- Run jscpd, gitleaks, textlint against the entire workspace instead of
running them over single files, one by one.
- Implement a warning function for deprecated variables.
- Deprecate the VALIDATE_JSCPD_ALL_CODEBASE variable.
- Remove duplicate configuration files when they are the same as the
ones we provide in TEMPLATES.
- Add a missing tests for ansible-lint.
- Move ANSIBLE_DIRECTORY configuration when running tests in
buildFileList, where similar configs are.
- Simplify ansible-lint test cases to include only what's necessary, and
not an entire set of roles, playbooks, and inventory.
- Write instructions about major upgrades in the upgrade guide.
- Add support to run Checkov against infrastructure as code descriptors
that are in a given (configurable) directory. Defaults to lint the
whole workspace.
- Establish a baseline for our own codebase so we don't have to fix
issues right away with this change.
* Lint Go projects by directory
* Search for Go modules
* Fix test path
* Add test cases and fix command
* Change workdir
* Add a warning about false positives
* fatal instead of warn
* Move tests to the test directory
* Close group on fatal
* Don't fail in test mode
* Don't write colors and logs on disk if not necessary
* Set color markers
* Fix colors
* Fix linting errors
* Fix linting errors
* Use sudo to access logs
* Exit on errors when running Git
* Skip pulling changes entirely
* Enable pipefail when generating diffs
* Cleanup
* Shallow repo check
* Echo GITHUB_SHA update
* Check if GITHUB_SHA exists before using it
* Move GITHUB_SHA validation to validation script
* Rely on cat-file return code
* Check if DEFAULT_BRANCH exists
* Change dir when checking DEFAULT_BRANCH
* Show git branches
* Don't switch branches
* Check GITHUB_SHA only when needed
* Ensure we have permissions before interacting with the repo
* Remove the DIFF_CMD variable
* Move TEST_CASE_RUN and RUN_LOCAL init up
* Validate if Git repo and if SHA exists
* Move validation function
* Change dir when getting branch names
* Move debug messages up to be less verbose
* Move branch validation in a function
* Fix linting errors
* faster linter for cfn-lint and eslint
* workaround shfmt error
* fix xargs interleave large outputs
* parallel gitleaks
* fix exec bit, shfmt, bash linter
* show parallel --citation
* refactor a common interface using named pipe
* add readme for the experimental impl
* fix readme format
* minimize change in worker.sh
* will cite, showed once
* remove junk comment
* explicitly set EXPERIMENTAL_BATCH_WORKER=false
* fix: errors from github/super-linter:v5
* chore: add test case for csharp language which should pass
it shows that the current version of linter for csharp language reports false positive issues
* feat: use built-in linter for csharp language
https://github.com/dotnet/format/issues/1268
* chore: remove dotnet-format installation from install-dotnet.sh
dotnet format is a part of .NET 6 SDK and shouldn't be installed separately anymore
* docs: update linter name for dotnet
instead of dotnet-format built-in format command from dotnet is used (points to the same repository as before)
* chore: update linter name for dotnet in tests
---------
Co-authored-by: Zack Koppert <zkoppert@github.com>
* move from github org to super-linter org
* rename to super-linter org
* rename to super-linter org
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter and remove dockerhub reference
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rename org to super-linter
* rm dockerhub section link
The PSScriptAnalyzer expects a text file, not a PowerShell extension
on the filename. The latest version of powershell now respects this
rule and breaks testing as the settings file doesn't meet the requirements
of the linter.
Signed-off-by: Brett Logan <lindluni@github.com>
* Fix issues with the container image build
* Fix asl-validator version check
* Disable filename rule when running ktlint tests
* Bump asl-validator from 2.2.1 to 3.0.8 in /dependencies
Bumps [asl-validator](https://github.com/ChristopheBougere/asl-validator) from 2.2.1 to 3.0.8.
- [Release notes](https://github.com/ChristopheBougere/asl-validator/releases)
- [Commits](https://github.com/ChristopheBougere/asl-validator/compare/2.2.1...3.0.8)
---
updated-dependencies:
- dependency-name: asl-validator
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
* Show errors when using curl to call the status API
* Make the build more reproducible
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
All tests can't be run agaist single files.
golangci-lint have a dedicated list of linter adapted to single file
usage.
https://github.com/golangci/golangci-lint/issues/1574
Signed-off-by: Guilhem Lettron <guilhem@barpilot.io>
Since the $GITHUB_TOKEN is required only for the multi-status feature to
work, avoid printing an error in case the feature is explicitly
disabled and we don't pass $GITHUB_TOKEN to Super-Linter.
i.e. don't print:
```
2022-02-13 14:24:13 [ERROR] Failed to get [GITHUB_TOKEN]!
2022-02-13 14:24:13 [ERROR] []
2022-02-13 14:24:13 [ERROR] Please set a [GITHUB_TOKEN] from the main workflow environment to take advantage of multiple status reports!
```
when `MULTI_STATUS=false`.
* feat: add support for ssh keys and github.com connections
* refactor: allow github.com setup and update docs
* docs: add note about using ssh_key
* fix: run shfmt
* fix: add language to ssh key fence
* fix: make ssh setup script executable
* fix: gitleaks wins, openssh example removed
* notes
* docs: make the docs a little more clear
Co-authored-by: Admiral Awkbar <admiralawkbar@github.com>
* Lint the whole code base with JSCPD if VALIDATE_ALL_CODEBASE is true
* Use VALIDATE_JSCPD_ALL_CODEBASE
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
* Improve GITHUB_API_URL default value handling
GitHub Actions [already has](https://docs.github.com/en/actions/learn-github-actions/environment-variables#default-environment-variables) `GITHUB_API_URL` environment variable which contains GitHub API URL. We should be smart about overriding it and, if it exist and already has value, we should not override it.
* Strip slash from GITHUB_API_URL
* Update linter.sh
* Update linter.sh
* make shfmt happy
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
* Add support for google-java-format
* adding tests and array
* fix comma
* Update linter.sh
* get it in order
* fix hava version
Co-authored-by: Admiral Awkbar <admiralawkbar@github.com>
* Improve wording of LINTER_RULES_PATH docs (#1634).
* Add a template config file for ShellCheck (#1633).
Instruct ShellCheck to search SCRIPTDIR, the directory that the script
being linted is in, for other scripts that are sourced. Otherwise, the
commonly-used source command results in linter error SC1091. See
https://github.com/koalaman/shellcheck/wiki/SC1091 for more details.
* fix line ending
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
* Ignore files marked with @generated marker
`@generated` marker is used by certain tools to understand that the
file is generated, so it should be treated differently than a file
written by a human:
* these files do not need to be reformatted,
* diffs in these files are less important,
* and linters should not be invoked on these files.
This PR proposes builtin support for `@generated` marker (and
`@not-generated` marker to mark file as not generated when it
contains `@generated` marker, like `README.md`).
I have not found a standard for a generated file marker, but:
* Facebook [uses `@generated` marker](https://tinyurl.com/fb-generated)
* Phabricator tool which was spawned from Facebook internal tool
[also understands `@generated` marker](https://git.io/JnVHa)
* Cargo inserts `@generated` marker into [generated Cargo.lock files](https://git.io/JnVHP)
Super-linter supports regex includes and excludes, but they are
harder to maintain (each repository needs to be configured) than
patching the tools which generate the files.
My personal story is that I maintain rust-protobuf crate, which
started emitting `@generated` markers [six years ago](https://git.io/JnV5h)
after a request of a Phabricator user.
Test Plan:
Create a test file `test.sh`:
```
echo $a
```
Run:
```
docker run -e RUN_LOCAL=true -v $HOME/tmp/g:/tmp/lint super-linter-test
```
Result is:
```
In /tmp/lint/test.sh line 1:
echo $a
^-- SC2148: Tips depend on target shell and yours is unknown. Add a shebang or a 'shell' directive.
^-- SC2154: a is referenced but not assigned.
^-- SC2086: Double quote to prevent globbing and word splitting.
...
2021-06-22 23:46:16 [ERROR] ERRORS FOUND in BASH:[1]
```
Now add `@generated` to the file and run again:
```
2021-06-22 23:47:13 [NOTICE] All file(s) linted successfully with no errors detected
```
Additionally, add `@not-generated` in addition to `@generated`, and
linter error pops up again.
* cleanup
* remove space
* fix non utf return
* fix non utf return
Co-authored-by: Lukas Gravley <admiralawkbar@github.com>
* adding rules file
* fix naming
* cleanup
* make smart
* fixing the make
* adding template
* white space
* not sure how i got windows
* found the space
