Open
Conversation
…se them Tests for presence of particular words in error messages. If found, replaces the message with 'No details' and outputs the error message to the error console instead
edwardcrichton
force-pushed
the
feature/trapErrorMessages
branch
from
4860f39 to
c035529
Compare
✅
|
| Descriptor | Linter | Files | Fixed | Errors | Warnings | Elapsed time |
|---|---|---|---|---|---|---|
| ✅ ACTION | actionlint | 1 | 0 | 0 | 0.02s | |
| ✅ API | spectral | 1 | 0 | 0 | 1.31s | |
| bash-exec | 10 | 9 | 0 | 0.05s | ||
| shellcheck | 10 | 21 | 0 | 0.57s | ||
| shfmt | 10 | 10 | 0 | 0.01s | ||
| jscpd | yes | 463 | no | 44.54s | ||
| npm-groovy-lint | 558 | 3 | 12909 | 455.37s | ||
| ✅ JSON | jsonlint | 11 | 0 | 0 | 0.19s | |
| prettier | 11 | 1 | 0 | 1.82s | ||
| ✅ JSON | v8r | 11 | 0 | 0 | 6.31s | |
| markdownlint | 6 | 27 | 0 | 0.75s | ||
| ✅ MARKDOWN | markdown-table-formatter | 6 | 0 | 0 | 0.36s | |
| checkov | yes | 5 | no | 60.87s | ||
| gitleaks | yes | 1 | 9 | 299.39s | ||
| ✅ REPOSITORY | git_diff | yes | no | no | 0.1s | |
| grype | yes | no | 1 | 86.14s | ||
| ✅ REPOSITORY | secretlint | yes | no | no | 6.18s | |
| ✅ REPOSITORY | syft | yes | no | no | 10.98s | |
| trivy | yes | 1 | no | 22.25s | ||
| ✅ REPOSITORY | trivy-sbom | yes | no | no | 0.73s | |
| ✅ REPOSITORY | trufflehog | yes | no | no | 12.13s | |
| cspell | 641 | 7429 | 0 | 224.25s | ||
| lychee | 30 | 90 | 0 | 92.92s | ||
| xmllint | 7 | 1 | 0 | 1.34s | ||
| prettier | 13 | 1 | 11 | 0.73s | ||
| ✅ YAML | v8r | 13 | 0 | 0 | 5.0s | |
| yamllint | 13 | 38 | 0 | 0.71s |
Detailed Issues
⚠️ BASH / bash-exec - 9 errors
Results of bash-exec linter (version 5.3.3)
See documentation on https://megalinter.io/9.3.0/descriptors/bash_bash_exec/
-----------------------------------------------
✅ [SUCCESS] gradlew
❌ [ERROR] mauro-api/docker/all/micronaut/micronaut-startup.sh
Error: File:[mauro-api/docker/all/micronaut/micronaut-startup.sh] is not executable
❌ [ERROR] mauro-api/docker/all/postgres/micronaut-config-for-postgres.sh
Error: File:[mauro-api/docker/all/postgres/micronaut-config-for-postgres.sh] is not executable
❌ [ERROR] mauro-api/docker/all/postgres/postgres-shutdown.sh
Error: File:[mauro-api/docker/all/postgres/postgres-shutdown.sh] is not executable
❌ [ERROR] mauro-api/docker/all/postgres/postgres-startup.sh
Error: File:[mauro-api/docker/all/postgres/postgres-startup.sh] is not executable
❌ [ERROR] mauro-api/docker/all/startup/docker-environment.sh
Error: File:[mauro-api/docker/all/startup/docker-environment.sh] is not executable
❌ [ERROR] mauro-api/docker/all/startup/docker-startup.sh
Error: File:[mauro-api/docker/all/startup/docker-startup.sh] is not executable
❌ [ERROR] mauro-api/docker/noDB/micronaut/micronaut-startup.sh
Error: File:[mauro-api/docker/noDB/micronaut/micronaut-startup.sh] is not executable
❌ [ERROR] mauro-api/docker/noDB/startup/docker-environment.sh
Error: File:[mauro-api/docker/noDB/startup/docker-environment.sh] is not executable
❌ [ERROR] mauro-api/docker/noDB/startup/docker-startup.sh
Error: File:[mauro-api/docker/noDB/startup/docker-startup.sh] is not executable
⚠️ REPOSITORY / checkov - 5 errors
dockerfile scan results:
Passed checks: 189, Failed checks: 1, Skipped checks: 0
Check: CKV_DOCKER_3: "Ensure that a user for the container has been created"
FAILED for resource: /mauro-api/build/docker/main/Dockerfile.
File: /mauro-api/build/docker/main/Dockerfile:1-56
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/docker-policies/docker-policy-index/ensure-that-a-user-for-the-container-has-been-created
Code lines for this resource are too many. Please use IDE of your choice to review the file.
secrets scan results:
Passed checks: 0, Failed checks: 1, Skipped checks: 0
Check: CKV_SECRET_6: "Base64 High Entropy String"
FAILED for resource: HIDDEN_BY_MEGALINTER File: /keycloak/docker-compose.yml:14-15
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/secrets-policies/secrets-policy-index/git-secrets-6
14 | KC_CLIENT_SECRET: ZBXabk**********
github_actions scan results:
Passed checks: 64, Failed checks: 0, Skipped checks: 0
openapi scan results:
Passed checks: 2, Failed checks: 3, Skipped checks: 0
Check: CKV_OPENAPI_4: "Ensure that the global security field has rules defined"
FAILED for resource: security
File: /mauro-api/build/classes/groovy/main/META-INF/swagger/mauro-0.0.yml:1-15428
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/api-policies/openapi-policies/ensure-that-the-global-security-field-has-rules-defined
Code lines for this resource are too many. Please use IDE of your choice to review the file.
Check: CKV_OPENAPI_5: "Ensure that security operations is not empty."
FAILED for resource: security
File: /mauro-api/build/classes/groovy/main/META-INF/swagger/mauro-0.0.yml:1-15428
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/api-policies/openapi-policies/ensure-that-security-operations-is-not-empty
Code lines for this resource are too many. Please use IDE of your choice to review the file.
Check: CKV_OPENAPI_21: "Ensure that arrays have a maximum number of items"
FAILED for resource: paths
File: /mauro-api/build/classes/groovy/main/META-INF/swagger/mauro-0.0.yml:201-207
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/api-policies/openapi-policies/bc-openapi-21
201 | type: array
202 | items:
203 | type: object
204 | additionalProperties:
205 | type: string
206 | /api/admin/properti
(Truncated to 2500 characters out of 2520)
⚠️ SPELL / cspell - 7429 errors
.gitattributes:17:3 - Unknown word (jspf) -- *.jspf text
Suggestions: [jsp, spf, SPF, psf, sfp]
.github/workflows/gradle.yml:36:27 - Unknown word (isready) -- --health-cmd pg_isready
Suggestions: [ready, sired, israel, israeli, israels]
.github/workflows/gradle.yml:49:24 - Unknown word (temurin) -- distribution: 'temurin'
Suggestions: [turin, tamarin, timurid, tenuring, Turin]
.github/workflows/gradle.yml:57:14 - Unknown word (gradlew) -- run: ./gradlew --version
Suggestions: [gradle, gradely, grade, grable, graded]
.github/workflows/gradle.yml:60:14 - Unknown word (gradlew) -- run: ./gradlew test
Suggestions: [gradle, gradely, grade, grable, graded]
.github/workflows/gradle.yml:63:13 - Unknown word (dorny) -- uses: dorny/test-reporter@v1
Suggestions: [dory, donny, dorky, dormy, dorty]
.github/workflows/gradle.yml:71:14 - Unknown word (gradlew) -- run: ./gradlew dockerBuild
Suggestions: [gradle, gradely, grade, grable, graded]
.github/workflows/gradle.yml:88:27 - Unknown word (codenarc) -- -r "file:config/codenarc/codenarc.groovy"
Suggestions: [codename, codeName, Codename, CodeName, codec]
.github/workflows/gradle.yml:88:36 - Unknown word (codenarc) -- file:config/codenarc/codenarc.groovy"
Suggestions: [codename, codeName, Codename, CodeName, codec]
.github/workflows/gradle.yml:89:36 - Unknown word (codenarc) -- RULES_PATH: 'config/codenarc'
Suggestions: [codename, codeName, Codename, CodeName, codec]
.github/workflows/gradle.yml:91:9 - Unknown word (SARIF) -- SARIF_REPORTER: true
Suggestions: [SARI, SARIS, SERIF, SHARIF, Sharif]
.github/workflows/gradle.yml:92:9 - Unknown word (SARIF) -- SARIF_REPORTER_LINTERS: ACTION
Suggestions: [SARI, SARIS, SERIF, SHARIF, Sharif]
.github/workflows/gradle.yml:92:79 - Unknown word (SHFMT) -- SPECTRAL,BASH_EXEC,BASH_SHFMT,COPYPASTE_JSCPD,GROOVY
Suggestions: [SHAM, SHAT, SHIM, SHIT, SHMO]
.github/workflows/gradle.yml:92:129 - Unknown word (JSONLINT) -- NPM_GROOVY_LINT,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER
Suggestions: [JSLINT, JOSTLING, JOINT, JSONL, JOLIET]
.github/workflows/gradle.yml:92:307 - Unknown word (SYFT) -- SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY
Suggestions: [SIFT, SOFT, SYST, LYFT, Lyft]
.github/workflows/gradle.yml:106:41 - Unknown word (sarif) -- codeql-action/upload-sarif@v4
Suggestions: [sari, saris, serif, sharif, sadi]
.github/workflow
(Truncated to 2500 characters out of 1707244)
⚠️ REPOSITORY / gitleaks - 1 error
warning: generic-api-key has detected secret for file keycloak/docker-compose.yml at commit 4c74db14158b865558ac9d9c648fecd0e2b31fc5.
┌─ keycloak/docker-compose.yml:14:8
│
14 │ KC_CLIENT_SECRET: ZBXabk0H3TbnOlCvD4nrWzfSf32Ibgsx
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
warning: generic-api-key has detected secret for file mauro-api/src/test/groovy/org/maurodata/federation/SubscribedCatalogueIntegrationSpec.groovy at commit 4c74db14158b865558ac9d9c648fecd0e2b31fc5.
┌─ mauro-api/src/test/groovy/org/maurodata/federation/SubscribedCatalogueIntegrationSpec.groovy:89:10
│
89 │ subscribedCatalogue.apiKey == 'b39d63d4-4fd4-494d-a491-3c778d89acae'
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
warning: jwt has detected secret for file mauro-api/src/test/groovy/org/maurodata/security/MauroOpenIdAuthenticationMapperSpec.groovy at commit 4c74db14158b865558ac9d9c648fecd0e2b31fc5.
┌─ mauro-api/src/test/groovy/org/maurodata/security/MauroOpenIdAuthenticationMapperSpec.groovy:105:28
│
105 │ String idToken = 'HIDDEN_BY_MEGALINTER
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
warning: generic-api-key has detected secret for file mauro-client/README.md at commit 4c74db14158b865558ac9d9c648fecd0e2b
(Truncated to 2500 characters out of 2214072)
⚠️ REPOSITORY / grype - 1 warning
note: A low vulnerability in java-archive package: logback-core, version 1.5.19 was found at: /mauro-api/build/docker/main/layers/libs/logback-core-1.5.19.jar
⚠️ COPYPASTE / jscpd - 463 errors
Clone found (groovy):
- mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonFolderImporterPluginSpec.groovy [1:1 - 9:10] (8 lines, 91 tokens)
mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonTerminologyImporterPluginSpec.groovy [1:1 - 9:12]
Clone found (groovy):
- mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonFolderImporterPluginSpec.groovy [11:1 - 17:21] (6 lines, 76 tokens)
mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonTerminologyImporterPluginSpec.groovy [9:1 - 15:26]
Clone found (groovy):
- mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonFolderImporterPluginSpec.groovy [80:13 - 112:76] (32 lines, 272 tokens)
mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonFolderImporterPluginSpec.groovy [39:13 - 70:37]
Clone found (groovy):
- mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonFolderImporterPluginSpec.groovy [115:13 - 125:2] (10 lines, 87 tokens)
mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonFolderImporterPluginSpec.groovy [39:13 - 50:14]
Clone found (groovy):
- mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonDataModelImporterPluginSpec.groovy [1:1 - 9:6] (8 lines, 85 tokens)
mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonTerminologyImporterPluginSpec.groovy [1:1 - 9:4]
Clone found (groovy):
- mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonDataModelImporterPluginSpec.groovy [75:13 - 93:2] (18 lines, 147 tokens)
mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonDataModelImporterPluginSpec.groovy [40:13 - 58:2]
Clone found (groovy):
- mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonDataModelImporterPluginSpec.groovy [94:9 - 99:15] (5 lines, 65 tokens)
mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonDataModelImporterPluginSpec.groovy [59:9 - 64:2]
Clone found (groovy):
- mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonDataModelImporterPluginSpec.groovy [115:21 - 135:2] (20 lines, 122 tokens)
mauro-domain/src/test/groovy/org/maurodata/test/plugin/importer/json/JsonFolderImporterPluginSpec.groovy [121:17 - 139:2]
Clone found (groovy):
- mauro-persistence/src/main/groovy/org/maurodata/persistence/terminology/dto/TermRelationshipTypeDTORepository.groovy
(Truncated to 2500 characters out of 122207)
⚠️ SPELL / lychee - 90 errors
[ERROR] http://localhost:2345/ | Network error: error sending request for url (http://localhost:2345/) Maybe a certificate error?
[ERROR] http://localhost:8088/oauth/callback/keycloak | Network error: error sending request for url (http://localhost:8088/oauth/callback/keycloak) Maybe a certificate error?
[ERROR] http://localhost:9009/auth | Network error: error sending request for url (http://localhost:9009/auth) Maybe a certificate error?
[ERROR] http://localhost:8088/oauth/login/keycloak | Network error: error sending request for url (http://localhost:8088/oauth/login/keycloak) Maybe a certificate error?
[ERROR] http://localhost:8088/ | Network error: error sending request for url (http://localhost:8088/) Maybe a certificate error?
[IGNORED] postgresql://localhost:5432/sandbox?reWriteBatchedInserts=true | Unsupported: Error creating request client: builder error for url (postgresql://localhost:5432/sandbox?reWriteBatchedInserts=true)
[IGNORED] postgresql://localhost:5432/sandbox | Unsupported: Error creating request client: builder error for url (postgresql://localhost:5432/sandbox)
[IGNORED] postgresql://localhost:5432/sandbox | Unsupported: Error creating request client: builder error for url (postgresql://localhost:5432/sandbox)
[IGNORED] postgresql://localhost:5432/sandbox | Unsupported: Error creating request client: builder error for url (postgresql://localhost:5432/sandbox)
[404] https://megalinter.io/configuration/ | Network error: Not Found
[404] https://docs.micronaut.io/4.1.4/api/io/micronaut/context/annotation/Primary.html | Network error: Not Found
[404] https://raw.githubusercontent.com/MauroDataMapper/mauro-micronaut/main/ready-configuration/quick-start.zip | Network error: Not Found
[404] https://maurosandbox.com/sandbox/api/dataModels/09bae822-0f97-4240-a53f-f8133916d2e1/export/uk.ac.ox.softeng.maurodatamapper.plugins.explorer.provider.exporter/DataModelPdfExporterService/1.0 | Network error: Not Found
[404] https://maurosandbox.com/sandbox/api/dataModels/bf3c921f-4447-4553-8a1f-326958eabc10/export/uk.ac.ox.softeng.maurodatamapper.datamodel.provider.exporter/DataModelJsonExporterService/3.2 | Network error: Not Found
[404] https://maurosandbox.com/sandbox/api/dataModels/bf3c921f-4447-4553-8a1f-326958eabc10/export/uk.ac.ox.softeng.maurodatamapper.plugins.excel.openclinica/OpenClinicaV3CrfDataModelExporterProviderService/1.0.0-SNAPSHOT | Network error: Not Found
[404] https://maurosandbox.com/sandbox/api/dataModels/09bae822-0f97-4240-a53f-
(Truncated to 2500 characters out of 44533)
⚠️ MARKDOWN / markdownlint - 27 errors
mauro-client/README.md:8:114 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
mauro-client/README.md:32:161 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
mauro-client/README.md:109:142 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
mauro-client/README.md:112:112 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:2:1 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:3:59 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:7:68 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:8:74 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:13:92 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:16:86 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:18:94 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:20:88 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:22:90 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:24:86 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:34:90 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:36:87 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:38:95 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:40:86 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:45:89 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:46:96 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:49:100 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:52:93 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
README.md:55 error MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
README.md:61 error MD040/fenced-code-language Fenced code blocks should have a language specified [Context: "```"]
README.md:64:91 error MD009/no-trailing-spaces Trailing spaces [Expected: 0 or 2; Actual: 1]
ready-configuration/index.md:1 error MD041/first-line-heading/first-line-h1 Fi
(Truncated to 2500 characters out of 2770)
⚠️ GROOVY / npm-groovy-lint - 3 errors
warning: Class should be marked with one of @GrailsCompileStatic, @CompileStatic or @CompileDynamic
= Check that classes are explicitely annotated with either @GrailsCompileStatic, @CompileStatic or @CompileDynamic
note: The String 'com.vanniktech.maven.publish' can be wrapped in single quotes instead of double quotes
┌─ build.gradle:7:9
│
7 │ id "com.vanniktech.maven.publish" version "0.34.0"
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String '0.34.0' can be wrapped in single quotes instead of double quotes
┌─ build.gradle:7:48
│
7 │ id "com.vanniktech.maven.publish" version "0.34.0"
│ ^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String 'org.graalvm.buildtools.native' can be wrapped in single quotes instead of double quotes
┌─ build.gradle:8:9
│
8 │ id "org.graalvm.buildtools.native" version "0.11.0" apply false
│ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String '0.11.0' can be wrapped in single quotes instead of double quotes
┌─ build.gradle:8:49
│
8 │ id "org.graalvm.buildtools.native" version "0.11.0" apply false
│ ^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String 'maven-publish' can be wrapped in single quotes instead of double quotes
┌─ build.gradle:17:21
│
17 │ plugins.withId("maven-publish") {
│ ^^^^^^^^^^^^^
│
= String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.
note: The String 'GROUP' can be wrapped in single quotes instead of double quotes
┌─ build.gradle:21:45
│
21 │ groupId = (findProperty("GROUP") ?: project.group).toString()
│
(Truncated to 2500 characters out of 5435438)
⚠️ JSON / prettier - 1 error
Checking formatting...
[warn] .groovylintrc.json
[warn] mauro-api/src/test/resources/federatedPublishedModelsBytesAsText.json
[warn] mauro-api/src/test/resources/keycloak/realm.json
[warn] mauro-api/src/test/resources/mauroJsonPublishedModels.json
[warn] mauro-api/src/test/resources/publishedModels.json
[warn] mauro-api/src/test/resources/publishedModelsNewerVersions.json
[warn] mauro-api/src/test/resources/subscribedCataloguePublishedModels.json
[warn] mauro-api/src/test/resources/subscribedCataloguePublishedModelsNewerVersions.json
[warn] mauro-domain/src/main/resources/ProfileSpecificationFieldProfile.json
[warn] Code style issues found in 9 files. Run Prettier with --write to fix.
⚠️ YAML / prettier - 1 error
Checking formatting...
[warn] .github/workflows/gradle.yml
[warn] keycloak/docker-compose.yml
[warn] mauro-api/micronaut-cli.yml
[warn] mauro-api/src/main/resources/application-docker.yml
[warn] mauro-api/src/main/resources/application-test.yml
[warn] mauro-api/src/main/resources/application.yml
[warn] mauro-api/src/test/resources/application-secured.yml
[warn] mauro-client/src/main/resources/application.yml
[warn] mauro-persistence/src/test/resources/application-test.yml
[warn] ready-configuration/quick-start/init/micronaut/application-mauro.yml
[warn] Code style issues found in 10 files. Run Prettier with --write to fix.
⚠️ BASH / shellcheck - 21 errors
In mauro-api/docker/all/micronaut/micronaut-startup.sh line 19:
. "${f}"
^----^ SC1090 (warning): ShellCheck can't follow non-constant source. Use a directive to specify location.
In mauro-api/docker/all/micronaut/micronaut-startup.sh line 24:
cp -pf ${f} /home/app/plugins/.
^--^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
cp -pf "${f}" /home/app/plugins/.
In mauro-api/docker/all/micronaut/micronaut-startup.sh line 77:
echo ${JAVA_BIN} "${JAVA_OPTS}" -cp "/home/app/application.jar" "${APPLICATION_MAIN_CLASS}"
^---------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
echo "${JAVA_BIN}" "${JAVA_OPTS}" -cp "/home/app/application.jar" "${APPLICATION_MAIN_CLASS}"
In mauro-api/docker/all/micronaut/micronaut-startup.sh line 78:
gosu micronaut ${JAVA_BIN} ${JAVA_OPTS} -cp /home/app/application.jar "${APPLICATION_MAIN_CLASS}"
^---------^ SC2086 (info): Double quote to prevent globbing and word splitting.
^----------^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
gosu micronaut "${JAVA_BIN}" "${JAVA_OPTS}" -cp /home/app/application.jar "${APPLICATION_MAIN_CLASS}"
In mauro-api/docker/all/postgres/micronaut-config-for-postgres.sh line 7:
local s='[[:space:]]*' w='[a-zA-Z0-9_]*' fs=$(echo @|tr @ '\034')
^-- SC2155 (warning): Declare and assign separately to avoid masking return values.
In mauro-api/docker/all/postgres/micronaut-config-for-postgres.sh line 9:
-e "s|^\($s\)\($w\)$s:$s[\"']\(.*\)[\"']$s\$|\1$fs\2$fs\3|p" \
^-- SC1087 (error): Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).
In mauro-api/docker/all/postgres/micronaut-config-for-postgres.sh line 10:
-e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" $1 |
^-- SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
-e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" "$1" |
In mauro-api/docker/all/postgres/micronaut-config-for-postgres.sh line 11:
awk -F$fs -v prop="$prop" '{
^-^ SC2086 (info): Double quote to prevent globbing and word splitting.
Did you mean:
awk -F"$fs" -v prop="$prop" '{
In mauro-api/docker/all/post
(Truncated to 2500 characters out of 6255)
⚠️ BASH / shfmt - 10 errors
diff gradlew.orig gradlew
--- gradlew.orig
+++ gradlew
@@ -71,15 +71,15 @@
# Need this for daisy-chained symlinks.
while
- APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
- [ -h "$app_path" ]
+ APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
+ [ -h "$app_path" ]
do
- ls=$( ls -ld "$app_path" )
- link=${ls#*' -> '}
- case $link in #(
- /*) app_path=$link ;; #(
- *) app_path=$APP_HOME$link ;;
- esac
+ ls=$(ls -ld "$app_path")
+ link=${ls#*' -> '}
+ case $link in #(
+ /*) app_path=$link ;; #(
+ *) app_path=$APP_HOME$link ;;
+ esac
done
# This is normally unused
@@ -86,20 +86,20 @@
# shellcheck disable=SC2034
APP_BASE_NAME=${0##*/}
# Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
-APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s\n' "$PWD" ) || exit
+APP_HOME=$(cd -P "${APP_HOME:-./}" >/dev/null && printf '%s\n' "$PWD") || exit
# Use the maximum available, or set MAX_FD != -1 to use that value.
MAX_FD=maximum
-warn () {
- echo "$*"
-} >&2
-
-die () {
- echo
- echo "$*"
- echo
- exit 1
+warn() {
+ echo "$*"
+} >&2
+
+die() {
+ echo
+ echo "$*"
+ echo
+ exit 1
} >&2
# OS specific support (must be 'true' or 'false').
@@ -107,57 +107,56 @@
msys=false
darwin=false
nonstop=false
-case "$( uname )" in #(
- CYGWIN* ) cygwin=true ;; #(
- Darwin* ) darwin=true ;; #(
- MSYS* | MINGW* ) msys=true ;; #(
- NONSTOP* ) nonstop=true ;;
+case "$(uname)" in #(
+CYGWIN*) cygwin=true ;; #(
+Darwin*) darwin=true ;; #(
+MSYS* | MINGW*) msys=true ;; #(
+NONSTOP*) nonstop=true ;;
esac
-
-
# Determine the Java command to use to start the JVM.
-if [ -n "$JAVA_HOME" ] ; then
- if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
- # IBM's JDK on AIX uses strange locations for the executables
- JAVACMD=$JAVA_HOME/jre/sh/java
- else
- JAVACMD=$JAVA_HOME/bin/java
- fi
- if [ ! -x "$JAVACMD" ] ; then
- die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
- fi
+if [ -n "$JAVA_HOME" ]; then
+ if [ -x "$JAVA_HOME/jre/sh/java" ]; then
+ # IBM's JDK on AIX uses strange locations for the executables
+ JAVACMD=$JAVA_HOME/jre/sh/java
+ else
+ JAV
(Truncated to 2500 characters out of 41873)
⚠️ REPOSITORY / trivy - 1 error
error: Artifact: mauro-api/build/docker/main/Dockerfile
Type: dockerfile
Vulnerability DS002
Severity: HIGH
Message: Specify at least 1 USER command in Dockerfile with non-root user as argument
Link: [DS002](https://avd.aquasec.com/misconfig/ds002)
┌─ mauro-api/build/docker/main/Dockerfile:1:1
│
1 │ FROM eclipse-temurin:21-jre-noble
│ ^
│
= Image user should not be 'root'
= Running containers with 'root' user can lead to a container escape situation. It is a best practice to run containers as non-root users, which can be done by adding a 'USER' statement to the Dockerfile.
error: 1 errors emitted
⚠️ XML / xmllint - 1 error
<?xml version="1.0"?>
<code_scheme name="OxfordBRC" version="173">
<option name="LINE_SEPARATOR" value=" "/>
<option name="RIGHT_MARGIN" value="175"/>
<GroovyCodeStyleSettings>
<option name="CLASS_COUNT_TO_USE_IMPORT_ON_DEMAND" value="9999"/>
<option name="NAMES_COUNT_TO_USE_IMPORT_ON_DEMAND" value="9999"/>
<option name="PACKAGES_TO_USE_IMPORT_ON_DEMAND">
<value/>
</option>
<option name="IMPORT_LAYOUT_TABLE">
<value>
<package name="org.maurodata" withSubpackages="true" static="false"/>
<emptyLine/>
<package name="" withSubpackages="true" static="false"/>
<emptyLine/>
<package name="java" withSubpackages="true" static="false"/>
<package name="javax" withSubpackages="true" static="false"/>
<emptyLine/>
<package name="" withSubpackages="true" static="true"/>
</value>
</option>
</GroovyCodeStyleSettings>
<JavaCodeStyleSettings>
<option name="ANNOTATION_PARAMETER_WRAP" value="1"/>
<option name="ALIGN_MULTILINE_ANNOTATION_PARAMETERS" value="true"/>
<option name="CLASS_COUNT_TO_USE_IMPORT_ON_DEMAND" value="9999"/>
<option name="NAMES_COUNT_TO_USE_IMPORT_ON_DEMAND" value="9999"/>
<option name="PACKAGES_TO_USE_IMPORT_ON_DEMAND">
<value/>
</option>
<option name="IMPORT_LAYOUT_TABLE">
<value>
<package name="org.maurodata" withSubpackages="true" static="false"/>
<emptyLine/>
<package name="" withSubpackages="true" static="false"/>
<emptyLine/>
<package name="java" withSubpackages="true" static="false"/>
<package name="javax" withSubpackages="true" static="false"/>
<emptyLine/>
<package name="" withSubpackages="true" static="true"/>
</value>
</option>
<option name="JD_ADD_BLANK_AFTER_PARM_COMMENTS" value="true"/>
<option name="JD_ADD_BLANK_AFTER_RETURN" value="true"/>
<option name="JD_P_AT_EMPTY_LINES" value="false"/>
</JavaCodeStyleSettings>
<SqlCodeStyleSettings version="6">
<option name="KEYWORD_CASE" value="2"/>
<option name="TYPE_CASE" value="3"/>
<option name="CUSTOM_TYPE_CASE" value="3"/>
<option name="ALIAS_CASE" value="4"/>
<option name="QUERY_IN_ONE_STRING" value="1"/>
<option name="WITH_ALIGN_AS" value="true"/>
<option name="SELECT_NEW_LINE_AFTER_ALL_DISTINCT" value="true"/>
<option name="SELECT_KEEP_N_ITEMS_IN_LINE" value="0"/>
<option name="FROM_INDENT_JOIN" value="false"/>
(Truncated to 2500 characters out of 22666)
⚠️ YAML / yamllint - 38 errors
.github/workflows/gradle.yml
8:1 warning missing document start "---" (document-start)
10:1 warning truthy value should be one of [false, true] (truthy)
12:16 error too many spaces inside brackets (brackets)
12:21 error too many spaces inside brackets (brackets)
14:16 error too many spaces inside brackets (brackets)
14:21 error too many spaces inside brackets (brackets)
44:5 error wrong indentation: expected 6 but found 4 (indentation)
74:11 warning comment not indented like content (comments-indentation)
75:1 warning comment not indented like content (comments-indentation)
90:31 warning missing starting space in comment (comments)
99:11 error wrong indentation: expected 8 but found 10 (indentation)
115:1 error too many blank lines (3 > 2) (empty-lines)
119:11 error wrong indentation: expected 8 but found 10 (indentation)
127:11 error wrong indentation: expected 8 but found 10 (indentation)
132:80 error trailing spaces (trailing-spaces)
152:258 error no new line character at the end of file (new-line-at-end-of-file)
keycloak/docker-compose.yml
1:1 warning missing document start "---" (document-start)
29:1 error too many blank lines (1 > 0) (empty-lines)
mauro-api/micronaut-cli.yml
1:1 warning missing document start "---" (document-start)
mauro-api/src/main/resources/application-docker.yml
1:1 warning missing document start "---" (document-start)
mauro-api/src/main/resources/application-test.yml
1:1 warning missing document start "---" (document-start)
8:1 warning comment not indented like content (comments-indentation)
mauro-api/src/main/resources/application.yml
1:1 warning missing document start "---" (document-start)
47:1 warning comment not indented like content (comments-indentation)
mauro-api/src/test/resources/application-secured.yml
1:1 warning missing document start "---" (document-start)
34:33 error no new line character at the end of file (new-line-at-end-of-file)
mauro-client/src/main/resources/application.yml
1:1 warning missing document start "---" (document-start)
8:24 error no new line character at the end of file (new-line-at-end-of-file)
mauro-persistence/src/main/resources/application.yml
1:1 warning missing document start "---" (document-start)
mauro-p
(Truncated to 2500 characters out of 3392)
See detailed reports in MegaLinter artifacts
You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:
- oxsecurity/megalinter/flavors/documentation@v9.3.0 (51 linters)
- oxsecurity/megalinter/flavors/ruby@v9.3.0 (52 linters)
- oxsecurity/megalinter/flavors/rust@v9.3.0 (52 linters)
Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)
- Documentation: Custom Flavors
- Command:
npx mega-linter-runner@9.3.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,API_SPECTRAL,BASH_EXEC,BASH_SHELLCHECK,BASH_SHFMT,COPYPASTE_JSCPD,GROOVY_NPM_GROOVY_LINT,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_CSPELL,SPELL_LYCHEE,XML_XMLLINT,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Tests for presence of particular words in error messages.
If found, replaces the message with 'No details' and outputs the error message to the error console instead