chore(deps): bump oxsecurity/megalinter from 7.1.0 to 7.3.0

[dependabot]

Bumps oxsecurity/megalinter from 7.1.0 to 7.3.0.

Release notes

Sourced from oxsecurity/megalinter's releases.

MegaLinter v7.3.0

What's Changed

• Features

  • Allow to define linter + _COMMAND_REMOVE_ARGUMENTS to remove a command line argument internally added by MegaLinter, by @​nvuillam in oxsecurity/megalinter#2874

• Media

  • Article: Azure Devops & MegaLinter Auto PR, by @​EtienneDeneuve

• Fixes

  • Replace https://megalinter.io/config-file by https://megalinter.io/latest/config-file to avoid lychee 404 detection, by @​nvuillam in oxsecurity/megalinter#2871
  • Improve docs for posting comments to PRs in GitHub Enterprise
  • Configured Grype to automatically ignore CVE-2018-20225 which is disputed, by @​andrewvaughan in oxsecurity/megalinter#2864
  • docs: improve wording for GHE API endpoint, by @​mihaigalos in oxsecurity/megalinter#2876
  • Update Azure Installation doc to handle auto-commit, by @​EtienneDeneuve in oxsecurity/megalinter#2848

• CodeTotal

  • Redis reporter: Return URL of linter icons when available, in property iconPngUrl
  • Allow to run CodeTotal with a single command npx mega-linter-runner@latest --codetotal , that opens CodeTotal in Web Browser once started, by @​nvuillam in oxsecurity/megalinter#2877

• Linter versions upgrades

  • bicep_linter from 0.19.5 to 0.20.4
  • cfn-lint from 0.79.2 to 0.79.6
  • checkov from 2.3.343 to 2.3.360
  • checkstyle from 10.12.1 to 10.12.2
  • cspell from 6.31.2 to 6.31.3
  • devskim from 1.0.1 to 1.0.18
  • dotnet-format from 6.0.412 to 6.0.413
  • eslint from 8.45.0 to 8.46.0
  • flake8 from 6.0.0 to 6.1.0
  • golangci-lint from 1.53.3 to 1.54.0
  • kics from 1.7.4 to 1.7.5
  • phpstan from 1.10.26 to 1.10.28
  • prettier from 3.0.0 to 3.0.1
  • psalm from Psalm.5.13.1@ to Psalm.5.14.1@
  • puppet-lint from 4.0.0 to 4.0.1
  • pyright from 1.1.318 to 1.1.321
  • rubocop from 1.55.0 to 1.56.0
  • ruff from 0.0.280 to 0.0.284
  • secretlint from 7.0.3 to 7.0.7
  • semgrep from 1.33.2 to 1.34.1
  • sfdx-scanner-apex from 3.14.0 to 3.15.0
  • sfdx-scanner-aura from 3.14.0 to 3.15.0
  • sfdx-scanner-lwc from 3.14.0 to 3.15.0
  • snakemake from 7.31.0 to 7.32.3
  • spectral from 6.10.0 to 6.10.1
  • sqlfluff from 2.1.4 to 2.2.1
  • syft from 0.85.0 to 0.86.1
  • terraform-fmt from 1.5.3 to 1.5.4
  • terragrunt from 0.48.4 to 0.48.6

... (truncated)

Changelog

Sourced from oxsecurity/megalinter's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased] (beta, main branch content)

Note: Can be used with oxsecurity/megalinter@beta in your GitHub Action mega-linter.yml file, or with oxsecurity/megalinter:beta docker image

• Linter versions upgrades

[v7.3.0] - 2023-08-10

• Features

  • Allow to define linter_key**_COMMAND_REMOVE_ARGUMENTS** to remove a command line argument internally added by MegaLinter

• Fixes

  • Replace https://megalinter.io/config-file by https://megalinter.io/latest/config-file to avoid lychee 404 detection
  • Improve docs for posting comments to PRs in GitHub Enterprise

• CodeTotal

  • Redis reporter: Return URL of linter icons when available, in property iconPngUrl
  • Allow to run CodeTotal with a single command npx mega-linter-runner@latest --codetotal , that opens CodeTotal in Web Browser once started

• Linter versions upgrades

  • bicep_linter from 0.19.5 to 0.20.4
  • cfn-lint from 0.79.2 to 0.79.6
  • checkov from 2.3.343 to 2.3.360
  • checkstyle from 10.12.1 to 10.12.2
  • cspell from 6.31.2 to 6.31.3
  • devskim from 1.0.1 to 1.0.18
  • dotnet-format from 6.0.412 to 6.0.413
  • eslint from 8.45.0 to 8.46.0
  • flake8 from 6.0.0 to 6.1.0
  • golangci-lint from 1.53.3 to 1.54.0
  • kics from 1.7.4 to 1.7.5
  • phpstan from 1.10.26 to 1.10.28
  • prettier from 3.0.0 to 3.0.1
  • psalm from Psalm.5.13.1@ to Psalm.5.14.1@
  • puppet-lint from 4.0.0 to 4.0.1
  • pyright from 1.1.318 to 1.1.321
  • rubocop from 1.55.0 to 1.56.0
  • ruff from 0.0.280 to 0.0.284
  • secretlint from 7.0.3 to 7.0.7
  • semgrep from 1.33.2 to 1.34.1
  • sfdx-scanner-apex from 3.14.0 to 3.15.0
  • sfdx-scanner-aura from 3.14.0 to 3.15.0
  • sfdx-scanner-lwc from 3.14.0 to 3.15.0

... (truncated)

Commits

• fda6ac3 Release MegaLinter 7.3.0
• 9103bf4 [automation] Auto-update linters version, help and documentation (#2878)
• 832236e mega-linter-runner --codetotal (#2877)
• 8d5dd3e feat(azure): Update install-azure.md, add a more complex setup to auto create...
• 70bcc5d docs: improve wording for GHE API endpoint (#2876)
• d0d5715 Allow to define linter_key**_COMMAND_REMOVE_ARGUMENTS** to remove a command l...
• 0e688aa [automation] Auto-update linters version, help and documentation (#2872)
• 1e22433 Fix https://megalinter.io/config-file 404 URL (#2871)
• 06ab886 [automation] Auto-update linters version, help and documentation (#2861)
• 4527131 Configured Grype to automatically ignore CVE-2018-20225 which is disputed and...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	8		0	0.11s
✅ DOCKERFILE	hadolint	1		0	0.5s
✅ JSON	eslint-plugin-jsonc	8	0	0	7.81s
✅ JSON	prettier	8	0	0	1.06s
✅ JSON	v8r	8		0	5.88s
✅ MARKDOWN	markdownlint	3	0	0	1.08s
✅ MARKDOWN	markdown-link-check	3		0	3.86s
✅ MARKDOWN	markdown-table-formatter	3	0	0	0.41s
✅ REPOSITORY	checkov	yes		no	38.21s
✅ REPOSITORY	dustilock	yes		no	0.03s
✅ REPOSITORY	gitleaks	yes		no	0.31s
✅ REPOSITORY	git_diff	yes		no	0.0s
✅ REPOSITORY	grype	yes		no	11.7s
✅ REPOSITORY	secretlint	yes		no	2.02s
✅ REPOSITORY	syft	yes		no	0.19s
✅ REPOSITORY	trivy	yes		no	13.52s
✅ REPOSITORY	trivy-sbom	yes		no	1.18s
✅ REPOSITORY	trufflehog	yes		no	1.46s
✅ SPELL	lychee	28		0	0.78s
✅ YAML	prettier	10	3	0	1.06s
✅ YAML	v8r	10		0	10.39s
✅ YAML	yamllint	10		0	0.38s

See detailed report in MegaLinter reports

MegaLinter is graciously provided by