Skip to content

Re-enable checkmake #5817

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

Re-enable checkmake #5817

wants to merge 4 commits into from

Conversation

nvuillam
Copy link
Member

No description provided.

@Copilot Copilot AI review requested due to automatic review settings July 18, 2025 05:55
Copilot
Copilot AI reviewed Jul 18, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR re-enables the checkmake linter for Makefiles by removing the disabled configuration that was previously in place due to security concerns. The changes restore checkmake functionality across all MegaLinter flavors and deployment workflows.

  • Removes the disabled: true flag and security warning from the makefile descriptor
  • Adds checkmake back to all flavor configurations and Dockerfiles
  • Updates deployment workflows to include checkmake in the build matrix

Reviewed Changes

Copilot reviewed 24 out of 24 changed files in this pull request and generated no comments.

Show a summary per file
File Description
megalinter/descriptors/makefile.megalinter-descriptor.yml Removes disabled flag and security warning for checkmake
megalinter/descriptors/all_flavors.json Adds MAKEFILE_CHECKMAKE to all flavor configurations
flavors/*/flavor.json Adds checkmake to individual flavor linter lists
flavors/*/Dockerfile Adds checkmake Docker image and binary installation
Dockerfile Adds checkmake to main MegaLinter Docker image
.github/workflows/deploy-*.yml Adds checkmake to deployment workflow matrices

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 18, 2025
edited
Loading

⚠️MegaLinter analysis: Success with warnings

⚠️ PYTHON / bandit - 68 errors 
Run started:2025-09-17 21:30:19.655419

Test results:
>> Issue: [B404:blacklist] Consider possible security implications associated with the subprocess module.
   Severity: Low   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/blacklists/blacklist_imports.html#b404-import-subprocess
   Location: ./.automation/build.py:11:0
10	import shutil
11	import subprocess
12	import sys

--------------------------------------------------
>> Issue: [B105:hardcoded_password_string] Possible hardcoded password: ''
   Severity: Low   Confidence: Medium
   CWE: CWE-259 (https://cwe.mitre.org/data/definitions/259.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html
   Location: ./.automation/build.py:3045:35
3044	                api_github_headers = {"content-type": "application/json"}
3045	                use_github_token = ""
3046	                if "GITHUB_TOKEN" in os.environ:

--------------------------------------------------
>> Issue: [B105:hardcoded_password_string] Possible hardcoded password: ' (with GITHUB_TOKEN)'
   Severity: Low   Confidence: Medium
   CWE: CWE-259 (https://cwe.mitre.org/data/definitions/259.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b105_hardcoded_password_string.html
   Location: ./.automation/build.py:3049:39
3048	                    api_github_headers["authorization"] = f"Bearer {github_token}"
3049	                    use_github_token = " (with GITHUB_TOKEN)"
3050	                logging.info(

--------------------------------------------------
>> Issue: [B602:subprocess_popen_with_shell_equals_true] subprocess call with shell=True identified, security issue.
   Severity: High   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b602_subprocess_popen_with_shell_equals_true.html
   Location: ./.automation/build.py:3426:14
3425	        cwd=cwd,
3426	        shell=True,
3427	        executable=None if sys.platform == "win32" else which("bash"),
3428	    )
3429	    stdout = utils.clean_string(process.stdout)
3430	    logging.info(f"Format table results: ({process.returncode})\n" + stdout)
3431	
3432	
3433	def generate_version():
3434	    # npm version
3435	    logging.info("Updating npm package version…")

--------------------------------------------------
>> Issue: [B607:start_process_with_partial_path] Starting a process with a partial executable path
   Severity: Low   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b607_start_process_with_partial_path.html
   Location: ./.automation/build.py:3437:14
3436	    cwd_to_use = os.getcwd() + "/mega-linter-runner"
3437	    process = subprocess.run(
3438	        [
3439	            "npm",
3440	            "version",
3441	            "--newversion",
3442	            RELEASE_TAG,
3443	            "-no-git-tag-version",
3444	            "--no-commit-hooks",
3445	        ],
3446	        stdout=subprocess.PIPE,
3447	        universal_newlines=True,
3448	        cwd=cwd_to_use,
3449	        shell=True,
3450	    )
3451	    print(process.stdout)

--------------------------------------------------
>> Issue: [B602:subprocess_popen_with_shell_equals_true] subprocess call with shell=True identified, security issue.
   Severity: High   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b602_subprocess_popen_with_shell_equals_true.html
   Location: ./.automation/build.py:3449:14
3448	        cwd=cwd_to_use,
3449	        shell=True,
3450	    )
3451	    print(process.stdout)
3452	    print(process.stderr)
3453	    # Update python project version:
3454	    process = subprocess.run(
3455	        ["hatch", "version", RELEASE_TAG],
3456	        stdout=subprocess.PIPE,
3457	        text=True,
3458	        shell=True,
3459	        check=True,
3460	    )
3461	    # Update changelog
3462	    if UPDATE_CHANGELOG is True:
3463	        changelog_file = f"{REPO_HOME}/CHANGELOG.md"

--------------------------------------------------
>> Issue: [B607:start_process_with_partial_path] Starting a process with a partial executable path
   Severity: Low   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b607_start_process_with_partial_path.html
   Location: ./.automation/build.py:3454:14
3453	    # Update python project version:
3454	    process = subprocess.run(
3455	        ["hatch", "version", RELEASE_TAG],
3456	        stdout=subprocess.PIPE,
3457	        text=True,
3458	        shell=True,
3459	        check=True,
3460	    )
3461	    # Update changelog

--------------------------------------------------
>> Issue: [B602:subprocess_popen_with_shell_equals_true] subprocess call with shell=True identified, security issue.
   Severity: High   Confidence: High
   CWE: CWE-78 (https://cwe.mitre.org/data/definitions/78.html)
   More Info: https://bandit.readthedocs.io/en/1.8.6/plugins/b602_subprocess_popen_with_shell_equals_true.html
   Location: ./.automation/build.py:3458:14
3457	        text=True,
3458	        shell=True,
3459	        check=True,
3460	    )
3461	    # Update changelog
3462	    if UPDATE_CHANGELOG is True:
3463	        changelog_file = f"{REPO_HOME}/CHANGELOG.md"
3464	        with open(changelog_file, "r", encoding="utf-8") as md_file:
3465	            changelog_content = md_file.read()

--------------------------------------------------
>> Issue: [B60

(Truncated to 5714 characters out of 43076)
⚠️ BASH / bash-exec - 1 error 
Results of bash-exec linter (version 5.2.37)
See documentation on https://megalinter.io/beta/descriptors/bash_bash_exec/
-----------------------------------------------

✅ [SUCCESS] .automation/build_schemas_doc.sh
✅ [SUCCESS] .automation/format-tables.sh
✅ [SUCCESS] .vscode/testlinter.sh
✅ [SUCCESS] build.sh
✅ [SUCCESS] entrypoint.sh
❌ [ERROR] sh/megalinter_exec
    Error: File:[sh/megalinter_exec] is not executable
⚠️ REPOSITORY / grype - 31 errors 
[0000]  WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal)
NAME                           INSTALLED  FIXED IN  TYPE    VULNERABILITY        SEVERITY  EPSS           RISK   
ejs                            3.1.6      3.1.7     npm     GHSA-phwq-j96m-2c2q  Critical  93.5% (99th)   87.9   
tar                            6.0.1      6.1.1     npm     GHSA-3jfq-g458-7qm9  High      85.7% (99th)   67.3   
requests                       2.24.0     2.31.0    python  GHSA-j8r2-6x86-q33q  Medium    6.1% (90th)    3.4    
ip                             1.1.5                npm     GHSA-2p57-rm9w-gvfp  High      2.8% (85th)    2.2    
minimist                       1.2.5      1.2.6     npm     GHSA-xvch-5gv4-984h  Critical  1.2% (78th)    1.1    
ejs                            3.1.6      3.1.10    npm     GHSA-ghr5-ch3p-vcr6  Medium    1.3% (78th)    0.6    
tar                            6.0.1      6.1.9     npm     GHSA-5955-9wpr-37jh  High      0.6% (68th)    0.5    
node-fetch                     2.6.6      2.6.7     npm     GHSA-r683-j2x4-v87g  High      0.5% (65th)    0.4    
minimatch                      3.0.4      3.0.5     npm     GHSA-f8q6-p94x-37v3  High      0.5% (63rd)    0.3    
semver                         7.3.5      7.5.2     npm     GHSA-c2qf-rxjj-qqgw  High      0.4% (61st)    0.3    
braces                         3.0.2      3.0.3     npm     GHSA-grv7-fg5c-xmjg  High      0.2% (45th)    0.2    
tar                            6.0.1      6.1.2     npm     GHSA-r628-mhmh-qjhw  High      0.2% (43rd)    0.2    
ansi-regex                     3.0.0      3.0.1     npm     GHSA-93q8-gq69-wqmw  High      0.2% (44th)    0.2    
@octokit/request-error         2.1.0      5.1.1     npm     GHSA-xx4v-prfh-6cgc  Medium    0.3% (50th)    0.1    
@octokit/request               5.6.2      8.4.1     npm     GHSA-rmvr-2pp2-xj38  Medium    0.2% (47th)    0.1    
http-cache-semantics           4.1.0      4.1.1     npm     GHSA-rc47-6667-2j5j  High      0.2% (37th)    0.1    
ip                             1.1.5      1.1.9     npm     GHSA-78xj-cgh5-2h22  Low       0.4% (59th)    0.1    
tar                            6.0.1      6.2.1     npm     GHSA-f5x3-32g6-xq36  Medium    0.2% (42nd)    0.1    
tar                            6.1.11     6.2.1     npm     GHSA-f5x3-32g6-xq36  Medium    0.2% (42nd)    0.1    
cross-spawn                    7.0.3      7.0.5     npm     GHSA-3xgq-45jj-v275  High      0.1% (33rd)    < 0.1  
micromatch                     4.0.4      4.0.8     npm     GHSA-952p-6rrq-rcjv  Medium    0.1% (32nd)    < 0.1  
@octokit/plugin-paginate-rest  2.17.0     9.2.2     npm     GHSA-h5c3-5r3r-rr8q  Medium    0.1% (31st)    < 0.1  
requests                       2.24.0     2.32.4    python  GHSA-9hjg-9r4m-mvj7  Medium    < 0.1% (23rd)  < 0.1  
debug                          4.2.0      4.3.1     npm     GHSA-gxpj-cx7g-858c  Low       < 0.1% (27th)  < 0.1  
tar                            6.0.1      6.1.7     npm     GHSA-9r2w-394v-53qc  High      < 0.1% (6th)   < 0.1  
word-wrap                      1.2.3      1.2.4     npm     GHSA-j8xg-fqg3-53r7  Medium    < 0.1% (12th)  < 0.1  
tar                            6.0.1      6.1.9     npm     GHSA-qq89-hq3f-393p  High      < 0.1% (4th)   < 0.1  
requests                       2.24.0     2.32.0    python  GHSA-9wx4-h78v-vm56  Medium    < 0.1% (7th)   < 0.1  
tmp                            0.0.33     0.2.4     npm     GHSA-52f5-9888-hmc6  Low       < 0.1% (9th)   < 0.1  
brace-expansion                1.1.11     1.1.12    npm     GHSA-v6h2-p8h4-qcjw  Low       < 0.1% (4th)   < 0.1  
brace-expansion                2.0.1      2.0.2     npm     GHSA-v6h2-p8h4-qcjw  Low       < 0.1% (4th)   < 0.1
[0030] ERROR discovered vulnerabilities at or above the severity threshold
⚠️ SPELL / lychee - 10 errors 
[WARN ] WARNING: `--exclude-mail` is deprecated and will soon be removed; E-Mail is no longer checked by default. Use `--include-mail` to enable E-Mail checking.
[403] https://htmlhint.com/integrations/task-runner/ | Network error: Forbidden
[403] https://htmlhint.com/integrations/task-runner/ | Error (cached)
[403] https://htmlhint.com/ | Network error: Forbidden
[403] https://htmlhint.com/docs/user-guide/list-rules | Network error: Forbidden
[403] https://htmlhint.com/configuration/ | Network error: Forbidden
[404] https://plugins.jetbrains.com/plugin/11563-flake8-support | Network error: Not Found
[404] https://marketplace.visualstudio.com/items?itemName=ForceConfigControl.lightningflowscanner | Network error: Not Found
[404] https://raku.org/camelia-logo.png | Network error: Not Found
[500] https://docs.stoplight.io/docs/spectral/9ffa04e052cc1-spectral-cli#using-a-ruleset-file | Network error: Internal Server Error
[500] https://docs.stoplight.io/docs/spectral/4dec24461f3af-open-api-rules | Network error: Internal Server Error
[TIMEOUT] https://www.nongnu.org/chktex | Timeout
📝 Summary
---------------------
🔍 Total.........2358
✅ Successful....1889
⏳ Timeouts.........1
🔀 Redirected.......0
👻 Excluded.......458
❓ Unknown..........0
🚫 Errors..........10

Errors in megalinter/descriptors/latex.megalinter-descriptor.yml
[TIMEOUT] https://www.nongnu.org/chktex | Timeout

Errors in README.md
[403] https://htmlhint.com/integrations/task-runner/ | Network error: Forbidden

Errors in megalinter/descriptors/salesforce.megalinter-descriptor.yml
[404] https://marketplace.visualstudio.com/items?itemName=ForceConfigControl.lightningflowscanner | Network error: Not Found

Errors in megalinter/descriptors/raku.megalinter-descriptor.yml
[404] https://raku.org/camelia-logo.png | Network error: Not Found

Errors in megalinter/descriptors/api.megalinter-descriptor.yml
[500] https://docs.stoplight.io/docs/spectral/4dec24461f3af-open-api-rules | Network error: Internal Server Error
[500] https://docs.stoplight.io/docs/spectral/9ffa04e052cc1-spectral-cli#using-a-ruleset-file | Network error: Internal Server Error

Errors in megalinter/descriptors/python.megalinter-descriptor.yml
[404] https://plugins.jetbrains.com/plugin/11563-flake8-support | Network error: Not Found

Errors in megalinter/descriptors/html.megalinter-descriptor.yml
[403] https://htmlhint.com/ | Network error: Forbidden
[403] https://htmlhint.com/integrations/task-runner/ | Error (cached)
[403] https://htmlhint.com/configuration/ | Network error: Forbidden
[403] https://htmlhint.com/docs/user-guide/list-rules | Network error: Forbidden
⚠️ MARKDOWN / markdownlint - 308 errors 
.github/copilot-instructions.md:9 MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
.github/copilot-instructions.md:156 MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
.github/linters/valestyles/proselint/README.md:12:601 MD013/line-length Line length [Expected: 600; Actual: 755]
CHANGELOG.md:2160:87 MD059/descriptive-link-text Link text should be descriptive [Context: "[here]"]
docs/articles.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "They talk about MegaLinter"]
docs/badge.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Badge"]
docs/config-activation.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Activation and deactivation"]
docs/config-apply-fixes.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Apply fixes"]
docs/config-cli-lint-mode.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "CLI lint mode"]
docs/config-file.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: ".mega-linter.yml file"]
docs/config-filtering.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Filter linted files"]
docs/config-linters.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Linter specific variables"]
docs/config-postcommands.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Post-commands"]
docs/config-precommands.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Pre-commands"]
docs/config-variables-security.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Environment variables security"]
docs/config-variables.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Common variables"]
docs/configuration.md:9 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Configuration"]
docs/descriptors/action_actionlint.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "actionlint"]
docs/descriptors/action.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "ACTION"]
docs/descriptors/ansible_ansible_lint.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "ansible-lint"]
docs/descriptors/ansible_ansible_lint.md:8:601 MD013/line-length Line length [Expected: 600; Actual: 795]
docs/descriptors/ansible.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "ANSIBLE"]
docs/descriptors/api_spectral.md:14:601 MD013/line-length Line length [Expected: 600; Actual: 746]
docs/descriptors/api.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "API"]
docs/descriptors/arm_arm_ttk.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "arm-ttk"]
docs/descriptors/arm.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "ARM"]
docs/descriptors/bash_bash_exec.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "bash-exec"]
docs/descriptors/bash_shellcheck.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "shellcheck"]
docs/descriptors/bash_shellcheck.md:8:601 MD013/line-length Line length [Expected: 600; Actual: 785]
docs/descriptors/bash_shfmt.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "shfmt"]
docs/descriptors/bash.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "BASH"]
docs/descriptors/bicep_bicep_linter.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "bicep_linter"]
docs/descriptors/bicep.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "BICEP"]
docs/descriptors/c_clang_format.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "clang-format"]
docs/descriptors/c_clang_format.md:8:601 MD013/line-length Line length [Expected: 600; Actual: 768]
docs/descriptors/c_cppcheck.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "cppcheck"]
docs/descriptors/c_cpplint.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "cpplint"]
docs/descriptors/c.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "C"]
docs/descriptors/clojure_cljstyle.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "cljstyle"]
docs/descriptors/clojure_cljstyle.md:8:601 MD013/line-length Line length [Expected: 600; Actual: 768]
docs/descriptors/clojure.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "CLOJURE"]
docs/descriptors/cloudformation_cfn_lint.md:14:601 MD013/line-length Line length [Expected: 600; Actual: 865]
docs/descriptors/cloudformation.md:8 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "CLOUDFORMATION"]
docs/descriptors/coffee_coffeelint.md:7 MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "coffeelint"]
docs/descriptors/coffee_coffeelint.md:8:601 MD013/line

(Truncated to 5714 characters out of 38262)
⚠️ YAML / prettier - 6 errors 
.automation/plugins.yml 125ms (unchanged)
.github/FUNDING.yml 6ms (unchanged)
.github/dependabot.yml 38ms (unchanged)
.github/linters/.cfnlintrc.yml 2ms (unchanged)
.github/linters/.checkov.yml 7ms (unchanged)
.github/linters/.golangci.yml 11ms (unchanged)
.github/linters/.hadolint.yml 3ms (unchanged)
.github/linters/.openapirc.yml 3ms (unchanged)
.github/linters/.protolintrc.yml 7ms (unchanged)
.github/linters/.ruby-lint.yml 2ms (unchanged)
.github/linters/.yamllint.yml 12ms (unchanged)
.github/linters/analysis_options.yml 11ms (unchanged)
.github/linters/valestyles/Microsoft/AMPM.yml 4ms (unchanged)
.github/linters/valestyles/Microsoft/Accessibility.yml 5ms (unchanged)
.github/linters/valestyles/Microsoft/Acronyms.yml 22ms (unchanged)
.github/linters/valestyles/Microsoft/Adverbs.yml 41ms (unchanged)
.github/linters/valestyles/Microsoft/Auto.yml 7ms (unchanged)
.github/linters/valestyles/Microsoft/Avoid.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/ComplexWords.yml 50ms (unchanged)
.github/linters/valestyles/Microsoft/Contractions.yml 7ms (unchanged)
.github/linters/valestyles/Microsoft/Dashes.yml 11ms (unchanged)
.github/linters/valestyles/Microsoft/DateFormat.yml 3ms (unchanged)
.github/linters/valestyles/Microsoft/DateNumbers.yml 4ms (unchanged)
.github/linters/valestyles/Microsoft/DateOrder.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Ellipses.yml 4ms (unchanged)
.github/linters/valestyles/Microsoft/FirstPerson.yml 3ms (unchanged)
.github/linters/valestyles/Microsoft/Foreign.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Gender.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/GenderBias.yml 7ms (unchanged)
.github/linters/valestyles/Microsoft/GeneralURL.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/HeadingAcronyms.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/HeadingColons.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/HeadingPunctuation.yml 4ms (unchanged)
.github/linters/valestyles/Microsoft/Headings.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Hyphens.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Negative.yml 3ms (unchanged)
.github/linters/valestyles/Microsoft/Ordinal.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/OxfordComma.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Passive.yml 12ms (unchanged)
.github/linters/valestyles/Microsoft/Percentages.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Quotes.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/RangeFormat.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/RangeTime.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Ranges.yml 6ms (unchanged)
.github/linters/valestyles/Microsoft/Semicolon.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/SentenceLength.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Spacing.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Suspended.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Terms.yml 6ms (unchanged)
.github/linters/valestyles/Microsoft/URLFormat.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Units.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Vocab.yml 5ms (unchanged)
.github/linters/valestyles/Microsoft/We.yml 2ms (unchanged)
.github/linters/valestyles/Microsoft/Wordiness.yml 17ms (unchanged)
.github/linters/valestyles/proselint/Airlinese.yml 2ms (unchanged)
.github/linters/valestyles/proselint/AnimalLabels.yml 7ms (unchanged)
.github/linters/valestyles/proselint/Annotations.yml 5ms (unchanged)
.github/linters/valestyles/proselint/Apologizing.yml 2ms (unchanged)
.github/linters/valestyles/proselint/Archaisms.yml 5ms (unchanged)
.github/linters/valestyles/proselint/But.yml 3ms (unchanged)
.github/linters/valestyles/proselint/Cliches.yml 90ms (unchanged)
.github/linters/valestyles/proselint/CorporateSpeak.yml 5ms (unchanged)
.github/linters/valestyles/proselint/Currency.yml 1ms (unchanged)
.github/linters/valestyles/proselint/Cursing.yml 2ms (unchanged)
.github/linters/valestyles/proselint/DateCase.yml 2ms (unchanged)
.github/linters/valestyles/proselint/DateMidnight.yml 2ms (unchanged)
.github/linters/valestyles/proselint/DateRedundancy.yml 2ms (unchanged)
.github/linters/valestyles/proselint/DateSpacing.yml 1ms (unchanged)
.github/linters/valestyles/proselint/DenizenLabels.yml 13ms (unchanged)
.github/linters/valestyles/proselint/Diacritical.yml 30ms (unchanged)
.github/linters/valestyles/proselint/GenderBias.yml 11ms (unchanged)
.github/linters/valestyles/proselint/GroupTerms.yml 4ms (unchanged)
.github/linters/valestyles/proselint/Hedging.yml 2ms (unchanged)
.github/linters/valestyles/proselint/Hyperbole.yml 1ms (unchanged)
.github/linters/valestyles/proselint/Jargon.yml 1ms (unchanged)
.github/linters/valestyles/proselint/LGBTOffensive.yml 2ms (unchanged)
.github/linters/valestyles/proselint/LGBTTerms.yml 2ms (unchanged)
.github/linters/valestyles/proselint/Malapropisms.yml 1ms (unchanged)
.github/linters/valestyles/proselint/Needless.yml 86ms (unchanged)
.github/linters/valestyles/proselint/Nonwords.yml 8ms (unchanged)
.github/linters/valestyles/proselint/Oxymorons.yml 6ms (unchanged)
.github/linters/valestyles/proselint/P-Value.yml 5ms (unchanged)
.github/linters/valestyles/proselint/RASSyndrome.yml 2ms (unchanged)
.github/linters/valestyles/proselint/Skunked.yml 3ms (unchanged)
.github/linters/valestyles/proselint/Spelling.yml 6ms (unchanged)
.github/linters/valestyles/proselint/Typography.yml 3ms (unchanged)
.github/linters/valestyles/proselint/Uncomparables.yml 14ms (unchanged)
.github/linters/valestyles/proselint/Very.yml 2ms (unchanged)
.github/release-drafter.yml 16ms (unchanged)
.gitpod.yml 2ms (

(Truncated to 5714 characters out of 11333)
⚠️ YAML / yamllint - 186 errors 
.automation/plugins.yml
  1:1       warning  missing document start "---"  (document-start)

.github/FUNDING.yml
  3:1       warning  missing document start "---"  (document-start)

.github/dependabot.yml
  4:1       warning  missing document start "---"  (document-start)

.github/linters/.cfnlintrc.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/.checkov.yml
  2:1       warning  missing document start "---"  (document-start)

.github/linters/.golangci.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/.hadolint.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/.protolintrc.yml
  2:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/AMPM.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Accessibility.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Acronyms.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Adverbs.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Auto.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Avoid.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/ComplexWords.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Contractions.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Dashes.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/DateFormat.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/DateNumbers.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/DateOrder.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Ellipses.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/FirstPerson.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Foreign.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Gender.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/GenderBias.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/GeneralURL.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/HeadingAcronyms.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/HeadingColons.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/HeadingPunctuation.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Headings.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Hyphens.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Negative.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Ordinal.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/OxfordComma.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Passive.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Percentages.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Quotes.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/RangeFormat.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/RangeTime.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Ranges.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Semicolon.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/SentenceLength.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Spacing.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Suspended.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Terms.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/URLFormat.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Units.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/Vocab.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft/We.yml
  1:1       warning  missing document start "---"  (document-start)

.github/linters/valestyles/Microsoft

(Truncated to 5714 characters out of 21075)

✅ Linters with no issues

black, cspell, flake8, git_diff, hadolint, isort, jscpd, jsonlint, markdown-table-formatter, mypy, npm-groovy-lint, pylint, ruff, secretlint, shellcheck, shfmt, spectral, syft, trivy, trivy-sbom, trufflehog, v8r, v8r, xmllint

See detailed reports in MegaLinter artifacts

MegaLinter is graciously provided by OX Security

@github-actions GitHub Actions
Copy link
Contributor

This pull request has been automatically marked as stale because it has not had recent activity.
It will be closed in 14 days if no further activity occurs.
Thank you for your contributions.

If you think this pull request should stay open, please remove the O: stale 🤖 label or comment on the pull request.

@github-actions github-actions bot added the O: stale 🤖 This issue or pull request is stale, it will be closed if there is no activity label Aug 27, 2025
@github-actions github-actions bot closed this Sep 11, 2025
@echoix echoix reopened this Sep 11, 2025
@github-actions github-actions bot removed the O: stale 🤖 This issue or pull request is stale, it will be closed if there is no activity label Sep 12, 2025
cursor[bot]
cursor bot reviewed Sep 17, 2025
View reviewed changes
Copy link

@cursor cursor bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR is being reviewed by Cursor Bugbot

Details

Your team is on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle for each member of your team.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

Bug: Security Risks with Re-enabled Linter

Re-enabling the checkmake linter, which was previously disabled due to known security issues (checkmake/checkmake#99). There's no indication these security concerns have been resolved, potentially reintroducing known vulnerabilities.

megalinter/descriptors/makefile.megalinter-descriptor.yml#L35-L37

megalinter/megalinter/descriptors/makefile.megalinter-descriptor.yml

Lines 35 to 37 in 1f7aed5

- **Build optimization suggestions** improving compilation efficiency
name: MAKEFILE_CHECKMAKE
linter_url: https://github.com/mrtazz/checkmake

megalinter/descriptors/makefile.megalinter-descriptor.yml#L25-L28

megalinter/megalinter/descriptors/makefile.megalinter-descriptor.yml

Lines 25 to 28 in 1f7aed5

- **Makefile rule validation** ensuring proper target and dependency syntax
- **Proper indentation checking** verifying correct tab usage vs. spaces
- **Variable usage verification** detecting undefined or misused variables
- **Target naming convention enforcement** following Makefile best practices

Fix in Cursor Fix in Web

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@cursor cursor[bot] cursor[bot] left review comments

@echoix echoix Awaiting requested review from echoix echoix is a code owner

@bdovaz bdovaz Awaiting requested review from bdovaz bdovaz is a code owner

@Kurt-von-Laven Kurt-von-Laven Awaiting requested review from Kurt-von-Laven Kurt-von-Laven is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nvuillam @echoix