build(deps): bump the minor-and-patch-action-updates group across 1 directory with 8 updates

[dependabot]

Bumps the minor-and-patch-action-updates group with 8 updates in the / directory:

Package	From	To
actions/checkout	4.1.2	4.1.4
hendrikmuhs/ccache-action	1.2.12	1.2.13
actions/upload-artifact	4.3.2	4.3.3
actions/download-artifact	4.1.5	4.1.7
actions/dependency-review-action	4.2.5	4.3.2
oxsecurity/megalinter	7.10.0	7.11.1
github/codeql-action	3.25.1	3.25.3
reviewdog/action-suggester	1.11.0	1.12.0

Updates actions/checkout from 4.1.2 to 4.1.4

Release notes

Sourced from actions/checkout's releases.

v4.1.4

What's Changed

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in actions/checkout#1692
• Add dependabot config by @​cory-miller in actions/checkout#1688
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in actions/checkout#1643
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in actions/checkout#1693

Full Changelog: actions/checkout@v4.1.3...v4.1.4

v4.1.3

What's Changed

• Update actions/checkout version in update-main-version.yml by @​jww3 in actions/checkout#1650
• Check git version before attempting to disable sparse-checkout by @​jww3 in actions/checkout#1656
• Add SSH user parameter by @​cory-miller in actions/checkout#1685

Full Changelog: actions/checkout@v4.1.2...v4.1.3

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.4

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in actions/checkout#1692
• Add dependabot config by @​cory-miller in actions/checkout#1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in actions/checkout#1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in actions/checkout#1643

v4.1.3

• Check git version before attempting to disable sparse-checkout by @​jww3 in actions/checkout#1656
• Add SSH user parameter by @​cory-miller in actions/checkout#1685
• Update actions/checkout version in update-main-version.yml by @​jww3 in actions/checkout#1650

v4.1.2

• Fix: Disable sparse checkout whenever sparse-checkout option is not present @​dscho in actions/checkout#1598

v4.1.1

• Correct link to GitHub Docs by @​peterbe in actions/checkout#1511
• Link to release page from what's new section by @​cory-miller in actions/checkout#1514

v4.1.0

• Add support for partial checkout filters

v4.0.0

• Support fetching without the --progress option
• Update to node20

v3.6.0

• Fix: Mark test scripts with Bash'isms to be run via Bash
• Add option to fetch tags even if fetch-depth > 0

v3.5.3

• Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in
• Fix typos found by codespell
• Add support for sparse checkouts

v3.5.2

• Fix api endpoint for GHES

v3.5.1

• Fix slow checkout on Windows

v3.5.0

• Add new public key for known_hosts

v3.4.0

• Upgrade codeql actions to v2
• Upgrade dependencies
• Upgrade @​actions/io

... (truncated)

Commits

• 0ad4b8f Prep Release v4.1.4 (#1704)
• 43045ae Disable extensions.worktreeConfig when disabling sparse-checkout (#1692)
• 37b0821 Bump the minor-actions-dependencies group with 2 updates (#1693)
• 9839dc1 Add dependabot config (#1688)
• 9b4c13b Bump word-wrap from 1.2.3 to 1.2.5 (#1643)
• 1d96c77 Add SSH user parameter (#1685)
• cd7d8d6 Check git version before attempting to disable sparse-checkout (#1656)
• 8410ad0 Update actions/checkout version in update-main-version.yml (#1650)
• See full diff in compare view

Updates hendrikmuhs/ccache-action from 1.2.12 to 1.2.13

Release notes

Sourced from hendrikmuhs/ccache-action's releases.

v1.2.13

What's Changed

• add emscripten to the compiler list by @​mmomtchev in hendrikmuhs/ccache-action#187
• Bump @​actions/cache from 3.2.3 to 3.2.4 by @​dependabot in hendrikmuhs/ccache-action#183
• Bump typescript from 5.3.3 to 5.4.2 by @​dependabot in hendrikmuhs/ccache-action#190
• Bump typescript from 5.4.2 to 5.4.3 by @​dependabot in hendrikmuhs/ccache-action#191
• fix: early exit process so node doesn't wait for hanging promises by @​chirag-droid in hendrikmuhs/ccache-action#182
• Bump typescript from 5.4.3 to 5.4.5 by @​dependabot in hendrikmuhs/ccache-action#193
• Update windows by @​virtuald in hendrikmuhs/ccache-action#180
• Bump @​types/node from 20.11.10 to 20.12.7 by @​dependabot in hendrikmuhs/ccache-action#194

New Contributors

• @​mmomtchev made their first contribution in hendrikmuhs/ccache-action#187
• @​chirag-droid made their first contribution in hendrikmuhs/ccache-action#182
• @​virtuald made their first contribution in hendrikmuhs/ccache-action#180

Full Changelog: hendrikmuhs/ccache-action@v1.2.12...v1.2.13

Commits

• c92f40b Bump @​types/node from 20.11.10 to 20.12.7 (#194)
• ff9f6cc update checksum
• 9851637 update code
• 40738ee Update windows (#180)
• ba6e323 Bump typescript from 5.4.3 to 5.4.5 (#193)
• 550708f fix: early exit process so node doesn't wait for hanging promises (#182)
• 259dcb3 Bump typescript from 5.4.2 to 5.4.3 (#191)
• a16392e update code
• 3818c20 Bump typescript from 5.3.3 to 5.4.2 (#190)
• b647aa9 Bump @​actions/cache from 3.2.3 to 3.2.4 (#183)
• Additional commits viewable in compare view

Updates actions/upload-artifact from 4.3.2 to 4.3.3

Release notes

Sourced from actions/upload-artifact's releases.

v4.3.3

What's Changed

• updating @actions/artifact dependency to v2.1.6 by @​eggyhead in actions/upload-artifact#565

Full Changelog: actions/upload-artifact@v4.3.2...v4.3.3

Commits

• 6546280 updating package version
• c004fb4 Merge branch 'main' into eggyhead/use-artifact-v2.1.6
• 90aba49 updating toolkit artifact dependency to 2.1.6
• b06cde3 Merge pull request #563 from actions/eggyhead/release-4.3.2
• See full diff in compare view

Updates actions/download-artifact from 4.1.5 to 4.1.7

Release notes

Sourced from actions/download-artifact's releases.

v4.1.7

What's Changed

• Update @​actions/artifact dependency by @​bethanyj28 in actions/download-artifact#325

Full Changelog: actions/download-artifact@v4.1.6...v4.1.7

v4.1.6

What's Changed

• updating @actions/artifact dependency to v2.1.6 by @​eggyhead in actions/download-artifact#324

Full Changelog: actions/download-artifact@v4.1.5...v4.1.6

Commits

• 65a9edc Merge pull request #325 from bethanyj28/main
• fdd1595 licensed
• c13dba1 update @​actions/artifact dependency
• 0daa75e Merge pull request #324 from actions/eggyhead/use-artifact-v2.1.6
• 9c19ed7 Merge branch 'main' into eggyhead/use-artifact-v2.1.6
• 3d3ea87 updating license
• 89af5db updating artifact package v2.1.6
• b4aefff Merge pull request #323 from actions/eggyhead/update-artifact-v215
• See full diff in compare view

Updates actions/dependency-review-action from 4.2.5 to 4.3.2

Release notes

Sourced from actions/dependency-review-action's releases.

v4.3.2

What's Changed

• Fix package-url parsing for allow-dependencies-licenses by @​juxtin in actions/dependency-review-action#761

Full Changelog: actions/dependency-review-action@v4.3.1...v4.3.2

v4.3.1

What's Changed

This release fixes some bugs related to package-url parsing that were introduced in 4.3.0. See actions/dependency-review-action#753.

Full Changelog: actions/dependency-review-action@V4.3.0...v4.3.1

v4.3.0

New Features

• The deny-packages option can now be used without a version number to exclude all versions of a package.

What's Changed

• Fix action variable name for scorecard by @​lukehinds in actions/dependency-review-action#735
• Fix extra https:// in summary by @​jhutchings1 in actions/dependency-review-action#748
• Bump typescript from 5.3.3 to 5.4.5 by @​dependabot in actions/dependency-review-action#744
• Bump eslint-plugin-github from 4.10.1 to 4.10.2 by @​dependabot in actions/dependency-review-action#737
• Show denied packages with red X by @​juxtin in actions/dependency-review-action#750
• deny-packages configuration option can deny specified version or all packages by @​febuiles and @​bteng22 in actions/dependency-review-action#733

New Contributors

• @​bteng22 made their first contribution in actions/dependency-review-action#733
• @​lukehinds made their first contribution in actions/dependency-review-action#735

Full Changelog: actions/dependency-review-action@v4.2.5...V4.3.0

Commits

• 0c155c5 Merge pull request #762 from actions/juxtin/prepare-4.3.2
• f3dac32 Merge pull request #761 from actions/juxtin/fix-allow-dependencies-licenses
• d0d5cc3 Update version number to 4.3.2
• 49fbbe0 Fix package-url parsing for allow-dependencies-licenses
• e58c696 Merge pull request #758 from actions/juxtin/prepare-4.3.1
• 9b7c72d Change version to 4.3.1
• 7dcfabf Merge pull request #753 from actions/juxtin/debug-purl
• 5f0808f Validate that deny-packages purls are complete
• fcc66c2 Refine purl parsing and tests
• 1dd418b Basic tests for PURL validation in config
• Additional commits viewable in compare view

Updates oxsecurity/megalinter from 7.10.0 to 7.11.1

Release notes

Sourced from oxsecurity/megalinter's releases.

v7.11.1

What's Changed

• Fixes

  • Implement fallback in case git diff does not work with merge-base, by @​nvuillam in oxsecurity/megalinter#3503

• Linter versions upgrades

  • stylelint from 16.3.1 to 16.4.0

MegaLinter is graciously provided by

Full Changelog: oxsecurity/megalinter@v7.11.0...v7.11.1

v7.11.0

What's Changed

• Core

  • Allow to override the number of parallel cores used, with variable PARALLEL_PROCESS_NUMBER, by @​nvuillam in oxsecurity/megalinter#3428
  • Upgrade base python image from 3.12.2-alpine3.19 to 3.12.3-alpine3.19
  • Upgrade PHP 8.1 to 8.3 by @​llaville in oxsecurity/megalinter#3464
  • Add descriptor pre / post commands, by @​bdovaz in oxsecurity/megalinter#3468
  • Allow merge lists with EXTENDS, by @​bdovaz in oxsecurity/megalinter#3469

• Media

• New linters

  • Add Kotlin detekt linter, by @​enciyo in oxsecurity/megalinter#3408

• Reporters

  • Add ruff sarif support, by @​Skitionek in oxsecurity/megalinter#3486

• Fixes

  • Fix listing of modified files, by @​vkucera in oxsecurity/megalinter#3472. Fixes oxsecurity/megalinter#2125.
  • Fix conflict between prettier and yamllint about spaces, by @​apeyrat in oxsecurity/megalinter#3426
  • Ensure trufflehog does not auto-update itself, by @​wandering-tales in oxsecurity/megalinter#3430
  • Salesforce linters: use sf + default Flow Scanner rules, by @​nvuillam in oxsecurity/megalinter#3435
  • Disable JSON_ESLINT_PLUGIN_JSONC until ota-meshi/eslint-plugin-jsonc#328 is fixed
  • Upgrade tar in mega-linter-runner
  • secretlint: remove default .secretlintignore that was never used but .gitignore is used instead. Fixes #3328
  • Add jpeg, xlsx to .gitleaks.toml, by @​rasa in oxsecurity/megalinter#3434
  • Fix Json Schema, by @​nvuillam in oxsecurity/megalinter#3470
  • Remove TEMPLATES/.secretlintignore, by @​pjungermann in oxsecurity/megalinter#3476

• Doc

  • Update R2DevOps logo, by @​nvuillam in oxsecurity/megalinter#3436
  • Update Roslynator repo url and logo, by @​TommyE123 in oxsecurity/megalinter#3444
  • Fix clang-format documentation links to point to the correct version. Fixes #3452, by @​daltonv in oxsecurity/megalinter#3453
  • Add copy to clipboard button in code block (documentation), by @​nikkii86 in oxsecurity/megalinter#3491

• Flavors

... (truncated)

Changelog

Sourced from oxsecurity/megalinter's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased] (beta, main branch content)

Note: Can be used with oxsecurity/megalinter@beta in your GitHub Action mega-linter.yml file, or with oxsecurity/megalinter:beta docker image

• Core

  • Add new logs (at debug level) on each linter activation/deactivation
  • Clean MegaLinter own CVE exceptions and order the remaining ones with links to related issues
  • Upgrade to Java 21 except for npm-groovy-lint that requires Java 17

• Media

• Linters

  • API_SPECTRAL was added as replacement for OPENAPI_SPECTRAL (deprecated), supporting AsyncAPI and OpenAPI by default. Uses Spectral's standard config file name .spectral.yaml instead of .openapirc.yml with a default config with rulesets for AsyncAPI and OpenAPI enabled. Fixes #3387

• Reporters

• Fixes

  • Change golangci-lint lint mode to project
  • Disable sql-lint as it is no longer maintained

• Doc

  • Handle disabled_reason property in descriptors

• Flavors

• CI

  • Build: take in account disabled linters for workflow auto-update
  • Remove useless package-lock.json that was in python tests folder
  • Fix SARIF_REPORTER that was wrongly sent to true to format & fix test methods
  • Build: Write ARG lines at the top of Dockerfiles if they are used by FROM variables
  • Remove Github Actions Workflow telemetry to improve performances

• Linter versions upgrades

  • phpcs from 3.9.1 to 3.9.2 on 2024-04-23
  • csharpier from 0.28.1 to 0.28.2 on 2024-04-26
  • roslynator from 0.8.6.0 to 0.8.7.0 on 2024-04-26
  • black from 24.4.0 to 24.4.2 on 2024-04-26
  • mypy from 1.9.0 to 1.10.0 on 2024-04-26
  • pyright from 1.1.359 to 1.1.360 on 2024-04-26
  • ruff from 0.4.1 to 0.4.2 on 2024-04-26
  • grype from 0.77.0 to 0.77.1 on 2024-04-26
  • syft from 1.2.0 to 1.3.0 on 2024-04-26
  • trivy-sbom from 0.50.2 to 0.50.4 on 2024-04-26
  • trivy from 0.50.2 to 0.50.4 on 2024-04-26

... (truncated)

Commits

• 03986e6 Release MegaLinter v7.11.1
• 4199f64 [automation] Auto-update linters version, help and documentation (#3504)
• eac233f Implement fallback in case git diff does not work with merge-base (#3503)
• 57b35ba Release MegaLinter v7.11.0
• 41567e1 [automation] Auto-update linters version, help and documentation (#3498)
• cee23e5 [automation] Auto-update linters version, help and documentation (#3492)
• 578b801 ci: add consistent python3/python handling at build.sh (#3475)
• c80e12a Add copy to clipboard button in code block (documentation) (#3491)
• fc8c26a Allow merge lists with extends (#3469)
• 5cec3c2 [automation] Auto-update linters version, help and documentation (#3488)
• Additional commits viewable in compare view

Updates github/codeql-action from 3.25.1 to 3.25.3

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

No user facing changes.

3.25.3 - 25 Apr 2024

• Update default CodeQL bundle version to 2.17.1. #2247
• Workflows running on macos-latest using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as macos-12. ARM machines with SIP disabled, including the newest macos-latest image, are unsupported for CLI versions before 2.15.1. #2261

3.25.2 - 22 Apr 2024

No user facing changes.

3.25.1 - 17 Apr 2024

• We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the autobuild build mode. #2235
• Fix a bug where the init Action would fail if --overwrite was specified in CODEQL_ACTION_EXTRA_OPTIONS. #2245

3.25.0 - 15 Apr 2024

• The deprecated feature for extracting dependencies for a Python analysis has been removed. #2224

  As a result, the following inputs and environment variables are now ignored:

  • The setup-python-dependencies input to the init Action
  • The CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION environment variable

  We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.

• Automatically overwrite an existing database if found on the filesystem. #2229

• Bump the minimum CodeQL bundle version to 2.12.6. #2232

• A more relevant log message and a diagnostic are now emitted when the file program is not installed on a Linux runner, but is required for Go tracing to succeed. #2234

3.24.10 - 05 Apr 2024

• Update default CodeQL bundle version to 2.17.0. #2219
• Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. #2220
  • If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.
  • Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace github/codeql-action/*@v3 by github/codeql-action/*@v3.24.10 and github/codeql-action/*@v2 by github/codeql-action/*@v2.24.10 in your code scanning workflow to ensure you continue using this version of the CodeQL Action.

3.24.9 - 22 Mar 2024

• Update default CodeQL bundle version to 2.16.5. #2203

3.24.8 - 18 Mar 2024

... (truncated)

Commits

• d39d31e Merge pull request #2262 from github/update-v3.25.3-ac2f82a1f
• a727825 Move changenote to most recent section
• 1efa859 Update changelog for v3.25.3
• ac2f82a Log warning if SIP is disabled and CLI version is < 2.15.1 (#2261)
• 0ad7791 Merge pull request #2247 from github/update-bundle/codeql-bundle-v2.17.1
• 79d9ee7 Merge branch 'main' into update-bundle/codeql-bundle-v2.17.1
• dbf2b17 Merge pull request #2255 from github/mergeback/v3.25.2-to-main-8f596b4a
• ff6a3c4 Update checked-in dependencies
• 619dc0c Update changelog and version after v3.25.2
• 8f596b4 Merge pull request #2254 from github/update-v3.25.2-4909c1ffb
• Additional commits viewable in compare view

Updates reviewdog/action-suggester from 1.11.0 to 1.12.0

Release notes

Sourced from reviewdog/action-suggester's releases.

Release v1.12.0

What's Changed

• chore(deps): update reviewdog/reviewdog to 0.17.4 by @​github-actions in reviewdog/action-suggester#52

Full Changelog: reviewdog/action-suggester@v1.11.0...v1.12.0

Commits

• 185c9c0 Merge pull request #52 from reviewdog/depup/reviewdog/reviewdog
• 723f29e chore(deps): update reviewdog/reviewdog to 0.17.4
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
actions/actions/checkout	0ad4b8fadaa221de15dcec353f45205ec38ea70b	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/actions/download-artifact	65a9edc5881444af0b9093a5e628f2fe47ea3b2e	🟢 6.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
actions/actions/upload-artifact	65462800fd760344b1a7b4382951275a0abb4808	🟢 6.8	Details Check Score Reason Code-Review 🟢 9 Found 10/11 approved changesets -- score normalized to 9 Maintained 🟢 10 24 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
actions/hendrikmuhs/ccache-action	c92f40bee50034e84c763e33b317c77adaa81c92	🟢 4.8	Details Check Score Reason Maintained 🟢 10 10 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 9/16 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
actions/actions/checkout	9bb56186c3b09b4f86b1c65136769dd318469633	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/actions/download-artifact	8caf195ad4b1dee92908e23f56eeb0696f1dd42d	🟢 6.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
actions/actions/upload-artifact	1746f4ab65b179e0ea60a494b83293b640dd5bba	🟢 6.8	Details Check Score Reason Code-Review 🟢 9 Found 10/11 approved changesets -- score normalized to 9 Maintained 🟢 10 24 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
actions/hendrikmuhs/ccache-action	faf867a11c028c0b483fb2ae72b6fc8f7d842714	🟢 4.8	Details Check Score Reason Maintained 🟢 10 10 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 9/16 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
actions/actions/checkout	0ad4b8fadaa221de15dcec353f45205ec38ea70b	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/actions/dependency-review-action	0c155c5e8556a497adf53f2c18edabf945ed8e70	🟢 6.4	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 8 2 existing vulnerabilities detected
actions/actions/checkout	9bb56186c3b09b4f86b1c65136769dd318469633	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/actions/dependency-review-action	5bbc3ba658137598168acb2ab73b21c432dd411b	🟢 6.4	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 8 2 existing vulnerabilities detected
actions/actions/checkout	0ad4b8fadaa221de15dcec353f45205ec38ea70b	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/actions/download-artifact	65a9edc5881444af0b9093a5e628f2fe47ea3b2e	🟢 6.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
actions/actions/upload-artifact	65462800fd760344b1a7b4382951275a0abb4808	🟢 6.8	Details Check Score Reason Code-Review 🟢 9 Found 10/11 approved changesets -- score normalized to 9 Maintained 🟢 10 24 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
actions/actions/checkout	9bb56186c3b09b4f86b1c65136769dd318469633	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/actions/download-artifact	8caf195ad4b1dee92908e23f56eeb0696f1dd42d	🟢 6.9	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
actions/actions/upload-artifact	1746f4ab65b179e0ea60a494b83293b640dd5bba	🟢 6.8	Details Check Score Reason Code-Review 🟢 9 Found 10/11 approved changesets -- score normalized to 9 Maintained 🟢 10 24 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
actions/actions/checkout	0ad4b8fadaa221de15dcec353f45205ec38ea70b	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/actions/upload-artifact	65462800fd760344b1a7b4382951275a0abb4808	🟢 6.8	Details Check Score Reason Code-Review 🟢 9 Found 10/11 approved changesets -- score normalized to 9 Maintained 🟢 10 24 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
actions/github/codeql-action/upload-sarif	d39d31e687223d841ef683f52467bd88e9b21c14	Unknown	Unknown
actions/oxsecurity/megalinter/flavors/c_cpp	03986e6993ccf699a22451118520680b438e7d2a	🟢 3.9	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 4 Found 13/29 approved changesets -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Dangerous-Workflow ⚠️ 0 dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Binary-Artifacts 🟢 10 no binaries found in the repo SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Packaging 🟢 10 packaging workflow detected Vulnerabilities ⚠️ 0 17 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
actions/reviewdog/action-suggester	185c9c06d0a28fbe43b50aca4b32777b649e7cbd	🟢 3.8	Details Check Score Reason Code-Review ⚠️ 0 Found 0/6 approved changesets -- score normalized to 0 Maintained 🟢 4 4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
actions/actions/checkout	9bb56186c3b09b4f86b1c65136769dd318469633	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/actions/upload-artifact	1746f4ab65b179e0ea60a494b83293b640dd5bba	🟢 6.8	Details Check Score Reason Code-Review 🟢 9 Found 10/11 approved changesets -- score normalized to 9 Maintained 🟢 10 24 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 9 security policy file detected SAST 🟢 9 SAST tool detected but not run on all commits Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Vulnerabilities 🟢 7 3 existing vulnerabilities detected
actions/github/codeql-action/upload-sarif	c7f9125735019aa87cfc361530512d50ea439c71	Unknown	Unknown
actions/oxsecurity/megalinter/flavors/c_cpp	a7a0163b6c8ff7474a283d99a706e27483ddd80f	🟢 3.9	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 4 Found 13/29 approved changesets -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 10 security policy file detected Dangerous-Workflow ⚠️ 0 dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Binary-Artifacts 🟢 10 no binaries found in the repo SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Packaging 🟢 10 packaging workflow detected Vulnerabilities ⚠️ 0 17 existing vulnerabilities detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
actions/reviewdog/action-suggester	3d7fde6859623ad6174df5fd662677a0eb63310a	🟢 3.8	Details Check Score Reason Code-Review ⚠️ 0 Found 0/6 approved changesets -- score normalized to 0 Maintained 🟢 4 4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Fuzzing ⚠️ 0 project is not fuzzed Vulnerabilities 🟢 10 0 existing vulnerabilities detected Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
actions/actions/checkout	0ad4b8fadaa221de15dcec353f45205ec38ea70b	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/hendrikmuhs/ccache-action	c92f40bee50034e84c763e33b317c77adaa81c92	🟢 4.8	Details Check Score Reason Maintained 🟢 10 10 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 9/16 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
actions/actions/checkout	9bb56186c3b09b4f86b1c65136769dd318469633	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/hendrikmuhs/ccache-action	faf867a11c028c0b483fb2ae72b6fc8f7d842714	🟢 4.8	Details Check Score Reason Maintained 🟢 10 10 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 9/16 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
actions/actions/checkout	0ad4b8fadaa221de15dcec353f45205ec38ea70b	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/github/codeql-action/upload-sarif	d39d31e687223d841ef683f52467bd88e9b21c14	Unknown	Unknown
actions/actions/checkout	9bb56186c3b09b4f86b1c65136769dd318469633	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/github/codeql-action/upload-sarif	c7f9125735019aa87cfc361530512d50ea439c71	Unknown	Unknown
actions/actions/checkout	0ad4b8fadaa221de15dcec353f45205ec38ea70b	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/github/codeql-action/analyze	d39d31e687223d841ef683f52467bd88e9b21c14	Unknown	Unknown
actions/github/codeql-action/init	d39d31e687223d841ef683f52467bd88e9b21c14	Unknown	Unknown
actions/hendrikmuhs/ccache-action	c92f40bee50034e84c763e33b317c77adaa81c92	🟢 4.8	Details Check Score Reason Maintained 🟢 10 10 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 9/16 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0
actions/actions/checkout	9bb56186c3b09b4f86b1c65136769dd318469633	🟢 7.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 20 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Binary-Artifacts 🟢 10 no binaries found in the repo Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Fuzzing ⚠️ 0 project is not fuzzed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy 🟢 9 security policy file detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
actions/github/codeql-action/analyze	c7f9125735019aa87cfc361530512d50ea439c71	Unknown	Unknown
actions/github/codeql-action/init	c7f9125735019aa87cfc361530512d50ea439c71	Unknown	Unknown
actions/hendrikmuhs/ccache-action	faf867a11c028c0b483fb2ae72b6fc8f7d842714	🟢 4.8	Details Check Score Reason Maintained 🟢 10 10 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 5 Found 9/16 approved changesets -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0

Scanned Manifest Files

.github/workflows/ci.yml

• actions/checkout@0ad4b8f
• actions/download-artifact@65a9edc
• actions/upload-artifact@6546280
• hendrikmuhs/ccache-action@c92f40b
• actions/checkout@9bb5618
• actions/download-artifact@8caf195
• actions/upload-artifact@1746f4a
• hendrikmuhs/ccache-action@faf867a

.github/workflows/dependency-scanner.yml

• actions/checkout@0ad4b8f
• actions/dependency-review-action@0c155c5
• actions/checkout@9bb5618
• actions/dependency-review-action@5bbc3ba

.github/workflows/documentation.yml

• actions/checkout@0ad4b8f
• actions/download-artifact@65a9edc
• actions/upload-artifact@6546280
• actions/checkout@9bb5618
• actions/download-artifact@8caf195
• actions/upload-artifact@1746f4a

.github/workflows/linting-formatting.yml

• actions/checkout@0ad4b8f
• actions/upload-artifact@6546280
• github/codeql-action@d39d31e
• oxsecurity/megalinter@03986e6
• reviewdog/action-suggester@185c9c0
• actions/checkout@9bb5618
• actions/upload-artifact@1746f4a
• github/codeql-action@c7f9125
• oxsecurity/megalinter@a7a0163
• reviewdog/action-suggester@3d7fde6

.github/workflows/release-please.yml

• actions/checkout@0ad4b8f
• hendrikmuhs/ccache-action@c92f40b
• actions/checkout@9bb5618
• hendrikmuhs/ccache-action@faf867a

.github/workflows/security.yml

• actions/checkout@0ad4b8f
• github/codeql-action@d39d31e
• actions/checkout@9bb5618
• github/codeql-action@c7f9125

.github/workflows/static-analysis.yml

• actions/checkout@0ad4b8f
• github/codeql-action@d39d31e
• github/codeql-action@d39d31e
• hendrikmuhs/ccache-action@c92f40b
• actions/checkout@9bb5618
• github/codeql-action@c7f9125
• github/codeql-action@c7f9125
• hendrikmuhs/ccache-action@faf867a

[github-actions]

🦙 MegaLinter status: ❌ ERROR

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	12		0	0.04s
✅ CPP	clang-format	967	7	0	7.47s
✅ DOCKERFILE	hadolint	2		0	0.1s
✅ JSON	jsonlint	9		0	0.15s
✅ JSON	prettier	9	0	0	1.08s
⚠️ MARKDOWN	markdownlint	6	0	4	1.61s
⚠️ MARKDOWN	markdown-link-check	6		3	78.37s
✅ MARKDOWN	markdown-table-formatter	6	0	0	0.44s
✅ REPOSITORY	checkov	yes		no	23.35s
✅ REPOSITORY	git_diff	yes		no	0.08s
✅ REPOSITORY	grype	yes		no	19.14s
✅ REPOSITORY	secretlint	yes		no	9.67s
❌ REPOSITORY	trivy	yes		1	16.21s
✅ REPOSITORY	trivy-sbom	yes		no	0.88s
✅ REPOSITORY	trufflehog	yes		no	2.88s
⚠️ SPELL	lychee	137		4	2.08s
⚠️ YAML	prettier	22	0	1	1.44s
✅ YAML	v8r	22		0	11.51s
✅ YAML	yamllint	22		0	0.35s

See detailed report in MegaLinter reports

MegaLinter is graciously provided by

[dependabot]

Superseded by #111.