Releases: oxsecurity/megalinter
MegaLinter v6.6.0
-
Fix flavors suggestions to ignore linters not relevant for such flavor (#1746)
-
Update pre-commit hooks from v5 to v6 (#1755).
-
Fix version in URL in logs produced by reporters
-
Add Makefile linter within python flavor (#1760)
-
Set DEFAULT_WORKSPACE as git safe directory per default #1766
-
Improve documentation for TAP_REPORTER
-
Linter versions upgrades
- actionlint from 1.6.15 to 1.6.16
- cfn-lint from 0.61.5 to 0.62.0
- checkov from 2.1.127 to 2.1.139
- cpplint from 1.6.0 to 1.6.1
- cspell from 6.6.1 to 6.8.0
- djlint from 1.9.5 to 1.11.0
- eslint-plugin-jsonc from 2.3.1 to 2.4.0
- gitleaks from 8.10.3 to 8.11.0
- kics from 1.5.13 to 1.5.14
- ktlint from 0.46.1 to 0.47.0
- markdownlint from 0.32.1 to 0.32.2
- sfdx-scanner-apex from 2.13.7 to 2.13.8
- sfdx-scanner-aura from 2.13.7 to 2.13.8
- sfdx-scanner-lwc from 2.13.7 to 2.13.8
- sqlfluff from 1.2.1 to 1.3.0
- stylelint from 14.10.0 to 14.11.0
- syft from 0.53.4 to 0.54.0
MegaLinter v6.5.0
-
npm-groovy-lint: Use Cli lint mode
list_of_files
for much better performances -
Disable proselint by default if .proselintrc file is not found
-
Linter versions upgrades
- checkov from 2.1.121 to 2.1.127
- eslint from 8.21.0 to 8.22.0
- gitleaks from 8.10.2 to 8.10.3
- npm-groovy-lint from 9.5.0 to 10.1.0
- rstcheck from 6.0.0 to 6.1.0
MegaLinter v6.4.0
-
Add REPOSITORY_CHECKOV in all flavors
-
New config variables
- MEGALINTER_FILES_TO_LINT: Comma-separated list of files to analyze. Using this variable will bypass other file listing methods (#808)
- SKIP_CLI_LINT_MODES: Comma-separated list of cli_lint_modes. To use if you want to skip linters with some CLI lint modes (ex:
file,project
). Available values:file
,cli_lint_mode
,project
.
-
mega-linter-runner:
- Allow
MEGALINTER_FILES_TO_LINT
to be sent as positional arguments - New argument
--filesonly
that sendsSKIP_CLI_LINT_MODES=project
- Example:
mega-linter-runner --flavor python --release beta --filesonly megalinter/config.py megalinter/flavor_factory.py megalinter/MegaLinter.py
- Allow
-
Fixes
-
Linter versions upgrades
- cfn-lint from 0.61.4 to 0.61.5
- checkov from 2.1.100 to 2.1.121
- clippy from 0.1.62 to 0.1.63
- cspell from 6.5.0 to 6.6.1
- gitleaks from 8.9.0 to 8.10.2
- powershell from 7.2.5 to 7.2.6
- protolint from 0.38.3 to 0.39.0
- rubocop from 1.33.0 to 1.35.0
- snakemake from 7.12.0 to 7.12.1
- stylelint from 14.9.1 to 14.10.0
- terraform-fmt from 1.2.6 to 1.2.7
- terragrunt from 0.38.6 to 0.38.7
MegaLinter v6.3.0
-
Linters
- Add REPOSITORY_CHECKOV to benefit from all checks and not only terraform ones. TERRAFORM_CHECKOV will be deprecated in a next major version
- Add djlint (HTML_DJLINT) to lint HTML files (html, django, jinja, nunjucks, handlebars, golang, angular)
- Upgrade jsonlint to use maintained package @prantlf/jsonlint]([https://www.npmjs.com/package/@prantlf/jsonlint) + use cli_lint_mode
list_of_files
to improve performances
-
Core
- Support for automatic removal of Docker container when linting is finished
- Fix SARIF when endColumn is 0 (#1702)
- Use dynamic REPORT_FOLDER value for output files for SALESFORCE and COPYPASTE descriptors
- Fix collapsible sections in Gitlab console logs
- Manage ignore files (like
.secretlintignore
or.eslintignore
)- Define ignore argument for client in descriptors
- Define ignore file name in descriptors (overridable with _IGNORE_FILE_NAME at runtime)
- Update documentation generation to take in account this new configuration
-
Linter versions upgrades
MegaLinter v6.2.1
-
Fix blocking bug in MegaLinter v6.2.0 core (#1684 and #1685)
-
Linter versions upgrades
- checkstyle from 10.3.1 to 10.3.2 on 2022-08-01
- flake8 from 5.0.0 to 5.0.1 on 2022-08-01
- checkov from 2.1.82 to 2.1.83 on 2022-08-01
MegaLinter v6.2.0
WARNING: Contains a bug in core MegaLinter if you use REPOSITORY_SEMGREP. Please directly upgrade to v6.2.1
-
Core
- Fix mega-linter-runner --install template (#1662)
- Use
REPORT_OUTPUT_FOLDER: none
to not generate report files - Add info in doc about CLI_LINT_MODE and about how to ignore files when cli_lint_mode is
project
- Fix bug that disables generation of
megalinter.log
file in most cases - Fixes about JSON Schema (#1621)
- Remove redundant line separator after generated table (#1650)
- Avoid flavor suggestion message when only REPOSITORY linters are not found
-
Linters
-
Linter versions upgrades
- cfn-lint from 0.61.3 to 0.61.4 on 2022-07-30
- checkov from 2.1.60 to 2.1.61 on 2022-07-19
- checkov from 2.1.61 to 2.1.63 on 2022-07-20
- checkov from 2.1.63 to 2.1.65 on 2022-07-21
- checkov from 2.1.65 to 2.1.67 on 2022-07-21
- checkov from 2.1.67 to 2.1.68 on 2022-07-23
- checkov from 2.1.68 to 2.1.69 on 2022-07-24
- checkov from 2.1.69 to 2.1.70 on 2022-07-24
- checkov from 2.1.70 to 2.1.74 on 2022-07-25
- checkov from 2.1.74 to 2.1.82 on 2022-07-30
- cspell from 6.3.0 to 6.4.0 on 2022-07-19
- cspell from 6.4.0 to 6.4.1 on 2022-07-24
- cspell from 6.4.1 to 6.5.0 on 2022-07-30
- flake8 from 4.0.1 to 5.0.0 on 2022-07-31
- gitleaks from 8.8.12 to 8.9.0 on 2022-07-30
- golangci-lint from 1.47.0 to 1.47.1 on 2022-07-19
- golangci-lint from 1.47.1 to 1.47.2 on 2022-07-21
- jscpd from 3.4.5 to 3.3.26 on 2022-07-19
- markdown-table-formatter from 1.3.0 to 1.4.0 on 2022-07-25
- markdownlint from 0.32.0 to 0.32.1 on 2022-07-25
- mypy from 0.961 to 0.971 on 2022-07-19
- phpstan from 1.8.1 to 1.8.2 on 2022-07-20
- rubocop from 1.31.2 to 1.32.0 on 2022-07-21
- sfdx-scanner-apex from 2.13.5 to 2.13.6 on 2022-07-21
- sfdx-scanner-apex from 2.13.6 to 2.13.7 on 2022-07-30
- sfdx-scanner-aura from 2.13.5 to 2.13.6 on 2022-07-21
- sfdx-scanner-aura from 2.13.6 to 2.13.7 on 2022-07-30
- sfdx-scanner-lwc from 2.13.5 to 2.13.6 on 2022-07-21
- sfdx-scanner-lwc from 2.13.6 to 2.13.7 on 2022-07-30
- snakemake from 7.8.5 to 7.9.0 on 2022-07-19
- snakemake from 7.9.0 to 7.12.0 on 2022-07-30
- syft from 0.51.0 to 0.52.0 on 2022-07-22
- terraform-fmt from 1.2.5 to 1.2.6 on 2022-07-30
- terragrunt from 0.38.5 to 0.38.6 on 2022-07-24
Note: if you are still using MegaLinter v5, run npx mega-linter-runner@latest --upgrade
to upgrade to MegaLinter v6
MegaLinter v6.1.0
Run npx mega-linter-runner@latest --upgrade
to upgrade to MegaLinter v6
-
Improve console logs by using collapsible sections in GitHub Actions and Gitlab CI (disable by defining
CONSOLE_REPORTER_SECTIONS: false
) -
Define
CLEAR_REPORT_FOLDER=true
to empty report folder at the beginning of each run (#1502) -
Improve SARIF output
- Replace CI paths in logs
- Add missing required properties so SARIF is valid
- Add MegaLinter information in SARIF linter runs
- Allow to select linters to activate SARIF for, using SARIF_REPORTER_LINTERS
- Fix issue when a linter is used in multiple SARIF lint results
-
Linter versions upgrades
- cfn-lint from 0.61.2 to 0.61.3 on 2022-07-19
- checkov from 2.1.57 to 2.1.59 on 2022-07-18
- checkov from 2.1.59 to 2.1.60 on 2022-07-19
- cspell from 6.2.3 to 6.3.0 on 2022-07-18
- eslint from 8.19.0 to 8.20.0 on 2022-07-17
- golangci-lint from 1.46.2 to 1.47.0 on 2022-07-19
- jscpd from 3.3.26 to 3.4.5 on 2022-07-19
- markdownlint from 0.31.1 to 0.32.0 on 2022-07-17
- pylint from 2.14.4 to 2.14.5 on 2022-07-18
MegaLinter v6.0.5
-
Fix mega-linter-runner --upgrade so it also updates report folder to megalinter-reports in GitHub Actions Workflows #1609
-
Fix documentation and templates to use
megalinter-reports
folder everywhere -
Workaround for python-markdown issue radude/mdx_truly_sane_lists#9
-
Linter versions upgrades
- checkov from 2.1.54 to 2.1.56 on 2022-07-15
- checkov from 2.1.56 to 2.1.57 on 2022-07-16
- gitleaks from 8.8.7 to 8.8.12 on 2022-07-16
- kics from 1.5.11 to 1.5.12 on 2022-07-16
- protolint from 0.38.2 to 0.38.3 on 2022-07-15
- sqlfluff from 1.2.0 to 1.2.1 on 2022-07-16
- terraform-fmt from 1.2.4 to 1.2.5 on 2022-07-15
- terragrunt from 0.38.4 to 0.38.5 on 2022-07-15
MegaLinter v6.0.4
MegaLinter v6.0.3
- mega-linter-runner: Update query args when opening OX Security
- Fix mega-linter-runner doesn't default to v6 for flavors (1596)