chore: update CI workflows versions#79
Merged
Merged
Conversation
…alinter to v 9.5.0
Contributor
✅
|
| Descriptor | Linter | Files | Fixed | Errors | Warnings | Elapsed time |
|---|---|---|---|---|---|---|
| ✅ ACTION | zizmor | 3 | 0 | 0 | 2.01s | |
| bash-exec | 6 | 4 | 0 | 0.03s | ||
| ✅ BASH | shellcheck | 6 | 0 | 0 | 0.22s | |
| ✅ BASH | shfmt | 6 | 0 | 0 | 0.02s | |
| ✅ CSHARP | csharpier | 1 | 0 | 0 | 0.41s | |
| ✅ DOCKERFILE | hadolint | 1 | 0 | 0 | 0.2s | |
| ✅ JSON | jsonlint | 1 | 0 | 0 | 0.17s | |
| ✅ JSON | prettier | 1 | 0 | 0 | 0.34s | |
| ✅ JSON | v8r | 1 | 0 | 0 | 2.1s | |
| ✅ MARKDOWN | markdownlint | 6 | 0 | 0 | 2.27s | |
| ✅ REPOSITORY | checkov | yes | no | no | 26.95s | |
| ✅ REPOSITORY | dustilock | yes | no | no | 0.04s | |
| ✅ REPOSITORY | gitleaks | yes | no | no | 15.59s | |
| ✅ REPOSITORY | grype | yes | no | no | 61.77s | |
| ✅ REPOSITORY | kingfisher | yes | no | no | 12.04s | |
| ✅ REPOSITORY | osv-scanner | yes | no | no | 0.66s | |
| ✅ REPOSITORY | secretlint | yes | no | no | 1.32s | |
| ✅ REPOSITORY | syft | yes | no | no | 3.05s | |
| ✅ REPOSITORY | trivy | yes | no | no | 14.58s | |
| ✅ REPOSITORY | trivy-sbom | yes | no | no | 0.76s | |
| ✅ TERRAFORM | terraform-fmt | 6 | 0 | 0 | 0.92s | |
| ✅ YAML | prettier | 9 | 0 | 0 | 0.94s | |
| ✅ YAML | v8r | 9 | 0 | 0 | 6.67s | |
| ✅ YAML | yamllint | 9 | 0 | 0 | 0.5s |
Detailed Issues
⚠️ BASH / bash-exec - 4 errors
Results of bash-exec linter (version 5.3.3)
See documentation on https://megalinter.io/9.5.0/descriptors/bash_bash_exec/
-----------------------------------------------
❌ [ERROR] concourse/scripts/assume_role.sh
Error: File:[concourse/scripts/assume_role.sh] is not executable
✅ [SUCCESS] concourse/scripts/build_image.sh
✅ [SUCCESS] concourse/scripts/set_pipeline.sh
❌ [ERROR] concourse/scripts/terraform_infra.sh
Error: File:[concourse/scripts/terraform_infra.sh] is not executable
❌ [ERROR] shell_scripts/md_fix.sh
Error: File:[shell_scripts/md_fix.sh] is not executable
❌ [ERROR] shell_scripts/md_lint.sh
Error: File:[shell_scripts/md_lint.sh] is not executable
Notices
📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)
See detailed reports in MegaLinter artifacts
Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)
- Documentation: Custom Flavors
- Command:
npx mega-linter-runner@9.5.0 --custom-flavor-setup --custom-flavor-linters ACTION_ZIZMOR,BASH_EXEC,BASH_SHELLCHECK,BASH_SHFMT,CSHARP_CSHARPIER,DOCKERFILE_HADOLINT,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,REPOSITORY_CHECKOV,REPOSITORY_DUSTILOCK,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_OSV_SCANNER,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_KINGFISHER,TERRAFORM_TERRAFORM_FMT,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R
MegaLinter is graciously provided by OX Security
Show us your support by starring ⭐ the repository
TotalDwarf03
left a comment
TotalDwarf03
left a comment
Contributor
There was a problem hiding this comment.
Couple of small bits. Mainly questions
| cffi = ">=2.0.0" | ||
| charset-normalizer = "^3.4.2" | ||
| cryptography = "^49.0.0" | ||
| cryptography = "^48.0.1" |
Contributor
There was a problem hiding this comment.
Why are we backdating?
TotalDwarf03
approved these changes
Jun 24, 2026
TotalDwarf03
left a comment
TotalDwarf03
left a comment
Contributor
There was a problem hiding this comment.
Fine by me. Still unsure on backdating some deps but it should be fine
| pylint = "^3.2.7" | ||
| mypy = "^1.11.2" | ||
| pytest = "^9.1.1" | ||
| pytest = "^9.0.3" |
There was a problem hiding this comment.
Why are we downgrading this?
precious-onyenaucheya-ons
approved these changes
Jun 24, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What type of PR is this? (check all applicable)
What
Update CI workflows versions to fixed hash for consistency and upgrade MegaLinter to version 9.5.0 to leverage the latest features and improvements. No new tests or documentation are necessary as these changes are related to configuration updates.
Testing
Have any new tests been added as part of this issue? If not, try to explain why test coverage is not needed here.
Please write a brief description of why test coverage is not necessary here.
Documentation
Has any new documentation been written as part of this issue? We should try to keep documentation up to date
as new code is added, rather than leaving it for the future.
Please write a brief description of why documentation is not necessary here.
Related issues
Provide links to any related issues.
How to review
Describe the steps required to test the changes.