oxsecurity
diff --git a/‎.automation/generated/linter-helps.json‎
Lines changed: 4 additions & 4 deletions b/‎.automation/generated/linter-helps.json‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎.trivyignore‎
Lines changed: 2 additions & 0 deletions b/‎.trivyignore‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 4 additions & 4 deletions b/‎README.md‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎docs/badge.md‎
Lines changed: 2 additions & 2 deletions b/‎docs/badge.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎docs/config-activation.md‎
Lines changed: 8 additions & 8 deletions b/‎docs/config-activation.md‎
Lines changed: 8 additions & 8 deletions
diff --git a/‎docs/config-apply-fixes.md‎
Lines changed: 12 additions & 12 deletions b/‎docs/config-apply-fixes.md‎
Lines changed: 12 additions & 12 deletions
diff --git a/‎docs/config-cli-lint-mode.md‎
Lines changed: 6 additions & 6 deletions b/‎docs/config-cli-lint-mode.md‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎docs/config-file.md‎
Lines changed: 5 additions & 5 deletions b/‎docs/config-file.md‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎docs/config-filtering.md‎
Lines changed: 3 additions & 3 deletions b/‎docs/config-filtering.md‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎docs/config-postcommands.md‎
Lines changed: 2 additions & 2 deletions b/‎docs/config-postcommands.md‎
Lines changed: 2 additions & 2 deletions
@@ -26,9 +26,11 @@ CVE-2024-45338
 CVE-2025-22869
 CVE-2025-22874
 CVE-2025-30204
+CVE-2025-47906
 # https://avd.aquasec.com/nvd/2025/cve-2025-47907/ , not a security issue in MegaLinter context
 CVE-2025-47907
 
+
 # go-git
 CVE-2025-21613
 CVE-2025-21614
 
@@ -23,7 +23,7 @@
 [![MegaLinter](https://github.com/oxsecurity/megalinter/workflows/MegaLinter/badge.svg?branch=main)](https://github.com/oxsecurity/megalinter/actions?query=workflow%3AMegaLinter+branch%3Amain)
 [![codecov](https://codecov.io/gh/oxsecurity/megalinter/branch/main/graph/badge.svg)](https://codecov.io/gh/oxsecurity/megalinter)
 <!-- gh-dependents-info-used-by-start -->
-[![Generated by github-dependents-info](https://img.shields.io/static/v1?label=Used%20by&message=2659&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/blob/main/./docs/used-by-stats.md)<!-- gh-dependents-info-used-by-end -->
+[![Generated by github-dependents-info](https://img.shields.io/static/v1?label=Used%20by&message=2657&color=informational&logo=slickpic)](https://github.com/oxsecurity/megalinter/blob/main/./docs/used-by-stats.md)<!-- gh-dependents-info-used-by-end -->
 [![Secured with Trivy](https://img.shields.io/badge/Trivy-secured-green?logo=docker)](https://github.com/aquasecurity/trivy)
 [![GitHub contributors](https://img.shields.io/github/contributors/oxsecurity/megalinter.svg)](https://github.com/oxsecurity/megalinter/graphs/contributors/)
 [![GitHub Sponsors](https://img.shields.io/github/sponsors/nvuillam)](https://github.com/sponsors/nvuillam)
@@ -32,14 +32,14 @@
 <!-- mega-linter-badges-end -->
 
 <!-- welcome-phrase-start -->
-MegaLinter is an **open-source** tool for **CI/CD workflows** that analyzes the **consistency of your code**, **IaC**, **configuration**, and **scripts** in your repository to **ensure all your project sources are clean and formatted**, regardless of the IDE or tools used by your developers. Powered by [**OX Security**](https://www.ox.security/?ref=megalinter).
+MegaLinter is an **open-source** tool for **CI/CD workflows** that analyzes the **consistency of your code**, **IaC**, **configuration**, and **scripts** in your repository to **ensure all your project sources are clean and formatted**, no matter which IDE or toolbox is used by your developers. Powered by [**OX Security**](https://www.ox.security/?ref=megalinter).
 
-Supporting [**65** languages](#languages), [**22** formats](#formats), and [**20** tooling formats](#tooling-formats). It is **ready to use out of the box** as a GitHub Action or with any CI system, **highly configurable**, and **free for all uses**.
+Supports [**65** languages](#languages), [**22** formats](#formats), [**20** tooling formats](#tooling-formats), and is **ready to use out of the box** as a GitHub Action or with any CI system. It is **highly configurable** and **free for all uses**.
 
 MegaLinter has **native integrations** with many major CI/CD tools.
 
 [![GitHub](https://github.com/oxsecurity/megalinter/blob/main/docs/assets/icons/integrations/github.png?raw=true>)](https://github.com/oxsecurity/megalinter/tree/main/docs/reporters/GitHubCommentReporter.md)
-[![Gitlab](https://github.com/oxsecurity/megalinter/blob/main/docs/assets/icons/integrations/gitlab.png?raw=true>)](https://github.com/oxsecurity/megalinter/tree/main/docs/reporters/GitlabCommentReporter.md)
+[![GitLab](https://github.com/oxsecurity/megalinter/blob/main/docs/assets/icons/integrations/gitlab.png?raw=true>)](https://github.com/oxsecurity/megalinter/tree/main/docs/reporters/GitlabCommentReporter.md)
 [![Azure](https://github.com/oxsecurity/megalinter/blob/main/docs/assets/icons/integrations/azure.png?raw=true>)](https://github.com/oxsecurity/megalinter/tree/main/docs/reporters/AzureCommentReporter.md)
 [![Bitbucket](https://github.com/oxsecurity/megalinter/blob/main/docs/assets/icons/integrations/bitbucket.png?raw=true>)](https://github.com/oxsecurity/megalinter/tree/main/docs/reporters/BitbucketCommentReporter.md)
 [![Jenkins](https://github.com/oxsecurity/megalinter/blob/main/docs/assets/icons/integrations/jenkins.png?raw=true>)](https://github.com/oxsecurity/megalinter/tree/main/docs/install-jenkins.md)
 
@@ -8,11 +8,11 @@ description: Show that your repositories are cleaned and secured with MegaLinter
 
 # Badge
 
-You can show MegaLinter status with a badge in your repository README
+You can show the MegaLinter status with a badge in your repository README.
 
 [![MegaLinter](https://github.com/oxsecurity/megalinter/workflows/MegaLinter/badge.svg?branch=main)](https://github.com/oxsecurity/megalinter/actions?query=workflow%3AMegaLinter+branch%3Amain)
 
-_If your main branch is **master** , replace **main** by **master** in URLs_
+If your main branch is named `master`, replace `main` with `master` in the URLs.
 
 ## Markdown
 
 
@@ -8,14 +8,14 @@ description: You can enable, disable, make not blocking, allow a minimum number
 
 # Activation and deactivation
 
-MegaLinter have all linters enabled by default, but allows to enable only some, or disable only some
-
-- If `ENABLE` isn't set, all descriptors are activated by default. If set, all linters of listed descriptors will be activated by default
-- If `ENABLE_LINTERS` is set, only listed linters will be processed
-- If `DISABLE` is set, the linters in the listed descriptors will be skipped
-- If `DISABLE_LINTERS` is set, the listed linters will be skipped
-- If `DISABLE_ERRORS_LINTERS` is set, the listed linters will be run, but if errors are found, they will be considered as non blocking
-- If `ENABLE_ERRORS_LINTERS` is set, only the linters in this list will be considered as blocking.
+MegaLinter has all linters enabled by default, but allows enabling or disabling specific ones.
+
+- If `ENABLE` isn't set, all descriptors are activated by default. If set, all linters of listed descriptors are activated by default.
+- If `ENABLE_LINTERS` is set, only the listed linters are processed.
+- If `DISABLE` is set, the linters in the listed descriptors are skipped.
+- If `DISABLE_LINTERS` is set, the listed linters are skipped.
+- If `DISABLE_ERRORS_LINTERS` is set, the listed linters will run, but if errors are found, they will be considered non-blocking.
+- If `ENABLE_ERRORS_LINTERS` is set, only the linters in this list will be considered blocking.
 
 
 Examples:
 
@@ -8,35 +8,35 @@ description: Use MegaLinter to auto apply corrections on your repository files
 
 # Apply fixes
 
-Mega-linter is able to apply fixes provided by linters. To use this capability, you need 3 **env variables** defined at top level
+MegaLinter can apply fixes provided by linters. To use this capability, you need three environment variables defined at the top level.
 
 - **APPLY_FIXES**: `all` to apply fixes of all linters, or a list of linter keys (ex: `JAVASCRIPT_ES`,`MARKDOWN_MARKDOWNLINT`)
 
-Only for GitHub Action Workflow file if you use it:
+Only for the GitHub Actions workflow file, if you use it:
 
 - **APPLY_FIXES_EVENT**: `all`, `push`, `pull_request`, `none` _(use none in case of use of [Updated sources reporter](reporters/UpdatedSourcesReporter.md))_
 - **APPLY_FIXES_MODE**: `commit` to create a new commit and push it on the same branch, or `pull_request` to create a new PR targeting the branch.
 
 ## Apply fixes issues
 
-You may see **github permission errors**, or workflows not run on the new commit.
+You may see GitHub permission errors, or workflows not running on the new commit.
 
-To solve these issues, you can apply one of the following solutions.
+To solve these issues, apply one of the following solutions.
 
 - Method 1: The most secured
-  - [Create Fine Grained Personal Access Token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token#creating-a-fine-grained-personal-access-token), scoped only on your repository and with **Contents: Read/Write** and then copy the PAT value
+  - [Create a Fine-Grained Personal Access Token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token#creating-a-fine-grained-personal-access-token), scoped only to your repository and with **Contents: Read/Write**, then copy the PAT value
   - [Define environment secret variable](https://docs.github.com/en/actions/security-guides/encrypted-secrets#creating-encrypted-secrets-for-an-environment) named **PAT** on your repository, and paste the PAT value
-  - Update your Github Actions Workflow to add the environment name
+  - Update your GitHub Actions workflow to add the environment name
 
-- Method 2: Easier, but any contributor with write access can see your Personal Access Token, so use it only on private repositories.
-  - [Create Classic Personal Access Token](https://docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/creating-a-personal-access-token#creating-a-token), then copy the PAT value
-  - [Define secret variable](https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository) named **PAT** on your repository, and paste the PAT value
+-- Method 2: Easier, but any contributor with write access can see your Personal Access Token, so use it only on private repositories.
+- [Create a Classic Personal Access Token](https://docs.github.com/en/free-pro-team@latest/github/authenticating-to-github/creating-a-personal-access-token#creating-a-token), then copy the PAT value
+- [Define secret variable](https://docs.github.com/en/free-pro-team@latest/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository) named **PAT** on your repository, and paste the PAT value
 
 ## Notes
 
-- You can use [**Updated sources reporter**](reporters/UpdatedSourcesReporter.md) if you don't want fixes to be automatically applied on git branch, but **download them in a zipped file** and manually **extract them in your project**
-- If used, **APPLY_FIXES_EVENT** and **APPLY_FIXES_MODE** can not be defined in `.mega-linter.yml`config file, they must be set as environment variables
-- If you use **APPLY_FIXES**, add the following line in your `.gitignore file`
+- You can use the [Updated sources reporter](reporters/UpdatedSourcesReporter.md) if you don't want fixes to be automatically applied on the Git branch. Instead, download them in a ZIP file and manually extract them into your project.
+- If used, `APPLY_FIXES_EVENT` and `APPLY_FIXES_MODE` cannot be defined in the `.mega-linter.yml` config file; they must be set as environment variables.
+- If you use `APPLY_FIXES`, add the following line to your `.gitignore` file:
 
 ```shell
 megalinter-reports/
 
@@ -8,22 +8,22 @@ description: Cli lint mode can be list_of_files, project or files
 
 # CLI lint mode
 
-Each linter is pre-configured to use a default lint mode, which are visible in the MegaLinter documentation ([example](https://megalinter.io/latest/descriptors/repository_trivy/#how-the-linting-is-performed)). The possible values are:
+Each linter is preconfigured to use a default lint mode, which is visible in the MegaLinter documentation ([example](https://megalinter.io/latest/descriptors/repository_trivy/#how-the-linting-is-performed)). The possible values are:
 
 - `list_of_files`: The linter is called only once, and passed a list of all the files to be processed
-- `project`: The linter is called only once, from the root folder of the repository, and it scans for the files to process, as no file names are provided it
+- `project`: The linter is called only once, from the root folder of the repository, and it scans for the files to process, as no file names are provided to it
 - `file`: The linter is called once per file, which hurts performance
 
-You can override the CLI_LINT_MODE by using a configuration variable for each linter (see [linters documentation](https://megalinter.io/supported-linters/)).
+You can override the CLI_LINT_MODE by using a configuration variable for each linter (see the [linters documentation](https://megalinter.io/supported-linters/)).
 
-- Linters that default to the `file` lint mode cannot be overridden to use the `list_of_files` lint mode
+- Linters that default to the `file` lint mode cannot be overridden to use the `list_of_files` lint mode.
 - Linters that default to the `project` lint mode cannot be overridden to use either the `list_of_files` or `file` lint modes.
 
-Allowing `file` or `list_of_files` to be overridden to `project` is mostly for workarounds. For example, some linters have a problem finding their config file when the current folder isn't the repository's root folder.
+Allowing `file` or `list_of_files` to be overridden to `project` is mostly for workarounds. For example, some linters have a problem finding their config file when the current folder isn't the repository root.
 
 Special considerations:
 
-- Linters that are configured to use the `project` lint mode ignore variables like `FILTER_REGEX_INCLUDE` and `FILTER_REGEX_EXCLUDE`, as they are not passed a list of files to lint. For those linters, you must check their documentation to see if a linter can be configured to ignore specific files. For example, the [Secretlint](https://megalinter.io/latest/descriptors/repository_secretlint/) linter ignore files listed in `~/.secretlintignore` by default, or it can be configured to instead ignore files listed in `~/.gitignore` by setting `REPOSITORY_SECRETLINT_ARGUMENTS` to `--secretlintignore .gitignore.`.
+- Linters that are configured to use the `project` lint mode ignore variables like `FILTER_REGEX_INCLUDE` and `FILTER_REGEX_EXCLUDE`, as they are not passed a list of files to lint. For those linters, you must check their documentation to see if a linter can be configured to ignore specific files. For example, the [Secretlint](https://megalinter.io/latest/descriptors/repository_secretlint/) linter ignores files listed in `~/.secretlintignore` by default, or it can be configured to instead ignore files listed in `~/.gitignore` by setting `REPOSITORY_SECRETLINT_ARGUMENTS` to `--secretlintignore .gitignore.`
 
 
 <!-- config-cli-lint-mode-section-end -->
@@ -9,15 +9,15 @@ description: Use config file with auto-completion to customize MegaLinter behavi
 # .mega-linter.yml file
 
 MegaLinter configuration variables are defined in a **.mega-linter.yml** file at the root of the repository or with **environment variables**.
-You can see an example config file in this repo: [**.mega-linter.yml**](https://github.com/oxsecurity/megalinter/blob/main/.mega-linter.yml)
+You can see an example config file in this repo: [**.mega-linter.yml**](https://github.com/oxsecurity/megalinter/blob/main/.mega-linter.yml).
 
-Configuration is assisted with autocompletion and validation in most commonly used IDEs, thanks to [JSON schema](https://megalinter.io/json-schemas/configuration.html) stored on [schemastore.org](https://www.schemastore.org/)
+Configuration is assisted with autocompletion and validation in most commonly used IDEs, thanks to the [JSON schema](https://megalinter.io/json-schemas/configuration.html) stored on [schemastore.org](https://www.schemastore.org/).
 
-- VSCode: You need a VSCode extension like [Red Hat YAML](https://marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml)
-- IDEA family: Auto-completion natively supported
+- VS Code: You need an extension like [Red Hat YAML](https://marketplace.visualstudio.com/items?itemName=redhat.vscode-yaml).
+- IntelliJ IDEA family: Autocompletion is supported natively.
 
 You can also define variables as environment variables.
-- In case a variable exists in both ENV and `.mega-linter.yml` file, priority is given to ENV variable.
+- If a variable exists in both ENV and the `.mega-linter.yml` file, priority is given to the ENV variable.
 
 ![Assisted configuration](https://github.com/oxsecurity/megalinter/raw/main/docs/assets/images/assisted-configuration.gif)
 
 
@@ -8,16 +8,16 @@ description: Exclude files from linting
 
 # Filter linted files
 
-If you need to lint only a folder or exclude some files from linting, you can use optional environment parameters `FILTER_REGEX_INCLUDE` and `FILTER_REGEX_EXCLUDE`
-You can apply filters to a single linter by defining variable `<LINTER_KEY>_FILTER_REGEX_INCLUDE` and `<LINTER_KEY>_FILTER_REGEX_EXCLUDE`
+If you need to lint only a folder or exclude some files from linting, you can use the optional environment parameters `FILTER_REGEX_INCLUDE` and `FILTER_REGEX_EXCLUDE`.
+You can apply filters to a single linter by defining the variables `<LINTER_KEY>_FILTER_REGEX_INCLUDE` and `<LINTER_KEY>_FILTER_REGEX_EXCLUDE`.
 
 Examples:
 
 - Lint only src folder: `FILTER_REGEX_INCLUDE: (src/)`
 - Don't lint files inside test and example folders: `FILTER_REGEX_EXCLUDE: (test/|examples/)`
 - Don't lint javascript files inside test folder: `FILTER_REGEX_EXCLUDE: (test/.*\.js)`
 
-Warning: not applicable with linters using CLI lint mode `project` ([see details](config-cli-lint-mode.md))
+Warning: Not applicable with linters using CLI lint mode `project` ([see details](config-cli-lint-mode.md)).
 
 
 <!-- config-filtering-section-end -->
@@ -8,15 +8,15 @@ description: Customize your MegaLinter run by running commands after linters are
 
 # Post-commands
 
-MegaLinter can run custom commands after running linters (for example, running additional tests)
+MegaLinter can run custom commands after running linters (for example, running additional tests).
 
 Example in `.mega-linter.yml` config file
 
 ```yaml
 POST_COMMANDS:
   - command: npm run test
     cwd: "workspace"   # Will be run at the root of the workspace (usually your repository root)
-    continue_if_failed: False  # Will stop the process if command is failed (return code > 0)
+    continue_if_failed: False  # Will stop the process if the command fails (return code > 0)
 ```