Skip to content

chore(main): release 6.11.0#1276

Open
philips-software-forest-releaser[bot] wants to merge 1 commit into
mainfrom
release-please--branches--main--components--amp-devcontainer
Open

chore(main): release 6.11.0#1276
philips-software-forest-releaser[bot] wants to merge 1 commit into
mainfrom
release-please--branches--main--components--amp-devcontainer

Conversation

@philips-software-forest-releaser
Copy link
Copy Markdown
Contributor

@philips-software-forest-releaser philips-software-forest-releaser Bot commented May 13, 2026
edited
Loading

🤖 I have created a release beep boop

6.11.0 (2026-05-26)

Features

This PR was generated with Release Please. See documentation.

@philips-software-forest-releaser philips-software-forest-releaser Bot requested a review from a team as a code owner May 13, 2026 09:48
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 13, 2026
edited
Loading

MegaLinter analysis: Error

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ ACTION actionlint 23 0 0 0.24s
✅ DOCKERFILE hadolint 3 0 0 0.26s
✅ JSON npm-package-json-lint yes no no 0.52s
✅ JSON prettier 21 4 0 0 0.74s
✅ JSON v8r 21 0 0 13.08s
✅ MARKDOWN markdownlint 12 0 0 0 1.24s
✅ MARKDOWN markdown-table-formatter 12 0 0 0 0.34s
✅ REPOSITORY checkov yes no no 25.03s
✅ REPOSITORY gitleaks yes no no 1.05s
✅ REPOSITORY git_diff yes no no 0.01s
⚠️ REPOSITORY grype yes no 1 56.01s
✅ REPOSITORY secretlint yes no no 2.41s
✅ REPOSITORY syft yes no no 2.18s
❌ REPOSITORY trivy yes 1 1 13.39s
✅ REPOSITORY trivy-sbom yes no no 0.34s
✅ REPOSITORY trufflehog yes no no 6.34s
⚠️ SPELL lychee 83 2 0 10.81s
✅ YAML prettier 31 0 0 0 1.26s
✅ YAML v8r 31 0 0 13.52s
✅ YAML yamllint 31 0 0 1.21s

Detailed Issues

❌ REPOSITORY / trivy - 1 error 
warning: Package: idna
Installed Version: 3.11
Vulnerability CVE-2026-45409
Severity: MEDIUM
Fixed Version: 3.15
Link: [CVE-2026-45409](https://avd.aquasec.com/nvd/cve-2026-45409)
    ┌─ .devcontainer/cpp/requirements.txt:187:1
    │
187 │ idna==3.11 \
    │ ^
    │
    = Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix
    = This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. Payloads such as `"\u0660" * N` or `"\u30fb" * N + "\u6f22"` utilize the `valid_contexto` function prior to length rejection, and for high values of `N` will take a long time to process.
      
      ### Impact
      A specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service.
      
      ### Patches
      Starting in version 3.14, the function rejects long inputs as soon as practicable prior to any further processing to minimize resource consumption. In version 3.15, this approach was extended to lesser used alternate functions (i.e. per-label conversions and codec support).
      
      ### Workarounds
      Domain names cannot exceed 253 characters in length, if this length limit is enforced prior to passing the domain to the `idna.encode()` function it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.

warning: 1 warnings emitted
⚠️ REPOSITORY / grype - 1 warning 
warning: A medium vulnerability in python package: idna, version 3.11 was found at: /.devcontainer/cpp/requirements.txt

warning: 1 warnings emitted
⚠️ SPELL / lychee - 2 errors 
[IGNORED] docker://pandoc/extra:3.9.0.0-ubuntu@sha256:72afa9c8d3300e5f10c9c4330e101725687f2179bffd912fb859c6d2ae85de62 | Unsupported: Error creating request client: builder error for url (docker://pandoc/extra:3.9.0.0-ubuntu@sha256:72afa9c8d3300e5f10c9c4330e101725687f2179bffd912fb859c6d2ae85de62)
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden
[ERROR] https://www.conventionalcommits.org/en/v1.0.0/ | Network error: error sending request for url (https://www.conventionalcommits.org/en/v1.0.0/)
[IGNORED] https://vscode.dev/redirect?url=vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer | Unsupported: Error creating request client: builder error for url (vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/philips-software/amp-devcontainer)
📝 Summary
---------------------
🔍 Total..........126
✅ Successful.....122
⏳ Timeouts.........0
🔀 Redirected.......0
👻 Excluded.........0
❓ Unknown..........0
🚫 Errors...........2

Errors in .github/TOOL_VERSION_ISSUE_TEMPLATE.md
[403] https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads | Network error: Forbidden

Errors in .github/CONTRIBUTING.md
[ERROR] https://www.conventionalcommits.org/en/v1.0.0/ | Network error: error sending request for url (https://www.conventionalcommits.org/en/v1.0.0/)

See detailed reports in MegaLinter artifacts

You could have the same capabilities but better runtime performances if you use a MegaLinter flavor:

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

  • Documentation: Custom Flavors
  • Command: npx mega-linter-runner@9.4.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_LYCHEE,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

MegaLinter is graciously provided by OX Security
Show us your support by starring ⭐ the repository

github-actions[bot]
github-actions Bot reviewed May 13, 2026
View reviewed changes
Comment thread templates/cpp/devcontainer-template.json
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot May 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[MegaLinter] reported by reviewdog 🐶

amp-devcontainer/templates/cpp/devcontainer-template.json

Lines 15 to 20 in 18408e3

"optionalPaths": [
".github/dependabot.yml"
],
"platforms": [
"Any"
]

github-actions[bot]
github-actions Bot reviewed May 13, 2026
View reviewed changes
Comment thread templates/rust/devcontainer-template.json
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot May 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[MegaLinter] reported by reviewdog 🐶

amp-devcontainer/templates/rust/devcontainer-template.json

Lines 15 to 20 in 18408e3

"optionalPaths": [
".github/dependabot.yml"
],
"platforms": [
"Any"
]

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 13, 2026
edited
Loading

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-base:edgeghcr.io/philips-software/amp-devcontainer-base:pr-1276

📈 Size Comparison Table

OS/Platform Previous Current Change Trend
linux/amd64 71.82 MB 71.82 MB 169 B (0%) 🔽
linux/arm64 70.13 MB 70.13 MB +1.38 kB (+0%) 🔼

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 13, 2026
edited
Loading

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-rust:edgeghcr.io/philips-software/amp-devcontainer-rust:pr-1276

📈 Size Comparison Table

OS/Platform Previous Current Change Trend
linux/amd64 468.63 MB 468.63 MB 137 B (0%) 🔽
linux/arm64 419.81 MB 419.82 MB +398 B (+0%) 🔼

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 13, 2026
edited
Loading

📦 Container Size Analysis

Note

Comparing ghcr.io/philips-software/amp-devcontainer-cpp:edgeghcr.io/philips-software/amp-devcontainer-cpp:pr-1276

📈 Size Comparison Table

OS/Platform Previous Current Change Trend
linux/amd64 544.95 MB 544.95 MB +799 B (+0%) 🔼
linux/arm64 524.3 MB 524.3 MB +1.38 kB (+0%) 🔼

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 13, 2026
edited
Loading

Test Results

 13 files  ±0   13 suites  ±0   18m 0s ⏱️ - 1m 40s
 33 tests ±0   33 ✅ ±0  0 💤 ±0  0 ❌ ±0 
137 runs  ±0  137 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 1ecbeed. ± Comparison against base commit 30a53b3.

♻️ This comment has been updated with latest results.

@philips-software-forest-releaser philips-software-forest-releaser Bot force-pushed the release-please--branches--main--components--amp-devcontainer branch from 592637c to 1ecbeed Compare May 26, 2026 05:56
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 26, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

autorelease: pending

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants