chore(deps): update dependency python-multipart to v0.0.22 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
python-multipart (changelog)	==0.0.21 → ==0.0.22

GitHub Vulnerability Alerts

CVE-2026-24486

Summary

A Path Traversal vulnerability exists when using non-default configuration options UPLOAD_DIR and UPLOAD_KEEP_FILENAME=True. An attacker can write uploaded files to arbitrary locations on the filesystem by crafting a malicious filename.

Details

When UPLOAD_DIR is set and UPLOAD_KEEP_FILENAME is True, the library constructs the file path using os.path.join(file_dir, fname). Due to the behavior of os.path.join(), if the filename begins with a /, all preceding path components are discarded:

os.path.join("/upload/dir", "/etc/malicious") == "/etc/malicious"

This allows an attacker to bypass the intended upload directory and write files to arbitrary paths.

Affected Configuration

Projects are only affected if all of the following are true:

• UPLOAD_DIR is set
• UPLOAD_KEEP_FILENAME is set to True
• The uploaded file exceeds MAX_MEMORY_FILE_SIZE (triggering a flush to disk)

The default configuration is not vulnerable.

Impact

Arbitrary file write to attacker-controlled paths on the filesystem.

Mitigation

Upgrade to version 0.0.22, or avoid using UPLOAD_KEEP_FILENAME=True in project configurations.

---

Python-Multipart has Arbitrary File Write via Non-Default Configuration

CVE-2026-24486 / GHSA-wp53-j4wj-2cfg

More information

Details

Summary

A Path Traversal vulnerability exists when using non-default configuration options UPLOAD_DIR and UPLOAD_KEEP_FILENAME=True. An attacker can write uploaded files to arbitrary locations on the filesystem by crafting a malicious filename.

Details

When UPLOAD_DIR is set and UPLOAD_KEEP_FILENAME is True, the library constructs the file path using os.path.join(file_dir, fname). Due to the behavior of os.path.join(), if the filename begins with a /, all preceding path components are discarded:

os.path.join("/upload/dir", "/etc/malicious") == "/etc/malicious"

This allows an attacker to bypass the intended upload directory and write files to arbitrary paths.

Affected Configuration

Projects are only affected if all of the following are true:

• UPLOAD_DIR is set
• UPLOAD_KEEP_FILENAME is set to True
• The uploaded file exceeds MAX_MEMORY_FILE_SIZE (triggering a flush to disk)

The default configuration is not vulnerable.

Impact

Arbitrary file write to attacker-controlled paths on the filesystem.

Mitigation

Upgrade to version 0.0.22, or avoid using UPLOAD_KEEP_FILENAME=True in project configurations.

Severity

• CVSS Score: 8.6 / 10 (High)
• Vector String: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

References

• https://github.com/Kludex/python-multipart/security/advisories/GHSA-wp53-j4wj-2cfg
• https://nvd.nist.gov/vuln/detail/CVE-2026-24486
• https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4
• https://github.com/Kludex/python-multipart
• https://github.com/Kludex/python-multipart/releases/tag/0.0.22

This data is provided by OSV and the GitHub Advisory Database (CC-BY 4.0).

---

Release Notes

Kludex/python-multipart (python-multipart)

v0.0.22

Compare Source

• Drop directory path from filename in File 9433f4b.

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

❌MegaLinter analysis: Error

❌ REPOSITORY / trivy - 1 error

0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/terraform_terraform_fmt/Dockerfile           │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/terraform_terragrunt/Dockerfile              │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/terraform_terrascan/Dockerfile               │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/terraform_tflint/Dockerfile                  │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/tsx_eslint/Dockerfile                        │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/typescript_es/Dockerfile                     │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/typescript_prettier/Dockerfile               │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/typescript_standard/Dockerfile               │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/vbdotnet_dotnet_format/Dockerfile            │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/xml_xmllint/Dockerfile                       │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/yaml_prettier/Dockerfile                     │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/yaml_v8r/Dockerfile                          │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ linters/yaml_yamllint/Dockerfile                     │ dockerfile │        -        │         0         │
├──────────────────────────────────────────────────────┼────────────┼─────────────────┼───────────────────┤
│ server/Dockerfile                                    │ dockerfile │        -        │         0         │
└──────────────────────────────────────────────────────┴────────────┴─────────────────┴───────────────────┘
Legend:
- '-': Not scanned
- '0': Clean (no security findings detected)


For OSS Maintainers: VEX Notice
--------------------------------
If you're an OSS maintainer and Trivy has detected vulnerabilities in your project that you believe are not actually exploitable, consider issuing a VEX (Vulnerability Exploitability eXchange) statement.
VEX allows you to communicate the actual status of vulnerabilities in your project, improving security transparency and reducing false positives for your users.
Learn more and start using VEX: https://trivy.dev/docs/v0.68/guide/supply-chain/vex/repo#publishing-vex-documents

To disable this notice, set the TRIVY_DISABLE_VEX_NOTICE environment variable.


mega-linter-runner/yarn.lock (yarn)
===================================
Total: 1 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 1, CRITICAL: 0)

┌─────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬───────────────────────────────────────────────────────────┐
│ Library │ Vulnerability  │ Severity │ Status │ Installed Version │ Fixed Version │                           Title                           │
├─────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼───────────────────────────────────────────────────────────┤
│ tar     │ CVE-2026-24842 │ HIGH     │ fixed  │ 7.5.6             │ 7.5.7         │ node-tar: tar: node-tar: Arbitrary file creation via path │
│         │                │          │        │                   │               │ traversal bypass in hardlink...                           │
│         │                │          │        │                   │               │ https://avd.aquasec.com/nvd/cve-2026-24842                │
└─────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴───────────────────────────────────────────────────────────┘

(Truncated to last 5000 characters out of 41156)

🤖 AI-Powered Fix Suggestions for REPOSITORY_TRIVY (by openai gpt-4.1-mini)

1. Summary of Main Issues:

• One vulnerability detected in mega-linter-runner/yarn.lock.
• A warning from yarn scanner: failed to parse version: 'version-range@^4.15.0:'.
• No misconfigurations found in Dockerfiles or other scanned files.
• No vulnerabilities found in Python requirements.txt or other package managers except yarn.

2. Advice to Fix:

• For the yarn vulnerability: Run yarn audit locally to get detailed info on the vulnerable package. Update the affected dependency in package.json and regenerate yarn.lock by running yarn install.
• The yarn protocol error indicates a malformed version string (version-range@^4.15.0:). Check your package.json and yarn.lock for invalid or incomplete version specs and correct them (remove trailing colon or fix syntax).
• Regularly update your vulnerability database (trivy does this automatically) and rerun scans after dependency updates.
• Consider adding --include-dev-deps if you want to scan dev dependencies as well.
• For Dockerfiles, no issues found, but keep them updated and scan regularly.

Example fix for yarn version error:

// package.json snippet before
"dependencies": {
  "some-package": "version-range@^4.15.0:"
}
// Fix by removing trailing colon
"dependencies": {
  "some-package": "^4.15.0"
}

Then run yarn install to update yarn.lock.

⚠️ PYTHON / bandit - 77 errors

rt os.path.isdir(workspace), f"Test folder {workspace} is not existing"
166	    linter_name = linter.linter_name

--------------------------------------------------
>> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
   Severity: Low   Confidence: High
   CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
   More Info: https://bandit.readthedocs.io/en/1.9.3/plugins/b101_assert_used.html
   Location: ./megalinter/utilstest.py:231:4
230	    tmp_report_folder = tempfile.gettempdir() + os.path.sep + str(uuid.uuid4())
231	    assert os.path.isdir(workspace), f"Test folder {workspace} is not existing"
232	    if os.path.isfile(workspace + os.path.sep + "no_test_failure"):

--------------------------------------------------
>> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
   Severity: Low   Confidence: High
   CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
   More Info: https://bandit.readthedocs.io/en/1.9.3/plugins/b101_assert_used.html
   Location: ./megalinter/utilstest.py:466:4
465	    )
466	    assert os.path.isdir(workspace), f"Test folder {workspace} is not existing"
467	    expected_file_name = ""

--------------------------------------------------
>> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
   Severity: Low   Confidence: High
   CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
   More Info: https://bandit.readthedocs.io/en/1.9.3/plugins/b101_assert_used.html
   Location: ./megalinter/utilstest.py:566:4
565	        workspace += os.path.sep + "bad"
566	    assert os.path.isdir(workspace), f"Test folder {workspace} is not existing"
567	    # Call linter

--------------------------------------------------
>> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
   Severity: Low   Confidence: High
   CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
   More Info: https://bandit.readthedocs.io/en/1.9.3/plugins/b101_assert_used.html
   Location: ./megalinter/utilstest.py:670:4
669	    tmp_report_folder = tempfile.gettempdir() + os.path.sep + str(uuid.uuid4())
670	    assert os.path.isdir(workspace), f"Test folder {workspace} is not existing"
671	

--------------------------------------------------
>> Issue: [B101:assert_used] Use of assert detected. The enclosed code will be removed when compiling to optimised byte code.
   Severity: Low   Confidence: High
   CWE: CWE-703 (https://cwe.mitre.org/data/definitions/703.html)
   More Info: https://bandit.readthedocs.io/en/1.9.3/plugins/b101_assert_used.html
   Location: ./megalinter/utilstest.py:768:12
767	            ]
768	            assert (len(list(diffs))) > 0, f"No changes in the {file} file"
769	

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.9.3/plugins/b108_hardcoded_tmp_directory.html
   Location: ./server/server.py:81:42
80	    if item.fileUploadId:
81	        uploaded_file_path = os.path.join("/tmp/server-files", item.fileUploadId)
82	        if not os.path.isdir(uploaded_file_path):

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.9.3/plugins/b108_hardcoded_tmp_directory.html
   Location: ./server/server.py:103:38
102	    file_upload_id = "FILE_" + str(uuid1())
103	    uploaded_file_path = os.path.join("/tmp/server-files", file_upload_id)
104	    os.makedirs(uploaded_file_path)

--------------------------------------------------
>> Issue: [B108:hardcoded_tmp_directory] Probable insecure usage of temp file/directory.
   Severity: Medium   Confidence: Medium
   CWE: CWE-377 (https://cwe.mitre.org/data/definitions/377.html)
   More Info: https://bandit.readthedocs.io/en/1.9.3/plugins/b108_hardcoded_tmp_directory.html
   Location: ./server/server_worker.py:98:34
97	        temp_dir = self.create_temp_dir()
98	        upload_dir = os.path.join("/tmp/server-files", file_upload_id)
99	        if os.path.exists(upload_dir):

--------------------------------------------------

Code scanned:
	Total lines of code: 17799
	Total lines skipped (#nosec): 0
	Total potential issues skipped due to specifically being disabled (e.g., #nosec BXXX): 0

Run metrics:
	Total issues (by severity):
		Undefined: 0
		Low: 49
		Medium: 19
		High: 9
	Total issues (by confidence):
		Undefined: 0
		Low: 11
		Medium: 18
		High: 48
Files skipped (0):

(Truncated to last 5000 characters out of 51675)

⚠️ BASH / bash-exec - 1 error

Results of bash-exec linter (version 5.3.3)
See documentation on https://megalinter.io/beta/descriptors/bash_bash_exec/
-----------------------------------------------

✅ [SUCCESS] .automation/build_schemas_doc.sh
✅ [SUCCESS] .automation/format-tables.sh
✅ [SUCCESS] .vscode/testlinter.sh
✅ [SUCCESS] build.sh
✅ [SUCCESS] entrypoint.sh
❌ [ERROR] sh/megalinter_exec
    Error: File:[sh/megalinter_exec] is not executable

⚠️ REPOSITORY / grype - 42 errors

h is not ideal) from=syft
NAME                           INSTALLED  FIXED IN  TYPE    VULNERABILITY        SEVERITY  EPSS           RISK   
ejs                            3.1.6      3.1.7     npm     GHSA-phwq-j96m-2c2q  Critical  93.5% (99th)   87.9   
tar                            6.0.1      6.1.1     npm     GHSA-3jfq-g458-7qm9  High      85.5% (99th)   67.1   
requests                       2.24.0     2.31.0    python  GHSA-j8r2-6x86-q33q  Medium    6.3% (90th)    3.5    
ip                             1.1.5                npm     GHSA-2p57-rm9w-gvfp  High      3.9% (87th)    3.1    
minimist                       1.2.5      1.2.6     npm     GHSA-xvch-5gv4-984h  Critical  0.9% (74th)    0.8    
ejs                            3.1.6      3.1.10    npm     GHSA-ghr5-ch3p-vcr6  Medium    1.3% (79th)    0.6    
node-fetch                     2.6.6      2.6.7     npm     GHSA-r683-j2x4-v87g  High      0.6% (70th)    0.5    
tar                            6.0.1      6.1.9     npm     GHSA-5955-9wpr-37jh  High      0.6% (69th)    0.5    
semver                         7.3.5      7.5.2     npm     GHSA-c2qf-rxjj-qqgw  High      0.6% (68th)    0.4    
minimatch                      3.0.4      3.0.5     npm     GHSA-f8q6-p94x-37v3  High      0.5% (63rd)    0.3    
@octokit/request               5.6.2      8.4.1     npm     GHSA-rmvr-2pp2-xj38  Medium    0.6% (67th)    0.3    
tar                            6.0.1      6.2.1     npm     GHSA-f5x3-32g6-xq36  Medium    0.4% (63rd)    0.3    
tar                            6.1.11     6.2.1     npm     GHSA-f5x3-32g6-xq36  Medium    0.4% (63rd)    0.3    
braces                         3.0.2      3.0.3     npm     GHSA-grv7-fg5c-xmjg  High      0.2% (44th)    0.2    
ip                             1.1.5      1.1.9     npm     GHSA-78xj-cgh5-2h22  Low       0.6% (67th)    0.2    
ansi-regex                     3.0.0      3.0.1     npm     GHSA-93q8-gq69-wqmw  High      0.2% (43rd)    0.2    
tar                            6.0.1      6.1.2     npm     GHSA-r628-mhmh-qjhw  High      0.2% (39th)    0.1    
http-cache-semantics           4.1.0      4.1.1     npm     GHSA-rc47-6667-2j5j  High      0.2% (38th)    0.1    
@octokit/plugin-paginate-rest  2.17.0     9.2.2     npm     GHSA-h5c3-5r3r-rr8q  Medium    0.2% (45th)    0.1    
@octokit/request-error         2.1.0      5.1.1     npm     GHSA-xx4v-prfh-6cgc  Medium    0.2% (43rd)    0.1    
micromatch                     4.0.4      4.0.8     npm     GHSA-952p-6rrq-rcjv  Medium    0.1% (32nd)    < 0.1  
requests                       2.24.0     2.32.4    python  GHSA-9hjg-9r4m-mvj7  Medium    < 0.1% (27th)  < 0.1  
cross-spawn                    7.0.3      7.0.5     npm     GHSA-3xgq-45jj-v275  High      < 0.1% (20th)  < 0.1  
lodash                         4.17.21    4.17.23   npm     GHSA-xxjr-mmjv-4gpg  Medium    < 0.1% (18th)  < 0.1  
lodash-es                      4.17.21    4.17.23   npm     GHSA-xxjr-mmjv-4gpg  Medium    < 0.1% (18th)  < 0.1  
debug                          4.2.0      4.3.1     npm     GHSA-gxpj-cx7g-858c  Low       < 0.1% (27th)  < 0.1  
requests                       2.24.0     2.32.0    python  GHSA-9wx4-h78v-vm56  Medium    < 0.1% (13th)  < 0.1  
tar                            6.0.1      7.5.7     npm     GHSA-34x7-hfp2-rc4v  High      < 0.1% (6th)   < 0.1  
tar                            6.1.11     7.5.7     npm     GHSA-34x7-hfp2-rc4v  High      < 0.1% (6th)   < 0.1  
tar                            7.5.6      7.5.7     npm     GHSA-34x7-hfp2-rc4v  High      < 0.1% (6th)   < 0.1  
tmp                            0.0.33     0.2.4     npm     GHSA-52f5-9888-hmc6  Low       < 0.1% (22nd)  < 0.1  
tar                            6.0.1      6.1.7     npm     GHSA-9r2w-394v-53qc  High      < 0.1% (6th)   < 0.1  
word-wrap                      1.2.3      1.2.4     npm     GHSA-j8xg-fqg3-53r7  Medium    < 0.1% (9th)   < 0.1  
diff                           5.2.0      5.2.2     npm     GHSA-73rr-hh4g-fpgx  Low       < 0.1% (17th)  < 0.1  
diff                           7.0.0      8.0.3     npm     GHSA-73rr-hh4g-fpgx  Low       < 0.1% (17th)  < 0.1  
tar                            6.0.1      6.1.9     npm     GHSA-qq89-hq3f-393p  High      < 0.1% (2nd)   < 0.1  
tar                            6.0.1      7.5.4     npm     GHSA-r6q2-hw4h-h46w  High      < 0.1% (2nd)   < 0.1  
tar                            6.1.11     7.5.4     npm     GHSA-r6q2-hw4h-h46w  High      < 0.1% (2nd)   < 0.1  
js-yaml                        3.14.0     3.14.2    npm     GHSA-mh29-5h37-fv8m  Medium    < 0.1% (3rd)   < 0.1  
brace-expansion                1.1.11     1.1.12    npm     GHSA-v6h2-p8h4-qcjw  Low       < 0.1% (4th)   < 0.1  
tar                            6.0.1      7.5.3     npm     GHSA-8qq5-rm4j-mr97  High      < 0.1% (0th)   < 0.1  
tar                            6.1.11     7.5.3     npm     GHSA-8qq5-rm4j-mr97  High      < 0.1% (0th)   < 0.1
[0060] ERROR discovered vulnerabilities at or above the severity threshold

(Truncated to last 5000 characters out of 5119)

⚠️ SPELL / lychee - 23 errors

ill soon be removed; E-Mail is no longer checked by default. Use `--include-mail` to enable E-Mail checking.
[403] https://npmjs.org/package/mega-linter-runner | Network error: Forbidden
[403] https://cloudtuned.hashnode.dev/introducing-megalinter-streamlining-code-quality-checks-across-multiple-languages | Network error: Forbidden
[403] https://htmlhint.com/integrations/task-runner/ | Network error: Forbidden
[403] https://pmd.sourceforge.io/pmd-6.55.0/pmd_userdocs_tools_ci.html | Network error: Forbidden
[403] https://cloudtuned.hashnode.dev/ | Network error: Forbidden
[403] https://npmjs.org/package/mega-linter-runner | Error (cached)
[404] https://github.com/$ | Network error: Not Found
[403] https://stackoverflow.com/a/73711302 | Network error: Forbidden
[403] https://stackoverflow.com/a/73711302 | Error (cached)
[403] https://cppcheck.sourceforge.io/manual.html#configuration | Network error: Forbidden
[403] https://cppcheck.sourceforge.io/ | Network error: Forbidden
[403] https://stackoverflow.com/a/73711302 | Network error: Forbidden
[403] https://cppcheck.sourceforge.io/manual.html#configuration | Error (cached)
[403] https://cppcheck.sourceforge.io/ | Error (cached)
[403] https://htmlhint.com/integrations/task-runner/ | Error (cached)
[403] https://pmd.sourceforge.io/pmd-6.55.0/pmd_userdocs_tools_ci.html | Error (cached)
[403] https://htmlhint.com/docs/user-guide/list-rules | Network error: Forbidden
[403] https://htmlhint.com/configuration/ | Network error: Forbidden
[403] https://htmlhint.com/ | Network error: Forbidden
[403] https://stackoverflow.com/a/73711302 | Error (cached)
[403] https://www.npmjs.com/package/markdown-table-formatter | Network error: Forbidden
[403] https://docutils.sourceforge.io/docs/ref/rst/directives.html#raw-data-pass-through | Network error: Forbidden
[404] https://github.com/gruntwork-io/terragrunt/blob/master/docs/assets/img/favicon/ms-icon-310x310.png | Network error: Not Found
[TIMEOUT] https://generated.at/ | Timeout
[TIMEOUT] https://generated.at/ | Timeout
📝 Summary
---------------------
🔍 Total.........2423
✅ Successful....1928
⏳ Timeouts.........2
🔀 Redirected.......0
👻 Excluded.......470
❓ Unknown..........0
🚫 Errors..........23

Errors in mega-linter-runner/generators/mega-linter-custom-flavor/templates/check-new-megalinter-version.yml
[404] https://github.com/$ | Network error: Not Found

Errors in megalinter/descriptors/cpp.megalinter-descriptor.yml
[403] https://cppcheck.sourceforge.io/manual.html#configuration | Error (cached)
[403] https://cppcheck.sourceforge.io/ | Error (cached)

Errors in megalinter/descriptors/terraform.megalinter-descriptor.yml
[404] https://github.com/gruntwork-io/terragrunt/blob/master/docs/assets/img/favicon/ms-icon-310x310.png | Network error: Not Found

Errors in megalinter/descriptors/html.megalinter-descriptor.yml
[403] https://htmlhint.com/ | Network error: Forbidden
[403] https://htmlhint.com/integrations/task-runner/ | Error (cached)
[403] https://htmlhint.com/docs/user-guide/list-rules | Network error: Forbidden
[403] https://htmlhint.com/configuration/ | Network error: Forbidden

Errors in megalinter/descriptors/markdown.megalinter-descriptor.yml
[403] https://www.npmjs.com/package/markdown-table-formatter | Network error: Forbidden

Errors in megalinter/descriptors/java.megalinter-descriptor.yml
[403] https://pmd.sourceforge.io/pmd-6.55.0/pmd_userdocs_tools_ci.html | Error (cached)

Errors in megalinter/descriptors/arm.megalinter-descriptor.yml
[403] https://stackoverflow.com/a/73711302 | Network error: Forbidden

Errors in megalinter/descriptors/c.megalinter-descriptor.yml
[403] https://cppcheck.sourceforge.io/manual.html#configuration | Network error: Forbidden
[403] https://cppcheck.sourceforge.io/ | Network error: Forbidden

Errors in megalinter/descriptors/bicep.megalinter-descriptor.yml
[403] https://stackoverflow.com/a/73711302 | Network error: Forbidden

Errors in megalinter/descriptors/clojure.megalinter-descriptor.yml
[403] https://stackoverflow.com/a/73711302 | Error (cached)

Errors in megalinter/descriptors/powershell.megalinter-descriptor.yml
[403] https://stackoverflow.com/a/73711302 | Error (cached)

Errors in megalinter/descriptors/rst.megalinter-descriptor.yml
[403] https://docutils.sourceforge.io/docs/ref/rst/directives.html#raw-data-pass-through | Network error: Forbidden

Errors in mega-linter-runner/README.md
[403] https://npmjs.org/package/mega-linter-runner | Error (cached)

Errors in README.md
[403] https://cloudtuned.hashnode.dev/introducing-megalinter-streamlining-code-quality-checks-across-multiple-languages | Network error: Forbidden
[TIMEOUT] https://generated.at/ | Timeout
[403] https://htmlhint.com/integrations/task-runner/ | Network error: Forbidden
[403] https://npmjs.org/package/mega-linter-runner | Network error: Forbidden
[403] https://pmd.sourceforge.io/pmd-6.55.0/pmd_userdocs_tools_ci.html | Network error: Forbidden
[403] https://cloudtuned.hashnode.dev/ | Network error: Forbidden

(Truncated to last 5000 characters out of 5053)

⚠️ MARKDOWN / markdownlint - 333 errors

orters/GitHubCommentReporter.md:27:196 error MD056/table-column-count Table column count [Expected: 4; Actual: 3; Too few cells, row will be missing data]
docs/reporters/GitHubCommentReporter.md:27:46 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:27:174 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:27:196 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:28:179 error MD056/table-column-count Table column count [Expected: 4; Actual: 3; Too few cells, row will be missing data]
docs/reporters/GitHubCommentReporter.md:28:46 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:28:160 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:28:179 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:29:159 error MD056/table-column-count Table column count [Expected: 4; Actual: 3; Too few cells, row will be missing data]
docs/reporters/GitHubCommentReporter.md:29:48 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:29:143 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:29:159 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:30:171 error MD056/table-column-count Table column count [Expected: 4; Actual: 3; Too few cells, row will be missing data]
docs/reporters/GitHubCommentReporter.md:30:46 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:30:152 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubCommentReporter.md:30:171 error MD060/table-column-style Table column style [Table pipe does not align with header for style "aligned"]
docs/reporters/GitHubStatusReporter.md:6 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "GitHub Status Reporter"]
docs/reporters/GitlabCommentReporter.md:6 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Gitlab Comment Reporter"]
docs/reporters/JsonReporter.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "JSON Reporter"]
docs/reporters/MarkdownSummaryReporter.md:6 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Markdown Summary Reporter"]
docs/reporters/SarifReporter.md:6 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "SARIF Reporter (beta)"]
docs/reporters/TapReporter.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "TAP Reporter"]
docs/reporters/TextReporter.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Text Reporter"]
docs/reporters/UpdatedSourcesReporter.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Updated Sources Reporter"]
docs/special-thanks.md:9 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Special thanks"]
docs/special-thanks.md:23:3 error MD045/no-alt-text Images should have alternate text (alt text)
docs/sponsor.md:5 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Sponsoring"]
docs/supported-linters.md:9 error MD025/single-title/single-h1 Multiple top-level headings in the same document [Context: "Supported Linters"]
mega-linter-runner/generators/mega-linter-custom-flavor/templates/README.md:63 error MD024/no-duplicate-heading Multiple headings with the same content [Context: "How to use the custom flavor"]
mega-linter-runner/README.md:27:274 error MD051/link-fragments Link fragments should be valid [Context: "[**apply formatting and auto-fixes**](#apply-fixes)"]
mega-linter-runner/README.md:27:217 error MD051/link-fragments Link fragments should be valid [Context: "[**reports in several formats**](#reports)"]
README.md:190:127 error MD051/link-fragments Link fragments should be valid [Context: "[many additional features](#mega-linter-vs-super-linter)"]
README.md:1767:3 error MD045/no-alt-text Images should have alternate text (alt text)

(Truncated to last 5000 characters out of 43683)

⚠️ YAML / prettier - 6 errors

| <%= CUSTOM_FLAVOR_LINTERS %>
[error]     | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[error]   7 |
mega-linter-runner/generators/mega-linter/templates/.drone.yml 2ms (unchanged)
mega-linter-runner/generators/mega-linter/templates/.gitlab-ci.yml 12ms (unchanged)
mega-linter-runner/generators/mega-linter/templates/azure-pipelines.yml 3ms (unchanged)
mega-linter-runner/generators/mega-linter/templates/bitbucket-pipelines.yml 3ms (unchanged)
mega-linter-runner/generators/mega-linter/templates/concourse-task.yml 2ms (unchanged)
mega-linter-runner/generators/mega-linter/templates/mega-linter.yml 16ms (unchanged)
megalinter/descriptors/action.megalinter-descriptor.yml 11ms (unchanged)
megalinter/descriptors/ansible.megalinter-descriptor.yml 12ms (unchanged)
megalinter/descriptors/api.megalinter-descriptor.yml 15ms (unchanged)
megalinter/descriptors/arm.megalinter-descriptor.yml 10ms (unchanged)
megalinter/descriptors/bash.megalinter-descriptor.yml 12ms (unchanged)
megalinter/descriptors/bicep.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/c.megalinter-descriptor.yml 12ms (unchanged)
megalinter/descriptors/clojure.megalinter-descriptor.yml 9ms (unchanged)
megalinter/descriptors/cloudformation.megalinter-descriptor.yml 4ms (unchanged)
megalinter/descriptors/coffee.megalinter-descriptor.yml 5ms (unchanged)
megalinter/descriptors/copypaste.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/cpp.megalinter-descriptor.yml 12ms (unchanged)
megalinter/descriptors/csharp.megalinter-descriptor.yml 22ms (unchanged)
megalinter/descriptors/css.megalinter-descriptor.yml 8ms (unchanged)
megalinter/descriptors/dart.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/dockerfile.megalinter-descriptor.yml 16ms (unchanged)
megalinter/descriptors/editorconfig.megalinter-descriptor.yml 3ms (unchanged)
megalinter/descriptors/env.megalinter-descriptor.yml 3ms (unchanged)
megalinter/descriptors/gherkin.megalinter-descriptor.yml 3ms (unchanged)
megalinter/descriptors/go.megalinter-descriptor.yml 13ms (unchanged)
megalinter/descriptors/graphql.megalinter-descriptor.yml 6ms (unchanged)
megalinter/descriptors/groovy.megalinter-descriptor.yml 4ms (unchanged)
megalinter/descriptors/html.megalinter-descriptor.yml 12ms (unchanged)
megalinter/descriptors/java.megalinter-descriptor.yml 6ms (unchanged)
megalinter/descriptors/javascript.megalinter-descriptor.yml 27ms (unchanged)
megalinter/descriptors/json.megalinter-descriptor.yml 32ms (unchanged)
megalinter/descriptors/jsx.megalinter-descriptor.yml 8ms (unchanged)
megalinter/descriptors/kotlin.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/kubernetes.megalinter-descriptor.yml 15ms (unchanged)
megalinter/descriptors/latex.megalinter-descriptor.yml 3ms (unchanged)
megalinter/descriptors/lua.megalinter-descriptor.yml 22ms (unchanged)
megalinter/descriptors/makefile.megalinter-descriptor.yml 9ms (unchanged)
megalinter/descriptors/markdown.megalinter-descriptor.yml 34ms (unchanged)
megalinter/descriptors/perl.megalinter-descriptor.yml 6ms (unchanged)
megalinter/descriptors/php.megalinter-descriptor.yml 34ms (unchanged)
megalinter/descriptors/powershell.megalinter-descriptor.yml 14ms (unchanged)
megalinter/descriptors/protobuf.megalinter-descriptor.yml 4ms (unchanged)
megalinter/descriptors/puppet.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/python.megalinter-descriptor.yml 45ms (unchanged)
megalinter/descriptors/r.megalinter-descriptor.yml 7ms (unchanged)
megalinter/descriptors/raku.megalinter-descriptor.yml 3ms (unchanged)
megalinter/descriptors/repository.megalinter-descriptor.yml 117ms (unchanged)
megalinter/descriptors/robotframework.megalinter-descriptor.yml 5ms (unchanged)
megalinter/descriptors/rst.megalinter-descriptor.yml 17ms (unchanged)
megalinter/descriptors/ruby.megalinter-descriptor.yml 12ms (unchanged)
megalinter/descriptors/rust.megalinter-descriptor.yml 8ms (unchanged)
megalinter/descriptors/salesforce.megalinter-descriptor.yml 42ms (unchanged)
megalinter/descriptors/scala.megalinter-descriptor.yml 8ms (unchanged)
megalinter/descriptors/snakemake.megalinter-descriptor.yml 15ms (unchanged)
megalinter/descriptors/spell.megalinter-descriptor.yml 42ms (unchanged)
megalinter/descriptors/sql.megalinter-descriptor.yml 10ms (unchanged)
megalinter/descriptors/swift.megalinter-descriptor.yml 8ms (unchanged)
megalinter/descriptors/tekton.megalinter-descriptor.yml 5ms (unchanged)
megalinter/descriptors/terraform.megalinter-descriptor.yml 18ms (unchanged)
megalinter/descriptors/tsx.megalinter-descriptor.yml 13ms (unchanged)
megalinter/descriptors/typescript.megalinter-descriptor.yml 31ms (unchanged)
megalinter/descriptors/vbdotnet.megalinter-descriptor.yml 8ms (unchanged)
megalinter/descriptors/xml.megalinter-descriptor.yml 3ms (unchanged)
megalinter/descriptors/yaml.megalinter-descriptor.yml 17ms (unchanged)
server/docker-compose-dev.yml 5ms (unchanged)
server/docker-compose.yml 4ms (unchanged)
trivy-secret.yaml 1ms (unchanged)

(Truncated to last 5000 characters out of 11510)

⚠️ YAML / yamllint - 30 errors

mega-linter-runner/.eslintrc.yml
  11:9      warning  too few spaces inside empty braces  (braces)

mega-linter-runner/generators/mega-linter-custom-flavor/templates/megalinter-custom-flavor.yml
  7:1       error    syntax error: could not find expected ':' (syntax)

megalinter/descriptors/copypaste.megalinter-descriptor.yml
  18:301    warning  line too long (313 > 300 characters)  (line-length)

megalinter/descriptors/javascript.megalinter-descriptor.yml
  234:301   warning  line too long (307 > 300 characters)  (line-length)

megalinter/descriptors/markdown.megalinter-descriptor.yml
  74:301    warning  line too long (366 > 300 characters)  (line-length)

megalinter/descriptors/perl.megalinter-descriptor.yml
  26:301    warning  line too long (310 > 300 characters)  (line-length)

megalinter/descriptors/php.megalinter-descriptor.yml
  149:301   warning  line too long (389 > 300 characters)  (line-length)
  163:301   warning  line too long (302 > 300 characters)  (line-length)

megalinter/descriptors/repository.megalinter-descriptor.yml
  155:301   warning  line too long (408 > 300 characters)  (line-length)
  268:301   warning  line too long (306 > 300 characters)  (line-length)
  273:301   warning  line too long (321 > 300 characters)  (line-length)
  450:301   warning  line too long (338 > 300 characters)  (line-length)
  518:301   warning  line too long (306 > 300 characters)  (line-length)
  568:301   warning  line too long (316 > 300 characters)  (line-length)
  818:301   warning  line too long (1263 > 300 characters)  (line-length)
  883:301   warning  line too long (879 > 300 characters)  (line-length)
  897:301   warning  line too long (358 > 300 characters)  (line-length)
  953:301   warning  line too long (346 > 300 characters)  (line-length)
  960:301   warning  line too long (307 > 300 characters)  (line-length)

megalinter/descriptors/salesforce.megalinter-descriptor.yml
  51:301    warning  line too long (359 > 300 characters)  (line-length)
  295:301   warning  line too long (359 > 300 characters)  (line-length)

megalinter/descriptors/sql.megalinter-descriptor.yml
  64:301    warning  line too long (319 > 300 characters)  (line-length)

megalinter/descriptors/terraform.megalinter-descriptor.yml
  27:301    warning  line too long (330 > 300 characters)  (line-length)
  86:301    warning  line too long (391 > 300 characters)  (line-length)
  142:301   warning  line too long (346 > 300 characters)  (line-length)
  199:301   warning  line too long (328 > 300 characters)  (line-length)

megalinter/descriptors/typescript.megalinter-descriptor.yml
  225:301   warning  line too long (314 > 300 characters)  (line-length)

mkdocs.yml
  8:301     warning  line too long (552 > 300 characters)  (line-length)
  66:5      warning  wrong indentation: expected 6 but found 4  (indentation)
  78:5      warning  wrong indentation: expected 6 but found 4  (indentation)

✅ Linters with no issues

black, checkov, cspell, flake8, git_diff, hadolint, isort, jscpd, jsonlint, markdown-table-formatter, mypy, npm-groovy-lint, pylint, ruff, secretlint, shellcheck, shfmt, spectral, syft, trivy-sbom, trufflehog, v8r, v8r, xmllint

See detailed reports in MegaLinter artifacts

Show us your support by starring ⭐ the repository