chore(deps): bump the npm_and_yarn group across 4 directories with 6 updates by dependabot[bot] · Pull Request #7734 · oxsecurity/megalinter

dependabot · 2026-05-09T19:33:08Z

Bumps the npm_and_yarn group with 3 updates in the /.automation/test/repository_grype/bad directory: minimatch, fast-uri and ip-address.
Bumps the npm_and_yarn group with 3 updates in the /.automation/test/repository_osv_scanner/bad directory: minimatch, fast-uri and ip-address.
Bumps the npm_and_yarn group with 4 updates in the /.automation/test/repository_syft directory: minimatch, fast-uri, ip-address and simple-git.
Bumps the npm_and_yarn group with 2 updates in the /.automation/test/trivy/bad directory: minimist and lodash.

Updates minimatch from 3.0.4 to 3.1.5

Commits

7bba978 3.1.5
bd25942 docs: add warning about ReDoS
1a9c27c fix partial matching of globstar patterns
1a2e084 3.1.4
ae24656 update lockfile
b100374 limit recursion for **, improve perf considerably
26ffeaa lockfile update
9eca892 lock node version to 14
00c323b 3.1.3
30486b2 update CI matrix and actions
Additional commits viewable in compare view

Updates fast-uri from 3.1.0 to 3.1.2

Release notes

Sourced from fast-uri's releases.

v3.1.2

⚠️ Security Release

Fix for GHSA-v39h-62p7-jpjc

What's Changed

Handle malformed fragment decoding as a parse error by @mcollina in fastify/fast-uri#171

Full Changelog: fastify/fast-uri@v3.1.1...v3.1.2

v3.1.1

⚠️ Security Release

Fix for GHSA-q3j6-qgpj-74h6

What's Changed

build(deps-dev): bump tsd from 0.32.0 to 0.33.0 by @dependabot[bot] in fastify/fast-uri#148

build(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in fastify/fast-uri#149

chore(.npmrc): ignore scripts by @Fdawgs in fastify/fast-uri#150

build(deps-dev): remove @fastify/pre-commit by @Fdawgs in fastify/fast-uri#151

build(deps): bump actions/setup-node from 4 to 5 by @dependabot[bot] in fastify/fast-uri#152

ci(ci): add concurrency config by @Fdawgs in fastify/fast-uri#153

build(deps): bump actions/setup-node from 5 to 6 by @dependabot[bot] in fastify/fast-uri#154

build(deps): bump actions/checkout from 5 to 6 by @dependabot[bot] in fastify/fast-uri#156

chore(license): standardise license notice by @Fdawgs in fastify/fast-uri#159

style: remove trailing whitespace by @Fdawgs in fastify/fast-uri#161

ci: remove unused github files by @Tony133 in fastify/fast-uri#162

chore: update readme by @Tony133 in fastify/fast-uri#164

build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by @dependabot[bot] in fastify/fast-uri#165

build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by @dependabot[bot] in fastify/fast-uri#166

build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by @dependabot[bot] in fastify/fast-uri#167

ci: add lock-threads workflow by @Fdawgs in fastify/fast-uri#169

New Contributors

@Tony133 made their first contribution in fastify/fast-uri#162

Full Changelog: fastify/fast-uri@v3.1.0...v3.1.1

Commits

919dd8e Bumped v3.1.2
c65ba57 fixup: linting
6c86c17 Merge commit from fork
a95158a Handle malformed fragment decoding without throwing (#171)
cea547c Bumped v3.1.1
876ce79 Merge commit from fork
dcdf690 ci: add lock-threads workflow (#169)
c860e65 build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (#167)
9b4c6dc build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (#166)
85d09a9 build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-mana...
Additional commits viewable in compare view

Updates ip-address from 10.1.0 to 10.2.0

Commits

80fccaa 10.2.0
abaeb4d Type Address4.addressMinusSuffix as non-nilable (closes #143)
2878c29 Preserve subnet prefix through Address6.to4() (closes #123) (#203)
586666e Reject trailing junk in Address6.fromURL (closes #158) (#202)
80bc76e Validate static factories instead of silently overflowing (#201)
98927be Clarify isValid() accepts CIDRs with host bits set (#81)
a0eb073 Fix getScope() and broaden getType() classification (closes #122) (#200)
ec52105 Add networkForm() for CIDR network-address strings (#199)
a9443a7 Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes #62) (#198)
f01d742 Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...
Additional commits viewable in compare view

Updates minimatch from 3.0.4 to 3.1.5

Commits

7bba978 3.1.5
bd25942 docs: add warning about ReDoS
1a9c27c fix partial matching of globstar patterns
1a2e084 3.1.4
ae24656 update lockfile
b100374 limit recursion for **, improve perf considerably
26ffeaa lockfile update
9eca892 lock node version to 14
00c323b 3.1.3
30486b2 update CI matrix and actions
Additional commits viewable in compare view

Updates fast-uri from 3.1.0 to 3.1.2

Release notes

Sourced from fast-uri's releases.

v3.1.2

⚠️ Security Release

Fix for GHSA-v39h-62p7-jpjc

What's Changed

Handle malformed fragment decoding as a parse error by @mcollina in fastify/fast-uri#171

Full Changelog: fastify/fast-uri@v3.1.1...v3.1.2

v3.1.1

⚠️ Security Release

Fix for GHSA-q3j6-qgpj-74h6

What's Changed

build(deps-dev): bump tsd from 0.32.0 to 0.33.0 by @dependabot[bot] in fastify/fast-uri#148

build(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in fastify/fast-uri#149

chore(.npmrc): ignore scripts by @Fdawgs in fastify/fast-uri#150

build(deps-dev): remove @fastify/pre-commit by @Fdawgs in fastify/fast-uri#151

build(deps): bump actions/setup-node from 4 to 5 by @dependabot[bot] in fastify/fast-uri#152

ci(ci): add concurrency config by @Fdawgs in fastify/fast-uri#153

build(deps): bump actions/setup-node from 5 to 6 by @dependabot[bot] in fastify/fast-uri#154

build(deps): bump actions/checkout from 5 to 6 by @dependabot[bot] in fastify/fast-uri#156

chore(license): standardise license notice by @Fdawgs in fastify/fast-uri#159

style: remove trailing whitespace by @Fdawgs in fastify/fast-uri#161

ci: remove unused github files by @Tony133 in fastify/fast-uri#162

chore: update readme by @Tony133 in fastify/fast-uri#164

build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by @dependabot[bot] in fastify/fast-uri#165

build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by @dependabot[bot] in fastify/fast-uri#166

build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by @dependabot[bot] in fastify/fast-uri#167

ci: add lock-threads workflow by @Fdawgs in fastify/fast-uri#169

New Contributors

@Tony133 made their first contribution in fastify/fast-uri#162

Full Changelog: fastify/fast-uri@v3.1.0...v3.1.1

Commits

919dd8e Bumped v3.1.2
c65ba57 fixup: linting
6c86c17 Merge commit from fork
a95158a Handle malformed fragment decoding without throwing (#171)
cea547c Bumped v3.1.1
876ce79 Merge commit from fork
dcdf690 ci: add lock-threads workflow (#169)
c860e65 build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (#167)
9b4c6dc build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (#166)
85d09a9 build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-mana...
Additional commits viewable in compare view

Updates ip-address from 10.1.0 to 10.2.0

Commits

80fccaa 10.2.0
abaeb4d Type Address4.addressMinusSuffix as non-nilable (closes #143)
2878c29 Preserve subnet prefix through Address6.to4() (closes #123) (#203)
586666e Reject trailing junk in Address6.fromURL (closes #158) (#202)
80bc76e Validate static factories instead of silently overflowing (#201)
98927be Clarify isValid() accepts CIDRs with host bits set (#81)
a0eb073 Fix getScope() and broaden getType() classification (closes #122) (#200)
ec52105 Add networkForm() for CIDR network-address strings (#199)
a9443a7 Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes #62) (#198)
f01d742 Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...
Additional commits viewable in compare view

Updates minimatch from 3.0.4 to 3.1.5

Commits

7bba978 3.1.5
bd25942 docs: add warning about ReDoS
1a9c27c fix partial matching of globstar patterns
1a2e084 3.1.4
ae24656 update lockfile
b100374 limit recursion for **, improve perf considerably
26ffeaa lockfile update
9eca892 lock node version to 14
00c323b 3.1.3
30486b2 update CI matrix and actions
Additional commits viewable in compare view

Updates fast-uri from 3.1.0 to 3.1.2

Release notes

Sourced from fast-uri's releases.

v3.1.2

⚠️ Security Release

Fix for GHSA-v39h-62p7-jpjc

What's Changed

Handle malformed fragment decoding as a parse error by @mcollina in fastify/fast-uri#171

Full Changelog: fastify/fast-uri@v3.1.1...v3.1.2

v3.1.1

⚠️ Security Release

Fix for GHSA-q3j6-qgpj-74h6

What's Changed

build(deps-dev): bump tsd from 0.32.0 to 0.33.0 by @dependabot[bot] in fastify/fast-uri#148

build(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in fastify/fast-uri#149

chore(.npmrc): ignore scripts by @Fdawgs in fastify/fast-uri#150

build(deps-dev): remove @fastify/pre-commit by @Fdawgs in fastify/fast-uri#151

build(deps): bump actions/setup-node from 4 to 5 by @dependabot[bot] in fastify/fast-uri#152

ci(ci): add concurrency config by @Fdawgs in fastify/fast-uri#153

build(deps): bump actions/setup-node from 5 to 6 by @dependabot[bot] in fastify/fast-uri#154

build(deps): bump actions/checkout from 5 to 6 by @dependabot[bot] in fastify/fast-uri#156

chore(license): standardise license notice by @Fdawgs in fastify/fast-uri#159

style: remove trailing whitespace by @Fdawgs in fastify/fast-uri#161

ci: remove unused github files by @Tony133 in fastify/fast-uri#162

chore: update readme by @Tony133 in fastify/fast-uri#164

build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by @dependabot[bot] in fastify/fast-uri#165

build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by @dependabot[bot] in fastify/fast-uri#166

build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by @dependabot[bot] in fastify/fast-uri#167

ci: add lock-threads workflow by @Fdawgs in fastify/fast-uri#169

New Contributors

@Tony133 made their first contribution in fastify/fast-uri#162

Full Changelog: fastify/fast-uri@v3.1.0...v3.1.1

Commits

919dd8e Bumped v3.1.2
c65ba57 fixup: linting
6c86c17 Merge commit from fork
a95158a Handle malformed fragment decoding without throwing (#171)
cea547c Bumped v3.1.1
876ce79 Merge commit from fork
dcdf690 ci: add lock-threads workflow (#169)
c860e65 build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (#167)
9b4c6dc build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (#166)
85d09a9 build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-mana...
Additional commits viewable in compare view

Updates ip-address from 10.1.0 to 10.2.0

Commits

80fccaa 10.2.0
abaeb4d Type Address4.addressMinusSuffix as non-nilable (closes #143)
2878c29 Preserve subnet prefix through Address6.to4() (closes #123) (#203)
586666e Reject trailing junk in Address6.fromURL (closes #158) (#202)
80bc76e Validate static factories instead of silently overflowing (#201)
98927be Clarify isValid() accepts CIDRs with host bits set (#81)
a0eb073 Fix getScope() and broaden getType() classification (closes #122) (#200)
ec52105 Add networkForm() for CIDR network-address strings (#199)
a9443a7 Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes #62) (#198)
f01d742 Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...
Additional commits viewable in compare view

Updates minimatch from 3.0.4 to 3.1.5

Commits

7bba978 3.1.5
bd25942 docs: add warning about ReDoS
1a9c27c fix partial matching of globstar patterns
1a2e084 3.1.4
ae24656 update lockfile
b100374 limit recursion for **, improve perf considerably
26ffeaa lockfile update
9eca892 lock node version to 14
00c323b 3.1.3
30486b2 update CI matrix and actions
Additional commits viewable in compare view

Updates fast-uri from 3.1.0 to 3.1.2

Release notes

Sourced from fast-uri's releases.

v3.1.2

⚠️ Security Release

Fix for GHSA-v39h-62p7-jpjc

What's Changed

Handle malformed fragment decoding as a parse error by @mcollina in fastify/fast-uri#171

Full Changelog: fastify/fast-uri@v3.1.1...v3.1.2

v3.1.1

⚠️ Security Release

Fix for GHSA-q3j6-qgpj-74h6

What's Changed

build(deps-dev): bump tsd from 0.32.0 to 0.33.0 by @dependabot[bot] in fastify/fast-uri#148

build(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in fastify/fast-uri#149

chore(.npmrc): ignore scripts by @Fdawgs in fastify/fast-uri#150

build(deps-dev): remove @fastify/pre-commit by @Fdawgs in fastify/fast-uri#151

build(deps): bump actions/setup-node from 4 to 5 by @dependabot[bot] in fastify/fast-uri#152

ci(ci): add concurrency config by @Fdawgs in fastify/fast-uri#153

build(deps): bump actions/setup-node from 5 to 6 by @dependabot[bot] in fastify/fast-uri#154

build(deps): bump actions/checkout from 5 to 6 by @dependabot[bot] in fastify/fast-uri#156

chore(license): standardise license notice by @Fdawgs in fastify/fast-uri#159

style: remove trailing whitespace by @Fdawgs in fastify/fast-uri#161

ci: remove unused github files by @Tony133 in fastify/fast-uri#162

chore: update readme by @Tony133 in fastify/fast-uri#164

build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by @dependabot[bot] in fastify/fast-uri#165

build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by @dependabot[bot] in fastify/fast-uri#166

build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by @dependabot[bot] in fastify/fast-uri#167

ci: add lock-threads workflow by @Fdawgs in fastify/fast-uri#169

New Contributors

@Tony133 made their first contribution in fastify/fast-uri#162

Full Changelog: fastify/fast-uri@v3.1.0...v3.1.1

Commits

919dd8e Bumped v3.1.2
c65ba57 fixup: linting
6c86c17 Merge commit from fork
a95158a Handle malformed fragment decoding without throwing (#171)
cea547c Bumped v3.1.1
876ce79 Merge commit from fork
dcdf690 ci: add lock-threads workflow (#169)
c860e65 build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (#167)
9b4c6dc build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (#166)
85d09a9 build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-mana...
Additional commits viewable in compare view

Updates ip-address from 10.1.0 to 10.2.0

Commits

80fccaa 10.2.0
abaeb4d Type Address4.addressMinusSuffix as non-nilable (closes #143)
2878c29 Preserve subnet prefix through Address6.to4() (closes #123) (#203)
586666e Reject trailing junk in Address6.fromURL (closes #158) (#202)
80bc76e Validate static factories instead of silently overflowing (#201)
98927be Clarify isValid() accepts CIDRs with host bits set (#81)
a0eb073 Fix getScope() and broaden getType() classification (closes #122) (#200)
ec52105 Add networkForm() for CIDR network-address strings (#199)
a9443a7 Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes #62) (#198)
f01d742 Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...
Additional commits viewable in compare view

Updates minimatch from 3.0.4 to 3.1.5

Commits

7bba978 3.1.5
bd25942 docs: add warning about ReDoS
1a9c27c fix partial matching of globstar patterns
1a2e084 3.1.4
ae24656 update lockfile
b100374 limit recursion for **, improve perf considerably
26ffeaa lockfile update
9eca892 lock node version to 14
00c323b 3.1.3
30486b2 update CI matrix and actions
Additional commits viewable in compare view

Updates fast-uri from 3.1.0 to 3.1.2

Release notes

Sourced from fast-uri's releases.

v3.1.2

⚠️ Security Release

Fix for GHSA-v39h-62p7-jpjc

What's Changed

Handle malformed fragment decoding as a parse error by @mcollina in fastify/fast-uri#171

Full Changelog: fastify/fast-uri@v3.1.1...v3.1.2

v3.1.1

⚠️ Security Release

Fix for GHSA-q3j6-qgpj-74h6

What's Changed

build(deps-dev): bump tsd from 0.32.0 to 0.33.0 by @dependabot[bot] in fastify/fast-uri#148

build(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in fastify/fast-uri#149

chore(.npmrc): ignore scripts by @Fdawgs in fastify/fast-uri#150

build(deps-dev): remove @fastify/pre-commit by @Fdawgs in fastify/fast-uri#151

build(deps): bump actions/setup-node from 4 to 5 by @dependabot[bot] in fastify/fast-uri#152

ci(ci): add concurrency config by @Fdawgs in fastify/fast-uri#153

build(deps): bump actions/setup-node from 5 to 6 by @dependabot[bot] in fastify/fast-uri#154

build(deps): bump actions/checkout from 5 to 6 by @dependabot[bot] in fastify/fast-uri#156

chore(license): standardise license notice by @Fdawgs in fastify/fast-uri#159

style: remove trailing whitespace by @Fdawgs in fastify/fast-uri#161

ci: remove unused github files by @Tony133 in fastify/fast-uri#162

chore: update readme by @Tony133 in fastify/fast-uri#164

build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-manager.yml from 5 to 6 by @dependabot[bot] in fastify/fast-uri#165

build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml from 5 to 6 by @dependabot[bot] in fastify/fast-uri#166

build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 by @dependabot[bot] in fastify/fast-uri#167

ci: add lock-threads workflow by @Fdawgs in fastify/fast-uri#169

New Contributors

@Tony133 made their first contribution in fastify/fast-uri#162

Full Changelog: fastify/fast-uri@v3.1.0...v3.1.1

Commits

919dd8e Bumped v3.1.2
c65ba57 fixup: linting
6c86c17 Merge commit from fork
a95158a Handle malformed fragment decoding without throwing (#171)
cea547c Bumped v3.1.1
876ce79 Merge commit from fork
dcdf690 ci: add lock-threads workflow (#169)
c860e65 build(deps-dev): bump neostandard from 0.12.2 to 0.13.0 (#167)
9b4c6dc build(deps): bump fastify/workflows/.github/workflows/plugins-ci.yml (#166)
85d09a9 build(deps): bump fastify/workflows/.github/workflows/plugins-ci-package-mana...
Additional commits viewable in compare view

Updates ip-address from 10.1.0 to 10.2.0

Commits

80fccaa 10.2.0
abaeb4d Type Address4.addressMinusSuffix as non-nilable (closes #143)
2878c29 Preserve subnet prefix through Address6.to4() (closes #123) (#203)
586666e Reject trailing junk in Address6.fromURL (closes #158) (#202)
80bc76e Validate static factories instead of silently overflowing (#201)
98927be Clarify isValid() accepts CIDRs with host bits set (#81)
a0eb073 Fix getScope() and broaden getType() classification (closes #122) (#200)
ec52105 Add networkForm() for CIDR network-address strings (#199)
a9443a7 Add isMapped4() predicate for IPv4-mapped IPv6 addresses (closes #62) (#198)
f01d742 Add address-property predicates (private, ULA, loopback, link-local, etc.) (#...
Additional commits viewable in compare view

Updates minimatch from 3.0.4 to 3.1.5

Commits

7bba978 3.1.5
bd25942 docs: add warning about ReDoS
1a9c27c fix partial matching of globstar patterns
1a2e084 3.1.4
ae24656 update lockfile
b100374 limit recursion for **, improve perf considerably
26ffeaa lockfile update
9eca892 lock node version to 14
00c323b 3.1.3
30486b2 update CI matrix and actions
Additional commits viewable in compare view

Updates fast-uri from 3.1.0 to 3.1.2

Release notes

Sourced from fast-uri's releases.

v3.1.2

⚠️ Security Release

Fix for GHSA-v39h-62p7-jpjc

What's Changed

Handle malformed fragment decoding as a parse error by @mcollina in fastify/fast-uri#171

Full Changelog: fastify/fast-uri@v3.1.1...v3.1.2

v3.1.1

⚠️ Security Release

Fix for GHSA-q3j6-qgpj-74h6

What's Changed

build(deps-dev): bump tsd from 0.32.0 to 0.33.0 by @dependabot[bot] in fastify/fast-uri#148

build(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in fastify/fast-uri#149

chore(.npmrc): ignore scripts by @Fdawgs in fastify/fast-uri#150

build(deps-dev): remove @fastify/pre-commit by @Fdawgs in fastify/fast...
Description has been truncated

github-actions · 2026-05-09T19:39:23Z

❌MegaLinter analysis: Error

❌ REPOSITORY / osv-scanner - 1 error

Scanning dir .
Starting filesystem walk for root: /
Scanned mega-linter-runner/yarn.lock file and found 486 packages
Scanned uv.lock file and found 138 packages
Scanned .config/python/dev/requirements.txt file and found 47 packages
Scanned server/requirements.txt file and found 10 packages
End status: 352 dirs visited, 1893 inodes visited, 4 Extract calls, 433.888468ms elapsed, 433.888769ms wall time
Filtered 1 local/unscannable package/s from the scan.
osv-scanner.toml has unused ignores:
 - MAL-2026-4750

Total 1 package affected by 1 known vulnerability (0 Critical, 1 High, 0 Medium, 0 Low, 0 Unknown) from 1 ecosystem.
1 vulnerability can be fixed.

+-------------------------------------+------+-----------+---------+---------+---------------+------------------------------+
| OSV URL                             | CVSS | ECOSYSTEM | PACKAGE | VERSION | FIXED VERSION | SOURCE                       |
+-------------------------------------+------+-----------+---------+---------+---------------+------------------------------+
| https://osv.dev/GHSA-ph9p-34f9-6g65 | 7.7  | npm       | tmp     | 0.2.5   | 0.2.6         | mega-linter-runner/yarn.lock |
+-------------------------------------+------+-----------+---------+---------+---------------+------------------------------+

⚠️ PYTHON / bandit - 137 errors

4:4
123	    )
124	    assert os.path.isdir(config.get(request_id, "DEFAULT_WORKSPACE")), (
125	        "DEFAULT_WORKSPACE "
126	        + config.get(request_id, "DEFAULT_WORKSPACE")
127	        + " is not a valid folder"
128	    )
129	

--------------------------------------------------
>> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
   Severity: Low   Confidence: High
   CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
   More Info: https://bandit.readthedocs.io/en/1.9.4/plugins/b101_assert_used.html
   Location: ./megalinter/utilstest.py:172:4
171	    tmp_report_folder = tempfile.gettempdir() + os.path.sep + str(uuid.uuid4())
172	    assert os.path.isdir(workspace), f"Test folder {workspace} is not existing"
173	    linter_name = linter.linter_name

--------------------------------------------------
>> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
   Severity: Low   Confidence: High
   CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
   More Info: https://bandit.readthedocs.io/en/1.9.4/plugins/b101_assert_used.html
   Location: ./megalinter/utilstest.py:238:4
237	    tmp_report_folder = tempfile.gettempdir() + os.path.sep + str(uuid.uuid4())
238	    assert os.path.isdir(workspace), f"Test folder {workspace} is not existing"
239	    if os.path.isfile(workspace + os.path.sep + "no_test_failure"):

--------------------------------------------------
>> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
   Severity: Low   Confidence: High
   CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
   More Info: https://bandit.readthedocs.io/en/1.9.4/plugins/b101_assert_used.html
   Location: ./megalinter/utilstest.py:487:4
486	    )
487	    assert os.path.isdir(workspace), f"Test folder {workspace} is not existing"
488	    expected_file_name = ""

--------------------------------------------------
>> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
   Severity: Low   Confidence: High
   CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
   More Info: https://bandit.readthedocs.io/en/1.9.4/plugins/b101_assert_used.html
   Location: ./megalinter/utilstest.py:587:4
586	        workspace += os.path.sep + "bad"
587	    assert os.path.isdir(workspace), f"Test folder {workspace} is not existing"
588	    # Call linter

--------------------------------------------------
>> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
   Severity: Low   Confidence: High
   CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
   More Info: https://bandit.readthedocs.io/en/1.9.4/plugins/b101_assert_used.html
   Location: ./megalinter/utilstest.py:676:4
675	        workspace = workspace + os.path.sep + "fix"
676	    assert os.path.isdir(workspace), f"Test folder {workspace} is not existing"
677	

--------------------------------------------------
>> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
   Severity: Low   Confidence: High
   CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
   More Info: https://bandit.readthedocs.io/en/1.9.4/plugins/b101_assert_used.html
   Location: ./megalinter/utilstest.py:782:12
781	            ]
782	            assert (len(list(diffs))) > 0, f"No changes in the {file} file"
783	

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.9.4/plugins/b108_hardcoded_tmp_directory.html
   Location: ./server/server.py:81:42
80	    if item.fileUploadId:
81	        uploaded_file_path = os.path.join("/tmp/server-files", item.fileUploadId)
82	        if not os.path.isdir(uploaded_file_path):

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.9.4/plugins/b108_hardcoded_tmp_directory.html
   Location: ./server/server.py:103:38
102	    file_upload_id = "FILE_" + str(uuid1())
103	    uploaded_file_path = os.path.join("/tmp/server-files", file_upload_id)
104	    os.makedirs(uploaded_file_path)

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.9.4/plugins/b108_hardcoded_tmp_directory.html
   Location: ./server/server_worker.py:98:34
97	        temp_dir = self.create_temp_dir()
98	        upload_dir = os.path.join("/tmp/server-files", file_upload_id)
99	        if os.path.exists(upload_dir):

--------------------------------------------------

Code scanned:
	Total lines of code: 19302
	Total lines skipped (#nosec): 0
	Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 104
		Medium: 24
		High: 9
	Total issues (by confidence):
		Undefined: 0
		Low: 16
		Medium: 20
		High: 101
Files skipped (0):

(Truncated to last 5714 characters out of 92334)

⚠️ BASH / bash-exec - 1 error

Results of bash-exec linter (version 5.3.3)
See documentation on https://megalinter.io/beta/descriptors/bash_bash_exec/
-----------------------------------------------

✅ [SUCCESS] .automation/build_schemas_doc.sh
✅ [SUCCESS] .automation/format-tables.sh
✅ [SUCCESS] .vscode/testlinter.sh
✅ [SUCCESS] build.sh
✅ [SUCCESS] entrypoint.sh
❌ [ERROR] sh/megalinter_exec
    Error: File:[sh/megalinter_exec] is not executable

⚠️ SPELL / lychee - 70 errors

rce.com/docs/platform/salesforce-code-analyzer/guide/get-started.html (at 169:17) | Error (cached)
[403] https://developer.salesforce.com/docs/platform/salesforce-code-analyzer/guide/get-started.html (at 265:17) | Error (cached)
[403] https://developer.salesforce.com/docs/platform/salesforce-code-analyzer/guide/get-started.html (at 361:17) | Error (cached)
[403] https://developer.salesforce.com/docs/platform/salesforce-code-analyzer/guide/get-started.html (at 459:17) | Error (cached)
[403] https://developer.salesforce.com/docs/platform/salesforce-code-analyzer/guide/get-started.html (at 548:17) | Error (cached)
[403] https://developer.salesforce.com/docs/platform/salesforce-code-analyzer/guide/get-started.html (at 71:17) | Rejected status code: 403 Forbidden
[404] https://github.com/Lightning-Flow-Scanner/lightning-flow-scanner-core#rules (at 631:23) | Rejected status code: 404 Not Found

Errors in megalinter/descriptors/spell.megalinter-descriptor.yml
[500] https://packagecontrol.io/packages/SublimeLinter-contrib-vale (at 186:16) | Rejected status code: 500 Internal Server Error

Errors in megalinter/descriptors/terraform.megalinter-descriptor.yml
[404] https://github.com/gruntwork-io/terragrunt/blob/master/docs/assets/img/favicon/ms-icon-310x310.png (at 168:23) | Rejected status code: 404 Not Found | Followed 1 redirect. Redirects: https://github.com/gruntwork-io/terragrunt/blob/master/docs/assets/img/favicon/ms-icon-310x310.png --[302]--> https://github.com/gruntwork-io/terragrunt/blob/main/docs/assets/img/favicon/ms-icon-310x310.png
[500] https://packagecontrol.io/packages/Terrafmt (at 254:16) | Rejected status code: 500 Internal Server Error

Errors in megalinter/descriptors/tsx.megalinter-descriptor.yml
[404] https://eslint-react.xyz/docs/getting-started/installation (at 67:37) | Rejected status code: 404 Not Found | Followed 1 redirect. Redirects: https://eslint-react.xyz/docs/getting-started/installation --[307]--> https://www.eslint-react.xyz/docs/getting-started/installation

Errors in megalinter/descriptors/typescript.megalinter-descriptor.yml
[500] https://packagecontrol.io/packages/JsPrettier (at 384:16) | Error (cached)
[500] https://packagecontrol.io/packages/StandardFormat (at 312:16) | Rejected status code: 500 Internal Server Error
[500] https://packagecontrol.io/packages/SublimeLinter-contrib-standard (at 310:16) | Rejected status code: 500 Internal Server Error

Errors in megalinter/descriptors/xml.megalinter-descriptor.yml
[406] https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home (at 38:17) | Rejected status code: 406 Not Acceptable

Errors in megalinter/descriptors/yaml.megalinter-descriptor.yml
[500] https://packagecontrol.io/packages/JsPrettier (at 76:16) | Error (cached)

Errors in README.md
[403] https://cloudtuned.hashnode.dev/ (at 1749:255) | Rejected status code: 403 Forbidden
[403] https://cloudtuned.hashnode.dev/introducing-megalinter-streamlining-code-quality-checks-across-multiple-languages (at 1749:3) | Rejected status code: 403 Forbidden
[301] https://future-architect.github.io/authors/%E5%AE%AE%E6%B0%B8%E5%B4%87%E5%8F%B2 (at 1780:104) | Rejected status code: 301 Moved Permanently
[TIMEOUT] https://generated.at/ (at 1146:301) | Request timed out
[403] https://javascript.plainenglish.io/node-js-coding-standard-tools-with-megalinter-on-gitlab-ci-a43b55915811 (at 1763:3) | Rejected status code: 403 Forbidden
[403] https://medium.com/@caodanju/30-seconds-to-setup-megalinter-your-go-to-tool-for-automated-code-quality-and-iac-security-969d90a5a99c (at 1748:3) | Rejected status code: 403 Forbidden
[403] https://medium.com/@RunningMattress (at 1757:255) | Rejected status code: 403 Forbidden
[403] https://medium.com/@RunningMattress/level-up-your-unity-packages-with-ci-cd-9498d2791211 (at 1757:3) | Rejected status code: 403 Forbidden
[403] https://medium.com/@SeasonedDeveloper (at 1744:255) | Rejected status code: 403 Forbidden
[403] https://medium.com/@SeasonedDeveloper/looking-for-the-best-ci-cd-pipeline-linting-tool-try-megalinter-d89c9eba850d (at 1744:3) | Rejected status code: 403 Forbidden
[403] https://medium.com/datamindedbe/integrating-megalinter-to-automate-linting-across-multiple-codebases-a-technical-description-a200bb235b71 (at 1745:3) | Rejected status code: 403 Forbidden
[403] https://nicolas.vuillamy.fr/improve-uniformize-and-secure-your-code-base-with-megalinter-62ebab422c1 (at 1766:3) | Rejected status code: 403 Forbidden
[403] https://nicolas.vuillamy.fr/megalinter-sells-his-soul-and-joins-ox-security-2a91a0027628 (at 1765:3) | Rejected status code: 403 Forbidden
[403] https://nklya.medium.com/ (at 1762:255) | Rejected status code: 403 Forbidden
[403] https://nklya.medium.com/hot-to-linter-basic-things-like-trailing-whitespaces-and-newlines-7b40da8f688d (at 1762:3) | Rejected status code: 403 Forbidden
[403] https://npmjs.org/package/mega-linter-runner (at 1061:1) | Error (cached)
[403] https://npmjs.org/package/mega-linter-runner (at 1062:1) | Error (cached)
[403] https://npmjs.org/package/mega-linter-runner (at 1063:1) | Error (cached)
[403] https://npmjs.org/package/mega-linter-runner (at 21:1) | Error (cached)
[403] https://pmd.sourceforge.io/pmd-6.55.0/pmd_userdocs_tools_ci.html (at 1847:3) | Error (cached)
[403] https://www.npmjs.com/package/@downatthebottomofthemolehole/megalinter-mcp-server (at 1722:354) | Rejected status code: 403 Forbidden

Hint: Followed 744 redirects. You might want to consider replacing redirecting URLs with the resolved URLs. Use verbose mode (`-v`/`-vv`) to see redirection details.
Hint: Rejected redirectional status codes. This means some redirects were not followed. You might want to increase the limit for `-m`/`--max-redirects`.

(Truncated to last 5714 characters out of 33991)

⚠️ MARKDOWN / markdownlint - 351 errors

ngle-h1 Multiple top-level headings in the same document [Context: "IDE Configuration Reporter"]
docs/reporters/ConsoleReporter.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Console Reporter"]
docs/reporters/EmailReporter.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "E-mail Reporter"]
docs/reporters/FileIoReporter.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "File.io Reporter"]
docs/reporters/GitHubCommentReporter.md:6 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "GitHub Comment Reporter"]
docs/reporters/GitHubCommentReporter.md:27:196 error MD056/table-column-count Table column count [Expected: 4; Actual: 3; Too few cells, row will be missing data]
docs/reporters/GitHubCommentReporter.md:27:46 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:27:174 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:27:196 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:28:179 error MD056/table-column-count Table column count [Expected: 4; Actual: 3; Too few cells, row will be missing data]
docs/reporters/GitHubCommentReporter.md:28:46 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:28:160 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:28:179 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:29:159 error MD056/table-column-count Table column count [Expected: 4; Actual: 3; Too few cells, row will be missing data]
docs/reporters/GitHubCommentReporter.md:29:48 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:29:143 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:29:159 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:30:171 error MD056/table-column-count Table column count [Expected: 4; Actual: 3; Too few cells, row will be missing data]
docs/reporters/GitHubCommentReporter.md:30:46 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:30:152 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:30:171 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubStatusReporter.md:6 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "GitHub Status Reporter"]
docs/reporters/GitlabCommentReporter.md:6 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Gitlab Comment Reporter"]
docs/reporters/JsonReporter.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "JSON Reporter"]
docs/reporters/MarkdownSummaryReporter.md:6 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Markdown Summary Reporter"]
docs/reporters/SarifReporter.md:6 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "SARIF Reporter (beta)"]
docs/reporters/TapReporter.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "TAP Reporter"]
docs/reporters/TextReporter.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Text Reporter"]
docs/reporters/UpdatedSourcesReporter.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Updated Sources Reporter"]
docs/special-thanks.md:9 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Special thanks"]
docs/special-thanks.md:23:3 error MD045/no-alt-text Images should have alternate text (alt text)
docs/sponsor.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Sponsoring"]
docs/supported-linters.md:9 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Supported Linters"]
mega-linter-runner/generators/mega-linter-custom-flavor/templates/README.md:69 error MD024/no-duplicate-heading Multiple headings with the same content [Context: "How to use the custom flavor"]
mega-linter-runner/README.md:27:274 error MD051/link-fragments Link fragments should be valid [Context: "[**apply formatting and auto-fixes**](#apply-fixes)"]
mega-linter-runner/README.md:27:217 error MD051/link-fragments Link fragments should be valid [Context: "[**reports in several formats**](#reports)"]
README.md:190:127 error MD051/link-fragments Link fragments should be valid [Context: "[many additional features](#mega-linter-vs-super-linter)"]
README.md:1942:3 error MD045/no-alt-text Images should have alternate text (alt text)

(Truncated to last 5714 characters out of 46462)

⚠️ YAML / prettier - 14 errors

/templates/megalinter-custom-flavor.yml: SyntaxError: Implicit map keys need to be followed by map values (6:1)
[error]   4 | label: <%= CUSTOM_FLAVOR_LABEL %>
[error]   5 | linters:
[error] > 6 | <%= CUSTOM_FLAVOR_LINTERS %>
[error]     | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[error]   7 |
mega-linter-runner/generators/mega-linter/templates/.drone.yml 2ms (unchanged)
mega-linter-runner/generators/mega-linter/templates/.gitlab-ci.yml 6ms (unchanged)
mega-linter-runner/generators/mega-linter/templates/azure-pipelines.yml 9ms (unchanged)
mega-linter-runner/generators/mega-linter/templates/bitbucket-pipelines.yml 5ms (unchanged)
mega-linter-runner/generators/mega-linter/templates/concourse-task.yml 4ms (unchanged)
[error] mega-linter-runner/generators/mega-linter/templates/mega-linter.yml: SyntaxError: Implicit map keys need to be followed by map values (67:11)
[error]   65 |           # Only define `secrets.PAT` if you fully understand the trade-off.
[error]   66 |           token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
[error] > 67 |           <%- PERSIST_CREDENTIALS %>
[error]      |           ^^^^^^^^^^^^^^^^^^^^^^^^^^
[error]   68 |
[error]   69 |           # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to
[error]   70 |           # improve performance
megalinter/descriptors/action.megalinter-descriptor.yml 25ms (unchanged)
megalinter/descriptors/ansible.megalinter-descriptor.yml 8ms (unchanged)
megalinter/descriptors/api.megalinter-descriptor.yml 20ms (unchanged)
megalinter/descriptors/arm.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/bash.megalinter-descriptor.yml 29ms (unchanged)
megalinter/descriptors/bicep.megalinter-descriptor.yml 6ms (unchanged)
megalinter/descriptors/c.megalinter-descriptor.yml 12ms (unchanged)
megalinter/descriptors/clojure.megalinter-descriptor.yml 8ms (unchanged)
megalinter/descriptors/cloudformation.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/coffee.megalinter-descriptor.yml 6ms (unchanged)
megalinter/descriptors/copypaste.megalinter-descriptor.yml 25ms (unchanged)
megalinter/descriptors/cpp.megalinter-descriptor.yml 10ms (unchanged)
megalinter/descriptors/csharp.megalinter-descriptor.yml 9ms (unchanged)
megalinter/descriptors/css.megalinter-descriptor.yml 6ms (unchanged)
megalinter/descriptors/dart.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/dockerfile.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/editorconfig.megalinter-descriptor.yml 2ms (unchanged)
megalinter/descriptors/env.megalinter-descriptor.yml 8ms (unchanged)
megalinter/descriptors/gherkin.megalinter-descriptor.yml 5ms (unchanged)
megalinter/descriptors/go.megalinter-descriptor.yml 9ms (unchanged)
megalinter/descriptors/graphql.megalinter-descriptor.yml 3ms (unchanged)
megalinter/descriptors/groovy.megalinter-descriptor.yml 5ms (unchanged)
megalinter/descriptors/html.megalinter-descriptor.yml 9ms (unchanged)
megalinter/descriptors/java.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/javascript.megalinter-descriptor.yml 49ms (unchanged)
megalinter/descriptors/json.megalinter-descriptor.yml 25ms (unchanged)
megalinter/descriptors/jsx.megalinter-descriptor.yml 11ms (unchanged)
megalinter/descriptors/kotlin.megalinter-descriptor.yml 11ms (unchanged)
megalinter/descriptors/kubernetes.megalinter-descriptor.yml 19ms (unchanged)
megalinter/descriptors/latex.megalinter-descriptor.yml 4ms (unchanged)
megalinter/descriptors/lua.megalinter-descriptor.yml 26ms (unchanged)
megalinter/descriptors/makefile.megalinter-descriptor.yml 3ms (unchanged)
megalinter/descriptors/markdown.megalinter-descriptor.yml 29ms (unchanged)
megalinter/descriptors/perl.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/php.megalinter-descriptor.yml 52ms (unchanged)
megalinter/descriptors/powershell.megalinter-descriptor.yml 24ms (unchanged)
megalinter/descriptors/protobuf.megalinter-descriptor.yml 13ms (unchanged)
megalinter/descriptors/puppet.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/python.megalinter-descriptor.yml 132ms (unchanged)
megalinter/descriptors/r.megalinter-descriptor.yml 11ms (unchanged)
megalinter/descriptors/raku.megalinter-descriptor.yml 6ms (unchanged)
megalinter/descriptors/repository.megalinter-descriptor.yml 130ms (unchanged)
megalinter/descriptors/robotframework.megalinter-descriptor.yml 13ms (unchanged)
megalinter/descriptors/rst.megalinter-descriptor.yml 6ms (unchanged)
megalinter/descriptors/ruby.megalinter-descriptor.yml 8ms (unchanged)
megalinter/descriptors/rust.megalinter-descriptor.yml 6ms (unchanged)
megalinter/descriptors/salesforce.megalinter-descriptor.yml 71ms (unchanged)
megalinter/descriptors/scala.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/snakemake.megalinter-descriptor.yml 9ms (unchanged)
megalinter/descriptors/spell.megalinter-descriptor.yml 35ms (unchanged)
megalinter/descriptors/sql.megalinter-descriptor.yml 14ms (unchanged)
megalinter/descriptors/swift.megalinter-descriptor.yml 13ms (unchanged)
megalinter/descriptors/tekton.megalinter-descriptor.yml 2ms (unchanged)
megalinter/descriptors/terraform.megalinter-descriptor.yml 29ms (unchanged)
megalinter/descriptors/tsx.megalinter-descriptor.yml 16ms (unchanged)
megalinter/descriptors/typescript.megalinter-descriptor.yml 29ms (unchanged)
megalinter/descriptors/vbdotnet.megalinter-descriptor.yml 5ms (unchanged)
megalinter/descriptors/xml.megalinter-descriptor.yml 11ms (unchanged)
megalinter/descriptors/yaml.megalinter-descriptor.yml 21ms (unchanged)
server/docker-compose-dev.yml 3ms (unchanged)
server/docker-compose.yml 5ms (unchanged)
trivy-secret.yaml 1ms (unchanged)
zizmor.yml 5ms (unchanged)

(Truncated to last 5714 characters out of 12052)

⚠️ YAML / yamllint - 40 errors

.grype.yaml
  5:1       warning  missing document start "---"  (document-start)

mega-linter-runner/.eslintrc.yml
  11:9      warning  too few spaces inside empty braces  (braces)

mega-linter-runner/generators/mega-linter-custom-flavor/templates/megalinter-custom-flavor-builder.yml
  48:15     warning  too few spaces inside empty braces  (braces)

mega-linter-runner/generators/mega-linter-custom-flavor/templates/megalinter-custom-flavor.yml
  7:1       error    syntax error: could not find expected ':' (syntax)

mega-linter-runner/generators/mega-linter/templates/mega-linter.yml
  38:15     warning  too few spaces inside empty braces  (braces)
  69:11     error    syntax error: could not find expected ':' (syntax)

megalinter/descriptors/copypaste.megalinter-descriptor.yml
  18:301    warning  line too long (313 > 300 characters)  (line-length)

megalinter/descriptors/javascript.megalinter-descriptor.yml
  54:301    warning  line too long (475 > 300 characters)  (line-length)
  323:301   warning  line too long (307 > 300 characters)  (line-length)

megalinter/descriptors/jsx.megalinter-descriptor.yml
  30:301    warning  line too long (475 > 300 characters)  (line-length)

megalinter/descriptors/markdown.megalinter-descriptor.yml
  83:301    warning  line too long (366 > 300 characters)  (line-length)

megalinter/descriptors/perl.megalinter-descriptor.yml
  26:301    warning  line too long (310 > 300 characters)  (line-length)

megalinter/descriptors/php.megalinter-descriptor.yml
  182:301   warning  line too long (389 > 300 characters)  (line-length)
  196:301   warning  line too long (302 > 300 characters)  (line-length)

megalinter/descriptors/repository.megalinter-descriptor.yml
  161:301   warning  line too long (408 > 300 characters)  (line-length)
  277:301   warning  line too long (306 > 300 characters)  (line-length)
  282:301   warning  line too long (321 > 300 characters)  (line-length)
  485:301   warning  line too long (338 > 300 characters)  (line-length)
  571:301   warning  line too long (306 > 300 characters)  (line-length)
  727:301   warning  line too long (316 > 300 characters)  (line-length)
  1015:301  warning  line too long (1263 > 300 characters)  (line-length)
  1105:301  warning  line too long (879 > 300 characters)  (line-length)
  1119:301  warning  line too long (358 > 300 characters)  (line-length)
  1175:301  warning  line too long (346 > 300 characters)  (line-length)
  1182:301  warning  line too long (307 > 300 characters)  (line-length)

megalinter/descriptors/salesforce.megalinter-descriptor.yml
  51:301    warning  line too long (359 > 300 characters)  (line-length)
  341:301   warning  line too long (359 > 300 characters)  (line-length)

megalinter/descriptors/spell.megalinter-descriptor.yml
  149:301   warning  line too long (315 > 300 characters)  (line-length)

megalinter/descriptors/sql.megalinter-descriptor.yml
  97:301    warning  line too long (319 > 300 characters)  (line-length)

megalinter/descriptors/terraform.megalinter-descriptor.yml
  27:301    warning  line too long (330 > 300 characters)  (line-length)
  86:301    warning  line too long (391 > 300 characters)  (line-length)
  142:301   warning  line too long (346 > 300 characters)  (line-length)
  205:301   warning  line too long (328 > 300 characters)  (line-length)

megalinter/descriptors/tsx.megalinter-descriptor.yml
  30:301    warning  line too long (475 > 300 characters)  (line-length)

megalinter/descriptors/typescript.megalinter-descriptor.yml
  41:301    warning  line too long (475 > 300 characters)  (line-length)
  319:301   warning  line too long (314 > 300 characters)  (line-length)

mkdocs.yml
  8:301     warning  line too long (552 > 300 characters)  (line-length)
  66:5      warning  wrong indentation: expected 6 but found 4  (indentation)
  78:5      warning  wrong indentation: expected 6 but found 4  (indentation)

zizmor.yml
  1:1       warning  missing document start "---"  (document-start)

✅ Linters with no issues

actionlint, black, checkov, cspell, flake8, git_diff, grype, hadolint, isort, jscpd, jsonlint, markdown-table-formatter, mypy, npm-groovy-lint, pylint, ruff, secretlint, shellcheck, shfmt, syft, trivy, trivy-sbom, trufflehog, v8r, v8r, xmllint, zizmor

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts

Show us your support by starring ⭐ the repository

nvuillam · 2026-05-10T00:05:02Z

@dependabot rebase

echoix · 2026-05-26T18:54:59Z

@dependabot recreate

…updates Bumps the npm_and_yarn group with 3 updates in the /.automation/test/repository_grype/bad directory: [minimatch](https://github.com/isaacs/minimatch), [fast-uri](https://github.com/fastify/fast-uri) and [ip-address](https://github.com/beaugunderson/ip-address). Bumps the npm_and_yarn group with 3 updates in the /.automation/test/repository_osv_scanner/bad directory: [minimatch](https://github.com/isaacs/minimatch), [fast-uri](https://github.com/fastify/fast-uri) and [ip-address](https://github.com/beaugunderson/ip-address). Bumps the npm_and_yarn group with 4 updates in the /.automation/test/repository_syft directory: [minimatch](https://github.com/isaacs/minimatch), [fast-uri](https://github.com/fastify/fast-uri), [ip-address](https://github.com/beaugunderson/ip-address) and [simple-git](https://github.com/steveukx/git-js/tree/HEAD/simple-git). Bumps the npm_and_yarn group with 2 updates in the /.automation/test/trivy/bad directory: [minimist](https://github.com/minimistjs/minimist) and [lodash](https://github.com/lodash/lodash). Updates `minimatch` from 3.0.4 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.5) Updates `fast-uri` from 3.1.0 to 3.1.2 - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.2) Updates `ip-address` from 10.1.0 to 10.2.0 - [Commits](beaugunderson/ip-address@v10.1.0...v10.2.0) Updates `minimatch` from 3.0.4 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.5) Updates `fast-uri` from 3.1.0 to 3.1.2 - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.2) Updates `ip-address` from 10.1.0 to 10.2.0 - [Commits](beaugunderson/ip-address@v10.1.0...v10.2.0) Updates `minimatch` from 3.0.4 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.5) Updates `fast-uri` from 3.1.0 to 3.1.2 - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.2) Updates `ip-address` from 10.1.0 to 10.2.0 - [Commits](beaugunderson/ip-address@v10.1.0...v10.2.0) Updates `minimatch` from 3.0.4 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.5) Updates `fast-uri` from 3.1.0 to 3.1.2 - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.2) Updates `ip-address` from 10.1.0 to 10.2.0 - [Commits](beaugunderson/ip-address@v10.1.0...v10.2.0) Updates `minimatch` from 3.0.4 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.5) Updates `fast-uri` from 3.1.0 to 3.1.2 - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.2) Updates `ip-address` from 10.1.0 to 10.2.0 - [Commits](beaugunderson/ip-address@v10.1.0...v10.2.0) Updates `minimatch` from 3.0.4 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.5) Updates `fast-uri` from 3.1.0 to 3.1.2 - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.2) Updates `ip-address` from 10.1.0 to 10.2.0 - [Commits](beaugunderson/ip-address@v10.1.0...v10.2.0) Updates `minimatch` from 3.0.4 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.5) Updates `minimatch` from 5.1.6 to 5.1.9 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.5) Updates `minimatch` from 3.1.2 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.5) Updates `minimatch` from 9.0.5 to 9.0.9 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.5) Updates `fast-uri` from 3.1.0 to 3.1.2 - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.2) Updates `ip-address` from 10.1.0 to 10.2.0 - [Commits](beaugunderson/ip-address@v10.1.0...v10.2.0) Updates `simple-git` from 3.33.0 to 3.36.0 - [Release notes](https://github.com/steveukx/git-js/releases) - [Changelog](https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md) - [Commits](https://github.com/steveukx/git-js/commits/simple-git@3.36.0/simple-git) Updates `minimatch` from 3.0.4 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.5) Updates `fast-uri` from 3.1.0 to 3.1.2 - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.2) Updates `ip-address` from 10.1.0 to 10.2.0 - [Commits](beaugunderson/ip-address@v10.1.0...v10.2.0) Updates `simple-git` from 3.33.0 to 3.36.0 - [Release notes](https://github.com/steveukx/git-js/releases) - [Changelog](https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md) - [Commits](https://github.com/steveukx/git-js/commits/simple-git@3.36.0/simple-git) Updates `minimatch` from 3.0.4 to 3.1.5 - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](isaacs/minimatch@v3.0.4...v3.1.5) Updates `fast-uri` from 3.1.0 to 3.1.2 - [Release notes](https://github.com/fastify/fast-uri/releases) - [Commits](fastify/fast-uri@v3.1.0...v3.1.2) Updates `ip-address` from 10.1.0 to 10.2.0 - [Commits](beaugunderson/ip-address@v10.1.0...v10.2.0) Updates `simple-git` from 3.33.0 to 3.36.0 - [Release notes](https://github.com/steveukx/git-js/releases) - [Changelog](https://github.com/steveukx/git-js/blob/main/simple-git/CHANGELOG.md) - [Commits](https://github.com/steveukx/git-js/commits/simple-git@3.36.0/simple-git) Updates `minimist` from 1.2.5 to 1.2.6 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.6) Updates `minimist` from 1.2.5 to 1.2.6 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.6) Updates `minimist` from 1.2.5 to 1.2.6 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.6) Updates `lodash` from 4.17.4 to 4.18.1 - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](lodash/lodash@4.17.4...4.18.1) Updates `minimist` from 1.2.5 to 1.2.6 - [Changelog](https://github.com/minimistjs/minimist/blob/main/CHANGELOG.md) - [Commits](minimistjs/minimist@v1.2.5...v1.2.6) --- updated-dependencies: - dependency-name: fast-uri dependency-version: 3.1.2 dependency-type: indirect - dependency-name: fast-uri dependency-version: 3.1.2 dependency-type: indirect - dependency-name: fast-uri dependency-version: 3.1.2 dependency-type: indirect - dependency-name: ip-address dependency-version: 10.2.0 dependency-type: indirect - dependency-name: ip-address dependency-version: 10.2.0 dependency-type: indirect - dependency-name: ip-address dependency-version: 10.2.0 dependency-type: indirect - dependency-name: lodash dependency-version: 4.18.1 dependency-type: direct:production - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect - dependency-name: minimatch dependency-version: 3.1.5 dependency-type: indirect - dependency-name: minimatch dependency-version: 5.1.9 dependency-type: indirect - dependency-name: minimatch dependency-version: 9.0.9 dependency-type: indirect - dependency-name: minimist dependency-version: 1.2.6 dependency-type: direct:production - dependency-name: simple-git dependency-version: 3.36.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels May 9, 2026

dependabot Bot requested review from Kurt-von-Laven, bdovaz, echoix and nvuillam as code owners May 9, 2026 19:33

dependabot Bot temporarily deployed to dev May 9, 2026 19:33 Inactive

dependabot Bot mentioned this pull request May 9, 2026

chore(deps): bump the npm_and_yarn group across 3 directories with 3 updates #7713

Closed

dependabot Bot temporarily deployed to dev May 9, 2026 19:33 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/dot-automation/test/repository_grype/bad/npm_and_yarn-b2ba3aff0b branch from de47c9c to 4744845 Compare May 10, 2026 01:24

dependabot Bot temporarily deployed to dev May 10, 2026 01:24 Inactive

dependabot Bot force-pushed the dependabot/npm_and_yarn/dot-automation/test/repository_grype/bad/npm_and_yarn-b2ba3aff0b branch from 4744845 to e6a77db Compare May 26, 2026 18:58

dependabot Bot temporarily deployed to dev May 26, 2026 18:58 Inactive

dependabot Bot had a problem deploying to dev May 26, 2026 18:58 Failure

dependabot Bot temporarily deployed to dev May 26, 2026 18:58 Inactive

dependabot Bot had a problem deploying to dev May 26, 2026 18:58 Failure

dependabot Bot force-pushed the dependabot/npm_and_yarn/dot-automation/test/repository_grype/bad/npm_and_yarn-b2ba3aff0b branch from e6a77db to f7f42d6 Compare May 27, 2026 05:03

dependabot Bot had a problem deploying to dev May 27, 2026 05:03 Failure

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump the npm_and_yarn group across 4 directories with 6 updates#7734

chore(deps): bump the npm_and_yarn group across 4 directories with 6 updates#7734
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/dot-automation/test/repository_grype/bad/npm_and_yarn-b2ba3aff0b

dependabot Bot commented on behalf of github May 9, 2026 •

edited

Loading

Uh oh!

github-actions Bot commented May 9, 2026 •

edited

Loading

Uh oh!

nvuillam commented May 10, 2026

Uh oh!

echoix commented May 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github May 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.1.2

⚠️ Security Release

What's Changed

v3.1.1

⚠️ Security Release

What's Changed

New Contributors

v3.1.2

⚠️ Security Release

What's Changed

v3.1.1

⚠️ Security Release

What's Changed

New Contributors

v3.1.2

⚠️ Security Release

What's Changed

v3.1.1

⚠️ Security Release

What's Changed

New Contributors

v3.1.2

⚠️ Security Release

What's Changed

v3.1.1

⚠️ Security Release

What's Changed

New Contributors

v3.1.2

⚠️ Security Release

What's Changed

v3.1.1

⚠️ Security Release

What's Changed

New Contributors

v3.1.2

⚠️ Security Release

What's Changed

v3.1.1

⚠️ Security Release

What's Changed

Uh oh!

github-actions Bot commented May 9, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

❌MegaLinter analysis: Error

✅ Linters with no issues

Notices

Uh oh!

nvuillam commented May 10, 2026

Uh oh!

echoix commented May 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dependabot Bot commented on behalf of github May 9, 2026 •

edited

Loading

github-actions Bot commented May 9, 2026 •

edited

Loading