Skip to content

chore(ci): full-scan MegaLinter on its own Renovate update PRs#81

Merged
ChipWolf merged 1 commit into
mainfrom
wolf/hungry-almeida-a22f10
May 19, 2026
Merged

chore(ci): full-scan MegaLinter on its own Renovate update PRs#81
ChipWolf merged 1 commit into
mainfrom
wolf/hungry-almeida-a22f10

Conversation

@ChipWolf
Copy link
Copy Markdown
Owner

@ChipWolf ChipWolf commented May 18, 2026

Summary

  • When Renovate opens a PR that bumps oxsecurity/megalinter, set VALIDATE_ALL_CODEBASE=true so the new MegaLinter version runs against every file, not just the workflow diff.
  • Detection uses github.event.pull_request.user.login == 'renovate[bot]' plus startsWith(github.head_ref, 'renovate/oxsecurity-megalinter-'), which matches Renovate's existing branch-name convention for this action (e.g. PR #70's renovate/oxsecurity-megalinter-9.x).
  • Push-to-main and all other PRs keep their existing scan scope: the expression evaluates to true on push (matching MegaLinter's default on the default branch) and false on every other PR (matching the changed-files-only default).

Why

A MegaLinter version bump can introduce new or stricter rules. Running it only over the workflow diff misses regressions hidden in unchanged files; a full repo scan on the upgrade PR surfaces them before merge so the auto-merge rule for minor/patch updates does not silently land a breaking version.

Test plan

  • Next Renovate oxsecurity/megalinter PR shows MegaLinter scanning the full repo (look for VALIDATE_ALL_CODEBASE: true in the action's startup log).
  • A non-Renovate PR run on this branch (this PR) shows the normal changed-files-only scope.
  • Push to main after merge runs a full scan as before.

🤖 Generated with Claude Code

@ChipWolf
chore(ci): full-scan MegaLinter on its own Renovate update PRs
abc1d92 
When Renovate bumps oxsecurity/megalinter, force VALIDATE_ALL_CODEBASE=true
so the new version is exercised against the entire codebase before the PR
merges. Other PRs and push-to-main keep their current default scan scope.
@ChipWolf ChipWolf force-pushed the wolf/hungry-almeida-a22f10 branch from d288048 to abc1d92 Compare May 19, 2026 10:31
@ChipWolf ChipWolf merged commit 795fea6 into main May 19, 2026
14 checks passed
@ChipWolf ChipWolf deleted the wolf/hungry-almeida-a22f10 branch May 19, 2026 10:46
@github-actions github-actions Bot mentioned this pull request May 19, 2026
Open
@ChipWolf ChipWolf mentioned this pull request May 19, 2026
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ChipWolf