diff --git a/.github/workflows/lint-megalinter.yaml b/.github/workflows/lint-megalinter.yaml index 158dd6c73262..8e0f595b2b72 100644 --- a/.github/workflows/lint-megalinter.yaml +++ b/.github/workflows/lint-megalinter.yaml @@ -55,7 +55,7 @@ jobs: # You can override MegaLinter flavor used to have faster performances # More info at https://megalinter.io/flavors/ - uses: oxsecurity/megalinter@v9.5.0 + uses: oxsecurity/megalinter@v9.6.0 id: ml diff --git a/.mega-linter.yaml b/.mega-linter.yaml index cda97d02795c..7beda1d12521 100644 --- a/.mega-linter.yaml +++ b/.mega-linter.yaml @@ -18,6 +18,7 @@ DISABLE_LINTERS: - JSON_V8R # Failing for vscode-style syntax (comments). - REPOSITORY_GITLEAKS # False positive on codecov token, which according to codecov is fine to have hardcoded - REPOSITORY_KINGFISHER # Same false positives as TRUFFLEHOG/GITLEAKS: .git/config token, codecov token, and localhost test DB URI + - REPOSITORY_BETTERLEAKS # New in megalinter 9.6.0 (gitleaks successor, enabled by default). Same codecov token false positive as GITLEAKS. - REPOSITORY_OSV_SCANNER # Blocking unrelated PRs. We already have dependabot. - ACTION_ZIZMOR # Needs GITHUB_TOKEN to query the GH API; blocks unrelated PRs on transient API failures. DISABLE_ERRORS_LINTERS: