From 27c90e7bb4dbd578f751e2f9f3986056e33a5614 Mon Sep 17 00:00:00 2001 From: Nicolas Vuillamy Date: Thu, 15 Feb 2024 08:57:11 +0100 Subject: [PATCH] [automation] Auto-update linters version, help and documentation (#3380) * [automation] Auto-update linters version, help and documentation * [MegaLinter] Apply linters fixes --------- Co-authored-by: nvuillam --- .automation/generated/linter-helps.json | 223 ++---------------- .automation/generated/linter-versions.json | 2 +- CHANGELOG.md | 1 + README.md | 2 +- docs/all_linters.md | 2 +- docs/descriptors/kubernetes_kubescape.md | 2 +- .../markdown_markdown_link_check.md | 2 +- docs/descriptors/repository_grype.md | 184 +-------------- .../salesforce_lightning_flow_scanner.md | 2 +- .../salesforce_sfdx_scanner_apex.md | 2 +- .../salesforce_sfdx_scanner_aura.md | 4 +- .../salesforce_sfdx_scanner_lwc.md | 4 +- docs/descriptors/snakemake_snakemake.md | 25 +- docs/used-by-stats.md | 11 +- 14 files changed, 53 insertions(+), 413 deletions(-) diff --git a/.automation/generated/linter-helps.json b/.automation/generated/linter-helps.json index 846da579e58..7a23b086f11 100644 --- a/.automation/generated/linter-helps.json +++ b/.automation/generated/linter-helps.json @@ -2408,190 +2408,10 @@ "You can also pipe in Syft JSON directly:", " syft yourimage:tag -o json | grype", "", - "", - "", "Usage:", + " grype [IMAGE] [flags]", " grype [command]", "", - "Application Configuration:", - "", - " log:", - " # suppress all logging output (env: GRYPE_LOG_QUIET)", - " quiet: false", - "", - " # increase verbosity (-v = info, -vv = debug) (env: GRYPE_LOG_VERBOSITY)", - " verbosity: 0", - "", - " # explicitly set the logging level (available: [error warn info debug trace]) (env: GRYPE_LOG_LEVEL)", - " level: warn", - "", - " # file path to write logs to (env: GRYPE_LOG_FILE)", - " file: ''", - "", - " dev:", - " # capture resource profiling data (available: [cpu, mem]) (env: GRYPE_DEV_PROFILE)", - " profile: none", - "", - " # report output formatter, formats=[json table cyclonedx cyclonedx-json sarif template], deprecated formats=[embedded-cyclonedx-vex-json embedded-cyclonedx-vex-xml] (env: GRYPE_OUTPUT)", - " output: []", - "", - " # file to write the default report output to (default is STDOUT) (env: GRYPE_FILE)", - " file: ''", - "", - " # distro to match against in the format: : (env: GRYPE_DISTRO)", - " distro: ''", - "", - " # generate CPEs for packages with no CPE data (env: GRYPE_ADD_CPES_IF_NONE)", - " add-cpes-if-none: false", - "", - " # specify the path to a Go template file (requires 'template' output to be selected) (env: GRYPE_OUTPUT_TEMPLATE_FILE)", - " output-template-file: ''", - "", - " # (env: GRYPE_CHECK_FOR_APP_UPDATE)", - " check-for-app-update: true", - "", - " # ignore matches for vulnerabilities that are not fixed (env: GRYPE_ONLY_FIXED)", - " only-fixed: false", - "", - " # ignore matches for vulnerabilities that are fixed (env: GRYPE_ONLY_NOTFIXED)", - " only-notfixed: false", - "", - " # ignore matches for vulnerabilities with specified comma separated fix states, options=[fixed not-fixed unknown wont-fix] (env: GRYPE_IGNORE_WONTFIX)", - " ignore-wontfix: ''", - "", - " # an optional platform specifier for container image sources (e.g. 'linux/arm64', 'linux/arm64/v8', 'arm64', 'linux') (env: GRYPE_PLATFORM)", - " platform: ''", - "", - " search:", - " # selection of layers to analyze, options=[squashed all-layers] (env: GRYPE_SEARCH_SCOPE)", - " scope: 'squashed'", - "", - " # (env: GRYPE_SEARCH_UNINDEXED_ARCHIVES)", - " unindexed-archives: false", - "", - " # (env: GRYPE_SEARCH_INDEXED_ARCHIVES)", - " indexed-archives: true", - "", - " ignore: []", - "", - " # exclude paths from being scanned using a glob expression (env: GRYPE_EXCLUDE)", - " exclude: []", - "", - " db:", - " # (env: GRYPE_DB_CACHE_DIR)", - " cache-dir: '/root/.cache/grype/db'", - "", - " # (env: GRYPE_DB_UPDATE_URL)", - " update-url: 'https://toolbox-data.anchore.io/grype/databases/listing.json'", - "", - " # (env: GRYPE_DB_CA_CERT)", - " ca-cert: ''", - "", - " # (env: GRYPE_DB_AUTO_UPDATE)", - " auto-update: true", - "", - " # (env: GRYPE_DB_VALIDATE_BY_HASH_ON_START)", - " validate-by-hash-on-start: false", - "", - " # (env: GRYPE_DB_VALIDATE_AGE)", - " validate-age: true", - "", - " # (env: GRYPE_DB_MAX_ALLOWED_BUILT_AGE)", - " max-allowed-built-age: 120h0m0s", - "", - " external-sources:", - " # (env: GRYPE_EXTERNAL_SOURCES_ENABLE)", - " enable: false", - "", - " maven:", - " # (env: GRYPE_EXTERNAL_SOURCES_MAVEN_SEARCH_MAVEN_UPSTREAM)", - " search-maven-upstream: true", - "", - " # (env: GRYPE_EXTERNAL_SOURCES_MAVEN_BASE_URL)", - " base-url: 'https://search.maven.org/solrsearch/select'", - "", - " match:", - " java:", - " # (env: GRYPE_MATCH_JAVA_USING_CPES)", - " using-cpes: false", - "", - " dotnet:", - " # (env: GRYPE_MATCH_DOTNET_USING_CPES)", - " using-cpes: false", - "", - " golang:", - " # (env: GRYPE_MATCH_GOLANG_USING_CPES)", - " using-cpes: false", - "", - " # (env: GRYPE_MATCH_GOLANG_ALWAYS_USE_CPE_FOR_STDLIB)", - " always-use-cpe-for-stdlib: true", - "", - " javascript:", - " # (env: GRYPE_MATCH_JAVASCRIPT_USING_CPES)", - " using-cpes: false", - "", - " python:", - " # (env: GRYPE_MATCH_PYTHON_USING_CPES)", - " using-cpes: false", - "", - " ruby:", - " # (env: GRYPE_MATCH_RUBY_USING_CPES)", - " using-cpes: false", - "", - " rust:", - " # (env: GRYPE_MATCH_RUST_USING_CPES)", - " using-cpes: false", - "", - " stock:", - " # (env: GRYPE_MATCH_STOCK_USING_CPES)", - " using-cpes: true", - "", - " # set the return code to 1 if a vulnerability is found with a severity >= the given severity, options=[negligible low medium high critical] (env: GRYPE_FAIL_ON_SEVERITY)", - " fail-on-severity: ''", - "", - " registry:", - " # (env: GRYPE_REGISTRY_INSECURE_SKIP_TLS_VERIFY)", - " insecure-skip-tls-verify: false", - "", - " # (env: GRYPE_REGISTRY_INSECURE_USE_HTTP)", - " insecure-use-http: false", - "", - " auth: []", - "", - " # (env: GRYPE_REGISTRY_CA_CERT)", - " ca-cert: ''", - "", - " # show suppressed/ignored vulnerabilities in the output (only supported with table output format) (env: GRYPE_SHOW_SUPPRESSED)", - " show-suppressed: false", - "", - " # orient results by CVE instead of the original vulnerability ID when possible (env: GRYPE_BY_CVE)", - " by-cve: false", - "", - " # set the name of the target being analyzed (env: GRYPE_NAME)", - " name: ''", - "", - " # (env: GRYPE_DEFAULT_IMAGE_PULL_SOURCE)", - " default-image-pull-source: ''", - "", - " # a list of VEX documents to consider when producing scanning results (env: GRYPE_VEX_DOCUMENTS)", - " vex-documents: []", - "", - " # (env: GRYPE_VEX_ADD)", - " vex-add: []", - "", - " # delete downloaded databases after diff occurs (env: GRYPE_DELETE)", - " delete: false", - "", - " # CVE IDs to explain (env: GRYPE_CVE_IDS)", - " cve-ids: []", - "", - "Config Search Locations:", - " - .grype.yaml", - " - .grype/config.yaml", - " - /root/.grype.yaml", - " - /root/.config/grype/config.yaml", - " - /etc/xdg/grype/config.yaml", - "", "Available Commands:", " completion Generate a shell completion for Grype (listing local docker images)", " db vulnerability database operations", @@ -3460,7 +3280,7 @@ " completion Generate autocompletion script", " config Handle cached configurations", " delete Delete configurations in Kubescape SaaS version", - " download Download attack-tracks,controls-inputs,exceptions,control,framework,artifacts", + " download Download exceptions,control,framework,artifacts,attack-tracks,controls-inputs", " fix Fix misconfiguration in files", " help Help about any command", " list List frameworks/controls will list the supported frameworks and controls", @@ -3507,7 +3327,7 @@ " --version version for kubeval" ], "lightning-flow-scanner": [ - "(node:1905) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", + "(node:1903) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", "(Use `node --trace-deprecation ...` to show where the warning was created)", "Try to resolve the errors in the following flows:", "", @@ -3934,7 +3754,7 @@ " Print version" ], "markdown-link-check": [ - "(node:1680) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", + "(node:1676) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", "(Use `node --trace-deprecation ...` to show where the warning was created)", "Usage: markdown-link-check [options] [filenamesOrUrls...]", "", @@ -7972,7 +7792,7 @@ "@typescript-eslint/unbound-method typescript Best Practices Best Practices eslint-typescript" ], "sfdx-scanner-apex": [ - "(node:1921) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", + "(node:1920) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", "(Use `node --trace-deprecation ...` to show where the warning was created)", "scan a codebase with a selection of rules", "", @@ -8240,7 +8060,7 @@ " UnimplementedTypeRule apex Performance sfge N N" ], "sfdx-scanner-aura": [ - "(node:2146) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", + "(node:2144) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", "(Use `node --trace-deprecation ...` to show where the warning was created)", "scan a codebase with a selection of rules", "", @@ -8285,7 +8105,7 @@ "COMMANDS", " scanner run dfa scan codebase with all DFA rules", "", - "(node:2167) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", + "(node:2164) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", "(Use `node --trace-deprecation ...` to show where the warning was created)", "Warning: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA", " name languages categories rulesets [dep] engine is dfa is pilot", @@ -8508,7 +8328,7 @@ " UnimplementedTypeRule apex Performance sfge N N" ], "sfdx-scanner-lwc": [ - "(node:2376) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", + "(node:2372) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", "(Use `node --trace-deprecation ...` to show where the warning was created)", "scan a codebase with a selection of rules", "", @@ -8553,7 +8373,7 @@ "COMMANDS", " scanner run dfa scan codebase with all DFA rules", "", - "(node:2393) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", + "(node:2391) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.", "(Use `node --trace-deprecation ...` to show where the warning was created)", "Warning: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA", " name languages categories rulesets [dep] engine is dfa is pilot", @@ -8915,7 +8735,7 @@ " [--detailed-summary] [--archive FILE]", " [--cleanup-metadata FILE [FILE ...]] [--cleanup-shadow]", " [--skip-script-cleanup] [--unlock]", - " [--list-changes {params,code,input}] [--list-input-changes]", + " [--list-changes {code,input,params}] [--list-input-changes]", " [--list-params-changes] [--list-untracked]", " [--delete-all-output | --delete-temp-output]", " [--keep-incomplete] [--drop-metadata]", @@ -8944,7 +8764,7 @@ " [--shared-fs-usage {input-output,persistence,software-deployment,source-cache,sources,storage-local-copies,none} [{input-output,persistence,software-deployment,source-cache,sources,storage-local-copies,none} ...]]", " [--scheduler-greediness SCHEDULER_GREEDINESS] [--no-hooks]", " [--debug] [--runtime-profile FILE]", - " [--mode {default,remote,subprocess}] [--show-failed-logs]", + " [--mode {remote,subprocess,default}] [--show-failed-logs]", " [--log-handler-script FILE] [--log-service {none,slack,wms}]", " [--job-deploy-sources] [--container-image IMAGE]", " [--immediate-submit] [--jobscript SCRIPT] [--jobname NAME]", @@ -9185,10 +9005,9 @@ " configuration. If you rather prefer the traditional", " way of just considering file modification dates, use '", " --rerun-trigger mtime'. (default:", - " frozenset({,", - " , ,", - " , }))", + " frozenset({,", + " , ,", + " , }))", " --force, -f Force the execution of the selected target or the", " first rule regardless of already created output.", " (default: False)", @@ -9425,7 +9244,7 @@ " (default: False)", " --unlock Remove a lock on the working directory. (default:", " False)", - " --list-changes {params,code,input}, --lc {params,code,input}", + " --list-changes {code,input,params}, --lc {code,input,params}", " List all output files for which the rule body (run or", " shell) have changed in the Snakefile. (default: None)", " --list-input-changes, --li", @@ -9604,12 +9423,12 @@ " and data provenance will be handled by NFS but input", " and output files will be handled exclusively by the", " storage provider. (default:", - " frozenset({,", - " ,", - " ,", - " ,", + " frozenset({,", " ,", - " }))", + " ,", + " ,", + " ,", + " }))", " --scheduler-greediness SCHEDULER_GREEDINESS, --greediness SCHEDULER_GREEDINESS", " Set the greediness of scheduling. This value between 0", " and 1 determines how careful jobs are selected for", @@ -9623,7 +9442,7 @@ " --runtime-profile FILE", " Profile Snakemake and write the output to FILE. This", " requires yappi to be installed. (default: None)", - " --mode {default,remote,subprocess}", + " --mode {remote,subprocess,default}", " Set execution mode of Snakemake (internal use only).", " (default: default)", " --show-failed-logs Automatically display logs of failed jobs. (default:", diff --git a/.automation/generated/linter-versions.json b/.automation/generated/linter-versions.json index 8335eb0867d..44a33b8b51b 100644 --- a/.automation/generated/linter-versions.json +++ b/.automation/generated/linter-versions.json @@ -36,7 +36,7 @@ "golangci-lint": "1.56.1", "goodcheck": "3.1.0", "graphql-schema-linter": "3.0.1", - "grype": "0.74.5", + "grype": "0.74.6", "hadolint": "2.12.0", "helm": "3.13.2", "htmlhint": "1.1.4", diff --git a/CHANGELOG.md b/CHANGELOG.md index 42fa3d516e6..7ca66a3d670 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -33,6 +33,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l - [syft](https://github.com/anchore/syft) from 0.104.0 to **0.105.0** on 2024-02-14 - [trufflehog](https://github.com/trufflesecurity/trufflehog) from 3.67.5 to **3.67.6** on 2024-02-14 - [xmllint](https://gitlab.gnome.org/GNOME/libxml2/-/wikis/home) from 21106 to **21107** on 2024-02-14 + - [grype](https://github.com/anchore/grype) from 0.74.5 to **0.74.6** on 2024-02-14 ## [v7.9.0] - 2024-02-11 diff --git a/README.md b/README.md index d3cbaf93093..dce51ff6905 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ [![MegaLinter](https://github.com/oxsecurity/megalinter/workflows/MegaLinter/badge.svg?branch=main)](https://github.com/oxsecurity/megalinter/actions?query=workflow%3AMegaLinter+branch%3Amain) [![codecov](https://codecov.io/gh/oxsecurity/megalinter/branch/main/graph/badge.svg)](https://codecov.io/gh/oxsecurity/megalinter) -[![Generated by github-dependents-info](https://img.shields.io/static/v1?label=Used%20by&message=3478&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/blob/main/./docs/used-by-stats.md) +[![Generated by github-dependents-info](https://img.shields.io/static/v1?label=Used%20by&message=3479&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/blob/main/./docs/used-by-stats.md) [![Secured with Trivy](https://img.shields.io/badge/Trivy-secured-green?logo=docker)](https://github.com/aquasecurity/trivy) [![GitHub contributors](https://img.shields.io/github/contributors/oxsecurity/megalinter.svg)](https://github.com/oxsecurity/megalinter/graphs/contributors/) [![GitHub Sponsors](https://img.shields.io/github/sponsors/nvuillam)](https://github.com/sponsors/nvuillam) diff --git a/docs/all_linters.md b/docs/all_linters.md index 9bdef1d05aa..6076cbf5517 100644 --- a/docs/all_linters.md +++ b/docs/all_linters.md @@ -40,7 +40,7 @@ | [**gitleaks**](https://github.com/gitleaks/gitleaks){target=_blank} | 8.18.2 | [MIT](licenses/gitleaks.md) | [![GitHub stars](https://img.shields.io/github/stars/gitleaks/gitleaks?cacheSeconds=3600)](https://github.com/gitleaks/gitleaks){target=_blank} | [REPOSITORY](descriptors/repository_gitleaks.md) | :white_circle: | [Repository](https://github.com/gitleaks/gitleaks){target=_blank} | | [**golangci-lint**](https://github.com/golangci/golangci-lint){target=_blank} | 1.56.1 | [GPL-3.0](licenses/golangci-lint.md) | [![GitHub stars](https://img.shields.io/github/stars/golangci/golangci-lint?cacheSeconds=3600)](https://github.com/golangci/golangci-lint){target=_blank} | [GO](descriptors/go_golangci_lint.md) | :white_circle: | [Repository](https://github.com/golangci/golangci-lint){target=_blank} | | [**graphql-schema-linter**](https://github.com/cjoudrey/graphql-schema-linter){target=_blank} | 3.0.1 | [MIT](licenses/graphql-schema-linter.md) | [![GitHub stars](https://img.shields.io/github/stars/cjoudrey/graphql-schema-linter?cacheSeconds=3600)](https://github.com/cjoudrey/graphql-schema-linter){target=_blank} | [GRAPHQL](descriptors/graphql_graphql_schema_linter.md) | :hammer_and_wrench: | [Pull Request](https://github.com/cjoudrey/graphql-schema-linter/pull/272){target=_blank} | -| [**grype**](https://github.com/anchore/grype){target=_blank} | 0.74.5 | [Apache-2.0](licenses/grype.md) | [![GitHub stars](https://img.shields.io/github/stars/anchore/grype?cacheSeconds=3600)](https://github.com/anchore/grype){target=_blank} | [REPOSITORY](descriptors/repository_grype.md) | :white_circle: | [Repository](https://github.com/anchore/grype){target=_blank} | +| [**grype**](https://github.com/anchore/grype){target=_blank} | 0.74.6 | [Apache-2.0](licenses/grype.md) | [![GitHub stars](https://img.shields.io/github/stars/anchore/grype?cacheSeconds=3600)](https://github.com/anchore/grype){target=_blank} | [REPOSITORY](descriptors/repository_grype.md) | :white_circle: | [Repository](https://github.com/anchore/grype){target=_blank} | | [**hadolint**](https://github.com/hadolint/hadolint){target=_blank} | 2.12.0 | [GPL-3.0](licenses/hadolint.md) | [![GitHub stars](https://img.shields.io/github/stars/hadolint/hadolint?cacheSeconds=3600)](https://github.com/hadolint/hadolint){target=_blank} | [DOCKERFILE](descriptors/dockerfile_hadolint.md) | :heart: | [MegaLinter reference](https://github.com/hadolint/hadolint/blob/master/docs/INTEGRATION.md#mega-linter){target=_blank} | | [**helm**](https://github.com/helm/helm){target=_blank} | 3.13.2 | [Apache-2.0](licenses/helm.md) | [![GitHub stars](https://img.shields.io/github/stars/helm/helm?cacheSeconds=3600)](https://github.com/helm/helm){target=_blank} | [KUBERNETES](descriptors/kubernetes_helm.md) | :white_circle: | [Repository](https://github.com/helm/helm){target=_blank} | | [**htmlhint**](https://github.com/htmlhint/HTMLHint){target=_blank} | 1.1.4 | [MIT](licenses/htmlhint.md) | [![GitHub stars](https://img.shields.io/github/stars/htmlhint/HTMLHint?cacheSeconds=3600)](https://github.com/htmlhint/HTMLHint){target=_blank} | [HTML](descriptors/html_htmlhint.md) | :heart: | [MegaLinter reference](https://htmlhint.com/docs/user-guide/integrations/task-runner){target=_blank} | diff --git a/docs/descriptors/kubernetes_kubescape.md b/docs/descriptors/kubernetes_kubescape.md index 2223874119a..70d6cc703f4 100644 --- a/docs/descriptors/kubernetes_kubescape.md +++ b/docs/descriptors/kubernetes_kubescape.md @@ -125,7 +125,7 @@ Available Commands: completion Generate autocompletion script config Handle cached configurations delete Delete configurations in Kubescape SaaS version - download Download attack-tracks,controls-inputs,exceptions,control,framework,artifacts + download Download exceptions,control,framework,artifacts,attack-tracks,controls-inputs fix Fix misconfiguration in files help Help about any command list List frameworks/controls will list the supported frameworks and controls diff --git a/docs/descriptors/markdown_markdown_link_check.md b/docs/descriptors/markdown_markdown_link_check.md index ed06bee85a1..d8cce78707f 100644 --- a/docs/descriptors/markdown_markdown_link_check.md +++ b/docs/descriptors/markdown_markdown_link_check.md @@ -89,7 +89,7 @@ markdown-link-check -c .markdown-link-check.json myfile.md ### Help content ```shell -(node:1680) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. +(node:1676) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. (Use `node --trace-deprecation ...` to show where the warning was created) Usage: markdown-link-check [options] [filenamesOrUrls...] diff --git a/docs/descriptors/repository_grype.md b/docs/descriptors/repository_grype.md index 8b67b620e13..590673d870a 100644 --- a/docs/descriptors/repository_grype.md +++ b/docs/descriptors/repository_grype.md @@ -15,7 +15,7 @@ description: How to use grype (configure, ignore files, ignore errors, help & ve ## grype documentation -- Version in MegaLinter: **0.74.5** +- Version in MegaLinter: **0.74.6** - Visit [Official Web Site](https://github.com/anchore/grype#readme){target=_blank} - See [How to configure grype rules](https://github.com/anchore/grype#configuration){target=_blank} - If custom `.grype.yaml` config file isn't found, [.grype.yaml](https://github.com/oxsecurity/megalinter/tree/main/TEMPLATES/.grype.yaml){target=_blank} will be used @@ -112,190 +112,10 @@ You can also explicitly specify the scheme to use: You can also pipe in Syft JSON directly: syft yourimage:tag -o json | grype - - Usage: + grype [IMAGE] [flags] grype [command] -Application Configuration: - - log: - # suppress all logging output (env: GRYPE_LOG_QUIET) - quiet: false - - # increase verbosity (-v = info, -vv = debug) (env: GRYPE_LOG_VERBOSITY) - verbosity: 0 - - # explicitly set the logging level (available: [error warn info debug trace]) (env: GRYPE_LOG_LEVEL) - level: warn - - # file path to write logs to (env: GRYPE_LOG_FILE) - file: '' - - dev: - # capture resource profiling data (available: [cpu, mem]) (env: GRYPE_DEV_PROFILE) - profile: none - - # report output formatter, formats=[json table cyclonedx cyclonedx-json sarif template], deprecated formats=[embedded-cyclonedx-vex-json embedded-cyclonedx-vex-xml] (env: GRYPE_OUTPUT) - output: [] - - # file to write the default report output to (default is STDOUT) (env: GRYPE_FILE) - file: '' - - # distro to match against in the format: : (env: GRYPE_DISTRO) - distro: '' - - # generate CPEs for packages with no CPE data (env: GRYPE_ADD_CPES_IF_NONE) - add-cpes-if-none: false - - # specify the path to a Go template file (requires 'template' output to be selected) (env: GRYPE_OUTPUT_TEMPLATE_FILE) - output-template-file: '' - - # (env: GRYPE_CHECK_FOR_APP_UPDATE) - check-for-app-update: true - - # ignore matches for vulnerabilities that are not fixed (env: GRYPE_ONLY_FIXED) - only-fixed: false - - # ignore matches for vulnerabilities that are fixed (env: GRYPE_ONLY_NOTFIXED) - only-notfixed: false - - # ignore matches for vulnerabilities with specified comma separated fix states, options=[fixed not-fixed unknown wont-fix] (env: GRYPE_IGNORE_WONTFIX) - ignore-wontfix: '' - - # an optional platform specifier for container image sources (e.g. 'linux/arm64', 'linux/arm64/v8', 'arm64', 'linux') (env: GRYPE_PLATFORM) - platform: '' - - search: - # selection of layers to analyze, options=[squashed all-layers] (env: GRYPE_SEARCH_SCOPE) - scope: 'squashed' - - # (env: GRYPE_SEARCH_UNINDEXED_ARCHIVES) - unindexed-archives: false - - # (env: GRYPE_SEARCH_INDEXED_ARCHIVES) - indexed-archives: true - - ignore: [] - - # exclude paths from being scanned using a glob expression (env: GRYPE_EXCLUDE) - exclude: [] - - db: - # (env: GRYPE_DB_CACHE_DIR) - cache-dir: '/root/.cache/grype/db' - - # (env: GRYPE_DB_UPDATE_URL) - update-url: 'https://toolbox-data.anchore.io/grype/databases/listing.json' - - # (env: GRYPE_DB_CA_CERT) - ca-cert: '' - - # (env: GRYPE_DB_AUTO_UPDATE) - auto-update: true - - # (env: GRYPE_DB_VALIDATE_BY_HASH_ON_START) - validate-by-hash-on-start: false - - # (env: GRYPE_DB_VALIDATE_AGE) - validate-age: true - - # (env: GRYPE_DB_MAX_ALLOWED_BUILT_AGE) - max-allowed-built-age: 120h0m0s - - external-sources: - # (env: GRYPE_EXTERNAL_SOURCES_ENABLE) - enable: false - - maven: - # (env: GRYPE_EXTERNAL_SOURCES_MAVEN_SEARCH_MAVEN_UPSTREAM) - search-maven-upstream: true - - # (env: GRYPE_EXTERNAL_SOURCES_MAVEN_BASE_URL) - base-url: 'https://search.maven.org/solrsearch/select' - - match: - java: - # (env: GRYPE_MATCH_JAVA_USING_CPES) - using-cpes: false - - dotnet: - # (env: GRYPE_MATCH_DOTNET_USING_CPES) - using-cpes: false - - golang: - # (env: GRYPE_MATCH_GOLANG_USING_CPES) - using-cpes: false - - # (env: GRYPE_MATCH_GOLANG_ALWAYS_USE_CPE_FOR_STDLIB) - always-use-cpe-for-stdlib: true - - javascript: - # (env: GRYPE_MATCH_JAVASCRIPT_USING_CPES) - using-cpes: false - - python: - # (env: GRYPE_MATCH_PYTHON_USING_CPES) - using-cpes: false - - ruby: - # (env: GRYPE_MATCH_RUBY_USING_CPES) - using-cpes: false - - rust: - # (env: GRYPE_MATCH_RUST_USING_CPES) - using-cpes: false - - stock: - # (env: GRYPE_MATCH_STOCK_USING_CPES) - using-cpes: true - - # set the return code to 1 if a vulnerability is found with a severity >= the given severity, options=[negligible low medium high critical] (env: GRYPE_FAIL_ON_SEVERITY) - fail-on-severity: '' - - registry: - # (env: GRYPE_REGISTRY_INSECURE_SKIP_TLS_VERIFY) - insecure-skip-tls-verify: false - - # (env: GRYPE_REGISTRY_INSECURE_USE_HTTP) - insecure-use-http: false - - auth: [] - - # (env: GRYPE_REGISTRY_CA_CERT) - ca-cert: '' - - # show suppressed/ignored vulnerabilities in the output (only supported with table output format) (env: GRYPE_SHOW_SUPPRESSED) - show-suppressed: false - - # orient results by CVE instead of the original vulnerability ID when possible (env: GRYPE_BY_CVE) - by-cve: false - - # set the name of the target being analyzed (env: GRYPE_NAME) - name: '' - - # (env: GRYPE_DEFAULT_IMAGE_PULL_SOURCE) - default-image-pull-source: '' - - # a list of VEX documents to consider when producing scanning results (env: GRYPE_VEX_DOCUMENTS) - vex-documents: [] - - # (env: GRYPE_VEX_ADD) - vex-add: [] - - # delete downloaded databases after diff occurs (env: GRYPE_DELETE) - delete: false - - # CVE IDs to explain (env: GRYPE_CVE_IDS) - cve-ids: [] - -Config Search Locations: - - .grype.yaml - - .grype/config.yaml - - /root/.grype.yaml - - /root/.config/grype/config.yaml - - /etc/xdg/grype/config.yaml - Available Commands: completion Generate a shell completion for Grype (listing local docker images) db vulnerability database operations diff --git a/docs/descriptors/salesforce_lightning_flow_scanner.md b/docs/descriptors/salesforce_lightning_flow_scanner.md index f5488052efe..c867d16b805 100644 --- a/docs/descriptors/salesforce_lightning_flow_scanner.md +++ b/docs/descriptors/salesforce_lightning_flow_scanner.md @@ -88,7 +88,7 @@ sfdx flow:scan ### Help content ```shell -(node:1905) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. +(node:1903) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. (Use `node --trace-deprecation ...` to show where the warning was created) Try to resolve the errors in the following flows: diff --git a/docs/descriptors/salesforce_sfdx_scanner_apex.md b/docs/descriptors/salesforce_sfdx_scanner_apex.md index c2db79b20fa..490cd947c9a 100644 --- a/docs/descriptors/salesforce_sfdx_scanner_apex.md +++ b/docs/descriptors/salesforce_sfdx_scanner_apex.md @@ -93,7 +93,7 @@ sfdx scanner:run ### Help content ```shell -(node:1921) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. +(node:1920) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. (Use `node --trace-deprecation ...` to show where the warning was created) scan a codebase with a selection of rules diff --git a/docs/descriptors/salesforce_sfdx_scanner_aura.md b/docs/descriptors/salesforce_sfdx_scanner_aura.md index f1d45199d94..6ddf760f965 100644 --- a/docs/descriptors/salesforce_sfdx_scanner_aura.md +++ b/docs/descriptors/salesforce_sfdx_scanner_aura.md @@ -89,7 +89,7 @@ sfdx scanner:run ### Help content ```shell -(node:2146) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. +(node:2144) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. (Use `node --trace-deprecation ...` to show where the warning was created) scan a codebase with a selection of rules @@ -134,7 +134,7 @@ FLAGS COMMANDS scanner run dfa scan codebase with all DFA rules -(node:2167) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. +(node:2164) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. (Use `node --trace-deprecation ...` to show where the warning was created) Warning: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA name languages categories rulesets [dep] engine is dfa is pilot diff --git a/docs/descriptors/salesforce_sfdx_scanner_lwc.md b/docs/descriptors/salesforce_sfdx_scanner_lwc.md index f72e0618d51..f8526977963 100644 --- a/docs/descriptors/salesforce_sfdx_scanner_lwc.md +++ b/docs/descriptors/salesforce_sfdx_scanner_lwc.md @@ -89,7 +89,7 @@ sfdx scanner:run ### Help content ```shell -(node:2376) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. +(node:2372) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. (Use `node --trace-deprecation ...` to show where the warning was created) scan a codebase with a selection of rules @@ -134,7 +134,7 @@ FLAGS COMMANDS scanner run dfa scan codebase with all DFA rules -(node:2393) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. +(node:2391) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead. (Use `node --trace-deprecation ...` to show where the warning was created) Warning: We're continually improving Salesforce Code Analyzer. Tell us what you think! Give feedback at https://research.net/r/SalesforceCA name languages categories rulesets [dep] engine is dfa is pilot diff --git a/docs/descriptors/snakemake_snakemake.md b/docs/descriptors/snakemake_snakemake.md index 5e2e00879ec..0b17c09d3f8 100644 --- a/docs/descriptors/snakemake_snakemake.md +++ b/docs/descriptors/snakemake_snakemake.md @@ -133,7 +133,7 @@ usage: snakemake [-h] [--dry-run] [--profile PROFILE] [--detailed-summary] [--archive FILE] [--cleanup-metadata FILE [FILE ...]] [--cleanup-shadow] [--skip-script-cleanup] [--unlock] - [--list-changes {params,code,input}] [--list-input-changes] + [--list-changes {code,input,params}] [--list-input-changes] [--list-params-changes] [--list-untracked] [--delete-all-output | --delete-temp-output] [--keep-incomplete] [--drop-metadata] @@ -162,7 +162,7 @@ usage: snakemake [-h] [--dry-run] [--profile PROFILE] [--shared-fs-usage {input-output,persistence,software-deployment,source-cache,sources,storage-local-copies,none} [{input-output,persistence,software-deployment,source-cache,sources,storage-local-copies,none} ...]] [--scheduler-greediness SCHEDULER_GREEDINESS] [--no-hooks] [--debug] [--runtime-profile FILE] - [--mode {default,remote,subprocess}] [--show-failed-logs] + [--mode {remote,subprocess,default}] [--show-failed-logs] [--log-handler-script FILE] [--log-service {none,slack,wms}] [--job-deploy-sources] [--container-image IMAGE] [--immediate-submit] [--jobscript SCRIPT] [--jobname NAME] @@ -403,10 +403,9 @@ EXECUTION: configuration. If you rather prefer the traditional way of just considering file modification dates, use ' --rerun-trigger mtime'. (default: - frozenset({, - , , - , })) + frozenset({, + , , + , })) --force, -f Force the execution of the selected target or the first rule regardless of already created output. (default: False) @@ -643,7 +642,7 @@ UTILITIES: (default: False) --unlock Remove a lock on the working directory. (default: False) - --list-changes {params,code,input}, --lc {params,code,input} + --list-changes {code,input,params}, --lc {code,input,params} List all output files for which the rule body (run or shell) have changed in the Snakefile. (default: None) --list-input-changes, --li @@ -822,12 +821,12 @@ BEHAVIOR: and data provenance will be handled by NFS but input and output files will be handled exclusively by the storage provider. (default: - frozenset({, - , - , - , + frozenset({, , - })) + , + , + , + })) --scheduler-greediness SCHEDULER_GREEDINESS, --greediness SCHEDULER_GREEDINESS Set the greediness of scheduling. This value between 0 and 1 determines how careful jobs are selected for @@ -841,7 +840,7 @@ BEHAVIOR: --runtime-profile FILE Profile Snakemake and write the output to FILE. This requires yappi to be installed. (default: None) - --mode {default,remote,subprocess} + --mode {remote,subprocess,default} Set execution mode of Snakemake (internal use only). (default: default) --show-failed-logs Automatically display logs of failed jobs. (default: diff --git a/docs/used-by-stats.md b/docs/used-by-stats.md index b7ddfc30190..2947ff370be 100644 --- a/docs/used-by-stats.md +++ b/docs/used-by-stats.md @@ -1,15 +1,15 @@ # Dependents stats for oxsecurity/megalinter -[![Generated by github-dependents-info](https://img.shields.io/static/v1?label=Used%20by&message=3478&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) -[![Generated by github-dependents-info](https://img.shields.io/static/v1?label=Used%20by%20(public)&message=2332&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) +[![Generated by github-dependents-info](https://img.shields.io/static/v1?label=Used%20by&message=3479&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) +[![Generated by github-dependents-info](https://img.shields.io/static/v1?label=Used%20by%20(public)&message=2333&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) [![Generated by github-dependents-info](https://img.shields.io/static/v1?label=Used%20by%20(private)&message=1146&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) -[![Generated by github-dependents-info](https://img.shields.io/static/v1?label=Used%20by%20(stars)&message=79718&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) +[![Generated by github-dependents-info](https://img.shields.io/static/v1?label=Used%20by%20(stars)&message=79744&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/network/dependents) | Repository | Stars | |:-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------:| -|   [nektos](https://github.com/nektos) / [act](https://github.com/nektos/act) | 47777 | +|   [nektos](https://github.com/nektos) / [act](https://github.com/nektos/act) | 47780 | |   [PRQL](https://github.com/PRQL) / [prql](https://github.com/PRQL/prql) | 9068 | -|   [jdx](https://github.com/jdx) / [mise](https://github.com/jdx/mise) | 5046 | +|   [jdx](https://github.com/jdx) / [mise](https://github.com/jdx/mise) | 5048 | |   [dorssel](https://github.com/dorssel) / [usbipd-win](https://github.com/dorssel/usbipd-win) | 2783 | |   [stepancheg](https://github.com/stepancheg) / [rust-protobuf](https://github.com/stepancheg/rust-protobuf) | 2602 | |   [IlanCosman](https://github.com/IlanCosman) / [tide](https://github.com/IlanCosman/tide) | 2464 | @@ -85,6 +85,7 @@ |   [nvuillam](https://github.com/nvuillam) / [sfdx-essentials](https://github.com/nvuillam/sfdx-essentials) | 49 | |   [quackduck](https://github.com/quackduck) / [rem](https://github.com/quackduck/rem) | 49 | |   [ruzickap](https://github.com/ruzickap) / [k8s-flagger-istio-flux](https://github.com/ruzickap/k8s-flagger-istio-flux) | 49 | +|   [npalm](https://github.com/npalm) / [action-docs](https://github.com/npalm/action-docs) | 48 | |   [leosuncin](https://github.com/leosuncin) / [nest-typeorm-custom-repository](https://github.com/leosuncin/nest-typeorm-custom-repository) | 47 | |   [Amplitude-Developer-Docs](https://github.com/Amplitude-Developer-Docs) / [amplitude-dev-center](https://github.com/Amplitude-Developer-Docs/amplitude-dev-center) | 47 | |   [ZEISS](https://github.com/ZEISS) / [libczi](https://github.com/ZEISS/libczi) | 47 |