diff --git a/.automation/generated/linter-helps.json b/.automation/generated/linter-helps.json
index 846da579e58..7a23b086f11 100644
--- a/.automation/generated/linter-helps.json
+++ b/.automation/generated/linter-helps.json
@@ -2408,190 +2408,10 @@
"You can also pipe in Syft JSON directly:",
" syft yourimage:tag -o json | grype",
"",
- "",
- "",
"Usage:",
+ " grype [IMAGE] [flags]",
" grype [command]",
"",
- "Application Configuration:",
- "",
- " log:",
- " # suppress all logging output (env: GRYPE_LOG_QUIET)",
- " quiet: false",
- "",
- " # increase verbosity (-v = info, -vv = debug) (env: GRYPE_LOG_VERBOSITY)",
- " verbosity: 0",
- "",
- " # explicitly set the logging level (available: [error warn info debug trace]) (env: GRYPE_LOG_LEVEL)",
- " level: warn",
- "",
- " # file path to write logs to (env: GRYPE_LOG_FILE)",
- " file: ''",
- "",
- " dev:",
- " # capture resource profiling data (available: [cpu, mem]) (env: GRYPE_DEV_PROFILE)",
- " profile: none",
- "",
- " # report output formatter, formats=[json table cyclonedx cyclonedx-json sarif template], deprecated formats=[embedded-cyclonedx-vex-json embedded-cyclonedx-vex-xml] (env: GRYPE_OUTPUT)",
- " output: []",
- "",
- " # file to write the default report output to (default is STDOUT) (env: GRYPE_FILE)",
- " file: ''",
- "",
- " # distro to match against in the format: <distro>:<version> (env: GRYPE_DISTRO)",
- " distro: ''",
- "",
- " # generate CPEs for packages with no CPE data (env: GRYPE_ADD_CPES_IF_NONE)",
- " add-cpes-if-none: false",
- "",
- " # specify the path to a Go template file (requires 'template' output to be selected) (env: GRYPE_OUTPUT_TEMPLATE_FILE)",
- " output-template-file: ''",
- "",
- " # (env: GRYPE_CHECK_FOR_APP_UPDATE)",
- " check-for-app-update: true",
- "",
- " # ignore matches for vulnerabilities that are not fixed (env: GRYPE_ONLY_FIXED)",
- " only-fixed: false",
- "",
- " # ignore matches for vulnerabilities that are fixed (env: GRYPE_ONLY_NOTFIXED)",
- " only-notfixed: false",
- "",
- " # ignore matches for vulnerabilities with specified comma separated fix states, options=[fixed not-fixed unknown wont-fix] (env: GRYPE_IGNORE_WONTFIX)",
- " ignore-wontfix: ''",
- "",
- " # an optional platform specifier for container image sources (e.g. 'linux/arm64', 'linux/arm64/v8', 'arm64', 'linux') (env: GRYPE_PLATFORM)",
- " platform: ''",
- "",
- " search:",
- " # selection of layers to analyze, options=[squashed all-layers] (env: GRYPE_SEARCH_SCOPE)",
- " scope: 'squashed'",
- "",
- " # (env: GRYPE_SEARCH_UNINDEXED_ARCHIVES)",
- " unindexed-archives: false",
- "",
- " # (env: GRYPE_SEARCH_INDEXED_ARCHIVES)",
- " indexed-archives: true",
- "",
- " ignore: []",
- "",
- " # exclude paths from being scanned using a glob expression (env: GRYPE_EXCLUDE)",
- " exclude: []",
- "",
- " db:",
- " # (env: GRYPE_DB_CACHE_DIR)",
- " cache-dir: '/root/.cache/grype/db'",
- "",
- " # (env: GRYPE_DB_UPDATE_URL)",
- " update-url: 'https://toolbox-data.anchore.io/grype/databases/listing.json'",
- "",
- " # (env: GRYPE_DB_CA_CERT)",
- " ca-cert: ''",
- "",
- " # (env: GRYPE_DB_AUTO_UPDATE)",
- " auto-update: true",
- "",
- " # (env: GRYPE_DB_VALIDATE_BY_HASH_ON_START)",
- " validate-by-hash-on-start: false",
- "",
- " # (env: GRYPE_DB_VALIDATE_AGE)",
- " validate-age: true",
- "",
- " # (env: GRYPE_DB_MAX_ALLOWED_BUILT_AGE)",
- " max-allowed-built-age: 120h0m0s",
- "",
- " external-sources:",
- " # (env: GRYPE_EXTERNAL_SOURCES_ENABLE)",
- " enable: false",
- "",
- " maven:",
- " # (env: GRYPE_EXTERNAL_SOURCES_MAVEN_SEARCH_MAVEN_UPSTREAM)",
- " search-maven-upstream: true",
- "",
- " # (env: GRYPE_EXTERNAL_SOURCES_MAVEN_BASE_URL)",
- " base-url: 'https://search.maven.org/solrsearch/select'",
- "",
- " match:",
- " java:",
- " # (env: GRYPE_MATCH_JAVA_USING_CPES)",
- " using-cpes: false",
- "",
- " dotnet:",
- " # (env: GRYPE_MATCH_DOTNET_USING_CPES)",
- " using-cpes: false",
- "",
- " golang:",
- " # (env: GRYPE_MATCH_GOLANG_USING_CPES)",
- " using-cpes: false",
- "",
- " # (env: GRYPE_MATCH_GOLANG_ALWAYS_USE_CPE_FOR_STDLIB)",
- " always-use-cpe-for-stdlib: true",
- "",
- " javascript:",
- " # (env: GRYPE_MATCH_JAVASCRIPT_USING_CPES)",
- " using-cpes: false",
- "",
- " python:",
- " # (env: GRYPE_MATCH_PYTHON_USING_CPES)",
- " using-cpes: false",
- "",
- " ruby:",
- " # (env: GRYPE_MATCH_RUBY_USING_CPES)",
- " using-cpes: false",
- "",
- " rust:",
- " # (env: GRYPE_MATCH_RUST_USING_CPES)",
- " using-cpes: false",
- "",
- " stock:",
- " # (env: GRYPE_MATCH_STOCK_USING_CPES)",
- " using-cpes: true",
- "",
- " # set the return code to 1 if a vulnerability is found with a severity >= the given severity, options=[negligible low medium high critical] (env: GRYPE_FAIL_ON_SEVERITY)",
- " fail-on-severity: ''",
- "",
- " registry:",
- " # (env: GRYPE_REGISTRY_INSECURE_SKIP_TLS_VERIFY)",
- " insecure-skip-tls-verify: false",
- "",
- " # (env: GRYPE_REGISTRY_INSECURE_USE_HTTP)",
- " insecure-use-http: false",
- "",
- " auth: []",
- "",
- " # (env: GRYPE_REGISTRY_CA_CERT)",
- " ca-cert: ''",
- "",
- " # show suppressed/ignored vulnerabilities in the output (only supported with table output format) (env: GRYPE_SHOW_SUPPRESSED)",
- " show-suppressed: false",
- "",
- " # orient results by CVE instead of the original vulnerability ID when possible (env: GRYPE_BY_CVE)",
- " by-cve: false",
- "",
- " # set the name of the target being analyzed (env: GRYPE_NAME)",
- " name: ''",
- "",
- " # (env: GRYPE_DEFAULT_IMAGE_PULL_SOURCE)",
- " default-image-pull-source: ''",
- "",
- " # a list of VEX documents to consider when producing scanning results (env: GRYPE_VEX_DOCUMENTS)",
- " vex-documents: []",
- "",
- " # (env: GRYPE_VEX_ADD)",
- " vex-add: []",
- "",
- " # delete downloaded databases after diff occurs (env: GRYPE_DELETE)",
- " delete: false",
- "",
- " # CVE IDs to explain (env: GRYPE_CVE_IDS)",
- " cve-ids: []",
- "",
- "Config Search Locations:",
- " - .grype.yaml",
- " - .grype/config.yaml",
- " - /root/.grype.yaml",
- " - /root/.config/grype/config.yaml",
- " - /etc/xdg/grype/config.yaml",
- "",
"Available Commands:",
" completion Generate a shell completion for Grype (listing local docker images)",
" db vulnerability database operations",
@@ -3460,7 +3280,7 @@
" completion Generate autocompletion script",
" config Handle cached configurations",
" delete Delete configurations in Kubescape SaaS version",
- " download Download attack-tracks,controls-inputs,exceptions,control,framework,artifacts",
+ " download Download exceptions,control,framework,artifacts,attack-tracks,controls-inputs",
" fix Fix misconfiguration in files",
" help Help about any command",
" list List frameworks/controls will list the supported frameworks and controls",
@@ -3507,7 +3327,7 @@
" --version version for kubeval"
],
"lightning-flow-scanner": [
- "(node:1905) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
+ "(node:1903) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
"(Use `node --trace-deprecation ...` to show where the warning was created)",
"Try to resolve the errors in the following flows:",
"",
@@ -3934,7 +3754,7 @@
" Print version"
],
"markdown-link-check": [
- "(node:1680) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
+ "(node:1676) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
"(Use `node --trace-deprecation ...` to show where the warning was created)",
"Usage: markdown-link-check [options] [filenamesOrUrls...]",
"",
@@ -7972,7 +7792,7 @@
"@typescript-eslint/unbound-method typescript Best Practices Best Practices eslint-typescript"
],
"sfdx-scanner-apex": [
- "(node:1921) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
+ "(node:1920) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
"(Use `node --trace-deprecation ...` to show where the warning was created)",
"scan a codebase with a selection of rules",
"",
@@ -8240,7 +8060,7 @@
" UnimplementedTypeRule apex Performance sfge N N"
],
"sfdx-scanner-aura": [
- "(node:2146) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
+ "(node:2144) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
"(Use `node --trace-deprecation ...` to show where the warning was created)",
"scan a codebase with a selection of rules",
"",
@@ -8285,7 +8105,7 @@
"COMMANDS",
" scanner run dfa scan codebase with all DFA rules",
"",
- "(node:2167) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
+ "(node:2164) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
"(Use `node --trace-deprecation ...` to show where the warning was created)",
"Warning: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA",
" name languages categories rulesets [dep] engine is dfa is pilot",
@@ -8508,7 +8328,7 @@
" UnimplementedTypeRule apex Performance sfge N N"
],
"sfdx-scanner-lwc": [
- "(node:2376) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
+ "(node:2372) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
"(Use `node --trace-deprecation ...` to show where the warning was created)",
"scan a codebase with a selection of rules",
"",
@@ -8553,7 +8373,7 @@
"COMMANDS",
" scanner run dfa scan codebase with all DFA rules",
"",
- "(node:2393) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
+ "(node:2391) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.",
"(Use `node --trace-deprecation ...` to show where the warning was created)",
"Warning: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA",
" name languages categories rulesets [dep] engine is dfa is pilot",
@@ -8915,7 +8735,7 @@
" [--detailed-summary] [--archive FILE]",
" [--cleanup-metadata FILE [FILE ...]] [--cleanup-shadow]",
" [--skip-script-cleanup] [--unlock]",
- " [--list-changes {params,code,input}] [--list-input-changes]",
+ " [--list-changes {code,input,params}] [--list-input-changes]",
" [--list-params-changes] [--list-untracked]",
" [--delete-all-output | --delete-temp-output]",
" [--keep-incomplete] [--drop-metadata]",
@@ -8944,7 +8764,7 @@
" [--shared-fs-usage {input-output,persistence,software-deployment,source-cache,sources,storage-local-copies,none} [{input-output,persistence,software-deployment,source-cache,sources,storage-local-copies,none} ...]]",
" [--scheduler-greediness SCHEDULER_GREEDINESS] [--no-hooks]",
" [--debug] [--runtime-profile FILE]",
- " [--mode {default,remote,subprocess}] [--show-failed-logs]",
+ " [--mode {remote,subprocess,default}] [--show-failed-logs]",
" [--log-handler-script FILE] [--log-service {none,slack,wms}]",
" [--job-deploy-sources] [--container-image IMAGE]",
" [--immediate-submit] [--jobscript SCRIPT] [--jobname NAME]",
@@ -9185,10 +9005,9 @@
" configuration. If you rather prefer the traditional",
" way of just considering file modification dates, use '",
" --rerun-trigger mtime'. (default:",
- " frozenset({<RerunTrigger.INPUT: 2>,",
- " <RerunTrigger.MTIME: 0>, <RerunTrigger.PARAMS: 1>,",
- " <RerunTrigger.CODE: 4>, <RerunTrigger.SOFTWARE_ENV:",
- " 3>}))",
+ " frozenset({<RerunTrigger.SOFTWARE_ENV: 3>,",
+ " <RerunTrigger.CODE: 4>, <RerunTrigger.INPUT: 2>,",
+ " <RerunTrigger.MTIME: 0>, <RerunTrigger.PARAMS: 1>}))",
" --force, -f Force the execution of the selected target or the",
" first rule regardless of already created output.",
" (default: False)",
@@ -9425,7 +9244,7 @@
" (default: False)",
" --unlock Remove a lock on the working directory. (default:",
" False)",
- " --list-changes {params,code,input}, --lc {params,code,input}",
+ " --list-changes {code,input,params}, --lc {code,input,params}",
" List all output files for which the rule body (run or",
" shell) have changed in the Snakefile. (default: None)",
" --list-input-changes, --li",
@@ -9604,12 +9423,12 @@
" and data provenance will be handled by NFS but input",
" and output files will be handled exclusively by the",
" storage provider. (default:",
- " frozenset({<SharedFSUsage.PERSISTENCE: 0>,",
- " <SharedFSUsage.SOURCES: 3>,",
- " <SharedFSUsage.STORAGE_LOCAL_COPIES: 4>,",
- " <SharedFSUsage.SOFTWARE_DEPLOYMENT: 2>,",
+ " frozenset({<SharedFSUsage.STORAGE_LOCAL_COPIES: 4>,",
" <SharedFSUsage.SOURCE_CACHE: 5>,",
- " <SharedFSUsage.INPUT_OUTPUT: 1>}))",
+ " <SharedFSUsage.PERSISTENCE: 0>,",
+ " <SharedFSUsage.INPUT_OUTPUT: 1>,",
+ " <SharedFSUsage.SOFTWARE_DEPLOYMENT: 2>,",
+ " <SharedFSUsage.SOURCES: 3>}))",
" --scheduler-greediness SCHEDULER_GREEDINESS, --greediness SCHEDULER_GREEDINESS",
" Set the greediness of scheduling. This value between 0",
" and 1 determines how careful jobs are selected for",
@@ -9623,7 +9442,7 @@
" --runtime-profile FILE",
" Profile Snakemake and write the output to FILE. This",
" requires yappi to be installed. (default: None)",
- " --mode {default,remote,subprocess}",
+ " --mode {remote,subprocess,default}",
" Set execution mode of Snakemake (internal use only).",
" (default: default)",
" --show-failed-logs Automatically display logs of failed jobs. (default:",
diff --git a/.automation/generated/linter-versions.json b/.automation/generated/linter-versions.json
index 8335eb0867d..44a33b8b51b 100644
--- a/.automation/generated/linter-versions.json
+++ b/.automation/generated/linter-versions.json
@@ -36,7 +36,7 @@
"golangci-lint": "1.56.1",
"goodcheck": "3.1.0",
"graphql-schema-linter": "3.0.1",
- "grype": "0.74.5",
+ "grype": "0.74.6",
"hadolint": "2.12.0",
"helm": "3.13.2",
"htmlhint": "1.1.4",
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 42fa3d516e6..7ca66a3d670 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -33,6 +33,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l
- [syft](https://github.com/anchore/syft) from 0.104.0 to **0.105.0** on 2024-02-14
- [trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.67.5 to **3.67.6** on 2024-02-14
- [xmllint](https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home) from 21106 to **21107** on 2024-02-14
+ - [grype](https://github.com/anchore/grype) from 0.74.5 to **0.74.6** on 2024-02-14
<!-- linter-versions-end -->
## [v7.9.0] - 2024-02-11
diff --git a/README.md b/README.md
index d3cbaf93093..dce51ff6905 100644
--- a/README.md
+++ b/README.md
@@ -23,7 +23,7 @@
[](https://github.com/oxsecurity/megalinter/actions?query=workflow%3AMegaLinter+branch%3Amain)
[](https://codecov.io/gh/oxsecurity/megalinter)
<!-- gh-dependents-info-used-by-start -->
-[](https://github.com/oxsecurity/megalinter/blob/main/./docs/used-by-stats.md)<!-- gh-dependents-info-used-by-end -->
+[](https://github.com/oxsecurity/megalinter/blob/main/./docs/used-by-stats.md)<!-- gh-dependents-info-used-by-end -->
[](https://github.com/aquasecurity/trivy)
[](https://github.com/oxsecurity/megalinter/graphs/contributors/)
[](https://github.com/sponsors/nvuillam)
diff --git a/docs/all_linters.md b/docs/all_linters.md
index 9bdef1d05aa..6076cbf5517 100644
--- a/docs/all_linters.md
+++ b/docs/all_linters.md
@@ -40,7 +40,7 @@
| [**gitleaks**](https://github.com/gitleaks/gitleaks){target=_blank} | 8.18.2 | [MIT](licenses/gitleaks.md) | [](https://github.com/gitleaks/gitleaks){target=_blank} | [REPOSITORY](descriptors/repository_gitleaks.md) | :white_circle: | [Repository](https://github.com/gitleaks/gitleaks){target=_blank} |
| [**golangci-lint**](https://github.com/golangci/golangci-lint){target=_blank} | 1.56.1 | [GPL-3.0](licenses/golangci-lint.md) | [](https://github.com/golangci/golangci-lint){target=_blank} | [GO](descriptors/go_golangci_lint.md) | :white_circle: | [Repository](https://github.com/golangci/golangci-lint){target=_blank} |
| [**graphql-schema-linter**](https://github.com/cjoudrey/graphql-schema-linter){target=_blank} | 3.0.1 | [MIT](licenses/graphql-schema-linter.md) | [](https://github.com/cjoudrey/graphql-schema-linter){target=_blank} | [GRAPHQL](descriptors/graphql_graphql_schema_linter.md) | :hammer_and_wrench: | [Pull Request](https://github.com/cjoudrey/graphql-schema-linter/pull/272){target=_blank} |
-| [**grype**](https://github.com/anchore/grype){target=_blank} | 0.74.5 | [Apache-2.0](licenses/grype.md) | [](https://github.com/anchore/grype){target=_blank} | [REPOSITORY](descriptors/repository_grype.md) | :white_circle: | [Repository](https://github.com/anchore/grype){target=_blank} |
+| [**grype**](https://github.com/anchore/grype){target=_blank} | 0.74.6 | [Apache-2.0](licenses/grype.md) | [](https://github.com/anchore/grype){target=_blank} | [REPOSITORY](descriptors/repository_grype.md) | :white_circle: | [Repository](https://github.com/anchore/grype){target=_blank} |
| [**hadolint**](https://github.com/hadolint/hadolint){target=_blank} | 2.12.0 | [GPL-3.0](licenses/hadolint.md) | [](https://github.com/hadolint/hadolint){target=_blank} | [DOCKERFILE](descriptors/dockerfile_hadolint.md) | :heart: | [MegaLinter reference](https://github.com/hadolint/hadolint/blob/master/docs/INTEGRATION.md#mega-linter){target=_blank} |
| [**helm**](https://github.com/helm/helm){target=_blank} | 3.13.2 | [Apache-2.0](licenses/helm.md) | [](https://github.com/helm/helm){target=_blank} | [KUBERNETES](descriptors/kubernetes_helm.md) | :white_circle: | [Repository](https://github.com/helm/helm){target=_blank} |
| [**htmlhint**](https://github.com/htmlhint/HTMLHint){target=_blank} | 1.1.4 | [MIT](licenses/htmlhint.md) | [](https://github.com/htmlhint/HTMLHint){target=_blank} | [HTML](descriptors/html_htmlhint.md) | :heart: | [MegaLinter reference](https://htmlhint.com/docs/user-guide/integrations/task-runner){target=_blank} |
diff --git a/docs/descriptors/kubernetes_kubescape.md b/docs/descriptors/kubernetes_kubescape.md
index 2223874119a..70d6cc703f4 100644
--- a/docs/descriptors/kubernetes_kubescape.md
+++ b/docs/descriptors/kubernetes_kubescape.md
@@ -125,7 +125,7 @@ Available Commands:
completion Generate autocompletion script
config Handle cached configurations
delete Delete configurations in Kubescape SaaS version
- download Download attack-tracks,controls-inputs,exceptions,control,framework,artifacts
+ download Download exceptions,control,framework,artifacts,attack-tracks,controls-inputs
fix Fix misconfiguration in files
help Help about any command
list List frameworks/controls will list the supported frameworks and controls
diff --git a/docs/descriptors/markdown_markdown_link_check.md b/docs/descriptors/markdown_markdown_link_check.md
index ed06bee85a1..d8cce78707f 100644
--- a/docs/descriptors/markdown_markdown_link_check.md
+++ b/docs/descriptors/markdown_markdown_link_check.md
@@ -89,7 +89,7 @@ markdown-link-check -c .markdown-link-check.json myfile.md
### Help content
```shell
-(node:1680) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
+(node:1676) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
Usage: markdown-link-check [options] [filenamesOrUrls...]
diff --git a/docs/descriptors/repository_grype.md b/docs/descriptors/repository_grype.md
index 8b67b620e13..590673d870a 100644
--- a/docs/descriptors/repository_grype.md
+++ b/docs/descriptors/repository_grype.md
@@ -15,7 +15,7 @@ description: How to use grype (configure, ignore files, ignore errors, help & ve
## grype documentation
-- Version in MegaLinter: **0.74.5**
+- Version in MegaLinter: **0.74.6**
- Visit [Official Web Site](https://github.com/anchore/grype#readme){target=_blank}
- See [How to configure grype rules](https://github.com/anchore/grype#configuration){target=_blank}
- If custom `.grype.yaml` config file isn't found, [.grype.yaml](https://github.com/oxsecurity/megalinter/tree/main/TEMPLATES/.grype.yaml){target=_blank} will be used
@@ -112,190 +112,10 @@ You can also explicitly specify the scheme to use:
You can also pipe in Syft JSON directly:
syft yourimage:tag -o json | grype
-
-
Usage:
+ grype [IMAGE] [flags]
grype [command]
-Application Configuration:
-
- log:
- # suppress all logging output (env: GRYPE_LOG_QUIET)
- quiet: false
-
- # increase verbosity (-v = info, -vv = debug) (env: GRYPE_LOG_VERBOSITY)
- verbosity: 0
-
- # explicitly set the logging level (available: [error warn info debug trace]) (env: GRYPE_LOG_LEVEL)
- level: warn
-
- # file path to write logs to (env: GRYPE_LOG_FILE)
- file: ''
-
- dev:
- # capture resource profiling data (available: [cpu, mem]) (env: GRYPE_DEV_PROFILE)
- profile: none
-
- # report output formatter, formats=[json table cyclonedx cyclonedx-json sarif template], deprecated formats=[embedded-cyclonedx-vex-json embedded-cyclonedx-vex-xml] (env: GRYPE_OUTPUT)
- output: []
-
- # file to write the default report output to (default is STDOUT) (env: GRYPE_FILE)
- file: ''
-
- # distro to match against in the format: <distro>:<version> (env: GRYPE_DISTRO)
- distro: ''
-
- # generate CPEs for packages with no CPE data (env: GRYPE_ADD_CPES_IF_NONE)
- add-cpes-if-none: false
-
- # specify the path to a Go template file (requires 'template' output to be selected) (env: GRYPE_OUTPUT_TEMPLATE_FILE)
- output-template-file: ''
-
- # (env: GRYPE_CHECK_FOR_APP_UPDATE)
- check-for-app-update: true
-
- # ignore matches for vulnerabilities that are not fixed (env: GRYPE_ONLY_FIXED)
- only-fixed: false
-
- # ignore matches for vulnerabilities that are fixed (env: GRYPE_ONLY_NOTFIXED)
- only-notfixed: false
-
- # ignore matches for vulnerabilities with specified comma separated fix states, options=[fixed not-fixed unknown wont-fix] (env: GRYPE_IGNORE_WONTFIX)
- ignore-wontfix: ''
-
- # an optional platform specifier for container image sources (e.g. 'linux/arm64', 'linux/arm64/v8', 'arm64', 'linux') (env: GRYPE_PLATFORM)
- platform: ''
-
- search:
- # selection of layers to analyze, options=[squashed all-layers] (env: GRYPE_SEARCH_SCOPE)
- scope: 'squashed'
-
- # (env: GRYPE_SEARCH_UNINDEXED_ARCHIVES)
- unindexed-archives: false
-
- # (env: GRYPE_SEARCH_INDEXED_ARCHIVES)
- indexed-archives: true
-
- ignore: []
-
- # exclude paths from being scanned using a glob expression (env: GRYPE_EXCLUDE)
- exclude: []
-
- db:
- # (env: GRYPE_DB_CACHE_DIR)
- cache-dir: '/root/.cache/grype/db'
-
- # (env: GRYPE_DB_UPDATE_URL)
- update-url: 'https://toolbox-data.anchore.io/grype/databases/listing.json'
-
- # (env: GRYPE_DB_CA_CERT)
- ca-cert: ''
-
- # (env: GRYPE_DB_AUTO_UPDATE)
- auto-update: true
-
- # (env: GRYPE_DB_VALIDATE_BY_HASH_ON_START)
- validate-by-hash-on-start: false
-
- # (env: GRYPE_DB_VALIDATE_AGE)
- validate-age: true
-
- # (env: GRYPE_DB_MAX_ALLOWED_BUILT_AGE)
- max-allowed-built-age: 120h0m0s
-
- external-sources:
- # (env: GRYPE_EXTERNAL_SOURCES_ENABLE)
- enable: false
-
- maven:
- # (env: GRYPE_EXTERNAL_SOURCES_MAVEN_SEARCH_MAVEN_UPSTREAM)
- search-maven-upstream: true
-
- # (env: GRYPE_EXTERNAL_SOURCES_MAVEN_BASE_URL)
- base-url: 'https://search.maven.org/solrsearch/select'
-
- match:
- java:
- # (env: GRYPE_MATCH_JAVA_USING_CPES)
- using-cpes: false
-
- dotnet:
- # (env: GRYPE_MATCH_DOTNET_USING_CPES)
- using-cpes: false
-
- golang:
- # (env: GRYPE_MATCH_GOLANG_USING_CPES)
- using-cpes: false
-
- # (env: GRYPE_MATCH_GOLANG_ALWAYS_USE_CPE_FOR_STDLIB)
- always-use-cpe-for-stdlib: true
-
- javascript:
- # (env: GRYPE_MATCH_JAVASCRIPT_USING_CPES)
- using-cpes: false
-
- python:
- # (env: GRYPE_MATCH_PYTHON_USING_CPES)
- using-cpes: false
-
- ruby:
- # (env: GRYPE_MATCH_RUBY_USING_CPES)
- using-cpes: false
-
- rust:
- # (env: GRYPE_MATCH_RUST_USING_CPES)
- using-cpes: false
-
- stock:
- # (env: GRYPE_MATCH_STOCK_USING_CPES)
- using-cpes: true
-
- # set the return code to 1 if a vulnerability is found with a severity >= the given severity, options=[negligible low medium high critical] (env: GRYPE_FAIL_ON_SEVERITY)
- fail-on-severity: ''
-
- registry:
- # (env: GRYPE_REGISTRY_INSECURE_SKIP_TLS_VERIFY)
- insecure-skip-tls-verify: false
-
- # (env: GRYPE_REGISTRY_INSECURE_USE_HTTP)
- insecure-use-http: false
-
- auth: []
-
- # (env: GRYPE_REGISTRY_CA_CERT)
- ca-cert: ''
-
- # show suppressed/ignored vulnerabilities in the output (only supported with table output format) (env: GRYPE_SHOW_SUPPRESSED)
- show-suppressed: false
-
- # orient results by CVE instead of the original vulnerability ID when possible (env: GRYPE_BY_CVE)
- by-cve: false
-
- # set the name of the target being analyzed (env: GRYPE_NAME)
- name: ''
-
- # (env: GRYPE_DEFAULT_IMAGE_PULL_SOURCE)
- default-image-pull-source: ''
-
- # a list of VEX documents to consider when producing scanning results (env: GRYPE_VEX_DOCUMENTS)
- vex-documents: []
-
- # (env: GRYPE_VEX_ADD)
- vex-add: []
-
- # delete downloaded databases after diff occurs (env: GRYPE_DELETE)
- delete: false
-
- # CVE IDs to explain (env: GRYPE_CVE_IDS)
- cve-ids: []
-
-Config Search Locations:
- - .grype.yaml
- - .grype/config.yaml
- - /root/.grype.yaml
- - /root/.config/grype/config.yaml
- - /etc/xdg/grype/config.yaml
-
Available Commands:
completion Generate a shell completion for Grype (listing local docker images)
db vulnerability database operations
diff --git a/docs/descriptors/salesforce_lightning_flow_scanner.md b/docs/descriptors/salesforce_lightning_flow_scanner.md
index f5488052efe..c867d16b805 100644
--- a/docs/descriptors/salesforce_lightning_flow_scanner.md
+++ b/docs/descriptors/salesforce_lightning_flow_scanner.md
@@ -88,7 +88,7 @@ sfdx flow:scan
### Help content
```shell
-(node:1905) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
+(node:1903) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
Try to resolve the errors in the following flows:
diff --git a/docs/descriptors/salesforce_sfdx_scanner_apex.md b/docs/descriptors/salesforce_sfdx_scanner_apex.md
index c2db79b20fa..490cd947c9a 100644
--- a/docs/descriptors/salesforce_sfdx_scanner_apex.md
+++ b/docs/descriptors/salesforce_sfdx_scanner_apex.md
@@ -93,7 +93,7 @@ sfdx scanner:run
### Help content
```shell
-(node:1921) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
+(node:1920) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
scan a codebase with a selection of rules
diff --git a/docs/descriptors/salesforce_sfdx_scanner_aura.md b/docs/descriptors/salesforce_sfdx_scanner_aura.md
index f1d45199d94..6ddf760f965 100644
--- a/docs/descriptors/salesforce_sfdx_scanner_aura.md
+++ b/docs/descriptors/salesforce_sfdx_scanner_aura.md
@@ -89,7 +89,7 @@ sfdx scanner:run
### Help content
```shell
-(node:2146) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
+(node:2144) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
scan a codebase with a selection of rules
@@ -134,7 +134,7 @@ FLAGS
COMMANDS
scanner run dfa scan codebase with all DFA rules
-(node:2167) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
+(node:2164) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
Warning: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA
name languages categories rulesets [dep] engine is dfa is pilot
diff --git a/docs/descriptors/salesforce_sfdx_scanner_lwc.md b/docs/descriptors/salesforce_sfdx_scanner_lwc.md
index f72e0618d51..f8526977963 100644
--- a/docs/descriptors/salesforce_sfdx_scanner_lwc.md
+++ b/docs/descriptors/salesforce_sfdx_scanner_lwc.md
@@ -89,7 +89,7 @@ sfdx scanner:run
### Help content
```shell
-(node:2376) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
+(node:2372) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
scan a codebase with a selection of rules
@@ -134,7 +134,7 @@ FLAGS
COMMANDS
scanner run dfa scan codebase with all DFA rules
-(node:2393) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
+(node:2391) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
(Use `node --trace-deprecation ...` to show where the warning was created)
Warning: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA
name languages categories rulesets [dep] engine is dfa is pilot
diff --git a/docs/descriptors/snakemake_snakemake.md b/docs/descriptors/snakemake_snakemake.md
index 5e2e00879ec..0b17c09d3f8 100644
--- a/docs/descriptors/snakemake_snakemake.md
+++ b/docs/descriptors/snakemake_snakemake.md
@@ -133,7 +133,7 @@ usage: snakemake [-h] [--dry-run] [--profile PROFILE]
[--detailed-summary] [--archive FILE]
[--cleanup-metadata FILE [FILE ...]] [--cleanup-shadow]
[--skip-script-cleanup] [--unlock]
- [--list-changes {params,code,input}] [--list-input-changes]
+ [--list-changes {code,input,params}] [--list-input-changes]
[--list-params-changes] [--list-untracked]
[--delete-all-output | --delete-temp-output]
[--keep-incomplete] [--drop-metadata]
@@ -162,7 +162,7 @@ usage: snakemake [-h] [--dry-run] [--profile PROFILE]
[--shared-fs-usage {input-output,persistence,software-deployment,source-cache,sources,storage-local-copies,none} [{input-output,persistence,software-deployment,source-cache,sources,storage-local-copies,none} ...]]
[--scheduler-greediness SCHEDULER_GREEDINESS] [--no-hooks]
[--debug] [--runtime-profile FILE]
- [--mode {default,remote,subprocess}] [--show-failed-logs]
+ [--mode {remote,subprocess,default}] [--show-failed-logs]
[--log-handler-script FILE] [--log-service {none,slack,wms}]
[--job-deploy-sources] [--container-image IMAGE]
[--immediate-submit] [--jobscript SCRIPT] [--jobname NAME]
@@ -403,10 +403,9 @@ EXECUTION:
configuration. If you rather prefer the traditional
way of just considering file modification dates, use '
--rerun-trigger mtime'. (default:
- frozenset({<RerunTrigger.INPUT: 2>,
- <RerunTrigger.MTIME: 0>, <RerunTrigger.PARAMS: 1>,
- <RerunTrigger.CODE: 4>, <RerunTrigger.SOFTWARE_ENV:
- 3>}))
+ frozenset({<RerunTrigger.SOFTWARE_ENV: 3>,
+ <RerunTrigger.CODE: 4>, <RerunTrigger.INPUT: 2>,
+ <RerunTrigger.MTIME: 0>, <RerunTrigger.PARAMS: 1>}))
--force, -f Force the execution of the selected target or the
first rule regardless of already created output.
(default: False)
@@ -643,7 +642,7 @@ UTILITIES:
(default: False)
--unlock Remove a lock on the working directory. (default:
False)
- --list-changes {params,code,input}, --lc {params,code,input}
+ --list-changes {code,input,params}, --lc {code,input,params}
List all output files for which the rule body (run or
shell) have changed in the Snakefile. (default: None)
--list-input-changes, --li
@@ -822,12 +821,12 @@ BEHAVIOR:
and data provenance will be handled by NFS but input
and output files will be handled exclusively by the
storage provider. (default:
- frozenset({<SharedFSUsage.PERSISTENCE: 0>,
- <SharedFSUsage.SOURCES: 3>,
- <SharedFSUsage.STORAGE_LOCAL_COPIES: 4>,
- <SharedFSUsage.SOFTWARE_DEPLOYMENT: 2>,
+ frozenset({<SharedFSUsage.STORAGE_LOCAL_COPIES: 4>,
<SharedFSUsage.SOURCE_CACHE: 5>,
- <SharedFSUsage.INPUT_OUTPUT: 1>}))
+ <SharedFSUsage.PERSISTENCE: 0>,
+ <SharedFSUsage.INPUT_OUTPUT: 1>,
+ <SharedFSUsage.SOFTWARE_DEPLOYMENT: 2>,
+ <SharedFSUsage.SOURCES: 3>}))
--scheduler-greediness SCHEDULER_GREEDINESS, --greediness SCHEDULER_GREEDINESS
Set the greediness of scheduling. This value between 0
and 1 determines how careful jobs are selected for
@@ -841,7 +840,7 @@ BEHAVIOR:
--runtime-profile FILE
Profile Snakemake and write the output to FILE. This
requires yappi to be installed. (default: None)
- --mode {default,remote,subprocess}
+ --mode {remote,subprocess,default}
Set execution mode of Snakemake (internal use only).
(default: default)
--show-failed-logs Automatically display logs of failed jobs. (default:
diff --git a/docs/used-by-stats.md b/docs/used-by-stats.md
index b7ddfc30190..2947ff370be 100644
--- a/docs/used-by-stats.md
+++ b/docs/used-by-stats.md
@@ -1,15 +1,15 @@
# Dependents stats for oxsecurity/megalinter
-[](https://github.com/oxsecurity/megalinter/network/dependents)
-[&message=2332&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents)
+[](https://github.com/oxsecurity/megalinter/network/dependents)
+[&message=2333&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents)
[&message=1146&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents)
-[&message=79718&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents)
+[&message=79744&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents)
| Repository | Stars |
|:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------:|
-| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/3813618?s=40&v=4" width="20" height="20" alt=""> [nektos](https://github.com/nektos) / [act](https://github.com/nektos/act) | 47777 |
+| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/3813618?s=40&v=4" width="20" height="20" alt=""> [nektos](https://github.com/nektos) / [act](https://github.com/nektos/act) | 47780 |
| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/102252800?s=40&v=4" width="20" height="20" alt=""> [PRQL](https://github.com/PRQL) / [prql](https://github.com/PRQL/prql) | 9068 |
-| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/216188?s=40&v=4" width="20" height="20" alt=""> [jdx](https://github.com/jdx) / [mise](https://github.com/jdx/mise) | 5046 |
+| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/216188?s=40&v=4" width="20" height="20" alt=""> [jdx](https://github.com/jdx) / [mise](https://github.com/jdx/mise) | 5048 |
| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/17404029?s=40&v=4" width="20" height="20" alt=""> [dorssel](https://github.com/dorssel) / [usbipd-win](https://github.com/dorssel/usbipd-win) | 2783 |
| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/28969?s=40&v=4" width="20" height="20" alt=""> [stepancheg](https://github.com/stepancheg) / [rust-protobuf](https://github.com/stepancheg/rust-protobuf) | 2602 |
| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/6318351?s=40&v=4" width="20" height="20" alt=""> [IlanCosman](https://github.com/IlanCosman) / [tide](https://github.com/IlanCosman/tide) | 2464 |
@@ -85,6 +85,7 @@
| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/17500430?s=40&v=4" width="20" height="20" alt=""> [nvuillam](https://github.com/nvuillam) / [sfdx-essentials](https://github.com/nvuillam/sfdx-essentials) | 49 |
| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/38882631?s=40&v=4" width="20" height="20" alt=""> [quackduck](https://github.com/quackduck) / [rem](https://github.com/quackduck/rem) | 49 |
| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/1434387?s=40&v=4" width="20" height="20" alt=""> [ruzickap](https://github.com/ruzickap) / [k8s-flagger-istio-flux](https://github.com/ruzickap/k8s-flagger-istio-flux) | 49 |
+| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/11609620?s=40&v=4" width="20" height="20" alt=""> [npalm](https://github.com/npalm) / [action-docs](https://github.com/npalm/action-docs) | 48 |
| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/4307697?s=40&v=4" width="20" height="20" alt=""> [leosuncin](https://github.com/leosuncin) / [nest-typeorm-custom-repository](https://github.com/leosuncin/nest-typeorm-custom-repository) | 47 |
| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/100628252?s=40&v=4" width="20" height="20" alt=""> [Amplitude-Developer-Docs](https://github.com/Amplitude-Developer-Docs) / [amplitude-dev-center](https://github.com/Amplitude-Developer-Docs/amplitude-dev-center) | 47 |
| <img class="avatar mr-2" src="https://avatars.githubusercontent.com/u/36280239?s=40&v=4" width="20" height="20" alt=""> [ZEISS](https://github.com/ZEISS) / [libczi](https://github.com/ZEISS/libczi) | 47 |