diff --git a/.automation/build.py b/.automation/build.py index 876666bfa14..d4b0a2d6279 100644 --- a/.automation/build.py +++ b/.automation/build.py @@ -28,6 +28,18 @@ from megalinter import config, utils from megalinter.constants import ( DEFAULT_DOCKERFILE_APK_PACKAGES, + DEFAULT_DOCKERFILE_ARGS, + DEFAULT_DOCKERFILE_DOCKER_APK_PACKAGES, + DEFAULT_DOCKERFILE_DOCKER_ARGS, + DEFAULT_DOCKERFILE_FLAVOR_ARGS, + DEFAULT_DOCKERFILE_FLAVOR_CARGO_PACKAGES, + DEFAULT_DOCKERFILE_GEM_APK_PACKAGES, + DEFAULT_DOCKERFILE_GEM_ARGS, + DEFAULT_DOCKERFILE_NPM_APK_PACKAGES, + DEFAULT_DOCKERFILE_NPM_ARGS, + DEFAULT_DOCKERFILE_PIP_ARGS, + DEFAULT_DOCKERFILE_PIPENV_ARGS, + DEFAULT_DOCKERFILE_RUST_ARGS, DEFAULT_RELEASE, DEFAULT_REPORT_FOLDER_NAME, ML_DOC_URL_BASE, @@ -279,7 +291,8 @@ def generate_flavor(flavor, flavor_info): requires_docker, flavor, extra_lines, - {"cargo": ["sarif-fmt"]}, + DEFAULT_DOCKERFILE_FLAVOR_ARGS.copy(), + {"cargo": DEFAULT_DOCKERFILE_FLAVOR_CARGO_PACKAGES.copy()}, ) @@ -289,13 +302,16 @@ def build_dockerfile( requires_docker, flavor, extra_lines, + extra_args=None, extra_packages=None, ): if extra_packages is None: extra_packages = {} # Gather all dockerfile commands docker_from = [] - docker_arg = [] + docker_arg = DEFAULT_DOCKERFILE_ARGS.copy() + if extra_args is not None: + docker_arg += extra_args docker_copy = [] docker_other = [] all_dockerfile_items = [] @@ -308,7 +324,8 @@ def build_dockerfile( is_docker_other_run = False # Manage docker if requires_docker is True: - apk_packages += ["docker", "openrc"] + docker_arg += DEFAULT_DOCKERFILE_DOCKER_ARGS.copy() + apk_packages += DEFAULT_DOCKERFILE_DOCKER_APK_PACKAGES.copy() docker_other += [ "RUN rc-update add docker boot && (rc-service docker start || true)" ] @@ -421,14 +438,23 @@ def build_dockerfile( cargo_packages += item["install"]["cargo"] # Add node install if node packages are here if len(npm_packages) > 0: - apk_packages += ["npm", "nodejs-current", "yarn"] + docker_arg += DEFAULT_DOCKERFILE_NPM_ARGS.copy() + apk_packages += DEFAULT_DOCKERFILE_NPM_APK_PACKAGES.copy() # Add ruby apk packages if gem packages are here if len(gem_packages) > 0: - apk_packages += ["ruby", "ruby-dev", "ruby-bundler", "ruby-rdoc"] + docker_arg += DEFAULT_DOCKERFILE_GEM_ARGS.copy() + apk_packages += DEFAULT_DOCKERFILE_GEM_APK_PACKAGES.copy() + if len(pip_packages) > 0: + docker_arg += DEFAULT_DOCKERFILE_PIP_ARGS.copy() + if len(pipvenv_packages) > 0: + docker_arg += DEFAULT_DOCKERFILE_PIPENV_ARGS.copy() + if len(cargo_packages) > 0: + docker_arg += DEFAULT_DOCKERFILE_RUST_ARGS.copy() # Separate args used in FROM instructions from others all_from_instructions = "\n".join(list(dict.fromkeys(docker_from))) docker_arg_top = [] docker_arg_main = [] + docker_arg_main_extra = [] for docker_arg_item in docker_arg: match = re.match( r"(?:# renovate: .*\n)?ARG\s+([a-zA-Z_][a-zA-Z0-9_]*)\s*=?\s*", @@ -439,6 +465,14 @@ def build_dockerfile( docker_arg_top += [docker_arg_item] else: docker_arg_main += [docker_arg_item] + + if docker_arg_item in docker_arg_top: + docker_arg_main_extra += [f"ARG {arg_name}"] + + if len(docker_arg_main_extra) > 0: + docker_arg_main_extra.insert(0, "") + + docker_arg_main += docker_arg_main_extra # Replace between tags in Dockerfile # Commands replace_in_file( @@ -500,14 +534,14 @@ def build_dockerfile( cargo_packages = [ p for p in cargo_packages if p != "COMPILER_ONLY" ] # remove empty string packages - cargo_cmd = "cargo install --force --locked " + " ".join( + cargo_cmd = "cargo install --force --locked " + " ".join( list(dict.fromkeys(cargo_packages)) ) rust_commands += [cargo_cmd] rustup_cargo_cmd = " && ".join(rust_commands) cargo_install_command = ( "RUN curl https://sh.rustup.rs -sSf |" - + " sh -s -- -y --profile minimal --default-toolchain stable \\\n" + + " sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \\\n" + ' && export PATH="/root/.cargo/bin:${PATH}" \\\n' + f" && {rustup_cargo_cmd} \\\n" + " && rm -rf /root/.cargo/registry /root/.cargo/git " @@ -524,7 +558,7 @@ def build_dockerfile( "WORKDIR /node-deps\n" + "RUN npm --no-cache install --ignore-scripts --omit=dev \\\n " + " \\\n ".join(list(dict.fromkeys(npm_packages))) - + " && \\\n" + + " && \\\n" # + ' echo "Fixing audit issues with npm…" \\\n' # + " && npm audit fix --audit-level=critical || true \\\n" # Deactivated for now + ' echo "Cleaning npm cache…" \\\n' @@ -550,8 +584,8 @@ def build_dockerfile( pip_install_command = "" if len(pip_packages) > 0: pip_install_command = ( - "RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip &&" - + " PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade \\\n '" + "RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} &&" + + " PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir \\\n '" + "' \\\n '".join(list(dict.fromkeys(pip_packages))) + "' && \\\n" + r"find . \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete" @@ -563,7 +597,7 @@ def build_dockerfile( if len(pipvenv_packages.items()) > 0: pipenv_install_command = ( "RUN PYTHONDONTWRITEBYTECODE=1 pip3 install" - " --no-cache-dir --upgrade pip virtualenv \\\n" + " --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \\\n" ) env_path_command = 'ENV PATH="${PATH}"' for pip_linter, pip_linter_packages in pipvenv_packages.items(): diff --git a/.cspell.json b/.cspell.json index 3d5fabc33cf..44f40f2d393 100644 --- a/.cspell.json +++ b/.cspell.json @@ -984,6 +984,7 @@ "kwargs", "lacheck", "langserver", + "LBFFI", "leveldb", "levn", "lexstatic", @@ -1300,6 +1301,7 @@ "remarkrc", "remoting", "replicatedhq", + "repology", "repos", "reqparse", "reqs", @@ -1324,6 +1326,7 @@ "rstudio", "rtypescript", "rubocop", + "rubygems", "rulegraph", "ruleid", "rulename", @@ -1572,4 +1575,4 @@ "zaach", "zricethezav" ] -} \ No newline at end of file +} diff --git a/Dockerfile b/Dockerfile index 39ae97c9d95..94c4ab223e8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -11,6 +11,8 @@ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARGTOP__START +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 # renovate: datasource=docker depName=rhysd/actionlint ARG ACTION_ACTIONLINT_VERSION=1.7.7 # renovate: datasource=docker depName=koalaman/shellcheck @@ -69,8 +71,9 @@ FROM ghcr.io/yannh/kubeconform:${KUBERNETES_KUBECONFORM_VERSION} AS kubeconform FROM ghcr.io/assignuser/chktex-alpine:latest AS chktex FROM yoheimuta/protolint:${PROTOBUF_PROTOLINT_VERSION} AS protolint FROM golang:alpine AS dustilock +ARG APK_GIT_VERSION ARG REPOSITORY_DUSTILOCK_VERSION -RUN apk add --no-cache git && GOBIN=/usr/bin go install github.com/checkmarx/dustilock@v${REPOSITORY_DUSTILOCK_VERSION} +RUN apk add --no-cache git=${APK_GIT_VERSION} && GOBIN=/usr/bin go install github.com/checkmarx/dustilock@v${REPOSITORY_DUSTILOCK_VERSION} FROM zricethezav/gitleaks:${REPOSITORY_GITLEAKS_VERSION} AS gitleaks FROM checkmarx/kics:${REPOSITORY_KICS_VERSION} AS kics FROM trufflesecurity/trufflehog:${REPOSITORY_TRUFFLEHOG_VERSION} AS trufflehog @@ -86,7 +89,7 @@ FROM alpine/terragrunt:${TERRAFORM_TERRAGRUNT_VERSION} AS terragrunt ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -110,84 +113,381 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/docker +ARG APK_DOCKER_VERSION=27.3.1-r1 +# renovate: datasource=repology depName=alpine_3_21/openrc +ARG APK_OPENRC_VERSION=0.55.1-r2 +# renovate: datasource=repology depName=alpine_3_21/icu-libs +ARG APK_ICU_LIBS_VERSION=74.2-r0 # renovate: datasource=github-tags depName=PowerShell/PowerShell ARG POWERSHELL_VERSION=7.5.0 +# renovate: datasource=github-tags depName=sgerrand/alpine-pkg-glibc +ARG ALPINE_GLIBC_PACKAGE_VERSION=2.34-r0 +# renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk +ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 +# renovate: datasource=repology depName=alpine_3_21/go +ARG APK_GO_VERSION=1.23.5-r0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/readline-dev +ARG APK_READLINE_DEV_VERSION=8.2.13-r0 +# renovate: datasource=repology depName=alpine_3_21/perl +ARG APK_PERL_VERSION=5.40.1-r0 +# renovate: datasource=repology depName=alpine_3_21/perl-dev +ARG APK_PERL_DEV_VERSION=5.40.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gnupg +ARG APK_GNUPG_VERSION=2.4.7-r0 +# renovate: datasource=repology depName=alpine_3_21/php84 +ARG APK_PHP84_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-phar +ARG APK_PHP84_PHAR_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-mbstring +ARG APK_PHP84_MBSTRING_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-xmlwriter +ARG APK_PHP84_XMLWRITER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-tokenizer +ARG APK_PHP84_TOKENIZER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-ctype +ARG APK_PHP84_CTYPE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-curl +ARG APK_PHP84_CURL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-dom +ARG APK_PHP84_DOM_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-opcache +ARG APK_PHP84_OPCACHE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-openssl +ARG APK_PHP84_OPENSSL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-common +ARG APK_PHP84_COMMON_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-simplexml +ARG APK_PHP84_SIMPLEXML_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/dpkg +ARG APK_DPKG_VERSION=1.22.11-r0 +# renovate: datasource=repology depName=alpine_3_21/coreutils +ARG APK_COREUTILS_VERSION=9.5-r2 # renovate: datasource=npm depName=@salesforce/cli -ARG SALESFORCE_CLI_VERSION=2.74.6 +ARG NPM_SALESFORCE_CLI_VERSION=2.74.6 # renovate: datasource=npm depName=@salesforce/plugin-packaging -ARG SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 +ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 # renovate: datasource=npm depName=sfdx-hardis ARG SFDX_HARDIS_VERSION=5.18.1 +# renovate: datasource=npm depName=typescript +ARG NPM_TYPESCRIPT_VERSION=5.7.3 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 # renovate: datasource=github-tags depName=Azure/arm-ttk ARG ARM_TTK_VERSION=20240328 ARG ARM_TTK_NAME='arm-ttk.zip' ARG ARM_TTK_DIRECTORY='/opt/microsoft' +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 # renovate: datasource=github-tags depName=Azure/bicep ARG BICEP_VERSION=0.33.13 ARG BICEP_EXE='bicep' ARG BICEP_DIR='/usr/local/bin' +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=repology depName=alpine_3_21/clang19-extra-tools +ARG APK_CLANG19_EXTRA_TOOLS_VERSION=19.1.4-r0 # renovate: datasource=github-tags depName=clj-kondo/clj-kondo ARG CLJ_KONDO_VERSION=2025.01.16 # renovate: datasource=github-tags depName=greglook/cljstyle ARG CLJ_STYLE_VERSION=0.17.642 +# renovate: datasource=pypi depName=cfn-lint +ARG PIP_CFN_LINT_VERSION=1.22.7 +# renovate: datasource=npm depName=@coffeelint/cli +ARG NPM_COFFEELINT_CLI_VERSION=5.2.11 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 # renovate: datasource=nuget depName=csharpier ARG CSHARP_CSHARPIER_VERSION=0.30.6 # renovate: datasource=nuget depName=roslynator.dotnet.cli ARG CSHARP_ROSLYNATOR_VERSION=0.10.0 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 # renovate: datasource=dart-version depName=dart ARG DART_VERSION='3.6.2' +# renovate: datasource=npm depName=gherkin-lint +ARG NPM_GHERKIN_LINT_VERSION=4.2.4 # renovate: datasource=github-tags depName=golangci/golangci-lint ARG GO_GOLANGCI_LINT_VERSION=1.63.4 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 # renovate: datasource=github-tags depName=pmd/pmd extractVersion=^pmd_releases/(?.*)$ ARG PMD_VERSION=7.10.0 +# renovate: datasource=npm depName=eslint +ARG NPM_ESLINT_VERSION=8.57.0 +# renovate: datasource=npm depName=eslint-config-airbnb +ARG NPM_ESLINT_CONFIG_AIRBNB_VERSION=19.0.4 +# renovate: datasource=npm depName=eslint-config-prettier +ARG NPM_ESLINT_CONFIG_PRETTIER_VERSION=10.0.1 +# renovate: datasource=npm depName=eslint-config-standard +ARG NPM_ESLINT_CONFIG_STANDARD_VERSION=17.1.0 +# renovate: datasource=npm depName=eslint-plugin-import +ARG NPM_ESLINT_PLUGIN_IMPORT_VERSION=2.31.0 +# renovate: datasource=npm depName=eslint-plugin-jest +ARG NPM_ESLINT_PLUGIN_JEST_VERSION=28.11.0 +# renovate: datasource=npm depName=eslint-plugin-node +ARG NPM_ESLINT_PLUGIN_NODE_VERSION=11.1.0 +# renovate: datasource=npm depName=eslint-plugin-prettier +ARG NPM_ESLINT_PLUGIN_PRETTIER_VERSION=5.2.3 +# renovate: datasource=npm depName=eslint-plugin-promise +ARG NPM_ESLINT_PLUGIN_PROMISE_VERSION=6.6.0 +# renovate: datasource=npm depName=eslint-plugin-vue +ARG NPM_ESLINT_PLUGIN_VUE_VERSION=9.32.0 +# renovate: datasource=npm depName=@babel/core +ARG NPM_BABEL_CORE_VERSION=7.26.7 +# renovate: datasource=npm depName=@babel/eslint-parser +ARG NPM_BABEL_ESLINT_PARSER_VERSION=7.26.5 +# renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif +ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 +# renovate: datasource=npm depName=standard +ARG NPM_STANDARD_VERSION=17.1.2 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=npm-package-json-lint +ARG NPM_PACKAGE_JSON_LINT_VERSION=8.0.0 +# renovate: datasource=npm depName=npm-package-json-lint-config-default +ARG NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION=7.0.1 +# renovate: datasource=npm depName=eslint-plugin-react +ARG NPM_ESLINT_PLUGIN_REACT_VERSION=7.37.4 +# renovate: datasource=npm depName=eslint-plugin-jsx-a11y +ARG NPM_ESLINT_PLUGIN_JSX_ALLY_VERSION=6.10.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=repology depName=alpine_3_21/openssl +ARG APK_OPENSSL_VERSION=3.3.2-r4 # renovate: datasource=github-tags depName=cvega/luarocks ARG LUA_LUACHECK_VERSION=3.3.1 # renovate: datasource=crate depName=selene -ARG LUA_SELENE_VERSION=0.28.0 +ARG CARGO_SELENE_VERSION=0.28.0 # renovate: datasource=crate depName=stylua -ARG LUA_STYLUA_VERSION=2.0.0 +ARG CARGO_STYLUA_VERSION=2.0.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 # renovate: datasource=github-tags depName=skaji/cpm ARG PERL_PERLCRITIC_VERSION=0.997021 # renovate: datasource=nuget depName=PSScriptAnalyzer registryUrl=https://www.powershellgallery.com/api/v2/ ARG PSSA_VERSION='1.23.0' +# renovate: datasource=rubygems depName=puppet-lint +ARG GEM_PUPPET_LINT_VERSION=4.2.4 +# renovate: datasource=pypi depName=pylint +ARG PIP_PYLINT_VERSION=3.3.3 +# renovate: datasource=pypi depName=typing-extensions +ARG PIP_TYPING_EXTENSIONS_VERSION=4.12.2 +# renovate: datasource=pypi depName=black +ARG PIP_BLACK_VERSION=24.10.0 +# renovate: datasource=pypi depName=flake8 +ARG PIP_FLAKE8_VERSION=7.1.1 +# renovate: datasource=pypi depName=isort +ARG PIP_ISORT_VERSION=5.13.2 +# renovate: datasource=pypi depName=bandit +ARG PIP_BANDIT_VERSION=1.8.2 +# renovate: datasource=pypi depName=bandit_sarif_formatter +ARG PIP_BANDIT_SARIF_FORMATTER_VERSION=1.1.1 +# renovate: datasource=pypi depName=mypy +ARG PIP_MYPY_VERSION=1.14.1 +# renovate: datasource=pypi depName=pyright +ARG PIP_PYRIGHT_VERSION=1.1.392.post0 +# renovate: datasource=pypi depName=ruff +ARG PIP_RUFF_VERSION=0.9.3 +# renovate: datasource=repology depName=alpine_3_21/g++ +ARG APK_G_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libcurl +ARG APK_LIBCURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/linux-headers +ARG APK_LINUX_HEADERS_VERSION=6.6-r1 +# renovate: datasource=repology depName=alpine_3_21/R +ARG APK_R_VERSION=4.4.2-r0 +# renovate: datasource=repology depName=alpine_3_21/R-dev +ARG APK_R_DEV_VERSION=4.4.2-r0 +# renovate: datasource=repology depName=alpine_3_21/R-doc +ARG APK_R_DOC_VERSION=4.4.2-r0 # renovate: datasource=github-tags depName=nxadm/rakudo-pkg ARG RAKU_RAKU_VERSION=2024.12 ARG RAKU_RAKU_ALPINE_VERSION=3.20 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=nuget depName=Microsoft.CST.DevSkim.CLI ARG REPOSITORY_DEVSKIM_VERSION=1.0.52 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=anchore/syft ARG REPOSITORY_SYFT_VERSION=1.19.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=Pygments +ARG PIP_PYGMENTS_VERSION=2.19.1 +# renovate: datasource=pypi depName=restructuredtext_lint +ARG PIP_RESTRUCTUREDTEXT_LINT_VERSION=1.4.0 +# renovate: datasource=pypi depName=rstcheck +ARG PIP_RSTCHECK_VERSION=6.2.4 +# renovate: datasource=pypi depName=rstfmt +ARG PIP_RSTFMT_VERSION=0.0.14 +# renovate: datasource=rubygems depName=rubocop +ARG GEM_RUBOCOP_VERSION=1.71.0 +# renovate: datasource=rubygems depName=rubocop-github +ARG GEM_RUBOCOP_GITHUB_VERSION=0.20.0 +# renovate: datasource=rubygems depName=rubocop-performance +ARG GEM_RUBOCOP_PERFORMANCE_VERSION=1.23.1 +# renovate: datasource=rubygems depName=rubocop-rails +ARG GEM_RUBOCOP_RAILS_VERSION=2.29.1 +# renovate: datasource=rubygems depName=rubocop-rake +ARG GEM_RUBOCOP_RAKE_VERSION=0.6.0 +# renovate: datasource=rubygems depName=rubocop-rspec +ARG GEM_RUBOCOP_RSPEC_VERSION=3.4.0 # renovate: datasource=npm depName=@salesforce/sfdx-scanner ARG SALESFORCE_SFDX_SCANNER_VERSION=4.9.0 # renovate: datasource=npm depName=lightning-flow-scanner ARG LIGHTNING_FLOW_SCANNER_VERSION=2.45.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 # renovate: datasource=nuget depName=TSQLLint ARG SQL_TSQLLINT_VERSION=1.16.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=npm depName=prettyjson +ARG NPM_PRETTYJSON_VERSION=1.2.5 +# renovate: datasource=npm depName=@typescript-eslint/eslint-plugin +ARG NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION=8.21.0 +# renovate: datasource=npm depName=@typescript-eslint/parser +ARG NPM_TYPESCRIPT_ESLINT_PARSER_VERSION=8.21.0 +# renovate: datasource=npm depName=ts-standard +ARG NPM_TS_STANDARD_VERSION=12.0.2 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=repology depName=alpine_3_21/ruby +ARG APK_RUBY_VERSION=3.3.6-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-dev +ARG APK_RUBY_DEV_VERSION=3.3.6-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-bundler +ARG APK_RUBY_BUNDLER_VERSION=2.5.23-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-rdoc +ARG APK_RUBY_RDOC_VERSION=3.3.6-r0 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG APK_GIT_VERSION +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG GO_REVIVE_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_DUSTILOCK_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_KICS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION +ARG TERRAFORM_TFLINT_VERSION +ARG TERRAFORM_TERRASCAN_VERSION +ARG TERRAFORM_TERRAGRUNT_VERSION #ARG__END #################### @@ -201,65 +501,63 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - docker \ - openrc \ - icu-libs \ - go \ - openjdk21 \ - readline-dev \ - perl \ - perl-dev \ - gnupg \ - php84 \ - php84-phar \ - php84-mbstring \ - php84-xmlwriter \ - php84-tokenizer \ - php84-ctype \ - php84-curl \ - php84-dom \ - php84-opcache \ - php84-openssl \ - php84-common \ - php84-simplexml \ - dpkg \ - coreutils \ - py3-pyflakes \ - clang19-extra-tools \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - openssl \ - g++ \ - libc-dev \ - libcurl \ - libgcc \ - libxml2-dev \ - libxml2-utils \ - linux-headers \ - R \ - R-dev \ - R-doc \ - nodejs-current \ - ruby \ - ruby-dev \ - ruby-bundler \ - ruby-rdoc \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + docker=${APK_DOCKER_VERSION} \ + openrc=${APK_OPENRC_VERSION} \ + icu-libs=${APK_ICU_LIBS_VERSION} \ + go=${APK_GO_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + readline-dev=${APK_READLINE_DEV_VERSION} \ + perl=${APK_PERL_VERSION} \ + perl-dev=${APK_PERL_DEV_VERSION} \ + gnupg=${APK_GNUPG_VERSION} \ + php84=${APK_PHP84_VERSION} \ + php84-phar=${APK_PHP84_PHAR_VERSION} \ + php84-mbstring=${APK_PHP84_MBSTRING_VERSION} \ + php84-xmlwriter=${APK_PHP84_XMLWRITER_VERSION} \ + php84-tokenizer=${APK_PHP84_TOKENIZER_VERSION} \ + php84-ctype=${APK_PHP84_CTYPE_VERSION} \ + php84-curl=${APK_PHP84_CURL_VERSION} \ + php84-dom=${APK_PHP84_DOM_VERSION} \ + php84-opcache=${APK_PHP84_OPCACHE_VERSION} \ + php84-openssl=${APK_PHP84_OPENSSL_VERSION} \ + php84-common=${APK_PHP84_COMMON_VERSION} \ + php84-simplexml=${APK_PHP84_SIMPLEXML_VERSION} \ + dpkg=${APK_DPKG_VERSION} \ + coreutils=${APK_COREUTILS_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + clang19-extra-tools=${APK_CLANG19_EXTRA_TOOLS_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + openssl=${APK_OPENSSL_VERSION} \ + g++=${APK_G_VERSION} \ + libcurl=${APK_LIBCURL_VERSION} \ + libffi-dev=${APK_LBFFI_DEV_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + linux-headers=${APK_LINUX_HEADERS_VERSION} \ + R=${APK_R_VERSION} \ + R-dev=${APK_R_DEV_VERSION} \ + R-doc=${APK_R_DOC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ + ruby=${APK_RUBY_VERSION} \ + ruby-dev=${APK_RUBY_DEV_VERSION} \ + ruby-bundler=${APK_RUBY_BUNDLER_VERSION} \ + ruby-rdoc=${APK_RUBY_RDOC_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -280,9 +578,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && rustup component add clippy && cargo install --force --locked sarif-fmt shellcheck-sarif selene@${LUA_SELENE_VERSION} stylua@${LUA_STYLUA_VERSION} \ + && rustup component add clippy && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} selene@${CARGO_SELENE_VERSION} stylua@${CARGO_STYLUA_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -294,32 +592,33 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cfn-lint" && cd "/venvs/cfn-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cfn-lint[sarif] && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/pylint" && cd "/venvs/pylint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pylint typing-extensions && deactivate && cd ./../.. \ - && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/flake8" && cd "/venvs/flake8" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir flake8 && deactivate && cd ./../.. \ - && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir isort black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/bandit" && cd "/venvs/bandit" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir bandit bandit_sarif_formatter bandit[toml] && deactivate && cd ./../.. \ - && mkdir -p "/venvs/mypy" && cd "/venvs/mypy" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir mypy && deactivate && cd ./../.. \ - && mkdir -p "/venvs/pyright" && cd "/venvs/pyright" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pyright && deactivate && cd ./../.. \ - && mkdir -p "/venvs/ruff" && cd "/venvs/ruff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/ruff-format" && cd "/venvs/ruff-format" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rst-lint" && cd "/venvs/rst-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir Pygments restructuredtext_lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstcheck" && cd "/venvs/rstcheck" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstcheck[toml,sphinx] && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/cfn-lint" && cd "/venvs/cfn-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cfn-lint[sarif]==${PIP_CFN_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/pylint" && cd "/venvs/pylint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pylint==${PIP_PYLINT_VERSION} typing-extensions==${PIP_TYPING_EXTENSIONS_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black==${PIP_BLACK_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/flake8" && cd "/venvs/flake8" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir flake8==${PIP_FLAKE8_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black==${PIP_BLACK_VERSION} isort==${PIP_ISORT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/bandit" && cd "/venvs/bandit" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir bandit==${PIP_BANDIT_VERSION} bandit_sarif_formatter==${PIP_BANDIT_SARIF_FORMATTER_VERSION} bandit[toml]==${PIP_BANDIT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/mypy" && cd "/venvs/mypy" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir mypy==${PIP_MYPY_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/pyright" && cd "/venvs/pyright" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pyright==${PIP_PYRIGHT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/ruff" && cd "/venvs/ruff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff==${PIP_RUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/ruff-format" && cd "/venvs/ruff-format" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff==${PIP_RUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/rst-lint" && cd "/venvs/rst-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir Pygments==${PIP_PYGMENTS_VERSION} restructuredtext_lint==${PIP_RESTRUCTUREDTEXT_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/rstcheck" && cd "/venvs/rstcheck" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstcheck[toml,sphinx]==${PIP_RSTCHECK_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt==${PIP_RSTFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/cfn-lint/bin:/venvs/djlint/bin:/venvs/pylint/bin:/venvs/black/bin:/venvs/flake8/bin:/venvs/isort/bin:/venvs/bandit/bin:/venvs/mypy/bin:/venvs/pyright/bin:/venvs/ruff/bin:/venvs/ruff-format/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/rst-lint/bin:/venvs/rstcheck/bin:/venvs/rstfmt/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/cfn-lint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/pylint/bin:/venvs/black/bin:/venvs/flake8/bin:/venvs/isort/bin:/venvs/bandit/bin:/venvs/mypy/bin:/venvs/pyright/bin:/venvs/ruff/bin:/venvs/ruff-format/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/rst-lint/bin:/venvs/rstcheck/bin:/venvs/rstfmt/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -333,54 +632,54 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @salesforce/cli@${SALESFORCE_CLI_VERSION} \ - typescript \ - @stoplight/spectral-cli \ - @coffeelint/cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - gherkin-lint \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-config-standard \ - eslint-plugin-import \ - eslint-plugin-jest \ - eslint-plugin-node \ - eslint-plugin-prettier \ - eslint-plugin-promise \ - eslint-plugin-vue \ - @babel/core \ - @babel/eslint-parser \ - @microsoft/eslint-formatter-sarif \ - standard \ - prettier \ - @prantlf/jsonlint \ - v8r \ - npm-package-json-lint \ - npm-package-json-lint-config-default \ - eslint-plugin-react \ - eslint-plugin-jsx-a11y \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint \ - prettyjson \ - @typescript-eslint/eslint-plugin \ - @typescript-eslint/parser \ - ts-standard && \ + @salesforce/cli@${NPM_SALESFORCE_CLI_VERSION} \ + typescript@${NPM_TYPESCRIPT_VERSION} \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + @coffeelint/cli@${NPM_COFFEELINT_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + gherkin-lint@${NPM_GHERKIN_LINT_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + eslint@${NPM_ESLINT_VERSION} \ + eslint-config-airbnb@${NPM_ESLINT_CONFIG_AIRBNB_VERSION} \ + eslint-config-prettier@${NPM_ESLINT_CONFIG_PRETTIER_VERSION} \ + eslint-config-standard@${NPM_ESLINT_CONFIG_STANDARD_VERSION} \ + eslint-plugin-import@${NPM_ESLINT_PLUGIN_IMPORT_VERSION} \ + eslint-plugin-jest@${NPM_ESLINT_PLUGIN_JEST_VERSION} \ + eslint-plugin-node@${NPM_ESLINT_PLUGIN_NODE_VERSION} \ + eslint-plugin-prettier@${NPM_ESLINT_PLUGIN_PRETTIER_VERSION} \ + eslint-plugin-promise@${NPM_ESLINT_PLUGIN_PROMISE_VERSION} \ + eslint-plugin-vue@${NPM_ESLINT_PLUGIN_VUE_VERSION} \ + @babel/core@${NPM_BABEL_CORE_VERSION} \ + @babel/eslint-parser@${NPM_BABEL_ESLINT_PARSER_VERSION} \ + @microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION} \ + standard@${NPM_STANDARD_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + npm-package-json-lint@${NPM_PACKAGE_JSON_LINT_VERSION} \ + npm-package-json-lint-config-default@${NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION} \ + eslint-plugin-react@${NPM_ESLINT_PLUGIN_REACT_VERSION} \ + eslint-plugin-jsx-a11y@${NPM_ESLINT_PLUGIN_JSX_ALLY_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} \ + prettyjson@${NPM_PRETTYJSON_VERSION} \ + @typescript-eslint/eslint-plugin@${NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION} \ + @typescript-eslint/parser@${NPM_TYPESCRIPT_ESLINT_PARSER_VERSION} \ + ts-standard@${NPM_TS_STANDARD_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -404,13 +703,13 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #GEM__START RUN echo 'gem: --no-document' >> ~/.gemrc && \ gem install \ - puppet-lint \ - rubocop \ - rubocop-github \ - rubocop-performance \ - rubocop-rails \ - rubocop-rake \ - rubocop-rspec + puppet-lint:${GEM_PUPPET_LINT_VERSION} \ + rubocop:${GEM_RUBOCOP_VERSION} \ + rubocop-github:${GEM_RUBOCOP_GITHUB_VERSION} \ + rubocop-performance:${GEM_RUBOCOP_PERFORMANCE_VERSION} \ + rubocop-rails:${GEM_RUBOCOP_RAILS_VERSION} \ + rubocop-rake:${GEM_RUBOCOP_RAKE_VERSION} \ + rubocop-rspec:${GEM_RUBOCOP_RSPEC_VERSION} #GEM__END ############################## @@ -458,15 +757,16 @@ RUN rc-update add docker boot && (rc-service docker start || true) \ && chmod +x /opt/microsoft/powershell/7/pwsh \ && ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh +# +# BASH installation # # CLOJURE installation ENV LANG=C.UTF-8 RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \ - ALPINE_GLIBC_PACKAGE_VERSION="2.34-r0" && \ ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ - apk add --no-cache --virtual=.build-dependencies wget ca-certificates && \ + apk add --no-cache --virtual=.build-dependencies wget ca-certificates=${APK_CA_CERTIFICATES_VERSION} && \ echo \ "-----BEGIN PUBLIC KEY-----\ MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2u1KJKUu/fW4A25y9m\ @@ -502,7 +802,7 @@ RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" \ # # CSHARP installation - && apk add --no-cache dotnet9-sdk + && apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} ENV PATH="${PATH}:/root/.dotnet/tools" # # DART installation @@ -510,11 +810,10 @@ ENV PATH="${PATH}:/root/.dotnet/tools" # ENV LANG=C.UTF-8 # Next line commented because already managed by another linter # RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \ -# ALPINE_GLIBC_PACKAGE_VERSION="2.34-r0" && \ # ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ # ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ # ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ -# apk add --no-cache --virtual=.build-dependencies wget ca-certificates && \ +# apk add --no-cache --virtual=.build-dependencies wget ca-certificates=${APK_CA_CERTIFICATES_VERSION} && \ # echo \ # "-----BEGIN PUBLIC KEY-----\ # MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2u1KJKUu/fW4A25y9m\ @@ -549,6 +848,8 @@ ENV PATH="${PATH}:/root/.dotnet/tools" # "$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \ # "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" # +# GO installation +# # JAVA installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -566,6 +867,8 @@ RUN wget --tries=5 https://www.lua.org/ftp/lua-5.3.5.tar.gz -O - -q | tar -xzf - && make install \ && cd .. && rm -r lua-5.3.5/ \ # +# PERL installation +# # PHP installation && update-alternatives --install /usr/bin/php php /usr/bin/php84 110 # Managed with COPY --from=composer/composer:2-bin /composer /usr/bin/composer @@ -585,7 +888,7 @@ ENV PHP_CS_FIXER_IGNORE_ENV=true # ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk # Next line commented because already managed by another linter # ENV PATH="$JAVA_HOME/bin:${PATH}" -RUN sf plugins install @salesforce/plugin-packaging@${SALESFORCE_PLUGIN_PACKAGING_VERSION} \ +RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ && rm -rf /root/.npm/_cacache @@ -599,10 +902,12 @@ ENV SF_AUTOUPDATE_DISABLE=true SF_CLI_DISABLE_AUTOUPDATE=true RUN curl --retry-all-errors --retry 10 -fLo coursier https://git.io/coursier-cli && \ chmod +x coursier +# +# TYPESCRIPT installation # # VBDOTNET installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet9-sdk +# RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools" # @@ -611,6 +916,10 @@ RUN curl --retry-all-errors --retry 10 -fLo coursier https://git.io/coursier-cli # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # arm-ttk installation ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk/arm-ttk/arm-ttk.psd1" RUN curl --retry 5 --retry-delay 5 -sLO "https://github.com/Azure/arm-ttk/releases/download/${ARM_TTK_VERSION}/${ARM_TTK_NAME}" \ @@ -635,6 +944,10 @@ RUN curl --retry 5 --retry-delay 5 -sLO "https://github.com/Azure/arm-ttk/releas && chmod +x "${BICEP_EXE}" \ && mv "${BICEP_EXE}" "${BICEP_DIR}" \ # +# cpplint installation +# +# clang-format installation +# # clj-kondo installation && curl --retry 5 --retry-delay 5 -sLO https://raw.githubusercontent.com/clj-kondo/clj-kondo/refs/tags/v${CLJ_KONDO_VERSION}/script/install-clj-kondo \ && chmod +x install-clj-kondo \ @@ -645,12 +958,24 @@ RUN curl --retry 5 --retry-delay 5 -sLO "https://github.com/Azure/arm-ttk/releas && chmod +x install-cljstyle \ && ./install-cljstyle --static --version "$CLJ_STYLE_VERSION" \ # +# cfn-lint installation +# +# coffeelint installation +# +# jscpd installation +# +# cpplint installation +# +# clang-format installation +# # csharpier installation && dotnet tool install --allow-roll-forward --global csharpier --version "${CSHARP_CSHARPIER_VERSION}" \ # # roslynator installation && dotnet tool install --allow-roll-forward --global roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" \ # +# stylelint installation +# # dartanalyzer installation && wget --tries=5 https://storage.googleapis.com/dart-archive/channels/stable/release/${DART_VERSION}/sdk/dartsdk-linux-x64-release.zip -O - -q | unzip -q - \ && mkdir -p /usr/lib/dart \ @@ -669,6 +994,8 @@ ENV PATH="/usr/lib/dart/bin:${PATH}" # dotenv-linter installation RUN wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s \ # +# gherkin-lint installation +# # golangci-lint installation && wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s "v${GO_GOLANGCI_LINT_VERSION}" \ && golangci-lint --version @@ -677,9 +1004,15 @@ RUN wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/m # revive installation # Managed with COPY --link --from=revive /usr/bin/revive /usr/bin/revive # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# # checkstyle installation RUN --mount=type=secret,id=GITHUB_TOKEN CHECKSTYLE_LATEST=$(curl -s \ -H "Accept: application/vnd.github+json" \ @@ -699,6 +1032,22 @@ RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${P mv pmd-bin-${PMD_VERSION} /usr/bin/pmd || echo "Error mv" && \ chmod +x /usr/bin/pmd/bin/pmd || echo "Error chmod" \ # +# eslint installation +# +# standard installation +# +# prettier installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# +# npm-package-json-lint installation +# +# eslint installation +# # ktlint installation && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -715,6 +1064,8 @@ RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${P # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ @@ -737,8 +1088,12 @@ RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${P # # stylua installation # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # perlcritic installation && curl -fsSL https://raw.githubusercontent.com/skaji/cpm/refs/tags/${PERL_PERLCRITIC_VERSION}/cpm | perl - install -g --show-build-log-on-failure --without-build --without-test --without-runtime Perl::Critic \ && rm -rf /root/.perl-cpm @@ -773,9 +1128,27 @@ RUN pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSI # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# puppet-lint installation +# +# pylint installation +# +# black installation +# +# flake8 installation +# +# isort installation +# +# bandit installation +# # mypy installation ENV MYPY_CACHE_DIR=/tmp # +# pyright installation +# +# ruff installation +# +# ruff-format installation +# # lintr installation RUN mkdir -p /home/r-library \ && cp -r /usr/lib/R/library/ /home/r-library/ \ @@ -789,9 +1162,11 @@ RUN mkdir -p /home/r-library \ ENV PATH="~/.raku/bin:/opt/rakudo-pkg/bin:/opt/rakudo-pkg/share/perl6/site/bin:$PATH" # +# checkov installation +# # devskim installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet9-sdk +# RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools" RUN dotnet tool install --allow-roll-forward --global Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} \ @@ -810,6 +1185,12 @@ RUN dotnet tool install --allow-roll-forward --global Microsoft.CST.DevSkim.CLI ENV KICS_QUERIES_PATH=/usr/bin/assets/queries KICS_LIBRARIES_PATH=/usr/bin/assets/libraries # Managed with COPY --from=kics /app/bin/assets /usr/bin/assets # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # syft installation RUN curl -sSfL https://raw.githubusercontent.com/anchore/syft/refs/tags/v${REPOSITORY_SYFT_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # @@ -824,6 +1205,14 @@ RUN curl -sSfL https://raw.githubusercontent.com/anchore/syft/refs/tags/v${REPOS # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# rst-lint installation +# +# rstcheck installation +# +# rstfmt installation +# +# rubocop installation +# # sfdx-scanner-apex installation && sf plugins install @salesforce/sfdx-scanner@${SALESFORCE_SFDX_SCANNER_VERSION} \ && (npm cache clean --force || true) \ @@ -849,6 +1238,12 @@ RUN curl -sSfL https://raw.githubusercontent.com/anchore/syft/refs/tags/v${REPOS # scalafix installation && ./coursier install scalafix --quiet --install-dir /usr/bin && rm -rf /root/.cache \ # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -859,11 +1254,17 @@ RUN curl -sSfL https://raw.githubusercontent.com/anchore/syft/refs/tags/v${REPOS # # tsqllint installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet9-sdk +# RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools" && dotnet tool install --allow-roll-forward --global TSQLLint --version ${SQL_TSQLLINT_VERSION} # +# swiftlint installation +# renovate: datasource=docker depName=ghcr.io/realm/swiftlint +ENV SWIFT_SWIFTLINT_VERSION=0.58.2 +# +# tekton-lint installation +# # tflint installation # Managed with COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ # @@ -876,6 +1277,22 @@ RUN curl -sSfL https://raw.githubusercontent.com/anchore/syft/refs/tags/v${REPOS # terraform-fmt installation # Managed with COPY --link --from=terragrunt /bin/terraform /usr/bin/ # +# eslint installation +# +# eslint installation +# +# ts-standard installation +# +# prettier installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/c_cpp/Dockerfile b/flavors/c_cpp/Dockerfile index 6cd028451e6..0292f7d30a7 100644 --- a/flavors/c_cpp/Dockerfile +++ b/flavors/c_cpp/Dockerfile @@ -59,7 +59,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -83,24 +83,152 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=repology depName=alpine_3_21/clang19-extra-tools +ARG APK_CLANG19_EXTRA_TOOLS_VERSION=19.1.4-r0 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=npm depName=gherkin-lint +ARG NPM_GHERKIN_LINT_VERSION=4.2.4 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -114,32 +242,29 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ - py3-pyflakes \ - clang19-extra-tools \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + clang19-extra-tools=${APK_CLANG19_EXTRA_TOOLS_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -160,9 +285,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -174,19 +299,20 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -200,29 +326,29 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - gherkin-lint \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - @prantlf/jsonlint \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint && \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + gherkin-lint@${NPM_GHERKIN_LINT_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -274,6 +400,8 @@ COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -283,6 +411,10 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -294,6 +426,18 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# cpplint installation +# +# clang-format installation +# +# jscpd installation +# +# cpplint installation +# +# clang-format installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -303,9 +447,23 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# gherkin-lint installation +# +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -322,21 +480,35 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -349,6 +521,12 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -357,6 +535,16 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # # sqlfluff installation # +# tekton-lint installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/ci_light/Dockerfile b/flavors/ci_light/Dockerfile index 44e92dd05d3..34dc90254e1 100644 --- a/flavors/ci_light/Dockerfile +++ b/flavors/ci_light/Dockerfile @@ -38,7 +38,7 @@ FROM trufflesecurity/trufflehog:${REPOSITORY_TRUFFLEHOG_VERSION} AS trufflehog ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -62,12 +62,82 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION #ARG__END #################### @@ -81,25 +151,23 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -120,9 +188,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -134,8 +202,8 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/yamllint/bin @@ -152,15 +220,15 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd \ - npm-groovy-lint@15.0.0 \ - @prantlf/jsonlint \ - v8r \ - prettier \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif && \ + jscpd@${NPM_JSCPD_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -203,12 +271,16 @@ COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # shellcheck installation # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# jscpd installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -218,12 +290,22 @@ RUN wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/m # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# jsonlint installation +# +# v8r installation +# +# prettier installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -236,6 +318,14 @@ RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPO # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/cupcake/Dockerfile b/flavors/cupcake/Dockerfile index ddb26b7b38d..ccb78380d48 100644 --- a/flavors/cupcake/Dockerfile +++ b/flavors/cupcake/Dockerfile @@ -75,7 +75,7 @@ FROM alpine/terragrunt:${TERRAFORM_TERRAGRUNT_VERSION} AS terragrunt ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -99,34 +99,283 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/docker +ARG APK_DOCKER_VERSION=27.3.1-r1 +# renovate: datasource=repology depName=alpine_3_21/openrc +ARG APK_OPENRC_VERSION=0.55.1-r2 +# renovate: datasource=github-tags depName=sgerrand/alpine-pkg-glibc +ARG ALPINE_GLIBC_PACKAGE_VERSION=2.34-r0 +# renovate: datasource=repology depName=alpine_3_21/go +ARG APK_GO_VERSION=1.23.5-r0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/gnupg +ARG APK_GNUPG_VERSION=2.4.7-r0 +# renovate: datasource=repology depName=alpine_3_21/php84 +ARG APK_PHP84_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-phar +ARG APK_PHP84_PHAR_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-mbstring +ARG APK_PHP84_MBSTRING_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-xmlwriter +ARG APK_PHP84_XMLWRITER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-tokenizer +ARG APK_PHP84_TOKENIZER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-ctype +ARG APK_PHP84_CTYPE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-curl +ARG APK_PHP84_CURL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-dom +ARG APK_PHP84_DOM_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-opcache +ARG APK_PHP84_OPCACHE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-openssl +ARG APK_PHP84_OPENSSL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-common +ARG APK_PHP84_COMMON_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-simplexml +ARG APK_PHP84_SIMPLEXML_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/dpkg +ARG APK_DPKG_VERSION=1.22.11-r0 +# renovate: datasource=npm depName=typescript +ARG NPM_TYPESCRIPT_VERSION=5.7.3 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 # renovate: datasource=github-tags depName=clj-kondo/clj-kondo ARG CLJ_KONDO_VERSION=2025.01.16 # renovate: datasource=github-tags depName=greglook/cljstyle ARG CLJ_STYLE_VERSION=0.17.642 +# renovate: datasource=pypi depName=cfn-lint +ARG PIP_CFN_LINT_VERSION=1.22.7 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 # renovate: datasource=github-tags depName=golangci/golangci-lint ARG GO_GOLANGCI_LINT_VERSION=1.63.4 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 # renovate: datasource=github-tags depName=pmd/pmd extractVersion=^pmd_releases/(?.*)$ ARG PMD_VERSION=7.10.0 +# renovate: datasource=npm depName=eslint +ARG NPM_ESLINT_VERSION=8.57.0 +# renovate: datasource=npm depName=eslint-config-airbnb +ARG NPM_ESLINT_CONFIG_AIRBNB_VERSION=19.0.4 +# renovate: datasource=npm depName=eslint-config-prettier +ARG NPM_ESLINT_CONFIG_PRETTIER_VERSION=10.0.1 +# renovate: datasource=npm depName=eslint-config-standard +ARG NPM_ESLINT_CONFIG_STANDARD_VERSION=17.1.0 +# renovate: datasource=npm depName=eslint-plugin-import +ARG NPM_ESLINT_PLUGIN_IMPORT_VERSION=2.31.0 +# renovate: datasource=npm depName=eslint-plugin-jest +ARG NPM_ESLINT_PLUGIN_JEST_VERSION=28.11.0 +# renovate: datasource=npm depName=eslint-plugin-node +ARG NPM_ESLINT_PLUGIN_NODE_VERSION=11.1.0 +# renovate: datasource=npm depName=eslint-plugin-prettier +ARG NPM_ESLINT_PLUGIN_PRETTIER_VERSION=5.2.3 +# renovate: datasource=npm depName=eslint-plugin-promise +ARG NPM_ESLINT_PLUGIN_PROMISE_VERSION=6.6.0 +# renovate: datasource=npm depName=eslint-plugin-vue +ARG NPM_ESLINT_PLUGIN_VUE_VERSION=9.32.0 +# renovate: datasource=npm depName=@babel/core +ARG NPM_BABEL_CORE_VERSION=7.26.7 +# renovate: datasource=npm depName=@babel/eslint-parser +ARG NPM_BABEL_ESLINT_PARSER_VERSION=7.26.5 +# renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif +ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 +# renovate: datasource=npm depName=standard +ARG NPM_STANDARD_VERSION=17.1.2 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=npm-package-json-lint +ARG NPM_PACKAGE_JSON_LINT_VERSION=8.0.0 +# renovate: datasource=npm depName=npm-package-json-lint-config-default +ARG NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION=7.0.1 +# renovate: datasource=npm depName=eslint-plugin-react +ARG NPM_ESLINT_PLUGIN_REACT_VERSION=7.37.4 +# renovate: datasource=npm depName=eslint-plugin-jsx-a11y +ARG NPM_ESLINT_PLUGIN_JSX_ALLY_VERSION=6.10.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=pylint +ARG PIP_PYLINT_VERSION=3.3.3 +# renovate: datasource=pypi depName=typing-extensions +ARG PIP_TYPING_EXTENSIONS_VERSION=4.12.2 +# renovate: datasource=pypi depName=black +ARG PIP_BLACK_VERSION=24.10.0 +# renovate: datasource=pypi depName=flake8 +ARG PIP_FLAKE8_VERSION=7.1.1 +# renovate: datasource=pypi depName=isort +ARG PIP_ISORT_VERSION=5.13.2 +# renovate: datasource=pypi depName=mypy +ARG PIP_MYPY_VERSION=1.14.1 +# renovate: datasource=pypi depName=pyright +ARG PIP_PYRIGHT_VERSION=1.1.392.post0 +# renovate: datasource=pypi depName=ruff +ARG PIP_RUFF_VERSION=0.9.3 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=Pygments +ARG PIP_PYGMENTS_VERSION=2.19.1 +# renovate: datasource=pypi depName=restructuredtext_lint +ARG PIP_RESTRUCTUREDTEXT_LINT_VERSION=1.4.0 +# renovate: datasource=pypi depName=rstcheck +ARG PIP_RSTCHECK_VERSION=6.2.4 +# renovate: datasource=pypi depName=rstfmt +ARG PIP_RSTFMT_VERSION=0.0.14 +# renovate: datasource=rubygems depName=rubocop +ARG GEM_RUBOCOP_VERSION=1.71.0 +# renovate: datasource=rubygems depName=rubocop-github +ARG GEM_RUBOCOP_GITHUB_VERSION=0.20.0 +# renovate: datasource=rubygems depName=rubocop-performance +ARG GEM_RUBOCOP_PERFORMANCE_VERSION=1.23.1 +# renovate: datasource=rubygems depName=rubocop-rails +ARG GEM_RUBOCOP_RAILS_VERSION=2.29.1 +# renovate: datasource=rubygems depName=rubocop-rake +ARG GEM_RUBOCOP_RAKE_VERSION=0.6.0 +# renovate: datasource=rubygems depName=rubocop-rspec +ARG GEM_RUBOCOP_RSPEC_VERSION=3.4.0 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=prettyjson +ARG NPM_PRETTYJSON_VERSION=1.2.5 +# renovate: datasource=npm depName=@typescript-eslint/eslint-plugin +ARG NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION=8.21.0 +# renovate: datasource=npm depName=@typescript-eslint/parser +ARG NPM_TYPESCRIPT_ESLINT_PARSER_VERSION=8.21.0 +# renovate: datasource=npm depName=ts-standard +ARG NPM_TS_STANDARD_VERSION=12.0.2 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=repology depName=alpine_3_21/ruby +ARG APK_RUBY_VERSION=3.3.6-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-dev +ARG APK_RUBY_DEV_VERSION=3.3.6-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-bundler +ARG APK_RUBY_BUNDLER_VERSION=2.5.23-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-rdoc +ARG APK_RUBY_RDOC_VERSION=3.3.6-r0 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG GO_REVIVE_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_KICS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_LYCHEE_VERSION +ARG TERRAFORM_TFLINT_VERSION +ARG TERRAFORM_TERRASCAN_VERSION +ARG TERRAFORM_TERRAGRUNT_VERSION #ARG__END #################### @@ -140,52 +389,49 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - docker \ - openrc \ - go \ - openjdk21 \ - gnupg \ - php84 \ - php84-phar \ - php84-mbstring \ - php84-xmlwriter \ - php84-tokenizer \ - php84-ctype \ - php84-curl \ - php84-dom \ - php84-opcache \ - php84-openssl \ - php84-common \ - php84-simplexml \ - dpkg \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ - ruby \ - ruby-dev \ - ruby-bundler \ - ruby-rdoc \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + docker=${APK_DOCKER_VERSION} \ + openrc=${APK_OPENRC_VERSION} \ + go=${APK_GO_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + gnupg=${APK_GNUPG_VERSION} \ + php84=${APK_PHP84_VERSION} \ + php84-phar=${APK_PHP84_PHAR_VERSION} \ + php84-mbstring=${APK_PHP84_MBSTRING_VERSION} \ + php84-xmlwriter=${APK_PHP84_XMLWRITER_VERSION} \ + php84-tokenizer=${APK_PHP84_TOKENIZER_VERSION} \ + php84-ctype=${APK_PHP84_CTYPE_VERSION} \ + php84-curl=${APK_PHP84_CURL_VERSION} \ + php84-dom=${APK_PHP84_DOM_VERSION} \ + php84-opcache=${APK_PHP84_OPCACHE_VERSION} \ + php84-openssl=${APK_PHP84_OPENSSL_VERSION} \ + php84-common=${APK_PHP84_COMMON_VERSION} \ + php84-simplexml=${APK_PHP84_SIMPLEXML_VERSION} \ + dpkg=${APK_DPKG_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ + ruby=${APK_RUBY_VERSION} \ + ruby-dev=${APK_RUBY_DEV_VERSION} \ + ruby-bundler=${APK_RUBY_BUNDLER_VERSION} \ + ruby-rdoc=${APK_RUBY_RDOC_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -206,9 +452,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && rustup component add clippy && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && rustup component add clippy && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -220,30 +466,31 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cfn-lint" && cd "/venvs/cfn-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cfn-lint[sarif] && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/pylint" && cd "/venvs/pylint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pylint typing-extensions && deactivate && cd ./../.. \ - && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/flake8" && cd "/venvs/flake8" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir flake8 && deactivate && cd ./../.. \ - && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir isort black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/mypy" && cd "/venvs/mypy" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir mypy && deactivate && cd ./../.. \ - && mkdir -p "/venvs/pyright" && cd "/venvs/pyright" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pyright && deactivate && cd ./../.. \ - && mkdir -p "/venvs/ruff" && cd "/venvs/ruff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/ruff-format" && cd "/venvs/ruff-format" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rst-lint" && cd "/venvs/rst-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir Pygments restructuredtext_lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstcheck" && cd "/venvs/rstcheck" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstcheck[toml,sphinx] && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/cfn-lint" && cd "/venvs/cfn-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cfn-lint[sarif]==${PIP_CFN_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/pylint" && cd "/venvs/pylint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pylint==${PIP_PYLINT_VERSION} typing-extensions==${PIP_TYPING_EXTENSIONS_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black==${PIP_BLACK_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/flake8" && cd "/venvs/flake8" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir flake8==${PIP_FLAKE8_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black==${PIP_BLACK_VERSION} isort==${PIP_ISORT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/mypy" && cd "/venvs/mypy" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir mypy==${PIP_MYPY_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/pyright" && cd "/venvs/pyright" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pyright==${PIP_PYRIGHT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/ruff" && cd "/venvs/ruff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff==${PIP_RUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/ruff-format" && cd "/venvs/ruff-format" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff==${PIP_RUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/rst-lint" && cd "/venvs/rst-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir Pygments==${PIP_PYGMENTS_VERSION} restructuredtext_lint==${PIP_RESTRUCTUREDTEXT_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/rstcheck" && cd "/venvs/rstcheck" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstcheck[toml,sphinx]==${PIP_RSTCHECK_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt==${PIP_RSTFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/cfn-lint/bin:/venvs/djlint/bin:/venvs/pylint/bin:/venvs/black/bin:/venvs/flake8/bin:/venvs/isort/bin:/venvs/mypy/bin:/venvs/pyright/bin:/venvs/ruff/bin:/venvs/ruff-format/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/rst-lint/bin:/venvs/rstcheck/bin:/venvs/rstfmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/cfn-lint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/pylint/bin:/venvs/black/bin:/venvs/flake8/bin:/venvs/isort/bin:/venvs/mypy/bin:/venvs/pyright/bin:/venvs/ruff/bin:/venvs/ruff-format/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/rst-lint/bin:/venvs/rstcheck/bin:/venvs/rstfmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -257,49 +504,49 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-config-standard \ - eslint-plugin-import \ - eslint-plugin-jest \ - eslint-plugin-node \ - eslint-plugin-prettier \ - eslint-plugin-promise \ - eslint-plugin-vue \ - @babel/core \ - @babel/eslint-parser \ - @microsoft/eslint-formatter-sarif \ - standard \ - prettier \ - @prantlf/jsonlint \ - v8r \ - npm-package-json-lint \ - npm-package-json-lint-config-default \ - eslint-plugin-react \ - eslint-plugin-jsx-a11y \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - prettyjson \ - @typescript-eslint/eslint-plugin \ - @typescript-eslint/parser \ - ts-standard && \ + typescript@${NPM_TYPESCRIPT_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + eslint@${NPM_ESLINT_VERSION} \ + eslint-config-airbnb@${NPM_ESLINT_CONFIG_AIRBNB_VERSION} \ + eslint-config-prettier@${NPM_ESLINT_CONFIG_PRETTIER_VERSION} \ + eslint-config-standard@${NPM_ESLINT_CONFIG_STANDARD_VERSION} \ + eslint-plugin-import@${NPM_ESLINT_PLUGIN_IMPORT_VERSION} \ + eslint-plugin-jest@${NPM_ESLINT_PLUGIN_JEST_VERSION} \ + eslint-plugin-node@${NPM_ESLINT_PLUGIN_NODE_VERSION} \ + eslint-plugin-prettier@${NPM_ESLINT_PLUGIN_PRETTIER_VERSION} \ + eslint-plugin-promise@${NPM_ESLINT_PLUGIN_PROMISE_VERSION} \ + eslint-plugin-vue@${NPM_ESLINT_PLUGIN_VUE_VERSION} \ + @babel/core@${NPM_BABEL_CORE_VERSION} \ + @babel/eslint-parser@${NPM_BABEL_ESLINT_PARSER_VERSION} \ + @microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION} \ + standard@${NPM_STANDARD_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + npm-package-json-lint@${NPM_PACKAGE_JSON_LINT_VERSION} \ + npm-package-json-lint-config-default@${NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION} \ + eslint-plugin-react@${NPM_ESLINT_PLUGIN_REACT_VERSION} \ + eslint-plugin-jsx-a11y@${NPM_ESLINT_PLUGIN_JSX_ALLY_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + prettyjson@${NPM_PRETTYJSON_VERSION} \ + @typescript-eslint/eslint-plugin@${NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION} \ + @typescript-eslint/parser@${NPM_TYPESCRIPT_ESLINT_PARSER_VERSION} \ + ts-standard@${NPM_TS_STANDARD_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -323,12 +570,12 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #GEM__START RUN echo 'gem: --no-document' >> ~/.gemrc && \ gem install \ - rubocop \ - rubocop-github \ - rubocop-performance \ - rubocop-rails \ - rubocop-rake \ - rubocop-rspec + rubocop:${GEM_RUBOCOP_VERSION} \ + rubocop-github:${GEM_RUBOCOP_GITHUB_VERSION} \ + rubocop-performance:${GEM_RUBOCOP_PERFORMANCE_VERSION} \ + rubocop-rails:${GEM_RUBOCOP_RAILS_VERSION} \ + rubocop-rake:${GEM_RUBOCOP_RAKE_VERSION} \ + rubocop-rspec:${GEM_RUBOCOP_RSPEC_VERSION} #GEM__END ############################## @@ -365,14 +612,15 @@ COPY --link --from=terragrunt /bin/terraform /usr/bin/ ############################################################################################# #OTHER__START RUN rc-update add docker boot && (rc-service docker start || true) +# BASH installation +# # CLOJURE installation ENV LANG=C.UTF-8 RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \ - ALPINE_GLIBC_PACKAGE_VERSION="2.34-r0" && \ ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ - apk add --no-cache --virtual=.build-dependencies wget ca-certificates && \ + apk add --no-cache --virtual=.build-dependencies wget ca-certificates=${APK_CA_CERTIFICATES_VERSION} && \ echo \ "-----BEGIN PUBLIC KEY-----\ MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2u1KJKUu/fW4A25y9m\ @@ -407,6 +655,8 @@ RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases "$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \ "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" +# +# GO installation # # JAVA installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk @@ -424,11 +674,15 @@ RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 ENV PATH="/root/.composer/vendor/bin:${PATH}" ENV PHP_CS_FIXER_IGNORE_ENV=true # +# TYPESCRIPT installation +# # actionlint installation # Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -440,6 +694,8 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# cpplint installation +# # clj-kondo installation && curl --retry 5 --retry-delay 5 -sLO https://raw.githubusercontent.com/clj-kondo/clj-kondo/refs/tags/v${CLJ_KONDO_VERSION}/script/install-clj-kondo \ && chmod +x install-clj-kondo \ @@ -450,6 +706,14 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil && chmod +x install-cljstyle \ && ./install-cljstyle --static --version "$CLJ_STYLE_VERSION" \ # +# cfn-lint installation +# +# jscpd installation +# +# cpplint installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -467,9 +731,15 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # revive installation # Managed with COPY --link --from=revive /usr/bin/revive /usr/bin/revive # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# # checkstyle installation RUN --mount=type=secret,id=GITHUB_TOKEN CHECKSTYLE_LATEST=$(curl -s \ -H "Accept: application/vnd.github+json" \ @@ -489,6 +759,22 @@ RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${P mv pmd-bin-${PMD_VERSION} /usr/bin/pmd || echo "Error mv" && \ chmod +x /usr/bin/pmd/bin/pmd || echo "Error chmod" \ # +# eslint installation +# +# standard installation +# +# prettier installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# +# npm-package-json-lint installation +# +# eslint installation +# # ktlint installation && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -505,12 +791,18 @@ RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${P # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # phpcs installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && composer global require squizlabs/php_codesniffer bartlett/sarif-php-converters @@ -529,10 +821,26 @@ RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GI # php-cs-fixer installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && composer global require friendsofphp/php-cs-fixer +# +# pylint installation +# +# black installation +# +# flake8 installation +# +# isort installation # # mypy installation ENV MYPY_CACHE_DIR=/tmp # +# pyright installation +# +# ruff installation +# +# ruff-format installation +# +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # @@ -544,6 +852,12 @@ RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPO ENV KICS_QUERIES_PATH=/usr/bin/assets/queries KICS_LIBRARIES_PATH=/usr/bin/assets/libraries # Managed with COPY --from=kics /app/bin/assets /usr/bin/assets # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -556,11 +870,27 @@ RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/ # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# rst-lint installation +# +# rstcheck installation +# +# rstfmt installation +# +# rubocop installation +# +# cspell installation +# +# proselint installation +# # lychee installation # Managed with COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ # # sqlfluff installation # +# swiftlint installation +# renovate: datasource=docker depName=ghcr.io/realm/swiftlint +ENV SWIFT_SWIFTLINT_VERSION=0.58.2 +# # tflint installation # Managed with COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ # @@ -573,6 +903,22 @@ RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/ # terraform-fmt installation # Managed with COPY --link --from=terragrunt /bin/terraform /usr/bin/ # +# eslint installation +# +# eslint installation +# +# ts-standard installation +# +# prettier installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/documentation/Dockerfile b/flavors/documentation/Dockerfile index d5aa16d73dc..03b2d49b8f4 100644 --- a/flavors/documentation/Dockerfile +++ b/flavors/documentation/Dockerfile @@ -59,7 +59,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -83,24 +83,148 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -114,31 +238,28 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -159,9 +280,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -173,18 +294,19 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -198,28 +320,28 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - @prantlf/jsonlint \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint && \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -271,6 +393,8 @@ COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -280,6 +404,10 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -291,6 +419,10 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# jscpd installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -300,9 +432,21 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -319,21 +463,35 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -346,6 +504,12 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -354,6 +518,16 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # # sqlfluff installation # +# tekton-lint installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/dotnet/Dockerfile b/flavors/dotnet/Dockerfile index 96bc7d3c921..2b1fcbac733 100644 --- a/flavors/dotnet/Dockerfile +++ b/flavors/dotnet/Dockerfile @@ -59,7 +59,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -83,44 +83,178 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/icu-libs +ARG APK_ICU_LIBS_VERSION=74.2-r0 # renovate: datasource=github-tags depName=PowerShell/PowerShell ARG POWERSHELL_VERSION=7.5.0 +# renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk +ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 # renovate: datasource=github-tags depName=Azure/arm-ttk ARG ARM_TTK_VERSION=20240328 ARG ARM_TTK_NAME='arm-ttk.zip' ARG ARM_TTK_DIRECTORY='/opt/microsoft' +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 # renovate: datasource=github-tags depName=Azure/bicep ARG BICEP_VERSION=0.33.13 ARG BICEP_EXE='bicep' ARG BICEP_DIR='/usr/local/bin' +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 # renovate: datasource=nuget depName=csharpier ARG CSHARP_CSHARPIER_VERSION=0.30.6 # renovate: datasource=nuget depName=roslynator.dotnet.cli ARG CSHARP_ROSLYNATOR_VERSION=0.10.0 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=npm depName=gherkin-lint +ARG NPM_GHERKIN_LINT_VERSION=4.2.4 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=npm depName=npm-package-json-lint +ARG NPM_PACKAGE_JSON_LINT_VERSION=8.0.0 +# renovate: datasource=npm depName=npm-package-json-lint-config-default +ARG NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION=7.0.1 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 # renovate: datasource=nuget depName=PSScriptAnalyzer registryUrl=https://www.powershellgallery.com/api/v2/ ARG PSSA_VERSION='1.23.0' +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 # renovate: datasource=nuget depName=TSQLLint ARG SQL_TSQLLINT_VERSION=1.16.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -134,32 +268,29 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - icu-libs \ - openjdk21 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + icu-libs=${APK_ICU_LIBS_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -180,9 +311,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -194,19 +325,20 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -220,31 +352,31 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - gherkin-lint \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - @prantlf/jsonlint \ - v8r \ - prettier \ - npm-package-json-lint \ - npm-package-json-lint-config-default \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint && \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + gherkin-lint@${NPM_GHERKIN_LINT_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + npm-package-json-lint@${NPM_PACKAGE_JSON_LINT_VERSION} \ + npm-package-json-lint-config-default@${NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -303,8 +435,10 @@ RUN curl -L https://github.com/PowerShell/PowerShell/releases/download/v${POWERS && chmod +x /opt/microsoft/powershell/7/pwsh \ && ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh \ # +# BASH installation +# # CSHARP installation - && apk add --no-cache dotnet9-sdk + && apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} ENV PATH="${PATH}:/root/.dotnet/tools" # # KOTLIN installation @@ -321,7 +455,7 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # # VBDOTNET installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet9-sdk +# RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools" # @@ -330,6 +464,10 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # arm-ttk installation ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk/arm-ttk/arm-ttk.psd1" RUN curl --retry 5 --retry-delay 5 -sLO "https://github.com/Azure/arm-ttk/releases/download/${ARM_TTK_VERSION}/${ARM_TTK_NAME}" \ @@ -354,12 +492,20 @@ RUN curl --retry 5 --retry-delay 5 -sLO "https://github.com/Azure/arm-ttk/releas && chmod +x "${BICEP_EXE}" \ && mv "${BICEP_EXE}" "${BICEP_DIR}" \ # +# cpplint installation +# +# jscpd installation +# +# cpplint installation +# # csharpier installation && dotnet tool install --allow-roll-forward --global csharpier --version "${CSHARP_CSHARPIER_VERSION}" \ # # roslynator installation && dotnet tool install --allow-roll-forward --global roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" \ # +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -369,9 +515,25 @@ RUN curl --retry 5 --retry-delay 5 -sLO "https://github.com/Azure/arm-ttk/releas # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# gherkin-lint installation +# +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# +# npm-package-json-lint installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -388,12 +550,18 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # powershell installation && pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' \ # @@ -404,12 +572,20 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -421,6 +597,12 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -431,11 +613,21 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # # tsqllint installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet9-sdk +# RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools" && dotnet tool install --allow-roll-forward --global TSQLLint --version ${SQL_TSQLLINT_VERSION} # +# tekton-lint installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/dotnetweb/Dockerfile b/flavors/dotnetweb/Dockerfile index 61e19ab23b9..ac29a7c909e 100644 --- a/flavors/dotnetweb/Dockerfile +++ b/flavors/dotnetweb/Dockerfile @@ -59,7 +59,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -83,44 +83,222 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/icu-libs +ARG APK_ICU_LIBS_VERSION=74.2-r0 # renovate: datasource=github-tags depName=PowerShell/PowerShell ARG POWERSHELL_VERSION=7.5.0 +# renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk +ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=npm depName=typescript +ARG NPM_TYPESCRIPT_VERSION=5.7.3 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 # renovate: datasource=github-tags depName=Azure/arm-ttk ARG ARM_TTK_VERSION=20240328 ARG ARM_TTK_NAME='arm-ttk.zip' ARG ARM_TTK_DIRECTORY='/opt/microsoft' +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 # renovate: datasource=github-tags depName=Azure/bicep ARG BICEP_VERSION=0.33.13 ARG BICEP_EXE='bicep' ARG BICEP_DIR='/usr/local/bin' +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=npm depName=@coffeelint/cli +ARG NPM_COFFEELINT_CLI_VERSION=5.2.11 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 # renovate: datasource=nuget depName=csharpier ARG CSHARP_CSHARPIER_VERSION=0.30.6 # renovate: datasource=nuget depName=roslynator.dotnet.cli ARG CSHARP_ROSLYNATOR_VERSION=0.10.0 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=npm depName=gherkin-lint +ARG NPM_GHERKIN_LINT_VERSION=4.2.4 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=eslint +ARG NPM_ESLINT_VERSION=8.57.0 +# renovate: datasource=npm depName=eslint-config-airbnb +ARG NPM_ESLINT_CONFIG_AIRBNB_VERSION=19.0.4 +# renovate: datasource=npm depName=eslint-config-prettier +ARG NPM_ESLINT_CONFIG_PRETTIER_VERSION=10.0.1 +# renovate: datasource=npm depName=eslint-config-standard +ARG NPM_ESLINT_CONFIG_STANDARD_VERSION=17.1.0 +# renovate: datasource=npm depName=eslint-plugin-import +ARG NPM_ESLINT_PLUGIN_IMPORT_VERSION=2.31.0 +# renovate: datasource=npm depName=eslint-plugin-jest +ARG NPM_ESLINT_PLUGIN_JEST_VERSION=28.11.0 +# renovate: datasource=npm depName=eslint-plugin-node +ARG NPM_ESLINT_PLUGIN_NODE_VERSION=11.1.0 +# renovate: datasource=npm depName=eslint-plugin-prettier +ARG NPM_ESLINT_PLUGIN_PRETTIER_VERSION=5.2.3 +# renovate: datasource=npm depName=eslint-plugin-promise +ARG NPM_ESLINT_PLUGIN_PROMISE_VERSION=6.6.0 +# renovate: datasource=npm depName=eslint-plugin-vue +ARG NPM_ESLINT_PLUGIN_VUE_VERSION=9.32.0 +# renovate: datasource=npm depName=@babel/core +ARG NPM_BABEL_CORE_VERSION=7.26.7 +# renovate: datasource=npm depName=@babel/eslint-parser +ARG NPM_BABEL_ESLINT_PARSER_VERSION=7.26.5 +# renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif +ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 +# renovate: datasource=npm depName=standard +ARG NPM_STANDARD_VERSION=17.1.2 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=npm-package-json-lint +ARG NPM_PACKAGE_JSON_LINT_VERSION=8.0.0 +# renovate: datasource=npm depName=npm-package-json-lint-config-default +ARG NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION=7.0.1 +# renovate: datasource=npm depName=eslint-plugin-react +ARG NPM_ESLINT_PLUGIN_REACT_VERSION=7.37.4 +# renovate: datasource=npm depName=eslint-plugin-jsx-a11y +ARG NPM_ESLINT_PLUGIN_JSX_ALLY_VERSION=6.10.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 # renovate: datasource=nuget depName=PSScriptAnalyzer registryUrl=https://www.powershellgallery.com/api/v2/ ARG PSSA_VERSION='1.23.0' +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 # renovate: datasource=nuget depName=TSQLLint ARG SQL_TSQLLINT_VERSION=1.16.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=npm depName=prettyjson +ARG NPM_PRETTYJSON_VERSION=1.2.5 +# renovate: datasource=npm depName=@typescript-eslint/eslint-plugin +ARG NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION=8.21.0 +# renovate: datasource=npm depName=@typescript-eslint/parser +ARG NPM_TYPESCRIPT_ESLINT_PARSER_VERSION=8.21.0 +# renovate: datasource=npm depName=ts-standard +ARG NPM_TS_STANDARD_VERSION=12.0.2 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -134,32 +312,29 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - icu-libs \ - openjdk21 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + icu-libs=${APK_ICU_LIBS_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -180,9 +355,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -194,19 +369,20 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -220,53 +396,53 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - @stoplight/spectral-cli \ - @coffeelint/cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - gherkin-lint \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-config-standard \ - eslint-plugin-import \ - eslint-plugin-jest \ - eslint-plugin-node \ - eslint-plugin-prettier \ - eslint-plugin-promise \ - eslint-plugin-vue \ - @babel/core \ - @babel/eslint-parser \ - @microsoft/eslint-formatter-sarif \ - standard \ - prettier \ - @prantlf/jsonlint \ - v8r \ - npm-package-json-lint \ - npm-package-json-lint-config-default \ - eslint-plugin-react \ - eslint-plugin-jsx-a11y \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint \ - prettyjson \ - @typescript-eslint/eslint-plugin \ - @typescript-eslint/parser \ - ts-standard && \ + typescript@${NPM_TYPESCRIPT_VERSION} \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + @coffeelint/cli@${NPM_COFFEELINT_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + gherkin-lint@${NPM_GHERKIN_LINT_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + eslint@${NPM_ESLINT_VERSION} \ + eslint-config-airbnb@${NPM_ESLINT_CONFIG_AIRBNB_VERSION} \ + eslint-config-prettier@${NPM_ESLINT_CONFIG_PRETTIER_VERSION} \ + eslint-config-standard@${NPM_ESLINT_CONFIG_STANDARD_VERSION} \ + eslint-plugin-import@${NPM_ESLINT_PLUGIN_IMPORT_VERSION} \ + eslint-plugin-jest@${NPM_ESLINT_PLUGIN_JEST_VERSION} \ + eslint-plugin-node@${NPM_ESLINT_PLUGIN_NODE_VERSION} \ + eslint-plugin-prettier@${NPM_ESLINT_PLUGIN_PRETTIER_VERSION} \ + eslint-plugin-promise@${NPM_ESLINT_PLUGIN_PROMISE_VERSION} \ + eslint-plugin-vue@${NPM_ESLINT_PLUGIN_VUE_VERSION} \ + @babel/core@${NPM_BABEL_CORE_VERSION} \ + @babel/eslint-parser@${NPM_BABEL_ESLINT_PARSER_VERSION} \ + @microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION} \ + standard@${NPM_STANDARD_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + npm-package-json-lint@${NPM_PACKAGE_JSON_LINT_VERSION} \ + npm-package-json-lint-config-default@${NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION} \ + eslint-plugin-react@${NPM_ESLINT_PLUGIN_REACT_VERSION} \ + eslint-plugin-jsx-a11y@${NPM_ESLINT_PLUGIN_JSX_ALLY_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} \ + prettyjson@${NPM_PRETTYJSON_VERSION} \ + @typescript-eslint/eslint-plugin@${NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION} \ + @typescript-eslint/parser@${NPM_TYPESCRIPT_ESLINT_PARSER_VERSION} \ + ts-standard@${NPM_TS_STANDARD_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -325,8 +501,10 @@ RUN curl -L https://github.com/PowerShell/PowerShell/releases/download/v${POWERS && chmod +x /opt/microsoft/powershell/7/pwsh \ && ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh \ # +# BASH installation +# # CSHARP installation - && apk add --no-cache dotnet9-sdk + && apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} ENV PATH="${PATH}:/root/.dotnet/tools" # # KOTLIN installation @@ -341,9 +519,11 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # && chmod +x /opt/microsoft/powershell/7/pwsh \ # && ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh # +# TYPESCRIPT installation +# # VBDOTNET installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet9-sdk +# RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools" # @@ -352,6 +532,10 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # arm-ttk installation ENV ARM_TTK_PSD1="${ARM_TTK_DIRECTORY}/arm-ttk/arm-ttk/arm-ttk.psd1" RUN curl --retry 5 --retry-delay 5 -sLO "https://github.com/Azure/arm-ttk/releases/download/${ARM_TTK_VERSION}/${ARM_TTK_NAME}" \ @@ -376,12 +560,22 @@ RUN curl --retry 5 --retry-delay 5 -sLO "https://github.com/Azure/arm-ttk/releas && chmod +x "${BICEP_EXE}" \ && mv "${BICEP_EXE}" "${BICEP_DIR}" \ # +# cpplint installation +# +# coffeelint installation +# +# jscpd installation +# +# cpplint installation +# # csharpier installation && dotnet tool install --allow-roll-forward --global csharpier --version "${CSHARP_CSHARPIER_VERSION}" \ # # roslynator installation && dotnet tool install --allow-roll-forward --global roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" \ # +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -391,9 +585,33 @@ RUN curl --retry 5 --retry-delay 5 -sLO "https://github.com/Azure/arm-ttk/releas # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# gherkin-lint installation +# +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# eslint installation +# +# standard installation +# +# prettier installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# +# npm-package-json-lint installation +# +# eslint installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -410,12 +628,18 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # powershell installation && pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' \ # @@ -426,12 +650,20 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -443,6 +675,12 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -453,11 +691,29 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # # tsqllint installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet9-sdk +# RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools" && dotnet tool install --allow-roll-forward --global TSQLLint --version ${SQL_TSQLLINT_VERSION} # +# tekton-lint installation +# +# eslint installation +# +# eslint installation +# +# ts-standard installation +# +# prettier installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/formatters/Dockerfile b/flavors/formatters/Dockerfile index 0580518291b..d545b25bea3 100644 --- a/flavors/formatters/Dockerfile +++ b/flavors/formatters/Dockerfile @@ -29,7 +29,7 @@ FROM alpine/terragrunt:${TERRAFORM_TERRAGRUNT_VERSION} AS terragrunt ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -53,16 +53,75 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk +ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 +# renovate: datasource=repology depName=alpine_3_21/icu-libs +ARG APK_ICU_LIBS_VERSION=74.2-r0 # renovate: datasource=github-tags depName=PowerShell/PowerShell ARG POWERSHELL_VERSION=7.5.0 +# renovate: datasource=npm depName=typescript +ARG NPM_TYPESCRIPT_VERSION=5.7.3 # renovate: datasource=nuget depName=csharpier ARG CSHARP_CSHARPIER_VERSION=0.30.6 # renovate: datasource=nuget depName=roslynator.dotnet.cli ARG CSHARP_ROSLYNATOR_VERSION=0.10.0 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 # renovate: datasource=nuget depName=PSScriptAnalyzer registryUrl=https://www.powershellgallery.com/api/v2/ ARG PSSA_VERSION='1.23.0' +# renovate: datasource=pypi depName=black +ARG PIP_BLACK_VERSION=24.10.0 +# renovate: datasource=pypi depName=isort +ARG PIP_ISORT_VERSION=5.13.2 +# renovate: datasource=pypi depName=ruff +ARG PIP_RUFF_VERSION=0.9.3 +# renovate: datasource=pypi depName=rstfmt +ARG PIP_RSTFMT_VERSION=0.0.14 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG BASH_SHFMT_VERSION +ARG TERRAFORM_TERRAGRUNT_VERSION #ARG__END #################### @@ -76,20 +135,20 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - icu-libs \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + icu-libs=${APK_ICU_LIBS_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -110,9 +169,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -124,12 +183,12 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir isort black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/ruff-format" && cd "/venvs/ruff-format" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black==${PIP_BLACK_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black==${PIP_BLACK_VERSION} isort==${PIP_ISORT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/ruff-format" && cd "/venvs/ruff-format" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff==${PIP_RUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt==${PIP_RSTFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/black/bin:/venvs/isort/bin:/venvs/ruff-format/bin:/venvs/rstfmt/bin:/venvs/snakefmt/bin @@ -146,10 +205,10 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - prettier \ - markdownlint-cli \ - markdown-table-formatter && \ + typescript@${NPM_TYPESCRIPT_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -189,8 +248,10 @@ COPY --link --from=terragrunt /bin/terraform /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # CSHARP installation -RUN apk add --no-cache dotnet9-sdk +RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} ENV PATH="${PATH}:/root/.dotnet/tools" # # POWERSHELL installation @@ -200,9 +261,11 @@ RUN curl -L https://github.com/PowerShell/PowerShell/releases/download/v${POWERS && chmod +x /opt/microsoft/powershell/7/pwsh \ && ln -s /opt/microsoft/powershell/7/pwsh /usr/bin/pwsh \ # +# TYPESCRIPT installation +# # VBDOTNET installation # Next line commented because already managed by another linter -# RUN apk add --no-cache dotnet9-sdk +# RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} # Next line commented because already managed by another linter # ENV PATH="${PATH}:/root/.dotnet/tools" # @@ -215,12 +278,34 @@ RUN curl -L https://github.com/PowerShell/PowerShell/releases/download/v${POWERS # roslynator installation && dotnet tool install --allow-roll-forward --global roslynator.dotnet.cli --version "${CSHARP_ROSLYNATOR_VERSION}" \ # +# prettier installation +# +# prettier installation +# +# markdownlint installation +# +# markdown-table-formatter installation +# # powershell_formatter installation && pwsh -c 'Install-Module -Name PSScriptAnalyzer -RequiredVersion ${PSSA_VERSION} -Scope AllUsers -Force' # +# black installation +# +# isort installation +# +# ruff-format installation +# +# rstfmt installation +# +# snakefmt installation +# # terraform-fmt installation # Managed with COPY --link --from=terragrunt /bin/terraform /usr/bin/ # +# prettier installation +# +# prettier installation +# #OTHER__END ################################ diff --git a/flavors/go/Dockerfile b/flavors/go/Dockerfile index 42b98597f6b..47b4e657a6b 100644 --- a/flavors/go/Dockerfile +++ b/flavors/go/Dockerfile @@ -67,7 +67,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -91,26 +91,153 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/go +ARG APK_GO_VERSION=1.23.5-r0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 # renovate: datasource=github-tags depName=golangci/golangci-lint ARG GO_GOLANGCI_LINT_VERSION=1.63.4 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG GO_REVIVE_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -124,32 +251,29 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - go \ - openjdk21 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + go=${APK_GO_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -170,9 +294,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -184,18 +308,19 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -209,28 +334,28 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - @prantlf/jsonlint \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint && \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -283,6 +408,10 @@ COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# +# GO installation +# # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -292,6 +421,10 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -303,6 +436,10 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# jscpd installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -320,9 +457,21 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # revive installation # Managed with COPY --link --from=revive /usr/bin/revive /usr/bin/revive # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -339,21 +488,35 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -366,6 +529,12 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -374,6 +543,16 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # # sqlfluff installation # +# tekton-lint installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/java/Dockerfile b/flavors/java/Dockerfile index 610e0dad779..d6b79a81ded 100644 --- a/flavors/java/Dockerfile +++ b/flavors/java/Dockerfile @@ -59,7 +59,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -83,32 +83,158 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=github-tags depName=sgerrand/alpine-pkg-glibc +ARG ALPINE_GLIBC_PACKAGE_VERSION=2.34-r0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 # renovate: datasource=github-tags depName=clj-kondo/clj-kondo ARG CLJ_KONDO_VERSION=2025.01.16 # renovate: datasource=github-tags depName=greglook/cljstyle ARG CLJ_STYLE_VERSION=0.17.642 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 # renovate: datasource=github-tags depName=pmd/pmd extractVersion=^pmd_releases/(?.*)$ ARG PMD_VERSION=7.10.0 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -122,31 +248,28 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -167,9 +290,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -181,18 +304,19 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -206,28 +330,28 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - @prantlf/jsonlint \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint && \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -279,14 +403,15 @@ COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # CLOJURE installation ENV LANG=C.UTF-8 RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \ - ALPINE_GLIBC_PACKAGE_VERSION="2.34-r0" && \ ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ - apk add --no-cache --virtual=.build-dependencies wget ca-certificates && \ + apk add --no-cache --virtual=.build-dependencies wget ca-certificates=${APK_CA_CERTIFICATES_VERSION} && \ echo \ "-----BEGIN PUBLIC KEY-----\ MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2u1KJKUu/fW4A25y9m\ @@ -337,6 +462,10 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -358,6 +487,10 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil && chmod +x install-cljstyle \ && ./install-cljstyle --static --version "$CLJ_STYLE_VERSION" \ # +# jscpd installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -367,9 +500,15 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# # checkstyle installation RUN --mount=type=secret,id=GITHUB_TOKEN CHECKSTYLE_LATEST=$(curl -s \ -H "Accept: application/vnd.github+json" \ @@ -389,6 +528,12 @@ RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${P mv pmd-bin-${PMD_VERSION} /usr/bin/pmd || echo "Error mv" && \ chmod +x /usr/bin/pmd/bin/pmd || echo "Error chmod" \ # +# jsonlint installation +# +# v8r installation +# +# prettier installation +# # ktlint installation && curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -405,21 +550,35 @@ RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${P # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -432,6 +591,12 @@ RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${P # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -440,6 +605,16 @@ RUN wget --quiet https://github.com/pmd/pmd/releases/download/pmd_releases%2F${P # # sqlfluff installation # +# tekton-lint installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/javascript/Dockerfile b/flavors/javascript/Dockerfile index 934912636b5..e8bf3c91c28 100644 --- a/flavors/javascript/Dockerfile +++ b/flavors/javascript/Dockerfile @@ -59,7 +59,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -83,24 +83,196 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=npm depName=typescript +ARG NPM_TYPESCRIPT_VERSION=5.7.3 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=npm depName=@coffeelint/cli +ARG NPM_COFFEELINT_CLI_VERSION=5.2.11 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=eslint +ARG NPM_ESLINT_VERSION=8.57.0 +# renovate: datasource=npm depName=eslint-config-airbnb +ARG NPM_ESLINT_CONFIG_AIRBNB_VERSION=19.0.4 +# renovate: datasource=npm depName=eslint-config-prettier +ARG NPM_ESLINT_CONFIG_PRETTIER_VERSION=10.0.1 +# renovate: datasource=npm depName=eslint-config-standard +ARG NPM_ESLINT_CONFIG_STANDARD_VERSION=17.1.0 +# renovate: datasource=npm depName=eslint-plugin-import +ARG NPM_ESLINT_PLUGIN_IMPORT_VERSION=2.31.0 +# renovate: datasource=npm depName=eslint-plugin-jest +ARG NPM_ESLINT_PLUGIN_JEST_VERSION=28.11.0 +# renovate: datasource=npm depName=eslint-plugin-node +ARG NPM_ESLINT_PLUGIN_NODE_VERSION=11.1.0 +# renovate: datasource=npm depName=eslint-plugin-prettier +ARG NPM_ESLINT_PLUGIN_PRETTIER_VERSION=5.2.3 +# renovate: datasource=npm depName=eslint-plugin-promise +ARG NPM_ESLINT_PLUGIN_PROMISE_VERSION=6.6.0 +# renovate: datasource=npm depName=eslint-plugin-vue +ARG NPM_ESLINT_PLUGIN_VUE_VERSION=9.32.0 +# renovate: datasource=npm depName=@babel/core +ARG NPM_BABEL_CORE_VERSION=7.26.7 +# renovate: datasource=npm depName=@babel/eslint-parser +ARG NPM_BABEL_ESLINT_PARSER_VERSION=7.26.5 +# renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif +ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 +# renovate: datasource=npm depName=standard +ARG NPM_STANDARD_VERSION=17.1.2 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=npm-package-json-lint +ARG NPM_PACKAGE_JSON_LINT_VERSION=8.0.0 +# renovate: datasource=npm depName=npm-package-json-lint-config-default +ARG NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION=7.0.1 +# renovate: datasource=npm depName=eslint-plugin-react +ARG NPM_ESLINT_PLUGIN_REACT_VERSION=7.37.4 +# renovate: datasource=npm depName=eslint-plugin-jsx-a11y +ARG NPM_ESLINT_PLUGIN_JSX_ALLY_VERSION=6.10.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=npm depName=prettyjson +ARG NPM_PRETTYJSON_VERSION=1.2.5 +# renovate: datasource=npm depName=@typescript-eslint/eslint-plugin +ARG NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION=8.21.0 +# renovate: datasource=npm depName=@typescript-eslint/parser +ARG NPM_TYPESCRIPT_ESLINT_PARSER_VERSION=8.21.0 +# renovate: datasource=npm depName=ts-standard +ARG NPM_TS_STANDARD_VERSION=12.0.2 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -114,31 +286,28 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -159,9 +328,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -173,18 +342,19 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -198,52 +368,52 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - @stoplight/spectral-cli \ - @coffeelint/cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-config-standard \ - eslint-plugin-import \ - eslint-plugin-jest \ - eslint-plugin-node \ - eslint-plugin-prettier \ - eslint-plugin-promise \ - eslint-plugin-vue \ - @babel/core \ - @babel/eslint-parser \ - @microsoft/eslint-formatter-sarif \ - standard \ - prettier \ - @prantlf/jsonlint \ - v8r \ - npm-package-json-lint \ - npm-package-json-lint-config-default \ - eslint-plugin-react \ - eslint-plugin-jsx-a11y \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint \ - prettyjson \ - @typescript-eslint/eslint-plugin \ - @typescript-eslint/parser \ - ts-standard && \ + typescript@${NPM_TYPESCRIPT_VERSION} \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + @coffeelint/cli@${NPM_COFFEELINT_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + eslint@${NPM_ESLINT_VERSION} \ + eslint-config-airbnb@${NPM_ESLINT_CONFIG_AIRBNB_VERSION} \ + eslint-config-prettier@${NPM_ESLINT_CONFIG_PRETTIER_VERSION} \ + eslint-config-standard@${NPM_ESLINT_CONFIG_STANDARD_VERSION} \ + eslint-plugin-import@${NPM_ESLINT_PLUGIN_IMPORT_VERSION} \ + eslint-plugin-jest@${NPM_ESLINT_PLUGIN_JEST_VERSION} \ + eslint-plugin-node@${NPM_ESLINT_PLUGIN_NODE_VERSION} \ + eslint-plugin-prettier@${NPM_ESLINT_PLUGIN_PRETTIER_VERSION} \ + eslint-plugin-promise@${NPM_ESLINT_PLUGIN_PROMISE_VERSION} \ + eslint-plugin-vue@${NPM_ESLINT_PLUGIN_VUE_VERSION} \ + @babel/core@${NPM_BABEL_CORE_VERSION} \ + @babel/eslint-parser@${NPM_BABEL_ESLINT_PARSER_VERSION} \ + @microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION} \ + standard@${NPM_STANDARD_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + npm-package-json-lint@${NPM_PACKAGE_JSON_LINT_VERSION} \ + npm-package-json-lint-config-default@${NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION} \ + eslint-plugin-react@${NPM_ESLINT_PLUGIN_REACT_VERSION} \ + eslint-plugin-jsx-a11y@${NPM_ESLINT_PLUGIN_JSX_ALLY_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} \ + prettyjson@${NPM_PRETTYJSON_VERSION} \ + @typescript-eslint/eslint-plugin@${NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION} \ + @typescript-eslint/parser@${NPM_TYPESCRIPT_ESLINT_PARSER_VERSION} \ + ts-standard@${NPM_TS_STANDARD_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -295,15 +465,23 @@ COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" # +# TYPESCRIPT installation +# # actionlint installation # Managed with COPY --link --from=actionlint /usr/local/bin/actionlint /usr/bin/actionlint # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -315,6 +493,12 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# coffeelint installation +# +# jscpd installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -324,9 +508,31 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# eslint installation +# +# standard installation +# +# prettier installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# +# npm-package-json-lint installation +# +# eslint installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -343,21 +549,35 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -370,6 +590,12 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -378,6 +604,24 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # # sqlfluff installation # +# tekton-lint installation +# +# eslint installation +# +# eslint installation +# +# ts-standard installation +# +# prettier installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/php/Dockerfile b/flavors/php/Dockerfile index 85cb71445e9..0691644bbab 100644 --- a/flavors/php/Dockerfile +++ b/flavors/php/Dockerfile @@ -59,7 +59,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -83,24 +83,176 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/gnupg +ARG APK_GNUPG_VERSION=2.4.7-r0 +# renovate: datasource=repology depName=alpine_3_21/php84 +ARG APK_PHP84_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-phar +ARG APK_PHP84_PHAR_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-mbstring +ARG APK_PHP84_MBSTRING_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-xmlwriter +ARG APK_PHP84_XMLWRITER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-tokenizer +ARG APK_PHP84_TOKENIZER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-ctype +ARG APK_PHP84_CTYPE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-curl +ARG APK_PHP84_CURL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-dom +ARG APK_PHP84_DOM_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-opcache +ARG APK_PHP84_OPCACHE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-openssl +ARG APK_PHP84_OPENSSL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-common +ARG APK_PHP84_COMMON_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-simplexml +ARG APK_PHP84_SIMPLEXML_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/dpkg +ARG APK_DPKG_VERSION=1.22.11-r0 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -114,45 +266,42 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ - gnupg \ - php84 \ - php84-phar \ - php84-mbstring \ - php84-xmlwriter \ - php84-tokenizer \ - php84-ctype \ - php84-curl \ - php84-dom \ - php84-opcache \ - php84-openssl \ - php84-common \ - php84-simplexml \ - dpkg \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + gnupg=${APK_GNUPG_VERSION} \ + php84=${APK_PHP84_VERSION} \ + php84-phar=${APK_PHP84_PHAR_VERSION} \ + php84-mbstring=${APK_PHP84_MBSTRING_VERSION} \ + php84-xmlwriter=${APK_PHP84_XMLWRITER_VERSION} \ + php84-tokenizer=${APK_PHP84_TOKENIZER_VERSION} \ + php84-ctype=${APK_PHP84_CTYPE_VERSION} \ + php84-curl=${APK_PHP84_CURL_VERSION} \ + php84-dom=${APK_PHP84_DOM_VERSION} \ + php84-opcache=${APK_PHP84_OPCACHE_VERSION} \ + php84-openssl=${APK_PHP84_OPENSSL_VERSION} \ + php84-common=${APK_PHP84_COMMON_VERSION} \ + php84-simplexml=${APK_PHP84_SIMPLEXML_VERSION} \ + dpkg=${APK_DPKG_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -173,9 +322,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -187,18 +336,19 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -212,28 +362,28 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - @prantlf/jsonlint \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint && \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -286,6 +436,8 @@ COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -301,6 +453,10 @@ ENV PHP_CS_FIXER_IGNORE_ENV=true # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -312,6 +468,10 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# jscpd installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -321,9 +481,21 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -340,12 +512,18 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # phpcs installation RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && composer global require squizlabs/php_codesniffer bartlett/sarif-php-converters @@ -368,12 +546,20 @@ RUN --mount=type=secret,id=GITHUB_TOKEN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GI # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -386,6 +572,12 @@ RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPO # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -394,6 +586,16 @@ RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPO # # sqlfluff installation # +# tekton-lint installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/python/Dockerfile b/flavors/python/Dockerfile index 6672e804812..22f3bf3e065 100644 --- a/flavors/python/Dockerfile +++ b/flavors/python/Dockerfile @@ -59,7 +59,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -83,24 +83,176 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=pylint +ARG PIP_PYLINT_VERSION=3.3.3 +# renovate: datasource=pypi depName=typing-extensions +ARG PIP_TYPING_EXTENSIONS_VERSION=4.12.2 +# renovate: datasource=pypi depName=black +ARG PIP_BLACK_VERSION=24.10.0 +# renovate: datasource=pypi depName=flake8 +ARG PIP_FLAKE8_VERSION=7.1.1 +# renovate: datasource=pypi depName=isort +ARG PIP_ISORT_VERSION=5.13.2 +# renovate: datasource=pypi depName=bandit +ARG PIP_BANDIT_VERSION=1.8.2 +# renovate: datasource=pypi depName=bandit_sarif_formatter +ARG PIP_BANDIT_SARIF_FORMATTER_VERSION=1.1.1 +# renovate: datasource=pypi depName=mypy +ARG PIP_MYPY_VERSION=1.14.1 +# renovate: datasource=pypi depName=pyright +ARG PIP_PYRIGHT_VERSION=1.1.392.post0 +# renovate: datasource=pypi depName=ruff +ARG PIP_RUFF_VERSION=0.9.3 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=Pygments +ARG PIP_PYGMENTS_VERSION=2.19.1 +# renovate: datasource=pypi depName=restructuredtext_lint +ARG PIP_RESTRUCTUREDTEXT_LINT_VERSION=1.4.0 +# renovate: datasource=pypi depName=rstcheck +ARG PIP_RSTCHECK_VERSION=6.2.4 +# renovate: datasource=pypi depName=rstfmt +ARG PIP_RSTFMT_VERSION=0.0.14 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -114,31 +266,28 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -159,9 +308,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -173,31 +322,32 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/pylint" && cd "/venvs/pylint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pylint typing-extensions && deactivate && cd ./../.. \ - && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/flake8" && cd "/venvs/flake8" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir flake8 && deactivate && cd ./../.. \ - && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir isort black && deactivate && cd ./../.. \ - && mkdir -p "/venvs/bandit" && cd "/venvs/bandit" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir bandit bandit_sarif_formatter bandit[toml] && deactivate && cd ./../.. \ - && mkdir -p "/venvs/mypy" && cd "/venvs/mypy" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir mypy && deactivate && cd ./../.. \ - && mkdir -p "/venvs/pyright" && cd "/venvs/pyright" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pyright && deactivate && cd ./../.. \ - && mkdir -p "/venvs/ruff" && cd "/venvs/ruff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/ruff-format" && cd "/venvs/ruff-format" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rst-lint" && cd "/venvs/rst-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir Pygments restructuredtext_lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstcheck" && cd "/venvs/rstcheck" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstcheck[toml,sphinx] && deactivate && cd ./../.. \ - && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/pylint" && cd "/venvs/pylint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pylint==${PIP_PYLINT_VERSION} typing-extensions==${PIP_TYPING_EXTENSIONS_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black==${PIP_BLACK_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/flake8" && cd "/venvs/flake8" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir flake8==${PIP_FLAKE8_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black==${PIP_BLACK_VERSION} isort==${PIP_ISORT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/bandit" && cd "/venvs/bandit" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir bandit==${PIP_BANDIT_VERSION} bandit_sarif_formatter==${PIP_BANDIT_SARIF_FORMATTER_VERSION} bandit[toml]==${PIP_BANDIT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/mypy" && cd "/venvs/mypy" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir mypy==${PIP_MYPY_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/pyright" && cd "/venvs/pyright" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pyright==${PIP_PYRIGHT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/ruff" && cd "/venvs/ruff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff==${PIP_RUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/ruff-format" && cd "/venvs/ruff-format" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff==${PIP_RUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/rst-lint" && cd "/venvs/rst-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir Pygments==${PIP_PYGMENTS_VERSION} restructuredtext_lint==${PIP_RESTRUCTUREDTEXT_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/rstcheck" && cd "/venvs/rstcheck" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstcheck[toml,sphinx]==${PIP_RSTCHECK_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt==${PIP_RSTFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/djlint/bin:/venvs/pylint/bin:/venvs/black/bin:/venvs/flake8/bin:/venvs/isort/bin:/venvs/bandit/bin:/venvs/mypy/bin:/venvs/pyright/bin:/venvs/ruff/bin:/venvs/ruff-format/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/rst-lint/bin:/venvs/rstcheck/bin:/venvs/rstfmt/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cpplint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/pylint/bin:/venvs/black/bin:/venvs/flake8/bin:/venvs/isort/bin:/venvs/bandit/bin:/venvs/mypy/bin:/venvs/pyright/bin:/venvs/ruff/bin:/venvs/ruff-format/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/rst-lint/bin:/venvs/rstcheck/bin:/venvs/rstfmt/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -211,28 +361,28 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - @prantlf/jsonlint \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint && \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -284,6 +434,8 @@ COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -293,6 +445,10 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -304,6 +460,14 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# cpplint installation +# +# jscpd installation +# +# cpplint installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -313,9 +477,21 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -332,24 +508,54 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# pylint installation +# +# black installation +# +# flake8 installation +# +# isort installation +# +# bandit installation +# # mypy installation ENV MYPY_CACHE_DIR=/tmp # +# pyright installation +# +# ruff installation +# +# ruff-format installation +# +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -362,6 +568,18 @@ RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPO # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# rst-lint installation +# +# rstcheck installation +# +# rstfmt installation +# +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -370,6 +588,16 @@ RUN curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPO # # sqlfluff installation # +# tekton-lint installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/ruby/Dockerfile b/flavors/ruby/Dockerfile index 365b1526e9a..54c77f8d4f3 100644 --- a/flavors/ruby/Dockerfile +++ b/flavors/ruby/Dockerfile @@ -59,7 +59,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -83,24 +83,168 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=rubygems depName=rubocop +ARG GEM_RUBOCOP_VERSION=1.71.0 +# renovate: datasource=rubygems depName=rubocop-github +ARG GEM_RUBOCOP_GITHUB_VERSION=0.20.0 +# renovate: datasource=rubygems depName=rubocop-performance +ARG GEM_RUBOCOP_PERFORMANCE_VERSION=1.23.1 +# renovate: datasource=rubygems depName=rubocop-rails +ARG GEM_RUBOCOP_RAILS_VERSION=2.29.1 +# renovate: datasource=rubygems depName=rubocop-rake +ARG GEM_RUBOCOP_RAKE_VERSION=0.6.0 +# renovate: datasource=rubygems depName=rubocop-rspec +ARG GEM_RUBOCOP_RSPEC_VERSION=3.4.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=repology depName=alpine_3_21/ruby +ARG APK_RUBY_VERSION=3.3.6-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-dev +ARG APK_RUBY_DEV_VERSION=3.3.6-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-bundler +ARG APK_RUBY_BUNDLER_VERSION=2.5.23-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-rdoc +ARG APK_RUBY_RDOC_VERSION=3.3.6-r0 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -114,35 +258,32 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ - ruby \ - ruby-dev \ - ruby-bundler \ - ruby-rdoc \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ + ruby=${APK_RUBY_VERSION} \ + ruby-dev=${APK_RUBY_DEV_VERSION} \ + ruby-bundler=${APK_RUBY_BUNDLER_VERSION} \ + ruby-rdoc=${APK_RUBY_RDOC_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -163,9 +304,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -177,18 +318,19 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -202,28 +344,28 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - @prantlf/jsonlint \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint && \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -247,12 +389,12 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #GEM__START RUN echo 'gem: --no-document' >> ~/.gemrc && \ gem install \ - rubocop \ - rubocop-github \ - rubocop-performance \ - rubocop-rails \ - rubocop-rake \ - rubocop-rspec + rubocop:${GEM_RUBOCOP_VERSION} \ + rubocop-github:${GEM_RUBOCOP_GITHUB_VERSION} \ + rubocop-performance:${GEM_RUBOCOP_PERFORMANCE_VERSION} \ + rubocop-rails:${GEM_RUBOCOP_RAILS_VERSION} \ + rubocop-rake:${GEM_RUBOCOP_RAKE_VERSION} \ + rubocop-rspec:${GEM_RUBOCOP_RSPEC_VERSION} #GEM__END ############################## @@ -282,6 +424,8 @@ COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -291,6 +435,10 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -302,6 +450,10 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# jscpd installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -311,9 +463,21 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -330,21 +494,35 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -357,6 +535,14 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# rubocop installation +# +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -365,6 +551,16 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # # sqlfluff installation # +# tekton-lint installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/rust/Dockerfile b/flavors/rust/Dockerfile index cdf36bece7e..d74fbce057e 100644 --- a/flavors/rust/Dockerfile +++ b/flavors/rust/Dockerfile @@ -59,7 +59,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -83,24 +83,148 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -114,31 +238,28 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -159,9 +280,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && rustup component add clippy && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && rustup component add clippy && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -173,18 +294,19 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -198,28 +320,28 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - @prantlf/jsonlint \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint && \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -271,6 +393,8 @@ COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -280,6 +404,10 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -291,6 +419,10 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# jscpd installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -300,9 +432,21 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -319,21 +463,35 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -346,6 +504,12 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -354,6 +518,16 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # # sqlfluff installation # +# tekton-lint installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/salesforce/Dockerfile b/flavors/salesforce/Dockerfile index d7229739845..05e3e26821d 100644 --- a/flavors/salesforce/Dockerfile +++ b/flavors/salesforce/Dockerfile @@ -59,7 +59,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -83,24 +83,114 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/coreutils +ARG APK_COREUTILS_VERSION=9.5-r2 # renovate: datasource=npm depName=@salesforce/cli -ARG SALESFORCE_CLI_VERSION=2.74.6 +ARG NPM_SALESFORCE_CLI_VERSION=2.74.6 # renovate: datasource=npm depName=@salesforce/plugin-packaging -ARG SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 +ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 # renovate: datasource=npm depName=sfdx-hardis ARG SFDX_HARDIS_VERSION=5.18.1 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=npm depName=npm-package-json-lint +ARG NPM_PACKAGE_JSON_LINT_VERSION=8.0.0 +# renovate: datasource=npm depName=npm-package-json-lint-config-default +ARG NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION=7.0.1 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy @@ -109,8 +199,48 @@ ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 ARG SALESFORCE_SFDX_SCANNER_VERSION=4.9.0 # renovate: datasource=npm depName=lightning-flow-scanner ARG LIGHTNING_FLOW_SCANNER_VERSION=2.45.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -124,32 +254,29 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ - coreutils \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + coreutils=${APK_COREUTILS_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -170,9 +297,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -184,18 +311,19 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -209,31 +337,31 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @salesforce/cli@${SALESFORCE_CLI_VERSION} \ - @stoplight/spectral-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - @prantlf/jsonlint \ - v8r \ - prettier \ - npm-package-json-lint \ - npm-package-json-lint-config-default \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint && \ + @salesforce/cli@${NPM_SALESFORCE_CLI_VERSION} \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + npm-package-json-lint@${NPM_PACKAGE_JSON_LINT_VERSION} \ + npm-package-json-lint-config-default@${NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -285,6 +413,8 @@ COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -294,7 +424,7 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk # Next line commented because already managed by another linter # ENV PATH="$JAVA_HOME/bin:${PATH}" -RUN sf plugins install @salesforce/plugin-packaging@${SALESFORCE_PLUGIN_PACKAGING_VERSION} \ +RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ && rm -rf /root/.npm/_cacache @@ -305,6 +435,10 @@ ENV SF_AUTOUPDATE_DISABLE=true SF_CLI_DISABLE_AUTOUPDATE=true # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -316,6 +450,10 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# jscpd installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -325,9 +463,23 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# +# npm-package-json-lint installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -344,21 +496,35 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -392,6 +558,12 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel && (npm cache clean --force || true) \ && rm -rf /root/.npm/_cacache # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -400,6 +572,16 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # # sqlfluff installation # +# tekton-lint installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/security/Dockerfile b/flavors/security/Dockerfile index d03259a0f28..d0a3dd2097b 100644 --- a/flavors/security/Dockerfile +++ b/flavors/security/Dockerfile @@ -12,6 +12,8 @@ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARGTOP__START +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 # renovate: datasource=docker depName=koalaman/shellcheck ARG BASH_SHELLCHECK_VERSION=v0.10.0 # renovate: datasource=docker depName=hadolint/hadolint @@ -42,8 +44,9 @@ FROM koalaman/shellcheck:${BASH_SHELLCHECK_VERSION} AS shellcheck FROM hadolint/hadolint:${DOCKERFILE_HADOLINT_VERSION} AS hadolint FROM ghcr.io/yannh/kubeconform:${KUBERNETES_KUBECONFORM_VERSION} AS kubeconform FROM golang:alpine AS dustilock +ARG APK_GIT_VERSION ARG REPOSITORY_DUSTILOCK_VERSION -RUN apk add --no-cache git && GOBIN=/usr/bin go install github.com/checkmarx/dustilock@v${REPOSITORY_DUSTILOCK_VERSION} +RUN apk add --no-cache git=${APK_GIT_VERSION} && GOBIN=/usr/bin go install github.com/checkmarx/dustilock@v${REPOSITORY_DUSTILOCK_VERSION} FROM zricethezav/gitleaks:${REPOSITORY_GITLEAKS_VERSION} AS gitleaks FROM checkmarx/kics:${REPOSITORY_KICS_VERSION} AS kics FROM trufflesecurity/trufflehog:${REPOSITORY_TRUFFLEHOG_VERSION} AS trufflehog @@ -55,7 +58,7 @@ FROM alpine/terragrunt:${TERRAFORM_TERRAGRUNT_VERSION} AS terragrunt ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -79,18 +82,90 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=pypi depName=cfn-lint +ARG PIP_CFN_LINT_VERSION=1.22.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=pypi depName=bandit +ARG PIP_BANDIT_VERSION=1.8.2 +# renovate: datasource=pypi depName=bandit_sarif_formatter +ARG PIP_BANDIT_SARIF_FORMATTER_VERSION=1.1.1 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 +# renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk +ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 # renovate: datasource=nuget depName=Microsoft.CST.DevSkim.CLI ARG REPOSITORY_DEVSKIM_VERSION=1.0.52 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=anchore/syft ARG REPOSITORY_SYFT_VERSION=1.19.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG APK_GIT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG REPOSITORY_DUSTILOCK_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_KICS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG TERRAFORM_TFLINT_VERSION +ARG TERRAFORM_TERRASCAN_VERSION +ARG TERRAFORM_TERRAGRUNT_VERSION #ARG__END #################### @@ -104,23 +179,22 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -141,9 +215,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -155,12 +229,12 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/cfn-lint" && cd "/venvs/cfn-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cfn-lint[sarif] && deactivate && cd ./../.. \ - && mkdir -p "/venvs/bandit" && cd "/venvs/bandit" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir bandit bandit_sarif_formatter bandit[toml] && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/cfn-lint" && cd "/venvs/cfn-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cfn-lint[sarif]==${PIP_CFN_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/bandit" && cd "/venvs/bandit" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir bandit==${PIP_BANDIT_VERSION} bandit_sarif_formatter==${PIP_BANDIT_SARIF_FORMATTER_VERSION} bandit[toml]==${PIP_BANDIT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/cfn-lint/bin:/venvs/bandit/bin:/venvs/checkov/bin:/venvs/semgrep/bin @@ -177,9 +251,9 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif && \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -228,6 +302,8 @@ COPY --link --from=terragrunt /usr/local/bin/terragrunt /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# ansible-lint installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -235,18 +311,26 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shellcheck installation # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# cfn-lint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# bandit installation +# +# checkov installation +# # devskim installation - && apk add --no-cache dotnet9-sdk + && apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} ENV PATH="${PATH}:/root/.dotnet/tools" RUN dotnet tool install --allow-roll-forward --global Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} \ # @@ -264,6 +348,10 @@ RUN dotnet tool install --allow-roll-forward --global Microsoft.CST.DevSkim.CLI ENV KICS_QUERIES_PATH=/usr/bin/assets/queries KICS_LIBRARIES_PATH=/usr/bin/assets/libraries # Managed with COPY --from=kics /app/bin/assets /usr/bin/assets # +# secretlint installation +# +# semgrep installation +# # syft installation RUN curl -sSfL https://raw.githubusercontent.com/anchore/syft/refs/tags/v${REPOSITORY_SYFT_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # diff --git a/flavors/swift/Dockerfile b/flavors/swift/Dockerfile index 402d830c4e9..2c98a5c90b3 100644 --- a/flavors/swift/Dockerfile +++ b/flavors/swift/Dockerfile @@ -59,7 +59,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -83,24 +83,152 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/docker +ARG APK_DOCKER_VERSION=27.3.1-r1 +# renovate: datasource=repology depName=alpine_3_21/openrc +ARG APK_OPENRC_VERSION=0.55.1-r2 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -114,33 +242,30 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - docker \ - openrc \ - openjdk21 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + docker=${APK_DOCKER_VERSION} \ + openrc=${APK_OPENRC_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -161,9 +286,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -175,18 +300,19 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -200,28 +326,28 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - @prantlf/jsonlint \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint && \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -274,6 +400,8 @@ COPY --link --from=lychee /usr/local/bin/lychee /usr/bin/ ############################################################################################# #OTHER__START RUN rc-update add docker boot && (rc-service docker start || true) +# BASH installation +# # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -283,6 +411,10 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -294,6 +426,10 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# jscpd installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -303,9 +439,21 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -322,21 +470,35 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # # grype installation && curl -sSfL https://raw.githubusercontent.com/anchore/grype/refs/tags/v${REPOSITORY_GRYPE_VERSION}/install.sh | sh -s -- -b /usr/local/bin \ # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation && wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -349,6 +511,12 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -357,6 +525,20 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # # sqlfluff installation # +# swiftlint installation +# renovate: datasource=docker depName=ghcr.io/realm/swiftlint +ENV SWIFT_SWIFTLINT_VERSION=0.58.2 +# +# tekton-lint installation +# +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/flavors/terraform/Dockerfile b/flavors/terraform/Dockerfile index e7927e2ee08..7fb69be95fd 100644 --- a/flavors/terraform/Dockerfile +++ b/flavors/terraform/Dockerfile @@ -73,7 +73,7 @@ FROM alpine/terragrunt:${TERRAFORM_TERRAGRUNT_VERSION} AS terragrunt ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -97,24 +97,152 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=sarif-fmt +ARG CARGO_SARIF_FMT_VERSION=0.7.0 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION +ARG BASH_SHFMT_VERSION +ARG DOCKERFILE_HADOLINT_VERSION +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION +ARG KUBERNETES_KUBECONFORM_VERSION +ARG PROTOBUF_PROTOLINT_VERSION +ARG REPOSITORY_GITLEAKS_VERSION +ARG REPOSITORY_KICS_VERSION +ARG REPOSITORY_TRUFFLEHOG_VERSION +ARG SPELL_VALE_VERSION +ARG SPELL_LYCHEE_VERSION +ARG TERRAFORM_TFLINT_VERSION +ARG TERRAFORM_TERRASCAN_VERSION +ARG TERRAFORM_TERRAGRUNT_VERSION #ARG__END #################### @@ -128,31 +256,28 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ - py3-pyflakes \ - nodejs \ - npm \ - yarn \ - openjdk17 \ - helm \ - gcompat \ - libc6-compat \ - libstdc++ \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + helm=${APK_HELM_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -173,9 +298,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked sarif-fmt shellcheck-sarif \ + && cargo install --force --locked sarif-fmt@${CARGO_SARIF_FMT_VERSION} shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -187,18 +312,19 @@ ENV PATH="/root/.cargo/bin:${PATH}" ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache -ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin +ENV PATH="${PATH}":/venvs/ansible-lint/bin:/venvs/stylelint/bin:/venvs/djlint/bin:/venvs/checkov/bin:/venvs/semgrep/bin:/venvs/snakefmt/bin:/venvs/proselint/bin:/venvs/sqlfluff/bin:/venvs/yamllint/bin #PIPVENV__END ############################ @@ -212,28 +338,28 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli \ - jscpd \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss \ - graphql \ - graphql-schema-linter \ - npm-groovy-lint@15.0.0 \ - htmlhint \ - @prantlf/jsonlint \ - v8r \ - prettier \ - markdownlint-cli \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} \ - markdown-table-formatter \ - @ls-lint/ls-lint \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif \ - cspell \ - @ibm/tekton-lint && \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} \ + jscpd@${NPM_JSCPD_VERSION} \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} \ + htmlhint@${NPM_HTMLHINT_VERSION} \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} \ + v8r@${NPM_V8R_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} \ + cspell@${NPM_CSPELL_VERSION} \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -291,6 +417,8 @@ COPY --link --from=terragrunt /bin/terraform /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # KOTLIN installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" @@ -300,6 +428,10 @@ ENV PATH="$JAVA_HOME/bin:${PATH}" # # shellcheck is a dependency for actionlint # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # +# ansible-lint installation +# +# spectral installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec \ @@ -311,6 +443,10 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # +# jscpd installation +# +# stylelint installation +# # hadolint installation # Managed with COPY --link --from=hadolint /bin/hadolint /usr/bin/hadolint # @@ -320,9 +456,21 @@ RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: Fil # dotenv-linter installation && wget -q -O - https://raw.githubusercontent.com/dotenv-linter/dotenv-linter/master/install.sh | sh -s # +# graphql-schema-linter installation +# # npm-groovy-lint installation ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk # +# djlint installation +# +# htmlhint installation +# +# jsonlint installation +# +# v8r installation +# +# prettier installation +# # ktlint installation RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/releases/download/${KTLINT_VERSION}/ktlint && \ chmod a+x ktlint && \ @@ -339,15 +487,23 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel # kubeconform installation # Managed with COPY --link --from=kubeconform /kubeconform /usr/bin/ # +# helm installation +# # kubescape installation && ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \ curl --retry 5 --retry-delay 5 -sLv https://raw.githubusercontent.com/kubescape/kubescape/master/install.sh | /bin/bash -s -- -v "v${KUBERNETES_KUBESCAPE_VERSION}" \ # +# markdownlint installation +# # markdown-link-check installation # +# markdown-table-formatter installation +# # protolint installation # Managed with COPY --link --from=protolint /usr/local/bin/protolint /usr/bin/ # +# checkov installation +# # gitleaks installation # Managed with COPY --link --from=gitleaks /usr/bin/gitleaks /usr/bin/ # @@ -359,6 +515,12 @@ RUN curl --retry 5 --retry-delay 5 -sSLO https://github.com/pinterest/ktlint/rel ENV KICS_QUERIES_PATH=/usr/bin/assets/queries KICS_LIBRARIES_PATH=/usr/bin/assets/libraries # Managed with COPY --from=kics /app/bin/assets /usr/bin/assets # +# ls-lint installation +# +# secretlint installation +# +# semgrep installation +# # trivy installation RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "v${REPOSITORY_TRIVY_VERSION}" \ && (trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress || trivy image --download-db-only --no-progress) \ @@ -371,6 +533,12 @@ RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/ # trufflehog installation # Managed with COPY --link --from=trufflehog /usr/bin/trufflehog /usr/bin/ # +# snakefmt installation +# +# cspell installation +# +# proselint installation +# # vale installation # Managed with COPY --link --from=vale /bin/vale /bin/vale # @@ -379,6 +547,8 @@ RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/ # # sqlfluff installation # +# tekton-lint installation +# # tflint installation # Managed with COPY --link --from=tflint /usr/local/bin/tflint /usr/bin/ # @@ -391,6 +561,14 @@ RUN wget --tries=5 -q -O - https://raw.githubusercontent.com/aquasecurity/trivy/ # terraform-fmt installation # Managed with COPY --link --from=terragrunt /bin/terraform /usr/bin/ # +# xmllint installation +# +# prettier installation +# +# yamllint installation +# +# v8r installation +# #OTHER__END ################################ diff --git a/linters/action_actionlint/Dockerfile b/linters/action_actionlint/Dockerfile index 2f347ad7a2f..9f5375da0a8 100644 --- a/linters/action_actionlint/Dockerfile +++ b/linters/action_actionlint/Dockerfile @@ -29,7 +29,7 @@ FROM koalaman/shellcheck:${BASH_SHELLCHECK_VERSION} AS shellcheck ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -53,7 +53,31 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/py3-pyflakes +ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 + +ARG ACTION_ACTIONLINT_VERSION +ARG BASH_SHELLCHECK_VERSION #ARG__END #################### @@ -67,17 +91,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - py3-pyflakes \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/ansible_ansible_lint/Dockerfile b/linters/ansible_ansible_lint/Dockerfile index 92aa90ae97d..b2743d2ccfa 100644 --- a/linters/ansible_ansible_lint/Dockerfile +++ b/linters/ansible_ansible_lint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=ansible-lint +ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ansible-lint" && cd "/venvs/ansible-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ansible-lint==${PIP_ANSIBLE_LINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/ansible-lint/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# ansible-lint installation +# #OTHER__END ################################ diff --git a/linters/api_spectral/Dockerfile b/linters/api_spectral/Dockerfile index ff6377de4bb..ff032b6bdd6 100644 --- a/linters/api_spectral/Dockerfile +++ b/linters/api_spectral/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=@stoplight/spectral-cli +ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @stoplight/spectral-cli && \ + @stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# spectral installation +# #OTHER__END ################################ diff --git a/linters/arm_arm_ttk/Dockerfile b/linters/arm_arm_ttk/Dockerfile index f3c9a474dcd..267be2bfefc 100644 --- a/linters/arm_arm_ttk/Dockerfile +++ b/linters/arm_arm_ttk/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/icu-libs +ARG APK_ICU_LIBS_VERSION=74.2-r0 # renovate: datasource=github-tags depName=PowerShell/PowerShell ARG POWERSHELL_VERSION=7.5.0 @@ -68,17 +90,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - icu-libs \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + icu-libs=${APK_ICU_LIBS_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/bash_exec/Dockerfile b/linters/bash_exec/Dockerfile index c36cb1d6216..4cbbb8813d8 100644 --- a/linters/bash_exec/Dockerfile +++ b/linters/bash_exec/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,26 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 #ARG__END #################### @@ -62,16 +81,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -145,6 +164,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # bash-exec installation RUN printf '#!/bin/bash \n\nif [[ -x "$1" ]]; then exit 0; else echo "Error: File:[$1] is not executable"; exit 1; fi' > /usr/bin/bash-exec \ && chmod +x /usr/bin/bash-exec diff --git a/linters/bash_shellcheck/Dockerfile b/linters/bash_shellcheck/Dockerfile index 8795ac6a58a..9f6bf95abb2 100644 --- a/linters/bash_shellcheck/Dockerfile +++ b/linters/bash_shellcheck/Dockerfile @@ -25,7 +25,7 @@ FROM koalaman/shellcheck:${BASH_SHELLCHECK_VERSION} AS shellcheck ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=crate depName=shellcheck-sarif +ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 + +ARG BASH_SHELLCHECK_VERSION #ARG__END #################### @@ -63,16 +88,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -93,9 +118,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked shellcheck-sarif \ + && cargo install --force --locked shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END @@ -150,6 +175,8 @@ COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # shellcheck installation # Managed with COPY --link --from=shellcheck /bin/shellcheck /usr/bin/shellcheck # diff --git a/linters/bash_shfmt/Dockerfile b/linters/bash_shfmt/Dockerfile index f24f4cd611f..3628b934e7c 100644 --- a/linters/bash_shfmt/Dockerfile +++ b/linters/bash_shfmt/Dockerfile @@ -25,7 +25,7 @@ FROM mvdan/shfmt:${BASH_SHFMT_VERSION} AS shfmt ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG BASH_SHFMT_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -146,6 +167,8 @@ COPY --link --from=shfmt /bin/shfmt /usr/bin/ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# BASH installation +# # shfmt installation # Managed with COPY --link --from=shfmt /bin/shfmt /usr/bin/ # diff --git a/linters/bicep_bicep_linter/Dockerfile b/linters/bicep_bicep_linter/Dockerfile index 7859769aa2f..1ddee45b3aa 100644 --- a/linters/bicep_bicep_linter/Dockerfile +++ b/linters/bicep_bicep_linter/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/icu-libs +ARG APK_ICU_LIBS_VERSION=74.2-r0 # renovate: datasource=github-tags depName=Azure/bicep ARG BICEP_VERSION=0.33.13 ARG BICEP_EXE='bicep' @@ -65,17 +87,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - icu-libs \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + icu-libs=${APK_ICU_LIBS_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/c_clang_format/Dockerfile b/linters/c_clang_format/Dockerfile index 464b0e290e6..d648e0a2980 100644 --- a/linters/c_clang_format/Dockerfile +++ b/linters/c_clang_format/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/clang19-extra-tools +ARG APK_CLANG19_EXTRA_TOOLS_VERSION=19.1.4-r0 #ARG__END #################### @@ -62,17 +83,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - clang19-extra-tools \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + clang19-extra-tools=${APK_CLANG19_EXTRA_TOOLS_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -146,7 +167,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# clang-format installation +# #OTHER__END ################################ diff --git a/linters/c_cpplint/Dockerfile b/linters/c_cpplint/Dockerfile index 46a4f7af4b4..a9997140a1b 100644 --- a/linters/c_cpplint/Dockerfile +++ b/linters/c_cpplint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/cpplint/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# cpplint installation +# #OTHER__END ################################ diff --git a/linters/clojure_clj_kondo/Dockerfile b/linters/clojure_clj_kondo/Dockerfile index 2138de69d17..ab330ee92c4 100644 --- a/linters/clojure_clj_kondo/Dockerfile +++ b/linters/clojure_clj_kondo/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=github-tags depName=sgerrand/alpine-pkg-glibc +ARG ALPINE_GLIBC_PACKAGE_VERSION=2.34-r0 # renovate: datasource=github-tags depName=clj-kondo/clj-kondo ARG CLJ_KONDO_VERSION=2025.01.16 @@ -64,16 +86,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -150,11 +172,10 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # CLOJURE installation ENV LANG=C.UTF-8 RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \ - ALPINE_GLIBC_PACKAGE_VERSION="2.34-r0" && \ ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ - apk add --no-cache --virtual=.build-dependencies wget ca-certificates && \ + apk add --no-cache --virtual=.build-dependencies wget ca-certificates=${APK_CA_CERTIFICATES_VERSION} && \ echo \ "-----BEGIN PUBLIC KEY-----\ MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2u1KJKUu/fW4A25y9m\ diff --git a/linters/clojure_cljstyle/Dockerfile b/linters/clojure_cljstyle/Dockerfile index 0fb03e13448..9b944c0fe6f 100644 --- a/linters/clojure_cljstyle/Dockerfile +++ b/linters/clojure_cljstyle/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=github-tags depName=sgerrand/alpine-pkg-glibc +ARG ALPINE_GLIBC_PACKAGE_VERSION=2.34-r0 # renovate: datasource=github-tags depName=greglook/cljstyle ARG CLJ_STYLE_VERSION=0.17.642 #ARG__END @@ -63,16 +85,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -149,11 +171,10 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # CLOJURE installation ENV LANG=C.UTF-8 RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \ - ALPINE_GLIBC_PACKAGE_VERSION="2.34-r0" && \ ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ - apk add --no-cache --virtual=.build-dependencies wget ca-certificates && \ + apk add --no-cache --virtual=.build-dependencies wget ca-certificates=${APK_CA_CERTIFICATES_VERSION} && \ echo \ "-----BEGIN PUBLIC KEY-----\ MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2u1KJKUu/fW4A25y9m\ diff --git a/linters/cloudformation_cfn_lint/Dockerfile b/linters/cloudformation_cfn_lint/Dockerfile index 8e9d6ef0d22..d51e63e9bbf 100644 --- a/linters/cloudformation_cfn_lint/Dockerfile +++ b/linters/cloudformation_cfn_lint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=cfn-lint +ARG PIP_CFN_LINT_VERSION=1.22.7 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/cfn-lint" && cd "/venvs/cfn-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cfn-lint[sarif] && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/cfn-lint" && cd "/venvs/cfn-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cfn-lint[sarif]==${PIP_CFN_LINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/cfn-lint/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# cfn-lint installation +# #OTHER__END ################################ diff --git a/linters/coffee_coffeelint/Dockerfile b/linters/coffee_coffeelint/Dockerfile index cd6c0124425..41fa0d7e626 100644 --- a/linters/coffee_coffeelint/Dockerfile +++ b/linters/coffee_coffeelint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=@coffeelint/cli +ARG NPM_COFFEELINT_CLI_VERSION=5.2.11 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @coffeelint/cli && \ + @coffeelint/cli@${NPM_COFFEELINT_CLI_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# coffeelint installation +# #OTHER__END ################################ diff --git a/linters/copypaste_jscpd/Dockerfile b/linters/copypaste_jscpd/Dockerfile index 66a13df6b32..88b317e2838 100644 --- a/linters/copypaste_jscpd/Dockerfile +++ b/linters/copypaste_jscpd/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=jscpd +ARG NPM_JSCPD_VERSION=4.0.5 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,20 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - nodejs \ - npm \ - yarn \ - nodejs-current \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -120,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - jscpd && \ + jscpd@${NPM_JSCPD_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -159,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# jscpd installation +# #OTHER__END ################################ diff --git a/linters/cpp_clang_format/Dockerfile b/linters/cpp_clang_format/Dockerfile index e33c3ac77a5..835da75340c 100644 --- a/linters/cpp_clang_format/Dockerfile +++ b/linters/cpp_clang_format/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/clang19-extra-tools +ARG APK_CLANG19_EXTRA_TOOLS_VERSION=19.1.4-r0 #ARG__END #################### @@ -62,17 +83,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - clang19-extra-tools \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + clang19-extra-tools=${APK_CLANG19_EXTRA_TOOLS_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -146,7 +167,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# clang-format installation +# #OTHER__END ################################ diff --git a/linters/cpp_cpplint/Dockerfile b/linters/cpp_cpplint/Dockerfile index e3a76256305..bfc8b4d9014 100644 --- a/linters/cpp_cpplint/Dockerfile +++ b/linters/cpp_cpplint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/cpplint" && cd "/venvs/cpplint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/cpplint/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# cpplint installation +# #OTHER__END ################################ diff --git a/linters/csharp_csharpier/Dockerfile b/linters/csharp_csharpier/Dockerfile index 574dc2ab136..253d4ab6222 100644 --- a/linters/csharp_csharpier/Dockerfile +++ b/linters/csharp_csharpier/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk +ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 # renovate: datasource=nuget depName=csharpier ARG CSHARP_CSHARPIER_VERSION=0.30.6 #ARG__END @@ -63,16 +85,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -147,7 +169,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # CSHARP installation -RUN apk add --no-cache dotnet9-sdk +RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} ENV PATH="${PATH}:/root/.dotnet/tools" # # csharpier installation diff --git a/linters/csharp_dotnet_format/Dockerfile b/linters/csharp_dotnet_format/Dockerfile index 9c0cbf64592..5d889816581 100644 --- a/linters/csharp_dotnet_format/Dockerfile +++ b/linters/csharp_dotnet_format/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk +ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 #ARG__END #################### @@ -62,16 +83,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -146,7 +167,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # CSHARP installation -RUN apk add --no-cache dotnet9-sdk +RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} ENV PATH="${PATH}:/root/.dotnet/tools" # #OTHER__END diff --git a/linters/csharp_roslynator/Dockerfile b/linters/csharp_roslynator/Dockerfile index ea5be9cff96..2f4c3b9cea2 100644 --- a/linters/csharp_roslynator/Dockerfile +++ b/linters/csharp_roslynator/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk +ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 # renovate: datasource=nuget depName=roslynator.dotnet.cli ARG CSHARP_ROSLYNATOR_VERSION=0.10.0 #ARG__END @@ -63,16 +85,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -147,7 +169,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # CSHARP installation -RUN apk add --no-cache dotnet9-sdk +RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} ENV PATH="${PATH}:/root/.dotnet/tools" # # roslynator installation diff --git a/linters/css_stylelint/Dockerfile b/linters/css_stylelint/Dockerfile index ec94820efff..19042398b14 100644 --- a/linters/css_stylelint/Dockerfile +++ b/linters/css_stylelint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,46 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=stylelint +ARG NPM_STYLELINT_VERSION=16.14.0 +# renovate: datasource=npm depName=stylelint-config-standard +ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 +# renovate: datasource=npm depName=stylelint-config-sass-guidelines +ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 +# renovate: datasource=npm depName=stylelint-scss +ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 +# renovate: datasource=pypi depName=cpplint +ARG PIP_CPPLINT_VERSION=2.0.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,19 +101,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -105,7 +144,11 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START - +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/stylelint" && cd "/venvs/stylelint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir cpplint==${PIP_CPPLINT_VERSION} && deactivate && cd ./../.. \ + && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ + && rm -rf /root/.cache +ENV PATH="${PATH}":/venvs/stylelint/bin #PIPVENV__END ############################ @@ -119,10 +162,10 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - stylelint \ - stylelint-config-standard \ - stylelint-config-sass-guidelines \ - stylelint-scss && \ + stylelint@${NPM_STYLELINT_VERSION} \ + stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} \ + stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} \ + stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -161,7 +204,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# stylelint installation +# #OTHER__END ################################ diff --git a/linters/dart_dartanalyzer/Dockerfile b/linters/dart_dartanalyzer/Dockerfile index f3c96412263..06d6288b189 100644 --- a/linters/dart_dartanalyzer/Dockerfile +++ b/linters/dart_dartanalyzer/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=github-tags depName=sgerrand/alpine-pkg-glibc +ARG ALPINE_GLIBC_PACKAGE_VERSION=2.34-r0 # renovate: datasource=dart-version depName=dart ARG DART_VERSION='3.6.2' #ARG__END @@ -63,16 +85,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -149,11 +171,10 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # DART installation ENV LANG=C.UTF-8 RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \ - ALPINE_GLIBC_PACKAGE_VERSION="2.34-r0" && \ ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ - apk add --no-cache --virtual=.build-dependencies wget ca-certificates && \ + apk add --no-cache --virtual=.build-dependencies wget ca-certificates=${APK_CA_CERTIFICATES_VERSION} && \ echo \ "-----BEGIN PUBLIC KEY-----\ MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2u1KJKUu/fW4A25y9m\ diff --git a/linters/dockerfile_hadolint/Dockerfile b/linters/dockerfile_hadolint/Dockerfile index 6a1d2775d1a..2dea8137b11 100644 --- a/linters/dockerfile_hadolint/Dockerfile +++ b/linters/dockerfile_hadolint/Dockerfile @@ -25,7 +25,7 @@ FROM hadolint/hadolint:${DOCKERFILE_HADOLINT_VERSION} AS hadolint ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG DOCKERFILE_HADOLINT_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/editorconfig_editorconfig_checker/Dockerfile b/linters/editorconfig_editorconfig_checker/Dockerfile index 30e30b8f682..7afdecb37c1 100644 --- a/linters/editorconfig_editorconfig_checker/Dockerfile +++ b/linters/editorconfig_editorconfig_checker/Dockerfile @@ -25,7 +25,7 @@ FROM mstruebing/editorconfig-checker:${EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG EDITORCONFIG_EDITORCONFIG_CHECKER_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/env_dotenv_linter/Dockerfile b/linters/env_dotenv_linter/Dockerfile index d32209ca8d1..07e86d6b833 100644 --- a/linters/env_dotenv_linter/Dockerfile +++ b/linters/env_dotenv_linter/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,26 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 #ARG__END #################### @@ -62,16 +81,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/gherkin_gherkin_lint/Dockerfile b/linters/gherkin_gherkin_lint/Dockerfile index 5cbae306c06..95683d1e589 100644 --- a/linters/gherkin_gherkin_lint/Dockerfile +++ b/linters/gherkin_gherkin_lint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=gherkin-lint +ARG NPM_GHERKIN_LINT_VERSION=4.2.4 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - gherkin-lint && \ + gherkin-lint@${NPM_GHERKIN_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# gherkin-lint installation +# #OTHER__END ################################ diff --git a/linters/go_golangci_lint/Dockerfile b/linters/go_golangci_lint/Dockerfile index aeb40f19b69..0f093b0f736 100644 --- a/linters/go_golangci_lint/Dockerfile +++ b/linters/go_golangci_lint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/go +ARG APK_GO_VERSION=1.23.5-r0 # renovate: datasource=github-tags depName=golangci/golangci-lint ARG GO_GOLANGCI_LINT_VERSION=1.63.4 #ARG__END @@ -63,17 +85,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - go \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + go=${APK_GO_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -147,6 +169,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# GO installation +# # golangci-lint installation RUN wget -O- -nv https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s "v${GO_GOLANGCI_LINT_VERSION}" \ && golangci-lint --version diff --git a/linters/go_revive/Dockerfile b/linters/go_revive/Dockerfile index 93cae554c35..f85954b0859 100644 --- a/linters/go_revive/Dockerfile +++ b/linters/go_revive/Dockerfile @@ -30,7 +30,7 @@ RUN GOBIN=/usr/bin go install github.com/mgechev/revive@$GO_REVIVE_VERSION ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -54,7 +54,30 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/go +ARG APK_GO_VERSION=1.23.5-r0 +ARG GO_REVIVE_VERSION #ARG__END #################### @@ -68,17 +91,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - go \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + go=${APK_GO_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -152,6 +175,8 @@ COPY --link --from=revive /usr/bin/revive /usr/bin/revive ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# GO installation +# # revive installation # Managed with COPY --link --from=revive /usr/bin/revive /usr/bin/revive # diff --git a/linters/graphql_graphql_schema_linter/Dockerfile b/linters/graphql_graphql_schema_linter/Dockerfile index 9142a242cdc..8c12e08c805 100644 --- a/linters/graphql_graphql_schema_linter/Dockerfile +++ b/linters/graphql_graphql_schema_linter/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,36 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=graphql +ARG NPM_GRAPHQL_VERSION=16.10.0 +# renovate: datasource=npm depName=graphql-schema-linter +ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +91,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,8 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - graphql \ - graphql-schema-linter && \ + graphql@${NPM_GRAPHQL_VERSION} \ + graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -159,7 +188,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# graphql-schema-linter installation +# #OTHER__END ################################ diff --git a/linters/groovy_npm_groovy_lint/Dockerfile b/linters/groovy_npm_groovy_lint/Dockerfile index 668c32ff32e..3b1ce8b8d4f 100644 --- a/linters/groovy_npm_groovy_lint/Dockerfile +++ b/linters/groovy_npm_groovy_lint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,36 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/openjdk17 +ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 +# renovate: datasource=npm depName=npm-groovy-lint +ARG NPM_GROOVY_LINT_VERSION=15.0.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,20 +91,20 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk17 \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk17=${APK_OPENJDK17_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -120,7 +149,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - npm-groovy-lint@15.0.0 && \ + npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ diff --git a/linters/html_djlint/Dockerfile b/linters/html_djlint/Dockerfile index a9623b833c8..1b7406e137d 100644 --- a/linters/html_djlint/Dockerfile +++ b/linters/html_djlint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=djlint +ARG PIP_DJLINT_VERSION=1.36.4 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/djlint" && cd "/venvs/djlint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir djlint==${PIP_DJLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/djlint/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# djlint installation +# #OTHER__END ################################ diff --git a/linters/html_htmlhint/Dockerfile b/linters/html_htmlhint/Dockerfile index 4ed8196c481..46ba80628d3 100644 --- a/linters/html_htmlhint/Dockerfile +++ b/linters/html_htmlhint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=htmlhint +ARG NPM_HTMLHINT_VERSION=1.1.4 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - htmlhint && \ + htmlhint@${NPM_HTMLHINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# htmlhint installation +# #OTHER__END ################################ diff --git a/linters/java_checkstyle/Dockerfile b/linters/java_checkstyle/Dockerfile index 0039453dde7..48298da45fb 100644 --- a/linters/java_checkstyle/Dockerfile +++ b/linters/java_checkstyle/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 #ARG__END #################### @@ -62,17 +83,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/java_pmd/Dockerfile b/linters/java_pmd/Dockerfile index 7c643bb973e..f58745643d8 100644 --- a/linters/java_pmd/Dockerfile +++ b/linters/java_pmd/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 # renovate: datasource=github-tags depName=pmd/pmd extractVersion=^pmd_releases/(?.*)$ ARG PMD_VERSION=7.10.0 @@ -64,17 +86,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/javascript_es/Dockerfile b/linters/javascript_es/Dockerfile index 246eb315d97..0ae34d3e650 100644 --- a/linters/javascript_es/Dockerfile +++ b/linters/javascript_es/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,58 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=eslint +ARG NPM_ESLINT_VERSION=8.57.0 +# renovate: datasource=npm depName=eslint-config-airbnb +ARG NPM_ESLINT_CONFIG_AIRBNB_VERSION=19.0.4 +# renovate: datasource=npm depName=eslint-config-prettier +ARG NPM_ESLINT_CONFIG_PRETTIER_VERSION=10.0.1 +# renovate: datasource=npm depName=eslint-config-standard +ARG NPM_ESLINT_CONFIG_STANDARD_VERSION=17.1.0 +# renovate: datasource=npm depName=eslint-plugin-import +ARG NPM_ESLINT_PLUGIN_IMPORT_VERSION=2.31.0 +# renovate: datasource=npm depName=eslint-plugin-jest +ARG NPM_ESLINT_PLUGIN_JEST_VERSION=28.11.0 +# renovate: datasource=npm depName=eslint-plugin-node +ARG NPM_ESLINT_PLUGIN_NODE_VERSION=11.1.0 +# renovate: datasource=npm depName=eslint-plugin-prettier +ARG NPM_ESLINT_PLUGIN_PRETTIER_VERSION=5.2.3 +# renovate: datasource=npm depName=eslint-plugin-promise +ARG NPM_ESLINT_PLUGIN_PROMISE_VERSION=6.6.0 +# renovate: datasource=npm depName=eslint-plugin-vue +ARG NPM_ESLINT_PLUGIN_VUE_VERSION=9.32.0 +# renovate: datasource=npm depName=@babel/core +ARG NPM_BABEL_CORE_VERSION=7.26.7 +# renovate: datasource=npm depName=@babel/eslint-parser +ARG NPM_BABEL_ESLINT_PARSER_VERSION=7.26.5 +# renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif +ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +113,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,19 +170,19 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-config-standard \ - eslint-plugin-import \ - eslint-plugin-jest \ - eslint-plugin-node \ - eslint-plugin-prettier \ - eslint-plugin-promise \ - eslint-plugin-vue \ - @babel/core \ - @babel/eslint-parser \ - @microsoft/eslint-formatter-sarif && \ + eslint@${NPM_ESLINT_VERSION} \ + eslint-config-airbnb@${NPM_ESLINT_CONFIG_AIRBNB_VERSION} \ + eslint-config-prettier@${NPM_ESLINT_CONFIG_PRETTIER_VERSION} \ + eslint-config-standard@${NPM_ESLINT_CONFIG_STANDARD_VERSION} \ + eslint-plugin-import@${NPM_ESLINT_PLUGIN_IMPORT_VERSION} \ + eslint-plugin-jest@${NPM_ESLINT_PLUGIN_JEST_VERSION} \ + eslint-plugin-node@${NPM_ESLINT_PLUGIN_NODE_VERSION} \ + eslint-plugin-prettier@${NPM_ESLINT_PLUGIN_PRETTIER_VERSION} \ + eslint-plugin-promise@${NPM_ESLINT_PLUGIN_PROMISE_VERSION} \ + eslint-plugin-vue@${NPM_ESLINT_PLUGIN_VUE_VERSION} \ + @babel/core@${NPM_BABEL_CORE_VERSION} \ + @babel/eslint-parser@${NPM_BABEL_ESLINT_PARSER_VERSION} \ + @microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -170,7 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# eslint installation +# #OTHER__END ################################ diff --git a/linters/javascript_prettier/Dockerfile b/linters/javascript_prettier/Dockerfile index 2576145155c..b8f617a51b1 100644 --- a/linters/javascript_prettier/Dockerfile +++ b/linters/javascript_prettier/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - prettier && \ + prettier@${NPM_PRETTIER_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# prettier installation +# #OTHER__END ################################ diff --git a/linters/javascript_standard/Dockerfile b/linters/javascript_standard/Dockerfile index 8446102a2c9..4de209fd768 100644 --- a/linters/javascript_standard/Dockerfile +++ b/linters/javascript_standard/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=standard +ARG NPM_STANDARD_VERSION=17.1.2 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - standard && \ + standard@${NPM_STANDARD_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# standard installation +# #OTHER__END ################################ diff --git a/linters/json_eslint_plugin_jsonc/Dockerfile b/linters/json_eslint_plugin_jsonc/Dockerfile index 71fdfa64545..901cbeef158 100644 --- a/linters/json_eslint_plugin_jsonc/Dockerfile +++ b/linters/json_eslint_plugin_jsonc/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,38 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=eslint +ARG NPM_ESLINT_VERSION=8.57.0 +# renovate: datasource=npm depName=eslint-plugin-jsonc +ARG NPM_ESLINT_PLUGIN_JSONC_VERSION=2.19.1 +# renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif +ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +93,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,9 +150,9 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - eslint \ - eslint-plugin-jsonc \ - @microsoft/eslint-formatter-sarif && \ + eslint@${NPM_ESLINT_VERSION} \ + eslint-plugin-jsonc@${NPM_ESLINT_PLUGIN_JSONC_VERSION} \ + @microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -160,7 +191,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# eslint-plugin-jsonc installation +# #OTHER__END ################################ diff --git a/linters/json_jsonlint/Dockerfile b/linters/json_jsonlint/Dockerfile index 11a284a47f9..8ec33608c98 100644 --- a/linters/json_jsonlint/Dockerfile +++ b/linters/json_jsonlint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=@prantlf/jsonlint +ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @prantlf/jsonlint && \ + @prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# jsonlint installation +# #OTHER__END ################################ diff --git a/linters/json_npm_package_json_lint/Dockerfile b/linters/json_npm_package_json_lint/Dockerfile index a48015c5a73..6cab4668e1b 100644 --- a/linters/json_npm_package_json_lint/Dockerfile +++ b/linters/json_npm_package_json_lint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,36 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=npm-package-json-lint +ARG NPM_PACKAGE_JSON_LINT_VERSION=8.0.0 +# renovate: datasource=npm depName=npm-package-json-lint-config-default +ARG NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION=7.0.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +91,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,8 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - npm-package-json-lint \ - npm-package-json-lint-config-default && \ + npm-package-json-lint@${NPM_PACKAGE_JSON_LINT_VERSION} \ + npm-package-json-lint-config-default@${NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -159,7 +188,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# npm-package-json-lint installation +# #OTHER__END ################################ diff --git a/linters/json_prettier/Dockerfile b/linters/json_prettier/Dockerfile index 65ab7e5cc13..447eafb3100 100644 --- a/linters/json_prettier/Dockerfile +++ b/linters/json_prettier/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - prettier && \ + prettier@${NPM_PRETTIER_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# prettier installation +# #OTHER__END ################################ diff --git a/linters/json_v8r/Dockerfile b/linters/json_v8r/Dockerfile index b8ab5e3f461..97b9f90f235 100644 --- a/linters/json_v8r/Dockerfile +++ b/linters/json_v8r/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - v8r && \ + v8r@${NPM_V8R_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# v8r installation +# #OTHER__END ################################ diff --git a/linters/jsx_eslint/Dockerfile b/linters/jsx_eslint/Dockerfile index 3aeff9e4746..04c28a89901 100644 --- a/linters/jsx_eslint/Dockerfile +++ b/linters/jsx_eslint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,40 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=eslint +ARG NPM_ESLINT_VERSION=8.57.0 +# renovate: datasource=npm depName=eslint-plugin-react +ARG NPM_ESLINT_PLUGIN_REACT_VERSION=7.37.4 +# renovate: datasource=npm depName=eslint-plugin-jsx-a11y +ARG NPM_ESLINT_PLUGIN_JSX_ALLY_VERSION=6.10.2 +# renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif +ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +95,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,10 +152,10 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - eslint \ - eslint-plugin-react \ - eslint-plugin-jsx-a11y \ - @microsoft/eslint-formatter-sarif && \ + eslint@${NPM_ESLINT_VERSION} \ + eslint-plugin-react@${NPM_ESLINT_PLUGIN_REACT_VERSION} \ + eslint-plugin-jsx-a11y@${NPM_ESLINT_PLUGIN_JSX_ALLY_VERSION} \ + @microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -161,7 +194,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# eslint installation +# #OTHER__END ################################ diff --git a/linters/kotlin_detekt/Dockerfile b/linters/kotlin_detekt/Dockerfile index 824bfb44086..4b5d8bd192f 100644 --- a/linters/kotlin_detekt/Dockerfile +++ b/linters/kotlin_detekt/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 # renovate: datasource=github-tags depName=detekt/detekt ARG DETEKT_VERSION=1.23.7 @@ -64,17 +86,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/kotlin_ktlint/Dockerfile b/linters/kotlin_ktlint/Dockerfile index ba463951b74..bb7c394c857 100644 --- a/linters/kotlin_ktlint/Dockerfile +++ b/linters/kotlin_ktlint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 # renovate: datasource=github-tags depName=pinterest/ktlint ARG KTLINT_VERSION=1.5.0 @@ -64,17 +86,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/kubernetes_helm/Dockerfile b/linters/kubernetes_helm/Dockerfile index 1fd7b28630f..ed2791bcc0b 100644 --- a/linters/kubernetes_helm/Dockerfile +++ b/linters/kubernetes_helm/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/helm +ARG APK_HELM_VERSION=3.16.3-r1 #ARG__END #################### @@ -62,17 +83,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - helm \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + helm=${APK_HELM_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -146,7 +167,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# helm installation +# #OTHER__END ################################ diff --git a/linters/kubernetes_kubeconform/Dockerfile b/linters/kubernetes_kubeconform/Dockerfile index 8ab07293957..602b6ff28db 100644 --- a/linters/kubernetes_kubeconform/Dockerfile +++ b/linters/kubernetes_kubeconform/Dockerfile @@ -25,7 +25,7 @@ FROM ghcr.io/yannh/kubeconform:${KUBERNETES_KUBECONFORM_VERSION} AS kubeconform ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG KUBERNETES_KUBECONFORM_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/kubernetes_kubescape/Dockerfile b/linters/kubernetes_kubescape/Dockerfile index 09fe2d3d51f..fff7515962b 100644 --- a/linters/kubernetes_kubescape/Dockerfile +++ b/linters/kubernetes_kubescape/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,30 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/gcompat +ARG APK_GCOMPAT_VERSION=1.1.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libstdc++ +ARG APK_LIBSTDC_VERSION=14.2.0-r4 # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 #ARG__END @@ -63,19 +87,18 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - gcompat \ - libc6-compat \ - libstdc++ \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + gcompat=${APK_GCOMPAT_VERSION} \ + libstdc++=${APK_LIBSTDC_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/latex_chktex/Dockerfile b/linters/latex_chktex/Dockerfile index ff3bcdd8ec6..99f2f145564 100644 --- a/linters/latex_chktex/Dockerfile +++ b/linters/latex_chktex/Dockerfile @@ -24,7 +24,7 @@ FROM ghcr.io/assignuser/chktex-alpine:latest AS chktex ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,26 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 #ARG__END #################### @@ -62,16 +81,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/lua_luacheck/Dockerfile b/linters/lua_luacheck/Dockerfile index aa0818f9771..c175d7efd5b 100644 --- a/linters/lua_luacheck/Dockerfile +++ b/linters/lua_luacheck/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,30 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/readline-dev +ARG APK_READLINE_DEV_VERSION=8.2.13-r0 +# renovate: datasource=repology depName=alpine_3_21/openssl +ARG APK_OPENSSL_VERSION=3.3.2-r4 # renovate: datasource=github-tags depName=cvega/luarocks ARG LUA_LUACHECK_VERSION=3.3.1 @@ -64,18 +88,18 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - readline-dev \ - openssl \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + readline-dev=${APK_READLINE_DEV_VERSION} \ + openssl=${APK_OPENSSL_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/lua_selene/Dockerfile b/linters/lua_selene/Dockerfile index 3eae6619bce..80b0b2318b3 100644 --- a/linters/lua_selene/Dockerfile +++ b/linters/lua_selene/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,8 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/readline-dev +ARG APK_READLINE_DEV_VERSION=8.2.13-r0 # renovate: datasource=crate depName=selene -ARG LUA_SELENE_VERSION=0.28.0 +ARG CARGO_SELENE_VERSION=0.28.0 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 #ARG__END #################### @@ -63,17 +87,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - readline-dev \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + readline-dev=${APK_READLINE_DEV_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -94,9 +118,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked selene@${LUA_SELENE_VERSION} \ + && cargo install --force --locked selene@${CARGO_SELENE_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END diff --git a/linters/lua_stylua/Dockerfile b/linters/lua_stylua/Dockerfile index 15078c60f36..656bbf36599 100644 --- a/linters/lua_stylua/Dockerfile +++ b/linters/lua_stylua/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,8 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/readline-dev +ARG APK_READLINE_DEV_VERSION=8.2.13-r0 # renovate: datasource=crate depName=stylua -ARG LUA_STYLUA_VERSION=2.0.0 +ARG CARGO_STYLUA_VERSION=2.0.0 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 #ARG__END #################### @@ -63,17 +87,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - readline-dev \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + readline-dev=${APK_READLINE_DEV_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -94,9 +118,9 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ - && cargo install --force --locked stylua@${LUA_STYLUA_VERSION} \ + && cargo install --force --locked stylua@${CARGO_STYLUA_VERSION} \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache /root/.rustup ENV PATH="/root/.cargo/bin:${PATH}" #CARGO__END diff --git a/linters/makefile_checkmake/Dockerfile b/linters/makefile_checkmake/Dockerfile index 4167caa67f1..ff3dfddefe7 100644 --- a/linters/makefile_checkmake/Dockerfile +++ b/linters/makefile_checkmake/Dockerfile @@ -24,7 +24,7 @@ FROM mrtazz/checkmake:latest AS checkmake ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,26 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 #ARG__END #################### @@ -62,16 +81,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/markdown_markdown_link_check/Dockerfile b/linters/markdown_markdown_link_check/Dockerfile index 40ded00ed6c..ade2cd2ba59 100644 --- a/linters/markdown_markdown_link_check/Dockerfile +++ b/linters/markdown_markdown_link_check/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,8 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 # renovate: datasource=npm depName=markdown-link-check -ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -63,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -120,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} && \ + markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ diff --git a/linters/markdown_markdown_table_formatter/Dockerfile b/linters/markdown_markdown_table_formatter/Dockerfile index b3a8bfa5461..3f77f6ccc0d 100644 --- a/linters/markdown_markdown_table_formatter/Dockerfile +++ b/linters/markdown_markdown_table_formatter/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=markdown-table-formatter +ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - markdown-table-formatter && \ + markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# markdown-table-formatter installation +# #OTHER__END ################################ diff --git a/linters/markdown_markdownlint/Dockerfile b/linters/markdown_markdownlint/Dockerfile index da5d0f33fe6..b4fe6ca672a 100644 --- a/linters/markdown_markdownlint/Dockerfile +++ b/linters/markdown_markdownlint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=markdownlint-cli +ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - markdownlint-cli && \ + markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# markdownlint installation +# #OTHER__END ################################ diff --git a/linters/markdown_remark_lint/Dockerfile b/linters/markdown_remark_lint/Dockerfile index 955b4f823c3..3e40efccde5 100644 --- a/linters/markdown_remark_lint/Dockerfile +++ b/linters/markdown_remark_lint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,36 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=remark-cli +ARG NPM_REMARK_CLI_VERSION=12.0.1 +# renovate: datasource=npm depName=remark-preset-lint-recommended +ARG NPM_REMARK_PRESET_LINT_RECOMMENDED_VERSION=7.0.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +91,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,8 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - remark-cli \ - remark-preset-lint-recommended && \ + remark-cli@${NPM_REMARK_CLI_VERSION} \ + remark-preset-lint-recommended@${NPM_REMARK_PRESET_LINT_RECOMMENDED_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -159,7 +188,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# remark-lint installation +# #OTHER__END ################################ diff --git a/linters/perl_perlcritic/Dockerfile b/linters/perl_perlcritic/Dockerfile index f79e0cc3735..3939f6010fe 100644 --- a/linters/perl_perlcritic/Dockerfile +++ b/linters/perl_perlcritic/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,30 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/perl +ARG APK_PERL_VERSION=5.40.1-r0 +# renovate: datasource=repology depName=alpine_3_21/perl-dev +ARG APK_PERL_DEV_VERSION=5.40.1-r0 # renovate: datasource=github-tags depName=skaji/cpm ARG PERL_PERLCRITIC_VERSION=0.997021 @@ -64,18 +88,18 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - perl \ - perl-dev \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + perl=${APK_PERL_VERSION} \ + perl-dev=${APK_PERL_DEV_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -149,6 +173,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START +# PERL installation +# # perlcritic installation RUN curl -fsSL https://raw.githubusercontent.com/skaji/cpm/refs/tags/${PERL_PERLCRITIC_VERSION}/cpm | perl - install -g --show-build-log-on-failure --without-build --without-test --without-runtime Perl::Critic \ && rm -rf /root/.perl-cpm diff --git a/linters/php_phpcs/Dockerfile b/linters/php_phpcs/Dockerfile index 3f5e6619838..2cb0ec2a13c 100644 --- a/linters/php_phpcs/Dockerfile +++ b/linters/php_phpcs/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,54 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/gnupg +ARG APK_GNUPG_VERSION=2.4.7-r0 +# renovate: datasource=repology depName=alpine_3_21/php84 +ARG APK_PHP84_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-phar +ARG APK_PHP84_PHAR_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-mbstring +ARG APK_PHP84_MBSTRING_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-xmlwriter +ARG APK_PHP84_XMLWRITER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-tokenizer +ARG APK_PHP84_TOKENIZER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-ctype +ARG APK_PHP84_CTYPE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-curl +ARG APK_PHP84_CURL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-dom +ARG APK_PHP84_DOM_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-opcache +ARG APK_PHP84_OPCACHE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-openssl +ARG APK_PHP84_OPENSSL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-common +ARG APK_PHP84_COMMON_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-simplexml +ARG APK_PHP84_SIMPLEXML_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/dpkg +ARG APK_DPKG_VERSION=1.22.11-r0 #ARG__END #################### @@ -62,30 +109,30 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - gnupg \ - php84 \ - php84-phar \ - php84-mbstring \ - php84-xmlwriter \ - php84-tokenizer \ - php84-ctype \ - php84-curl \ - php84-dom \ - php84-opcache \ - php84-openssl \ - php84-common \ - php84-simplexml \ - dpkg \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + gnupg=${APK_GNUPG_VERSION} \ + php84=${APK_PHP84_VERSION} \ + php84-phar=${APK_PHP84_PHAR_VERSION} \ + php84-mbstring=${APK_PHP84_MBSTRING_VERSION} \ + php84-xmlwriter=${APK_PHP84_XMLWRITER_VERSION} \ + php84-tokenizer=${APK_PHP84_TOKENIZER_VERSION} \ + php84-ctype=${APK_PHP84_CTYPE_VERSION} \ + php84-curl=${APK_PHP84_CURL_VERSION} \ + php84-dom=${APK_PHP84_DOM_VERSION} \ + php84-opcache=${APK_PHP84_OPCACHE_VERSION} \ + php84-openssl=${APK_PHP84_OPENSSL_VERSION} \ + php84-common=${APK_PHP84_COMMON_VERSION} \ + php84-simplexml=${APK_PHP84_SIMPLEXML_VERSION} \ + dpkg=${APK_DPKG_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/php_phpcsfixer/Dockerfile b/linters/php_phpcsfixer/Dockerfile index b2d3e9c97ef..e2418924c0b 100644 --- a/linters/php_phpcsfixer/Dockerfile +++ b/linters/php_phpcsfixer/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,54 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/gnupg +ARG APK_GNUPG_VERSION=2.4.7-r0 +# renovate: datasource=repology depName=alpine_3_21/php84 +ARG APK_PHP84_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-phar +ARG APK_PHP84_PHAR_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-mbstring +ARG APK_PHP84_MBSTRING_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-xmlwriter +ARG APK_PHP84_XMLWRITER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-tokenizer +ARG APK_PHP84_TOKENIZER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-ctype +ARG APK_PHP84_CTYPE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-curl +ARG APK_PHP84_CURL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-dom +ARG APK_PHP84_DOM_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-opcache +ARG APK_PHP84_OPCACHE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-openssl +ARG APK_PHP84_OPENSSL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-common +ARG APK_PHP84_COMMON_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-simplexml +ARG APK_PHP84_SIMPLEXML_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/dpkg +ARG APK_DPKG_VERSION=1.22.11-r0 #ARG__END #################### @@ -62,30 +109,30 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - gnupg \ - php84 \ - php84-phar \ - php84-mbstring \ - php84-xmlwriter \ - php84-tokenizer \ - php84-ctype \ - php84-curl \ - php84-dom \ - php84-opcache \ - php84-openssl \ - php84-common \ - php84-simplexml \ - dpkg \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + gnupg=${APK_GNUPG_VERSION} \ + php84=${APK_PHP84_VERSION} \ + php84-phar=${APK_PHP84_PHAR_VERSION} \ + php84-mbstring=${APK_PHP84_MBSTRING_VERSION} \ + php84-xmlwriter=${APK_PHP84_XMLWRITER_VERSION} \ + php84-tokenizer=${APK_PHP84_TOKENIZER_VERSION} \ + php84-ctype=${APK_PHP84_CTYPE_VERSION} \ + php84-curl=${APK_PHP84_CURL_VERSION} \ + php84-dom=${APK_PHP84_DOM_VERSION} \ + php84-opcache=${APK_PHP84_OPCACHE_VERSION} \ + php84-openssl=${APK_PHP84_OPENSSL_VERSION} \ + php84-common=${APK_PHP84_COMMON_VERSION} \ + php84-simplexml=${APK_PHP84_SIMPLEXML_VERSION} \ + dpkg=${APK_DPKG_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/php_phplint/Dockerfile b/linters/php_phplint/Dockerfile index e9be3cf1412..15387db6c7d 100644 --- a/linters/php_phplint/Dockerfile +++ b/linters/php_phplint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,54 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/gnupg +ARG APK_GNUPG_VERSION=2.4.7-r0 +# renovate: datasource=repology depName=alpine_3_21/php84 +ARG APK_PHP84_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-phar +ARG APK_PHP84_PHAR_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-mbstring +ARG APK_PHP84_MBSTRING_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-xmlwriter +ARG APK_PHP84_XMLWRITER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-tokenizer +ARG APK_PHP84_TOKENIZER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-ctype +ARG APK_PHP84_CTYPE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-curl +ARG APK_PHP84_CURL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-dom +ARG APK_PHP84_DOM_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-opcache +ARG APK_PHP84_OPCACHE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-openssl +ARG APK_PHP84_OPENSSL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-common +ARG APK_PHP84_COMMON_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-simplexml +ARG APK_PHP84_SIMPLEXML_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/dpkg +ARG APK_DPKG_VERSION=1.22.11-r0 #ARG__END #################### @@ -62,30 +109,30 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - gnupg \ - php84 \ - php84-phar \ - php84-mbstring \ - php84-xmlwriter \ - php84-tokenizer \ - php84-ctype \ - php84-curl \ - php84-dom \ - php84-opcache \ - php84-openssl \ - php84-common \ - php84-simplexml \ - dpkg \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + gnupg=${APK_GNUPG_VERSION} \ + php84=${APK_PHP84_VERSION} \ + php84-phar=${APK_PHP84_PHAR_VERSION} \ + php84-mbstring=${APK_PHP84_MBSTRING_VERSION} \ + php84-xmlwriter=${APK_PHP84_XMLWRITER_VERSION} \ + php84-tokenizer=${APK_PHP84_TOKENIZER_VERSION} \ + php84-ctype=${APK_PHP84_CTYPE_VERSION} \ + php84-curl=${APK_PHP84_CURL_VERSION} \ + php84-dom=${APK_PHP84_DOM_VERSION} \ + php84-opcache=${APK_PHP84_OPCACHE_VERSION} \ + php84-openssl=${APK_PHP84_OPENSSL_VERSION} \ + php84-common=${APK_PHP84_COMMON_VERSION} \ + php84-simplexml=${APK_PHP84_SIMPLEXML_VERSION} \ + dpkg=${APK_DPKG_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/php_phpstan/Dockerfile b/linters/php_phpstan/Dockerfile index dd3289ce376..8a3a0708652 100644 --- a/linters/php_phpstan/Dockerfile +++ b/linters/php_phpstan/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,54 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/gnupg +ARG APK_GNUPG_VERSION=2.4.7-r0 +# renovate: datasource=repology depName=alpine_3_21/php84 +ARG APK_PHP84_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-phar +ARG APK_PHP84_PHAR_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-mbstring +ARG APK_PHP84_MBSTRING_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-xmlwriter +ARG APK_PHP84_XMLWRITER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-tokenizer +ARG APK_PHP84_TOKENIZER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-ctype +ARG APK_PHP84_CTYPE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-curl +ARG APK_PHP84_CURL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-dom +ARG APK_PHP84_DOM_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-opcache +ARG APK_PHP84_OPCACHE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-openssl +ARG APK_PHP84_OPENSSL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-common +ARG APK_PHP84_COMMON_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-simplexml +ARG APK_PHP84_SIMPLEXML_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/dpkg +ARG APK_DPKG_VERSION=1.22.11-r0 #ARG__END #################### @@ -62,30 +109,30 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - gnupg \ - php84 \ - php84-phar \ - php84-mbstring \ - php84-xmlwriter \ - php84-tokenizer \ - php84-ctype \ - php84-curl \ - php84-dom \ - php84-opcache \ - php84-openssl \ - php84-common \ - php84-simplexml \ - dpkg \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + gnupg=${APK_GNUPG_VERSION} \ + php84=${APK_PHP84_VERSION} \ + php84-phar=${APK_PHP84_PHAR_VERSION} \ + php84-mbstring=${APK_PHP84_MBSTRING_VERSION} \ + php84-xmlwriter=${APK_PHP84_XMLWRITER_VERSION} \ + php84-tokenizer=${APK_PHP84_TOKENIZER_VERSION} \ + php84-ctype=${APK_PHP84_CTYPE_VERSION} \ + php84-curl=${APK_PHP84_CURL_VERSION} \ + php84-dom=${APK_PHP84_DOM_VERSION} \ + php84-opcache=${APK_PHP84_OPCACHE_VERSION} \ + php84-openssl=${APK_PHP84_OPENSSL_VERSION} \ + php84-common=${APK_PHP84_COMMON_VERSION} \ + php84-simplexml=${APK_PHP84_SIMPLEXML_VERSION} \ + dpkg=${APK_DPKG_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/php_psalm/Dockerfile b/linters/php_psalm/Dockerfile index 5d827dbe6c9..8d84e42c610 100644 --- a/linters/php_psalm/Dockerfile +++ b/linters/php_psalm/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,54 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/gnupg +ARG APK_GNUPG_VERSION=2.4.7-r0 +# renovate: datasource=repology depName=alpine_3_21/php84 +ARG APK_PHP84_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-phar +ARG APK_PHP84_PHAR_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-mbstring +ARG APK_PHP84_MBSTRING_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-xmlwriter +ARG APK_PHP84_XMLWRITER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-tokenizer +ARG APK_PHP84_TOKENIZER_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-ctype +ARG APK_PHP84_CTYPE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-curl +ARG APK_PHP84_CURL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-dom +ARG APK_PHP84_DOM_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-opcache +ARG APK_PHP84_OPCACHE_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-openssl +ARG APK_PHP84_OPENSSL_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-common +ARG APK_PHP84_COMMON_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/php84-simplexml +ARG APK_PHP84_SIMPLEXML_VERSION=8.4.3-r0 +# renovate: datasource=repology depName=alpine_3_21/dpkg +ARG APK_DPKG_VERSION=1.22.11-r0 #ARG__END #################### @@ -62,30 +109,30 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - gnupg \ - php84 \ - php84-phar \ - php84-mbstring \ - php84-xmlwriter \ - php84-tokenizer \ - php84-ctype \ - php84-curl \ - php84-dom \ - php84-opcache \ - php84-openssl \ - php84-common \ - php84-simplexml \ - dpkg \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + gnupg=${APK_GNUPG_VERSION} \ + php84=${APK_PHP84_VERSION} \ + php84-phar=${APK_PHP84_PHAR_VERSION} \ + php84-mbstring=${APK_PHP84_MBSTRING_VERSION} \ + php84-xmlwriter=${APK_PHP84_XMLWRITER_VERSION} \ + php84-tokenizer=${APK_PHP84_TOKENIZER_VERSION} \ + php84-ctype=${APK_PHP84_CTYPE_VERSION} \ + php84-curl=${APK_PHP84_CURL_VERSION} \ + php84-dom=${APK_PHP84_DOM_VERSION} \ + php84-opcache=${APK_PHP84_OPCACHE_VERSION} \ + php84-openssl=${APK_PHP84_OPENSSL_VERSION} \ + php84-common=${APK_PHP84_COMMON_VERSION} \ + php84-simplexml=${APK_PHP84_SIMPLEXML_VERSION} \ + dpkg=${APK_DPKG_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/powershell_powershell/Dockerfile b/linters/powershell_powershell/Dockerfile index 669ac1953b9..075c6ec9253 100644 --- a/linters/powershell_powershell/Dockerfile +++ b/linters/powershell_powershell/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/icu-libs +ARG APK_ICU_LIBS_VERSION=74.2-r0 # renovate: datasource=github-tags depName=PowerShell/PowerShell ARG POWERSHELL_VERSION=7.5.0 @@ -67,17 +89,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - icu-libs \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + icu-libs=${APK_ICU_LIBS_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/powershell_powershell_formatter/Dockerfile b/linters/powershell_powershell_formatter/Dockerfile index bc916975a52..0cbe3ca2837 100644 --- a/linters/powershell_powershell_formatter/Dockerfile +++ b/linters/powershell_powershell_formatter/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/icu-libs +ARG APK_ICU_LIBS_VERSION=74.2-r0 # renovate: datasource=github-tags depName=PowerShell/PowerShell ARG POWERSHELL_VERSION=7.5.0 @@ -67,17 +89,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - icu-libs \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + icu-libs=${APK_ICU_LIBS_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/protobuf_protolint/Dockerfile b/linters/protobuf_protolint/Dockerfile index fc059283bd3..849fc6962ab 100644 --- a/linters/protobuf_protolint/Dockerfile +++ b/linters/protobuf_protolint/Dockerfile @@ -25,7 +25,7 @@ FROM yoheimuta/protolint:${PROTOBUF_PROTOLINT_VERSION} AS protolint ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG PROTOBUF_PROTOLINT_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/puppet_puppet_lint/Dockerfile b/linters/puppet_puppet_lint/Dockerfile index b8fecbe4d64..e756a4bd0cd 100644 --- a/linters/puppet_puppet_lint/Dockerfile +++ b/linters/puppet_puppet_lint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,36 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=rubygems depName=puppet-lint +ARG GEM_PUPPET_LINT_VERSION=4.2.4 +# renovate: datasource=repology depName=alpine_3_21/ruby +ARG APK_RUBY_VERSION=3.3.6-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-dev +ARG APK_RUBY_DEV_VERSION=3.3.6-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-bundler +ARG APK_RUBY_BUNDLER_VERSION=2.5.23-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-rdoc +ARG APK_RUBY_RDOC_VERSION=3.3.6-r0 #ARG__END #################### @@ -62,20 +91,20 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - ruby \ - ruby-dev \ - ruby-bundler \ - ruby-rdoc \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + ruby=${APK_RUBY_VERSION} \ + ruby-dev=${APK_RUBY_DEV_VERSION} \ + ruby-bundler=${APK_RUBY_BUNDLER_VERSION} \ + ruby-rdoc=${APK_RUBY_RDOC_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -134,7 +163,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #GEM__START RUN echo 'gem: --no-document' >> ~/.gemrc && \ gem install \ - puppet-lint + puppet-lint:${GEM_PUPPET_LINT_VERSION} #GEM__END ############################## @@ -151,7 +180,8 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# puppet-lint installation +# #OTHER__END ################################ diff --git a/linters/python_bandit/Dockerfile b/linters/python_bandit/Dockerfile index 75832ea2069..395a241aff5 100644 --- a/linters/python_bandit/Dockerfile +++ b/linters/python_bandit/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=bandit +ARG PIP_BANDIT_VERSION=1.8.2 +# renovate: datasource=pypi depName=bandit_sarif_formatter +ARG PIP_BANDIT_SARIF_FORMATTER_VERSION=1.1.1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +89,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +129,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/bandit" && cd "/venvs/bandit" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir bandit bandit_sarif_formatter bandit[toml] && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/bandit" && cd "/venvs/bandit" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir bandit==${PIP_BANDIT_VERSION} bandit_sarif_formatter==${PIP_BANDIT_SARIF_FORMATTER_VERSION} bandit[toml]==${PIP_BANDIT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/bandit/bin @@ -149,7 +176,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# bandit installation +# #OTHER__END ################################ diff --git a/linters/python_black/Dockerfile b/linters/python_black/Dockerfile index 1def6448340..ca2f168dc0e 100644 --- a/linters/python_black/Dockerfile +++ b/linters/python_black/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=black +ARG PIP_BLACK_VERSION=24.10.0 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/black" && cd "/venvs/black" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black==${PIP_BLACK_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/black/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# black installation +# #OTHER__END ################################ diff --git a/linters/python_flake8/Dockerfile b/linters/python_flake8/Dockerfile index 883b13346d0..c550e8a205a 100644 --- a/linters/python_flake8/Dockerfile +++ b/linters/python_flake8/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=flake8 +ARG PIP_FLAKE8_VERSION=7.1.1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/flake8" && cd "/venvs/flake8" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir flake8 && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/flake8" && cd "/venvs/flake8" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir flake8==${PIP_FLAKE8_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/flake8/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# flake8 installation +# #OTHER__END ################################ diff --git a/linters/python_isort/Dockerfile b/linters/python_isort/Dockerfile index 0413aee16cf..43e4c12c7f6 100644 --- a/linters/python_isort/Dockerfile +++ b/linters/python_isort/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=black +ARG PIP_BLACK_VERSION=24.10.0 +# renovate: datasource=pypi depName=isort +ARG PIP_ISORT_VERSION=5.13.2 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +89,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +129,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir isort black && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/isort" && cd "/venvs/isort" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir black==${PIP_BLACK_VERSION} isort==${PIP_ISORT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/isort/bin @@ -149,7 +176,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# isort installation +# #OTHER__END ################################ diff --git a/linters/python_mypy/Dockerfile b/linters/python_mypy/Dockerfile index 1de4e5b9a0f..3088e1a019f 100644 --- a/linters/python_mypy/Dockerfile +++ b/linters/python_mypy/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=mypy +ARG PIP_MYPY_VERSION=1.14.1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/mypy" && cd "/venvs/mypy" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir mypy && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/mypy" && cd "/venvs/mypy" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir mypy==${PIP_MYPY_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/mypy/bin diff --git a/linters/python_pylint/Dockerfile b/linters/python_pylint/Dockerfile index a42bcf6ea8b..8934a0e6dc0 100644 --- a/linters/python_pylint/Dockerfile +++ b/linters/python_pylint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=pylint +ARG PIP_PYLINT_VERSION=3.3.3 +# renovate: datasource=pypi depName=typing-extensions +ARG PIP_TYPING_EXTENSIONS_VERSION=4.12.2 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +89,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +129,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/pylint" && cd "/venvs/pylint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pylint typing-extensions && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/pylint" && cd "/venvs/pylint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pylint==${PIP_PYLINT_VERSION} typing-extensions==${PIP_TYPING_EXTENSIONS_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/pylint/bin @@ -149,7 +176,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# pylint installation +# #OTHER__END ################################ diff --git a/linters/python_pyright/Dockerfile b/linters/python_pyright/Dockerfile index 264ce99104c..2b860542be4 100644 --- a/linters/python_pyright/Dockerfile +++ b/linters/python_pyright/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=pyright +ARG PIP_PYRIGHT_VERSION=1.1.392.post0 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,17 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - nodejs \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -103,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/pyright" && cd "/venvs/pyright" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pyright && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/pyright" && cd "/venvs/pyright" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pyright==${PIP_PYRIGHT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/pyright/bin @@ -150,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# pyright installation +# #OTHER__END ################################ diff --git a/linters/python_ruff/Dockerfile b/linters/python_ruff/Dockerfile index 29f710469c7..7bc4b1cb3ef 100644 --- a/linters/python_ruff/Dockerfile +++ b/linters/python_ruff/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=ruff +ARG PIP_RUFF_VERSION=0.9.3 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ruff" && cd "/venvs/ruff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ruff" && cd "/venvs/ruff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff==${PIP_RUFF_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/ruff/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# ruff installation +# #OTHER__END ################################ diff --git a/linters/python_ruff_format/Dockerfile b/linters/python_ruff_format/Dockerfile index e10841d0378..7d3b8376b50 100644 --- a/linters/python_ruff_format/Dockerfile +++ b/linters/python_ruff_format/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=ruff +ARG PIP_RUFF_VERSION=0.9.3 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/ruff-format" && cd "/venvs/ruff-format" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/ruff-format" && cd "/venvs/ruff-format" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir ruff==${PIP_RUFF_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/ruff-format/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# ruff-format installation +# #OTHER__END ################################ diff --git a/linters/r_lintr/Dockerfile b/linters/r_lintr/Dockerfile index 0dcb33d0cb6..1d452ef7ecc 100644 --- a/linters/r_lintr/Dockerfile +++ b/linters/r_lintr/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,46 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/g++ +ARG APK_G_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libcurl +ARG APK_LIBCURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/linux-headers +ARG APK_LINUX_HEADERS_VERSION=6.6-r1 +# renovate: datasource=repology depName=alpine_3_21/R +ARG APK_R_VERSION=4.4.2-r0 +# renovate: datasource=repology depName=alpine_3_21/R-dev +ARG APK_R_DEV_VERSION=4.4.2-r0 +# renovate: datasource=repology depName=alpine_3_21/R-doc +ARG APK_R_DOC_VERSION=4.4.2-r0 #ARG__END #################### @@ -62,26 +101,26 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - g++ \ - libc-dev \ - libcurl \ - libgcc \ - libxml2-dev \ - libxml2-utils \ - linux-headers \ - R \ - R-dev \ - R-doc \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + g++=${APK_G_VERSION} \ + libcurl=${APK_LIBCURL_VERSION} \ + libffi-dev=${APK_LBFFI_DEV_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + linux-headers=${APK_LINUX_HEADERS_VERSION} \ + R=${APK_R_VERSION} \ + R-dev=${APK_R_DEV_VERSION} \ + R-doc=${APK_R_DOC_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/raku_raku/Dockerfile b/linters/raku_raku/Dockerfile index 0606ecd4030..6564a64685d 100644 --- a/linters/raku_raku/Dockerfile +++ b/linters/raku_raku/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,26 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 # renovate: datasource=github-tags depName=nxadm/rakudo-pkg ARG RAKU_RAKU_VERSION=2024.12 ARG RAKU_RAKU_ALPINE_VERSION=3.20 @@ -65,16 +85,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/repository_checkov/Dockerfile b/linters/repository_checkov/Dockerfile index d6706709773..7eeee6781d9 100644 --- a/linters/repository_checkov/Dockerfile +++ b/linters/repository_checkov/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=checkov +ARG PIP_CHECKOV_VERSION=3.2.357 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir packaging checkov && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/checkov" && cd "/venvs/checkov" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir checkov==${PIP_CHECKOV_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/checkov/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# checkov installation +# #OTHER__END ################################ diff --git a/linters/repository_devskim/Dockerfile b/linters/repository_devskim/Dockerfile index 00de9a323cf..ffd2e9f4961 100644 --- a/linters/repository_devskim/Dockerfile +++ b/linters/repository_devskim/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk +ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 # renovate: datasource=nuget depName=Microsoft.CST.DevSkim.CLI ARG REPOSITORY_DEVSKIM_VERSION=1.0.52 #ARG__END @@ -63,16 +85,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -147,7 +169,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # devskim installation -RUN apk add --no-cache dotnet9-sdk +RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} ENV PATH="${PATH}:/root/.dotnet/tools" RUN dotnet tool install --allow-roll-forward --global Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} # diff --git a/linters/repository_dustilock/Dockerfile b/linters/repository_dustilock/Dockerfile index 908efe981d7..c7dc8067eca 100644 --- a/linters/repository_dustilock/Dockerfile +++ b/linters/repository_dustilock/Dockerfile @@ -11,6 +11,8 @@ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARGTOP__START +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 # renovate: datasource=github-tags depName=checkmarx/dustilock ARG REPOSITORY_DUSTILOCK_VERSION=1.2.0 #ARGTOP__END @@ -20,14 +22,15 @@ ARG REPOSITORY_DUSTILOCK_VERSION=1.2.0 ############################################################################################# #FROM__START FROM golang:alpine AS dustilock +ARG APK_GIT_VERSION ARG REPOSITORY_DUSTILOCK_VERSION -RUN apk add --no-cache git && GOBIN=/usr/bin go install github.com/checkmarx/dustilock@v${REPOSITORY_DUSTILOCK_VERSION} +RUN apk add --no-cache git=${APK_GIT_VERSION} && GOBIN=/usr/bin go install github.com/checkmarx/dustilock@v${REPOSITORY_DUSTILOCK_VERSION} #FROM__END ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -51,7 +54,27 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG APK_GIT_VERSION +ARG REPOSITORY_DUSTILOCK_VERSION #ARG__END #################### @@ -65,16 +88,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/repository_git_diff/Dockerfile b/linters/repository_git_diff/Dockerfile index 6a8c944355a..3c0de7150d5 100644 --- a/linters/repository_git_diff/Dockerfile +++ b/linters/repository_git_diff/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,26 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 #ARG__END #################### @@ -62,16 +81,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/repository_gitleaks/Dockerfile b/linters/repository_gitleaks/Dockerfile index f2294aba9c4..53a196376e1 100644 --- a/linters/repository_gitleaks/Dockerfile +++ b/linters/repository_gitleaks/Dockerfile @@ -25,7 +25,7 @@ FROM zricethezav/gitleaks:${REPOSITORY_GITLEAKS_VERSION} AS gitleaks ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG REPOSITORY_GITLEAKS_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/repository_grype/Dockerfile b/linters/repository_grype/Dockerfile index 65b54c5f09e..b34b0334800 100644 --- a/linters/repository_grype/Dockerfile +++ b/linters/repository_grype/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,26 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 # renovate: datasource=github-tags depName=anchore/grype ARG REPOSITORY_GRYPE_VERSION=0.87.0 #ARG__END @@ -63,16 +83,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/repository_kics/Dockerfile b/linters/repository_kics/Dockerfile index 1af7a81c85a..0bbe71835b6 100644 --- a/linters/repository_kics/Dockerfile +++ b/linters/repository_kics/Dockerfile @@ -25,7 +25,7 @@ FROM checkmarx/kics:${REPOSITORY_KICS_VERSION} AS kics ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG REPOSITORY_KICS_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/repository_ls_lint/Dockerfile b/linters/repository_ls_lint/Dockerfile index a1daea1de5c..931da5d5fb2 100644 --- a/linters/repository_ls_lint/Dockerfile +++ b/linters/repository_ls_lint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=@ls-lint/ls-lint +ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @ls-lint/ls-lint && \ + @ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# ls-lint installation +# #OTHER__END ################################ diff --git a/linters/repository_secretlint/Dockerfile b/linters/repository_secretlint/Dockerfile index a40a3d01bc8..14b01e386da 100644 --- a/linters/repository_secretlint/Dockerfile +++ b/linters/repository_secretlint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,38 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=secretlint +ARG NPM_SECRETLINT_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend +ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 +# renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif +ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +93,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,9 +150,9 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - secretlint \ - @secretlint/secretlint-rule-preset-recommend \ - @secretlint/secretlint-formatter-sarif && \ + secretlint@${NPM_SECRETLINT_VERSION} \ + @secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION} \ + @secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -160,7 +191,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# secretlint installation +# #OTHER__END ################################ diff --git a/linters/repository_semgrep/Dockerfile b/linters/repository_semgrep/Dockerfile index 47d23483ce5..b957c276155 100644 --- a/linters/repository_semgrep/Dockerfile +++ b/linters/repository_semgrep/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=semgrep +ARG PIP_SEMGREP_VERSION=1.104.0 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/semgrep" && cd "/venvs/semgrep" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir semgrep==${PIP_SEMGREP_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/semgrep/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# semgrep installation +# #OTHER__END ################################ diff --git a/linters/repository_syft/Dockerfile b/linters/repository_syft/Dockerfile index c06a96bea71..6136555fec6 100644 --- a/linters/repository_syft/Dockerfile +++ b/linters/repository_syft/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,26 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 # renovate: datasource=github-tags depName=anchore/syft ARG REPOSITORY_SYFT_VERSION=1.19.0 #ARG__END @@ -63,16 +83,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/repository_trivy/Dockerfile b/linters/repository_trivy/Dockerfile index 07939d913e6..ba2c71fa1f9 100644 --- a/linters/repository_trivy/Dockerfile +++ b/linters/repository_trivy/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,26 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_VERSION=0.59.0 #ARG__END @@ -63,16 +83,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/repository_trivy_sbom/Dockerfile b/linters/repository_trivy_sbom/Dockerfile index da8f6a0e6c0..c3187706a32 100644 --- a/linters/repository_trivy_sbom/Dockerfile +++ b/linters/repository_trivy_sbom/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,26 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 # renovate: datasource=github-tags depName=aquasecurity/trivy ARG REPOSITORY_TRIVY_SBOM_VERSION=0.59.0 #ARG__END @@ -63,16 +83,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/repository_trufflehog/Dockerfile b/linters/repository_trufflehog/Dockerfile index 7eeadd9e48f..e3e6b7d790d 100644 --- a/linters/repository_trufflehog/Dockerfile +++ b/linters/repository_trufflehog/Dockerfile @@ -25,7 +25,7 @@ FROM trufflesecurity/trufflehog:${REPOSITORY_TRUFFLEHOG_VERSION} AS trufflehog ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG REPOSITORY_TRUFFLEHOG_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/rst_rst_lint/Dockerfile b/linters/rst_rst_lint/Dockerfile index ee247d63026..b1c5b9e3740 100644 --- a/linters/rst_rst_lint/Dockerfile +++ b/linters/rst_rst_lint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=Pygments +ARG PIP_PYGMENTS_VERSION=2.19.1 +# renovate: datasource=pypi depName=restructuredtext_lint +ARG PIP_RESTRUCTUREDTEXT_LINT_VERSION=1.4.0 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +89,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +129,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/rst-lint" && cd "/venvs/rst-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir Pygments restructuredtext_lint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/rst-lint" && cd "/venvs/rst-lint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir Pygments==${PIP_PYGMENTS_VERSION} restructuredtext_lint==${PIP_RESTRUCTUREDTEXT_LINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/rst-lint/bin @@ -149,7 +176,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# rst-lint installation +# #OTHER__END ################################ diff --git a/linters/rst_rstcheck/Dockerfile b/linters/rst_rstcheck/Dockerfile index dd835e2f782..4087ccf7c32 100644 --- a/linters/rst_rstcheck/Dockerfile +++ b/linters/rst_rstcheck/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=rstcheck +ARG PIP_RSTCHECK_VERSION=6.2.4 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/rstcheck" && cd "/venvs/rstcheck" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstcheck[toml,sphinx] && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/rstcheck" && cd "/venvs/rstcheck" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstcheck[toml,sphinx]==${PIP_RSTCHECK_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/rstcheck/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# rstcheck installation +# #OTHER__END ################################ diff --git a/linters/rst_rstfmt/Dockerfile b/linters/rst_rstfmt/Dockerfile index eb8d01c64e5..65ef247446f 100644 --- a/linters/rst_rstfmt/Dockerfile +++ b/linters/rst_rstfmt/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=rstfmt +ARG PIP_RSTFMT_VERSION=0.0.14 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/rstfmt" && cd "/venvs/rstfmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir rstfmt==${PIP_RSTFMT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/rstfmt/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# rstfmt installation +# #OTHER__END ################################ diff --git a/linters/ruby_rubocop/Dockerfile b/linters/ruby_rubocop/Dockerfile index 1eba3fa21a4..2fad524b090 100644 --- a/linters/ruby_rubocop/Dockerfile +++ b/linters/ruby_rubocop/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,46 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=rubygems depName=rubocop +ARG GEM_RUBOCOP_VERSION=1.71.0 +# renovate: datasource=rubygems depName=rubocop-github +ARG GEM_RUBOCOP_GITHUB_VERSION=0.20.0 +# renovate: datasource=rubygems depName=rubocop-performance +ARG GEM_RUBOCOP_PERFORMANCE_VERSION=1.23.1 +# renovate: datasource=rubygems depName=rubocop-rails +ARG GEM_RUBOCOP_RAILS_VERSION=2.29.1 +# renovate: datasource=rubygems depName=rubocop-rake +ARG GEM_RUBOCOP_RAKE_VERSION=0.6.0 +# renovate: datasource=rubygems depName=rubocop-rspec +ARG GEM_RUBOCOP_RSPEC_VERSION=3.4.0 +# renovate: datasource=repology depName=alpine_3_21/ruby +ARG APK_RUBY_VERSION=3.3.6-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-dev +ARG APK_RUBY_DEV_VERSION=3.3.6-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-bundler +ARG APK_RUBY_BUNDLER_VERSION=2.5.23-r0 +# renovate: datasource=repology depName=alpine_3_21/ruby-rdoc +ARG APK_RUBY_RDOC_VERSION=3.3.6-r0 #ARG__END #################### @@ -62,20 +101,20 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - ruby \ - ruby-dev \ - ruby-bundler \ - ruby-rdoc \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + ruby=${APK_RUBY_VERSION} \ + ruby-dev=${APK_RUBY_DEV_VERSION} \ + ruby-bundler=${APK_RUBY_BUNDLER_VERSION} \ + ruby-rdoc=${APK_RUBY_RDOC_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -134,12 +173,12 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ #GEM__START RUN echo 'gem: --no-document' >> ~/.gemrc && \ gem install \ - rubocop \ - rubocop-github \ - rubocop-performance \ - rubocop-rails \ - rubocop-rake \ - rubocop-rspec + rubocop:${GEM_RUBOCOP_VERSION} \ + rubocop-github:${GEM_RUBOCOP_GITHUB_VERSION} \ + rubocop-performance:${GEM_RUBOCOP_PERFORMANCE_VERSION} \ + rubocop-rails:${GEM_RUBOCOP_RAILS_VERSION} \ + rubocop-rake:${GEM_RUBOCOP_RAKE_VERSION} \ + rubocop-rspec:${GEM_RUBOCOP_RSPEC_VERSION} #GEM__END ############################## @@ -156,7 +195,8 @@ RUN echo 'gem: --no-document' >> ~/.gemrc && \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# rubocop installation +# #OTHER__END ################################ diff --git a/linters/rust_clippy/Dockerfile b/linters/rust_clippy/Dockerfile index d3da53ed85f..760d73aecc6 100644 --- a/linters/rust_clippy/Dockerfile +++ b/linters/rust_clippy/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=github-tags depName=rust-lang/rust +ARG RUST_RUST_VERSION=1.84.0 #ARG__END #################### @@ -62,16 +83,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -92,7 +113,7 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #CARGO__START -RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain stable \ +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain ${RUST_RUST_VERSION} \ && export PATH="/root/.cargo/bin:${PATH}" \ && rustup component add clippy && echo "No cargo package to install, we just need rust for dependencies" \ && rm -rf /root/.cargo/registry /root/.cargo/git /root/.cache/sccache diff --git a/linters/salesforce_lightning_flow_scanner/Dockerfile b/linters/salesforce_lightning_flow_scanner/Dockerfile index 27d53d8db6f..0b8db813013 100644 --- a/linters/salesforce_lightning_flow_scanner/Dockerfile +++ b/linters/salesforce_lightning_flow_scanner/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,14 +48,44 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/coreutils +ARG APK_COREUTILS_VERSION=9.5-r2 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 # renovate: datasource=npm depName=@salesforce/cli -ARG SALESFORCE_CLI_VERSION=2.74.6 +ARG NPM_SALESFORCE_CLI_VERSION=2.74.6 # renovate: datasource=npm depName=@salesforce/plugin-packaging -ARG SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 +ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 # renovate: datasource=npm depName=sfdx-hardis ARG SFDX_HARDIS_VERSION=5.18.1 # renovate: datasource=npm depName=lightning-flow-scanner ARG LIGHTNING_FLOW_SCANNER_VERSION=2.45.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -69,21 +99,21 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - coreutils \ - openjdk21 \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + coreutils=${APK_COREUTILS_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -128,7 +158,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @salesforce/cli@${SALESFORCE_CLI_VERSION} && \ + @salesforce/cli@${NPM_SALESFORCE_CLI_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -170,7 +200,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # SALESFORCE installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" -RUN sf plugins install @salesforce/plugin-packaging@${SALESFORCE_PLUGIN_PACKAGING_VERSION} \ +RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ && rm -rf /root/.npm/_cacache diff --git a/linters/salesforce_sfdx_scanner_apex/Dockerfile b/linters/salesforce_sfdx_scanner_apex/Dockerfile index d0c376632c5..c65b99ecb8f 100644 --- a/linters/salesforce_sfdx_scanner_apex/Dockerfile +++ b/linters/salesforce_sfdx_scanner_apex/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,14 +48,44 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/coreutils +ARG APK_COREUTILS_VERSION=9.5-r2 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 # renovate: datasource=npm depName=@salesforce/cli -ARG SALESFORCE_CLI_VERSION=2.74.6 +ARG NPM_SALESFORCE_CLI_VERSION=2.74.6 # renovate: datasource=npm depName=@salesforce/plugin-packaging -ARG SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 +ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 # renovate: datasource=npm depName=sfdx-hardis ARG SFDX_HARDIS_VERSION=5.18.1 # renovate: datasource=npm depName=@salesforce/sfdx-scanner ARG SALESFORCE_SFDX_SCANNER_VERSION=4.9.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -69,21 +99,21 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - coreutils \ - openjdk21 \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + coreutils=${APK_COREUTILS_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -128,7 +158,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @salesforce/cli@${SALESFORCE_CLI_VERSION} && \ + @salesforce/cli@${NPM_SALESFORCE_CLI_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -170,7 +200,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # SALESFORCE installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" -RUN sf plugins install @salesforce/plugin-packaging@${SALESFORCE_PLUGIN_PACKAGING_VERSION} \ +RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ && rm -rf /root/.npm/_cacache diff --git a/linters/salesforce_sfdx_scanner_aura/Dockerfile b/linters/salesforce_sfdx_scanner_aura/Dockerfile index c2d9c9a056d..ec711014812 100644 --- a/linters/salesforce_sfdx_scanner_aura/Dockerfile +++ b/linters/salesforce_sfdx_scanner_aura/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,14 +48,44 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/coreutils +ARG APK_COREUTILS_VERSION=9.5-r2 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 # renovate: datasource=npm depName=@salesforce/cli -ARG SALESFORCE_CLI_VERSION=2.74.6 +ARG NPM_SALESFORCE_CLI_VERSION=2.74.6 # renovate: datasource=npm depName=@salesforce/plugin-packaging -ARG SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 +ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 # renovate: datasource=npm depName=sfdx-hardis ARG SFDX_HARDIS_VERSION=5.18.1 # renovate: datasource=npm depName=@salesforce/sfdx-scanner ARG SALESFORCE_SFDX_SCANNER_VERSION=4.9.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -69,21 +99,21 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - coreutils \ - openjdk21 \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + coreutils=${APK_COREUTILS_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -128,7 +158,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @salesforce/cli@${SALESFORCE_CLI_VERSION} && \ + @salesforce/cli@${NPM_SALESFORCE_CLI_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -170,7 +200,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # SALESFORCE installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" -RUN sf plugins install @salesforce/plugin-packaging@${SALESFORCE_PLUGIN_PACKAGING_VERSION} \ +RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ && rm -rf /root/.npm/_cacache diff --git a/linters/salesforce_sfdx_scanner_lwc/Dockerfile b/linters/salesforce_sfdx_scanner_lwc/Dockerfile index 4d905481831..1eb8da3d6da 100644 --- a/linters/salesforce_sfdx_scanner_lwc/Dockerfile +++ b/linters/salesforce_sfdx_scanner_lwc/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,14 +48,44 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/coreutils +ARG APK_COREUTILS_VERSION=9.5-r2 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 # renovate: datasource=npm depName=@salesforce/cli -ARG SALESFORCE_CLI_VERSION=2.74.6 +ARG NPM_SALESFORCE_CLI_VERSION=2.74.6 # renovate: datasource=npm depName=@salesforce/plugin-packaging -ARG SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 +ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 # renovate: datasource=npm depName=sfdx-hardis ARG SFDX_HARDIS_VERSION=5.18.1 # renovate: datasource=npm depName=@salesforce/sfdx-scanner ARG SALESFORCE_SFDX_SCANNER_VERSION=4.9.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -69,21 +99,21 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - coreutils \ - openjdk21 \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + coreutils=${APK_COREUTILS_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -128,7 +158,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @salesforce/cli@${SALESFORCE_CLI_VERSION} && \ + @salesforce/cli@${NPM_SALESFORCE_CLI_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -170,7 +200,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ # SALESFORCE installation ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk ENV PATH="$JAVA_HOME/bin:${PATH}" -RUN sf plugins install @salesforce/plugin-packaging@${SALESFORCE_PLUGIN_PACKAGING_VERSION} \ +RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ && rm -rf /root/.npm/_cacache diff --git a/linters/scala_scalafix/Dockerfile b/linters/scala_scalafix/Dockerfile index d2ea5831f49..9ddac5aa6fe 100644 --- a/linters/scala_scalafix/Dockerfile +++ b/linters/scala_scalafix/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/openjdk21 +ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 #ARG__END #################### @@ -62,17 +83,17 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - openjdk21 \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + openjdk21=${APK_OPENJDK21_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/snakemake_lint/Dockerfile b/linters/snakemake_lint/Dockerfile index ea921ad8bbc..69baa7b479a 100644 --- a/linters/snakemake_lint/Dockerfile +++ b/linters/snakemake_lint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=snakemake +ARG PIP_SNAKEMAKE_VERSION=8.27.1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/snakemake" && cd "/venvs/snakemake" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakemake==${PIP_SNAKEMAKE_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/snakemake/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# snakemake installation +# #OTHER__END ################################ diff --git a/linters/snakemake_snakefmt/Dockerfile b/linters/snakemake_snakefmt/Dockerfile index be7c72837fc..ca578e4c159 100644 --- a/linters/snakemake_snakefmt/Dockerfile +++ b/linters/snakemake_snakefmt/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=snakefmt +ARG PIP_SNAKEFMT_VERSION=0.10.2 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/snakefmt" && cd "/venvs/snakefmt" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir snakefmt==${PIP_SNAKEFMT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/snakefmt/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# snakefmt installation +# #OTHER__END ################################ diff --git a/linters/spell_cspell/Dockerfile b/linters/spell_cspell/Dockerfile index 1e20bde6f24..d1e7dc3c774 100644 --- a/linters/spell_cspell/Dockerfile +++ b/linters/spell_cspell/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=cspell +ARG NPM_CSPELL_VERSION=8.17.2 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - cspell && \ + cspell@${NPM_CSPELL_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# cspell installation +# #OTHER__END ################################ diff --git a/linters/spell_lychee/Dockerfile b/linters/spell_lychee/Dockerfile index cdce7b99179..c83d7ada47f 100644 --- a/linters/spell_lychee/Dockerfile +++ b/linters/spell_lychee/Dockerfile @@ -25,7 +25,7 @@ FROM lycheeverse/lychee:${SPELL_LYCHEE_VERSION} AS lychee ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG SPELL_LYCHEE_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/spell_proselint/Dockerfile b/linters/spell_proselint/Dockerfile index 54f766deb2a..f8d3be89950 100644 --- a/linters/spell_proselint/Dockerfile +++ b/linters/spell_proselint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=proselint +ARG PIP_PROSELINT_VERSION=0.14.0 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/proselint" && cd "/venvs/proselint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir proselint==${PIP_PROSELINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/proselint/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# proselint installation +# #OTHER__END ################################ diff --git a/linters/spell_vale/Dockerfile b/linters/spell_vale/Dockerfile index 748e4c85cc1..84af79cd7ca 100644 --- a/linters/spell_vale/Dockerfile +++ b/linters/spell_vale/Dockerfile @@ -25,7 +25,7 @@ FROM jdkato/vale:${SPELL_VALE_VERSION} AS vale ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG SPELL_VALE_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/sql_sqlfluff/Dockerfile b/linters/sql_sqlfluff/Dockerfile index 011682c37ac..ffa606405e3 100644 --- a/linters/sql_sqlfluff/Dockerfile +++ b/linters/sql_sqlfluff/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,8 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 # renovate: datasource=pypi depName=sqlfluff -ARG SQL_SQLFLUFF_VERSION=3.3.0 +ARG PIP_SQLFLUFF_VERSION=3.3.0 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -63,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -103,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${SQL_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/sqlfluff" && cd "/venvs/sqlfluff" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir sqlfluff==${PIP_SQLFLUFF_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/sqlfluff/bin diff --git a/linters/sql_tsqllint/Dockerfile b/linters/sql_tsqllint/Dockerfile index 0405f025d9f..da527060c97 100644 --- a/linters/sql_tsqllint/Dockerfile +++ b/linters/sql_tsqllint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,6 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk +ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 # renovate: datasource=nuget depName=TSQLLint ARG SQL_TSQLLINT_VERSION=1.16.0 #ARG__END @@ -63,16 +85,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -147,7 +169,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # tsqllint installation -RUN apk add --no-cache dotnet9-sdk +RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} ENV PATH="${PATH}:/root/.dotnet/tools" RUN dotnet tool install --allow-roll-forward --global TSQLLint --version ${SQL_TSQLLINT_VERSION} # diff --git a/linters/swift_swiftlint/Dockerfile b/linters/swift_swiftlint/Dockerfile index 83a64ba0d5e..c6010d98f64 100644 --- a/linters/swift_swiftlint/Dockerfile +++ b/linters/swift_swiftlint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,30 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/docker +ARG APK_DOCKER_VERSION=27.3.1-r1 +# renovate: datasource=repology depName=alpine_3_21/openrc +ARG APK_OPENRC_VERSION=0.55.1-r2 #ARG__END #################### @@ -62,18 +85,18 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - docker \ - openrc \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + docker=${APK_DOCKER_VERSION} \ + openrc=${APK_OPENRC_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -148,6 +171,10 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START RUN rc-update add docker boot && (rc-service docker start || true) +# swiftlint installation +# renovate: datasource=docker depName=ghcr.io/realm/swiftlint +ENV SWIFT_SWIFTLINT_VERSION=0.58.2 +# #OTHER__END ################################ diff --git a/linters/tekton_tekton_lint/Dockerfile b/linters/tekton_tekton_lint/Dockerfile index 76d19527865..dee2038bcd5 100644 --- a/linters/tekton_tekton_lint/Dockerfile +++ b/linters/tekton_tekton_lint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=@ibm/tekton-lint +ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - @ibm/tekton-lint && \ + @ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# tekton-lint installation +# #OTHER__END ################################ diff --git a/linters/terraform_terraform_fmt/Dockerfile b/linters/terraform_terraform_fmt/Dockerfile index 624dfe029e7..34efdd1c263 100644 --- a/linters/terraform_terraform_fmt/Dockerfile +++ b/linters/terraform_terraform_fmt/Dockerfile @@ -25,7 +25,7 @@ FROM alpine/terragrunt:${TERRAFORM_TERRAGRUNT_VERSION} AS terragrunt ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG TERRAFORM_TERRAGRUNT_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/terraform_terragrunt/Dockerfile b/linters/terraform_terragrunt/Dockerfile index a7fd2984ac0..bbc67fcc153 100644 --- a/linters/terraform_terragrunt/Dockerfile +++ b/linters/terraform_terragrunt/Dockerfile @@ -25,7 +25,7 @@ FROM alpine/terragrunt:${TERRAFORM_TERRAGRUNT_VERSION} AS terragrunt ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG TERRAFORM_TERRAGRUNT_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/terraform_terrascan/Dockerfile b/linters/terraform_terrascan/Dockerfile index 97d3716f677..58ad5112d57 100644 --- a/linters/terraform_terrascan/Dockerfile +++ b/linters/terraform_terrascan/Dockerfile @@ -25,7 +25,7 @@ FROM tenable/terrascan:${TERRAFORM_TERRASCAN_VERSION} AS terrascan ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG TERRAFORM_TERRASCAN_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/terraform_tflint/Dockerfile b/linters/terraform_tflint/Dockerfile index 66ba7c82cb6..67c87ad1528 100644 --- a/linters/terraform_tflint/Dockerfile +++ b/linters/terraform_tflint/Dockerfile @@ -25,7 +25,7 @@ FROM ghcr.io/terraform-linters/tflint:v${TERRAFORM_TFLINT_VERSION} AS tflint ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -49,7 +49,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 + +ARG TERRAFORM_TFLINT_VERSION #ARG__END #################### @@ -63,16 +84,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END diff --git a/linters/tsx_eslint/Dockerfile b/linters/tsx_eslint/Dockerfile index 04b9c2ee67e..5379830d7b0 100644 --- a/linters/tsx_eslint/Dockerfile +++ b/linters/tsx_eslint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,58 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=typescript +ARG NPM_TYPESCRIPT_VERSION=5.7.3 +# renovate: datasource=npm depName=eslint +ARG NPM_ESLINT_VERSION=8.57.0 +# renovate: datasource=npm depName=eslint-config-airbnb +ARG NPM_ESLINT_CONFIG_AIRBNB_VERSION=19.0.4 +# renovate: datasource=npm depName=eslint-config-prettier +ARG NPM_ESLINT_CONFIG_PRETTIER_VERSION=10.0.1 +# renovate: datasource=npm depName=eslint-plugin-jest +ARG NPM_ESLINT_PLUGIN_JEST_VERSION=28.11.0 +# renovate: datasource=npm depName=eslint-plugin-prettier +ARG NPM_ESLINT_PLUGIN_PRETTIER_VERSION=5.2.3 +# renovate: datasource=npm depName=eslint-plugin-react +ARG NPM_ESLINT_PLUGIN_REACT_VERSION=7.37.4 +# renovate: datasource=npm depName=@babel/eslint-parser +ARG NPM_BABEL_ESLINT_PARSER_VERSION=7.26.5 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=npm depName=prettyjson +ARG NPM_PRETTYJSON_VERSION=1.2.5 +# renovate: datasource=npm depName=@typescript-eslint/eslint-plugin +ARG NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION=8.21.0 +# renovate: datasource=npm depName=@typescript-eslint/parser +ARG NPM_TYPESCRIPT_ESLINT_PARSER_VERSION=8.21.0 +# renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif +ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +113,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,19 +170,19 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-plugin-jest \ - eslint-plugin-prettier \ - eslint-plugin-react \ - @babel/eslint-parser \ - prettier \ - prettyjson \ - @typescript-eslint/eslint-plugin \ - @typescript-eslint/parser \ - @microsoft/eslint-formatter-sarif && \ + typescript@${NPM_TYPESCRIPT_VERSION} \ + eslint@${NPM_ESLINT_VERSION} \ + eslint-config-airbnb@${NPM_ESLINT_CONFIG_AIRBNB_VERSION} \ + eslint-config-prettier@${NPM_ESLINT_CONFIG_PRETTIER_VERSION} \ + eslint-plugin-jest@${NPM_ESLINT_PLUGIN_JEST_VERSION} \ + eslint-plugin-prettier@${NPM_ESLINT_PLUGIN_PRETTIER_VERSION} \ + eslint-plugin-react@${NPM_ESLINT_PLUGIN_REACT_VERSION} \ + @babel/eslint-parser@${NPM_BABEL_ESLINT_PARSER_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + prettyjson@${NPM_PRETTYJSON_VERSION} \ + @typescript-eslint/eslint-plugin@${NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION} \ + @typescript-eslint/parser@${NPM_TYPESCRIPT_ESLINT_PARSER_VERSION} \ + @microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -170,7 +221,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# eslint installation +# #OTHER__END ################################ diff --git a/linters/typescript_es/Dockerfile b/linters/typescript_es/Dockerfile index d18c21a4cbe..845accbc4c4 100644 --- a/linters/typescript_es/Dockerfile +++ b/linters/typescript_es/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,64 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=typescript +ARG NPM_TYPESCRIPT_VERSION=5.7.3 +# renovate: datasource=npm depName=eslint +ARG NPM_ESLINT_VERSION=8.57.0 +# renovate: datasource=npm depName=eslint-config-airbnb +ARG NPM_ESLINT_CONFIG_AIRBNB_VERSION=19.0.4 +# renovate: datasource=npm depName=eslint-config-prettier +ARG NPM_ESLINT_CONFIG_PRETTIER_VERSION=10.0.1 +# renovate: datasource=npm depName=eslint-config-standard +ARG NPM_ESLINT_CONFIG_STANDARD_VERSION=17.1.0 +# renovate: datasource=npm depName=eslint-plugin-import +ARG NPM_ESLINT_PLUGIN_IMPORT_VERSION=2.31.0 +# renovate: datasource=npm depName=eslint-plugin-jest +ARG NPM_ESLINT_PLUGIN_JEST_VERSION=28.11.0 +# renovate: datasource=npm depName=eslint-plugin-node +ARG NPM_ESLINT_PLUGIN_NODE_VERSION=11.1.0 +# renovate: datasource=npm depName=eslint-plugin-prettier +ARG NPM_ESLINT_PLUGIN_PRETTIER_VERSION=5.2.3 +# renovate: datasource=npm depName=eslint-plugin-promise +ARG NPM_ESLINT_PLUGIN_PROMISE_VERSION=6.6.0 +# renovate: datasource=npm depName=@babel/eslint-parser +ARG NPM_BABEL_ESLINT_PARSER_VERSION=7.26.5 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=npm depName=prettyjson +ARG NPM_PRETTYJSON_VERSION=1.2.5 +# renovate: datasource=npm depName=@typescript-eslint/eslint-plugin +ARG NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION=8.21.0 +# renovate: datasource=npm depName=@typescript-eslint/parser +ARG NPM_TYPESCRIPT_ESLINT_PARSER_VERSION=8.21.0 +# renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif +ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +119,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,22 +176,22 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - eslint \ - eslint-config-airbnb \ - eslint-config-prettier \ - eslint-config-standard \ - eslint-plugin-import \ - eslint-plugin-jest \ - eslint-plugin-node \ - eslint-plugin-prettier \ - eslint-plugin-promise \ - @babel/eslint-parser \ - prettier \ - prettyjson \ - @typescript-eslint/eslint-plugin \ - @typescript-eslint/parser \ - @microsoft/eslint-formatter-sarif && \ + typescript@${NPM_TYPESCRIPT_VERSION} \ + eslint@${NPM_ESLINT_VERSION} \ + eslint-config-airbnb@${NPM_ESLINT_CONFIG_AIRBNB_VERSION} \ + eslint-config-prettier@${NPM_ESLINT_CONFIG_PRETTIER_VERSION} \ + eslint-config-standard@${NPM_ESLINT_CONFIG_STANDARD_VERSION} \ + eslint-plugin-import@${NPM_ESLINT_PLUGIN_IMPORT_VERSION} \ + eslint-plugin-jest@${NPM_ESLINT_PLUGIN_JEST_VERSION} \ + eslint-plugin-node@${NPM_ESLINT_PLUGIN_NODE_VERSION} \ + eslint-plugin-prettier@${NPM_ESLINT_PLUGIN_PRETTIER_VERSION} \ + eslint-plugin-promise@${NPM_ESLINT_PLUGIN_PROMISE_VERSION} \ + @babel/eslint-parser@${NPM_BABEL_ESLINT_PARSER_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} \ + prettyjson@${NPM_PRETTYJSON_VERSION} \ + @typescript-eslint/eslint-plugin@${NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION} \ + @typescript-eslint/parser@${NPM_TYPESCRIPT_ESLINT_PARSER_VERSION} \ + @microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -173,7 +230,10 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# TYPESCRIPT installation +# +# eslint installation +# #OTHER__END ################################ diff --git a/linters/typescript_prettier/Dockerfile b/linters/typescript_prettier/Dockerfile index d8343f0ec21..c5632b4df12 100644 --- a/linters/typescript_prettier/Dockerfile +++ b/linters/typescript_prettier/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,36 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=typescript +ARG NPM_TYPESCRIPT_VERSION=5.7.3 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +91,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,8 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - prettier && \ + typescript@${NPM_TYPESCRIPT_VERSION} \ + prettier@${NPM_PRETTIER_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -159,7 +188,10 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# TYPESCRIPT installation +# +# prettier installation +# #OTHER__END ################################ diff --git a/linters/typescript_standard/Dockerfile b/linters/typescript_standard/Dockerfile index 7394484929c..7bce7a7eea2 100644 --- a/linters/typescript_standard/Dockerfile +++ b/linters/typescript_standard/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,36 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=typescript +ARG NPM_TYPESCRIPT_VERSION=5.7.3 +# renovate: datasource=npm depName=ts-standard +ARG NPM_TS_STANDARD_VERSION=12.0.2 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +91,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,8 +148,8 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - typescript \ - ts-standard && \ + typescript@${NPM_TYPESCRIPT_VERSION} \ + ts-standard@${NPM_TS_STANDARD_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -159,7 +188,10 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# TYPESCRIPT installation +# +# ts-standard installation +# #OTHER__END ################################ diff --git a/linters/vbdotnet_dotnet_format/Dockerfile b/linters/vbdotnet_dotnet_format/Dockerfile index 02efb7343fb..4c1eab0e0f1 100644 --- a/linters/vbdotnet_dotnet_format/Dockerfile +++ b/linters/vbdotnet_dotnet_format/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,28 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk +ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 #ARG__END #################### @@ -62,16 +83,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -146,7 +167,7 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ############################################################################################# #OTHER__START # VBDOTNET installation -RUN apk add --no-cache dotnet9-sdk +RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} ENV PATH="${PATH}:/root/.dotnet/tools" # #OTHER__END diff --git a/linters/xml_xmllint/Dockerfile b/linters/xml_xmllint/Dockerfile index f1ab179c79d..7beb5a3a76b 100644 --- a/linters/xml_xmllint/Dockerfile +++ b/linters/xml_xmllint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=repology depName=alpine_3_21/libgcc +ARG APK_LIBGCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/libxml2-dev +ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 +# renovate: datasource=repology depName=alpine_3_21/libxml2-utils +ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 #ARG__END #################### @@ -62,20 +87,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - libc-dev \ - libxml2-dev \ - libxml2-utils \ - libgcc \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + libxml2-dev=${APK_LIBXML2_DEV_VERSION} \ + libxml2-utils=${APK_LIBXML2_UTILS_VERSION} \ + libgcc=${APK_LIBGCC_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -149,7 +173,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# xmllint installation +# #OTHER__END ################################ diff --git a/linters/yaml_prettier/Dockerfile b/linters/yaml_prettier/Dockerfile index c4f74535874..3c197d97db2 100644 --- a/linters/yaml_prettier/Dockerfile +++ b/linters/yaml_prettier/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=prettier +ARG NPM_PRETTIER_VERSION=3.4.2 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - prettier && \ + prettier@${NPM_PRETTIER_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# prettier installation +# #OTHER__END ################################ diff --git a/linters/yaml_v8r/Dockerfile b/linters/yaml_v8r/Dockerfile index 5b607d9a7b9..55026fa6162 100644 --- a/linters/yaml_v8r/Dockerfile +++ b/linters/yaml_v8r/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,34 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=npm depName=v8r +ARG NPM_V8R_VERSION=4.2.1 +# renovate: datasource=repology depName=alpine_3_21/npm +ARG APK_NPM_VERSION=10.9.1-r0 +# renovate: datasource=repology depName=alpine_3_21/nodejs-current +ARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1 +# renovate: datasource=repology depName=alpine_3_21/yarn +ARG APK_YARN_VERSION=1.22.22-r1 #ARG__END #################### @@ -62,19 +89,19 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ - npm \ - nodejs-current \ - yarn \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ + npm=${APK_NPM_VERSION} \ + nodejs-current=${APK_NODEJS_CURRENT_VERSION} \ + yarn=${APK_YARN_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -119,7 +146,7 @@ ENV NODE_OPTIONS="--max-old-space-size=8192" \ #NPM__START WORKDIR /node-deps RUN npm --no-cache install --ignore-scripts --omit=dev \ - v8r && \ + v8r@${NPM_V8R_VERSION} && \ echo "Cleaning npm cache…" \ && (npm cache clean --force || true) \ && echo "Changing owner of node_modules files…" \ @@ -158,7 +185,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# v8r installation +# #OTHER__END ################################ diff --git a/linters/yaml_yamllint/Dockerfile b/linters/yaml_yamllint/Dockerfile index 7059dc4c830..fdb8cf6c9fe 100644 --- a/linters/yaml_yamllint/Dockerfile +++ b/linters/yaml_yamllint/Dockerfile @@ -24,7 +24,7 @@ ################## # Build wheel for megalinter python package ################## -FROM ghcr.io/astral-sh/uv:0.5.27 AS uv +FROM ghcr.io/astral-sh/uv:0.5.22 AS uv FROM python:3.12.8-alpine3.21 AS build-ml-core WORKDIR / COPY --from=uv /uv /uvx /bin/ @@ -48,7 +48,32 @@ FROM python:3.12.8-alpine3.21 ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #ARG__START - +# renovate: datasource=repology depName=alpine_3_21/bash +ARG APK_BASH_VERSION=5.2.37-r0 +# renovate: datasource=repology depName=alpine_3_21/ca-certificates +ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 +# renovate: datasource=repology depName=alpine_3_21/curl +ARG APK_CURL_VERSION=8.11.1-r0 +# renovate: datasource=repology depName=alpine_3_21/gcc +ARG APK_GCC_VERSION=14.2.0-r4 +# renovate: datasource=repology depName=alpine_3_21/git +ARG APK_GIT_VERSION=2.47.2-r0 +# renovate: datasource=repology depName=alpine_3_21/git-lfs +ARG APK_GIT_LFS_VERSION=3.6.0-r1 +# renovate: datasource=repology depName=alpine_3_21/libffi-dev +ARG APK_LIBFFI_DEV_VERSION=3.4.6-r0 +# renovate: datasource=repology depName=alpine_3_21/make +ARG APK_MAKE_VERSION=4.4.1-r2 +# renovate: datasource=repology depName=alpine_3_21/musl-dev +ARG APK_MUSL_DEV_VERSION=1.2.5-r8 +# renovate: datasource=repology depName=alpine_3_21/openssh +ARG APK_OPENSSH_VERSION=9.9_p1-r2 +# renovate: datasource=pypi depName=yamllint +ARG PIP_YAMLLINT_VERSION=1.35.1 +# renovate: datasource=pypi depName=pip +ARG PIP_PIP_VERSION=25.0 +# renovate: datasource=pypi depName=virtualenv +ARG PIP_VIRTUALENV_VERSION=20.29.1 #ARG__END #################### @@ -62,16 +87,16 @@ WORKDIR / ############################################################################################# #APK__START RUN apk add --no-cache \ - bash \ - ca-certificates \ - curl \ - gcc \ - git \ - git-lfs \ - libffi-dev \ - make \ - musl-dev \ - openssh \ + bash=${APK_BASH_VERSION} \ + ca-certificates=${APK_CA_CERTIFICATES_VERSION} \ + curl=${APK_CURL_VERSION} \ + gcc=${APK_GCC_VERSION} \ + git=${APK_GIT_VERSION} \ + git-lfs=${APK_GIT_LFS_VERSION} \ + libffi-dev=${APK_LIBFFI_DEV_VERSION} \ + make=${APK_MAKE_VERSION} \ + musl-dev=${APK_MUSL_DEV_VERSION} \ + openssh=${APK_OPENSSH_VERSION} \ && git config --global core.autocrlf true #APK__END @@ -102,8 +127,8 @@ RUN mkdir -p ${GOPATH}/src ${GOPATH}/bin || true && \ ############################################################################################# #PIPVENV__START -RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir --upgrade pip virtualenv \ - && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint && deactivate && cd ./../.. \ +RUN PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir pip==${PIP_PIP_VERSION} virtualenv==${PIP_VIRTUALENV_VERSION} \ + && mkdir -p "/venvs/yamllint" && cd "/venvs/yamllint" && virtualenv . && source bin/activate && PYTHONDONTWRITEBYTECODE=1 pip3 install --no-cache-dir yamllint==${PIP_YAMLLINT_VERSION} && deactivate && cd ./../.. \ && find /venvs \( -type f \( -iname \*.pyc -o -iname \*.pyo \) -o -type d -iname __pycache__ \) -delete \ && rm -rf /root/.cache ENV PATH="${PATH}":/venvs/yamllint/bin @@ -149,7 +174,8 @@ ENV PATH="/node-deps/node_modules/.bin:${PATH}" \ ## @generated by .automation/build.py using descriptor files, please do not update manually ## ############################################################################################# #OTHER__START - +# yamllint installation +# #OTHER__END ################################ diff --git a/megalinter/Linter.py b/megalinter/Linter.py index d09518d704b..aaaa33cc906 100644 --- a/megalinter/Linter.py +++ b/megalinter/Linter.py @@ -1251,7 +1251,10 @@ def manage_docker_command(self, command): lambda arg, w=workspace_value: arg.replace("{{WORKSPACE}}", w), self.cli_docker_args, ) - docker_command += [f"{self.cli_docker_image}:{self.cli_docker_image_version}"] + docker_command += [ + f"{self.cli_docker_image}:" + + f"{os.environ.get(self.cli_docker_image_version, self.cli_docker_image_version)}" + ] if isinstance(command, str): command = " ".join(docker_command) + " " + command else: diff --git a/megalinter/constants.py b/megalinter/constants.py index 808af4bb728..7a2ab1f5110 100644 --- a/megalinter/constants.py +++ b/megalinter/constants.py @@ -24,17 +24,86 @@ DEFAULT_SARIF_VERSION = "2.1.0" DEFAULT_RELEASE = "v8" +DEFAULT_DOCKERFILE_ARGS = [ + "# renovate: datasource=repology depName=alpine_3_21/bash\nARG APK_BASH_VERSION=5.2.37-r0", + "# renovate: datasource=repology depName=alpine_3_21/ca-certificates\nARG APK_CA_CERTIFICATES_VERSION=20241121-r1", + "# renovate: datasource=repology depName=alpine_3_21/curl\nARG APK_CURL_VERSION=8.11.1-r0", + "# renovate: datasource=repology depName=alpine_3_21/gcc\nARG APK_GCC_VERSION=14.2.0-r4", + "# renovate: datasource=repology depName=alpine_3_21/git\nARG APK_GIT_VERSION=2.47.2-r0", + "# renovate: datasource=repology depName=alpine_3_21/git-lfs\nARG APK_GIT_LFS_VERSION=3.6.0-r1", + "# renovate: datasource=repology depName=alpine_3_21/libffi-dev\nARG APK_LIBFFI_DEV_VERSION=3.4.6-r0", + "# renovate: datasource=repology depName=alpine_3_21/make\nARG APK_MAKE_VERSION=4.4.1-r2", + "# renovate: datasource=repology depName=alpine_3_21/musl-dev\nARG APK_MUSL_DEV_VERSION=1.2.5-r8", + "# renovate: datasource=repology depName=alpine_3_21/openssh\nARG APK_OPENSSH_VERSION=9.9_p1-r2", +] + DEFAULT_DOCKERFILE_APK_PACKAGES = [ - "bash", - "ca-certificates", - "curl", - "gcc", - "git", - "git-lfs", - "libffi-dev", - "make", - "musl-dev", - "openssh", + "bash=${APK_BASH_VERSION}", + "ca-certificates=${APK_CA_CERTIFICATES_VERSION}", + "curl=${APK_CURL_VERSION}", + "gcc=${APK_GCC_VERSION}", + "git=${APK_GIT_VERSION}", + "git-lfs=${APK_GIT_LFS_VERSION}", + "libffi-dev=${APK_LIBFFI_DEV_VERSION}", + "make=${APK_MAKE_VERSION}", + "musl-dev=${APK_MUSL_DEV_VERSION}", + "openssh=${APK_OPENSSH_VERSION}", +] + +DEFAULT_DOCKERFILE_DOCKER_ARGS = [ + "# renovate: datasource=repology depName=alpine_3_21/docker\nARG APK_DOCKER_VERSION=27.3.1-r1", + "# renovate: datasource=repology depName=alpine_3_21/openrc\nARG APK_OPENRC_VERSION=0.55.1-r2", +] + +DEFAULT_DOCKERFILE_DOCKER_APK_PACKAGES = [ + "docker=${APK_DOCKER_VERSION}", + "openrc=${APK_OPENRC_VERSION}", +] + +DEFAULT_DOCKERFILE_NPM_ARGS = [ + "# renovate: datasource=repology depName=alpine_3_21/npm\nARG APK_NPM_VERSION=10.9.1-r0", + "# renovate: datasource=repology depName=alpine_3_21/nodejs-current\nARG APK_NODEJS_CURRENT_VERSION=23.2.0-r1", + "# renovate: datasource=repology depName=alpine_3_21/yarn\nARG APK_YARN_VERSION=1.22.22-r1", +] + +DEFAULT_DOCKERFILE_NPM_APK_PACKAGES = [ + "npm=${APK_NPM_VERSION}", + "nodejs-current=${APK_NODEJS_CURRENT_VERSION}", + "yarn=${APK_YARN_VERSION}", +] + +DEFAULT_DOCKERFILE_GEM_ARGS = [ + "# renovate: datasource=repology depName=alpine_3_21/ruby\nARG APK_RUBY_VERSION=3.3.6-r0", + "# renovate: datasource=repology depName=alpine_3_21/ruby-dev\nARG APK_RUBY_DEV_VERSION=3.3.6-r0", + "# renovate: datasource=repology depName=alpine_3_21/ruby-bundler\nARG APK_RUBY_BUNDLER_VERSION=2.5.23-r0", + "# renovate: datasource=repology depName=alpine_3_21/ruby-rdoc\nARG APK_RUBY_RDOC_VERSION=3.3.6-r0", +] + +DEFAULT_DOCKERFILE_GEM_APK_PACKAGES = [ + "ruby=${APK_RUBY_VERSION}", + "ruby-dev=${APK_RUBY_DEV_VERSION}", + "ruby-bundler=${APK_RUBY_BUNDLER_VERSION}", + "ruby-rdoc=${APK_RUBY_RDOC_VERSION}", +] + +DEFAULT_DOCKERFILE_PIP_ARGS = [ + "# renovate: datasource=pypi depName=pip\nARG PIP_PIP_VERSION=25.0", +] + +DEFAULT_DOCKERFILE_PIPENV_ARGS = [ + "# renovate: datasource=pypi depName=virtualenv\nARG PIP_VIRTUALENV_VERSION=20.29.1", +] + +DEFAULT_DOCKERFILE_RUST_ARGS = [ + "# renovate: datasource=github-tags depName=rust-lang/rust\nARG RUST_RUST_VERSION=1.84.0", +] + +DEFAULT_DOCKERFILE_FLAVOR_ARGS = [ + "# renovate: datasource=crate depName=sarif-fmt\nARG CARGO_SARIF_FMT_VERSION=0.7.0", +] + +DEFAULT_DOCKERFILE_FLAVOR_CARGO_PACKAGES = [ + "sarif-fmt@${CARGO_SARIF_FMT_VERSION}", ] OX_MARKDOWN_LINK = ( diff --git a/megalinter/descriptors/action.megalinter-descriptor.yml b/megalinter/descriptors/action.megalinter-descriptor.yml index 92f6c1eb6e3..1a9b1c2cea4 100644 --- a/megalinter/descriptors/action.megalinter-descriptor.yml +++ b/megalinter/descriptors/action.megalinter-descriptor.yml @@ -26,11 +26,14 @@ linters: install: # actionlint requires shellcheck and pyflakes apk: - - py3-pyflakes + - py3-pyflakes=${APK_PY3_PYFLAKES_VERSION} dockerfile: - |- # renovate: datasource=docker depName=rhysd/actionlint ARG ACTION_ACTIONLINT_VERSION=1.7.7 + - |- + # renovate: datasource=repology depName=alpine_3_21/py3-pyflakes + ARG APK_PY3_PYFLAKES_VERSION=3.2.0-r1 - |- # renovate: datasource=docker depName=koalaman/shellcheck ARG BASH_SHELLCHECK_VERSION=v0.10.0 diff --git a/megalinter/descriptors/ansible.megalinter-descriptor.yml b/megalinter/descriptors/ansible.megalinter-descriptor.yml index 32380bb4689..1b6aed7b78a 100644 --- a/megalinter/descriptors/ansible.megalinter-descriptor.yml +++ b/megalinter/descriptors/ansible.megalinter-descriptor.yml @@ -38,5 +38,9 @@ linters: - "ansible-lint -v" - "ansible-lint -v -c .ansible-lint" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=ansible-lint + ARG PIP_ANSIBLE_LINT_VERSION=25.1.0 pip: - - ansible-lint + - ansible-lint==${PIP_ANSIBLE_LINT_VERSION} diff --git a/megalinter/descriptors/api.megalinter-descriptor.yml b/megalinter/descriptors/api.megalinter-descriptor.yml index 5900b6cd57b..9be2a6039f2 100644 --- a/megalinter/descriptors/api.megalinter-descriptor.yml +++ b/megalinter/descriptors/api.megalinter-descriptor.yml @@ -33,8 +33,12 @@ linters: - "spectral lint -r .spectral.yaml myfile.yml" test_folder: api install: + dockerfile: + - |- + # renovate: datasource=npm depName=@stoplight/spectral-cli + ARG NPM_SPECTRAL_CLI_VERSION=6.14.2 npm: - - "@stoplight/spectral-cli" + - "@stoplight/spectral-cli@${NPM_SPECTRAL_CLI_VERSION}" ide: stoplight: - name: Native integration diff --git a/megalinter/descriptors/arm.megalinter-descriptor.yml b/megalinter/descriptors/arm.megalinter-descriptor.yml index 5bdc4919708..2b4f91b1960 100644 --- a/megalinter/descriptors/arm.megalinter-descriptor.yml +++ b/megalinter/descriptors/arm.megalinter-descriptor.yml @@ -9,8 +9,11 @@ file_contains_regex: - 'schema\.management\.azure\.com' install: apk: - - icu-libs + - icu-libs=${APK_ICU_LIBS_VERSION} dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/icu-libs + ARG APK_ICU_LIBS_VERSION=74.2-r0 - | # renovate: datasource=github-tags depName=PowerShell/PowerShell ARG POWERSHELL_VERSION=7.5.0 diff --git a/megalinter/descriptors/bash.megalinter-descriptor.yml b/megalinter/descriptors/bash.megalinter-descriptor.yml index d9e1bb7ca26..1675bff0016 100644 --- a/megalinter/descriptors/bash.megalinter-descriptor.yml +++ b/megalinter/descriptors/bash.megalinter-descriptor.yml @@ -20,7 +20,11 @@ file_contains_regex: - "^#!/bin/sh" install: apk: - - bash + - bash=${APK_BASH_VERSION} + dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/bash + ARG APK_BASH_VERSION=5.2.37-r0 test_folder: shell linters: # Bash Built in Linter @@ -82,8 +86,11 @@ linters: - "shellcheck --color=auto --external-sources myfile.sh" install: cargo: - - shellcheck-sarif + - shellcheck-sarif@${CARGO_SHELLCHECK_SARIF_VERSION} dockerfile: + - |- + # renovate: datasource=crate depName=shellcheck-sarif + ARG CARGO_SHELLCHECK_SARIF_VERSION=0.7.0 # Also update shellcheck version in action.megalinter-descriptor.yml - |- # renovate: datasource=docker depName=koalaman/shellcheck diff --git a/megalinter/descriptors/bicep.megalinter-descriptor.yml b/megalinter/descriptors/bicep.megalinter-descriptor.yml index 63f1716dcd2..5692b5f7191 100644 --- a/megalinter/descriptors/bicep.megalinter-descriptor.yml +++ b/megalinter/descriptors/bicep.megalinter-descriptor.yml @@ -33,8 +33,11 @@ linters: az bicep build -f infra.bicep install: apk: - - icu-libs + - icu-libs=${APK_ICU_LIBS_VERSION} dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/icu-libs + ARG APK_ICU_LIBS_VERSION=74.2-r0 - |- # renovate: datasource=github-tags depName=Azure/bicep ARG BICEP_VERSION=0.33.13 diff --git a/megalinter/descriptors/c.megalinter-descriptor.yml b/megalinter/descriptors/c.megalinter-descriptor.yml index 7ee86609b44..860b8569b7b 100644 --- a/megalinter/descriptors/c.megalinter-descriptor.yml +++ b/megalinter/descriptors/c.megalinter-descriptor.yml @@ -24,8 +24,12 @@ linters: examples: - "cpplint myfile.cpp" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=cpplint + ARG PIP_CPPLINT_VERSION=2.0.0 pip: - - cpplint + - cpplint==${PIP_CPPLINT_VERSION} # clang-format - linter_name: clang-format name: C_CLANG_FORMAT @@ -52,7 +56,11 @@ linters: - "clang-format --Werror --dry-run myfile.c" install: apk: - - clang19-extra-tools + - clang19-extra-tools=${APK_CLANG19_EXTRA_TOOLS_VERSION} + dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/clang19-extra-tools + ARG APK_CLANG19_EXTRA_TOOLS_VERSION=19.1.4-r0 ide: vscode: - name: Clang-Format diff --git a/megalinter/descriptors/clojure.megalinter-descriptor.yml b/megalinter/descriptors/clojure.megalinter-descriptor.yml index a6248d11671..cf7a5404072 100644 --- a/megalinter/descriptors/clojure.megalinter-descriptor.yml +++ b/megalinter/descriptors/clojure.megalinter-descriptor.yml @@ -10,14 +10,19 @@ file_extensions: - ".edn" install: dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/ca-certificates + ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 + - |- + # renovate: datasource=github-tags depName=sgerrand/alpine-pkg-glibc + ARG ALPINE_GLIBC_PACKAGE_VERSION=2.34-r0 - ENV LANG=C.UTF-8 - | RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \ - ALPINE_GLIBC_PACKAGE_VERSION="2.34-r0" && \ ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ - apk add --no-cache --virtual=.build-dependencies wget ca-certificates && \ + apk add --no-cache --virtual=.build-dependencies wget ca-certificates=${APK_CA_CERTIFICATES_VERSION} && \ echo \ "-----BEGIN PUBLIC KEY-----\ MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2u1KJKUu/fW4A25y9m\ diff --git a/megalinter/descriptors/cloudformation.megalinter-descriptor.yml b/megalinter/descriptors/cloudformation.megalinter-descriptor.yml index de693a19fcb..8735f5e7bc1 100644 --- a/megalinter/descriptors/cloudformation.megalinter-descriptor.yml +++ b/megalinter/descriptors/cloudformation.megalinter-descriptor.yml @@ -31,8 +31,12 @@ linters: - "cfn-lint myfile.yml" - "cfn-lint --config-file .cfnlintrc.yml myfile.yml" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=cfn-lint + ARG PIP_CFN_LINT_VERSION=1.22.7 pip: - - cfn-lint[sarif] + - cfn-lint[sarif]==${PIP_CFN_LINT_VERSION} ide: atom: - name: atom-cfn-lint diff --git a/megalinter/descriptors/coffee.megalinter-descriptor.yml b/megalinter/descriptors/coffee.megalinter-descriptor.yml index 974c470f32c..a93bd30f0a5 100644 --- a/megalinter/descriptors/coffee.megalinter-descriptor.yml +++ b/megalinter/descriptors/coffee.megalinter-descriptor.yml @@ -18,8 +18,12 @@ linters: - "coffeelint myfile.coffee" - "coffeelint -f .coffee-lint.json myfile.coffee" install: + dockerfile: + - |- + # renovate: datasource=npm depName=@coffeelint/cli + ARG NPM_COFFEELINT_CLI_VERSION=5.2.11 npm: - - "@coffeelint/cli" + - "@coffeelint/cli@${NPM_COFFEELINT_CLI_VERSION}" ide: atom: - name: linter-coffeelint diff --git a/megalinter/descriptors/copypaste.megalinter-descriptor.yml b/megalinter/descriptors/copypaste.megalinter-descriptor.yml index 366059fe613..2da9e087ac8 100644 --- a/megalinter/descriptors/copypaste.megalinter-descriptor.yml +++ b/megalinter/descriptors/copypaste.megalinter-descriptor.yml @@ -51,9 +51,9 @@ linters: - "jscpd --output ./report/copy-paste/ ." - "jscpd --output ./report/copy-paste/ -c .jscpd.json ." install: - apk: - - nodejs - - npm - - yarn + dockerfile: + - |- + # renovate: datasource=npm depName=jscpd + ARG NPM_JSCPD_VERSION=4.0.5 npm: - - jscpd + - jscpd@${NPM_JSCPD_VERSION} diff --git a/megalinter/descriptors/cpp.megalinter-descriptor.yml b/megalinter/descriptors/cpp.megalinter-descriptor.yml index a6aacab1a36..e2a41a07ec4 100644 --- a/megalinter/descriptors/cpp.megalinter-descriptor.yml +++ b/megalinter/descriptors/cpp.megalinter-descriptor.yml @@ -34,8 +34,12 @@ linters: examples: - "cpplint myfile.cpp" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=cpplint + ARG PIP_CPPLINT_VERSION=2.0.0 pip: - - cpplint + - cpplint==${PIP_CPPLINT_VERSION} # clang-format - linter_name: clang-format name: CPP_CLANG_FORMAT @@ -62,7 +66,11 @@ linters: - "clang-format --Werror --dry-run myfile.cpp" install: apk: - - clang19-extra-tools + - clang19-extra-tools=${APK_CLANG19_EXTRA_TOOLS_VERSION} + dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/clang19-extra-tools + ARG APK_CLANG19_EXTRA_TOOLS_VERSION=19.1.4-r0 ide: vscode: - name: Clang-Format diff --git a/megalinter/descriptors/csharp.megalinter-descriptor.yml b/megalinter/descriptors/csharp.megalinter-descriptor.yml index b927f44d67b..8e5f1de7c0a 100644 --- a/megalinter/descriptors/csharp.megalinter-descriptor.yml +++ b/megalinter/descriptors/csharp.megalinter-descriptor.yml @@ -9,7 +9,10 @@ file_extensions: - ".cs" install: dockerfile: - - RUN apk add --no-cache dotnet9-sdk + - |- + # renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk + ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 + - RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} - ENV PATH="${PATH}:/root/.dotnet/tools" linters: # DOTNET FORMAT diff --git a/megalinter/descriptors/css.megalinter-descriptor.yml b/megalinter/descriptors/css.megalinter-descriptor.yml index fda51b9aa6e..c6ab66ceab2 100644 --- a/megalinter/descriptors/css.megalinter-descriptor.yml +++ b/megalinter/descriptors/css.megalinter-descriptor.yml @@ -27,11 +27,29 @@ linters: - "stylelint --config .stylelintrc.json myfile.css myfile2.css myfile3.css" - "stylelint --fix --config .stylelintrc.json myfile.css myfile2.css myfile3.css" install: + dockerfile: + - |- + # renovate: datasource=npm depName=stylelint + ARG NPM_STYLELINT_VERSION=16.14.0 + - |- + # renovate: datasource=npm depName=stylelint-config-standard + ARG NPM_STYLELINT_CONFIG_STANDARD_VERSION=37.0.0 + - |- + # renovate: datasource=npm depName=stylelint-config-sass-guidelines + ARG NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION=12.1.0 + - |- + # renovate: datasource=npm depName=stylelint-scss + ARG NPM_STYLELINT_SCSS_VERSION=6.10.1 + - |- + # renovate: datasource=pypi depName=cpplint + ARG PIP_CPPLINT_VERSION=2.0.0 npm: - - stylelint - - stylelint-config-standard - - stylelint-config-sass-guidelines - - stylelint-scss + - stylelint@${NPM_STYLELINT_VERSION} + - stylelint-config-standard@${NPM_STYLELINT_CONFIG_STANDARD_VERSION} + - stylelint-config-sass-guidelines@${NPM_STYLELINT_CONFIG_SASS_GUIDELINES_VERSION} + - stylelint-scss@${NPM_STYLELINT_SCSS_VERSION} + pip: + - cpplint==${PIP_CPPLINT_VERSION} ide: atom: - name: linter-stylelint diff --git a/megalinter/descriptors/dart.megalinter-descriptor.yml b/megalinter/descriptors/dart.megalinter-descriptor.yml index 7987490aca3..cd4b00bf818 100644 --- a/megalinter/descriptors/dart.megalinter-descriptor.yml +++ b/megalinter/descriptors/dart.megalinter-descriptor.yml @@ -4,14 +4,19 @@ file_extensions: - ".dart" install: dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/ca-certificates + ARG APK_CA_CERTIFICATES_VERSION=20241121-r1 + - |- + # renovate: datasource=github-tags depName=sgerrand/alpine-pkg-glibc + ARG ALPINE_GLIBC_PACKAGE_VERSION=2.34-r0 - ENV LANG=C.UTF-8 - | RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \ - ALPINE_GLIBC_PACKAGE_VERSION="2.34-r0" && \ ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \ - apk add --no-cache --virtual=.build-dependencies wget ca-certificates && \ + apk add --no-cache --virtual=.build-dependencies wget ca-certificates=${APK_CA_CERTIFICATES_VERSION} && \ echo \ "-----BEGIN PUBLIC KEY-----\ MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2u1KJKUu/fW4A25y9m\ diff --git a/megalinter/descriptors/gherkin.megalinter-descriptor.yml b/megalinter/descriptors/gherkin.megalinter-descriptor.yml index 7ece7df16d0..d8870ce02bb 100644 --- a/megalinter/descriptors/gherkin.megalinter-descriptor.yml +++ b/megalinter/descriptors/gherkin.megalinter-descriptor.yml @@ -19,5 +19,9 @@ linters: - "gherkin-lint myfile.feature" - "gherkin-lint -c .gherkin-lintrc myfile.feature" install: + dockerfile: + - |- + # renovate: datasource=npm depName=gherkin-lint + ARG NPM_GHERKIN_LINT_VERSION=4.2.4 npm: - - gherkin-lint + - gherkin-lint@${NPM_GHERKIN_LINT_VERSION} diff --git a/megalinter/descriptors/go.megalinter-descriptor.yml b/megalinter/descriptors/go.megalinter-descriptor.yml index 468b9db51a0..1868ab8b6d9 100644 --- a/megalinter/descriptors/go.megalinter-descriptor.yml +++ b/megalinter/descriptors/go.megalinter-descriptor.yml @@ -7,7 +7,11 @@ file_extensions: - ".go" install: apk: - - go + - go=${APK_GO_VERSION} + dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/go + ARG APK_GO_VERSION=1.23.5-r0 test_folder: golang linters: # GOLANG CI LINT diff --git a/megalinter/descriptors/graphql.megalinter-descriptor.yml b/megalinter/descriptors/graphql.megalinter-descriptor.yml index 6f91afcc674..e9a440fa296 100644 --- a/megalinter/descriptors/graphql.megalinter-descriptor.yml +++ b/megalinter/descriptors/graphql.megalinter-descriptor.yml @@ -20,6 +20,13 @@ linters: examples: - "graphql-schema-linter myfile.graphql" install: + dockerfile: + - |- + # renovate: datasource=npm depName=graphql + ARG NPM_GRAPHQL_VERSION=16.10.0 + - |- + # renovate: datasource=npm depName=graphql-schema-linter + ARG NPM_GRAPHQL_SCHEMA_LINTER_VERSION=3.0.1 npm: - - graphql - - graphql-schema-linter + - graphql@${NPM_GRAPHQL_VERSION} + - graphql-schema-linter@${NPM_GRAPHQL_SCHEMA_LINTER_VERSION} diff --git a/megalinter/descriptors/groovy.megalinter-descriptor.yml b/megalinter/descriptors/groovy.megalinter-descriptor.yml index 7ab302efe18..6a405b003e2 100644 --- a/megalinter/descriptors/groovy.megalinter-descriptor.yml +++ b/megalinter/descriptors/groovy.megalinter-descriptor.yml @@ -42,11 +42,17 @@ linters: downgraded_reason: https://github.com/oxsecurity/megalinter/issues/4414 install: apk: - - openjdk17 + - openjdk17=${APK_OPENJDK17_VERSION} dockerfile: - ENV JAVA_HOME_17=/usr/lib/jvm/java-17-openjdk + - |- + # renovate: datasource=repology depName=alpine_3_21/openjdk17 + ARG APK_OPENJDK17_VERSION=17.0.13_p11-r0 + - |- + # renovate: datasource=npm depName=npm-groovy-lint + ARG NPM_GROOVY_LINT_VERSION=15.0.0 npm: - - npm-groovy-lint@15.0.0 + - npm-groovy-lint@${NPM_GROOVY_LINT_VERSION} ide: vscode: - name: VSCode Groovy Lint diff --git a/megalinter/descriptors/html.megalinter-descriptor.yml b/megalinter/descriptors/html.megalinter-descriptor.yml index 9f6004fe21c..bd6d16bce5b 100644 --- a/megalinter/descriptors/html.megalinter-descriptor.yml +++ b/megalinter/descriptors/html.megalinter-descriptor.yml @@ -34,8 +34,12 @@ linters: examples: - "djlint myfile1.html myfile2.html" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=djlint + ARG PIP_DJLINT_VERSION=1.36.4 pip: - - djlint + - djlint==${PIP_DJLINT_VERSION} ide: sublime: - name: SublimeLinter-contrib-djlint @@ -61,8 +65,12 @@ linters: - "htmlhint myfile.html" - "htmlhint --config .htmlhintrc myfile.html" install: + dockerfile: + - |- + # renovate: datasource=npm depName=htmlhint + ARG NPM_HTMLHINT_VERSION=1.1.4 npm: - - htmlhint + - htmlhint@${NPM_HTMLHINT_VERSION} ide: atom: - name: atom-htmlhint diff --git a/megalinter/descriptors/java.megalinter-descriptor.yml b/megalinter/descriptors/java.megalinter-descriptor.yml index a26ad8c9205..e3bd15fc723 100644 --- a/megalinter/descriptors/java.megalinter-descriptor.yml +++ b/megalinter/descriptors/java.megalinter-descriptor.yml @@ -7,10 +7,13 @@ file_extensions: - ".java" install: apk: - - openjdk21 + - openjdk21=${APK_OPENJDK21_VERSION} dockerfile: - ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk - ENV PATH="$JAVA_HOME/bin:${PATH}" + - |- + # renovate: datasource=repology depName=alpine_3_21/openjdk21 + ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 linters: # Java Checkstyle - linter_name: checkstyle diff --git a/megalinter/descriptors/javascript.megalinter-descriptor.yml b/megalinter/descriptors/javascript.megalinter-descriptor.yml index b35cc688089..7925240da75 100644 --- a/megalinter/descriptors/javascript.megalinter-descriptor.yml +++ b/megalinter/descriptors/javascript.megalinter-descriptor.yml @@ -56,20 +56,60 @@ linters: - "eslint -c .eslintrc.json --no-eslintrc --no-ignore myfile.js" - "eslint --fix -c .eslintrc.json --no-eslintrc --no-ignore myfile.js" install: + dockerfile: + - |- + # renovate: datasource=npm depName=eslint + ARG NPM_ESLINT_VERSION=8.57.0 + - |- + # renovate: datasource=npm depName=eslint-config-airbnb + ARG NPM_ESLINT_CONFIG_AIRBNB_VERSION=19.0.4 + - |- + # renovate: datasource=npm depName=eslint-config-prettier + ARG NPM_ESLINT_CONFIG_PRETTIER_VERSION=10.0.1 + - |- + # renovate: datasource=npm depName=eslint-config-standard + ARG NPM_ESLINT_CONFIG_STANDARD_VERSION=17.1.0 + - |- + # renovate: datasource=npm depName=eslint-plugin-import + ARG NPM_ESLINT_PLUGIN_IMPORT_VERSION=2.31.0 + - |- + # renovate: datasource=npm depName=eslint-plugin-jest + ARG NPM_ESLINT_PLUGIN_JEST_VERSION=28.11.0 + - |- + # renovate: datasource=npm depName=eslint-plugin-node + ARG NPM_ESLINT_PLUGIN_NODE_VERSION=11.1.0 + - |- + # renovate: datasource=npm depName=eslint-plugin-prettier + ARG NPM_ESLINT_PLUGIN_PRETTIER_VERSION=5.2.3 + - |- + # renovate: datasource=npm depName=eslint-plugin-promise + ARG NPM_ESLINT_PLUGIN_PROMISE_VERSION=6.6.0 + - |- + # renovate: datasource=npm depName=eslint-plugin-vue + ARG NPM_ESLINT_PLUGIN_VUE_VERSION=9.32.0 + - |- + # renovate: datasource=npm depName=@babel/core + ARG NPM_BABEL_CORE_VERSION=7.26.7 + - |- + # renovate: datasource=npm depName=@babel/eslint-parser + ARG NPM_BABEL_ESLINT_PARSER_VERSION=7.26.5 + - |- + # renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif + ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 npm: - - eslint - - eslint-config-airbnb - - eslint-config-prettier - - eslint-config-standard - - eslint-plugin-import - - eslint-plugin-jest - - eslint-plugin-node - - eslint-plugin-prettier - - eslint-plugin-promise - - eslint-plugin-vue - - "@babel/core" - - "@babel/eslint-parser" - - "@microsoft/eslint-formatter-sarif" + - eslint@${NPM_ESLINT_VERSION} + - eslint-config-airbnb@${NPM_ESLINT_CONFIG_AIRBNB_VERSION} + - eslint-config-prettier@${NPM_ESLINT_CONFIG_PRETTIER_VERSION} + - eslint-config-standard@${NPM_ESLINT_CONFIG_STANDARD_VERSION} + - eslint-plugin-import@${NPM_ESLINT_PLUGIN_IMPORT_VERSION} + - eslint-plugin-jest@${NPM_ESLINT_PLUGIN_JEST_VERSION} + - eslint-plugin-node@${NPM_ESLINT_PLUGIN_NODE_VERSION} + - eslint-plugin-prettier@${NPM_ESLINT_PLUGIN_PRETTIER_VERSION} + - eslint-plugin-promise@${NPM_ESLINT_PLUGIN_PROMISE_VERSION} + - eslint-plugin-vue@${NPM_ESLINT_PLUGIN_VUE_VERSION} + - "@babel/core@${NPM_BABEL_CORE_VERSION}" + - "@babel/eslint-parser@${NPM_BABEL_ESLINT_PARSER_VERSION}" + - "@microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION}" ide: atom: - name: linter-eslint @@ -118,8 +158,12 @@ linters: - "standard myfile.js" - "standard --fix myfile.js" install: + dockerfile: + - |- + # renovate: datasource=npm depName=standard + ARG NPM_STANDARD_VERSION=17.1.2 npm: - - standard + - standard@${NPM_STANDARD_VERSION} ide: atom: - name: linter-js-standard @@ -172,8 +216,12 @@ linters: - "prettier --config .prettierrc.json --check myfile.js" - "prettier --config .prettierrc.json --write myfile.js" # format install: + dockerfile: + - |- + # renovate: datasource=npm depName=prettier + ARG NPM_PRETTIER_VERSION=3.4.2 npm: - - "prettier" + - "prettier@${NPM_PRETTIER_VERSION}" ide: atom: - name: prettier-atom diff --git a/megalinter/descriptors/json.megalinter-descriptor.yml b/megalinter/descriptors/json.megalinter-descriptor.yml index 2986031b134..6b77c8bbcee 100644 --- a/megalinter/descriptors/json.megalinter-descriptor.yml +++ b/megalinter/descriptors/json.megalinter-descriptor.yml @@ -22,8 +22,12 @@ linters: examples: - "jsonlint myfile1.json myfile2.json" install: + dockerfile: + - |- + # renovate: datasource=npm depName=@prantlf/jsonlint + ARG NPM_PRANTLF_JSONLINT_VERSION=16.0.0 npm: - - "@prantlf/jsonlint" + - "@prantlf/jsonlint@${NPM_PRANTLF_JSONLINT_VERSION}" # ESLINT-PLUGIN-JSONC - class: EslintLinter disabled: true @@ -126,10 +130,20 @@ linters: - "eslint -c .eslintrc-json.json --no-eslintrc --no-ignore myfile.jsonc" - "eslint --fix -c .eslintrc-json.json --no-eslintrc --no-ignore myfile.json" install: + dockerfile: + - |- + # renovate: datasource=npm depName=eslint + ARG NPM_ESLINT_VERSION=8.57.0 + - |- + # renovate: datasource=npm depName=eslint-plugin-jsonc + ARG NPM_ESLINT_PLUGIN_JSONC_VERSION=2.19.1 + - |- + # renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif + ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 npm: - - eslint - - eslint-plugin-jsonc - - "@microsoft/eslint-formatter-sarif" + - eslint@${NPM_ESLINT_VERSION} + - eslint-plugin-jsonc@${NPM_ESLINT_PLUGIN_JSONC_VERSION} + - "@microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION}" ide: vscode: - name: vscode-eslint @@ -150,8 +164,12 @@ linters: examples: - "v8r --ignore-errors myfile.json" install: + dockerfile: + - |- + # renovate: datasource=npm depName=v8r + ARG NPM_V8R_VERSION=4.2.1 npm: - - v8r + - v8r@${NPM_V8R_VERSION} ide: eclipse: - name: native support @@ -188,8 +206,12 @@ linters: - "prettier --config .prettierrc.json --check myfile.json" - "prettier --config .prettierrc.json --write myfile.json" # format install: + dockerfile: + - |- + # renovate: datasource=npm depName=prettier + ARG NPM_PRETTIER_VERSION=3.4.2 npm: - - "prettier" + - "prettier@${NPM_PRETTIER_VERSION}" ide: atom: - name: prettier-atom @@ -255,6 +277,13 @@ linters: - "npmPkgJsonLint ." - "npmPkgJsonLint --configFile .npmpackagejsonlintrc.json ." install: + dockerfile: + - |- + # renovate: datasource=npm depName=npm-package-json-lint + ARG NPM_PACKAGE_JSON_LINT_VERSION=8.0.0 + - |- + # renovate: datasource=npm depName=npm-package-json-lint-config-default + ARG NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION=7.0.1 npm: - - "npm-package-json-lint" - - "npm-package-json-lint-config-default" + - "npm-package-json-lint@${NPM_PACKAGE_JSON_LINT_VERSION}" + - "npm-package-json-lint-config-default@${NPM_PACKAGE_JSON_LINT_CONFIG_DEFAULT_VERSION}" diff --git a/megalinter/descriptors/jsx.megalinter-descriptor.yml b/megalinter/descriptors/jsx.megalinter-descriptor.yml index e96703752ea..55e6aaa26fa 100644 --- a/megalinter/descriptors/jsx.megalinter-descriptor.yml +++ b/megalinter/descriptors/jsx.megalinter-descriptor.yml @@ -51,11 +51,24 @@ linters: - "eslint -c .eslintrc.json --no-eslintrc --no-ignore myfile.jsx" - "eslint --fix -c .eslintrc.json --no-eslintrc --no-ignore myfile.jsx" install: + dockerfile: + - |- + # renovate: datasource=npm depName=eslint + ARG NPM_ESLINT_VERSION=8.57.0 + - |- + # renovate: datasource=npm depName=eslint-plugin-react + ARG NPM_ESLINT_PLUGIN_REACT_VERSION=7.37.4 + - |- + # renovate: datasource=npm depName=eslint-plugin-jsx-a11y + ARG NPM_ESLINT_PLUGIN_JSX_ALLY_VERSION=6.10.2 + - |- + # renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif + ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 npm: - - eslint - - eslint-plugin-react - - eslint-plugin-jsx-a11y - - "@microsoft/eslint-formatter-sarif" + - eslint@${NPM_ESLINT_VERSION} + - eslint-plugin-react@${NPM_ESLINT_PLUGIN_REACT_VERSION} + - eslint-plugin-jsx-a11y@${NPM_ESLINT_PLUGIN_JSX_ALLY_VERSION} + - "@microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION}" ide: atom: - name: linter-eslint diff --git a/megalinter/descriptors/kotlin.megalinter-descriptor.yml b/megalinter/descriptors/kotlin.megalinter-descriptor.yml index 13c12cbb36d..b808728a5d3 100644 --- a/megalinter/descriptors/kotlin.megalinter-descriptor.yml +++ b/megalinter/descriptors/kotlin.megalinter-descriptor.yml @@ -8,10 +8,13 @@ file_extensions: - ".kts" install: apk: - - openjdk21 + - openjdk21=${APK_OPENJDK21_VERSION} dockerfile: - ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk - ENV PATH="$JAVA_HOME/bin:${PATH}" + - |- + # renovate: datasource=repology depName=alpine_3_21/openjdk21 + ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 linters: # KTLINT - linter_name: ktlint diff --git a/megalinter/descriptors/kubernetes.megalinter-descriptor.yml b/megalinter/descriptors/kubernetes.megalinter-descriptor.yml index 1726d1b85d3..8e2aa8d4766 100644 --- a/megalinter/descriptors/kubernetes.megalinter-descriptor.yml +++ b/megalinter/descriptors/kubernetes.megalinter-descriptor.yml @@ -68,7 +68,11 @@ linters: - helm lint --with-subcharts . install: apk: - - helm + - helm=${APK_HELM_VERSION} + dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/helm + ARG APK_HELM_VERSION=3.16.3-r1 # KUBESCAPE - linter_name: kubescape name: KUBERNETES_KUBESCAPE @@ -108,11 +112,19 @@ linters: downgraded_reason: https://github.com/kubescape/kubescape/issues/1366 install: apk: - - curl - - gcompat - - libc6-compat - - libstdc++ + - curl=${APK_CURL_VERSION} + - gcompat=${APK_GCOMPAT_VERSION} + - libstdc++=${APK_LIBSTDC_VERSION} dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/curl + ARG APK_CURL_VERSION=8.11.1-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/gcompat + ARG APK_GCOMPAT_VERSION=1.1.0-r4 + - |- + # renovate: datasource=repology depName=alpine_3_21/libstdc++ + ARG APK_LIBSTDC_VERSION=14.2.0-r4 - |- # renovate: datasource=github-tags depName=kubescape/kubescape ARG KUBERNETES_KUBESCAPE_VERSION=2.9.0 diff --git a/megalinter/descriptors/lua.megalinter-descriptor.yml b/megalinter/descriptors/lua.megalinter-descriptor.yml index 628d06e77e1..1bb50f7743c 100644 --- a/megalinter/descriptors/lua.megalinter-descriptor.yml +++ b/megalinter/descriptors/lua.megalinter-descriptor.yml @@ -4,8 +4,11 @@ file_extensions: - ".lua" install: apk: - - readline-dev + - readline-dev=${APK_READLINE_DEV_VERSION} dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/readline-dev + ARG APK_READLINE_DEV_VERSION=8.2.13-r0 - | RUN wget --tries=5 https://www.lua.org/ftp/lua-5.3.5.tar.gz -O - -q | tar -xzf - \ && cd lua-5.3.5 \ @@ -28,8 +31,11 @@ linters: - "luacheck --config .chktexrc myfile.lua" install: apk: - - openssl + - openssl=${APK_OPENSSL_VERSION} dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/openssl + ARG APK_OPENSSL_VERSION=3.3.2-r4 - | # renovate: datasource=github-tags depName=cvega/luarocks ARG LUA_LUACHECK_VERSION=3.3.1 @@ -77,11 +83,11 @@ linters: - "selene --config chktexrc.toml myfile.lua" install: cargo: - - selene@${LUA_SELENE_VERSION} + - selene@${CARGO_SELENE_VERSION} dockerfile: - |- # renovate: datasource=crate depName=selene - ARG LUA_SELENE_VERSION=0.28.0 + ARG CARGO_SELENE_VERSION=0.28.0 ide: neovim: - name: @@ -114,11 +120,11 @@ linters: - "stylua --config-path chktexrc.toml --check myfile.lua" install: cargo: - - stylua@${LUA_STYLUA_VERSION} + - stylua@${CARGO_STYLUA_VERSION} dockerfile: - |- # renovate: datasource=crate depName=stylua - ARG LUA_STYLUA_VERSION=2.0.0 + ARG CARGO_STYLUA_VERSION=2.0.0 ide: neovim: - name: diff --git a/megalinter/descriptors/makefile.megalinter-descriptor.yml b/megalinter/descriptors/makefile.megalinter-descriptor.yml index 88bcc243056..ac669c921db 100644 --- a/megalinter/descriptors/makefile.megalinter-descriptor.yml +++ b/megalinter/descriptors/makefile.megalinter-descriptor.yml @@ -34,7 +34,10 @@ linters: # It may not be a real dependency, like their pandoc mention in the README, # that is not included in the docker image they provide. apk: - - make + - make=${APK_MAKE_VERSION} dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/make + ARG APK_MAKE_VERSION=4.4.1-r2 - FROM mrtazz/checkmake:latest AS checkmake - COPY --link --from=checkmake /checkmake /usr/bin/checkmake diff --git a/megalinter/descriptors/markdown.megalinter-descriptor.yml b/megalinter/descriptors/markdown.megalinter-descriptor.yml index 8171dec806b..799af66ce9c 100644 --- a/megalinter/descriptors/markdown.megalinter-descriptor.yml +++ b/megalinter/descriptors/markdown.megalinter-descriptor.yml @@ -38,8 +38,12 @@ linters: - "markdownlint -c .markdownlint.json myfile.md" - "markdownlint --fix -c .markdownlint.json myfile.md" install: + dockerfile: + - |- + # renovate: datasource=npm depName=markdownlint-cli + ARG NPM_MARKDOWNLINT_CLI_VERSION=0.44.0 npm: - - markdownlint-cli + - markdownlint-cli@${NPM_MARKDOWNLINT_CLI_VERSION} ide: atom: - name: linter-node-markdownlint @@ -83,9 +87,16 @@ linters: - "remark --frail --rc-path .remarkrc myfile.md" - "remark --frail -o --rc-path .remarkrc myfile.md" install: + dockerfile: + - |- + # renovate: datasource=npm depName=remark-cli + ARG NPM_REMARK_CLI_VERSION=12.0.1 + - |- + # renovate: datasource=npm depName=remark-preset-lint-recommended + ARG NPM_REMARK_PRESET_LINT_RECOMMENDED_VERSION=7.0.0 npm: - - remark-cli - - remark-preset-lint-recommended + - remark-cli@${NPM_REMARK_CLI_VERSION} + - remark-preset-lint-recommended@${NPM_REMARK_PRESET_LINT_RECOMMENDED_VERSION} ide: atom: - name: linter-remark @@ -119,12 +130,12 @@ linters: downgraded_version: true downgraded_reason: https://github.com/tcort/markdown-link-check/issues/369 install: - npm: - - markdown-link-check@${MARKDOWN_MARKDOWN_LINK_CHECK_VERSION} dockerfile: - |- # renovate: datasource=npm depName=markdown-link-check - ARG MARKDOWN_MARKDOWN_LINK_CHECK_VERSION=3.12.2 + ARG NPM_MARKDOWN_LINK_CHECK_VERSION=3.12.2 + npm: + - markdown-link-check@${NPM_MARKDOWN_LINK_CHECK_VERSION} # Markdown table formatter - linter_name: markdown-table-formatter is_formatter: true @@ -143,8 +154,12 @@ linters: - "markdown-table-formatter myfile.md" # Apply formatting - "markdown-table-formatter myfile.md myfile2.md myfile3.md" # Apply formatting install: + dockerfile: + - |- + # renovate: datasource=npm depName=markdown-table-formatter + ARG NPM_MARKDOWN_TABLE_FORMATTER_VERSION=1.6.1 npm: - - markdown-table-formatter + - markdown-table-formatter@${NPM_MARKDOWN_TABLE_FORMATTER_VERSION} ide: vscode: - name: Markdown Table Prettify Extension diff --git a/megalinter/descriptors/perl.megalinter-descriptor.yml b/megalinter/descriptors/perl.megalinter-descriptor.yml index bdc7fd8256a..9654d5bc8e1 100644 --- a/megalinter/descriptors/perl.megalinter-descriptor.yml +++ b/megalinter/descriptors/perl.megalinter-descriptor.yml @@ -12,8 +12,15 @@ file_contains_regex: - "^#!/usr/bin/perl" install: apk: - - perl - - perl-dev + - perl=${APK_PERL_VERSION} + - perl-dev=${APK_PERL_DEV_VERSION} + dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/perl + ARG APK_PERL_VERSION=5.40.1-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/perl-dev + ARG APK_PERL_DEV_VERSION=5.40.1-r0 linters: # PERL CRITIC - linter_name: perlcritic diff --git a/megalinter/descriptors/php.megalinter-descriptor.yml b/megalinter/descriptors/php.megalinter-descriptor.yml index cfdd95b2000..ca204964b48 100644 --- a/megalinter/descriptors/php.megalinter-descriptor.yml +++ b/megalinter/descriptors/php.megalinter-descriptor.yml @@ -7,21 +7,63 @@ file_extensions: - ".php" install: apk: - - gnupg - - php84 - - php84-phar - - php84-mbstring - - php84-xmlwriter - - php84-tokenizer - - php84-ctype - - php84-curl - - php84-dom - - php84-opcache - - php84-openssl - - php84-common - - php84-simplexml - - dpkg + - gnupg=${APK_GNUPG_VERSION} + - php84=${APK_PHP84_VERSION} + - php84-phar=${APK_PHP84_PHAR_VERSION} + - php84-mbstring=${APK_PHP84_MBSTRING_VERSION} + - php84-xmlwriter=${APK_PHP84_XMLWRITER_VERSION} + - php84-tokenizer=${APK_PHP84_TOKENIZER_VERSION} + - php84-ctype=${APK_PHP84_CTYPE_VERSION} + - php84-curl=${APK_PHP84_CURL_VERSION} + - php84-dom=${APK_PHP84_DOM_VERSION} + - php84-opcache=${APK_PHP84_OPCACHE_VERSION} + - php84-openssl=${APK_PHP84_OPENSSL_VERSION} + - php84-common=${APK_PHP84_COMMON_VERSION} + - php84-simplexml=${APK_PHP84_SIMPLEXML_VERSION} + - dpkg=${APK_DPKG_VERSION} dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/gnupg + ARG APK_GNUPG_VERSION=2.4.7-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/php84 + ARG APK_PHP84_VERSION=8.4.3-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/php84-phar + ARG APK_PHP84_PHAR_VERSION=8.4.3-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/php84-mbstring + ARG APK_PHP84_MBSTRING_VERSION=8.4.3-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/php84-xmlwriter + ARG APK_PHP84_XMLWRITER_VERSION=8.4.3-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/php84-tokenizer + ARG APK_PHP84_TOKENIZER_VERSION=8.4.3-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/php84-ctype + ARG APK_PHP84_CTYPE_VERSION=8.4.3-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/php84-curl + ARG APK_PHP84_CURL_VERSION=8.4.3-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/php84-dom + ARG APK_PHP84_DOM_VERSION=8.4.3-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/php84-opcache + ARG APK_PHP84_OPCACHE_VERSION=8.4.3-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/php84-openssl + ARG APK_PHP84_OPENSSL_VERSION=8.4.3-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/php84-common + ARG APK_PHP84_COMMON_VERSION=8.4.3-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/php84-simplexml + ARG APK_PHP84_SIMPLEXML_VERSION=8.4.3-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/dpkg + ARG APK_DPKG_VERSION=1.22.11-r0 - RUN update-alternatives --install /usr/bin/php php /usr/bin/php84 110 - COPY --from=composer/composer:2-bin /composer /usr/bin/composer - ENV PATH="/root/.composer/vendor/bin:${PATH}" diff --git a/megalinter/descriptors/powershell.megalinter-descriptor.yml b/megalinter/descriptors/powershell.megalinter-descriptor.yml index 33c5901bda4..b89bd763c87 100644 --- a/megalinter/descriptors/powershell.megalinter-descriptor.yml +++ b/megalinter/descriptors/powershell.megalinter-descriptor.yml @@ -17,8 +17,11 @@ file_extensions: # If changing PWSH_VERSION='latest' to a specific version, use format PWSH_VERSION='tags/v7.0.2' install: apk: - - icu-libs + - icu-libs=${APK_ICU_LIBS_VERSION} dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/icu-libs + ARG APK_ICU_LIBS_VERSION=74.2-r0 - | # renovate: datasource=github-tags depName=PowerShell/PowerShell ARG POWERSHELL_VERSION=7.5.0 diff --git a/megalinter/descriptors/puppet.megalinter-descriptor.yml b/megalinter/descriptors/puppet.megalinter-descriptor.yml index 125bdaeecf9..de23b002a99 100644 --- a/megalinter/descriptors/puppet.megalinter-descriptor.yml +++ b/megalinter/descriptors/puppet.megalinter-descriptor.yml @@ -20,8 +20,12 @@ linters: - "puppet-lint --fail-on-warnings --no-autoloader_layout-check myfile.pp" - "puppet-lint --fail-on-warnings --no-autoloader_layout-check --fix myfile.pp" install: + dockerfile: + - |- + # renovate: datasource=rubygems depName=puppet-lint + ARG GEM_PUPPET_LINT_VERSION=4.2.4 gem: - - puppet-lint + - puppet-lint:${GEM_PUPPET_LINT_VERSION} ide: vscode: - name: Puppet VSCode Extension diff --git a/megalinter/descriptors/python.megalinter-descriptor.yml b/megalinter/descriptors/python.megalinter-descriptor.yml index b6b28a59ad3..c2c51e34ed1 100644 --- a/megalinter/descriptors/python.megalinter-descriptor.yml +++ b/megalinter/descriptors/python.megalinter-descriptor.yml @@ -27,9 +27,16 @@ linters: - "pylint myfile.py" - "pylint --rcfile .python-lint myfile.py" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=pylint + ARG PIP_PYLINT_VERSION=3.3.3 + - |- + # renovate: datasource=pypi depName=typing-extensions + ARG PIP_TYPING_EXTENSIONS_VERSION=4.12.2 pip: - - pylint - - typing-extensions + - pylint==${PIP_PYLINT_VERSION} + - typing-extensions==${PIP_TYPING_EXTENSIONS_VERSION} ide: eclipse: - name: PyLint @@ -72,8 +79,12 @@ linters: - "black --config pyproject.toml --diff --check myfile.py" - "black --config pyproject.toml myfile.py" # format install: + dockerfile: + - |- + # renovate: datasource=pypi depName=black + ARG PIP_BLACK_VERSION=24.10.0 pip: - - black + - black==${PIP_BLACK_VERSION} ide: atom: - name: python-black @@ -112,8 +123,12 @@ linters: - "flake8 myfile.py" - "flake8 --config .flake8 myfile.py" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=flake8 + ARG PIP_FLAKE8_VERSION=7.1.1 pip: - - flake8 + - flake8==${PIP_FLAKE8_VERSION} ide: atom: - name: linter-flake8 @@ -154,9 +169,16 @@ linters: - "isort --diff --check --profile black --settings-file .isort.cfg myfile.py" - "isort --profile black --settings-file .isort.cfg myfile.py" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=black + ARG PIP_BLACK_VERSION=24.10.0 + - |- + # renovate: datasource=pypi depName=isort + ARG PIP_ISORT_VERSION=5.13.2 pip: - - isort - - black + - black==${PIP_BLACK_VERSION} + - isort==${PIP_ISORT_VERSION} ide: atom: - name: atom-python-isort @@ -210,10 +232,17 @@ linters: - "bandit myfile.py" - "bandit --configfile .bandit.yml myfile.py" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=bandit + ARG PIP_BANDIT_VERSION=1.8.2 + - |- + # renovate: datasource=pypi depName=bandit_sarif_formatter + ARG PIP_BANDIT_SARIF_FORMATTER_VERSION=1.1.1 pip: - - bandit - - bandit_sarif_formatter - - bandit[toml] + - bandit==${PIP_BANDIT_VERSION} + - bandit_sarif_formatter==${PIP_BANDIT_SARIF_FORMATTER_VERSION} + - bandit[toml]==${PIP_BANDIT_VERSION} ide: atom: - name: bandit-lint @@ -255,9 +284,12 @@ linters: - "mypy --config-file .mypy.yml myfile.py" install: dockerfile: + - |- + # renovate: datasource=pypi depName=mypy + ARG PIP_MYPY_VERSION=1.14.1 - ENV MYPY_CACHE_DIR=/tmp # Avoid mypy cache to mess with other linters pip: - - mypy + - mypy==${PIP_MYPY_VERSION} ide: atom: - name: linter-mypy @@ -299,8 +331,12 @@ linters: # - "pytype myfile.py myfile2.py" # - "pytype myfile.py" # install: + # dockerfile: + # - |- + # # renovate: datasource=pypi depName=pytype + # ARG PIP_PYTYPE_VERSION=2024.10.11 # pip: - # - pytype + # - pytype==${PIP_PYTYPE_VERSION} # PyRight - class: PyrightLinter linter_name: pyright @@ -326,10 +362,12 @@ linters: - "pyright myfile.py myfile2.py" - "pyright myfile.py" install: - apk: - - nodejs + dockerfile: + - |- + # renovate: datasource=pypi depName=pyright + ARG PIP_PYRIGHT_VERSION=1.1.392.post0 pip: - - pyright + - pyright==${PIP_PYRIGHT_VERSION} ide: emacs: - name: LSP-pyright @@ -378,8 +416,12 @@ linters: - "ruff check myfile.py" - "ruff check --config .ruff.toml myfile.py" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=ruff + ARG PIP_RUFF_VERSION=0.9.3 pip: - - ruff + - ruff==${PIP_RUFF_VERSION} ide: idea: - name: Ruff @@ -423,8 +465,12 @@ linters: - "ruff format --check myfile.py myfile2.py" - "ruff format --config .ruff.toml myfile.py myfile2.py" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=ruff + ARG PIP_RUFF_VERSION=0.9.3 pip: - - ruff + - ruff==${PIP_RUFF_VERSION} ide: idea: - name: Ruff diff --git a/megalinter/descriptors/r.megalinter-descriptor.yml b/megalinter/descriptors/r.megalinter-descriptor.yml index 8c52a959366..56de1b20fef 100644 --- a/megalinter/descriptors/r.megalinter-descriptor.yml +++ b/megalinter/descriptors/r.megalinter-descriptor.yml @@ -20,19 +20,51 @@ linters: - 'R --slave -e "errors <- lintr::lint(''myfile.r''); print(errors); quit(save = ''no'', status = if (length(errors) > 0) 1 else 0) "' install: apk: - - gcc - - g++ - - libc-dev - - libcurl - - libffi-dev - - libgcc - - libxml2-dev - - libxml2-utils - - linux-headers - - R - - R-dev - - R-doc + - gcc=${APK_GCC_VERSION} + - g++=${APK_G_VERSION} + - libcurl=${APK_LIBCURL_VERSION} + - libffi-dev=${APK_LBFFI_DEV_VERSION} + - libgcc=${APK_LIBGCC_VERSION} + - libxml2-dev=${APK_LIBXML2_DEV_VERSION} + - libxml2-utils=${APK_LIBXML2_UTILS_VERSION} + - linux-headers=${APK_LINUX_HEADERS_VERSION} + - R=${APK_R_VERSION} + - R-dev=${APK_R_DEV_VERSION} + - R-doc=${APK_R_DOC_VERSION} dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/gcc + ARG APK_GCC_VERSION=14.2.0-r4 + - |- + # renovate: datasource=repology depName=alpine_3_21/g++ + ARG APK_G_VERSION=14.2.0-r4 + - |- + # renovate: datasource=repology depName=alpine_3_21/libcurl + ARG APK_LIBCURL_VERSION=8.11.1-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/libffi-dev + ARG APK_LBFFI_DEV_VERSION=3.4.6-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/libgcc + ARG APK_LIBGCC_VERSION=14.2.0-r4 + - |- + # renovate: datasource=repology depName=alpine_3_21/libxml2-dev + ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 + - |- + # renovate: datasource=repology depName=alpine_3_21/libxml2-utils + ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 + - |- + # renovate: datasource=repology depName=alpine_3_21/linux-headers + ARG APK_LINUX_HEADERS_VERSION=6.6-r1 + - |- + # renovate: datasource=repology depName=alpine_3_21/R + ARG APK_R_VERSION=4.4.2-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/R-dev + ARG APK_R_DEV_VERSION=4.4.2-r0 + - |- + # renovate: datasource=repology depName=alpine_3_21/R-doc + ARG APK_R_DOC_VERSION=4.4.2-r0 - | RUN mkdir -p /home/r-library \ && cp -r /usr/lib/R/library/ /home/r-library/ \ diff --git a/megalinter/descriptors/repository.megalinter-descriptor.yml b/megalinter/descriptors/repository.megalinter-descriptor.yml index 49e2f8abb79..323345a29ec 100644 --- a/megalinter/descriptors/repository.megalinter-descriptor.yml +++ b/megalinter/descriptors/repository.megalinter-descriptor.yml @@ -44,9 +44,12 @@ linters: install: # cargo: # - COMPILER_ONLY # Use COMPILER_ONLY fake package just to Dockerfile contains rust toolchain install + dockerfile: + - |- + # renovate: datasource=pypi depName=checkov + ARG PIP_CHECKOV_VERSION=3.2.357 pip: - - packaging - - checkov + - checkov==${PIP_CHECKOV_VERSION} ide: vscode: - name: Checkov @@ -102,10 +105,13 @@ linters: - "devskim analyze --file-format sarif --options-json config --source-code ." install: dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk + ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 - |- # renovate: datasource=nuget depName=Microsoft.CST.DevSkim.CLI ARG REPOSITORY_DEVSKIM_VERSION=1.0.52 - - RUN apk add --no-cache dotnet9-sdk + - RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} - ENV PATH="${PATH}:/root/.dotnet/tools" - RUN dotnet tool install --allow-roll-forward --global Microsoft.CST.DevSkim.CLI --version ${REPOSITORY_DEVSKIM_VERSION} ide: @@ -136,6 +142,9 @@ linters: - "dustilock" install: dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/git + ARG APK_GIT_VERSION=2.47.2-r0 - |- # renovate: datasource=github-tags depName=checkmarx/dustilock ARG REPOSITORY_DUSTILOCK_VERSION=1.2.0 @@ -143,8 +152,9 @@ linters: # Dustilock is not released as a binary or container - |- FROM golang:alpine AS dustilock + ARG APK_GIT_VERSION ARG REPOSITORY_DUSTILOCK_VERSION - RUN apk add --no-cache git && GOBIN=/usr/bin go install github.com/checkmarx/dustilock@v${REPOSITORY_DUSTILOCK_VERSION} + RUN apk add --no-cache git=${APK_GIT_VERSION} && GOBIN=/usr/bin go install github.com/checkmarx/dustilock@v${REPOSITORY_DUSTILOCK_VERSION} - COPY --link --from=dustilock /usr/bin/dustilock /usr/bin/dustilock # GIT_DIFF @@ -385,8 +395,12 @@ linters: test_folder: repository_file cli_lint_errors_count: "total_lines" install: + dockerfile: + - |- + # renovate: datasource=npm depName=@ls-lint/ls-lint + ARG NPM_LS_LINT_LS_LINT_VERSION=2.2.3 npm: - - "@ls-lint/ls-lint" + - "@ls-lint/ls-lint@${NPM_LS_LINT_LS_LINT_VERSION}" # SECRETLINT - class: SecretLintLinter @@ -422,10 +436,20 @@ linters: - 'secretlint "*/**"' - 'secretlint --secretlintrc .secretlintrc.json "**/*"' install: + dockerfile: + - |- + # renovate: datasource=npm depName=secretlint + ARG NPM_SECRETLINT_VERSION=9.0.0 + - |- + # renovate: datasource=npm depName=@secretlint/secretlint-rule-preset-recommend + ARG NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION=9.0.0 + - |- + # renovate: datasource=npm depName=@secretlint/secretlint-formatter-sarif + ARG NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION=9.0.0 npm: - - secretlint - - "@secretlint/secretlint-rule-preset-recommend" - - "@secretlint/secretlint-formatter-sarif" + - secretlint@${NPM_SECRETLINT_VERSION} + - "@secretlint/secretlint-rule-preset-recommend@${NPM_SECRETLINT_SECRETLINT_RULE_PRESET_RECOMMEND_VERSION}" + - "@secretlint/secretlint-formatter-sarif@${NPM_SECRETLINT_SECRETLINT_FORMATTER_SARIF_VERSION}" # SEMGREP - class: SemgrepLinter @@ -472,8 +496,12 @@ linters: - "semgrep /tmp/lint" - "semgrep " install: + dockerfile: + - |- + # renovate: datasource=pypi depName=semgrep + ARG PIP_SEMGREP_VERSION=1.104.0 pip: - - semgrep + - semgrep==${PIP_SEMGREP_VERSION} variables: - name: REPOSITORY_SEMGREP_RULESETS description: List of semgrep rulesets identifiers that you want to enforce diff --git a/megalinter/descriptors/rst.megalinter-descriptor.yml b/megalinter/descriptors/rst.megalinter-descriptor.yml index 3b712ff8a4d..303683865ed 100644 --- a/megalinter/descriptors/rst.megalinter-descriptor.yml +++ b/megalinter/descriptors/rst.megalinter-descriptor.yml @@ -15,9 +15,16 @@ linters: examples: - "rst-lint myfile.rst" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=Pygments + ARG PIP_PYGMENTS_VERSION=2.19.1 + - |- + # renovate: datasource=pypi depName=restructuredtext_lint + ARG PIP_RESTRUCTUREDTEXT_LINT_VERSION=1.4.0 pip: - - Pygments - - restructuredtext_lint + - Pygments==${PIP_PYGMENTS_VERSION} + - restructuredtext_lint==${PIP_RESTRUCTUREDTEXT_LINT_VERSION} # rstcheck - linter_name: rstcheck linter_url: https://github.com/myint/rstcheck @@ -32,8 +39,12 @@ linters: - "rstcheck myfile.rst" - "rstcheck -c .rstcheck.cfg myfile.rst" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=rstcheck + ARG PIP_RSTCHECK_VERSION=6.2.4 pip: - - rstcheck[toml,sphinx] + - rstcheck[toml,sphinx]==${PIP_RSTCHECK_VERSION} ide: vscode: - name: vscode-restructuredtext @@ -53,6 +64,10 @@ linters: - "rstfmt --check myfile.rst" - "rstfmt myfile.rst" # Format install: + dockerfile: + - |- + # renovate: datasource=pypi depName=rstfmt + ARG PIP_RSTFMT_VERSION=0.0.14 pip: - - rstfmt + - rstfmt==${PIP_RSTFMT_VERSION} version_extract_regex: "(?<=rstfmt )\\d+(\\.\\d+)+" diff --git a/megalinter/descriptors/ruby.megalinter-descriptor.yml b/megalinter/descriptors/ruby.megalinter-descriptor.yml index b26aac6ad3b..d7f98728c0c 100644 --- a/megalinter/descriptors/ruby.megalinter-descriptor.yml +++ b/megalinter/descriptors/ruby.megalinter-descriptor.yml @@ -22,13 +22,32 @@ linters: - "rubocop --force-exclusion -c .ruby-lint.yml myfile.rb" - "rubocop --force-exclusion --safe-auto-correct -c .ruby-lint.yml myfile.rb" install: + dockerfile: + - |- + # renovate: datasource=rubygems depName=rubocop + ARG GEM_RUBOCOP_VERSION=1.71.0 + - |- + # renovate: datasource=rubygems depName=rubocop-github + ARG GEM_RUBOCOP_GITHUB_VERSION=0.20.0 + - |- + # renovate: datasource=rubygems depName=rubocop-performance + ARG GEM_RUBOCOP_PERFORMANCE_VERSION=1.23.1 + - |- + # renovate: datasource=rubygems depName=rubocop-rails + ARG GEM_RUBOCOP_RAILS_VERSION=2.29.1 + - |- + # renovate: datasource=rubygems depName=rubocop-rake + ARG GEM_RUBOCOP_RAKE_VERSION=0.6.0 + - |- + # renovate: datasource=rubygems depName=rubocop-rspec + ARG GEM_RUBOCOP_RSPEC_VERSION=3.4.0 gem: - - rubocop - - rubocop-github - - rubocop-performance - - rubocop-rails - - rubocop-rake - - rubocop-rspec + - rubocop:${GEM_RUBOCOP_VERSION} + - rubocop-github:${GEM_RUBOCOP_GITHUB_VERSION} + - rubocop-performance:${GEM_RUBOCOP_PERFORMANCE_VERSION} + - rubocop-rails:${GEM_RUBOCOP_RAILS_VERSION} + - rubocop-rake:${GEM_RUBOCOP_RAKE_VERSION} + - rubocop-rspec:${GEM_RUBOCOP_RSPEC_VERSION} ide: atom: - name: linter-rubocop diff --git a/megalinter/descriptors/salesforce.megalinter-descriptor.yml b/megalinter/descriptors/salesforce.megalinter-descriptor.yml index 5950c361758..2b86e2f518f 100644 --- a/megalinter/descriptors/salesforce.megalinter-descriptor.yml +++ b/megalinter/descriptors/salesforce.megalinter-descriptor.yml @@ -6,29 +6,35 @@ lint_all_files: true install: # Java, because Apex is Java-based, so are related tools like PMD which is embedded in sfdx-scanner apk: - - coreutils - - openjdk21 + - coreutils=${APK_COREUTILS_VERSION} + - openjdk21=${APK_OPENJDK21_VERSION} dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/coreutils + ARG APK_COREUTILS_VERSION=9.5-r2 + - |- + # renovate: datasource=repology depName=alpine_3_21/openjdk21 + ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 - |- # renovate: datasource=npm depName=@salesforce/cli - ARG SALESFORCE_CLI_VERSION=2.74.6 + ARG NPM_SALESFORCE_CLI_VERSION=2.74.6 - |- # renovate: datasource=npm depName=@salesforce/plugin-packaging - ARG SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 + ARG NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION=2.9.16 - |- # renovate: datasource=npm depName=sfdx-hardis ARG SFDX_HARDIS_VERSION=5.18.1 - ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk - ENV PATH="$JAVA_HOME/bin:${PATH}" - |- - RUN sf plugins install @salesforce/plugin-packaging@${SALESFORCE_PLUGIN_PACKAGING_VERSION} \ + RUN sf plugins install @salesforce/plugin-packaging@${NPM_SALESFORCE_PLUGIN_PACKAGING_VERSION} \ && echo y|sf plugins install sfdx-hardis@${SFDX_HARDIS_VERSION} \ && (npm cache clean --force || true) \ && rm -rf /root/.npm/_cacache - ENV SF_AUTOUPDATE_DISABLE=true SF_CLI_DISABLE_AUTOUPDATE=true # Salesforce DX npm: - - "@salesforce/cli@${SALESFORCE_CLI_VERSION}" + - "@salesforce/cli@${NPM_SALESFORCE_CLI_VERSION}" linters: # SFDX Scanner - linter_name: sfdx-scanner-apex diff --git a/megalinter/descriptors/scala.megalinter-descriptor.yml b/megalinter/descriptors/scala.megalinter-descriptor.yml index 0f4d779a005..78ddff383bd 100644 --- a/megalinter/descriptors/scala.megalinter-descriptor.yml +++ b/megalinter/descriptors/scala.megalinter-descriptor.yml @@ -4,8 +4,11 @@ file_extensions: - ".scala" install: apk: - - openjdk21 + - openjdk21=${APK_OPENJDK21_VERSION} dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/openjdk21 + ARG APK_OPENJDK21_VERSION=21.0.5_p11-r0 - ENV JAVA_HOME=/usr/lib/jvm/java-21-openjdk - ENV PATH="$JAVA_HOME/bin:${PATH}" - | diff --git a/megalinter/descriptors/snakemake.megalinter-descriptor.yml b/megalinter/descriptors/snakemake.megalinter-descriptor.yml index 8ae280c7990..48e040aafac 100644 --- a/megalinter/descriptors/snakemake.megalinter-descriptor.yml +++ b/megalinter/descriptors/snakemake.megalinter-descriptor.yml @@ -22,8 +22,12 @@ linters: examples: - "snakemake --lint -s Snakefile" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=snakemake + ARG PIP_SNAKEMAKE_VERSION=8.27.1 pip: - - snakemake + - snakemake==${PIP_SNAKEMAKE_VERSION} ide: idea: - name: SnakeCharm @@ -53,5 +57,9 @@ linters: - "snakefmt --check --compact-diff --config .snakefmt.toml Snakefile" - "snakefmt --config .snakefmt.toml Snakefile" # Fix install: + dockerfile: + - |- + # renovate: datasource=pypi depName=snakefmt + ARG PIP_SNAKEFMT_VERSION=0.10.2 pip: - - snakefmt + - snakefmt==${PIP_SNAKEFMT_VERSION} diff --git a/megalinter/descriptors/spell.megalinter-descriptor.yml b/megalinter/descriptors/spell.megalinter-descriptor.yml index 41bd0d5072e..df4dd017097 100644 --- a/megalinter/descriptors/spell.megalinter-descriptor.yml +++ b/megalinter/descriptors/spell.megalinter-descriptor.yml @@ -34,8 +34,12 @@ linters: - "cspell myfile.any" - "cspell -c cspell.json myfile.any" install: + dockerfile: + - |- + # renovate: datasource=npm depName=cspell + ARG NPM_CSPELL_VERSION=8.17.2 npm: - - "cspell" + - "cspell@${NPM_CSPELL_VERSION}" ide: vscode: - name: Code Spell Checker @@ -67,8 +71,12 @@ linters: examples: - "proselint --config .proselintrc myfile.md myfile2.txt myfile3.rst" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=proselint + ARG PIP_PROSELINT_VERSION=0.14.0 pip: - - proselint + - proselint==${PIP_PROSELINT_VERSION} ide: atom: - name: linter-proselint diff --git a/megalinter/descriptors/sql.megalinter-descriptor.yml b/megalinter/descriptors/sql.megalinter-descriptor.yml index 7497d6f5dca..e45edc163f2 100644 --- a/megalinter/descriptors/sql.megalinter-descriptor.yml +++ b/megalinter/descriptors/sql.megalinter-descriptor.yml @@ -32,9 +32,9 @@ linters: dockerfile: - |- # renovate: datasource=pypi depName=sqlfluff - ARG SQL_SQLFLUFF_VERSION=3.3.0 + ARG PIP_SQLFLUFF_VERSION=3.3.0 pip: - - sqlfluff==${SQL_SQLFLUFF_VERSION} + - sqlfluff==${PIP_SQLFLUFF_VERSION} # TSQL - linter_name: tsqllint disabled: false @@ -58,10 +58,13 @@ linters: - "tsqllint myfile.sql myfile2.sql" install: dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk + ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 - |- # renovate: datasource=nuget depName=TSQLLint ARG SQL_TSQLLINT_VERSION=1.16.0 - - RUN apk add --no-cache dotnet9-sdk + - RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} - ENV PATH="${PATH}:/root/.dotnet/tools" - RUN dotnet tool install --allow-roll-forward --global TSQLLint --version ${SQL_TSQLLINT_VERSION} ide: diff --git a/megalinter/descriptors/swift.megalinter-descriptor.yml b/megalinter/descriptors/swift.megalinter-descriptor.yml index 53153dc48d8..14fe3a81ac7 100644 --- a/megalinter/descriptors/swift.megalinter-descriptor.yml +++ b/megalinter/descriptors/swift.megalinter-descriptor.yml @@ -24,6 +24,7 @@ linters: cli_lint_fix_remove_args: - "lint" cli_docker_image: ghcr.io/realm/swiftlint + cli_docker_image_version: "SWIFT_SWIFTLINT_VERSION" cli_docker_args: - "-v" - "{{WORKSPACE}}:/tmp/lint:rw" @@ -38,6 +39,11 @@ linters: examples: - "docker run -v /tmp/lint:/tmp/lint:rw ghcr.io/realm/swiftlint:latest swiftlint --strict" - "docker run -v /tmp/lint:/tmp/lint:rw ghcr.io/realm/swiftlint:latest swiftlint --fix --strict" + install: + dockerfile: + - |- + # renovate: datasource=docker depName=ghcr.io/realm/swiftlint + ENV SWIFT_SWIFTLINT_VERSION=0.58.2 ide: atom: - name: linter-swiftlint diff --git a/megalinter/descriptors/tekton.megalinter-descriptor.yml b/megalinter/descriptors/tekton.megalinter-descriptor.yml index b2dce9c5b89..7857616255d 100644 --- a/megalinter/descriptors/tekton.megalinter-descriptor.yml +++ b/megalinter/descriptors/tekton.megalinter-descriptor.yml @@ -20,5 +20,9 @@ linters: examples: - "tekton-lint myfile.yml" install: + dockerfile: + - |- + # renovate: datasource=npm depName=@ibm/tekton-lint + ARG NPM_IBM_TEKTON_LINT_VERSION=1.1.0 npm: - - "@ibm/tekton-lint" + - "@ibm/tekton-lint@${NPM_IBM_TEKTON_LINT_VERSION}" diff --git a/megalinter/descriptors/tsx.megalinter-descriptor.yml b/megalinter/descriptors/tsx.megalinter-descriptor.yml index 9b614cb3d6c..607cc986f2d 100644 --- a/megalinter/descriptors/tsx.megalinter-descriptor.yml +++ b/megalinter/descriptors/tsx.megalinter-descriptor.yml @@ -51,20 +51,60 @@ linters: - "eslint -c .eslintrc.json --no-eslintrc --no-ignore myfile.tsx" - "eslint --fix -c .eslintrc.json --no-eslintrc --no-ignore myfile.tsx" install: + dockerfile: + - |- + # renovate: datasource=npm depName=typescript + ARG NPM_TYPESCRIPT_VERSION=5.7.3 + - |- + # renovate: datasource=npm depName=eslint + ARG NPM_ESLINT_VERSION=8.57.0 + - |- + # renovate: datasource=npm depName=eslint-config-airbnb + ARG NPM_ESLINT_CONFIG_AIRBNB_VERSION=19.0.4 + - |- + # renovate: datasource=npm depName=eslint-config-prettier + ARG NPM_ESLINT_CONFIG_PRETTIER_VERSION=10.0.1 + - |- + # renovate: datasource=npm depName=eslint-plugin-jest + ARG NPM_ESLINT_PLUGIN_JEST_VERSION=28.11.0 + - |- + # renovate: datasource=npm depName=eslint-plugin-prettier + ARG NPM_ESLINT_PLUGIN_PRETTIER_VERSION=5.2.3 + - |- + # renovate: datasource=npm depName=eslint-plugin-react + ARG NPM_ESLINT_PLUGIN_REACT_VERSION=7.37.4 + - |- + # renovate: datasource=npm depName=@babel/eslint-parser + ARG NPM_BABEL_ESLINT_PARSER_VERSION=7.26.5 + - |- + # renovate: datasource=npm depName=prettier + ARG NPM_PRETTIER_VERSION=3.4.2 + - |- + # renovate: datasource=npm depName=prettyjson + ARG NPM_PRETTYJSON_VERSION=1.2.5 + - |- + # renovate: datasource=npm depName=@typescript-eslint/eslint-plugin + ARG NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION=8.21.0 + - |- + # renovate: datasource=npm depName=@typescript-eslint/parser + ARG NPM_TYPESCRIPT_ESLINT_PARSER_VERSION=8.21.0 + - |- + # renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif + ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 npm: - - typescript - - eslint - - eslint-config-airbnb - - eslint-config-prettier - - eslint-plugin-jest - - eslint-plugin-prettier - - eslint-plugin-react - - "@babel/eslint-parser" - - prettier - - prettyjson - - "@typescript-eslint/eslint-plugin" - - "@typescript-eslint/parser" - - "@microsoft/eslint-formatter-sarif" + - typescript@${NPM_TYPESCRIPT_VERSION} + - eslint@${NPM_ESLINT_VERSION} + - eslint-config-airbnb@${NPM_ESLINT_CONFIG_AIRBNB_VERSION} + - eslint-config-prettier@${NPM_ESLINT_CONFIG_PRETTIER_VERSION} + - eslint-plugin-jest@${NPM_ESLINT_PLUGIN_JEST_VERSION} + - eslint-plugin-prettier@${NPM_ESLINT_PLUGIN_PRETTIER_VERSION} + - eslint-plugin-react@${NPM_ESLINT_PLUGIN_REACT_VERSION} + - "@babel/eslint-parser@${NPM_BABEL_ESLINT_PARSER_VERSION}" + - prettier@${NPM_PRETTIER_VERSION} + - prettyjson@${NPM_PRETTYJSON_VERSION} + - "@typescript-eslint/eslint-plugin@${NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION}" + - "@typescript-eslint/parser@${NPM_TYPESCRIPT_ESLINT_PARSER_VERSION}" + - "@microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION}" ide: atom: - name: linter-eslint diff --git a/megalinter/descriptors/typescript.megalinter-descriptor.yml b/megalinter/descriptors/typescript.megalinter-descriptor.yml index 1044475a233..f02e5c3774b 100644 --- a/megalinter/descriptors/typescript.megalinter-descriptor.yml +++ b/megalinter/descriptors/typescript.megalinter-descriptor.yml @@ -8,8 +8,12 @@ descriptor_flavors: file_extensions: - ".ts" install: + dockerfile: + - |- + # renovate: datasource=npm depName=typescript + ARG NPM_TYPESCRIPT_VERSION=5.7.3 npm: - - typescript + - typescript@${NPM_TYPESCRIPT_VERSION} linters: # ESLINT - class: EslintLinter @@ -56,22 +60,68 @@ linters: - "eslint -c .eslintrc.json --no-eslintrc --no-ignore myfile.ts" - "eslint --fix -c .eslintrc.json --no-eslintrc --no-ignore myfile.ts" install: + dockerfile: + - |- + # renovate: datasource=npm depName=eslint + ARG NPM_ESLINT_VERSION=8.57.0 + - |- + # renovate: datasource=npm depName=eslint-config-airbnb + ARG NPM_ESLINT_CONFIG_AIRBNB_VERSION=19.0.4 + - |- + # renovate: datasource=npm depName=eslint-config-prettier + ARG NPM_ESLINT_CONFIG_PRETTIER_VERSION=10.0.1 + - |- + # renovate: datasource=npm depName=eslint-config-standard + ARG NPM_ESLINT_CONFIG_STANDARD_VERSION=17.1.0 + - |- + # renovate: datasource=npm depName=eslint-plugin-import + ARG NPM_ESLINT_PLUGIN_IMPORT_VERSION=2.31.0 + - |- + # renovate: datasource=npm depName=eslint-plugin-jest + ARG NPM_ESLINT_PLUGIN_JEST_VERSION=28.11.0 + - |- + # renovate: datasource=npm depName=eslint-plugin-node + ARG NPM_ESLINT_PLUGIN_NODE_VERSION=11.1.0 + - |- + # renovate: datasource=npm depName=eslint-plugin-prettier + ARG NPM_ESLINT_PLUGIN_PRETTIER_VERSION=5.2.3 + - |- + # renovate: datasource=npm depName=eslint-plugin-promise + ARG NPM_ESLINT_PLUGIN_PROMISE_VERSION=6.6.0 + - |- + # renovate: datasource=npm depName=@babel/eslint-parser + ARG NPM_BABEL_ESLINT_PARSER_VERSION=7.26.5 + - |- + # renovate: datasource=npm depName=prettier + ARG NPM_PRETTIER_VERSION=3.4.2 + - |- + # renovate: datasource=npm depName=prettyjson + ARG NPM_PRETTYJSON_VERSION=1.2.5 + - |- + # renovate: datasource=npm depName=@typescript-eslint/eslint-plugin + ARG NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION=8.21.0 + - |- + # renovate: datasource=npm depName=@typescript-eslint/parser + ARG NPM_TYPESCRIPT_ESLINT_PARSER_VERSION=8.21.0 + - |- + # renovate: datasource=npm depName=@microsoft/eslint-formatter-sarif + ARG NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION=3.1.0 npm: - - eslint - - eslint-config-airbnb - - eslint-config-prettier - - eslint-config-standard - - eslint-plugin-import - - eslint-plugin-jest - - eslint-plugin-node - - eslint-plugin-prettier - - eslint-plugin-promise - - "@babel/eslint-parser" - - prettier - - prettyjson - - "@typescript-eslint/eslint-plugin" - - "@typescript-eslint/parser" - - "@microsoft/eslint-formatter-sarif" + - eslint@${NPM_ESLINT_VERSION} + - eslint-config-airbnb@${NPM_ESLINT_CONFIG_AIRBNB_VERSION} + - eslint-config-prettier@${NPM_ESLINT_CONFIG_PRETTIER_VERSION} + - eslint-config-standard@${NPM_ESLINT_CONFIG_STANDARD_VERSION} + - eslint-plugin-import@${NPM_ESLINT_PLUGIN_IMPORT_VERSION} + - eslint-plugin-jest@${NPM_ESLINT_PLUGIN_JEST_VERSION} + - eslint-plugin-node@${NPM_ESLINT_PLUGIN_NODE_VERSION} + - eslint-plugin-prettier@${NPM_ESLINT_PLUGIN_PRETTIER_VERSION} + - eslint-plugin-promise@${NPM_ESLINT_PLUGIN_PROMISE_VERSION} + - "@babel/eslint-parser@${NPM_BABEL_ESLINT_PARSER_VERSION}" + - prettier@${NPM_PRETTIER_VERSION} + - prettyjson@${NPM_PRETTYJSON_VERSION} + - "@typescript-eslint/eslint-plugin@${NPM_TYPESCRIPT_ESLINT_ESLINT_PLUGIN_VERSION}" + - "@typescript-eslint/parser@${NPM_TYPESCRIPT_ESLINT_PARSER_VERSION}" + - "@microsoft/eslint-formatter-sarif@${NPM_MICROSOFT_ESLINT_FORMATTER_SARIF_VERSION}" ide: brackets: - name: brackets-eslint @@ -116,8 +166,12 @@ linters: - "ts-standard myfile.ts" - "ts-standard --fix myfile.ts" install: + dockerfile: + - |- + # renovate: datasource=npm depName=ts-standard + ARG NPM_TS_STANDARD_VERSION=12.0.2 npm: - - ts-standard + - ts-standard@${NPM_TS_STANDARD_VERSION} ide: idea: - name: native support @@ -160,8 +214,12 @@ linters: - "prettier --config .prettierrc.json --check myfile.ts" - "prettier --config .prettierrc.json --write myfile.ts" # format install: + dockerfile: + - |- + # renovate: datasource=npm depName=prettier + ARG NPM_PRETTIER_VERSION=3.4.2 npm: - - "prettier" + - "prettier@${NPM_PRETTIER_VERSION}" ide: emacs: - name: prettier-emacs diff --git a/megalinter/descriptors/vbdotnet.megalinter-descriptor.yml b/megalinter/descriptors/vbdotnet.megalinter-descriptor.yml index 7c47fcd19ca..fbac4d36a45 100644 --- a/megalinter/descriptors/vbdotnet.megalinter-descriptor.yml +++ b/megalinter/descriptors/vbdotnet.megalinter-descriptor.yml @@ -9,7 +9,10 @@ file_extensions: - ".vb" install: dockerfile: - - RUN apk add --no-cache dotnet9-sdk + - |- + # renovate: datasource=repology depName=alpine_3_21/dotnet9-sdk + ARG APK_DOTNET9_SDK_VERSION=9.0.102-r0 + - RUN apk add --no-cache dotnet9-sdk=${APK_DOTNET9_SDK_VERSION} - ENV PATH="${PATH}:/root/.dotnet/tools" linters: # DOTNET FORMAT diff --git a/megalinter/descriptors/xml.megalinter-descriptor.yml b/megalinter/descriptors/xml.megalinter-descriptor.yml index 317da038d76..92f2e238544 100644 --- a/megalinter/descriptors/xml.megalinter-descriptor.yml +++ b/megalinter/descriptors/xml.megalinter-descriptor.yml @@ -33,7 +33,16 @@ linters: - "xmllint --format myXMLfile.xml --output myXMLfile.xml" install: apk: - - libc-dev - - libxml2-dev - - libxml2-utils - - libgcc + - libxml2-dev=${APK_LIBXML2_DEV_VERSION} + - libxml2-utils=${APK_LIBXML2_UTILS_VERSION} + - libgcc=${APK_LIBGCC_VERSION} + dockerfile: + - |- + # renovate: datasource=repology depName=alpine_3_21/libgcc + ARG APK_LIBGCC_VERSION=14.2.0-r4 + - |- + # renovate: datasource=repology depName=alpine_3_21/libxml2-dev + ARG APK_LIBXML2_DEV_VERSION=2.13.4-r3 + - |- + # renovate: datasource=repology depName=alpine_3_21/libxml2-utils + ARG APK_LIBXML2_UTILS_VERSION=2.13.4-r3 diff --git a/megalinter/descriptors/yaml.megalinter-descriptor.yml b/megalinter/descriptors/yaml.megalinter-descriptor.yml index 31d157f0958..710f55fa40d 100644 --- a/megalinter/descriptors/yaml.megalinter-descriptor.yml +++ b/megalinter/descriptors/yaml.megalinter-descriptor.yml @@ -30,8 +30,12 @@ linters: - "prettier --config .prettierrc.json --check myfile.yml" - "prettier --config .prettierrc.json --write myfile.yml" # format install: + dockerfile: + - |- + # renovate: datasource=npm depName=prettier + ARG NPM_PRETTIER_VERSION=3.4.2 npm: - - "prettier" + - "prettier@${NPM_PRETTIER_VERSION}" ide: atom: - name: prettier-atom @@ -84,8 +88,12 @@ linters: - "yamllint --strict" - "yamllint --no-warnings" install: + dockerfile: + - |- + # renovate: datasource=pypi depName=yamllint + ARG PIP_YAMLLINT_VERSION=1.35.1 pip: - - yamllint + - yamllint==${PIP_YAMLLINT_VERSION} ide: emacs: - name: flycheck @@ -112,8 +120,12 @@ linters: - "v8r --ignore-errors myfile.yml" - "v8r --ignore-errors myfile.yaml" install: + dockerfile: + - |- + # renovate: datasource=npm depName=v8r + ARG NPM_V8R_VERSION=4.2.1 npm: - - v8r + - v8r@${NPM_V8R_VERSION} ide: eclipse: - name: native support diff --git a/renovate.json5 b/renovate.json5 index 7ca8802702e..dc3e98a5d7d 100644 --- a/renovate.json5 +++ b/renovate.json5 @@ -71,11 +71,13 @@ customType: 'regex', description: 'Update dockerfile sections in .megalinter-descriptor.yml files', fileMatch: [ + '(^|/).*\\constants.py$', '(^|/).*\\.megalinter-descriptor.ya?ml$', ], matchStrings: [ '# renovate: datasource=(?[a-z-.]+?) depName=(?[^\\s]+?)(?: (lookupName|packageName)=(?[^\\s]+?))?(?: versioning=(?[^\\s]+?))?(?: extractVersion=(?[^\\s]+?))?(?: registryUrl=(?[^\\s]+?))?\\s(?:ENV|ARG)\\s+[A-Za-z0-9_]+?_VERSION[ =]["\']?(?.+?)["\']?\\s', '# renovate: datasource=(?[a-z-.]+?) depName=(?[^\\s]+?)(?: (lookupName|packageName)=(?[^\\s]+?))?(?: versioning=(?[^\\s]+?))?(?: extractVersion=(?[^\\s]+?))?(?: registryUrl=(?[^\\s]+?))?\\s+(?:ENV|ARG)\\s+[A-Za-z0-9_]+?_VERSION[ =]["\']?(?.+?)["\']?\\s', + '# renovate: datasource=(?[a-z-.]+?) depName=(?[^\\s]+?)(?: (lookupName|packageName)=(?[^\\s]+?))?(?: versioning=(?[^\\s]+?))?(?: extractVersion=(?[^\\s]+?))?(?: registryUrl=(?[^\\s]+?))?\\\\n(?:ENV|ARG)\\s+[A-Za-z0-9_]+?_VERSION[ =]["\']?(?.+?)["\']?\\s', ], }, ],