PHP PHIVE: Use keys.openpgp.org and fingerprint for phive key verification

.automation/generated/linter-versions.json

@@ -17,7 +17,7 @@
     "cljstyle": "0.15.0",
     "coffeelint": "5.2.11",
     "cpplint": "1.6.1",
-    "csharpier": "0.26.6",
+    "csharpier": "0.26.7",
     "cspell": "8.1.3",
     "dartanalyzer": "0.0.0",
     "devskim": "1.0.27",

CHANGELOG.md

@@ -19,6 +19,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l
 
 - Fixes
   - tekton-lint is now published as @ibm/tekton-lint, by @echoix in [#3210](https://github.com/oxsecurity/megalinter/pull/3210)
+  - PHP PHIVE: Use keys.openpgp.org and fingerprint for phive key verification, by @echoix in [#3230](https://github.com/oxsecurity/megalinter/pull/3230)
 
 - Doc
   - Upgrade url to [PHP CodeSniffer](https://github.com/PHPCSStandards/PHP_CodeSniffer), as now the original repo is not maintained anymore.
@@ -66,6 +67,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l
   - [terragrunt](https://terragrunt.gruntwork.io) from 0.54.4 to **0.54.5** on 2023-12-16
   - [npm-groovy-lint](https://nvuillam.github.io/npm-groovy-lint/) from 13.0.2 to **14.0.0** on 2023-12-16
   - [terrascan](https://runterrascan.io/) from 1.18.3 to **1.18.8** on 2023-12-16
+  - [csharpier](https://csharpier.com/) from 0.26.6 to **0.26.7** on 2023-12-16
 <!-- linter-versions-end -->
 
 ## [v7.7.0] - 2023-12-09

Dockerfile

@@ -449,11 +449,11 @@ RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GI
     && export GITHUB_AUTH_TOKEN \
     && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \
     && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \
-    && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \
-    && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \
+    && PHAR_KEY_ID="0x6AF725270AB81E04D79442549D8A98B29B2D5D79" \
+    && ( gpg --keyserver hkps://keys.openpgp.org --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" ) \
     && gpg --verify phive.phar.asc phive.phar \
     && chmod +x phive.phar \
     && mv phive.phar /usr/local/bin/phive \

docs/all_linters.md

@@ -23,7 +23,7 @@
 | [**cljstyle**](https://github.com/greglook/cljstyle){target=_blank}                                                |    0.15.0     |        [EPL-1.0](licenses/cljstyle.md)         |                                  [![GitHub stars](https://img.shields.io/github/stars/greglook/cljstyle?cacheSeconds=3600)](https://github.com/greglook/cljstyle){target=_blank}                                  | [CLOJURE](descriptors/clojure_cljstyle.md)                                                                                                                                                 |       :heart:       |                      [MegaLinter reference](https://github.com/greglook/cljstyle/blob/main/doc/integrations.md){target=_blank}                      |
 | [**coffeelint**](https://github.com/clutchski/coffeelint){target=_blank}                                           |    5.2.11     |        [Other](licenses/coffeelint.md)         |                               [![GitHub stars](https://img.shields.io/github/stars/clutchski/coffeelint?cacheSeconds=3600)](https://github.com/clutchski/coffeelint){target=_blank}                               | [COFFEE](descriptors/coffee_coffeelint.md)                                                                                                                                                 |   :white_circle:    |                                        [Repository](https://github.com/clutchski/coffeelint){target=_blank}                                         |
 | [**cpplint**](https://github.com/cpplint/cpplint){target=_blank}                                                   |     1.6.1     |          [Other](licenses/cpplint.md)          |                                    [![GitHub stars](https://img.shields.io/github/stars/cpplint/cpplint?cacheSeconds=3600)](https://github.com/cpplint/cpplint){target=_blank}                                    | [C](descriptors/c_cpplint.md)<br/> [CPP](descriptors/cpp_cpplint.md)                                                                                                                       |   :white_circle:    |                                           [Repository](https://github.com/cpplint/cpplint){target=_blank}                                           |
-| [**csharpier**](https://github.com/belav/csharpier){target=_blank}                                                 |    0.26.6     |          [MIT](licenses/csharpier.md)          |                                    [![GitHub stars](https://img.shields.io/github/stars/belav/csharpier?cacheSeconds=3600)](https://github.com/belav/csharpier){target=_blank}                                    | [CSHARP](descriptors/csharp_csharpier.md)                                                                                                                                                  |   :white_circle:    |                                           [Repository](https://github.com/belav/csharpier){target=_blank}                                           |
+| [**csharpier**](https://github.com/belav/csharpier){target=_blank}                                                 |    0.26.7     |          [MIT](licenses/csharpier.md)          |                                    [![GitHub stars](https://img.shields.io/github/stars/belav/csharpier?cacheSeconds=3600)](https://github.com/belav/csharpier){target=_blank}                                    | [CSHARP](descriptors/csharp_csharpier.md)                                                                                                                                                  |   :white_circle:    |                                           [Repository](https://github.com/belav/csharpier){target=_blank}                                           |
 | [**cspell**](https://github.com/streetsidesoftware/cspell){target=_blank}                                          |     8.1.3     |           [MIT](licenses/cspell.md)            |                          [![GitHub stars](https://img.shields.io/github/stars/streetsidesoftware/cspell?cacheSeconds=3600)](https://github.com/streetsidesoftware/cspell){target=_blank}                          | [SPELL](descriptors/spell_cspell.md)                                                                                                                                                       |       :heart:       |             [MegaLinter reference](https://github.com/streetsidesoftware/cspell/tree/master/packages/cspell#mega-linter){target=_blank}             |
 | [**dartanalyzer**](https://github.com/dart-lang/sdk){target=_blank}                                                |      N/A      |    [BSD-3-Clause](licenses/dartanalyzer.md)    |                                      [![GitHub stars](https://img.shields.io/github/stars/dart-lang/sdk?cacheSeconds=3600)](https://github.com/dart-lang/sdk){target=_blank}                                      | [DART](descriptors/dart_dartanalyzer.md)                                                                                                                                                   |   :no_entry_sign:   |                                            [Repository](https://github.com/dart-lang/sdk){target=_blank}                                            |
 | [**devskim**](https://github.com/microsoft/DevSkim){target=_blank}                                                 |    1.0.27     |           [MIT](licenses/devskim.md)           |                                  [![GitHub stars](https://img.shields.io/github/stars/microsoft/DevSkim?cacheSeconds=3600)](https://github.com/microsoft/DevSkim){target=_blank}                                  | [REPOSITORY](descriptors/repository_devskim.md)                                                                                                                                            |   :white_circle:    |                                          [Repository](https://github.com/microsoft/DevSkim){target=_blank}                                          |

docs/descriptors/csharp_csharpier.md

@@ -9,7 +9,7 @@ description: How to use csharpier (configure, ignore files, ignore errors, help
 
 ## csharpier documentation
 
-- Version in MegaLinter: **0.26.6**
+- Version in MegaLinter: **0.26.7**
 - Visit [Official Web Site](https://csharpier.com/){target=_blank}
 - See [How to configure csharpier rules](https://csharpier.com/docs/Configuration){target=_blank}
 - See [How to ignore files and directories with csharpier](https://csharpier.com/docs/Ignore){target=_blank}

docs/descriptors/kubernetes_kubescape.md

@@ -125,7 +125,7 @@ Available Commands:
   completion  Generate autocompletion script
   config      Handle cached configurations
   delete      Delete configurations in Kubescape SaaS version
-  download    Download controls-inputs,exceptions,control,framework,artifacts,attack-tracks
+  download    Download attack-tracks,controls-inputs,exceptions,control,framework,artifacts
   fix         Fix misconfiguration in files
   help        Help about any command
   list        List frameworks/controls will list the supported frameworks and controls

docs/descriptors/repository_syft.md

@@ -93,7 +93,7 @@ Application Configuration:
 
   format:
     # (env: SYFT_FORMAT_PRETTY)
-    pretty: 0xc000567650
+    pretty: 0xc0005c7810
 
     template:
       # specify the path to a Go template file (env: SYFT_FORMAT_TEMPLATE_PATH)

docs/descriptors/spell_vale.md

@@ -142,9 +142,9 @@ Flags:
 
 Commands:
 
- sync             Download and install external configuration sources.
  ls-config        Print the current configuration to stdout.
  ls-metrics       Print the given file's internal metrics to stdout.
+ sync             Download and install external configuration sources.
 
 ```
 

docs/used-by-stats.md

@@ -7,18 +7,18 @@
 
 | Repository                                                                                                                                                                      | Stars |
 |:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------:|
-| [nektos/act](https://github.com/nektos/act)                                                                                                                                     | 46027 |
-| [PRQL/prql](https://github.com/PRQL/prql)                                                                                                                                       |  8734 |
+| [nektos/act](https://github.com/nektos/act)                                                                                                                                     | 46032 |
+| [PRQL/prql](https://github.com/PRQL/prql)                                                                                                                                       |  8736 |
 | [jdx/rtx](https://github.com/jdx/rtx)                                                                                                                                           |  3679 |
 | [stepancheg/rust-protobuf](https://github.com/stepancheg/rust-protobuf)                                                                                                         |  2572 |
 | [dorssel/usbipd-win](https://github.com/dorssel/usbipd-win)                                                                                                                     |  2557 |
-| [IlanCosman/tide](https://github.com/IlanCosman/tide)                                                                                                                           |  2328 |
+| [IlanCosman/tide](https://github.com/IlanCosman/tide)                                                                                                                           |  2327 |
 | [PowerDNS-Admin/PowerDNS-Admin](https://github.com/PowerDNS-Admin/PowerDNS-Admin)                                                                                               |  2201 |
 | [microsoft/code-with-engineering-playbook](https://github.com/microsoft/code-with-engineering-playbook)                                                                         |  1919 |
 | [ever-co/ever-gauzy](https://github.com/ever-co/ever-gauzy)                                                                                                                     |  1600 |
-| [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter)                                                                                                               |  1570 |
+| [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter)                                                                                                               |  1569 |
 | [unixorn/git-extra-commands](https://github.com/unixorn/git-extra-commands)                                                                                                     |   937 |
-| [meichthys/foss_photo_libraries](https://github.com/meichthys/foss_photo_libraries)                                                                                             |   913 |
+| [meichthys/foss_photo_libraries](https://github.com/meichthys/foss_photo_libraries)                                                                                             |   914 |
 | [Romanitho/Winget-AutoUpdate](https://github.com/Romanitho/Winget-AutoUpdate)                                                                                                   |   729 |
 | [unixorn/zsh-quickstart-kit](https://github.com/unixorn/zsh-quickstart-kit)                                                                                                     |   705 |
 | [ministryofjustice/modernisation-platform](https://github.com/ministryofjustice/modernisation-platform)                                                                         |   670 |

flavors/cupcake/Dockerfile

@@ -355,11 +355,11 @@ RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GI
     && export GITHUB_AUTH_TOKEN \
     && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \
     && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \
-    && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \
-    && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \
+    && PHAR_KEY_ID="0x6AF725270AB81E04D79442549D8A98B29B2D5D79" \
+    && ( gpg --keyserver hkps://keys.openpgp.org --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" ) \
     && gpg --verify phive.phar.asc phive.phar \
     && chmod +x phive.phar \
     && mv phive.phar /usr/local/bin/phive \

flavors/php/Dockerfile

@@ -250,11 +250,11 @@ RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GI
     && export GITHUB_AUTH_TOKEN \
     && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \
     && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \
-    && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \
-    && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \
+    && PHAR_KEY_ID="0x6AF725270AB81E04D79442549D8A98B29B2D5D79" \
+    && ( gpg --keyserver hkps://keys.openpgp.org --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" ) \
     && gpg --verify phive.phar.asc phive.phar \
     && chmod +x phive.phar \
     && mv phive.phar /usr/local/bin/phive \

linters/php_phpcs/Dockerfile

@@ -137,11 +137,11 @@ RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GI
     && export GITHUB_AUTH_TOKEN \
     && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \
     && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \
-    && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \
-    && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \
+    && PHAR_KEY_ID="0x6AF725270AB81E04D79442549D8A98B29B2D5D79" \
+    && ( gpg --keyserver hkps://keys.openpgp.org --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" ) \
     && gpg --verify phive.phar.asc phive.phar \
     && chmod +x phive.phar \
     && mv phive.phar /usr/local/bin/phive \

linters/php_phplint/Dockerfile

@@ -137,11 +137,11 @@ RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GI
     && export GITHUB_AUTH_TOKEN \
     && wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \
     && wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \
-    && PHAR_KEY_ID="0x9D8A98B29B2D5D79" \
-    && ( gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver ha.pool.sks-keyservers.net --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" \
-        || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" ) \
+    && PHAR_KEY_ID="0x6AF725270AB81E04D79442549D8A98B29B2D5D79" \
+    && ( gpg --keyserver hkps://keys.openpgp.org --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \
+       || gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" ) \
     && gpg --verify phive.phar.asc phive.phar \
     && chmod +x phive.phar \
     && mv phive.phar /usr/local/bin/phive \