Skip to content

Install dotenv-linter deterministically #6385

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bdovaz merged 7 commits into from
Oct 19, 2025
Merged

Install dotenv-linter deterministically #6385

bdovaz merged 7 commits into from
Oct 19, 2025

Conversation

@bdovaz
Copy link
Collaborator

@bdovaz bdovaz commented Oct 19, 2025

Proposed Changes

Install dotenv-linter deterministically because they hadn't released anything in two years and it had to be installed from the master branch: dotenv-linter/dotenv-linter#837

Readiness Checklist

Author/Contributor

  • Add entry to the CHANGELOG listing the change and linking to the corresponding issue (if appropriate)
  • If documentation is needed for this change, has that been included in this pull request

Reviewing Maintainer

  • Label as breaking if this is a large fundamental change
  • Label as either automation, bug, documentation, enhancement, infrastructure, or performance

cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]

This comment was marked as outdated.

Sign in to view

@bdovaz
Copy link
Collaborator Author

bdovaz commented Oct 19, 2025
edited by github-actions bot
Loading

/build

Command run output
Build command workflow started.
Installing dependencies
Running script ./build.sh
Build command workflow completed updating files.

cursor[bot]

This comment was marked as outdated.

Sign in to view

@github-actions
Copy link
Contributor

github-actions bot commented Oct 19, 2025
edited
Loading

⚠️MegaLinter analysis: Success with warnings

⚠️ PYTHON / bandit - 68 errors 
Run started:2025-10-19 15:05:35.981137

Test results:
>> Issue: [B404:blacklist] Consider possible security implications associated with the subprocess module.
   Severity: Low   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_imports.html#b404-import-subprocess
   Location: ./.automation/build.py:11:0
10	import shutil
11	import subprocess
12	import sys

--------------------------------------------------
>> Issue: [B105:hardcoded_password_string] Possible hardcoded password: ''
   Severity: Low   Confidence: Medium
   CWE: CWE-259 (https://cwe.mitre.org/data/definitions/259.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html
   Location: ./.automation/build.py:3064:35
3063	                api_github_headers = {"content-type": "application/json"}
3064	                use_github_token = ""
3065	                if "GITHUB_TOKEN" in os.environ:

--------------------------------------------------
>> Issue: [B105:hardcoded_password_string] Possible hardcoded password: ' (with GITHUB_TOKEN)'
   Severity: Low   Confidence: Medium
   CWE: CWE-259 (https://cwe.mitre.org/data/definitions/259.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html
   Location: ./.automation/build.py:3068:39
3067	                    api_github_headers["authorization"] = f"Bearer {github_token}"
3068	                    use_github_token = " (with GITHUB_TOKEN)"
3069	                logging.info(

--------------------------------------------------
>> Issue: [B602:subprocess_popen_with_shell_equals_true] subprocess call with shell=True identified, security issue.
   Severity: High   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b602_subprocess_popen_with_shell_equals_true.html
   Location: ./.automation/build.py:3445:14
3444	        cwd=cwd,
3445	        shell=True,
3446	        executable=None if sys.platform == "win32" else which("bash"),
3447	    )
3448	    stdout = utils.clean_string(process.stdout)
3449	    logging.info(f"Format table results: ({process.returncode})\n" + stdout)
3450	
3451	
3452	def generate_version():
3453	    # npm version
3454	    logging.info("Updating npm package version…")

--------------------------------------------------
>> Issue: [B607:start_process_with_partial_path] Starting a process with a partial executable path
   Severity: Low   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b607_start_process_with_partial_path.html
   Location: ./.automation/build.py:3456:14
3455	    cwd_to_use = os.getcwd() + "/mega-linter-runner"
3456	    process = subprocess.run(
3457	        [
3458	            "npm",
3459	            "version",
3460	            "--newversion",
3461	            RELEASE_TAG,
3462	            "-no-git-tag-version",
3463	            "--no-commit-hooks",
3464	        ],
3465	        stdout=subprocess.PIPE,
3466	        universal_newlines=True,
3467	        cwd=cwd_to_use,
3468	        shell=True,
3469	    )
3470	    print(process.stdout)

--------------------------------------------------
>> Issue: [B602:subprocess_popen_with_shell_equals_true] subprocess call with shell=True identified, security issue.
   Severity: High   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b602_subprocess_popen_with_shell_equals_true.html
   Location: ./.automation/build.py:3468:14
3467	        cwd=cwd_to_use,
3468	        shell=True,
3469	    )
3470	    print(process.stdout)
3471	    print(process.stderr)
3472	    # Update python project version:
3473	    process = subprocess.run(
3474	        ["hatch", "version", RELEASE_TAG],
3475	        stdout=subprocess.PIPE,
3476	        text=True,
3477	        shell=True,
3478	        check=True,
3479	    )
3480	    # Update changelog
3481	    if UPDATE_CHANGELOG is True:
3482	        changelog_file = f"{REPO_HOME}/CHANGELOG.md"

--------------------------------------------------
>> Issue: [B607:start_process_with_partial_path] Starting a process with a partial executable path
   Severity: Low   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b607_start_process_with_partial_path.html
   Location: ./.automation/build.py:3473:14
3472	    # Update python project version:
3473	    process = subprocess.run(
3474	        ["hatch", "version", RELEASE_TAG],
3475	        stdout=subprocess.PIPE,
3476	        text=True,
3477	        shell=True,
3478	        check=True,
3479	    )
3480	    # Update changelog

--------------------------------------------------
>> Issue: [B602:subprocess_popen_with_shell_equals_true] subprocess call with shell=True identified, security issue.
   Severity: High   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b602_subprocess_popen_with_shell_equals_true.html
   Location: ./.automation/build.py:3477:14
3476	        text=True,
3477	        shell=True,
3478	        check=True,
3479	    )
3480	    # Update changelog
3481	    if UPDATE_CHANGELOG is True:
3482	        changelog_file = f"{REPO_HOME}/CHANGELOG.md"
3483	        with open(changelog_file, "r", encoding="utf-8") as md_file:
3484	            changelog_content = md_file.read()

--------------------------------------------------
>> Issue: [B60

(Truncated to 5714 characters out of 43076)
⚠️ BASH / bash-exec - 1 error 
Results of bash-exec linter (version 5.2.37)
See documentation on https://megalinter.io/beta/descriptors/bash_bash_exec/
-----------------------------------------------

✅ [SUCCESS] .automation/build_schemas_doc.sh
✅ [SUCCESS] .automation/format-tables.sh
✅ [SUCCESS] .vscode/testlinter.sh
✅ [SUCCESS] build.sh
✅ [SUCCESS] entrypoint.sh
❌ [ERROR] sh/megalinter_exec
    Error: File:[sh/megalinter_exec] is not executable
⚠️ REPOSITORY / grype - 31 errors 
[0000]  WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal)
NAME                           INSTALLED  FIXED IN  TYPE    VULNERABILITY        SEVERITY  EPSS           RISK   
ejs                            3.1.6      3.1.7     npm     GHSA-phwq-j96m-2c2q  Critical  93.5% (99th)   87.9   
tar                            6.0.1      6.1.1     npm     GHSA-3jfq-g458-7qm9  High      85.5% (99th)   67.1   
requests                       2.24.0     2.31.0    python  GHSA-j8r2-6x86-q33q  Medium    6.1% (90th)    3.4    
ip                             1.1.5                npm     GHSA-2p57-rm9w-gvfp  High      4.0% (87th)    3.1    
minimist                       1.2.5      1.2.6     npm     GHSA-xvch-5gv4-984h  Critical  0.9% (74th)    0.8    
ejs                            3.1.6      3.1.10    npm     GHSA-ghr5-ch3p-vcr6  Medium    1.3% (78th)    0.6    
tar                            6.0.1      6.1.9     npm     GHSA-5955-9wpr-37jh  High      0.6% (68th)    0.5    
node-fetch                     2.6.6      2.6.7     npm     GHSA-r683-j2x4-v87g  High      0.5% (65th)    0.4    
minimatch                      3.0.4      3.0.5     npm     GHSA-f8q6-p94x-37v3  High      0.5% (63rd)    0.3    
semver                         7.3.5      7.5.2     npm     GHSA-c2qf-rxjj-qqgw  High      0.3% (54th)    0.2    
braces                         3.0.2      3.0.3     npm     GHSA-grv7-fg5c-xmjg  High      0.2% (45th)    0.2    
ansi-regex                     3.0.0      3.0.1     npm     GHSA-93q8-gq69-wqmw  High      0.2% (44th)    0.2    
@octokit/request-error         2.1.0      5.1.1     npm     GHSA-xx4v-prfh-6cgc  Medium    0.3% (53rd)    0.2    
@octokit/request               5.6.2      8.4.1     npm     GHSA-rmvr-2pp2-xj38  Medium    0.3% (50th)    0.1    
tar                            6.0.1      6.1.2     npm     GHSA-r628-mhmh-qjhw  High      0.2% (39th)    0.1    
http-cache-semantics           4.1.0      4.1.1     npm     GHSA-rc47-6667-2j5j  High      0.2% (37th)    0.1    
ip                             1.1.5      1.1.9     npm     GHSA-78xj-cgh5-2h22  Low       0.4% (59th)    0.1    
tar                            6.0.1      6.2.1     npm     GHSA-f5x3-32g6-xq36  Medium    0.2% (42nd)    0.1    
tar                            6.1.11     6.2.1     npm     GHSA-f5x3-32g6-xq36  Medium    0.2% (42nd)    0.1    
cross-spawn                    7.0.3      7.0.5     npm     GHSA-3xgq-45jj-v275  High      0.1% (33rd)    < 0.1  
@octokit/plugin-paginate-rest  2.17.0     9.2.2     npm     GHSA-h5c3-5r3r-rr8q  Medium    0.1% (33rd)    < 0.1  
micromatch                     4.0.4      4.0.8     npm     GHSA-952p-6rrq-rcjv  Medium    0.1% (32nd)    < 0.1  
requests                       2.24.0     2.32.4    python  GHSA-9hjg-9r4m-mvj7  Medium    0.1% (29th)    < 0.1  
debug                          4.2.0      4.3.1     npm     GHSA-gxpj-cx7g-858c  Low       < 0.1% (27th)  < 0.1  
requests                       2.24.0     2.32.0    python  GHSA-9wx4-h78v-vm56  Medium    < 0.1% (13th)  < 0.1  
word-wrap                      1.2.3      1.2.4     npm     GHSA-j8xg-fqg3-53r7  Medium    < 0.1% (13th)  < 0.1  
tar                            6.0.1      6.1.7     npm     GHSA-9r2w-394v-53qc  High      < 0.1% (6th)   < 0.1  
tmp                            0.0.33     0.2.4     npm     GHSA-52f5-9888-hmc6  Low       < 0.1% (21st)  < 0.1  
tar                            6.0.1      6.1.9     npm     GHSA-qq89-hq3f-393p  High      < 0.1% (4th)   < 0.1  
brace-expansion                1.1.11     1.1.12    npm     GHSA-v6h2-p8h4-qcjw  Low       < 0.1% (5th)   < 0.1  
brace-expansion                2.0.1      2.0.2     npm     GHSA-v6h2-p8h4-qcjw  Low       < 0.1% (5th)   < 0.1
[0031] ERROR discovered vulnerabilities at or above the severity threshold
⚠️ SPELL / lychee - 16 errors 
[WARN ] WARNING: `--exclude-mail` is deprecated and will soon be removed; E-Mail is no longer checked by default. Use `--include-mail` to enable E-Mail checking.
[403] https://cloudtuned.hashnode.dev/introducing-megalinter-streamlining-code-quality-checks-across-multiple-languages | Network error: Forbidden
[403] https://npmjs.org/package/mega-linter-runner | Network error: Forbidden
[403] https://htmlhint.com/integrations/task-runner/ | Network error: Forbidden
[403] https://npmjs.org/package/mega-linter-runner | Error (cached)
[403] https://cloudtuned.hashnode.dev/ | Network error: Forbidden
[403] https://htmlhint.com/integrations/task-runner/ | Error (cached)
[403] https://htmlhint.com/docs/user-guide/list-rules | Network error: Forbidden
[403] https://htmlhint.com/ | Network error: Forbidden
[403] https://htmlhint.com/configuration/ | Network error: Forbidden
[403] https://www.npmjs.com/package/markdown-table-formatter | Network error: Forbidden
[404] https://plugins.jetbrains.com/plugin/11563-flake8-support | Network error: Not Found
[404] https://marketplace.visualstudio.com/items?itemName=ForceConfigControl.lightningflowscanner | Network error: Not Found
[404] https://lychee.cli.rs/usage/cli/ | Network error: Not Found
[404] https://lychee.cli.rs/usage/config/ | Network error: Not Found
[404] https://raw.githubusercontent.com/Lightning-Flow-Scanner/.github/main/docs/images/bannerslim.png | Network error: Not Found
[404] https://raku.org/camelia-logo.png | Network error: Not Found
📝 Summary
---------------------
🔍 Total.........2373
✅ Successful....1894
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.......463
❓ Unknown..........0
🚫 Errors..........16

Errors in megalinter/descriptors/python.megalinter-descriptor.yml
[404] https://plugins.jetbrains.com/plugin/11563-flake8-support | Network error: Not Found

Errors in megalinter/descriptors/spell.megalinter-descriptor.yml
[404] https://lychee.cli.rs/usage/config/ | Network error: Not Found
[404] https://lychee.cli.rs/usage/cli/ | Network error: Not Found

Errors in README.md
[403] https://cloudtuned.hashnode.dev/introducing-megalinter-streamlining-code-quality-checks-across-multiple-languages | Network error: Forbidden
[403] https://htmlhint.com/integrations/task-runner/ | Network error: Forbidden
[403] https://cloudtuned.hashnode.dev/ | Network error: Forbidden
[403] https://npmjs.org/package/mega-linter-runner | Network error: Forbidden

Errors in megalinter/descriptors/raku.megalinter-descriptor.yml
[404] https://raku.org/camelia-logo.png | Network error: Not Found

Errors in mega-linter-runner/README.md
[403] https://npmjs.org/package/mega-linter-runner | Error (cached)

Errors in megalinter/descriptors/html.megalinter-descriptor.yml
[403] https://htmlhint.com/ | Network error: Forbidden
[403] https://htmlhint.com/integrations/task-runner/ | Error (cached)
[403] https://htmlhint.com/docs/user-guide/list-rules | Network error: Forbidden
[403] https://htmlhint.com/configuration/ | Network error: Forbidden

Errors in megalinter/descriptors/markdown.megalinter-descriptor.yml
[403] https://www.npmjs.com/package/markdown-table-formatter | Network error: Forbidden

Errors in megalinter/descriptors/salesforce.megalinter-descriptor.yml
[404] https://marketplace.visualstudio.com/items?itemName=ForceConfigControl.lightningflowscanner | Network error: Not Found
[404] https://raw.githubusercontent.com/Lightning-Flow-Scanner/.github/main/docs/images/bannerslim.png | Network error: Not Found
⚠️ MARKDOWN / markdownlint - 312 errors 
.github/copilot-instructions.md:9 MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
.github/copilot-instructions.md:156 MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
.github/linters/valestyles/proselint/README.md:12:601 MD013/line-length Line length [Expected: 600; Actual: 755]
CHANGELOG.md:77:90 MD059/descriptive-link-text Link text should be descriptive [Context: "[here]"]
CHANGELOG.md:2098:87 MD059/descriptive-link-text Link text should be descriptive [Context: "[here]"]
docs/articles.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "They talk about MegaLinter"]
docs/badge.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Badge"]
docs/config-activation.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Activation and deactivation"]
docs/config-apply-fixes.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Apply fixes"]
docs/config-cli-lint-mode.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "CLI lint mode"]
docs/config-file.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: ".mega-linter.yml file"]
docs/config-filtering.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Filter linted files"]
docs/config-linters.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Linter specific variables"]
docs/config-postcommands.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Post-commands"]
docs/config-precommands.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Pre-commands"]
docs/config-variables-security.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Environment variables security"]
docs/config-variables.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Common variables"]
docs/configuration.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Configuration"]
docs/descriptors/action_actionlint.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "actionlint"]
docs/descriptors/action.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "ACTION"]
docs/descriptors/ansible_ansible_lint.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "ansible-lint"]
docs/descriptors/ansible_ansible_lint.md:8:601 MD013/line-length Line length [Expected: 600; Actual: 795]
docs/descriptors/ansible.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "ANSIBLE"]
docs/descriptors/api_spectral.md:14:601 MD013/line-length Line length [Expected: 600; Actual: 746]
docs/descriptors/api.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "API"]
docs/descriptors/arm_arm_ttk.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "arm-ttk"]
docs/descriptors/arm.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "ARM"]
docs/descriptors/bash_bash_exec.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "bash-exec"]
docs/descriptors/bash_shellcheck.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "shellcheck"]
docs/descriptors/bash_shellcheck.md:8:601 MD013/line-length Line length [Expected: 600; Actual: 785]
docs/descriptors/bash_shfmt.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "shfmt"]
docs/descriptors/bash.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "BASH"]
docs/descriptors/bicep_bicep_linter.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "bicep_linter"]
docs/descriptors/bicep.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "BICEP"]
docs/descriptors/c_clang_format.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "clang-format"]
docs/descriptors/c_clang_format.md:8:601 MD013/line-length Line length [Expected: 600; Actual: 768]
docs/descriptors/c_cppcheck.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "cppcheck"]
docs/descriptors/c_cpplint.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "cpplint"]
docs/descriptors/c.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "C"]
docs/descriptors/clojure_cljstyle.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "cljstyle"]
docs/descriptors/clojure_cljstyle.md:8:601 MD013/line-length Line length [Expected: 600; Actual: 768]
docs/descriptors/clojure.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "CLOJURE"]
docs/descriptors/cloudformation_cfn_lint.md:14:601 MD013/line-length Line length [Expected: 600; Actual: 865]
docs/descriptors/cloudformation.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "CLOUDFORMATION"]
docs/descriptors/coffee_coffeelint.md:7 MD025/single-title/single-h1 Multiple top-level headings 

(Truncated to 5714 characters out of 38821)
⚠️ YAML / prettier - 6 errors 
.automation/plugins.yml 99ms (unchanged)
.github/FUNDING.yml 11ms (unchanged)
.github/dependabot.yml 30ms (unchanged)
.github/linters/.cfnlintrc.yml 3ms (unchanged)
.github/linters/.checkov.yml 4ms (unchanged)
.github/linters/.golangci.yml 8ms (unchanged)
.github/linters/.hadolint.yml 3ms (unchanged)
.github/linters/.openapirc.yml 2ms (unchanged)
.github/linters/.protolintrc.yml 13ms (unchanged)
.github/linters/.ruby-lint.yml 2ms (unchanged)
.github/linters/.yamllint.yml 12ms (unchanged)
.github/linters/analysis_options.yml 10ms (unchanged)
.github/linters/valestyles/Microsoft/AMPM.yml 5ms (unchanged)
.github/linters/valestyles/Microsoft/Accessibility.yml 4ms (unchanged)
.github/linters/valestyles/Microsoft/Acronyms.yml 14ms (unchanged)
.github/linters/valestyles/Microsoft/Adverbs.yml 35ms (unchanged)
.github/linters/valestyles/Microsoft/Auto.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Avoid.yml 3ms (unchanged)
.github/linters/valestyles/Microsoft/ComplexWords.yml 40ms (unchanged)
.github/linters/valestyles/Microsoft/Contractions.yml 6ms (unchanged)
.github/linters/valestyles/Microsoft/Dashes.yml 11ms (unchanged)
.github/linters/valestyles/Microsoft/DateFormat.yml 3ms (unchanged)
.github/linters/valestyles/Microsoft/DateNumbers.yml 4ms (unchanged)
.github/linters/valestyles/Microsoft/DateOrder.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Ellipses.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/FirstPerson.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Foreign.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Gender.yml 1ms (unchanged)
.github/linters/valestyles/Microsoft/GenderBias.yml 8ms (unchanged)
.github/linters/valestyles/Microsoft/GeneralURL.yml 3ms (unchanged)
.github/linters/valestyles/Microsoft/HeadingAcronyms.yml 4ms (unchanged)
.github/linters/valestyles/Microsoft/HeadingColons.yml 3ms (unchanged)
.github/linters/valestyles/Microsoft/HeadingPunctuation.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Headings.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Hyphens.yml 6ms (unchanged)
.github/linters/valestyles/Microsoft/Negative.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Ordinal.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/OxfordComma.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Passive.yml 12ms (unchanged)
.github/linters/valestyles/Microsoft/Percentages.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Quotes.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/RangeFormat.yml 3ms (unchanged)
.github/linters/valestyles/Microsoft/RangeTime.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Ranges.yml 3ms (unchanged)
.github/linters/valestyles/Microsoft/Semicolon.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/SentenceLength.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Spacing.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Suspended.yml 5ms (unchanged)
.github/linters/valestyles/Microsoft/Terms.yml 6ms (unchanged)
.github/linters/valestyles/Microsoft/URLFormat.yml 3ms (unchanged)
.github/linters/valestyles/Microsoft/Units.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Vocab.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/We.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Wordiness.yml 12ms (unchanged)
.github/linters/valestyles/proselint/Airlinese.yml 2ms (unchanged)
.github/linters/valestyles/proselint/AnimalLabels.yml 8ms (unchanged)
.github/linters/valestyles/proselint/Annotations.yml 3ms (unchanged)
.github/linters/valestyles/proselint/Apologizing.yml 2ms (unchanged)
.github/linters/valestyles/proselint/Archaisms.yml 3ms (unchanged)
.github/linters/valestyles/proselint/But.yml 6ms (unchanged)
.github/linters/valestyles/proselint/Cliches.yml 63ms (unchanged)
.github/linters/valestyles/proselint/CorporateSpeak.yml 4ms (unchanged)
.github/linters/valestyles/proselint/Currency.yml 2ms (unchanged)
.github/linters/valestyles/proselint/Cursing.yml 2ms (unchanged)
.github/linters/valestyles/proselint/DateCase.yml 5ms (unchanged)
.github/linters/valestyles/proselint/DateMidnight.yml 2ms (unchanged)
.github/linters/valestyles/proselint/DateRedundancy.yml 5ms (unchanged)
.github/linters/valestyles/proselint/DateSpacing.yml 2ms (unchanged)
.github/linters/valestyles/proselint/DenizenLabels.yml 10ms (unchanged)
.github/linters/valestyles/proselint/Diacritical.yml 18ms (unchanged)
.github/linters/valestyles/proselint/GenderBias.yml 11ms (unchanged)
.github/linters/valestyles/proselint/GroupTerms.yml 4ms (unchanged)
.github/linters/valestyles/proselint/Hedging.yml 4ms (unchanged)
.github/linters/valestyles/proselint/Hyperbole.yml 2ms (unchanged)
.github/linters/valestyles/proselint/Jargon.yml 1ms (unchanged)
.github/linters/valestyles/proselint/LGBTOffensive.yml 2ms (unchanged)
.github/linters/valestyles/proselint/LGBTTerms.yml 2ms (unchanged)
.github/linters/valestyles/proselint/Malapropisms.yml 2ms (unchanged)
.github/linters/valestyles/proselint/Needless.yml 66ms (unchanged)
.github/linters/valestyles/proselint/Nonwords.yml 6ms (unchanged)
.github/linters/valestyles/proselint/Oxymorons.yml 2ms (unchanged)
.github/linters/valestyles/proselint/P-Value.yml 2ms (unchanged)
.github/linters/valestyles/proselint/RASSyndrome.yml 2ms (unchanged)
.github/linters/valestyles/proselint/Skunked.yml 2ms (unchanged)
.github/linters/valestyles/proselint/Spelling.yml 4ms (unchanged)
.github/linters/valestyles/proselint/Typography.yml 5ms (unchanged)
.github/linters/valestyles/proselint/Uncomparables.yml 15ms (unchanged)
.github/linters/valestyles/proselint/Very.yml 2ms (unchanged)
.github/release-drafter.yml 11ms (unchanged)
.gitpod.yml 5ms (

(Truncated to 5714 characters out of 11539)
⚠️ YAML / yamllint - 188 errors 
.automation/plugins.yml
  1:1       warning  missing document start "---"  (document-start)

.github/FUNDING.yml
  3:1       warning  missing document start "---"  (document-start)

.github/dependabot.yml
  4:1       warning  missing document start "---"  (document-start)

.github/linters/.cfnlintrc.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/.checkov.yml
  2:1       warning  missing document start "---"  (document-start)

.github/linters/.golangci.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/.hadolint.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/.protolintrc.yml
  2:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/AMPM.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Accessibility.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Acronyms.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Adverbs.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Auto.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Avoid.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/ComplexWords.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Contractions.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Dashes.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/DateFormat.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/DateNumbers.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/DateOrder.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Ellipses.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/FirstPerson.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Foreign.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Gender.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/GenderBias.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/GeneralURL.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/HeadingAcronyms.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/HeadingColons.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/HeadingPunctuation.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Headings.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Hyphens.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Negative.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Ordinal.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/OxfordComma.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Passive.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Percentages.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Quotes.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/RangeFormat.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/RangeTime.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Ranges.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Semicolon.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/SentenceLength.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Spacing.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Suspended.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Terms.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/URLFormat.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Units.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Vocab.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/We.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft

(Truncated to 5714 characters out of 21376)

✅ Linters with no issues

black, checkov, cspell, flake8, git_diff, hadolint, isort, jscpd, jsonlint, markdown-table-formatter, mypy, npm-groovy-lint, pylint, ruff, secretlint, shellcheck, shfmt, spectral, syft, trivy, trivy-sbom, trufflehog, v8r, v8r, xmllint

See detailed reports in MegaLinter artifacts

MegaLinter is graciously provided by OX Security

@bdovaz bdovaz closed this Oct 19, 2025
@bdovaz bdovaz reopened this Oct 19, 2025
cursor[bot]

This comment was marked as outdated.

Sign in to view

cursor[bot]
cursor bot reviewed Oct 19, 2025
View reviewed changes
flavors/documentation/Dockerfile
#
# dotenv-linter installation
&& wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s
&& wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s -- -b /usr/local/bin "v${DOTENV_LINTER_VERSION}"
Copy link

@cursor cursor bot Oct 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Dotenv-Linter Installation Script Versioning Issue

The dotenv-linter installation fetches its install.sh script from the master branch, which can lead to non-deterministic builds. Although a DOTENV_LINTER_VERSION is defined, it's not used to specify the script's version in the download URL.

Additional Locations (17)

Fix in Cursor Fix in Web

@bdovaz
Copy link
Collaborator Author

bdovaz commented Oct 19, 2025

Ready for review @nvuillam @echoix

echoix
echoix approved these changes Oct 19, 2025
View reviewed changes
Copy link
Collaborator

@echoix echoix left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm ignoring the comment of cursor that seems to suggest to try to fetch the install script from a branch too, but I would be surprised it would become incompatible

@bdovaz bdovaz merged commit 5aa3203 into main Oct 19, 2025
130 of 133 checks passed
@bdovaz bdovaz deleted the dotenv-linter-deterministic branch October 19, 2025 21:47
@Klintrup Klintrup mentioned this pull request Dec 2, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

@nvuillam nvuillam Awaiting requested review from nvuillam nvuillam is a code owner

@echoix echoix Awaiting requested review from echoix echoix is a code owner

@Kurt-von-Laven Kurt-von-Laven Awaiting requested review from Kurt-von-Laven Kurt-von-Laven is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bdovaz @echoix