Linters affected:
- actionlint
- Kubeconform
- Perlcritic
Also:
- Update package-lock.json to update some vulnerable dependencies.
- Mount dependency files to where the dependency manager expects them so
it's easier to update vulnerable dependencies.
Fix#6084
Reduce the number of processes to 1 if at least one FIX_xxxx variable is
set to true. This avoids that Parallel runs multiple processes that
might edit the same file at the same time.
Remove an undocumented corner case that might cause Super-linter to
consider a configuration value for a configuration file that points to a
non-existing YAML file as valid. Before this change, Super-linter falls
back to a yml (yaml) extension if the configuration value points to a
non-existing file with a yaml (yml) extension. This workaround dates
back to when Super-linter didn't support customizing configuration file
names.
Now, if the configuration file doesn't exist, Super-linter throws a
fatal error so users can fix their configuration instead.
- Add missing fix mode options for: CLANG_FORMAT, ENV,
GOOGLE_JAVA_FORMAT, NATURAL_LANGUAGE, PYTHON_ISORT, RUST_CLIPPY.
- Refactor linter tests to make them shorter because there's no need to
have big test files.
- Refactor 'bad' linter tests for linters that support fix mode so they
contain only automatically fixable issues. This is needed to avoid
adding another set of 'bad' linter tests for fix mode.
- Provide configuration files for linters that support fix mode and for
which the default configuration is not suitable to enable fix mode:
ansible-lint, ESLint, golangci-lint.
- Add a test case for linter commands options for linters that support
fix mode, to ensure that fix mode and check-only mode options have
been defined.
- Refactor the fix mode test to check if linters actually applied
modifications to files.
- Update documentation about adding test cases for linters that support
fix mode.
- Don't exit with a fatal error if VALIDATE_xxx is false when testing
fix mode because not all linters support fix mode. To enable this, set
the new FIX_MODE_TEST_CASE_RUN variable to true.
Certain linters and formatters support fixing linting and formatting
issues (fix mode). Before this change, Super-linter runs linters and
formatters in a mode that doesn't modify the source code in any way
(check only mode).
With this change, Super-linter supports running linters and formatters
in fix mode if explicitly requested by the configuration. If the
configuration includes a variable named FIX_<language_name>,
Super-linters modifies the command to run the linter or formatter for
<language_name> to enable fix mode.
The modifications to the linter or formatter command that Super-linter
applies depend on what is the default for a particular linter: it either
removes or adds options to the command to run the linter or formatter.
Add the --gitignore option to LINTER_COMMANDS_ARRAY_JSCPD when
IGNORE_GITIGNORED_FILES=true. Users can also set the gitignore options
in the Jscpd configuration file, but with this change we make Jscpd
automatically respecting that.
Remove clippy.sh script and run cargo-clippy directly. The script was
needed because when we introduced cargo-clippy, Super-linter didn't have
a way to customize the working directory when running linters and
formatters. Now, we can use GNU Parallel to handle that case.
This will unblock the work to do to implement #4001 (pass custom options
to cargo-clippy).
- Remove the previous summary file is present to avoid showing stale
contents from old summaries.
- Extract the logic to write summary heading and lines to dedicated
functions in output.sh to make it easier adding new formats in the
future.
- Store Super-linter outputs in the main output directory.
- Update README with a few fixes and details about outputs.
- Add missing test cases for when the configuration didn't enable any
output.
- Allow using both Prettier and StandardJS at the same time by removing
JAVASCRIPT_DEFAULT_STYLE and TYPESCRIPT_DEFAULT_STYLE
configuration variables. They create a confusing corner case that
Super-linter already handles with its core logic that's in place to
enable and disable linters.
- Document VALIDATE_JAVASCRIPT_PRETTIER and VALIDATE_TYPESCRIPT_PRETTIER
because they were missing from the README.
- Add missing TYPESCRIPT_PRETTIER tests.
- Move USE_FIND_ALGORITHM and VALIDATE_ALL_CODEBASE validation in a
dedicated function (ValidateFindMode).
- Move ANSIBLE_DIRECTORY validation to a dedicated function
(ValidateAnsibleDirectory).
- Move VALIDATE_xxxx variables validation to a dedicated function
(ValidateValidationVariables).
- Mark ANY_SET, ANY_TRUE, ANY_FALSE as local because we don't need to
reference them anywhere outside ValidateValidationVariables.
- Add some debug statements in validation functions.
- Merge the loops to initialize VALIDATE_xxx variables and to print
enable/disable language debug messages.
- Add tests for these validation functions.
- Add test start message for all tests.
- Remove --no-eslintrc to simplify the upgrade path to ESlint >= v9,
because v9 defaults to aonther configuration file format.
- Simplify the default ESlint configuration removing options that have
been deprecated, or that are equal to the default ones.
Close#5688
- New SAVE_SUPER_LINTER_OUTPUT variable. When set to true,
saves super-linter output to ${DEFAULT_WORKSPACE}/${SUPER_LINTER_OUTPUT_DIRECTORY_NAME}
- New SUPER_LINTER_OUTPUT_DIRECTORY_NAME variable to set the output
directory name instide the default workspace.
Close#5774
Don't skip processing the current item (FILE) before we give
BuildFileArrays the chance to process it as an item to eventually add to
the list of directories to lint with ansible-lint.
Fix#5789
Other related changes
- Add a new make target to open a shell in a Super-linter container.
- Use a fixed path for FILE_ARRAYS_DIRECTORY_PATH so we can verify its
contents in tests
- Remove redundant ValidateBooleanVariable in buildFileList because we
already check those variables in valudation.
- Move Ansible directory detection to a function so we can reuse it.
- Add missing exports for global configuration variables.
- Remove unused LOG_XXXX variables from tests. These should have been
deleted when we moved log variables to log.sh
- Support passing an arbitrary path to the shellcheck configuration file
with the BASH_CONFIG_FILE_NAME variable. This brings shellcheck in
line with other linters that support configuration files.
- Enable shellcheck external sources using a directive in the
configuration file, so users can eventually override it if not needed.
- Export command configuration variables that subprocesses might need.
Close#5414
- Write log messages in the log file according to the LOG_LEVEL that the
user configured (or the default), instead of printing all the messages
regardless of LOG_LEVEL to the log file.
- Don't emit colors if there is no terminal
Close#5337
feat: configure ruff
feat: update the orchestration scripts
feat: update the test suite
docs: update README
feat: add test cases for ruff
fix: CI error
chore: del .github/linters/.ruff.toml
fix: CI error
fix: README
update: LINTER_NAMES_ARRAY
fix: Dockerfile
fix: .github/linters/.jscpd.json
fix: test files
fix: del version_command
- Export the TEST_CASE_RUN variable because subprocesses reference it
when building the file list.
- Remove a duplicate file that we didn't catch because Jscpd was not
running due to the TEST_CASE_RUN variable not being exported.
Fix#5483
Introduce a new configuration variable, BASH_EXEC_IGNORE_LIBRARIES. If
set to true, the behaviour of bash-exec is modified: if a shell file has
a file extension and no shebang line, it is ignored, i.e., allowed to be
non-executable. This allows files that are only every sourced from other
shell files, acting as libraries and not executables, to have no
executable bit set without failing the bash-exec linter.
Emit a hopefully more helpful error message when the Git ref doesn't
exist. The error message is the same we use when getting changed files
only: it suggests checking that repository clone is not shallow, and
that the full history is available. Additionally, when running on
GitHub Actions, it also suggests checking the fetch-depth option of the
actions/checkout step.
Fix#5315
- Move log variables in log.sh to shorten linter.sh
- Source log.sh as soon as possible, so we can use log functions and
variables as soon as possible.
- Validate 'boolean' log variables: LOG_DEBUG, LOG_VERBOSE, LOG_NOTICE,
LOG_WARN, LOG_ERROR.
- Move foreground color markers from an associative array (that we
cannot export), inside the log function. This fixes an issue that we
discovered while working on #5254 where color markers were not
available to subprocesses.
- Remove background color markers because we don't use them.
In case of linting errors, print stdout and stderr (if present)
at the ERROR level if users set LOG_LEVEL to NOTICE to avoid
failures without any explanation.
Terrascan runs initialization anyway when scanning files, so there's no
point in running it at build time. Also, this works around a Terrascan
bug that caused it to fail its initialization if $HOME/.terrascan
directory is not present. This happens on GitHub Actions because it
configures a $HOME directory that is different from ours.
- Initialize GITHUB_DOMAIN as documented in the README
- Configure other URLs according to GITHUB_DOMAIN
- Automatically fetch SSH key fingerprints for GITHUB_DOMAINS
- Super-linter uses the LOG_LEVEL variable to let the user
configure the desired log level. Checkov and Renovate use a variable
with the same name for the same purpose, but accept a
different set of values, and exit with an error if it gets an unknown
value for that variable.
- Refactor the VERBOSE log level to the more commonly used INFO.
Configuration validation will warn users if they use VERBOSE and
instruct them to use INFO instead. This is not a breaking change
because super-linter falls back on INFO if VERBOSE is set.
- Remove the TRACE log level because we rarely used it. As with VERBOSE,
configuration validation will warn the user. Fall back to DEBUG if the
user configured LOG_LEVEL to VERBOSE.
Close#5217
- Check if Stdout and Stderr have elements before printing them.
- Run the super-linter action in a dedicated step using default logging to
inspect how the output looks during CI.