starred/act

Fork 0

mirror of https://github.com/nektos/act.git synced 2026-04-26 09:25:54 +03:00

[PR #2531] [MERGED] build(deps): bump megalinter/megalinter from 8.1.0 to 8.2.0 #2482

New issue

Closed

opened 2026-03-01 21:55:38 +03:00 by kerem · 0 comments

kerem commented

2026-03-01 21:55:38 +03:00

Owner

📋 Pull Request Information

Original PR: https://github.com/nektos/act/pull/2531
Author: @dependabot[bot]
Created: 11/18/2024
Status: ✅ Merged
Merged: 11/18/2024
Merged by: @mergify[bot]

Base: master ← Head: dependabot/github_actions/megalinter/megalinter-8.2.0

📝 Commits (1)

ea4ce0f build(deps): bump megalinter/megalinter from 8.1.0 to 8.2.0

📊 Changes

1 file changed (+1 additions, -1 deletions)

View changed files

📝 .github/workflows/checks.yml (+1 -1)

📄 Description

Bumps megalinter/megalinter from 8.1.0 to 8.2.0.

Release notes

Sourced from megalinter/megalinter's releases.

v8.2.0

What's Changed

Media

10 MegaLinter Tips and Tricks Unlock its Full Potential by Wes Dean

MegaLinter Performance Tuning for Maximum Efficiency by Wes Dean

Linters enhancements

detekt Enable SARIF output + count errors

lintr: Support files in subdirectories, fix unit tests

phpcs-fixer: Activate APPLY_FIXES

Salesforce linters: Add SF_CLI_DISABLE_AUTOUPDATE for SF CLI JIT plugins

trivy: handle retry if failed to download Java DB is detected

tsqllint Re-enabled after .net 8 and security updates

Fixes

Add message in PR comment if FAIL_IF_UPDATED_SOURCES is triggered

Fix linting errors in GitHub Actions template

Reporters

UpdatedSourcesReporter will git commit & push fixed files to source branch if APPLY_FIXES is set

Fix AzureCommentReporter not adding comments to PR

Fix AzureCommentReporter fails when target repo contains spaces

Doc

Updated documentation with Azure central pipeline use case

Update DevSkim documentation to show a valid exclusion config file

Note about risky rules and how to fix rule violations with PHP-CS-Fixer

CI

Also prune volumes before pulling and pushing to docker hub

Externalize mirroring from ghcr.io to docker hub in another workflow to avoid memory issues

Squash docker images to have less layers and size

Comment jobs related to GitHub Worker images, as CodeTotal is not actively maintained

Make gitpod workflow not blocking until uv install is fixed

Update stale comment

Try several times to embed trivy db during Docker build, as a workaround to the random failures

Wait 10 secondes instead of 1 before retrying a failing test method, to avoid race conditions

Linter versions upgrades (104)

actionlint from 1.7.3 to 1.7.4

ansible-lint from 24.9.2 to 24.10.0

bicep_linter from 0.30.23 to 0.31.92

cfn-lint from 1.16.1 to 1.19.0

checkov from 3.2.257 to 3.2.298

checkstyle from 10.18.2 to 10.20.1

clippy from 0.1.81 to 0.1.82

clj-kondo from 2024.09.27 to 2024.11.14

cspell from 8.15.1 to 8.16.0

devskim from 1.0.33 to 1.0.44

... (truncated)

Changelog

Sourced from megalinter/megalinter's changelog.

[v8.2.0] - 2024-11-17

Media

10 MegaLinter Tips and Tricks Unlock its Full Potential by Wes Dean

MegaLinter Performance Tuning for Maximum Efficiency by Wes Dean

Linters enhancements

detekt Enable SARIF output + count errors

lintr: Support files in subdirectories, fix unit tests

phpcs: Activate APPLY_FIXES

Salesforce linters: Add SF_CLI_DISABLE_AUTOUPDATE for SF CLI JIT plugins

trivy: handle retry if failed to download Java DB is detected

tsqllint Re-enabled after .net 8 and security updates

Fixes

Add message in PR comment if FAIL_IF_UPDATED_SOURCES is triggered

Fix linting errors in GitHub Actions template

Reporters

UpdatedSourcesReporter will git commit & push fixed files to source branch if APPLY_FIXES is set

Fix AzureCommentReporter not adding comments to PR

Fix AzureCommentReporter fails when target repo contains spaces

Doc

Updated documentation with Azure central pipeline use case

Update DevSkim documentation to show a valid exclusion config file

Note about risky rules and how to fix rule violations with PHP-CS-Fixer

CI

Also prune volumes before pulling and pushing to docker hub

Externalize mirroring from ghcr.io to docker hub in another workflow to avoid memory issues

Squash docker images to have less layers and size

Comment jobs related to GitHub Worker images, as CodeTotal is not actively maintained

Make gitpod workflow not blocking until uv install is fixed

Update stale comment

Try several times to embed trivy db during Docker build, as a workaround to the random failures

Wait 10 secondes instead of 1 before retrying a failing test method, to avoid race conditions

Linter versions upgrades (104)

actionlint from 1.7.3 to 1.7.4

ansible-lint from 24.9.2 to 24.10.0

bicep_linter from 0.30.23 to 0.31.92

cfn-lint from 1.16.1 to 1.19.0

checkov from 3.2.257 to 3.2.298

checkstyle from 10.18.2 to 10.20.1

clippy from 0.1.81 to 0.1.82

clj-kondo from 2024.09.27 to 2024.11.14

cspell from 8.15.1 to 8.16.0

devskim from 1.0.33 to 1.0.44

djlint from 1.35.2 to 1.36.1

... (truncated)

Commits

d8c95fc Release MegaLinter v8.2.0
56f6332 [automation] Auto-update linters version, help and documentation (#4264)
298458e [automation] Auto-update linters version, help and documentation (#4256)
c67933e Bump @eslint/plugin-kit from 0.2.2 to 0.2.3 in /mega-linter-runner (#4258)
a681242 chore(deps): update trufflesecurity/trufflehog docker tag to v3.83.7 (#4259)
e98b755 chore(deps): update dependency mgechev/revive to v1.5.1 (#4260)
db53e77 chore(deps): update dependency lightning-flow-scanner to v2.36.0 (#4262)
4dd7814 chore(deps): update dependency @salesforce/cli to v2.66.7 (#4261)
339bca2 [automation] Auto-update linters version, help and documentation (#4252)
44a22a7 chore(deps): update dependency sfdx-hardis to v5.6.2 (#4253)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/nektos/act/pull/2531 **Author:** [@dependabot[bot]](https://github.com/apps/dependabot) **Created:** 11/18/2024 **Status:** ✅ Merged **Merged:** 11/18/2024 **Merged by:** [@mergify[bot]](https://github.com/apps/mergify) **Base:** `master` ← **Head:** `dependabot/github_actions/megalinter/megalinter-8.2.0` --- ### 📝 Commits (1) - [`ea4ce0f`](https://github.com/nektos/act/commit/ea4ce0f9224ebb0c06d4c082f5369675fa44fe29) build(deps): bump megalinter/megalinter from 8.1.0 to 8.2.0 ### 📊 Changes **1 file changed** (+1 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `.github/workflows/checks.yml` (+1 -1) </details> ### 📄 Description Bumps [megalinter/megalinter](https://github.com/megalinter/megalinter) from 8.1.0 to 8.2.0. <details> <summary>Release notes</summary> Sourced from <a href="https://github.com/megalinter/megalinter/releases">megalinter/megalinter's releases</a>. <blockquote> <h2>v8.2.0</h2> <h2>What's Changed</h2> <ul> <li> Media <ul> <li><a href="https://flexion.us/blog/megalinter-tips-and-tricks/">10 MegaLinter Tips and Tricks Unlock its Full Potential</a> by <a href="https://github.com/wesley-dean">Wes Dean</a></li> <li><a href="https://flexion.us/blog/megalinter-performance-tuning/">MegaLinter Performance Tuning for Maximum Efficiency</a> by <a href="https://github.com/wesley-dean">Wes Dean</a></li> </ul> </li> <li> Linters enhancements <ul> <li><a href="https://megalinter.io/latest/descriptors/kotlin_detekt/">detekt</a> Enable SARIF output + count errors</li> <li><a href="https://megalinter.io/latest/descriptors/r_lintr/">lintr</a>: Support files in subdirectories, fix unit tests</li> <li><a href="https://megalinter.io/latest/descriptors/php_php_cs_fixer/">phpcs-fixer</a>: Activate APPLY_FIXES</li> <li><a href="https://megalinter.io/latest/descriptors/salesforce/">Salesforce linters</a>: Add SF_CLI_DISABLE_AUTOUPDATE for SF CLI JIT plugins</li> <li><a href="https://megalinter.io/latest/descriptors/repository_trivy/">trivy</a>: handle retry if <code>failed to download Java DB</code> is detected</li> <li><a href="https://github.com/tsqllint/tsqllint">tsqllint</a> Re-enabled after .net 8 and security updates</li> </ul> </li> <li> Fixes <ul> <li>Add message in PR comment if FAIL_IF_UPDATED_SOURCES is triggered</li> <li>Fix linting errors in GitHub Actions template</li> </ul> </li> <li> Reporters <ul> <li><a href="https://megalinter.io/latest/reporters/UpdatedSourcesReporter/">UpdatedSourcesReporter</a> will git commit & push fixed files to source branch if APPLY_FIXES is set</li> <li>Fix AzureCommentReporter not adding comments to PR</li> <li>Fix AzureCommentReporter fails when target repo contains spaces</li> </ul> </li> <li> Doc <ul> <li>Updated documentation with Azure central pipeline use case</li> <li>Update DevSkim documentation to show a valid exclusion config file</li> <li>Note about <code>risky</code> rules and how to fix rule violations with PHP-CS-Fixer</li> </ul> </li> <li> CI <ul> <li>Also prune volumes before pulling and pushing to docker hub</li> <li>Externalize mirroring from ghcr.io to docker hub in another workflow to avoid memory issues</li> <li>Squash docker images to have less layers and size</li> <li>Comment jobs related to GitHub Worker images, as CodeTotal is not actively maintained</li> <li>Make gitpod workflow not blocking until uv install is fixed</li> <li>Update stale comment</li> <li>Try several times to embed trivy db during Docker build, as a workaround to the random failures</li> <li>Wait 10 secondes instead of 1 before retrying a failing test method, to avoid race conditions</li> </ul> </li> <li> Linter versions upgrades (104) <ul> <li><a href="https://rhysd.github.io/actionlint/">actionlint</a> from 1.7.3 to 1.7.4</li> <li><a href="https://ansible-lint.readthedocs.io/">ansible-lint</a> from 24.9.2 to 24.10.0</li> <li><a href="https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter">bicep_linter</a> from 0.30.23 to 0.31.92</li> <li><a href="https://github.com/aws-cloudformation/cfn-lint">cfn-lint</a> from 1.16.1 to 1.19.0</li> <li><a href="https://www.checkov.io/">checkov</a> from 3.2.257 to 3.2.298</li> <li><a href="https://checkstyle.org/">checkstyle</a> from 10.18.2 to 10.20.1</li> <li><a href="https://github.com/rust-lang/rust-clippy">clippy</a> from 0.1.81 to 0.1.82</li> <li><a href="https://github.com/borkdude/clj-kondo">clj-kondo</a> from 2024.09.27 to 2024.11.14</li> <li><a href="https://github.com/streetsidesoftware/cspell/tree/master/packages/cspell">cspell</a> from 8.15.1 to 8.16.0</li> <li><a href="https://github.com/microsoft/DevSkim">devskim</a> from 1.0.33 to 1.0.44</li> </ul> </li> </ul>  </blockquote> ... (truncated) </details> <details> <summary>Changelog</summary> Sourced from <a href="https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md">megalinter/megalinter's changelog</a>. <blockquote> <h2>[v8.2.0] - 2024-11-17</h2> <ul> <li> Media <ul> <li><a href="https://flexion.us/blog/megalinter-tips-and-tricks/">10 MegaLinter Tips and Tricks Unlock its Full Potential</a> by <a href="https://github.com/wesley-dean">Wes Dean</a></li> <li><a href="https://flexion.us/blog/megalinter-performance-tuning/">MegaLinter Performance Tuning for Maximum Efficiency</a> by <a href="https://github.com/wesley-dean">Wes Dean</a></li> </ul> </li> <li> Linters enhancements <ul> <li><a href="https://megalinter.io/latest/descriptors/kotlin_detekt/">detekt</a> Enable SARIF output + count errors</li> <li><a href="https://megalinter.io/latest/descriptors/r_lintr/">lintr</a>: Support files in subdirectories, fix unit tests</li> <li><a href="https://megalinter.io/latest/descriptors/php_phpcs/">phpcs</a>: Activate APPLY_FIXES</li> <li><a href="https://megalinter.io/latest/descriptors/salesforce/">Salesforce linters</a>: Add SF_CLI_DISABLE_AUTOUPDATE for SF CLI JIT plugins</li> <li><a href="https://megalinter.io/latest/descriptors/repository_trivy/">trivy</a>: handle retry if <code>failed to download Java DB</code> is detected</li> <li><a href="https://github.com/tsqllint/tsqllint">tsqllint</a> Re-enabled after .net 8 and security updates</li> </ul> </li> <li> Fixes <ul> <li>Add message in PR comment if FAIL_IF_UPDATED_SOURCES is triggered</li> <li>Fix linting errors in GitHub Actions template</li> </ul> </li> <li> Reporters <ul> <li><a href="https://megalinter.io/latest/reporters/UpdatedSourcesReporter/">UpdatedSourcesReporter</a> will git commit & push fixed files to source branch if APPLY_FIXES is set</li> <li>Fix AzureCommentReporter not adding comments to PR</li> <li>Fix AzureCommentReporter fails when target repo contains spaces</li> </ul> </li> <li> Doc <ul> <li>Updated documentation with Azure central pipeline use case</li> <li>Update DevSkim documentation to show a valid exclusion config file</li> <li>Note about <code>risky</code> rules and how to fix rule violations with PHP-CS-Fixer</li> </ul> </li> <li> CI <ul> <li>Also prune volumes before pulling and pushing to docker hub</li> <li>Externalize mirroring from ghcr.io to docker hub in another workflow to avoid memory issues</li> <li>Squash docker images to have less layers and size</li> <li>Comment jobs related to GitHub Worker images, as CodeTotal is not actively maintained</li> <li>Make gitpod workflow not blocking until uv install is fixed</li> <li>Update stale comment</li> <li>Try several times to embed trivy db during Docker build, as a workaround to the random failures</li> <li>Wait 10 secondes instead of 1 before retrying a failing test method, to avoid race conditions</li> </ul> </li> <li> Linter versions upgrades (104) <ul> <li><a href="https://rhysd.github.io/actionlint/">actionlint</a> from 1.7.3 to 1.7.4</li> <li><a href="https://ansible-lint.readthedocs.io/">ansible-lint</a> from 24.9.2 to 24.10.0</li> <li><a href="https://learn.microsoft.com/en-us/azure/azure-resource-manager/bicep/linter">bicep_linter</a> from 0.30.23 to 0.31.92</li> <li><a href="https://github.com/aws-cloudformation/cfn-lint">cfn-lint</a> from 1.16.1 to 1.19.0</li> <li><a href="https://www.checkov.io/">checkov</a> from 3.2.257 to 3.2.298</li> <li><a href="https://checkstyle.org/">checkstyle</a> from 10.18.2 to 10.20.1</li> <li><a href="https://github.com/rust-lang/rust-clippy">clippy</a> from 0.1.81 to 0.1.82</li> <li><a href="https://github.com/borkdude/clj-kondo">clj-kondo</a> from 2024.09.27 to 2024.11.14</li> <li><a href="https://github.com/streetsidesoftware/cspell/tree/master/packages/cspell">cspell</a> from 8.15.1 to 8.16.0</li> <li><a href="https://github.com/microsoft/DevSkim">devskim</a> from 1.0.33 to 1.0.44</li> <li><a href="https://djlint.com/">djlint</a> from 1.35.2 to 1.36.1</li> </ul> </li> </ul>  </blockquote> ... (truncated) </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/oxsecurity/megalinter/commit/d8c95fc6f2237031fb9e9322b0f97100168afa6e"><code>d8c95fc</code></a> Release MegaLinter v8.2.0</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/56f633218506714a667a6f9babcb5f503a718313"><code>56f6332</code></a> [automation] Auto-update linters version, help and documentation (<a href="https://redirect.github.com/megalinter/megalinter/issues/4264">#4264</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/298458ee9316ef6b64b268f67aeb8b2d8f169b0e"><code>298458e</code></a> [automation] Auto-update linters version, help and documentation (<a href="https://redirect.github.com/megalinter/megalinter/issues/4256">#4256</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/c67933e137c0e3e324a6d0d96c06bc8682b16221"><code>c67933e</code></a> Bump <code>@eslint/plugin-kit</code> from 0.2.2 to 0.2.3 in /mega-linter-runner (<a href="https://redirect.github.com/megalinter/megalinter/issues/4258">#4258</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/a68124263f9034c3c7ffc01eeb578e619d810395"><code>a681242</code></a> chore(deps): update trufflesecurity/trufflehog docker tag to v3.83.7 (<a href="https://redirect.github.com/megalinter/megalinter/issues/4259">#4259</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/e98b7555875eb2d5b71cac8677d555b7cf66be02"><code>e98b755</code></a> chore(deps): update dependency mgechev/revive to v1.5.1 (<a href="https://redirect.github.com/megalinter/megalinter/issues/4260">#4260</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/db53e77fd4f559c0671e5c80e24ff32fcc32e8a1"><code>db53e77</code></a> chore(deps): update dependency lightning-flow-scanner to v2.36.0 (<a href="https://redirect.github.com/megalinter/megalinter/issues/4262">#4262</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/4dd78142ab958260cf94ca09e9b215c6cdb93d32"><code>4dd7814</code></a> chore(deps): update dependency <code>@salesforce/cli</code> to v2.66.7 (<a href="https://redirect.github.com/megalinter/megalinter/issues/4261">#4261</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/339bca277878bc50e9c43c612e78e6ec65a143db"><code>339bca2</code></a> [automation] Auto-update linters version, help and documentation (<a href="https://redirect.github.com/megalinter/megalinter/issues/4252">#4252</a>)</li> <li><a href="https://github.com/oxsecurity/megalinter/commit/44a22a788186f51d2c0b40ed0f4793cf0b7ffd75"><code>44a22a7</code></a> chore(deps): update dependency sfdx-hardis to v5.6.2 (<a href="https://redirect.github.com/megalinter/megalinter/issues/4253">#4253</a>)</li> <li>Additional commits viewable in <a href="https://github.com/megalinter/megalinter/compare/v8.1.0...v8.2.0">compare view</a></li> </ul> </details> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=megalinter/megalinter&package-manager=github_actions&previous-version=8.1.0&new-version=8.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --- 🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

kerem

2026-03-01 21:55:38 +03:00

closed this issue
added the
pull-request
label

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/act#2482

No description provided.

Rows
Columns