build(deps): bump oxsecurity/megalinter from 8.8.0 to 9.2.0

[dependabot]

Bumps oxsecurity/megalinter from 8.8.0 to 9.2.0.

Release notes

Sourced from oxsecurity/megalinter's releases.

v9.2.0

What's Changed

• New linters

  • Salesforce Code Analyzer, by @​abdeslamads
    • SALESFORCE_CODE_ANALYZER_APEX
    • SALESFORCE_CODE_ANALYZER_AURA
    • SALESFORCE_CODE_ANALYZER_LWC

• Disabled linters

  • Reactivate checkov

• Deprecated linters

  • Deprecate terrascan as the project is discontinued. Will be completely removed in a future version.
  • SALESFORCE_SFDX_SCANNER_* linters have been deprecated and will be removed in a future version. (they are replaced by SALESFORCE_CODE_ANALYZER_* linters)

• Media

  • Looking for the best CI/CD Pipeline Linting Tool? Try MegaLinter!, by Seasoned Developer
  • (Brazilian) Qualidade e Segurança em Código com MegaLinter: automatizando análises em MAUI com GitHub Actions, by Canal dotNET

• Linters enhancements

  • Install dotenv-linter deterministically, by @​bdovaz in oxsecurity/megalinter#6385

• Fixes

  • #6544: Add GITHUB_TOKEN in docker build command for custom flavor
  • Hide warning when compiling a regex
  • Fix formatting in descriptor files to reduce changes in generated markdown, by @​echoix in oxsecurity/megalinter#6449

• Reporters

  • Add conversion from Jenkins variables to related Git based reporters variables

• Doc

  • Keep jsonschema html docs updated when using build.py --doc, by @​echoix in oxsecurity/megalinter#6447
  • Commit updated license info generated from build script by @​echoix in oxsecurity/megalinter#6448
  • Recreate docs/descriptors folder, delete old pages by @​echoix in oxsecurity/megalinter#6451

• Flavors

  • Add GITHUB_TOKEN in docker buildx build command for custom flavor, by @​davidfevre-gouv-nc in oxsecurity/megalinter#6545

• CI

  • Optimize performances of standalone linters releases
  • Renovate: Add langchain group for package updates, by @​echoix in oxsecurity/megalinter#6400
  • Refactor file handling in build.py to use pathlib for improved readability, by @​echoix in oxsecurity/megalinter#6450

• mega-linter-runner

  • Handle upgrade of stefanzweifel/git-auto-commit-action to v7

• Linter versions upgrades (53)

  • actionlint from 1.7.7 to 1.7.9
  • ansible-lint from 25.9.1 to 25.11.1

... (truncated)

Changelog

Sourced from oxsecurity/megalinter's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased] (beta, main branch content)

Note: Can be used with oxsecurity/megalinter@beta in your GitHub Action mega-linter.yml file, or with oxsecurity/megalinter:beta docker image

• Core

• New linters

  • Add codespell

• Disabled linters

• Deprecated linters

• Removed linters

• Media

• Linters enhancements

• Fixes

• Reporters

  • Handle multiple MegaLinter runs on the same repo using custom value sent in variable MEGALINTER_MULTIRUN_KEY
  • Allow to override url to CI build in Git based reporters using REPORTERS_ACTION_RUN_URL variable

• Doc

• Flavors

• CI

  • Free disk space on GitHub actions runner when releasing a new flavor

• mega-linter-runner

• Linter versions upgrades (N)

  • dotnet-format from 9.0.111 to 9.0.112 on 2025-12-01
  • phplint from 9.6.2 to 9.6.3 on 2025-12-01
  • terragrunt from 0.93.10 to 0.93.11 on 2025-12-01
  • ruff-format from 0.14.6 to 0.14.7 on 2025-12-03
  • ruff from 0.14.6 to 0.14.7 on 2025-12-03
  • kics from 2.1.16 to 2.1.17 on 2025-12-03
  • pylint from 4.0.3 to 4.0.4 on 2025-12-04
  • stylelint from 16.26.0 to 16.26.1 on 2025-12-04
  • trufflehog from 3.91.1 to 3.91.2 on 2025-12-04

... (truncated)

Commits

• 55a59b2 Release MegaLinter v9.2.0
• c94f8c8 prep release
• bca0a38 chore(deps): update dependency rubocop-rails to v2.34.2 (#6648)
• 8d505bf [automation] Auto-update linters version, help and documentation (#6659)
• a7d0161 Add conversion from Jenkins variables to related Git provider variables (#6658)
• 663b45a chore(deps): update mstruebing/editorconfig-checker docker tag to v3.6.0 (#6652)
• 64fbcca chore(deps): update docker/metadata-action action to v5.10.0 (#6651)
• b2f3c63 Hides regex compilation warning (#6657)
• 0eac80b chore(deps): update zricethezav/gitleaks docker tag to v8.30.0 (#6653)
• d1fdceb CI: Optimize standalone linters release perfs (#6656)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	7		0	0	0.35s
✅ DOCKERFILE	hadolint	1		0	0	0.34s
✅ JSON	prettier	6	1	0	0	0.65s
✅ JSON	v8r	6		0	0	3.31s
⚠️ MARKDOWN	markdownlint	9	1	5	0	0.9s
✅ MARKDOWN	markdown-table-formatter	9	1	0	0	0.43s
⚠️ REPOSITORY	checkov	yes		no	1	15.55s
✅ REPOSITORY	git_diff	yes		no	no	0.09s
✅ REPOSITORY	grype	yes		no	no	28.31s
✅ REPOSITORY	secretlint	yes		no	no	1.31s
✅ REPOSITORY	syft	yes		no	no	1.24s
✅ REPOSITORY	trivy	yes		no	no	4.97s
✅ REPOSITORY	trivy-sbom	yes		no	no	0.22s
✅ REPOSITORY	trufflehog	yes		no	no	2.22s
⚠️ SPELL	lychee	41		10	0	21.4s
✅ YAML	prettier	11	0	0	0	0.76s
✅ YAML	v8r	11		0	0	5.2s
✅ YAML	yamllint	11		0	0	0.53s

Detailed Issues

⚠️ REPOSITORY / checkov - 1 warning

warning: Ensure that a user for the container has been created
   ┌─ Dockerfile.flex:1:1
   │  
 1 │ ╭ FROM ghcr.io/philips-software/amp-devcontainer-cpp:v6.0.2@sha256:36afaaa5ba4bc4e9bb471012db9733c26a210e315ddb33600f73bb9532b02a25 AS builder
 2 │ │ 
 3 │ │ HEALTHCHECK NONE
 4 │ │ 
   · │
29 │ │ ENTRYPOINT ["/flex/postmaster.flex"]
30 │ │ CMD ["--help"]
   │ ╰──────────────^
   │  
   = Ensure that a user for the container has been created
   = Ensure that a user for the container has been created

warning: 1 warnings emitted

⚠️ SPELL / lychee - 10 errors

[ERROR] https://confluence.atlas.philips.com/display/GITHUB/Contribution+Models | Network error: error sending request for url (https://confluence.atlas.philips.com/display/GITHUB/Contribution+Models) Maybe a certificate error?
[404] https://philips-software.github.io/amp-embedded-infra-lib/embedded_infrastructure_library/7.0.0/Echo.html | Network error: Not Found
[404] https://github.com/philips-internal/amp-postmaster/security | Network error: Not Found
[404] https://github.com/philips-internal/amp-postmaster/releases/latest | Network error: Not Found
[404] https://github.com/philips-internal/amp-postmaster/actions/workflows/linting-formatting.yml/badge.svg | Network error: Not Found
[404] https://github.com/philips-internal/amp-postmaster/actions | Network error: Not Found
[404] https://github.com/philips-internal/amp-postmaster/workflows/Continuous%20Integration/badge.svg | Network error: Not Found
[403] https://share.philips.com/sites/SWCoE/Lists/List%20of%20Business%20Categories/DispForm.aspx?ID=52 | Network error: Forbidden
[403] https://share.philips.com/sites/SWCoE/Lists/List%20of%20Business%20Categories/AllItems.aspx | Network error: Forbidden
[404] https://github.com/philips-internal/amp-postmaster/actions/workflows/linting-formatting.yml | Network error: Not Found
📝 Summary
---------------------
🔍 Total...........73
✅ Successful......63
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.........0
❓ Unknown..........0
🚫 Errors..........10

Errors in README.md
[404] https://philips-software.github.io/amp-embedded-infra-lib/embedded_infrastructure_library/7.0.0/Echo.html | Network error: Not Found
[404] https://github.com/philips-internal/amp-postmaster/actions/workflows/linting-formatting.yml/badge.svg | Network error: Not Found
[404] https://github.com/philips-internal/amp-postmaster/actions/workflows/linting-formatting.yml | Network error: Not Found
[404] https://github.com/philips-internal/amp-postmaster/actions | Network error: Not Found
[404] https://github.com/philips-internal/amp-postmaster/workflows/Continuous%20Integration/badge.svg | Network error: Not Found

Errors in .github/philips-repo.yaml
[403] https://share.philips.com/sites/SWCoE/Lists/List%20of%20Business%20Categories/DispForm.aspx?ID=52 | Network error: Forbidden
[403] https://share.philips.com/sites/SWCoE/Lists/List%20of%20Business%20Categories/AllItems.aspx | Network error: Forbidden

Errors in .github/SECURITY.md
[404] https://github.com/philips-internal/amp-postmaster/releases/latest | Network error: Not Found
[404] https://github.com/philips-internal/amp-postmaster/security | Network error: Not Found

Errors in CONTRIBUTING.md
[ERROR] https://confluence.atlas.philips.com/display/GITHUB/Contribution+Models | Network error: error sending request for url (https://confluence.atlas.philips.com/display/GITHUB/Contribution+Models) Maybe a certificate error?

⚠️ MARKDOWN / markdownlint - 5 errors

CHANGELOG.md:28 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Features"]
CHANGELOG.md:35 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
LICENSE.md:1 MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "The MIT License (MIT) Copyrigh..."]
LICENSE.md:3:401 MD013/line-length Line length [Expected: 400; Actual: 432]
LICENSE.md:7:401 MD013/line-length Line length [Expected: 400; Actual: 460]

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.2.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R