Bump nvuillam/mega-linter from 5 to 8

[dependabot]

Bumps nvuillam/mega-linter from 5 to 8.

Release notes

Sourced from nvuillam/mega-linter's releases.

v8.0.0

What's Changed

Run npx mega-linter-runner@latest --upgrade to upgrade to MegaLinter v8 :)

• Reporters
  • New ApiReporter (can be used to build Grafana dashboards), by @​nvuillam in oxsecurity/megalinter#3540

• Removed deprecated linters, by @​nvuillam in oxsecurity/megalinter#3854

  • CSS_SCSSLINT: Project discontinued and advising to use stylelint
  • OPENAPI_SPECTRAL: Replaced by API_SPECTRAL (same linter but more formats handled)
  • SQL_SQL_LINT: Project no longer maintained

• Core

  • Hide to linters by default all environment variables that contain TOKEN, USERNAME or PASSWORD, by @​nvuillam in oxsecurity/megalinter#3881
  • Allow to override CLI_LINT_MODE when defined as project, by @​nvuillam in oxsecurity/megalinter#3772
  • Allow to use absolute paths for LINTER_RULES_PATH, by @​nvuillam in oxsecurity/megalinter#3775
  • Allow to update variables from PRE/POST Commands using output_variables property, by @​nvuillam in oxsecurity/megalinter#3861

• Media

  • MegaLinter: un linter pour les gouverner tous (FR), by Guillaume Arnaud from WeScale
  • MegaLinter, by Stéphane Robert, from 3DS OutScale
  • 30 Seconds to Setup MegaLinter: Your Go-To Tool for Automated Code Quality, by Peng Cao |

• Linters enhancements

  • bandit Call bandit with quiet mode to generate less logs, by @​nvuillam in oxsecurity/megalinter#3892
  • grype Count number of errors returned by Grype, by @​nvuillam in oxsecurity/megalinter#3906
  • yamllint Fix yamllint default format to avoid special characters or GitHub sections in text logs, by @​nvuillam in oxsecurity/megalinter#3898

• Fixes

  • terrascan fixed errors and removed redundant code, by @​TommyE123 in oxsecurity/megalinter#3767
  • dotnet-format various performance improvements and ability to specify sln or proj paths, by @​TommyE123 in oxsecurity/megalinter#3741
  • swiftlint Remove deprecated argument --path
  • Salesforce linters: Disable SF CLI auto update warning, by @​nvuillam in oxsecurity/megalinter#3883

• Doc

  • Add images and links to Git, CI/CD & other tools integrations at the beginning of the README, by @​nvuillam in oxsecurity/megalinter#3885
  • Create README animated GIF presentation of MegaLinter, by @​nvuillam in oxsecurity/megalinter#3910
  • Format mkdocs search index in place, by @​echoix in oxsecurity/megalinter#3890
  • Use consistent spelling of 'flavor', by @​InputUsername in oxsecurity/megalinter#3789

• CI

  • Fix docker warnings, by @​nvuillam in oxsecurity/megalinter#3853
    • FromAsCasing: 'as' and 'FROM' keywords' casing do not match
    • NoEmptyContinuation: Empty continuation line
    • SecretsUsedInArgOrEnv: Do not use ARG or ENV instructions for sensitive data
  • Port Beta workflows to use docker/metadata-action, by @​echoix in oxsecurity/megalinter#3860
  • AutoUpdate linters: Always create a PR if the job has been started manually, by @​nvuillam in oxsecurity/megalinter#3863

... (truncated)

Changelog

Sourced from nvuillam/mega-linter's changelog.

[v8.4.1] - 2024-01-28

• Quick fix about PRE_COMMANDS crash (see oxsecurity/megalinter#4591)

• Linter versions upgrades (2)

  • checkstyle from 10.21.1 to 10.21.2
  • stylelint from 16.14.0 to 16.14.1

[v8.4.0] - 2024-01-26

• Core

  • PHP Linters use now the bartlett/sarif-php-converters first official release 1.0.0 to generate SARIF reports, by @​llaville in oxsecurity/megalinter#4357
  • Upgrade PHP engine from 8.3 to 8.4 and allow Psalm 5.26 to run on this context (by @​llaville)
  • Linters can specify in the pre/post commands with a run_before_linters / run_after_linters parameter whether the command is to be executed before/after the execution of the linters themselves (by @​bdovaz in #4482)
  • Bump python version to 3.12.8, by @​echoix in oxsecurity/megalinter#4372
  • Update to .NET 9, by @​bdovaz in oxsecurity/megalinter#4488
  • Upgrade PHP engine from 8.3 to 8.4, by @​llaville in oxsecurity/megalinter#4524

• New linters

  • Reactivate clj-style (Clojure formatter) since its bug is fixed, by @​nvuillam in oxsecurity/megalinter#4369
  • New python formatter: PYTHON_RUFF_FORMAT, by @​nvuillam in oxsecurity/megalinter#4329

• Disabled linters

  • Snakemake has been disabled, because its dependency datrie not maintained, and issue open in snakemake repo since july is still pending

• Linters enhancements

  • Add support to phpstan/extension-installer Composer plugin for automatic installation of PHPStan extensions, by @​llaville in oxsecurity/megalinter#4337
    • Learn more about context on GH-4328
  • Allow Terrascan to lint in file lint mode, by @​bdovaz in oxsecurity/megalinter#4498
  • Add sarif output to golangci-lint, by @​bdovaz in oxsecurity/megalinter#4557

• Plugins

  • Add prettier for markdown, by Qin Li

• Fixes

  • swiftlint Fix swiftlint error where linter is unable to find lintable files. Fixes #440, by @​Noraldeno in oxsecurity/megalinter#4427
  • jscpd url fixes, by @​alexanderbazhenoff in oxsecurity/megalinter#4352
  • Don't call get_pr_data if GitLeaks linter is not active, by @​bdovaz in oxsecurity/megalinter#4469
  • Fix linter disabled reason usage, by @​bdovaz in oxsecurity/megalinter#4466

• Doc

  • Add contributing docs on venv, by @​bdovaz in oxsecurity/megalinter#4479
  • Add disabled linter badge, by @​bdovaz in oxsecurity/megalinter#4477
  • Add AzureCommentReporter instructions, by @​bdovaz in oxsecurity/megalinter#4480

• CI

  • Fix up gitpod config and workflow to support uv 0.5.0+ by @​echoix in #4373
  • Use uv.lock file to build docker images, by @​echoix in oxsecurity/megalinter#4374
  • Update Renovate schedules for uv and sfdx-hardis, by @​echoix in oxsecurity/megalinter#4568
  • Variabilize version and use renovate for updates for the following linters:

... (truncated)

Commits

• 1463330 Release MegaLinter v8.5.0
• 2ce21d9 [automation] Auto-update linters version, help and documentation (#5017)
• 55620d8 [automation] Auto-update linters version, help and documentation (#5016)
• 8f14d77 Fix shfmt version (#5015)
• 45df2ed chore(deps): update dependency snakemake to v9 (#5014)
• 3d5e4bf chore(deps): update dependency node to v22 (#5013)
• 234338f chore(deps): update dependency eslint-plugin-vue to v10 (#5012)
• 7bbecfa chore(deps): update typescript-eslint monorepo to v8.27.0 (#5011)
• 6b80b2c chore(deps): update dependency rq to v2.2.0 (#4996)
• 6072c8d chore(deps): update tflint plugin terraform-linters/tflint-ruleset-azurerm to...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)