chore(deps): update peter-evans/create-pull-request action to v7 - abandoned

.github/workflows/megalinter.yaml

@@ -120,7 +120,7 @@ jobs:
       # Create pull request if applicable
       # (for now works only on PR from same repository, not from forks)
       - name: Create Pull Request with applied fixes
-        uses: peter-evans/create-pull-request@v6
+        uses: peter-evans/create-pull-request@v7
         id: cpr
         if: >-
           steps.ml.outputs.has_updated_sources == 1 &&

README.md

@@ -3,7 +3,7 @@
 [![GitHub Actions Workflow Status](https://img.shields.io/github/actions/workflow/status/liblaf/win-fonts/ci.yaml)](https://github.com/liblaf/win-fonts/actions/workflows/ci.yaml)
 
 | Language             | Windows 11                                                                                       | Windows 10                                                                                       |
-| -------------------- | ------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------ |
+|----------------------|--------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------|
 | Chinese (Simplified) | [link](https://github.com/liblaf/win-fonts/releases/download/Win11/Win11-Chinese_Simplified.zip) | [link](https://github.com/liblaf/win-fonts/releases/download/Win10/Win10-Chinese_Simplified.zip) |
 | English              | [link](https://github.com/liblaf/win-fonts/releases/download/Win11/Win11-English.zip)            | [link](https://github.com/liblaf/win-fonts/releases/download/Win10/Win10-English.zip)            |
 

megalinter-reports/.cspell.json

@@ -0,0 +1,23 @@
+{
+    "allowCompoundWords": true,
+    "ignorePaths": [
+        "**/*-lock.*",
+        "**/*.lock*",
+        "**/.cspell.json"
+    ],
+    "words": [
+        "DEVSKIM",
+        "ISORT",
+        "KICS",
+        "MYPY",
+        "PYLINT",
+        "alnum",
+        "bidi",
+        "commitizen",
+        "devskim",
+        "kics",
+        "liblaf",
+        "ofonts",
+        "stefanzweifel"
+    ]
+}

megalinter-reports/IDE-config.txt

@@ -0,0 +1,109 @@
+MegaLinter can help you to define the same linter configuration locally
+
+INSTRUCTIONS
+
+- Copy the content of IDE-config folder at the root of your repository
+- if you are using Visual Studio Code, just reopen your project after the copy, and you will be prompted to install recommended extensions
+- If not, you can install extensions manually using the following links.
+
+IDE EXTENSIONS APPLICABLE TO YOUR PROJECT
+
+prettier (JSON)
+  - atom:
+    - prettier-atom: https://github.com/prettier/prettier-atom
+    - atom-mprettier: https://github.com/t9md/atom-mprettier
+    - atom-miniprettier: https://github.com/duailibe/atom-miniprettier
+  - emacs:
+    - prettier-emacs: https://github.com/prettier/prettier-emacs
+    - prettier.el: https://github.com/jscheid/prettier.el
+    - apheleia: https://github.com/raxod502/apheleia
+  - idea:
+    - Prettier: https://plugins.jetbrains.com/plugin/10456-prettier
+  - sublime:
+    - JsPrettier: https://packagecontrol.io/packages/JsPrettier
+  - vim:
+    - vim-prettier: https://github.com/prettier/vim-prettier
+  - visual_studio:
+    - JavaScriptPrettier: https://github.com/madskristensen/JavaScriptPrettier
+  - vscode:
+    - prettier-vscode: https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscode
+
+v8r (JSON)
+  - eclipse:
+    - native support: https://www.eclipse.org/
+  - idea:
+    - native support: https://www.jetbrains.com/products/#type=ide
+  - vim:
+    - vison: https://github.com/Quramy/vison
+  - vscode:
+    - native support: https://code.visualstudio.com/
+
+markdownlint (MARKDOWN)
+  - atom:
+    - linter-node-markdownlint: https://atom.io/packages/linter-node-markdownlint
+  - sublime:
+    - SublimeLinter-contrib-markdownlint: https://packagecontrol.io/packages/SublimeLinter-contrib-markdownlint
+  - vim:
+    - coc-markdownlint: https://github.com/fannheyward/coc-markdownlint
+  - vscode:
+    - vscode-markdownlint: https://marketplace.visualstudio.com/items/DavidAnson.vscode-markdownlint
+
+markdown-table-formatter (MARKDOWN)
+  - vscode:
+    - Markdown Table Prettify Extension: https://github.com/darkriszty/MarkdownTablePrettify-VSCodeExt
+
+checkov (REPOSITORY)
+  - vscode:
+    - Checkov: https://marketplace.visualstudio.com/items?itemName=Bridgecrew.checkov
+
+devskim (REPOSITORY)
+  - vscode:
+    - VSCode DevSkim: https://marketplace.visualstudio.com/items?itemName=MS-CST-E.vscode-devskim
+
+trivy (REPOSITORY)
+  - vscode:
+    - VSCode Trivy: https://marketplace.visualstudio.com/items?itemName=AquaSecurityOfficial.trivy-vulnerability-scanner
+
+trivy-sbom (REPOSITORY)
+  - vscode:
+    - VSCode Trivy: https://marketplace.visualstudio.com/items?itemName=AquaSecurityOfficial.trivy-vulnerability-scanner
+
+cspell (SPELL)
+  - vscode:
+    - Code Spell Checker: https://marketplace.visualstudio.com/items?itemName=streetsidesoftware.code-spell-checker
+
+prettier (YAML)
+  - atom:
+    - prettier-atom: https://github.com/prettier/prettier-atom
+    - atom-mprettier: https://github.com/t9md/atom-mprettier
+    - atom-miniprettier: https://github.com/duailibe/atom-miniprettier
+  - emacs:
+    - prettier-emacs: https://github.com/prettier/prettier-emacs
+    - prettier.el: https://github.com/jscheid/prettier.el
+    - apheleia: https://github.com/raxod502/apheleia
+  - idea:
+    - Prettier: https://plugins.jetbrains.com/plugin/10456-prettier
+  - sublime:
+    - JsPrettier: https://packagecontrol.io/packages/JsPrettier
+  - vim:
+    - vim-prettier: https://github.com/prettier/vim-prettier
+  - visual_studio:
+    - JavaScriptPrettier: https://github.com/madskristensen/JavaScriptPrettier
+  - vscode:
+    - prettier-vscode: https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscode
+
+v8r (YAML)
+  - eclipse:
+    - native support: https://www.eclipse.org/
+  - idea:
+    - native support: https://www.jetbrains.com/products/#type=ide
+  - vim:
+    - vison: https://github.com/Quramy/vison
+  - vscode:
+    - native support: https://code.visualstudio.com/
+
+yamllint (YAML)
+  - emacs:
+    - flycheck: https://github.com/krzysztof-magosa/flycheck-yamllint
+  - vim:
+    - ale: https://github.com/w0rp/ale

megalinter-reports/IDE-config/.checkov.yml

@@ -0,0 +1,9 @@
+# ref: <https://github.com/oxsecurity/megalinter/blob/225e1b5c3a044775005d0ec772cabee5d21006ed/TEMPLATES/.checkov.yml>
+
+# You can see all available properties here: https://github.com/bridgecrewio/checkov#configuration-using-a-config-file
+quiet: true
+
+skip-check:
+  - CKV_DOCKER_2
+  - CKV_GHA_7
+  - CKV2_GHA_1

megalinter-reports/IDE-config/.devskim.json

@@ -0,0 +1,4 @@
+{
+  "IgnoreRuleIds": ["DS176209"],
+  "Globs": ["**/.git/**", "**/megalinter-reports/**"]
+}

megalinter-reports/IDE-config/.gitleaks.toml

@@ -0,0 +1,21 @@
+
+title = "gitleaks config"
+
+[extend]
+# useDefault will extend the base configuration with the default gitleaks config:
+# https://github.com/zricethezav/gitleaks/blob/master/config/gitleaks.toml
+useDefault = true
+
+[allowlist]
+    description = "Allowlisted files"
+    paths = [
+    '''.automation/test''',
+    '''megalinter-reports''',
+    '''.github/linters''',
+    '''node_modules''',
+    '''.mypy_cache''',
+    '''(.*?)gitleaks\.toml$''',
+    '''(?i)(.*?)(png|jpeg|jpg|gif|doc|docx|pdf|bin|xls|xlsx|pyc|zip)$''',
+    '''(go.mod|go.sum)$''']
+
+

megalinter-reports/IDE-config/.grype.yaml

@@ -0,0 +1,151 @@
+# enable/disable checking for application updates on startup
+# same as GRYPE_CHECK_FOR_APP_UPDATE env var
+# check-for-app-update: true
+
+# allows users to specify which image source should be used to generate the sbom
+# valid values are: registry, docker, podman
+# same as GRYPE_DEFAULT_IMAGE_PULL_SOURCE env var
+# default-image-pull-source: ""
+
+# same as --name; set the name of the target being analyzed
+# name: ""
+
+# upon scanning, if a severity is found at or above the given severity then the return code will be 1
+# default is unset which will skip this validation (options: negligible, low, medium, high, critical)
+# same as --fail-on ; GRYPE_FAIL_ON_SEVERITY env var
+fail-on-severity: "high"
+
+# the output format of the vulnerability report (options: table, json, cyclonedx)
+# same as -o ; GRYPE_OUTPUT env var
+# output: "table"
+
+# suppress all output (except for the vulnerability list)
+# same as -q ; GRYPE_QUIET env var
+# quiet: false
+
+# write output report to a file (default is to write to stdout)
+# same as --file; GRYPE_FILE env var
+# file: ""
+
+# a list of globs to exclude from scanning, for example:
+# exclude:
+#   - '/etc/**'
+#   - './out/**/*.json'
+# same as --exclude ; GRYPE_EXCLUDE env var
+# exclude: []
+
+# os and/or architecture to use when referencing container images (e.g. "windows/armv6" or "arm64")
+# same as --platform; GRYPE_PLATFORM env var
+# platform: ""
+
+# If using SBOM input, automatically generate CPEs when packages have none
+# add-cpes-if-none: false
+
+# Explicitly specify a linux distribution to use as <distro>:<version> like alpine:3.10
+# distro:
+
+# external-sources:
+#   enable: false
+#   maven:
+#     search-upstream-by-sha1: true
+#     base-url: https://search.maven.org/solrsearch/select
+
+# db:
+  # check for database updates on execution
+  # same as GRYPE_DB_AUTO_UPDATE env var
+  # auto-update: true
+
+  # location to write the vulnerability database cache
+  # same as GRYPE_DB_CACHE_DIR env var
+  # cache-dir: "$XDG_CACHE_HOME/grype/db"
+
+  # URL of the vulnerability database
+  # same as GRYPE_DB_UPDATE_URL env var
+  # update-url: "https://toolbox-data.anchore.io/grype/databases/listing.json"
+
+  # it ensures db build is no older than the max-allowed-built-age
+  # set to false to disable check
+  # validate-age: true
+
+  # Max allowed age for vulnerability database,
+  # age being the time since it was built
+  # Default max age is 120h (or five days)
+  # max-allowed-built-age: "120h"
+
+# search:
+  # the search space to look for packages (options: all-layers, squashed)
+  # same as -s ; GRYPE_SEARCH_SCOPE env var
+  # scope: "squashed"
+
+  # search within archives that do contain a file index to search against (zip)
+  # note: for now this only applies to the java package cataloger
+  # same as GRYPE_PACKAGE_SEARCH_INDEXED_ARCHIVES env var
+  # indexed-archives: true
+
+  # search within archives that do not contain a file index to search against (tar, tar.gz, tar.bz2, etc)
+  # note: enabling this may result in a performance impact since all discovered compressed tars will be decompressed
+  # note: for now this only applies to the java package cataloger
+  # same as GRYPE_PACKAGE_SEARCH_UNINDEXED_ARCHIVES env var
+  # unindexed-archives: false
+
+# options when pulling directly from a registry via the "registry:" scheme
+# registry:
+  # skip TLS verification when communicating with the registry
+  # same as GRYPE_REGISTRY_INSECURE_SKIP_TLS_VERIFY env var
+  # insecure-skip-tls-verify: false
+  # use http instead of https when connecting to the registry
+  # same as GRYPE_REGISTRY_INSECURE_USE_HTTP env var
+  # insecure-use-http: false
+
+  # credentials for specific registries
+  # auth:
+    # - # the URL to the registry (e.g. "docker.io", "localhost:5000", etc.)
+      # same as GRYPE_REGISTRY_AUTH_AUTHORITY env var
+      # authority: ""
+      # same as GRYPE_REGISTRY_AUTH_USERNAME env var
+      # username: ""
+      # same as GRYPE_REGISTRY_AUTH_PASSWORD env var
+      # password: ""
+      # note: token and username/password are mutually exclusive
+      # same as GRYPE_REGISTRY_AUTH_TOKEN env var
+      # token: ""
+    # - ... # note, more credentials can be provided via config file only
+
+# log:
+  # use structured logging
+  # same as GRYPE_LOG_STRUCTURED env var
+  # structured: false
+
+  # the log level; note: detailed logging suppress the ETUI
+  # same as GRYPE_LOG_LEVEL env var
+  # Uses logrus logging levels: https://github.com/sirupsen/logrus#level-logging
+  # level: "error"
+
+  # location to write the log file (default is not to have a log file)
+  # same as GRYPE_LOG_FILE env var
+  # file: ""
+
+# match:
+  # sets the matchers below to use cpes when trying to find 
+  # vulnerability matches. The stock matcher is the default
+  # when no primary matcher can be identified 
+  # java:
+  #   using-cpes: true
+  # python:
+  #   using-cpes: true
+  # javascript:
+  #   using-cpes: true
+  # ruby:
+  #   using-cpes: true
+  # dotnet:
+  #   using-cpes: true
+  # golang:
+  #   using-cpes: true
+  # stock:
+  #   using-cpes: true
+
+ignore:
+
+  # Ignored by default; disputed and unwarranted CVE that causes Megalinter to fail
+  # @link https://nvd.nist.gov/vuln/detail/CVE-2018-20225
+  - vulnerability: CVE-2018-20225

megalinter-reports/IDE-config/.jscpd.json

@@ -0,0 +1,28 @@
+{
+  "threshold": 0,
+  "reporters": [
+    "html",
+    "markdown"
+  ],
+  "ignore": [
+    "**/node_modules/**",
+    "**/.git/**",
+    "**/.rbenv/**",
+    "**/.venv/**",
+    "**/report/**",
+    "**/megalinter-reports/**",
+    "**/hardis-report/**",
+    "**/*cache*/**",
+    "**/*.json",
+    "**/*.yaml",
+    "**/*.yml",
+    "**/*.md",
+    "**/*.html",
+    "**/*.xml",
+    "**/*.jpg",
+    "**/*.png",
+    "**/*.svg",
+    "**/*.zip",
+    "**/*.bin"
+  ]
+}

megalinter-reports/IDE-config/.markdown-link-check.json

@@ -0,0 +1,5 @@
+{
+    "retryOn429": true,
+    "retryCount": 5,
+    "aliveStatusCodes": [ 200, 203 ]
+}

megalinter-reports/IDE-config/.markdownlint.json

@@ -0,0 +1,16 @@
+{
+  "MD004": false,
+  "MD007": {
+    "indent": 2
+  },
+  "MD013": {
+    "line_length": 400
+  },
+  "MD026": {
+    "punctuation": ".,;:!。，；:"
+  },
+  "MD029": false,
+  "MD033": false,
+  "MD036": false,
+  "blank_lines": false
+}