- Remove axios, immer, ini, lodash, node-fetch that were installed to
run Trivy reports. We can remove them because we use the Trivy action.
- Remove the Trivy workflow that was disabled anyway.
Add a default (empty) configuration file for Checkov and a smoke test to
ensure that we catch the case where a default configuration file is not
present, and it should be.
- Remove build-time dependencies
- Remove cached NPM packages
- Remove cached PyPi packages
- Remove dependency descriptors. These still count against the total space,
although it's a few KBs
- Install rust-clippy and rust-fmt using the OS package manager instead of
maintaining our own installation script
- Add tests for build time dependencies that are not supposed to be installed
Recent versions of dart analyzer don't support the --options
configuration option anymore, so we cannot pass an arbitrary
configuration file. This commit removes the default dart analyzer
configuration file as well, because it's not needed anymore.
- Run jscpd, gitleaks, textlint against the entire workspace instead of
running them over single files, one by one.
- Implement a warning function for deprecated variables.
- Deprecate the VALIDATE_JSCPD_ALL_CODEBASE variable.
- Remove duplicate configuration files when they are the same as the
ones we provide in TEMPLATES.
- Add a missing tests for ansible-lint.
- Move ANSIBLE_DIRECTORY configuration when running tests in
buildFileList, where similar configs are.
- Simplify ansible-lint test cases to include only what's necessary, and
not an entire set of roles, playbooks, and inventory.
- Write instructions about major upgrades in the upgrade guide.
- Add support to run Checkov against infrastructure as code descriptors
that are in a given (configurable) directory. Defaults to lint the
whole workspace.
- Establish a baseline for our own codebase so we don't have to fix
issues right away with this change.
- Fail if the installation of a R package fails.
- Install the remotes package once during the image build, and not when we scan
files at runtime.
- Reuse the default R library directory instead of moving it to /home/r-library
* Lint Go projects by directory
* Search for Go modules
* Fix test path
* Add test cases and fix command
* Change workdir
* Add a warning about false positives
* fatal instead of warn
* Move tests to the test directory
* Close group on fatal
* Don't fail in test mode
* Update documentation
* Fix typos
* Update security policy
* Remove outdated instructions
* Fix list
* Add more info to config load step
* Don't test linter.yml
* Point to the cd workflow in README
* Move badge up
* Add info about Make help
---------
Co-authored-by: Zack Koppert <zkoppert@github.com>
* chore: add test case for csharp language which should pass
it shows that the current version of linter for csharp language reports false positive issues
* feat: use built-in linter for csharp language
https://github.com/dotnet/format/issues/1268
* chore: remove dotnet-format installation from install-dotnet.sh
dotnet format is a part of .NET 6 SDK and shouldn't be installed separately anymore
* docs: update linter name for dotnet
instead of dotnet-format built-in format command from dotnet is used (points to the same repository as before)
* chore: update linter name for dotnet in tests
---------
Co-authored-by: Zack Koppert <zkoppert@github.com>
The PSScriptAnalyzer expects a text file, not a PowerShell extension
on the filename. The latest version of powershell now respects this
rule and breaks testing as the settings file doesn't meet the requirements
of the linter.
Signed-off-by: Brett Logan <lindluni@github.com>
* Fix issues with the container image build
* Fix asl-validator version check
* Disable filename rule when running ktlint tests
* Bump asl-validator from 2.2.1 to 3.0.8 in /dependencies
Bumps [asl-validator](https://github.com/ChristopheBougere/asl-validator) from 2.2.1 to 3.0.8.
- [Release notes](https://github.com/ChristopheBougere/asl-validator/releases)
- [Commits](https://github.com/ChristopheBougere/asl-validator/compare/2.2.1...3.0.8)
---
updated-dependencies:
- dependency-name: asl-validator
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* Show errors when using curl to call the status API
* Make the build more reproducible
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Build static python depenencies
* Address linting
* Fix copy path
* cleaner
* Stage virtual environments
* Update Dockerfile to support virtual environments
* Remove old python builds
* Remove unnecessary RUN step
* Fix merge conflicts
* Remove test checking for PIP packages
We use virtual environments and no longer install the packages
via pip directly in the image. It should be enough that the version
tests check for the existence already and that the version
comes back correctly.
* Remove binary installation of black
* cleaner
* Remove pip
* pretty
Co-authored-by: Admiral Awkbar <admiralawkbar@github.com>
* Add support for google-java-format
* adding tests and array
* fix comma
* Update linter.sh
* get it in order
* fix hava version
Co-authored-by: Admiral Awkbar <admiralawkbar@github.com>
* Ignore files marked with @generated marker
`@generated` marker is used by certain tools to understand that the
file is generated, so it should be treated differently than a file
written by a human:
* these files do not need to be reformatted,
* diffs in these files are less important,
* and linters should not be invoked on these files.
This PR proposes builtin support for `@generated` marker (and
`@not-generated` marker to mark file as not generated when it
contains `@generated` marker, like `README.md`).
I have not found a standard for a generated file marker, but:
* Facebook [uses `@generated` marker](https://tinyurl.com/fb-generated)
* Phabricator tool which was spawned from Facebook internal tool
[also understands `@generated` marker](https://git.io/JnVHa)
* Cargo inserts `@generated` marker into [generated Cargo.lock files](https://git.io/JnVHP)
Super-linter supports regex includes and excludes, but they are
harder to maintain (each repository needs to be configured) than
patching the tools which generate the files.
My personal story is that I maintain rust-protobuf crate, which
started emitting `@generated` markers [six years ago](https://git.io/JnV5h)
after a request of a Phabricator user.
Test Plan:
Create a test file `test.sh`:
```
echo $a
```
Run:
```
docker run -e RUN_LOCAL=true -v $HOME/tmp/g:/tmp/lint super-linter-test
```
Result is:
```
In /tmp/lint/test.sh line 1:
echo $a
^-- SC2148: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
^-- SC2154: a is referenced but not assigned.
^-- SC2086: Double quote to prevent globbing and word splitting.
...
2021-06-22 23:46:16 [ERROR] ERRORS FOUND in BASH:[1]
```
Now add `@generated` to the file and run again:
```
2021-06-22 23:47:13 [NOTICE] All file(s) linted successfully with no errors detected
```
Additionally, add `@not-generated` in addition to `@generated`, and
linter error pops up again.
* cleanup
* remove space
* fix non utf return
* fix non utf return
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
* adding new one...
* adding automation
* linter
* pull apart for faster builds
* maybe
* update automation
* fix that
* prime is smart
* fixed it
* quotes
* fix build image
* inpec
* typo
* forgot backslash
* fixed hairbrain logic
* this should help cleanup
* i hate r
* order
* maybe fix r
* maybe fix r
* update readme
* remove spaces
* update
* adding it
* fix typo
* fix tests
* adding back jsonlint
* adding back jsonlint
* fix spacing
* found the typo
* add tests
* adding rules for json
* add to local