Conversation
✅
|
| Descriptor | Linter | Files | Fixed | Errors | Warnings | Elapsed time |
|---|---|---|---|---|---|---|
| ✅ ACTION | actionlint | 14 | 0 | 0 | 0.32s | |
| ✅ BASH | bash-exec | 7 | 0 | 0 | 0.04s | |
| ✅ BASH | shellcheck | 4 | 0 | 0 | 0.17s | |
| shfmt | 7 | 1 | 0 | 0.01s | ||
| ✅ CSHARP | csharpier | 3 | 0 | 0 | 2.05s | |
| roslynator | 1 | 1 | 0 | 13.71s | ||
| ✅ CSS | stylelint | 1 | 0 | 0 | 1.91s | |
| ✅ DOCKERFILE | hadolint | 5 | 0 | 0 | 0.24s | |
| ✅ EDITORCONFIG | editorconfig-checker | 435 | 0 | 0 | 12.54s | |
| ✅ ENV | dotenv-linter | 1 | 0 | 0 | 0.01s | |
| npm-groovy-lint | 8 | 0 | 20 | 27.52s | ||
| ✅ HTML | djlint | 2 | 0 | 0 | 1.92s | |
| ✅ HTML | htmlhint | 2 | 0 | 0 | 0.37s | |
| checkstyle | 64 | 0 | 90 | 8.92s | ||
| ✅ JSON | jsonlint | 53 | 0 | 0 | 0.45s | |
| ✅ JSON | prettier | 53 | 0 | 0 | 5.26s | |
| ✅ JSON | v8r | 53 | 0 | 0 | 33.4s | |
| markdownlint | 23 | 273 | 0 | 2.2s | ||
| ✅ PYTHON | bandit | 1 | 0 | 0 | 3.45s | |
| ✅ PYTHON | black | 1 | 0 | 0 | 1.34s | |
| ✅ PYTHON | flake8 | 1 | 0 | 0 | 0.96s | |
| ✅ PYTHON | isort | 1 | 0 | 0 | 0.45s | |
| ✅ PYTHON | mypy | 1 | 0 | 0 | 12.76s | |
| ✅ PYTHON | ruff | 1 | 0 | 0 | 0.03s | |
| ✅ REPOSITORY | gitleaks | yes | no | no | 1.21s | |
| ✅ REPOSITORY | git_diff | yes | no | no | 0.29s | |
| kics | yes | no | 119 | 55.18s | ||
| ✅ REPOSITORY | secretlint | yes | no | no | 5.39s | |
| ✅ REPOSITORY | syft | yes | no | no | 13.32s | |
| trivy | yes | 12 | no | 16.35s | ||
| ✅ REPOSITORY | trivy-sbom | yes | no | no | 7.1s | |
| ✅ REPOSITORY | trufflehog | yes | no | no | 9.26s | |
| ✅ XML | xmllint | 4 | 0 | 0 | 0.9s | |
| ✅ YAML | prettier | 118 | 0 | 0 | 2.12s |
Detailed Issues
⚠️ JAVA / checkstyle - 90 warnings
warning: First sentence of Javadoc is missing an ending period.
warning: First sentence of Javadoc is missing an ending period.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Line is longer than 100 characters (found 103).
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: First sentence of Javadoc is missing an ending period.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Line is longer than 100 characters (found 107).
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: First sentence of Javadoc is missing an ending period.
warning: Line is longer than 100 characters (found 115).
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Missing a Javadoc comment.
warning: Line is longer than 100 characters (found 220).
warning: Line is longer than 100 characters (found 104).
warning: Line is longer than 100 characters (found 117).
warning: Line is longer than 100 characters (found 154).
warning: Line is longer than 100 characters (found 111).
warning: Line is longer than 100 characters (found 128).
warning: Line is longer than 100 characters (found 142).
warning: Missing a Javadoc comment.
warning: Line is longer than 100 characters (found 104).
warning: Line is longer than 100 characters (found 132).
warning: Line is longer than 100 characters (found 141).
warning: 90 warnings emitted
⚠️ REPOSITORY / kics - 119 warnings
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ src/notify/tests/e2e/docker-compose.yaml:26:1
│
26 │ jobstore-db:
│ ^^^^^^^^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ docker-compose/docker-compose.staging.yaml:142:1
│
142 │ fhir-db:
│ ^^^^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ docker-compose/docker-compose.staging.yaml:211:1
│
211 │ notify:
│ ^^^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ src/list/frontend/deploy/docker-compose.dev.yml:28:1
│
28 │ jaeger:
│ ^^^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ src/list/frontend/deploy/docker-compose.dev.yml:53:1
│
53 │ fhir-pseudonymizer:
│ ^^^^^^^^^^^^^^^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ docker-compose/docker-compose.staging.yaml:220:1
│
220 │ query:
│ ^^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ src/list/frontend/deploy/docker-compose.dev.yml:16:1
│
16 │ loader:
│ ^^^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ src/notify/tests/e2e/docker-compose.yaml:47:1
│
47 │ fhir:
│ ^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ src/query/tests/e2e/docker-compose.yaml:35:1
│
35 │ fhir:
│ ^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ src/notify/tests/e2e/docker-compose.yaml:33:1
│
33 │ tester:
│ ^^^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ src/list/frontend/deploy/docker-compose.dev.yml:38:1
│
38 │ keycloak:
│ ^^^^^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ src/query/tests/e2e/docker-compose.yaml:45:1
│
45 │ broadsea-atlasdb:
│ ^^^^^^^^^^^^^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.
warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
┌─ src/list/frontend/tests/e2e/docker-compose.yaml:72:1
│
72 │ jaeger:
│ ^^^^^^^^^
│
= Container Capabilities Unrestricted
= Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unneces
(Truncated to 5714 characters out of 37150)
⚠️ MARKDOWN / markdownlint - 273 errors
CHANGELOG.md:5 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:9:121 MD013/line-length Line length [Expected: 120; Actual: 232]
CHANGELOG.md:10:121 MD013/line-length Line length [Expected: 120; Actual: 220]
CHANGELOG.md:13 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:24 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:25 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:30 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:31 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:45 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:52 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:53 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:56:121 MD013/line-length Line length [Expected: 120; Actual: 220]
CHANGELOG.md:59 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:60 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:66:121 MD013/line-length Line length [Expected: 120; Actual: 241]
CHANGELOG.md:73 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:74 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:81:121 MD013/line-length Line length [Expected: 120; Actual: 220]
CHANGELOG.md:86 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:91 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:92 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:105:121 MD013/line-length Line length [Expected: 120; Actual: 229]
CHANGELOG.md:106:121 MD013/line-length Line length [Expected: 120; Actual: 228]
CHANGELOG.md:109:121 MD013/line-length Line length [Expected: 120; Actual: 237]
CHANGELOG.md:122 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:125:121 MD013/line-length Line length [Expected: 120; Actual: 224]
CHANGELOG.md:127 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:128 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:132 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:133 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:139 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:140 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Features"]
CHANGELOG.md:144 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:145 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:151 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:152 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:158 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:159 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Features"]
CHANGELOG.md:163 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:164 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:167:121 MD013/line-length Line length [Expected: 120; Actual: 219]
CHANGELOG.md:168:121 MD013/line-length Line length [Expected: 120; Actual: 221]
CHANGELOG.md:169:121 MD013/line-length Line length [Expected: 120; Actual: 228]
CHANGELOG.md:170:121 MD013/line-length Line length [Expected: 120; Actual: 220]
CHANGELOG.md:171:121 MD013/line-length Line length [Expected: 120; Actual: 232]
CHANGELOG.md:177:121 MD013/line-length Line length [Expected: 120; Actual: 233]
CHANGELOG.md:180 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:181 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Documentation"]
CHANGELOG.md:185 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:186 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:207:121 MD013/line-length Line length [Expected: 120; Actual: 228]
CHANGELOG.md:209:121 MD013/line-length Line length [Expected: 120; Actual: 230]
CHANGELOG.md:211:121 MD013/line-length Line length [Expected: 120; Actual: 232]
CHANGELOG.md:212:121 MD013/line-length Line length [Expected: 120; Actual: 232]
CHANGELOG.md:213:121 MD013/line-length Line length [Expected: 120; Actual: 234]
CHANGELOG.md:215:121 MD013/line-length Line length [Expected: 120; Actual: 237]
CHANGELOG.md:216:121 MD013/line-length Line length [Expected: 120; Actual: 237]
CHANGELOG.md:217:121 MD013/line-length Line length [Expected: 120; Actual: 237]
CHANGELOG.md:218:121 MD013/line-length Line length [Expected: 120; Actual: 239]
CHANGELOG.md:219:121 MD013/line-length Line length [Expected: 120; Actual: 239]
CHANGELOG.md:220:121 MD013/line-length Line length [Expected: 12
(Truncated to 5714 characters out of 26039)
⚠️ GROOVY / npm-groovy-lint - 20 warnings
note: Class should be marked with one of @GrailsCompileStatic, @CompileStatic or @CompileDynamic
= Check that classes are explicitely annotated with either @GrailsCompileStatic, @CompileStatic or @CompileDynamic
note: Class should be marked with one of @GrailsCompileStatic, @CompileStatic or @CompileDynamic
= Check that classes are explicitely annotated with either @GrailsCompileStatic, @CompileStatic or @CompileDynamic
note: The String 'spring-boot-loader' can be wrapped in single quotes instead of double quotes
┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:71:24
│
71 │ intoLayer("spring-boot-loader") {
│ ^^^^^^^^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String 'org/springframework/boot/loader/**' can be wrapped in single quotes instead of double quotes
┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:72:26
│
72 │ include("org/springframework/boot/loader/**")
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String 'application' can be wrapped in single quotes instead of double quotes
┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:74:24
│
74 │ intoLayer("application")
│ ^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String 'module-dependencies' can be wrapped in single quotes instead of double quotes
┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:77:24
│
77 │ intoLayer("module-dependencies") {
│ ^^^^^^^^^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String 'org.miracum:*:*' can be wrapped in single quotes instead of double quotes
┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:78:26
│
78 │ include("org.miracum:*:*")
│ ^^^^^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String 'dependencies' can be wrapped in single quotes instead of double quotes
┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:80:24
│
80 │ intoLayer("dependencies")
│ ^^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String 'dependencies' can be wrapped in single quotes instead of double quotes
┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:82:25
│
82 │ layerOrder = [ "dependencies", "spring-boot-loader", "module-dependencies", "application" ]
│ ^^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String 'spring-boot-loader' can be wrapped in single quotes instead of double quotes
┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:82:41
│
82 │ layerOrder = [ "dependencies", "spring-boot-loader", "module-dependencies", "application" ]
│ ^^^^^^^^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String 'module-dependencies' can be wrapped in single quotes instead of double quotes
┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:82:63
│
82 │ layerOrder = [ "dependencies", "spring-boot-loader", "module-dependencies", "application" ]
│ ^^^^^^^^^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String 'application' can be wrapped in single quotes instead of double quotes
┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:82:86
│
82 │ layerOrder = [ "dependencies", "spring-boot-loader", "module-dependencies", "application" ]
│ ^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: Class should be marked with one of @GrailsCompileStatic, @CompileStatic or @CompileDynamic
= Check that classes are explicitely annotated with ei
(Truncated to 5714 characters out of 7255)
⚠️ CSHARP / roslynator - 1 error
Results of roslynator linter (version 0.10.2.0)
See documentation on https://megalinter.io/9.1.0/descriptors/csharp_roslynator/
-----------------------------------------------
❌ [ERROR] tests/chaos/tester/tester.csproj
Loading project 'tests/chaos/tester/tester.csproj'...
Analyze 'tester'
System.AggregateException: One or more errors occurred. (Could not load file or assembly 'System.Composition.AttributedModel, Version=9.0.0.8, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'. The system cannot find the file specified.
)
---> System.IO.FileNotFoundException: Could not load file or assembly 'System.Composition.AttributedModel, Version=9.0.0.8, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'. The system cannot find the file specified.
File name: 'System.Composition.AttributedModel, Version=9.0.0.8, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'
at System.ModuleHandle.ResolveType(QCallModule module, Int32 typeToken, IntPtr* typeInstArgs, Int32 typeInstCount, IntPtr* methodInstArgs, Int32 methodInstCount, ObjectHandleOnStack type)
at System.ModuleHandle.ResolveTypeHandle(Int32 typeToken, RuntimeTypeHandle[] typeInstantiationContext, RuntimeTypeHandle[] methodInstantiationContext)
at System.Reflection.RuntimeModule.ResolveType(Int32 metadataToken, Type[] genericTypeArguments, Type[] genericMethodArguments)
at System.Reflection.CustomAttribute.FilterCustomAttributeRecord(MetadataToken caCtorToken, MetadataImport& scope, RuntimeModule decoratedModule, MetadataToken decoratedToken, RuntimeType attributeFilterType, Boolean mustBeInheritable, ListBuilder`1& derivedAttributes, RuntimeType& attributeType, IRuntimeMethodInfo& ctorWithParameters, Boolean& isVarArg)
at System.Reflection.CustomAttribute.AddCustomAttributes(ListBuilder`1& attributes, RuntimeModule decoratedModule, Int32 decoratedMetadataToken, RuntimeType attributeFilterType, Boolean mustBeInheritable, ListBuilder`1 derivedAttributes)
at System.Reflection.CustomAttribute.GetCustomAttributes(RuntimeModule decoratedModule, Int32 decoratedMetadataToken, Int32 pcaCount, RuntimeType attributeFilterType)
at System.Reflection.CustomAttribute.GetCustomAttributes(RuntimeType type, RuntimeType caType, Boolean inherit)
at System.Attribute.GetCustomAttributes(MemberInfo element, Type attributeType, Boolean inherit)
at Roslynator.AnalyzerAssembly.Load(Assembly analyzerAssembly, Boolean loadAnalyzers, Boolean loadFixers, String language) in /_/src/Workspaces.Core/AnalyzerAssembly.cs:line 129
at Roslynator.AnalyzerLoader.GetAnalyzersAndFixers(Project project, Boolean loadFixers) in /_/src/Workspaces.Core/AnalyzerLoader.cs:line 112
at Roslynator.AnalyzerLoader.GetAnalyzers(Project project) in /_/src/Workspaces.Core/AnalyzerLoader.cs:line 55
at Roslynator.Diagnostics.CodeAnalyzer.AnalyzeProjectCoreAsync(Project project, CancellationToken cancellationToken) in /_/src/Workspaces.Core/Diagnostics/CodeAnalyzer.cs:line 124
at Roslynator.Diagnostics.CodeAnalyzer.AnalyzeProjectAsync(Project project, CancellationToken cancellationToken) in /_/src/Workspaces.Core/Diagnostics/CodeAnalyzer.cs:line 99
at Roslynator.CommandLine.AnalyzeCommand.ExecuteAsync(ProjectOrSolution projectOrSolution, CancellationToken cancellationToken) in /_/src/CommandLine/Commands/AnalyzeCommand.cs:line 73
at Roslynator.CommandLine.MSBuildWorkspaceCommand`1.ExecuteAsync(String path, MSBuildWorkspace workspace, CancellationToken cancellationToken) in /_/src/CommandLine/Commands/MSBuildWorkspaceCommand.cs:line 164
at Roslynator.CommandLine.MSBuildWorkspaceCommand`1.ExecuteAsync(IEnumerable`1 paths, String msbuildPath, IEnumerable`1 properties) in /_/src/CommandLine/Commands/MSBuildWorkspaceCommand.cs:line 89
at Roslynator.CommandLine.Program.AnalyzeAsync(AnalyzeCommandLineOptions options) in /_/src/CommandLine/Program.cs:line 346
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
at Roslynator.CommandLine.Program.<>c.<Main>b__0_3(MSBuildCommandLineOptions options) in /_/src/CommandLine/Program.cs:line 175
at CommandLine.ParserResultExtensions.MapResult[T1,T2,TResult](ParserResult`1 result, Func`2 parsedFunc1, Func`2 parsedFunc2, Func`2 notParsedFunc)
at Roslynator.CommandLine.Program.Main(String[] args) in /_/src/CommandLine/Program.cs:line 169
⚠️ BASH / shfmt - 1 error
diff src/gradlew.orig src/gradlew
--- src/gradlew.orig
+++ src/gradlew
@@ -71,15 +71,15 @@
# Need this for daisy-chained symlinks.
while
- APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
- [ -h "$app_path" ]
+ APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
+ [ -h "$app_path" ]
do
- ls=$(ls -ld "$app_path")
- link=${ls#*' -> '}
- case $link in #(
- /*) app_path=$link ;; #(
- *) app_path=$APP_HOME$link ;;
- esac
+ ls=$(ls -ld "$app_path")
+ link=${ls#*' -> '}
+ case $link in #(
+ /*) app_path=$link ;; #(
+ *) app_path=$APP_HOME$link ;;
+ esac
done
# This is normally unused
@@ -92,14 +92,14 @@
MAX_FD=maximum
warn() {
- echo "$*"
+ echo "$*"
} >&2
die() {
- echo
- echo "$*"
- echo
- exit 1
+ echo
+ echo "$*"
+ echo
+ exit 1
} >&2
# OS specific support (must be 'true' or 'false').
@@ -116,47 +116,47 @@
# Determine the Java command to use to start the JVM.
if [ -n "$JAVA_HOME" ]; then
- if [ -x "$JAVA_HOME/jre/sh/java" ]; then
- # IBM's JDK on AIX uses strange locations for the executables
- JAVACMD=$JAVA_HOME/jre/sh/java
- else
- JAVACMD=$JAVA_HOME/bin/java
- fi
- if [ ! -x "$JAVACMD" ]; then
- die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
- fi
+ if [ -x "$JAVA_HOME/jre/sh/java" ]; then
+ # IBM's JDK on AIX uses strange locations for the executables
+ JAVACMD=$JAVA_HOME/jre/sh/java
+ else
+ JAVACMD=$JAVA_HOME/bin/java
+ fi
+ if [ ! -x "$JAVACMD" ]; then
+ die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+ fi
else
- JAVACMD=java
- if ! command -v java >/dev/null 2>&1; then
- die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
- fi
+ JAVACMD=java
+ if ! command -v java >/dev/null 2>&1; then
+ die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+ fi
fi
# Increase the maximum file descriptors if we can.
if ! "$cygwin" && ! "$darwin" && ! "$nonstop"; then
- case $MAX_FD in #(
- max*)
- # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
- # shellcheck disable=SC2039,SC3045
- MAX_FD=$(ulimit -H -n) ||
- warn "Could not query maximum file descriptor limit"
- ;;
- esac
- case $MAX_FD in #(
- '' | soft) : ;; #(
- *)
- # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
- # shellcheck disable=SC2039,SC3045
- ulimit -n "$MAX_FD" ||
- warn "Could not set maximum file descriptor limit to $MAX_FD"
- ;;
- esac
+ case $MAX_FD in #(
+ max*)
+ # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+ # shellcheck disable=SC2039,SC3045
+ MAX_FD=$(ulimit -H -n) ||
+ warn "Could not query maximum file descriptor limit"
+ ;;
+ esac
+ case $MAX_FD in #(
+ '' | soft) : ;; #(
+ *)
+ # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+ # shellcheck disable=SC2039,SC3045
+ ulimit -n "$MAX_FD" ||
+ warn "Could not set maximum file descriptor limit to $MAX_FD"
+ ;;
+ esac
fi
# Collect all arguments for the java command, stacking in reverse order:
@@ -169,34 +169,34 @@
# For Cygwin or MSYS, switch paths to Windows format before running java
if "$cygwin" || "$msys"; then
- APP_HOME=$(cygpath --path --mixed "$APP_HOME")
-
- JAVACMD=$(cygpath --unix "$JAVACMD")
-
- # Now convert the arguments - kludge to limit ourselves to /bin/sh
- for arg; do
- if
- case $arg in #(
- -*) false ;; # don't mess with options #(
- /?*)
- t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath
- [ -e "$t" ]
- ;; #(
- *) false ;;
- esac
- then
- arg=$(cygpath --path --ignore --mixed "$arg")
- fi
- # Roll the args list around exactly as many times as the number of
- # args, so each arg winds up back in the position where it started, but
- # possibly modified.
- #
- # NB: a `for` loop captures its iteration list before it begins, so
- # changing the positional parameters here affects neither the number of
- # iterations, nor the values presented in `arg`.
- shift # remove old arg
- set -- "$@" "$arg" # push replacement arg
- done
+ APP_HOME=$(cygpath --path --mixed "$APP_HOME")
+
+ JAVACMD=$(cygpath --unix "$JAVACMD")
+
+ # Now convert the arguments - kludge to limit ourselves to /bin/sh
+ for arg; do
+ if
+ case $arg in #(
+ -*) false ;; # don't mess with options #(
+ /?*)
+ t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath
+ [ -e "$t" ]
+ ;; #(
+ *) false ;;
+ esac
+ then
+ arg=$(cygpath --path --ignore --mixed "$arg")
+ fi
+ # Roll the args list around exactly as many times as the number of
+ # args, so each arg winds up back in the position where it started, but
+ # possibly modified.
+ #
+ # NB: a `for` loop captures its iteration list before it begins, so
+ # changing the positional parameters here affects neither the number of
+ # iterations, nor the values presented in `arg`.
+ shift # remove old arg
+ set -- "$@" "$arg" # push replacement arg
+ done
fi
# Add default JVM options here. You can also use JAV
(Truncated to 5714 characters out of 6627)
⚠️ REPOSITORY / trivy - 12 errors
error: Package: form-data
Installed Version: 2.3.3
Vulnerability CVE-2025-7783
Severity: CRITICAL
Fixed Version: 2.5.4, 3.0.4, 4.0.4
Link: [CVE-2025-7783](https://avd.aquasec.com/nvd/cve-2025-7783)
┌─ src/list/frontend/tests/e2e/package-lock.json:922:1
│
922 │ ╭ "node_modules/form-data": {
923 │ │ "version": "2.3.3",
924 │ │ "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz",
925 │ │ "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==",
· │
935 │ │ }
936 │ │ },
│ ╰^
│
= form-data: Unsafe random function in form-data
= Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js.
This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.
error: Package: braces
Installed Version: 2.3.2
Vulnerability CVE-2024-4068
Severity: HIGH
Fixed Version: 3.0.3
Link: [CVE-2024-4068](https://avd.aquasec.com/nvd/cve-2024-4068)
┌─ src/list/package-lock.json:20539:1
│
20539 │ ╭ "node_modules/jscodeshift/node_modules/braces": {
20540 │ │ "version": "2.3.2",
20541 │ │ "license": "MIT",
20542 │ │ "optional": true,
· │
20557 │ │ }
20558 │ │ },
│ ╰^
│
= braces: fails to limit the number of characters it can handle
= The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
error: Package: cross-spawn
Installed Version: 6.0.5
Vulnerability CVE-2024-21538
Severity: HIGH
Fixed Version: 7.0.5, 6.0.6
Link: [CVE-2024-21538](https://avd.aquasec.com/nvd/cve-2024-21538)
┌─ src/list/package-lock.json:13811:1
│
13811 │ ╭ "node_modules/execa/node_modules/cross-spawn": {
13812 │ │ "version": "6.0.5",
13813 │ │ "devOptional": true,
13814 │ │ "license": "MIT",
· │
13824 │ │ }
13825 │ │ },
│ ╰^
│
= cross-spawn: regular expression denial of service
= Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.
error: Package: cross-spawn
Installed Version: 7.0.3
Vulnerability CVE-2024-21538
Severity: HIGH
Fixed Version: 7.0.5, 6.0.6
Link: [CVE-2024-21538](https://avd.aquasec.com/nvd/cve-2024-21538)
┌─ src/list/package-lock.json:11420:1
│
11420 │ ╭ "node_modules/cross-spawn": {
11421 │ │ "version": "7.0.3",
11422 │ │ "devOptional": true,
11423 │ │ "license": "MIT",
· │
11431 │ │ }
11432 │ │ },
│ ╰^
│
= cross-spawn: regular expression denial of service
= Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.
error: Package: ws
Installed Version: 6.2.2
Vulnerability CVE-2024-37890
Severity: HIGH
Fixed Version: 5.2.4, 6.2.3, 7.5.10, 8.17.1
Link: [CVE-2024-37890](https://avd.aquasec.com/nvd/cve-2024-37890)
┌─ src/list/package-lock.json:28901:1
│
28901 │ ╭ "node_modules/ws": {
28902 │ │ "version": "6.2.2",
28903 │ │ "license": "MIT",
28904 │ │ "optional": true,
· │
28907 │ │ }
28908 │ │ },
│ ╰^
│
= nodejs-ws: denial of service when handling a request with many HTTP headers
= ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold could be used to crash a ws server. The vulnerability was fixed in ws@8.17.1 (e55e510) and backported to ws@7.5.10 (22c2876), ws@6.2.3 (eeb76d3), and ws@5.2.4 (4abd8f6). In vulnerable versions of ws, the issue can be mitigated in the following ways: 1. Reduce the maximum allowed length of the request headers using the --max-http-header-size=size and/or the maxHeaderSize options so that no more headers than the server.maxHeadersCount limit can be sent. 2. Set server.maxHeadersCount to 0 so that no limit is applied.
error: Package: ws
Installed Version: 7.5.9
Vulnerability CVE-2024-37890
Severity: HIGH
Fixed Version: 5.2.4, 6.2.3, 7.5.10, 8.17.1
Link: [CVE-2024-37890](https://avd.aquasec.com/nvd/cve-2024-37890)
┌─ src/list/package-lock.json:7272:1
│
7272 │ ╭ "node_modules/@react-native-community/cli-server-api/node_modules/ws": {
7273 │ │ "version": "7.5.9",
7274 │ │ "license": "MIT",
7275 │ │ "optional": true,
· │
7290 │ │ }
7291 │ │ },
│ ╰^
│
┌─ src/list/package-lock.json:20830:1
│
20830 │ ╭ "node_modules/jsdom/node_modules/ws": {
20831 │ │ "version": "7.5.9",
20832 │ │ "dev": true,
20833 │ │ "license": "MIT",
· │
20848 │ │ }
20849 │ │ },
│ ╰^
│
┌─ src/list/package-lock.json:22206:1
│
22206 │ ╭ "node_modules/metro-inspector-proxy/node_modules/ws": {
22207 │ │ "version": "7.5.9",
(Truncated to 5714 characters out of 8747)
See detailed reports in MegaLinter artifacts
Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)
- Documentation: Custom Flavors
- Command:
npx mega-linter-runner@9.1.0 --custom-flavor-setup --custom-flavor-linters PYTHON_BLACK,PYTHON_FLAKE8,PYTHON_ISORT,PYTHON_BANDIT,PYTHON_MYPY,PYTHON_RUFF,ACTION_ACTIONLINT,BASH_EXEC,BASH_SHELLCHECK,BASH_SHFMT,CSHARP_CSHARPIER,CSHARP_ROSLYNATOR,CSS_STYLELINT,DOCKERFILE_HADOLINT,EDITORCONFIG_EDITORCONFIG_CHECKER,ENV_DOTENV_LINTER,GROOVY_NPM_GROOVY_LINT,HTML_DJLINT,HTML_HTMLHINT,JAVA_CHECKSTYLE,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_KICS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,XML_XMLLINT,YAML_PRETTIER
renovate
bot
force-pushed
the
renovate/github-actions
branch
3 times, most recently
from
7abb1c2 to
e1b8114
Compare
renovate
bot
force-pushed
the
renovate/github-actions
branch
from
e1b8114 to
cf4b65d
Compare
chgl
approved these changes
Nov 3, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v2.4.10->v2.4.21v2.2.16->v2.2.20v3.30.5->v3.31.2v4.3.0->v4.4.0v1.12.0->v1.13.0v2.6.1->v2.7.0v1.16.28->v1.18.03.13->3.14v3.10.0->v3.10.1v2.3.3->v2.4.1Release Notes
chgl/kube-powertools (ghcr.io/chgl/kube-powertools)
v2.4.21Compare Source
Miscellaneous Chores
v2.4.20Compare Source
Miscellaneous Chores
v2.4.19Compare Source
Miscellaneous Chores
v2.4.18Compare Source
Miscellaneous Chores
2b78dc1(#587) (c308582)v2.4.17Compare Source
Miscellaneous Chores
v2.4.16Compare Source
Miscellaneous Chores
v2.4.15Compare Source
Miscellaneous Chores
66460d5(#585) (e4b25e2)v2.4.14Compare Source
Miscellaneous Chores
593a17d(#584) (0635b1e)v2.4.13Compare Source
Miscellaneous Chores
59a458b(#583) (d8462f0)v2.4.12Compare Source
Miscellaneous Chores
66152e4(#582) (f766616)v2.4.11Compare Source
Miscellaneous Chores
728785b(#581) (c5ee1e7)miracum/ig-build-tools (ghcr.io/miracum/ig-build-tools)
v2.2.20Compare Source
Miscellaneous Chores
v2.2.19Compare Source
Miscellaneous Chores
v2.2.18Compare Source
Miscellaneous Chores
20e7f72(#235) (fb3a59d)v2.2.17Compare Source
Miscellaneous Chores
github/codeql-action (github/codeql-action)
v3.31.2Compare Source
v3.31.1Compare Source
v3.31.0Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.31.0 - 24 Oct 2025
analyzeorupload-sarifactions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for theupload-sarifaction. Foranalyze, this may affect Advanced Setup for CodeQL users who specify a value other thanalwaysfor theuploadinput. #3222See the full CHANGELOG.md for more information.
v3.30.9Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.9 - 17 Oct 2025
setup-codeqlaction has been added which is similar toinit, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204See the full CHANGELOG.md for more information.
v3.30.8Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.8 - 10 Oct 2025
No user facing changes.
See the full CHANGELOG.md for more information.
v3.30.7Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.7 - 06 Oct 2025
No user facing changes.
See the full CHANGELOG.md for more information.
v3.30.6Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.6 - 02 Oct 2025
See the full CHANGELOG.md for more information.
googleapis/release-please-action (googleapis/release-please-action)
v4.4.0Compare Source
Features
Bug Fixes
changelog-hostparameter ignored when using manifest configuration (#1151) (535c413)helm/kind-action (helm/kind-action)
v1.13.0Compare Source
What's Changed
New Contributors
Full Changelog: helm/kind-action@v1...v1.13.0
lycheeverse/lychee-action (lycheeverse/lychee-action)
v2.7.0: Version 2.7.0Compare Source
Breaking changes
If you're using
--base, you must now provide either a URL (with scheme) or an absolute local path. Seelychee --helpfor more information. If you want to resolve root-relative links in local files, also see--root-dir.What's Changed
See https://github.com/lycheeverse/lychee/releases/tag/lychee-v0.21.0 for the lychee changelog.
Full Changelog: lycheeverse/lychee-action@v2...v2.7.0
miracum/.github (miracum/.github)
v1.18.0Compare Source
Features
v1.17.0Compare Source
Features
Miscellaneous Chores
1a7c3d2(#143) (0b72274)v1.16.29Compare Source
Miscellaneous Chores
actions/python-versions (python)
v3.14.0: 3.14.0Compare Source
Python 3.14.0
sigstore/cosign-installer (sigstore/cosign-installer)
v3.10.1Compare Source
What's Changed?
Note: cosign-installer v3.x cannot be used to install Cosign v3.x. You must upgrade to cosign-installer v4 in order to use Cosign v3.
Note: This is planned to be the final release of Cosign v2, though we will cut new releases for any critical security or bug fixes. We recommend transitioning to Cosign v3.
softprops/action-gh-release (softprops/action-gh-release)
v2.4.1Compare Source
What's Changed
Other Changes 🔄
Full Changelog: softprops/action-gh-release@v2...v2.4.1
v2.4.0Compare Source
What's Changed
Exciting New Features 🎉
Other Changes 🔄
Full Changelog: softprops/action-gh-release@v2.3.4...v2.4.0
v2.3.4Compare Source
What's Changed
Bug fixes 🐛
Other Changes 🔄
Full Changelog: softprops/action-gh-release@v2...v2.3.4
Configuration
📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, on day 1 of the month ( * 0-3 1 * * ) (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.