From 1849812548add4e3cad10e8a483155b7398ccba5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 May 2026 21:23:02 +0000 Subject: [PATCH 1/5] Bump oxsecurity/megalinter from 9.4.0 to 9.5.0 Bumps [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter) from 9.4.0 to 9.5.0. - [Release notes](https://github.com/oxsecurity/megalinter/releases) - [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md) - [Commits](https://github.com/oxsecurity/megalinter/compare/v9.4.0...v9.5.0) --- updated-dependencies: - dependency-name: oxsecurity/megalinter dependency-version: 9.5.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/mega-linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index cbe110eb..05e006c9 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -43,7 +43,7 @@ jobs: id: ml # You can override MegaLinter flavor used to have faster performances # More info at https://megalinter.io/flavors/ - uses: oxsecurity/megalinter@v9.4.0 + uses: oxsecurity/megalinter@v9.5.0 env: # All available variables are described in documentation # https://megalinter.io/configuration/ From 50714d24a49958aa2f585afeb9441da7cd90af93 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ku=C4=8Dera?= <26327373+vkucera@users.noreply.github.com> Date: Mon, 1 Jun 2026 23:09:03 +0200 Subject: [PATCH 2/5] Configure zizmor --- .mega-linter.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.mega-linter.yml b/.mega-linter.yml index dca1d8c4..a71b11b4 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -38,3 +38,4 @@ PYTHON_RUFF_CONFIG_FILE: pyproject.toml CPP_CPPLINT_FILE_EXTENSIONS: [".C", ".c", ".c++", ".cc", ".cl", ".cpp", ".cu", ".cuh", ".cxx", ".cxx.in", ".h", ".h++", ".hh", ".h.in", ".hpp", ".hxx", ".inc", ".inl", ".macro"] CPP_CLANG_FORMAT_FILE_EXTENSIONS: [".C", ".c", ".c++", ".cc", ".cl", ".cpp", ".cu", ".cuh", ".cxx", ".cxx.in", ".h", ".h++", ".hh", ".h.in", ".hpp", ".hxx", ".inc", ".inl", ".macro"] FILTER_REGEX_EXCLUDE: (codeQA/|Upgrade/) +ACTION_ZIZMOR_UNSECURED_ENV_VARIABLES: [GITHUB_TOKEN] From 693079ee5d53eb5757b8640ddd26dc9a67c745b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ku=C4=8Dera?= <26327373+vkucera@users.noreply.github.com> Date: Tue, 2 Jun 2026 00:41:33 +0200 Subject: [PATCH 3/5] Fix credentials --- .github/workflows/mega-linter.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 05e006c9..fee29881 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -37,6 +37,7 @@ jobs: with: token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }} fetch-depth: 0 # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to improve performances + persist-credentials: false # MegaLinter - name: MegaLinter From 18004e6e1db0e9166ac9538957b570353a8bc960 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ku=C4=8Dera?= <26327373+vkucera@users.noreply.github.com> Date: Tue, 2 Jun 2026 00:57:46 +0200 Subject: [PATCH 4/5] Fix env --- .github/workflows/mega-linter.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index fee29881..48f09d85 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -67,7 +67,7 @@ jobs: - name: Print PR condition run: | # Print the condition - echo "(${{ env.APPLY_FIXES_EVENT }} == 'all' || ${{ env.APPLY_FIXES_EVENT }} == ${{ github.event_name }}) && ${{ env.APPLY_FIXES_MODE }} == 'pull_request' && (${{ github.event_name }} == 'push' || ${{ github.event.pull_request.head.repo.full_name }} == ${{ github.repository }})" + echo "(${APPLY_FIXES_EVENT} == 'all' || ${APPLY_FIXES_EVENT} == ${{ github.event_name }}) && ${APPLY_FIXES_MODE} == 'pull_request' && (${{ github.event_name }} == 'push' || ${{ github.event.pull_request.head.repo.full_name }} == ${{ github.repository }})" - name: Create Pull Request with applied fixes id: cpr if: (env.APPLY_FIXES_EVENT == 'all' || env.APPLY_FIXES_EVENT == github.event_name) && env.APPLY_FIXES_MODE == 'pull_request' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) From f6493bc3ac55773b9980ac10cf65c4e52067ae06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADt=20Ku=C4=8Dera?= <26327373+vkucera@users.noreply.github.com> Date: Tue, 2 Jun 2026 01:19:37 +0200 Subject: [PATCH 5/5] Disable osv scanner --- .mega-linter.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.mega-linter.yml b/.mega-linter.yml index a71b11b4..97d460f3 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -19,6 +19,7 @@ DISABLE_LINTERS: - PYTHON_ISORT - REPOSITORY_DEVSKIM - REPOSITORY_KICS + - REPOSITORY_OSV_SCANNER - REPOSITORY_SECRETLINT - REPOSITORY_TRIVY - YAML_PRETTIER