimuta/protolint">protolint</a> from 0.38.2 to 0.38.3 on 2022-07-15</li> <li><a href="https://www.sqlfluff.com/">sqlfluff</a> from 1.2.0 to 1.2.1 on 2022-07-16</li> <li><a href="https://www.terraform.io/docs/cli/commands/fmt.html">terraform-fmt</a> from 1.2.4 to 1.2.5 on 2022-07-15</li> <li><a href="https://terragrunt.gruntwork.io">terragrunt</a> from 0.38.4 to 0.38.5 on 2022-07-15</li> </ul> </li> </ul> <h2>MegaLinter v6.0.4</h2> <ul> <li> Fix count of errors when using SARIF reporter </li> <li> DevSkim: Ignore megalinter-reports by default [(<a href="https://github-redirect.dependabot.com/megalinter/megalinter/issues/1603">#1603</a>)](<a href="https://github-redirect.dependabot.com/oxsecurity/megalinter/issues/1603">oxsecurity/megalinter#1603</a>) </li> <li> Load JSON when list of objects is defined in an ENV var [(<a href="https://github-redirect.dependabot.com/megalinter/megalinter/issues/1605">#1605</a>)](<a href="https://github-redirect.dependabot.com/oxsecurity/megalinter/issues/1605">oxsecurity/megalinter#1605</a>) </li> <li> AutoFix pre_commands using <code>npm install</code> <a href="https://github-redirect.dependabot.com/oxsecurity/megalinter/issues/1258">(1258)</a> </li> <li> Linter versions upgrades <ul> <li><a href="https://www.checkov.io/">checkov</a> from 2.1.43 to 2.1.54 on 2022-07-14</li> <li><a href="https://git-scm.com">git_diff</a> from 2.34.2 to 2.34.4 on 2022-07-14</li> <li><a href="https://phpstan.org/">phpstan</a> from 1.8.0 to 1.8.1 on 2022-07-14</li> <li><a href="https://www.sqlfluff.com/">sqlfluff</a> from 1.1.0 to 1.2.0 on 2022-07-14</li> <li><a href="https://github.com/anchore/syft">syft</a> from 0.50.0 to 0.51.0 on 2022-07-14</li> </ul> </li> </ul> <h2>MegaLinter v6.0.3</h2> <ul> <li>mega-linter-runner: Update query args when opening OX Security</li> <li>Fix mega-linter-runner doesn't default to v6 for flavors <a href="https://github-redirect.dependabot.com/oxsecurity/megalinter/issues/1596">(1596)</a></li> </ul> <h2>MegaLinter v6.0.2</h2> Internal CI fixes <h2>MegaLinter v6.0.1</h2> <ul> <li>Quick fixes about internal CI & documentation</li> </ul> = <a href="https://github.com/oxsecurity/megalinter/releases/tag/v6.0.0">https://github.com/oxsecurity/megalinter/releases/tag/v6.0.0</a> <h2>MegaLinter v6.0.0</h2> <ul> <li> Move Repo to OX Security <ul> <li>Github: <a href="https://github.com/oxsecurity/megalinter">https://github.com/oxsecurity/megalinter</a></li> <li>Documentation: <a href="https://oxsecurity.github.io/megalinter/">https://oxsecurity.github.io/megalinter/</a></li> <li>OX Security home page: <a href="https://www.ox.security/">https://www.ox.security/</a></li> </ul> </li> <li> Breaking changes: you must run <code>npx mega-linter-runner --upgrade</code> to use MegaLinter v6 </li> <li> Core architecture <ul> <li>New reporter SARIF_REPORTER that aggregates all SARIF output files into a single one</li> </ul> </li> </ul>  </blockquote> ... (truncated) </details> <details> <summary>Changelog</summary> Sourced from <a href="https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md">megalinter/megalinter's changelog</a>. <blockquote> <h2>[v6.0.5] - 2022-07-16</h2> <ul> <li> Fix mega-linter-runner --upgrade so it also updates report folder to megalinter-reports in GitHub Actions Workflows <a href="https://github-redirect.dependabot.com/oxsecurity/megalinter/issues/1609">#1609</a> </li> <li> Fix documentation and templates to use <code>megalinter-reports</code> folder everywhere </li> <li> Workaround for python-markdown issue <a href="https://github-redirect.dependabot.com/radude/mdx_truly_sane_lists/issues/9">radude/mdx_truly_sane_lists#9</a> </li> <li> Linter versions upgrades <ul> <li><a href="https://www.checkov.io/">checkov</a> from 2.1.54 to 2.1.56 on 2022-07-15</li> <li><a href="https://www.checkov.io/">checkov</a> from 2.1.56 to 2.1.57 on 2022-07-16</li> <li><a href="https://github.com/zricethezav/gitleaks">gitleaks</a> from 8.8.7 to 8.8.12 on 2022-07-16</li> <li><a href="https://www.kics.io">kics</a> from 1.5.11 to 1.5.12 on 2022-07-16</li> <li><a href="https://github.com/yoheimuta/protolint">protolint</a> from 0.38.2 to 0.38.3 on 2022-07-15</li> <li><a href="https://www.sqlfluff.com/">sqlfluff</a> from 1.2.0 to 1.2.1 on 2022-07-16</li> <li><a href="https://www.terraform.io/docs/cli/commands/fmt.html">terraform-fmt</a> from 1.2.4 to 1.2.5 on 2022-07-15</li> <li><a href="https://terragrunt.gruntwork.io">terragrunt</a> from 0.38.4 to 0.38.5 on 2022-07-15</li> </ul> </li> </ul> <h2>[v6.0.4] - 2022-07-14</h2> <ul> <li> Fix count of errors when using SARIF reporter </li> <li> DevSkim: Ignore megalinter-reports by default [(<a href="https://github-redirect.dependabot.com/megalinter/megalinter/issues/1603">#1603</a>)](<a href="https://github-redirect.dependabot.com/oxsecurity/megalinter/issues/1603">oxsecurity/megalinter#1603</a>) </li> <li> Load JSON when list of objects is defined in an ENV var [(<a href="https://github-redirect.dependabot.com/megalinter/megalinter/issues/1605">#1605</a>)](<a href="https://github-redirect.dependabot.com/oxsecurity/megalinter/issues/1605">oxsecurity/megalinter#1605</a>) </li> <li> AutoFix pre_commands using <code>npm install</code> <a href="https://github-redirect.dependabot.com/oxsecurity/megalinter/issues/1258">(1258)</a> </li> <li> Linter versions upgrades <ul> <li><a href="https://www.checkov.io/">checkov</a> from 2.1.43 to 2.1.54 on 2022-07-14</li> <li><a href="https://git-scm.com">git_diff</a> from 2.34.2 to 2.34.4 on 2022-07-14</li> <li><a href="https://phpstan.org/">phpstan</a> from 1.8.0 to 1.8.1 on 2022-07-14</li> <li><a href="https://www.sqlfluff.com/">sqlfluff</a> from 1.1.0 to 1.2.0 on 2022-07-14</li> <li><a href="https://github.com/anchore/syft">syft</a> from 0.50.0 to 0.51.0 on 2022-07-14</li> </ul> </li> </ul> <h2>[v6.0.3] - 2022-07-11</h2> <ul> <li>mega-linter-runner: Update query args when opening OX Security</li> <li>Fix mega-linter-runner doesn't default to v6 for flavors <a href="https://github-redirect.dependabot.com/oxsecurity/megalinter/issues/1596">(1596)</a></li> </ul> <h2>[v6.0.0] - 2022-07-10</h2> <ul> <li> Breaking changes: you must run <code>npx mega-linter-runner --upgrade</code> to use MegaLinter v6 </li> <li> Core architecture <ul> <li>New reporter SARIF_REPORTER that aggregates all SARIF output files into a single one <ul> <li>Correct SARIF files for known format errors</li> </ul> </li> <li>New config variable DISABLE_LINTERS_ERRORS to define a list of linters that will be considered as non blocking</li> <li>Upgrade base docker image to python:3.10.4-alpine3.15</li> <li>Rename default report folder from <code>report</code> to <code>megalinter-reports</code></li> <li>Display GitHub stars in linters summary table in documentation</li> </ul> </li> <li> Linters: <ul> <li>Add <a href="https://github.com/microsoft/DevSkim">DevSkim</a> security linter by Microsoft</li> <li>Add <a href="https://github.com/Checkmarx/dustilock">dustilock</a> to check for dependency confusion attacks with node and python packages</li> </ul> </li> </ul>  </blockquote> ... (truncated) </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/oxsecurity/megalinter/commit/09bd8a3aab852fd55f80b3c66dab3cc360c0b5b0"><code>09bd8a3</code></a> Release MegaLinter v6.0.5</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/2a28322ccc5ccf8602d681a66ebe6d546d691ff0"><code>2a28322</code></a> [automation] Auto-update linters version, help and documentation (<a href="https://github-redirect.dependabot.com/megalinter/megalinter/issues/1613">#1613</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/7b31977ecb107a709a2c41c3c9a57f3e4bc2cb86"><code>7b31977</code></a> Add missing repository url (<a href="https://github-redirect.dependabot.com/megalinter/megalinter/issues/1567">#1567</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/1856d70aae33087f9af48201ea91464c81b084a8"><code>1856d70</code></a> Upgrade gitleaks (<a href="https://github-redirect.dependabot.com/megalinter/megalinter/issues/1611">#1611</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/a911824185279e2c98ef91f29a1868bb7d5486f5"><code>a911824</code></a> [automation] Auto-update linters version, help and documentation (<a href="https://github-redirect.dependabot.com/megalinter/megalinter/issues/1612">#1612</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/309d9f81ef1eae357ae07023c6bcfe230026fb0a"><code>309d9f8</code></a> Fix CI : workaround for python-markdown latest version issue</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/f416e3d979fafe69e0ca4d0d4243cfaf80e4ae04"><code>f416e3d</code></a> Fix CI</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/d97607a41ad55c38829e9b1df69edcd3d6a6c6d2"><code>d97607a</code></a> Fix CI & use megalinter-reports in README & templates</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/a0beb1a5090f2c430dbd0edab2eb45b897ab3648"><code>a0beb1a</code></a> Update report folder into megalinter-reports (<a href="https://github-redirect.dependabot.com/megalinter/megalinter/issues/1610">#1610</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/fe80279fc8232ee0d0f24f437a5e92c33a843bab"><code>fe80279</code></a> [automation] Auto-update linters version, help and documentation (<a href="https://github-redirect.dependabot.com/megalinter/megalinter/issues/1608">#1608</a>)</li> <li>Additional commits viewable in <a href="https://github.com/megalinter/megalinter/compare/v5...v6.0.5">compare view</a></li> </ul> </details> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=megalinter/megalinter&package-manager=github_actions&previous-version=5&new-version=6.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- 🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.