Bump oxsecurity/megalinter from 9.4.0 to 9.6.0

[dependabot]

Bumps oxsecurity/megalinter from 9.4.0 to 9.6.0.

Release notes

Sourced from oxsecurity/megalinter's releases.

v9.6.0

What's Changed

• Breaking changes

  • Linters can no longer be run via a sibling Docker image at runtime. The cli_docker_image, cli_docker_image_version and cli_docker_args descriptor properties (and the matching <LINTER>_DOCKER_IMAGE_VERSION variable) have been removed, and MegaLinter no longer mounts /var/run/docker.sock (in mega-linter-runner, the GitHub Action action.yml files, and the Docker daemon previously bundled in flavor images). This closes the host-privilege escalation surface that the mounted Docker socket exposed. The only linter that used this mechanism was SWIFT_SWIFTLINT, now installed natively (see below). (#8216)
  • SWIFT_SWIFTLINT is now installed from the static swiftlint-static binary instead of running the ghcr.io/realm/swiftlint container. It runs natively on the Alpine image with no Docker socket required. SourceKit-dependent rules are disabled in this build and reported to the console when encountered; pure-syntax style rules are unaffected. (#8216)
  • @eslint/eslintrc shim removed from JavaScript/TypeScript/JSX/TSX Docker images (was only needed for legacy FlatCompat); MegaLinter's bundled test fixtures use native flat config. (#7869)
  • ESLint linters now force migration off .eslintrc.*: JAVASCRIPT_ES, TYPESCRIPT_ES, JSX_ESLINT, TSX_ESLINT activate when they find any eslint.config.* or any deprecated .eslintrc.* / package.json#eslintConfig. In the legacy case the linter does not call ESLint at all — it emits a single hard failure with a migration message so the build stays red until the config is migrated to flat config. See the ESLint flat-config migration guide. To opt out, set DISABLE_LINTERS or DISABLE to exclude the affected linter/descriptor. (#7869)
  • JSON_ESLINT_PLUGIN_JSONC removed: upstream bug ota-meshi/eslint-plugin-jsonc#328 blocks ESLint v10 compatibility and will not be fixed. Use JSON_JSONLINT, JSON_PRETTIER, or JSON_V8R for JSON validation instead. (#7869)

• Core

  • New linter descriptor property common_linter_errors: declare known non-lint failure patterns (config issue, remote service down, missing credentials…) and the guidance message shown to users, directly in YAML — no custom Python class needed. (#7907)
  • Skipped-linters summary now explains why a linter was skipped by an activation rule, including the variable to set to activate it (e.g. MARKDOWN_RUMDL: MARKDOWN_DEFAULT_STYLE=markdownlint (set MARKDOWN_DEFAULT_STYLE=rumdl to activate)), fixing #8017.

• New linters

  • Add betterleaks linter for repository secrets scanning — successor to gitleaks with higher recall (98.6% vs 70.4%), lower false-positive rates, and 4–5× faster scanning via BPE-based detection and CEL filter expressions (#8186)

• Disabled linters

  • SALESFORCE_SFDX_SCANNER_APEX, SALESFORCE_SFDX_SCANNER_AURA and SALESFORCE_SFDX_SCANNER_LWC — disabled because sfdx-scanner 4.12.0 crashes on Node.js 22+ (TypeError: Cannot read properties of undefined (reading 'prototype'), caused by the removal of SlowBuffer.prototype), which is shipped with Alpine 3.24. These linters were already deprecated; use the SALESFORCE_CODE_ANALYZER_APEX / SALESFORCE_CODE_ANALYZER_AURA / SALESFORCE_CODE_ANALYZER_LWC variants instead (#8080).

• Deprecated linters

  • REPOSITORY_GITLEAKS — deprecated in favour of REPOSITORY_BETTERLEAKS (same author, fully compatible config, significantly better detection). Will be removed in the next major release. Disable it by adding REPOSITORY_GITLEAKS to DISABLE_LINTERS in your .mega-linter.yml. (#8186)

• Removed linters

  • JSON_ESLINT_PLUGIN_JSONC — permanently broken by upstream bug (see Breaking changes) (#7869)

• Linters enhancements

  • REPOSITORY_CHECKOV: in pull-request mode, scan only the files modified in the PR instead of the whole repository (#7119)

• Fixes

  • REPOSITORY_BETTERLEAKS: default scan now runs in filesystem (dir) mode instead of auto-switching to git-history (git) mode when a git repository is detected. betterleaks does not read the global git safe.directory config, so git mode failed with fatal: detected dubious ownership in repository in CI environments (e.g. GitHub Actions /github/workspace). Git-history mode is still used for the opt-in REPOSITORY_BETTERLEAKS_PR_COMMITS_SCAN feature. (#8186)
  • REPOSITORY_BETTERLEAKS: added --verbose so detected findings (file, line and rule) are reported instead of only the leaks found: N summary, matching gitleaks behavior. Secret values stay redacted via --redact. (#8186)
  • REPOSITORY_OSV_SCANNER: exit code 128 ("No package sources found") is now treated as a clean pass instead of a failure — osv-scanner returns this code when the repo contains no lockfiles/manifests/SBOMs, which is not a vulnerability finding (#7917).
  • Fix intermittent ansible-lint load-failure[not-found] error on github_conf/branch_protection_rules.json caused by a race condition with checkov running in parallel. Checkov's transient GitHub-conf directory is now written to a hidden path (.megalinter_github_conf) that project-mode linters skip, eliminating the conflict (#8092).
  • Complete the Alpine 3.24 upgrade across the whole image and fix how alpine version is detected. Docker images now build on the python:3.14-alpine3.24 base image (#8080).
  • Avoid DeprecationWarning / future breakage on Python 3.14 by no longer passing count and flags as positional arguments to re.sub (#8211).
  • Exclude REPORT_OUTPUT_FOLDER from linting when configured as an absolute path inside the workspace (e.g. /tmp/lint/megalinter-reports), fixing #7845.
  • Fix command injection in Roslynator linter (DOTNET_ROSLYNATOR) where a crafted .csproj filename could break out of dotnet restore arguments and execute arbitrary shell commands. The command is now invoked via argv list instead of a shell string. Reported by Francesco Sabiu. (#7857)
  • Fix IndexError when building the single-linter Docker image for a linter whose activation depends on a file (e.g. SPELL_VALE requires .vale.ini): python -m megalinter.run --linterversion now bypasses activation filtering since the per-linter image is built for that linter unconditionally.
  • Fix make bootstrap appearing to hang because exported Make color variables re-evaluated tput during recursive make invocations. (#8090)
  • Allow MegaLinter containers to run in an opt-in non-root mode matching the host UID:GID on POSIX systems, avoiding root-owned generated files on the host (#1975).
  • Restore missing examples in the Dart descriptor that were dropped from the generated documentation (#7913).

• Reporters

  • Update Bitbucket pipeline generator template to trigger builds on pull requests from any branch, by @​yermulnik in oxsecurity/megalinter#7421

• Doc

  • Add pnpm installation and usage documentation for JavaScript and TypeScript linters (#8177)
  • Update Docker pull counters in README badges and flavors-stats.json with latest ghcr.io stats
  • Bump peter-evans/create-pull-request to v8 in the documented workflow examples (#8089)

... (truncated)

Changelog

Sourced from oxsecurity/megalinter's changelog.

[v9.6.0] - 2026-06-28

• Breaking changes

  • Linters can no longer be run via a sibling Docker image at runtime. The cli_docker_image, cli_docker_image_version and cli_docker_args descriptor properties (and the matching <LINTER>_DOCKER_IMAGE_VERSION variable) have been removed, and MegaLinter no longer mounts /var/run/docker.sock (in mega-linter-runner, the GitHub Action action.yml files, and the Docker daemon previously bundled in flavor images). This closes the host-privilege escalation surface that the mounted Docker socket exposed. The only linter that used this mechanism was SWIFT_SWIFTLINT, now installed natively (see below). (#8216)
  • SWIFT_SWIFTLINT is now installed from the static swiftlint-static binary instead of running the ghcr.io/realm/swiftlint container. It runs natively on the Alpine image with no Docker socket required. SourceKit-dependent rules are disabled in this build and reported to the console when encountered; pure-syntax style rules are unaffected. (#8216)
  • @eslint/eslintrc shim removed from JavaScript/TypeScript/JSX/TSX Docker images (was only needed for legacy FlatCompat); MegaLinter's bundled test fixtures use native flat config. (#7869)
  • ESLint linters now force migration off .eslintrc.*: JAVASCRIPT_ES, TYPESCRIPT_ES, JSX_ESLINT, TSX_ESLINT activate when they find any eslint.config.* or any deprecated .eslintrc.* / package.json#eslintConfig. In the legacy case the linter does not call ESLint at all — it emits a single hard failure with a migration message so the build stays red until the config is migrated to flat config. See the ESLint flat-config migration guide. To opt out, set DISABLE_LINTERS or DISABLE to exclude the affected linter/descriptor. (#7869)
  • JSON_ESLINT_PLUGIN_JSONC removed: upstream bug ota-meshi/eslint-plugin-jsonc#328 blocks ESLint v10 compatibility and will not be fixed. Use JSON_JSONLINT, JSON_PRETTIER, or JSON_V8R for JSON validation instead. (#7869)

• Core

  • New linter descriptor property common_linter_errors: declare known non-lint failure patterns (config issue, remote service down, missing credentials…) and the guidance message shown to users, directly in YAML — no custom Python class needed. (#7907)
  • Skipped-linters summary now explains why a linter was skipped by an activation rule, including the variable to set to activate it (e.g. MARKDOWN_RUMDL: MARKDOWN_DEFAULT_STYLE=markdownlint (set MARKDOWN_DEFAULT_STYLE=rumdl to activate)), fixing #8017.

• New linters

  • Add betterleaks linter for repository secrets scanning — successor to gitleaks with higher recall (98.6% vs 70.4%), lower false-positive rates, and 4–5× faster scanning via BPE-based detection and CEL filter expressions (#8186)

• Disabled linters

  • SALESFORCE_SFDX_SCANNER_APEX, SALESFORCE_SFDX_SCANNER_AURA and SALESFORCE_SFDX_SCANNER_LWC — disabled because sfdx-scanner 4.12.0 crashes on Node.js 22+ (TypeError: Cannot read properties of undefined (reading 'prototype'), caused by the removal of SlowBuffer.prototype), which is shipped with Alpine 3.24. These linters were already deprecated; use the SALESFORCE_CODE_ANALYZER_APEX / SALESFORCE_CODE_ANALYZER_AURA / SALESFORCE_CODE_ANALYZER_LWC variants instead (#8080).

• Deprecated linters

  • REPOSITORY_GITLEAKS — deprecated in favour of REPOSITORY_BETTERLEAKS (same author, fully compatible config, significantly better detection). Will be removed in the next major release. Disable it by adding REPOSITORY_GITLEAKS to DISABLE_LINTERS in your .mega-linter.yml. (#8186)

• Removed linters

  • JSON_ESLINT_PLUGIN_JSONC — permanently broken by upstream bug (see Breaking changes) (#7869)

• Linters enhancements

  • REPOSITORY_CHECKOV: in pull-request mode, scan only the files modified in the PR instead of the whole repository (#7119)

• Fixes

  • REPOSITORY_BETTERLEAKS: default scan now runs in filesystem (dir) mode instead of auto-switching to git-history (git) mode when a git repository is detected. betterleaks does not read the global git safe.directory config, so git mode failed with fatal: detected dubious ownership in repository in CI environments (e.g. GitHub Actions /github/workspace). Git-history mode is still used for the opt-in REPOSITORY_BETTERLEAKS_PR_COMMITS_SCAN feature. (#8186)
  • REPOSITORY_BETTERLEAKS: added --verbose so detected findings (file, line and rule) are reported instead of only the leaks found: N summary, matching gitleaks behavior. Secret values stay redacted via --redact. (#8186)
  • REPOSITORY_OSV_SCANNER: exit code 128 ("No package sources found") is now treated as a clean pass instead of a failure — osv-scanner returns this code when the repo contains no lockfiles/manifests/SBOMs, which is not a vulnerability finding (#7917).
  • Fix intermittent ansible-lint load-failure[not-found] error on github_conf/branch_protection_rules.json caused by a race condition with checkov running in parallel. Checkov's transient GitHub-conf directory is now written to a hidden path (.megalinter_github_conf) that project-mode linters skip, eliminating the conflict (#8092).
  • Complete the Alpine 3.24 upgrade across the whole image and fix how alpine version is detected. Docker images now build on the python:3.14-alpine3.24 base image (#8080).
  • Avoid DeprecationWarning / future breakage on Python 3.14 by no longer passing count and flags as positional arguments to re.sub (#8211).
  • Exclude REPORT_OUTPUT_FOLDER from linting when configured as an absolute path inside the workspace (e.g. /tmp/lint/megalinter-reports), fixing #7845.
  • Fix command injection in Roslynator linter (DOTNET_ROSLYNATOR) where a crafted .csproj filename could break out of dotnet restore arguments and execute arbitrary shell commands. The command is now invoked via argv list instead of a shell string. Reported by Francesco Sabiu. (#7857)
  • Fix IndexError when building the single-linter Docker image for a linter whose activation depends on a file (e.g. SPELL_VALE requires .vale.ini): python -m megalinter.run --linterversion now bypasses activation filtering since the per-linter image is built for that linter unconditionally.
  • Fix make bootstrap appearing to hang because exported Make color variables re-evaluated tput during recursive make invocations. (#8090)
  • Allow MegaLinter containers to run in an opt-in non-root mode matching the host UID:GID on POSIX systems, avoiding root-owned generated files on the host (#1975).
  • Restore missing examples in the Dart descriptor that were dropped from the generated documentation (#7913).

• Reporters

  • Update Bitbucket pipeline generator template to trigger builds on pull requests from any branch, by @​yermulnik in oxsecurity/megalinter#7421

• Doc

  • Add pnpm installation and usage documentation for JavaScript and TypeScript linters (#8177)
  • Update Docker pull counters in README badges and flavors-stats.json with latest ghcr.io stats
  • Bump peter-evans/create-pull-request to v8 in the documented workflow examples (#8089)

... (truncated)

Commits

• ef3e84b Release MegaLinter v9.6.0
• 8b9259b Skill prepare-release (#8245)
• 5810155 chore(deps): bump pymdown-extensions from 10.21.3 to 11.0 in /.config/python/...
• aca415c chore(deps): update dependency semver to v7.8.5 (#8198)
• 2d8b274 Remove max-parallel for linters
• e9ab3e9 chore(ci): manual run of deploy linters beta job (#8242)
• a8a6368 Changelog (#8241)
• 7f363c6 [automation] Auto-update linters version, help and documentation (#8215)
• bce5232 chore(deps): update ghcr.io/astral-sh/uv docker tag to v0.11.25 (#8232)
• 9d98266 chore(deps): update dependency realm/swiftlint to v0.65.0 (#8240)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
❌ ACTION	actionlint	1		1	0	0.09s
❌ ACTION	zizmor	1		1	0	0.3s
❌ C	clang-format	112		1	0	0.98s
❌ C	cppcheck	112		2	0	11.31s
❌ C	cpplint	112		3360	0	23.17s
❌ COPYPASTE	jscpd	yes		265	no	2.34s
❌ CPP	clang-format	72		1	0	0.74s
❌ CPP	cppcheck	72		2	0	2.34s
❌ CPP	cpplint	72		857	0	9.03s
⚠️ MARKDOWN	markdownlint	1		52	0	0.58s
✅ MARKDOWN	markdown-table-formatter	1		0	0	0.23s
✅ REPOSITORY	betterleaks	yes		no	no	0.88s
❌ REPOSITORY	checkov	yes		1	no	22.43s
✅ REPOSITORY	gitleaks	yes		no	no	4.53s
✅ REPOSITORY	git_diff	yes		no	no	0.03s
✅ REPOSITORY	grype	yes		no	no	59.6s
✅ REPOSITORY	osv-scanner	yes		no	no	0.21s
✅ REPOSITORY	secretlint	yes		no	no	1.15s
✅ REPOSITORY	syft	yes		no	no	1.86s
✅ REPOSITORY	trivy	yes		no	no	13.13s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.17s
✅ REPOSITORY	trufflehog	yes		no	no	3.9s
❌ SPELL	lychee	24		1	0	0.95s
✅ XML	xmllint	1		0	0	0.15s
⚠️ YAML	prettier	2		1	2	0.33s
✅ YAML	v8r	2		0	0	2.42s
❌ YAML	yamllint	2		9	0	0.45s

Detailed Issues

❌ ACTION / actionlint - 1 error

.github/workflows/build.yml:135:9: shellcheck reported issue in this script: SC2086:info:3:41: Double quote to prevent globbing and word splitting [shellcheck]
    |
135 |         run: |
    |         ^~~~

❌ REPOSITORY / checkov - 1 error

github_actions scan results:

Passed checks: 71, Failed checks: 1, Skipped checks: 0

Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Build, Lint & Coverage)
	File: /.github/workflows/build.yml:17-18

❌ C / clang-format - 1 error

ASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument

(Truncated to last 2857 characters out of 19263)

❌ CPP / clang-format - 1 error

ASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument
.clang-format:62:36: error: invalid boolean
AllowShortCaseLabelsOnASingleLine: Never
                                   ^~~~~
Error reading .clang-format: Invalid argument

(Truncated to last 2857 characters out of 12383)

❌ C / cppcheck - 2 errors

c/ports/STM32/opener.h
✅ [SUCCESS] source/src/ports/STM32/opener_error.c
✅ [SUCCESS] source/src/ports/STM32/platform_network_includes.h
✅ [SUCCESS] source/src/ports/STM32/sample_application/ethlinkcbs.c
✅ [SUCCESS] source/src/ports/STM32/sample_application/ethlinkcbs.h
✅ [SUCCESS] source/src/ports/STM32/sample_application/opener_user_conf.h
✅ [SUCCESS] source/src/ports/STM32/sample_application/sampleapplication.c
✅ [SUCCESS] source/src/ports/WIN32/main.c
✅ [SUCCESS] source/src/ports/WIN32/networkconfig.c
✅ [SUCCESS] source/src/ports/WIN32/networkconfig.h
✅ [SUCCESS] source/src/ports/WIN32/networkhandler.c
✅ [SUCCESS] source/src/ports/WIN32/opener_error.c
✅ [SUCCESS] source/src/ports/WIN32/platform_network_includes.h
✅ [SUCCESS] source/src/ports/WIN32/sample_application/ethlinkcbs.c
✅ [SUCCESS] source/src/ports/WIN32/sample_application/ethlinkcbs.h
✅ [SUCCESS] source/src/ports/WIN32/sample_application/opener_user_conf.h
✅ [SUCCESS] source/src/ports/WIN32/sample_application/sampleapplication.c
✅ [SUCCESS] source/src/ports/generic_networkhandler.c
✅ [SUCCESS] source/src/ports/generic_networkhandler.h
✅ [SUCCESS] source/src/ports/networkhandler.h
✅ [SUCCESS] source/src/ports/nvdata/conffile.c
✅ [SUCCESS] source/src/ports/nvdata/conffile.h
✅ [SUCCESS] source/src/ports/nvdata/nvdata.c
✅ [SUCCESS] source/src/ports/nvdata/nvdata.h
✅ [SUCCESS] source/src/ports/nvdata/nvqos.c
✅ [SUCCESS] source/src/ports/nvdata/nvqos.h
✅ [SUCCESS] source/src/ports/nvdata/nvtcpip.c
✅ [SUCCESS] source/src/ports/nvdata/nvtcpip.h
✅ [SUCCESS] source/src/ports/opener_error.h
✅ [SUCCESS] source/src/ports/socket_timer.c
✅ [SUCCESS] source/src/ports/socket_timer.h
✅ [SUCCESS] source/src/trace.h
✅ [SUCCESS] source/src/typedefs.h
✅ [SUCCESS] source/src/utils/doublylinkedlist.c
✅ [SUCCESS] source/src/utils/doublylinkedlist.h
✅ [SUCCESS] source/src/utils/enipmessage.c
✅ [SUCCESS] source/src/utils/enipmessage.h
❌ [ERROR] source/src/utils/random.c
    Checking source/src/utils/random.c ...
    source/src/utils/random.c:14:4: warning: If memory allocation fails, then there is a possible null pointer dereference: random [nullPointerOutOfMemory]
      *random =
       ^
    source/src/utils/random.c:13:26: note: Assuming allocation function fails
      Random *random = malloc( sizeof(Random) );
                             ^
    source/src/utils/random.c:13:26: note: Assignment 'random=malloc(sizeof(struct Random))', assigned value is 0
      Random *random = malloc( sizeof(Random) );
                             ^
    source/src/utils/random.c:14:4: note: Null pointer dereference
      *random =
       ^

✅ [SUCCESS] source/src/utils/random.h
✅ [SUCCESS] source/src/utils/xorshiftrandom.c
✅ [SUCCESS] source/src/utils/xorshiftrandom.h
✅ [SUCCESS] source/tests/OpENerTests.h
✅ [SUCCESS] source/tests/check_assert.h
✅ [SUCCESS] source/tests/test_assert.h


(Truncated to last 2857 characters out of 6579)

❌ CPP / cppcheck - 2 errors

izeof(CipOctet))', assigned value is 0
      CipOctet *message = (CipOctet *)calloc (6, sizeof(CipOctet) );
                          ^
    source/tests/cip/cipepathtest.cpp:376:3: note: Null pointer dereference
      message[2] = 21;
      ^
    source/tests/cip/cipepathtest.cpp:377:3: warning: If memory allocation fails, then there is a possible null pointer dereference: message [nullPointerOutOfMemory]
      message[3] = 22;
      ^
    source/tests/cip/cipepathtest.cpp:371:42: note: Assuming allocation function fails
      CipOctet *message = (CipOctet *)calloc (6, sizeof(CipOctet) );
                                             ^
    source/tests/cip/cipepathtest.cpp:371:23: note: Assignment 'message=(CipOctet*)calloc(6,sizeof(CipOctet))', assigned value is 0
      CipOctet *message = (CipOctet *)calloc (6, sizeof(CipOctet) );
                          ^
    source/tests/cip/cipepathtest.cpp:377:3: note: Null pointer dereference
      message[3] = 22;
      ^
    source/tests/cip/cipepathtest.cpp:378:3: warning: If memory allocation fails, then there is a possible null pointer dereference: message [nullPointerOutOfMemory]
      message[4] = 23;
      ^
    source/tests/cip/cipepathtest.cpp:371:42: note: Assuming allocation function fails
      CipOctet *message = (CipOctet *)calloc (6, sizeof(CipOctet) );
                                             ^
    source/tests/cip/cipepathtest.cpp:371:23: note: Assignment 'message=(CipOctet*)calloc(6,sizeof(CipOctet))', assigned value is 0
      CipOctet *message = (CipOctet *)calloc (6, sizeof(CipOctet) );
                          ^
    source/tests/cip/cipepathtest.cpp:378:3: note: Null pointer dereference
      message[4] = 23;
      ^
    source/tests/cip/cipepathtest.cpp:379:3: warning: If memory allocation fails, then there is a possible null pointer dereference: message [nullPointerOutOfMemory]
      message[5] = 24;
      ^
    source/tests/cip/cipepathtest.cpp:371:42: note: Assuming allocation function fails
      CipOctet *message = (CipOctet *)calloc (6, sizeof(CipOctet) );
                                             ^
    source/tests/cip/cipepathtest.cpp:371:23: note: Assignment 'message=(CipOctet*)calloc(6,sizeof(CipOctet))', assigned value is 0
      CipOctet *message = (CipOctet *)calloc (6, sizeof(CipOctet) );
                          ^
    source/tests/cip/cipepathtest.cpp:379:3: note: Null pointer dereference
      message[5] = 24;
      ^

✅ [SUCCESS] source/tests/cip/cipstringtests.cpp
✅ [SUCCESS] source/tests/enet_encap/encaptest.cpp
✅ [SUCCESS] source/tests/enet_encap/endianconvtest.cpp
✅ [SUCCESS] source/tests/ports/socket_timer_tests.cpp
✅ [SUCCESS] source/tests/test_assert.h
✅ [SUCCESS] source/tests/utils/doublylinkedlistTests.cpp
✅ [SUCCESS] source/tests/utils/randomTests.cpp
✅ [SUCCESS] source/tests/utils/xorshiftrandomtests.cpp


(Truncated to last 2857 characters out of 17359)

❌ C / cpplint - 3360 errors

cbs.c
Done processing source/src/ports/POSIX/sample_application/ethlinkcbs.h
Done processing source/src/ports/POSIX/sample_application/opener_user_conf.h
Done processing source/src/ports/POSIX/sample_application/sampleapplication.c
Done processing source/src/ports/STM32/networkconfig.c
Done processing source/src/ports/STM32/networkconfig.h
Done processing source/src/ports/STM32/networkhandler.c
Done processing source/src/ports/STM32/opener.c
Done processing source/src/ports/STM32/opener.h
Done processing source/src/ports/STM32/opener_error.c
Done processing source/src/ports/STM32/platform_network_includes.h
Done processing source/src/ports/STM32/sample_application/ethlinkcbs.c
Done processing source/src/ports/STM32/sample_application/ethlinkcbs.h
Done processing source/src/ports/STM32/sample_application/opener_user_conf.h
Done processing source/src/ports/STM32/sample_application/sampleapplication.c
Done processing source/src/ports/WIN32/main.c
Done processing source/src/ports/WIN32/networkconfig.c
Done processing source/src/ports/WIN32/networkconfig.h
Done processing source/src/ports/WIN32/networkhandler.c
Done processing source/src/ports/WIN32/opener_error.c
Done processing source/src/ports/WIN32/platform_network_includes.h
Done processing source/src/ports/WIN32/sample_application/ethlinkcbs.c
Done processing source/src/ports/WIN32/sample_application/ethlinkcbs.h
Done processing source/src/ports/WIN32/sample_application/opener_user_conf.h
Done processing source/src/ports/WIN32/sample_application/sampleapplication.c
Done processing source/src/ports/generic_networkhandler.c
Done processing source/src/ports/generic_networkhandler.h
Done processing source/src/ports/networkhandler.h
Done processing source/src/ports/nvdata/conffile.c
Done processing source/src/ports/nvdata/conffile.h
Done processing source/src/ports/nvdata/nvdata.c
Done processing source/src/ports/nvdata/nvdata.h
Done processing source/src/ports/nvdata/nvqos.c
Done processing source/src/ports/nvdata/nvqos.h
Done processing source/src/ports/nvdata/nvtcpip.c
Done processing source/src/ports/nvdata/nvtcpip.h
Done processing source/src/ports/opener_error.h
Done processing source/src/ports/socket_timer.c
Done processing source/src/ports/socket_timer.h
Done processing source/src/trace.h
Done processing source/src/typedefs.h
Done processing source/src/utils/doublylinkedlist.c
Done processing source/src/utils/doublylinkedlist.h
Done processing source/src/utils/enipmessage.c
Done processing source/src/utils/enipmessage.h
Done processing source/src/utils/random.c
Done processing source/src/utils/random.h
Done processing source/src/utils/xorshiftrandom.c
Done processing source/src/utils/xorshiftrandom.h
Done processing source/tests/OpENerTests.h
Done processing source/tests/check_assert.h
Done processing source/tests/test_assert.h
Total errors found: 3360

(Truncated to last 2857 characters out of 371525)

❌ CPP / cpplint - 857 errors

g source/src/enet_encap/endianconv.h
Done processing source/src/opener_api.h
Done processing source/src/ports/MINGW/networkconfig.h
Done processing source/src/ports/MINGW/platform_network_includes.h
Done processing source/src/ports/MINGW/sample_application/ethlinkcbs.h
Done processing source/src/ports/MINGW/sample_application/opener_user_conf.h
Done processing source/src/ports/POSIX/networkconfig.h
Done processing source/src/ports/POSIX/platform_network_includes.h
Done processing source/src/ports/POSIX/sample_application/ethlinkcbs.h
Done processing source/src/ports/POSIX/sample_application/opener_user_conf.h
Done processing source/src/ports/STM32/networkconfig.h
Done processing source/src/ports/STM32/opener.h
Done processing source/src/ports/STM32/platform_network_includes.h
Done processing source/src/ports/STM32/sample_application/ethlinkcbs.h
Done processing source/src/ports/STM32/sample_application/opener_user_conf.h
Done processing source/src/ports/WIN32/networkconfig.h
Done processing source/src/ports/WIN32/platform_network_includes.h
Done processing source/src/ports/WIN32/sample_application/ethlinkcbs.h
Done processing source/src/ports/WIN32/sample_application/opener_user_conf.h
Done processing source/src/ports/generic_networkhandler.h
Done processing source/src/ports/networkhandler.h
Done processing source/src/ports/nvdata/conffile.h
Done processing source/src/ports/nvdata/nvdata.h
Done processing source/src/ports/nvdata/nvqos.h
Done processing source/src/ports/nvdata/nvtcpip.h
Done processing source/src/ports/opener_error.h
Done processing source/src/ports/socket_timer.h
Done processing source/src/trace.h
Done processing source/src/typedefs.h
Done processing source/src/utils/doublylinkedlist.h
Done processing source/src/utils/enipmessage.h
Done processing source/src/utils/random.h
Done processing source/src/utils/xorshiftrandom.h
Done processing source/tests/OpENerTests.cpp
Done processing source/tests/OpENerTests.h
Done processing source/tests/callback_mock.cpp
Done processing source/tests/check_assert.h
Done processing source/tests/cip/cipcommontests.cpp
Done processing source/tests/cip/cipconnectionmanagertest.cpp
Done processing source/tests/cip/cipconnectionobjecttest.cpp
Done processing source/tests/cip/cipelectronickeyformattest.cpp
Done processing source/tests/cip/cipelectronickeytest.cpp
Done processing source/tests/cip/cipepathtest.cpp
Done processing source/tests/cip/cipstringtests.cpp
Done processing source/tests/enet_encap/encaptest.cpp
Done processing source/tests/enet_encap/endianconvtest.cpp
Done processing source/tests/ports/socket_timer_tests.cpp
Done processing source/tests/test_assert.h
Done processing source/tests/utils/doublylinkedlistTests.cpp
Done processing source/tests/utils/randomTests.cpp
Done processing source/tests/utils/xorshiftrandomtests.cpp
Total errors found: 857

(Truncated to last 2857 characters out of 107681)

❌ COPYPASTE / jscpd - 265 errors

sts.cpp [147:31 - 155:23]
Clone found (cpp)
 - source/tests/utils/doublylinkedlistTests.cpp [110:18 - 117:23] (8 lines, 64 tokens)
   source/tests/utils/doublylinkedlistTests.cpp [124:18 - 131:23]
Clone found (cpp)
 - source/tests/utils/doublylinkedlistTests.cpp [169:39 - 177:47] (9 lines, 55 tokens)
   source/tests/utils/doublylinkedlistTests.cpp [182:43 - 190:47]
Clone found (cpp)
 - source/tests/utils/doublylinkedlistTests.cpp [195:40 - 203:48] (9 lines, 55 tokens)
   source/tests/utils/doublylinkedlistTests.cpp [208:45 - 216:48]
┌──────────┬────────────────┬─────────────┬──────────────┬──────────────┬──────────────────┬───────────────────┐
│ Format   │ Files analyzed │ Total lines │ Total tokens │ Clones found │ Duplicated lines │ Duplicated tokens │
├──────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ c        │ 55             │ 17893       │ 215055       │ 161          │ 3130 (17.49%)    │ 49710 (23.12%)    │
├──────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ c-header │ 57             │ 6746        │ 169872       │ 67           │ 1123 (16.65%)    │ 34482 (20.30%)    │
├──────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ cpp      │ 15             │ 2738        │ 19853        │ 19           │ 137 (5.00%)      │ 2896 (14.59%)     │
├──────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ diff     │ 1              │ 172         │ 2591         │ 1            │ 6 (3.49%)        │ 68 (2.62%)        │
├──────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ latex    │ 1              │ 309         │ 4392         │ 0            │ 0 (0.00%)        │ 0 (0.00%)         │
├──────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ python   │ 1              │ 38          │ 239          │ 0            │ 0 (0.00%)        │ 0 (0.00%)         │
├──────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ txt      │ 19             │ 1349        │ 11063        │ 17           │ 196 (14.53%)     │ 2600 (23.50%)     │
├──────────┼────────────────┼─────────────┼──────────────┼──────────────┼──────────────────┼───────────────────┤
│ Total:   │ 149            │ 29245       │ 423065       │ 265          │ 4592 (15.70%)    │ 89756 (21.22%)    │
└──────────┴────────────────┴─────────────┴──────────────┴──────────────┴──────────────────┴───────────────────┘
Found 265 clones.
HTML report saved to megalinter-reports/copy-paste/jscpd-report.html
ERROR: jscpd found too many duplicates (15.7%) over threshold (0.0%)
time: 771.578ms

(Truncated to last 2857 characters out of 41082)

❌ SPELL / lychee - 1 error

[WARN] Skipping file with invalid UTF-8 content: license.txt
  [WARN] license.txt: No files found for this input source
📝 Summary
---------------------
🔍 Total............8
🔗 Unique...........8
✅ Successful.......7
⏳ Timeouts.........0
🔀 Redirected.......2
👻 Excluded.........0
❓ Unknown..........0
🚫 Errors...........1
⛔ Unsupported......1

Errors in .github/workflows/build.yml
[404] https://github.com/$ (at 124:120) | Rejected status code: 404 Not Found

Hint: Followed 2 redirects. You might want to consider replacing redirecting URLs with the resolved URLs. Use verbose mode (`-v`/`-vv`) to see redirection details.
Hint: You can configure accepted/rejected response codes with `-a` or `--accept`

❌ YAML / yamllint - 9 errors

.github/dependabot.yml
  1:1       warning  missing document start "---"  (document-start)

.github/workflows/build.yml
  1:1       warning  missing document start "---"  (document-start)
  1:29      warning  wrong new line character: expected \n  (new-lines)
  3:1       warning  truthy value should be one of [false, true]  (truthy)
  5:16      error    too many spaces inside brackets  (brackets)
  5:25      error    too many spaces inside brackets  (brackets)
  7:16      error    too many spaces inside brackets  (brackets)
  7:25      error    too many spaces inside brackets  (brackets)
  145:44    error    no new line character at the end of file  (new-line-at-end-of-file)

❌ ACTION / zizmor - 1 error

INFO zizmor: 🌈 zizmor v1.25.0
fatal: no audit was performed
'artipacked' audit failed on file://.github/workflows/build.yml

Caused by:
    0: error in 'artipacked' audit
    1: couldn't list tags for actions/checkout
    2: request error while accessing GitHub API
    3: HTTP status client error (401 Unauthorized) for url (https://github.com/actions/checkout.git/git-upload-pack)

⚠️ MARKDOWN / markdownlint - 52 errors

in heading [Punctuation: ':']
README.md:89 error MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
README.md:96:20 error MD026/no-trailing-punctuation Trailing punctuation in heading [Punctuation: ':']
README.md:102:1 error MD007/ul-indent Unordered list indentation [Expected: 2; Actual: 1]
README.md:102:1 error MD010/no-hard-tabs Hard tabs [Column: 1]
README.md:103:1 error MD007/ul-indent Unordered list indentation [Expected: 4; Actual: 2]
README.md:103:1 error MD010/no-hard-tabs Hard tabs [Column: 1]
README.md:104:1 error MD007/ul-indent Unordered list indentation [Expected: 4; Actual: 2]
README.md:104:1 error MD010/no-hard-tabs Hard tabs [Column: 1]
README.md:105:1 error MD007/ul-indent Unordered list indentation [Expected: 4; Actual: 2]
README.md:105:1 error MD010/no-hard-tabs Hard tabs [Column: 1]
README.md:106:1 error MD007/ul-indent Unordered list indentation [Expected: 4; Actual: 2]
README.md:106:1 error MD010/no-hard-tabs Hard tabs [Column: 1]
README.md:107:1 error MD007/ul-indent Unordered list indentation [Expected: 4; Actual: 2]
README.md:107:1 error MD010/no-hard-tabs Hard tabs [Column: 1]
README.md:108:1 error MD007/ul-indent Unordered list indentation [Expected: 2; Actual: 1]
README.md:108:1 error MD010/no-hard-tabs Hard tabs [Column: 1]
README.md:109:1 error MD007/ul-indent Unordered list indentation [Expected: 4; Actual: 2]
README.md:109:1 error MD010/no-hard-tabs Hard tabs [Column: 1]
README.md:110:1 error MD007/ul-indent Unordered list indentation [Expected: 4; Actual: 2]
README.md:110:1 error MD010/no-hard-tabs Hard tabs [Column: 1]
README.md:112:14 error MD026/no-trailing-punctuation Trailing punctuation in heading [Punctuation: ':']
README.md:123 error MD003/heading-style Heading style [Expected: setext; Actual: atx]
README.md:136 error MD003/heading-style Heading style [Expected: setext; Actual: atx]
README.md:139 error MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
README.md:154 error MD003/heading-style Heading style [Expected: setext; Actual: atx]
README.md:156 error MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
README.md:165 error MD003/heading-style Heading style [Expected: setext; Actual: atx]
README.md:170:26 error MD026/no-trailing-punctuation Trailing punctuation in heading [Punctuation: ':']
README.md:183:1 error MD018/no-missing-space-atx No space after hash on atx style heading [Context: "#Filename: Dockerfile"]
README.md:202:15 error MD026/no-trailing-punctuation Trailing punctuation in heading [Punctuation: ':']
README.md:207:23 error MD026/no-trailing-punctuation Trailing punctuation in heading [Punctuation: ':']
README.md:215 error MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]

(Truncated to last 2857 characters out of 4484)

⚠️ YAML / prettier - 1 error

Checking formatting...
[warn] .github/workflows/build.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.6.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,ACTION_ZIZMOR,C_CPPCHECK,C_CPPLINT,C_CLANG_FORMAT,COPYPASTE_JSCPD,CPP_CPPCHECK,CPP_CPPLINT,CPP_CLANG_FORMAT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_BETTERLEAKS,REPOSITORY_GRYPE,REPOSITORY_OSV_SCANNER,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,XML_XMLLINT,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

Show us your support by starring ⭐ the repository