MegaLinter v6.6.0

• Fix flavors suggestions to ignore linters not relevant for such flavor (#1746)

• Update pre-commit hooks from v5 to v6 (#1755).

• Fix version in URL in logs produced by reporters

• Add Makefile linter within python flavor (#1760)

• Set DEFAULT_WORKSPACE as git safe directory per default #1766

• Improve documentation for TAP_REPORTER

• Linter versions upgrades

  • actionlint from 1.6.15 to 1.6.16
  • cfn-lint from 0.61.5 to 0.62.0
  • checkov from 2.1.127 to 2.1.139
  • cpplint from 1.6.0 to 1.6.1
  • cspell from 6.6.1 to 6.8.0
  • djlint from 1.9.5 to 1.11.0
  • eslint-plugin-jsonc from 2.3.1 to 2.4.0
  • gitleaks from 8.10.3 to 8.11.0
  • kics from 1.5.13 to 1.5.14
  • ktlint from 0.46.1 to 0.47.0
  • markdownlint from 0.32.1 to 0.32.2
  • sfdx-scanner-apex from 2.13.7 to 2.13.8
  • sfdx-scanner-aura from 2.13.7 to 2.13.8
  • sfdx-scanner-lwc from 2.13.7 to 2.13.8
  • sqlfluff from 1.2.1 to 1.3.0
  • stylelint from 14.10.0 to 14.11.0
  • syft from 0.53.4 to 0.54.0

MegaLinter v6.5.0

• npm-groovy-lint: Use Cli lint mode list_of_files for much better performances

• Disable proselint by default if .proselintrc file is not found

• Linter versions upgrades

  • checkov from 2.1.121 to 2.1.127
  • eslint from 8.21.0 to 8.22.0
  • gitleaks from 8.10.2 to 8.10.3
  • npm-groovy-lint from 9.5.0 to 10.1.0
  • rstcheck from 6.0.0 to 6.1.0

MegaLinter v6.4.0

• Add REPOSITORY_CHECKOV in all flavors

• New config variables

  • MEGALINTER_FILES_TO_LINT: Comma-separated list of files to analyze. Using this variable will bypass other file listing methods (#808)
  • SKIP_CLI_LINT_MODES: Comma-separated list of cli_lint_modes. To use if you want to skip linters with some CLI lint modes (ex: file,project). Available values: file,cli_lint_mode,project.

• mega-linter-runner:

  • Allow MEGALINTER_FILES_TO_LINT to be sent as positional arguments
  • New argument --filesonly that sends SKIP_CLI_LINT_MODES=project
  • Example: mega-linter-runner --flavor python --release beta --filesonly megalinter/config.py megalinter/flavor_factory.py megalinter/MegaLinter.py

• Fixes

  • Fix SARIF when a run is missing a results list (#1725)
  • Fix missing quotes for Powershell script analyzer (#1728)

• Linter versions upgrades

  • cfn-lint from 0.61.4 to 0.61.5
  • checkov from 2.1.100 to 2.1.121
  • clippy from 0.1.62 to 0.1.63
  • cspell from 6.5.0 to 6.6.1
  • gitleaks from 8.9.0 to 8.10.2
  • powershell from 7.2.5 to 7.2.6
  • protolint from 0.38.3 to 0.39.0
  • rubocop from 1.33.0 to 1.35.0
  • snakemake from 7.12.0 to 7.12.1
  • stylelint from 14.9.1 to 14.10.0
  • terraform-fmt from 1.2.6 to 1.2.7
  • terragrunt from 0.38.6 to 0.38.7

MegaLinter v6.3.0

• Linters

  • Add REPOSITORY_CHECKOV to benefit from all checks and not only terraform ones. TERRAFORM_CHECKOV will be deprecated in a next major version
  • Add djlint (HTML_DJLINT) to lint HTML files (html, django, jinja, nunjucks, handlebars, golang, angular)
  • Upgrade jsonlint to use maintained package @prantlf/jsonlint]([https://www.npmjs.com/package/@prantlf/jsonlint) + use cli_lint_mode list_of_files to improve performances

• Core

  • Support for automatic removal of Docker container when linting is finished
  • Fix SARIF when endColumn is 0 (#1702)
  • Use dynamic REPORT_FOLDER value for output files for SALESFORCE and COPYPASTE descriptors
  • Fix collapsible sections in Gitlab console logs
  • Manage ignore files (like .secretlintignore or .eslintignore)
    • Define ignore argument for client in descriptors
    • Define ignore file name in descriptors (overridable with _IGNORE_FILE_NAME at runtime)
    • Update documentation generation to take in account this new configuration

• Linter versions upgrades

  • checkov from 2.1.83 to 2.1.98
  • clj-kondo from 2022.04.25 to 2022.08.03
  • eslint from 8.20.0 to 8.21.0
  • flake8 from 5.0.1 to 5.0.2
  • golangci-lint from 1.47.2 to 1.48.0
  • jsonlint from 1.6.3 to 11.6.0
  • kics from 1.5.12 to 1.5.13
  • rubocop from 1.32.0 to 1.33.0
  • syft from 0.52.0 to 0.53.4

MegaLinter v6.2.1

• Fix blocking bug in MegaLinter v6.2.0 core (#1684 and #1685)

• Linter versions upgrades

  • checkstyle from 10.3.1 to 10.3.2 on 2022-08-01
  • flake8 from 5.0.0 to 5.0.1 on 2022-08-01
  • checkov from 2.1.82 to 2.1.83 on 2022-08-01

MegaLinter v6.2.0

WARNING: Contains a bug in core MegaLinter if you use REPOSITORY_SEMGREP. Please directly upgrade to v6.2.1

• Core

  • Fix mega-linter-runner --install template (#1662)
  • Use REPORT_OUTPUT_FOLDER: none to not generate report files
  • Add info in doc about CLI_LINT_MODE and about how to ignore files when cli_lint_mode is project
  • Fix bug that disables generation of megalinter.log file in most cases
  • Fixes about JSON Schema (#1621)
  • Remove redundant line separator after generated table (#1650)
  • Avoid flavor suggestion message when only REPOSITORY linters are not found

• Linters

  • Add checkmake to lint Makefile
  • Disable SemGrep by default if REPOSITORY_SEMGREP_RULESETS is not defined.
  • Avoid cspell to lint all files. Lint only other linter files (#1648)
  • Fix revive installation command
  • New default config for gitleaks with useDefault=true

• Linter versions upgrades

  • cfn-lint from 0.61.3 to 0.61.4 on 2022-07-30
  • checkov from 2.1.60 to 2.1.61 on 2022-07-19
  • checkov from 2.1.61 to 2.1.63 on 2022-07-20
  • checkov from 2.1.63 to 2.1.65 on 2022-07-21
  • checkov from 2.1.65 to 2.1.67 on 2022-07-21
  • checkov from 2.1.67 to 2.1.68 on 2022-07-23
  • checkov from 2.1.68 to 2.1.69 on 2022-07-24
  • checkov from 2.1.69 to 2.1.70 on 2022-07-24
  • checkov from 2.1.70 to 2.1.74 on 2022-07-25
  • checkov from 2.1.74 to 2.1.82 on 2022-07-30
  • cspell from 6.3.0 to 6.4.0 on 2022-07-19
  • cspell from 6.4.0 to 6.4.1 on 2022-07-24
  • cspell from 6.4.1 to 6.5.0 on 2022-07-30
  • flake8 from 4.0.1 to 5.0.0 on 2022-07-31
  • gitleaks from 8.8.12 to 8.9.0 on 2022-07-30
  • golangci-lint from 1.47.0 to 1.47.1 on 2022-07-19
  • golangci-lint from 1.47.1 to 1.47.2 on 2022-07-21
  • jscpd from 3.4.5 to 3.3.26 on 2022-07-19
  • markdown-table-formatter from 1.3.0 to 1.4.0 on 2022-07-25
  • markdownlint from 0.32.0 to 0.32.1 on 2022-07-25
  • mypy from 0.961 to 0.971 on 2022-07-19
  • phpstan from 1.8.1 to 1.8.2 on 2022-07-20
  • rubocop from 1.31.2 to 1.32.0 on 2022-07-21
  • sfdx-scanner-apex from 2.13.5 to 2.13.6 on 2022-07-21
  • sfdx-scanner-apex from 2.13.6 to 2.13.7 on 2022-07-30
  • sfdx-scanner-aura from 2.13.5 to 2.13.6 on 2022-07-21
  • sfdx-scanner-aura from 2.13.6 to 2.13.7 on 2022-07-30
  • sfdx-scanner-lwc from 2.13.5 to 2.13.6 on 2022-07-21
  • sfdx-scanner-lwc from 2.13.6 to 2.13.7 on 2022-07-30
  • snakemake from 7.8.5 to 7.9.0 on 2022-07-19
  • snakemake from 7.9.0 to 7.12.0 on 2022-07-30
  • syft from 0.51.0 to 0.52.0 on 2022-07-22
  • terraform-fmt from 1.2.5 to 1.2.6 on 2022-07-30
  • terragrunt from 0.38.5 to 0.38.6 on 2022-07-24

Note: if you are still using MegaLinter v5, run npx mega-linter-runner@latest --upgrade to upgrade to MegaLinter v6

MegaLinter v6.1.0

Run npx mega-linter-runner@latest --upgrade to upgrade to MegaLinter v6

• Improve console logs by using collapsible sections in GitHub Actions and Gitlab CI (disable by defining CONSOLE_REPORTER_SECTIONS: false)

• Define CLEAR_REPORT_FOLDER=true to empty report folder at the beginning of each run (#1502)

• Improve SARIF output

  • Replace CI paths in logs
  • Add missing required properties so SARIF is valid
  • Add MegaLinter information in SARIF linter runs
  • Allow to select linters to activate SARIF for, using SARIF_REPORTER_LINTERS
  • Fix issue when a linter is used in multiple SARIF lint results

• Linter versions upgrades

  • cfn-lint from 0.61.2 to 0.61.3 on 2022-07-19
  • checkov from 2.1.57 to 2.1.59 on 2022-07-18
  • checkov from 2.1.59 to 2.1.60 on 2022-07-19
  • cspell from 6.2.3 to 6.3.0 on 2022-07-18
  • eslint from 8.19.0 to 8.20.0 on 2022-07-17
  • golangci-lint from 1.46.2 to 1.47.0 on 2022-07-19
  • jscpd from 3.3.26 to 3.4.5 on 2022-07-19
  • markdownlint from 0.31.1 to 0.32.0 on 2022-07-17
  • pylint from 2.14.4 to 2.14.5 on 2022-07-18

MegaLinter v6.0.5

• Fix mega-linter-runner --upgrade so it also updates report folder to megalinter-reports in GitHub Actions Workflows #1609

• Fix documentation and templates to use megalinter-reports folder everywhere

• Workaround for python-markdown issue radude/mdx_truly_sane_lists#9

• Linter versions upgrades

  • checkov from 2.1.54 to 2.1.56 on 2022-07-15
  • checkov from 2.1.56 to 2.1.57 on 2022-07-16
  • gitleaks from 8.8.7 to 8.8.12 on 2022-07-16
  • kics from 1.5.11 to 1.5.12 on 2022-07-16
  • protolint from 0.38.2 to 0.38.3 on 2022-07-15
  • sqlfluff from 1.2.0 to 1.2.1 on 2022-07-16
  • terraform-fmt from 1.2.4 to 1.2.5 on 2022-07-15
  • terragrunt from 0.38.4 to 0.38.5 on 2022-07-15

MegaLinter v6.0.4

• Fix count of errors when using SARIF reporter

• DevSkim: Ignore megalinter-reports by default (#1603)

• Load JSON when list of objects is defined in an ENV var (#1605)

• AutoFix pre_commands using npm install (1258)

• Linter versions upgrades

  • checkov from 2.1.43 to 2.1.54 on 2022-07-14
  • git_diff from 2.34.2 to 2.34.4 on 2022-07-14
  • phpstan from 1.8.0 to 1.8.1 on 2022-07-14
  • sqlfluff from 1.1.0 to 1.2.0 on 2022-07-14
  • syft from 0.50.0 to 0.51.0 on 2022-07-14

MegaLinter v6.0.3

• mega-linter-runner: Update query args when opening OX Security
• Fix mega-linter-runner doesn't default to v6 for flavors (1596)