From 5c9edc674406e4d598fa0c18151bdf2e85db67aa Mon Sep 17 00:00:00 2001 From: thomas Date: Tue, 1 Oct 2024 18:32:31 -0400 Subject: [PATCH 1/2] feat: support shell scripts with no extension, fix perl shebang regex --- CHANGELOG.md | 1 + docs/descriptors/bash_shellcheck.md | 1 + megalinter/descriptors/bash.megalinter-descriptor.yml | 7 +++++++ megalinter/descriptors/perl.megalinter-descriptor.yml | 4 ++-- 4 files changed, 11 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 53b6d89a623..b901fb00d5a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l - Linters enhancements - Trivy: Retry 10 times in case of TooManyRequests when downloading vulnerability database - Trivy: Embed vulnerability database in Docker Image for running trivy on internet-free network + - Bash/Perl: Support shell scripts with no extension and only support perl shebangs at the beginning of a file in - Fixes - Add debug traces to investigate reporters activation diff --git a/docs/descriptors/bash_shellcheck.md b/docs/descriptors/bash_shellcheck.md index 376af1bd1ab..b04d3ccc525 100644 --- a/docs/descriptors/bash_shellcheck.md +++ b/docs/descriptors/bash_shellcheck.md @@ -82,6 +82,7 @@ This linter is available in the following flavors ### How are identified applicable files - File extensions: `.sh`, `.bash`, `.dash`, `.ksh` +- Shebangs: `#!/usr/bin/env bash`, `#!/bin/bash`, `#!/bin/sh` diff --git a/megalinter/descriptors/bash.megalinter-descriptor.yml b/megalinter/descriptors/bash.megalinter-descriptor.yml index b5c035d7486..c981f3b330c 100644 --- a/megalinter/descriptors/bash.megalinter-descriptor.yml +++ b/megalinter/descriptors/bash.megalinter-descriptor.yml @@ -7,10 +7,17 @@ descriptor_flavors: - c_cpp - formatters file_extensions: + - "" - ".sh" - ".bash" - ".dash" - ".ksh" +file_contains_regex_extensions: + - "" +file_contains_regex: + - "^#!/usr/bin/env bash" + - "^#!/bin/bash" + - "^#!/bin/sh" install: apk: - bash diff --git a/megalinter/descriptors/perl.megalinter-descriptor.yml b/megalinter/descriptors/perl.megalinter-descriptor.yml index 4db3acc5ef1..f246edcab4f 100644 --- a/megalinter/descriptors/perl.megalinter-descriptor.yml +++ b/megalinter/descriptors/perl.megalinter-descriptor.yml @@ -8,8 +8,8 @@ file_extensions: file_contains_regex_extensions: - "" file_contains_regex: - - "#!/usr/bin/env perl" - - "#!/usr/bin/perl" + - "^#!/usr/bin/env perl" + - "^#!/usr/bin/perl" install: apk: - perl From 3192077c695cc1048495b215e1afb25d93636e22 Mon Sep 17 00:00:00 2001 From: thomas Date: Mon, 7 Oct 2024 23:47:16 -0400 Subject: [PATCH 2/2] fix: changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6e557f1f5de..1d4fbfd0383 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,7 +23,7 @@ Note: Can be used with `oxsecurity/megalinter@beta` in your GitHub Action mega-l - Trivy - Embed vulnerability database in Docker Image for running trivy on internet-free network - Retry 5 times after 3 seconds in case of TooManyRequests when downloading vulnerability database - - If the retries did not succeed, call trivy with `--skip-db-update --skip-check-update` (not ideal but better than nothing)network + - If the retries did not succeed, call trivy with `--skip-db-update --skip-check-update` (not ideal but better than nothing) - Bash/Perl: Support shell scripts with no extension and only support perl shebangs at the beginning of a file in - Fixes