Bump ruby/setup-ruby from 1.288.0 to 1.301.0 by dependabot[bot] · Pull Request #131 · HealthDataInsight/structured_store

dependabot · 2026-04-13T17:35:06Z

Bumps ruby/setup-ruby from 1.288.0 to 1.301.0.

Release notes

Sourced from ruby/setup-ruby's releases.

v1.301.0

What's Changed

Add truffleruby-34.0.0,truffleruby+graalvm-34.0.0 by @ruby-builder-bot in ruby/setup-ruby#901

Full Changelog: ruby/setup-ruby@v1.300.0...v1.301.0

v1.300.0

What's Changed

Refactor matrix script by @ntkme in ruby/setup-ruby#897

Add jruby-10.0.5.0 by @ruby-builder-bot in ruby/setup-ruby#900

Full Changelog: ruby/setup-ruby@v1.299.0...v1.300.0

v1.299.0

What's Changed

Update CRuby releases on Windows by @ruby-builder-bot in ruby/setup-ruby#896

Full Changelog: ruby/setup-ruby@v1.298.0...v1.299.0

v1.298.0

What's Changed

Add ruby-3.2.11 by @ruby-builder-bot in ruby/setup-ruby#895

Full Changelog: ruby/setup-ruby@v1.297.0...v1.298.0

v1.297.0

What's Changed

Update CRuby releases on Windows by @ruby-builder-bot in ruby/setup-ruby#894

Full Changelog: ruby/setup-ruby@v1.296.0...v1.297.0

v1.296.0

What's Changed

Add ruby-3.3.11 by @ruby-builder-bot in ruby/setup-ruby#893

Full Changelog: ruby/setup-ruby@v1.295.0...v1.296.0

v1.295.0

What's Changed

Update CRuby releases on Windows by @ruby-builder-bot in ruby/setup-ruby#890

Full Changelog: ruby/setup-ruby@v1.294.0...v1.295.0

... (truncated)

Commits

4c56a21 Darwin-x86_64 is no longer supported on TruffleRuby 34+
5d9c71d Add truffleruby-34.0.0,truffleruby+graalvm-34.0.0
e65c17d Add jruby-10.0.5.0
ba696ad Refactor matrix script
2327de0 TruffleRuby 34+ does not support macOS Intel
3ff19f5 Update CRuby releases on Windows
4dc28cf Add ruby-3.2.11
c515ec1 Update CRuby releases on Windows
eab2afb Add ruby-3.3.11
97b3338 Mention all maintainers in check-new-windows-versions for consistency
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.288.0 to 1.301.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](ruby/setup-ruby@v1.288.0...v1.301.0) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.301.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-04-13T17:38:55Z

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	3	0	0	0.11s
❌ COPYPASTE	jscpd	yes	3	no	2.08s
✅ CSS	stylelint	1	0	0	2.6s
✅ HTML	htmlhint	4	0	0	0.35s
✅ JAVASCRIPT	standard	1	0	0	1.56s
✅ JSON	jsonlint	1	0	0	0.18s
✅ JSON	v8r	1	0	0	2.41s
⚠️ MARKDOWN	markdownlint	18	11	0	0.98s
✅ MARKDOWN	markdown-table-formatter	18	0	0	0.37s
❌ REPOSITORY	checkov	yes	1	no	21.11s
❌ REPOSITORY	devskim	yes	1	no	2.1s
✅ REPOSITORY	dustilock	yes	no	no	0.02s
✅ REPOSITORY	gitleaks	yes	no	no	0.3s
✅ REPOSITORY	git_diff	yes	no	no	0.01s
❌ REPOSITORY	grype	yes	35	no	44.67s
❌ REPOSITORY	kics	yes	5	no	1.99s
❌ REPOSITORY	secretlint	yes	1	no	1.45s
✅ REPOSITORY	syft	yes	no	no	2.18s
❌ REPOSITORY	trivy	yes	1	no	11.59s
✅ REPOSITORY	trivy-sbom	yes	no	no	2.39s
✅ REPOSITORY	trufflehog	yes	no	no	4.32s
❌ SPELL	lychee	38	6	0	2.11s
✅ YAML	v8r	15	0	0	7.36s
❌ YAML	yamllint	15	2	0	0.64s

Detailed Issues

❌ REPOSITORY / checkov - 1 error

secrets scan results:

Passed checks: 0, Failed checks: 1, Skipped checks: 0

Check: CKV_SECRET_4: "Basic Auth Credentials"
	FAILED for resource: HIDDEN_BY_MEGALINTER	File: /test/dummy/config/database.yml:80-81
	Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/secrets-policies/secrets-policy-index/git-secrets-4

		80 | #   DATABASE_URL="postgres://myuser:m**********@localhost/somedatabase"

github_actions scan results:

Passed checks: 83, Failed checks: 0, Skipped checks: 0

❌ REPOSITORY / devskim - 1 error

{"$schema":"https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.6.json","version":"2.1.0","runs":[{"tool":{"driver":{"name":"devskim","fullName":"Microsoft DevSkim Command Line Interface","version":"1.0.67+1c44622c1f","informationUri":"https://github.com/microsoft/DevSkim/","rules":[{"id":"DS176209","name":"SuspiciousComment","fullDescription":{"text":"Suspicious comment: A \"TODO\" or similar was left in source code, possibly indicating incomplete functionality"},"help":{"text":"A \"TODO\" or similar was left in source code, possibly indicating incomplete functionality","markdown":"Visit [https://github.com/Microsoft/DevSkim/blob/main/guidance/DS176209.md](https://github.com/Microsoft/DevSkim/blob/main/guidance/DS176209.md) for additional guidance on this issue."},"shortDescription":{"text":"A \"TODO\" or similar was left in source code, possibly indicating incomplete functionality"},"defaultConfiguration":{"level":"note"},"helpUri":"https://github.com/Microsoft/DevSkim/blob/main/guidance/DS176209.md","properties":{"precision":"high","problem.severity":"recommendation","DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"id":"DS162092","name":"DoNotLeaveDebugCodeInProduction","fullDescription":{"text":"Do not leave debug code in production: Accessing localhost could indicate debug code, or could hinder scaling."},"help":{"text":"Accessing localhost could indicate debug code, or could hinder scaling.","markdown":"Visit [https://github.com/Microsoft/DevSkim/blob/main/guidance/DS162092.md](https://github.com/Microsoft/DevSkim/blob/main/guidance/DS162092.md) for additional guidance on this issue."},"shortDescription":{"text":"Accessing localhost could indicate debug code, or could hinder scaling."},"defaultConfiguration":{"level":"note"},"helpUri":"https://github.com/Microsoft/DevSkim/blob/main/guidance/DS162092.md","properties":{"precision":"high","problem.severity":"recommendation","DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}}]}},"versionControlProvenance":[{"repositoryUri":"https://github.com/HealthDataInsight/structured_store","revisionId":"HIDDEN_BY_MEGALINTER","branch":"(no branch)"}],"results":[{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/dummy/config/database.yml"},"region":{"startLine":69,"startColumn":8,"endLine":69,"endColumn":17,"charOffset":2208,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"yaml"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"test/dummy/config/database.yml"},"region":{"startLine":28,"startColumn":8,"endLine":28,"endColumn":17,"charOffset":798,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"yaml"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"lib/structured_store/schema_inspector.rb"},"region":{"startLine":49,"startColumn":12,"endLine":49,"endColumn":16,"charOffset":1346,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"ruby"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":".github/workflows/ci.yml"},"region":{"startLine":51,"startColumn":47,"endLine":51,"endColumn":56,"charOffset":1

(Truncated to 4000 characters out of 4290)

❌ REPOSITORY / grype - 35 errors

[0000]  WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) from=syft
NAME           INSTALLED                   FIXED IN  TYPE  VULNERABILITY        SEVERITY  EPSS           RISK   
rack           3.2.3                       3.2.5     gem   GHSA-mxw3-3hh2-x2mh  High      0.1% (27th)    < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-g2pf-xv49-m2h5  Medium    0.1% (28th)    < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-8vqr-qjwx-82mw  High      < 0.1% (17th)  < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-v6x5-cg8r-vv6x  High      < 0.1% (17th)  < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-h2jq-g4cq-5ppq  High      < 0.1% (12th)  < 0.1  
addressable    2.8.7                       2.9.0     gem   GHSA-h27x-rffw-24p4  High      < 0.1% (12th)  < 0.1  
rack-session   2.1.1                       2.1.2     gem   GHSA-33qg-7wpp-89cq  Critical  < 0.1% (8th)   < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-v569-hp3g-36wr  Medium    < 0.1% (15th)  < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-x8cg-fq8g-mxfx  Medium    < 0.1% (15th)  < 0.1  
activestorage  7.2.3                       7.2.3.1   gem   GHSA-9xrj-h377-fr87  High      < 0.1% (9th)   < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-rx22-g9mx-qrhv  Medium    < 0.1% (15th)  < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-qv7j-4883-hwh7  Medium    < 0.1% (12th)  < 0.1  
json           2.18.0                      2.19.2    gem   GHSA-3m6g-2423-7cp3  High      < 0.1% (7th)   < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-q4qf-9j86-f5mh  Medium    < 0.1% (11th)  < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-7mqq-6cf9-v2qp  Medium    < 0.1% (10th)  < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-q2ww-5357-x388  Medium    < 0.1% (10th)  < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-qfgr-crr9-7r49  Medium    < 0.1% (10th)  < 0.1  
activestorage  7.2.3                       7.2.3.1   gem   GHSA-73f9-jhhh-hr5m  Medium    < 0.1% (7th)   < 0.1  
activestorage  7.2.3                       7.2.3.1   gem   GHSA-p9fm-f462-ggrg  Low       < 0.1% (15th)  < 0.1  
rack           3.2.3                       3.2.6     gem   GHSA-vgpv-f759-9wx3  Low       < 0.1% (11th)  < 0.1  
activestorage  7.2.3                       7.2.3.1   gem   GHSA-r46p-8f7g-vvvg  Medium    < 0.1% (5th)   < 0.1  
activesupport  7.2.3                       7.2.3.1   gem   GHSA-2j26-frm8-cmj9  Medium    < 0.1% (5th)   < 0.1  
activesupport  7.2.3                       7.2.3.1   gem   GHSA-cg4j-q9v8-6v38  Medium    < 0.1% (4th)   < 0.1  
rack           3.2.3                       3.2.5     gem   GHSA-whrj-4476-wvmp  Medium    < 0.1% (5th)   < 0.1  
activestorage  7.2.3                       7.2.3.1   gem   GHSA-qcfx-2mfw-w4cg  Medium    < 0.1% (2nd)   < 0.1  
activesupport  7.2.3                       7.2.3.1   gem   GHSA-89vf-4333-qx8v  Medium    < 0.1% (2nd)   < 0.1  
actionview     7.2.3                       7.2.3.1   gem   GHSA-v55j-83pf-r9cq  Low       < 0.1% (6th)   < 0.1  
nokogiri       1.18.10-aarch64-linux-gnu   1.19.1    gem   GHSA-wx95-c6cv-8532  Medium    N/A            N/A    
nokogiri       1.18.10-aarch64-linux-musl  1.19.1    gem   GHSA-wx95-c6cv-8532  Medium    N/A            N/A    
nokogiri       1.18.10-arm-linux-gnu       1.19.1    gem   GHSA-wx95-c6cv-8532  Medium    N/A            N/A    
nokogiri       1.18.10-arm-linux-musl      1.19.1    gem   GHSA-wx95-c6cv-8532  Medium    N/A            N/A    
nokogiri       1.18.10-arm64-darwin        1.19.1    gem   GHSA-wx95-c6cv-8532  Medium    N/A            N/A    
nokogiri       1.18.10-x86_64-darwin       1.19.1    gem   GHSA-wx95-c6cv-8532  Medium    N/A            N/A    
nokogiri     

(Truncated to 4000 characters out of 4283)

❌ COPYPASTE / jscpd - 3 errors

Clone found (ruby):
 - test/dummy/test/ref_resolvers/blank_ref_resolver_test.rb [32:13 - 48:13] (16 lines, 99 tokens)
   test/dummy/test/ref_resolvers/definitions_resolver_test.rb [23:13 - 39:14]

Clone found (ruby):
 - test/dummy/test/models/example_record_test.rb [115:2 - 136:35] (21 lines, 178 tokens)
   test/dummy/test/models/example_record_test.rb [72:2 - 93:52]

Clone found (ruby):
 - test/dummy/test/models/example_record_test.rb [139:5 - 155:4] (16 lines, 133 tokens)
   test/dummy/test/models/example_record_test.rb [98:5 - 115:5]

┌────────────┬────────────────┬─────────────┬──────────────┬──────────────┬──────────────────┬───────────────────┐
│ Format     │ Files analyzed │ Total lines │ Total tokens │ Clones found │ Duplicated lines │ Duplicated tokens │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ javascript │ 1              │ 25          │ 50           │ 0            │ 0 (0%)           │ 0 (0%)            │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ ruby       │ 72             │ 3846        │ 23689        │ 3            │ 53 (1.38%)       │ 410 (1.73%)       │
├────────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ Total:     │ 73             │ 3871        │ 23739        │ 3            │ 53 (1.37%)       │ 410 (1.73%)       │
└────────────┴────────────────┴─────────────┴──────────────┴──────────────┴──────────────────┴───────────────────┘
Found 3 clones.
HTML report saved to megalinter-reports/copy-paste/html/
ERROR: jscpd found too many duplicates (1.37%) over threshold (0%)
Error: ERROR: jscpd found too many duplicates (1.37%) over threshold (0%)
    at ThresholdReporter.report (/node-deps/node_modules/@jscpd/finder/dist/index.js:612:13)
    at /node-deps/node_modules/@jscpd/finder/dist/index.js:110:18
    at Array.forEach (<anonymous>)
    at /node-deps/node_modules/@jscpd/finder/dist/index.js:109:22
    at async /node-deps/node_modules/jscpd/dist/jscpd.js:351:5

❌ REPOSITORY / kics - 5 errors

MLLLLLM             MLLLLLLLLL   LLLLLLL             KLLLLLLLLLLLLLLLL       LLLLLLLLLLLLLLLLLLLLLLL 
   MMMMMMM           MMMMMMMMMML    MMMMMMMK       LMMMMMMMMMMMMMMMMMMMML   KLMMMMMMMMMMMMMMMMMMMMMMMMM 
   MMMMMMM         MMMMMMMMML       MMMMMMMK     LMMMMMMMMMMMMMMMMMMMMMML  LMMMMMMMMMMMMMMMMMMMMMMMMMMM 
   MMMMMMM      MMMMMMMMMML         MMMMMMMK   LMMMMMMMMMMMMMMMMMMMMMMMML LMMMMMMMMMMMMMMMMMMMMMMMMMMMM 
   MMMMMMM    LMMMMMMMMML           MMMMMMMK  LMMMMMMMMMLLMLLLLLLLLLLLLLL LMMMMMMMLLLLLLLLLLLLLLLLLLLLM 
   MMMMMMM  MMMMMMMMMLM             MMMMMMMK LMMMMMMMM                    LMMMMMML                      
   MMMMMMMLMMMMMMMML                MMMMMMMK MMMMMMML                     LMMMMMMMMLLLLLLLLLLLLLMLL     
   MMMMMMMMMMMMMMMM                 MMMMMMMK MMMMMML                       LMMMMMMMMMMMMMMMMMMMMMMMMML  
   MMMMMMMMMMMMMMMMMM               MMMMMMMK MMMMMMM                         LMMMMMMMMMMMMMMMMMMMMMMMML 
   MMMMMMM KLMMMMMMMMML             MMMMMMMK LMMMMMMM                                          MMMMMMMML
   MMMMMMM    LMMMMMMMMMM           MMMMMMMK LMMMMMMMMLL                                        MMMMMMML
   MMMMMMM      LMMMMMMMMMLL        MMMMMMMK  LMMMMMMMMMMMMMMMMMMMMMMMMML LLLLLLLLLLLLLLLLLLLLMMMMMMMMMM
   MMMMMMM        MMMMMMMMMMML      MMMMMMMK   MMMMMMMMMMMMMMMMMMMMMMMMML LMMMMMMMMMMMMMMMMMMMMMMMMMMMM 
   MMMMMMM          LLMMMMMMMMML    MMMMMMMK     LLMMMMMMMMMMMMMMMMMMMMML LMMMMMMMMMMMMMMMMMMMMMMMMMML  
   MMMMMMM             MMMMMMMMMML  MMMMMMMK         KLMMMMMMMMMMMMMMMMML LMMMMMMMMMMMMMMMMMMMMMMMLK    
                                                                                                            
                                                                                                                                                                                                                                                                                                                        


Scanning with Keeping Infrastructure as Code Secure v2.1.18





Unpinned Actions Full Length Commit SHA, Severity: LOW, Results: 3
Description: Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. When selecting a SHA, you should verify it is from the action's repository and not a repository fork.
Platform: CICD
CWE: 829
Risk Score: 4.1
Learn more about this vulnerability: https://docs.kics.io/latest/queries/cicd-queries/555ab8f9-2001-455e-a077-f2d0f41e2fb9

	[1]: .github/workflows/mega-linter.yml:45

		044:         # More info at https://megalinter.io/flavors/
		045:         uses: oxsecurity/megalinter@v9.3.0
		046:         env:


	[2]: .github/workflows/ci.yml:25

		024:       - name: Set up Ruby
		025:         uses: ruby/setup-ruby@v1.301.0
		026:         with:


	[3]: .github/workflows/ci.yml:63

		062:       - name: Set up Ruby
		063:         uses: ruby/setup-ruby@v1.301.0
		064:         with:


Passwords And Secrets - Password in URL, Severity: HIGH, Results: 1
Description: Query to find passwords and secrets in infrastructure code.
Platform: Common
CWE: 798
Risk Score: 7.8
Learn more about this vulnerability: https://docs.kics.io/latest/queries/common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71

	[1]: .github/workflows/ci.yml:51

		050:       CI: true
		051:       DATABASE_URL: <SECRET-MASKED-ON-PURPOSE>:5432/rails_test"
		052:       RAILS_ENV: test


Passwords And Secrets - Generic Password, Severity: HIGH, Results: 1
Description: Query to find passwords and secrets in infrastructure code.
Platform: Common
CWE: 798
Risk Score: 7.8
Learn more about this vulnerability: https://docs.kics.io/latest/queries/common-queries/a88baa34-e2ad-44ea-ad6f-8cac87bc7c71

	[1]: .github/workflows/ci.yml:41

		040:           POST

(Truncated to 4000 characters out of 4252)

❌ SPELL / lychee - 6 errors

[IGNORED] redis://localhost:6379/0 | Unsupported: Error creating request client: builder error for url (redis://localhost:6379/0)
[IGNORED] postgres://rails:password@localhost:5432/rails_test | Unsupported: Error creating request client: builder error for url (postgres://localhost:5432/rails_test)
[ERROR] https://www.contributor-covenant.org/version/2/1/code_of_conduct.html | Network error: error sending request for url (https://www.contributor-covenant.org/version/2/1/code_of_conduct.html) Maybe a certificate error?
[404] https://megalinter.io/configuration/ | Network error: Not Found
[404] https://megalinter.io/configuration/ | Network error: Not Found
[404] https://megalinter.io/flavors/ | Network error: Not Found
[ERROR] https://gds-way.cloudapps.digital/standards/architecture-decisions.html | Network error: error sending request for url (https://gds-way.cloudapps.digital/standards/architecture-decisions.html) Maybe a certificate error?
[ERROR] file://docs/way_of_working/CODE_OF_CONDUCT.md | Cannot find file
[IGNORED] postgres://myuser:mypass@localhost/somedatabase | Unsupported: Error creating request client: builder error for url (postgres://localhost/somedatabase)
📝 Summary
---------------------
🔍 Total..........152
✅ Successful.....142
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.........1
❓ Unknown..........0
🚫 Errors...........6

Errors in .mega-linter.yml
[404] https://megalinter.io/configuration/ | Network error: Not Found

Errors in .github/workflows/mega-linter.yml
[404] https://megalinter.io/configuration/ | Network error: Not Found
[404] https://megalinter.io/flavors/ | Network error: Not Found

Errors in docs/way_of_working/decision-records.md
[ERROR] https://gds-way.cloudapps.digital/standards/architecture-decisions.html | Network error: error sending request for url (https://gds-way.cloudapps.digital/standards/architecture-decisions.html) Maybe a certificate error?

Errors in docs/way_of_working/code-of-conduct.md
[ERROR] file://docs/way_of_working/CODE_OF_CONDUCT.md | Cannot find file

Errors in CODE_OF_CONDUCT.md
[ERROR] https://www.contributor-covenant.org/version/2/1/code_of_conduct.html | Network error: error sending request for url (https://www.contributor-covenant.org/version/2/1/code_of_conduct.html) Maybe a certificate error?

❌ REPOSITORY / secretlint - 1 error

test/dummy/config/database.yml
  80:18  error  [PostgreSQLConnection] found PostgreSQL connection string: ************************************************  @secretlint/secretlint-rule-preset-recommend > @secretlint/secretlint-rule-database-connection-string

✖ 1 problem (1 error, 0 warnings, 0 infos)

❌ REPOSITORY / trivy - 1 error

2026-04-13T17:38:10Z	INFO	[vulndb] Need to update DB
2026-04-13T17:38:10Z	INFO	[vulndb] Downloading vulnerability DB...
2026-04-13T17:38:10Z	INFO	[vulndb] Downloading artifact...	repo="mirror.gcr.io/aquasec/trivy-db:2"
19.53 MiB / 89.87 MiB [------------->_______________________________________________] 21.73% ? p/s ?45.42 MiB / 89.87 MiB [------------------------------>______________________________] 50.54% ? p/s ?74.78 MiB / 89.87 MiB [-------------------------------------------------->__________] 83.21% ? p/s ?89.87 MiB / 89.87 MiB [--------------------------------------------->] 100.00% 117.07 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [--------------------------------------------->] 100.00% 117.07 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [--------------------------------------------->] 100.00% 117.07 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [--------------------------------------------->] 100.00% 109.52 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [--------------------------------------------->] 100.00% 109.52 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [--------------------------------------------->] 100.00% 109.52 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [--------------------------------------------->] 100.00% 102.46 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [--------------------------------------------->] 100.00% 102.46 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [--------------------------------------------->] 100.00% 102.46 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 95.85 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 95.85 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 95.85 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 89.66 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 89.66 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 89.66 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 83.88 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 83.88 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 83.88 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 78.47 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 78.47 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 78.47 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 73.40 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 73.40 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 73.40 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 68.67 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 68.67 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 68.67 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 64.24 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [---------------------------------------------->] 100.00% 64.24 MiB p/s ETA 0s89.87 MiB / 89.87 MiB [-------------------------------------------------] 100.00% 14.30 MiB p/s 6.5s2026-04-13T17:38:17Z	INFO	[vulndb] Artifact successfully downloaded	repo="mirror.gcr.io/aquasec/trivy-db:2"
2026-04-13T17:38:17Z	INFO	[vuln] Vulnerability scanning is enabled
2026-04-13T17:38:17Z	INFO	[misconfig] Misconfiguration scanning is enabled
2026-04-13T17:38:17Z	INFO	[misconfig] Need to update the checks bundle
2026-04-13T17:38:17Z	INFO	[misconfig] Downloading the checks bundle...
165.46 KiB / 165.46 KiB [------------------------------------------------------] 100.00% 

(Truncated to 4000 characters out of 28095)

❌ YAML / yamllint - 2 errors

.github/workflows/mega-linter.yml
  53:7      warning  comment not indented like content  (comments-indentation)

test/dummy/config/database.yml
  62:1      error    syntax error: could not find expected ':' (syntax)

⚠️ MARKDOWN / markdownlint - 11 errors

.github/ISSUE_TEMPLATE/job-story.md:8 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Job Story"]
.github/pull_request_template.md:1 error MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "## What?"]
.github/pull_request_template.md:29 error MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
CHANGELOG.md:18 error MD024/no-duplicate-heading Multiple headings with the same content [Context: "Fixed"]
CHANGELOG.md:24 error MD024/no-duplicate-heading Multiple headings with the same content [Context: "Fixed"]
CHANGELOG.md:36 error MD024/no-duplicate-heading Multiple headings with the same content [Context: "Fixed"]
CHANGELOG.md:42 error MD024/no-duplicate-heading Multiple headings with the same content [Context: "Added"]
CHANGELOG.md:57 error MD024/no-duplicate-heading Multiple headings with the same content [Context: "Added"]
docs/way_of_working/code-linting/index.md:25:288 error MD059/descriptive-link-text Link text should be descriptive [Context: "[here]"]
docs/way_of_working/pull-request-template-and-guidelines.md:7:401 error MD013/line-length Line length [Expected: 400; Actual: 497]
README.md:7:401 error MD013/line-length Line length [Expected: 400; Actual: 451]

See detailed reports in MegaLinter artifacts

You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:

oxsecurity/megalinter/flavors/cupcake@v9.3.0 (90 linters)

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

Documentation: Custom Flavors
Command: npx mega-linter-runner@9.3.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,COPYPASTE_JSCPD,CSS_STYLELINT,HTML_HTMLHINT,JAVASCRIPT_STANDARD,JSON_JSONLINT,JSON_V8R,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_DEVSKIM,REPOSITORY_DUSTILOCK,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_KICS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,YAML_YAMLLINT,YAML_V8R

dependabot · 2026-04-16T16:14:58Z

Superseded by #133.

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 13, 2026

dependabot bot mentioned this pull request Apr 13, 2026

Bump ruby/setup-ruby from 1.288.0 to 1.300.0 #130

Closed

dependabot bot closed this Apr 16, 2026

dependabot bot deleted the dependabot/github_actions/ruby/setup-ruby-1.301.0 branch April 16, 2026 16:15

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump ruby/setup-ruby from 1.288.0 to 1.301.0#131

Bump ruby/setup-ruby from 1.288.0 to 1.301.0#131
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/ruby/setup-ruby-1.301.0

dependabot bot commented on behalf of github Apr 13, 2026

Uh oh!

github-actions bot commented Apr 13, 2026

Uh oh!

dependabot bot commented on behalf of github Apr 16, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Apr 13, 2026

v1.301.0

What's Changed

v1.300.0

What's Changed

v1.299.0

What's Changed

v1.298.0

What's Changed

v1.297.0

What's Changed

v1.296.0

What's Changed

v1.295.0

What's Changed

Uh oh!

github-actions bot commented Apr 13, 2026

❌MegaLinter analysis: Error

Detailed Issues

Uh oh!

dependabot bot commented on behalf of github Apr 16, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants