build(deps): bump oxsecurity/megalinter from 7.12.0 to 7.13.0

[dependabot]

Bumps oxsecurity/megalinter from 7.12.0 to 7.13.0.

Release notes

Sourced from oxsecurity/megalinter's releases.

v7.13.0

What's Changed

• New linters

  • Add ls-lint, file and folder linter, by @​scolladon in oxsecurity/megalinter#3681

• Core

  • Handle renovate version comments in build script, by @​echoix in oxsecurity/megalinter#3617 , oxsecurity/megalinter#3627 , oxsecurity/megalinter#3643 , oxsecurity/megalinter#3699 , oxsecurity/megalinter#3700
  • Update base image to python:3.12.4-alpine3.20
  • Use dotnet8-sdk available in the main repository, by @​TommyE123 in oxsecurity/megalinter#3696

• Media

  • Introducing MegaLinter: Streamlining Code Quality Checks Across Multiple Languages, by Cloud Tuned
  • Infrastructure as Code GitHub Codespace Template, by Luke Murray
  • Video: How to: Secrets scanning, by Hackitect's playground

• Linters enhancements

  • Add SARIF support (v2) for all PHP linters by @​llaville in oxsecurity/megalinter#3745 , oxsecurity/megalinter#3729
  • Add python package Pygments to rst-lint venv, by @​bobidle in oxsecurity/megalinter#3631
  • CSharpier added ability to override config filename and path, by @​TommyE123 in oxsecurity/megalinter#3664
  • xmllint added support for xsd files, by @​TommyE123 in oxsecurity/megalinter#3665

• Fixes

  • Improve support for single argument in get_list_args function, by @​TommyE123 in oxsecurity/megalinter#3589
  • ansible-lint Improved activation by checking for .ansible-lint config file, by @​TommyE123 in oxsecurity/megalinter#3697
  • DevSkim fixed fatal errors when scanning and ability to override config path, by @​TommyE123 in oxsecurity/megalinter#3673
  • GitLeaks add missing schema properties, by @​TommyE123 in oxsecurity/megalinter#3675
  • Powershell Error table truncation improvements, by @​TommyE123 in oxsecurity/megalinter#3620
  • Powershell added missing schema property POWERSHELL_POWERSHELL_FORMATTER_OUTPUT_ENCODING, by @​TommyE123 in oxsecurity/megalinter#3678
  • syft use scan instead of deprecated packages arg, by @​TommyE123 in oxsecurity/megalinter#3613
  • tflint added missing schema property TERRAFORM_TFLINT_SECURED_ENV, by @​TommyE123 in oxsecurity/megalinter#3679
  • tflint fixed deprecated argument and other improvements to default .tflint.hcl template, by @​TommyE123 in oxsecurity/megalinter#3688
  • xmllint added missing schema properties XML_XMLLINT_AUTOFORMAT and XML_XMLLINT_INDENT, by @​TommyE123 in oxsecurity/megalinter#3677
  • yamllint fix error/warning count to work with different log output formats, by @​TommyE123 in oxsecurity/megalinter#3612

• Doc

  • Update documentation icons by @​nvuillam in oxsecurity/megalinter#3625

• Flavors

  • Add gherkin-lint in c_cpp flavor, by @​nvuillam in oxsecurity/megalinter#3698

• CI

  • Bump actions/checkout from 3 to 4, by @​KristjanESPERANTO in oxsecurity/megalinter#2994
  • Reduce dependabot PR frequency to weekly by @​echoix in oxsecurity/megalinter#3642

• Linter versions upgrades

  • ansible-lint from 24.2.3 to 24.6.1
  • bandit from 1.7.8 to 1.7.9
  • bash-exec from 5.2.21 to 5.2.26
  • bicep_linter from 0.27.1 to 0.28.1

... (truncated)

Changelog

Sourced from oxsecurity/megalinter's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased] (beta, main branch content)

Note: Can be used with oxsecurity/megalinter@beta in your GitHub Action mega-linter.yml file, or with oxsecurity/megalinter:beta docker image

• New linters

• Core

  • Allow to override CLI_LINT_MODE when defined as project
  • Allow to use absolute paths for LINTER_RULES_PATH

• Media

• Linters enhancements

• Reporters

• Fixes

  • terrascan fixed errors and removed redundant code
  • dotnet-format various performance improvements and ability to specify sln or proj paths

• Doc

• Flavors

• CI

• Linter versions upgrades

  • protolint from 0.50.2 to 0.50.3 on 2024-07-07
  • terraform-fmt from 1.9.0 to 1.9.1 on 2024-07-07
  • terragrunt from 0.59.6 to 0.60.0 on 2024-07-07
  • checkov from 3.2.174 to 3.2.175 on 2024-07-07
  • rstcheck from 6.2.1 to 6.2.4 on 2024-07-07
  • cfn-lint from 1.5.0 to 1.5.1 on 2024-07-08
  • checkov from 3.2.175 to 3.2.177 on 2024-07-08
  • cfn-lint from 1.5.1 to 1.5.2 on 2024-07-09
  • checkov from 3.2.177 to 3.2.179 on 2024-07-09
  • snakemake from 8.15.2 to 8.16.0 on 2024-07-09
  • ansible-lint from 24.6.1 to 24.7.0 on 2024-07-14
  • cfn-lint from 1.5.2 to 1.6.1 on 2024-07-14
  • dotnet-format from 8.0.106 to 8.0.107 on 2024-07-14
  • stylelint from 16.6.1 to 16.7.0 on 2024-07-14
  • prettier from 3.3.2 to 3.3.3 on 2024-07-14
  • pyright from 1.1.370 to 1.1.371 on 2024-07-14
  • ruff from 0.5.1 to 0.5.2 on 2024-07-14

... (truncated)

Commits

• bacb5f8 Release MegaLinter v7.13.0
• 72065d9 [automation] Auto-update linters version, help and documentation (#3746)
• 1b22656 chore(deps): update ghcr.io/terraform-linters/tflint docker tag to v0.52.0 (#...
• 9d76a95 [automation] Auto-update linters version, help and documentation (#3744)
• 350fd81 add SARIF support (v2) for PHP linters (#3745)
• 8d1ea78 chore(deps): update dependency sfdx-hardis to v4.42.0 (#3732)
• a6a08f4 [automation] Auto-update linters version, help and documentation (#3742)
• fae7d18 chore(deps): update dependency @​salesforce/sfdx-scanner to v4 (#3702)
• 1a904bb [automation] Auto-update linters version, help and documentation (#3740)
• 7ed4677 chore(deps): update mstruebing/editorconfig-checker docker tag to v3.0.3 (#3735)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #331.