chore(deps): update dependency jest to v30

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
jest (source)	29.7.0 -> 30.2.0

---

Release Notes

jestjs/jest (jest)

v30.2.0

Compare Source

Chore & Maintenance

• [*] Update example repo for testing React Native projects (#​15832)
• [*] Update jest-watch-typeahead to v3 (#​15830)

v30.1.3

Compare Source

Fixes

• Fix unstable_mockModule with node: prefixed core modules.

v30.1.2

Compare Source

Fixes

• [jest-snapshot-utils] Correct snapshot header regexp to work with newline across OSes (#​15803)

v30.1.1

Compare Source

Fixes

• [jest-snapshot-utils] Fix deprecated goo.gl snapshot warning not handling Windows end-of-line sequences (#​15800)
• [jest-snapshot-utils] Improve messaging about goo.gl snapshot link change (#​15821)

v30.1.0

Compare Source

v30.0.5

Compare Source

Features

• [jest-config] Allow testMatch to take a string value
• [jest-worker] Let workerIdleMemoryLimit accept 0 to always restart worker child processes

Fixes

• [expect] Fix bigint error (#​15702)

v30.0.4

Compare Source

Features

• [expect] The Inverse type is now exported (#​15714)
• [expect] feat: support async functions in toBe (#​15704)

Fixes

• [jest] jest --onlyFailures --listTests now correctly lists only failed tests (#​15700)
• [jest-snapshot] Handle line endings in snapshots (#​15708)

v30.0.3

Compare Source

Fixes

• [jest-config] Fix ESM TS config loading in a CJS project (#​15694)
• [jest-core] jest --onlyFailures --listTests now correctly lists only failed tests(#​15700)

Features

• [jest-diff] Show non-printable control characters to diffs (#​15696)

v30.0.2

Compare Source

Fixes

• [jest-matcher-utils] Make 'deepCyclicCopyObject' safer by setting descriptors to a null-prototype object (#​15689)
• [jest-util] Make garbage collection protection property writable (#​15689)

v30.0.1

Compare Source

Features

• [jest-resolver] Implement the defaultAsyncResolver (#​15679)

Fixes

• [jest-resolver] Resolve builtin modules correctly (#​15683)
• [jest-environment-node, jest-util] Avoid setting globals cleanup protection symbol when feature is off (#​15684)

Chore & Maintenance

• [*] Remove and deprecate jest-repl package (#​15673)
• [jest-resolver] Replace custom isBuiltinModule with node's isBuiltin (#​15685)

v30.0.0

Compare Source

Features

• [*] Renamed globalsCleanupMode to globalsCleanup and --waitNextEventLoopTurnForUnhandledRejectionEvents to --waitForUnhandledRejections
• [expect] Add ArrayOf asymmetric matcher for validating array elements. (#​15567)
• [babel-jest] Add option excludeJestPreset to allow opting out of babel-preset-jest (#​15164)
• [expect] Revert #​15038 to fix expect(fn).toHaveBeenCalledWith(expect.objectContaining(...)) when there are multiple calls (#​15508)
• [jest-circus, jest-cli, jest-config] Add waitNextEventLoopTurnForUnhandledRejectionEvents flag to minimise performance impact of correct detection of unhandled promise rejections introduced in #​14315 (#​14681)
• [jest-circus] Add a waitBeforeRetry option to jest.retryTimes (#​14738)
• [jest-circus] Add a retryImmediately option to jest.retryTimes (#​14696)
• [jest-circus, jest-jasmine2] Allow setupFilesAfterEnv to export an async function (#​10962)
• [jest-circus, jest-test-result] Add startedAt timestamp in TestCaseResultObject within onTestCaseResult (#​15145)
• [jest-cli] Export buildArgv (#​15310)
• [jest-config] [BREAKING] Add mts and cts to default moduleFileExtensions config (#​14369)
• [jest-config] [BREAKING] Update testMatch and testRegex default option for supporting mjs, cjs, mts, and cts (#​14584)
• [jest-config] Loads config file from provided path in package.json (#​14044)
• [jest-config] Allow loading jest.config.cts files (#​14070)
• [jest-config] Show rootDir in error message when a preset fails to load (#​15194)
• [jest-config] Support loading TS config files using esbuild-register via docblock loader (#​15190)
• [jest-config] Allow passing TS config loader options via docblock comment (#​15234)
• [jest-config] If Node is running with type stripping enabled, do not require a TS loader (#​15480)
• [@jest/core] Group together open handles with the same stack trace (#​13417, & #​14789)
• [@jest/core] Add perfStats to surface test setup overhead (#​14622)
• [@jest/core] [BREAKING] Changed --filter to accept an object with shape { filtered: Array<string> } to match documentation (#​13319)
• [@jest/core] Support --outputFile option for --listTests (#​14980)
• [@jest/core] Stringify Errors properly with --json flag (#​15329)
• [@jest/core, @​jest/test-sequencer] [BREAKING] Exposes globalConfig & contexts to TestSequencer (#​14535, & #​14543)
• [jest-each] Introduce %$ option to add number of the test to its title (#​14710)
• [@jest/environment] [BREAKING] Remove deprecated jest.genMockFromModule() (#​15042)
• [@jest/environment] [BREAKING] Remove unnecessary defensive code (#​15045)
• [jest-environment-jsdom] [BREAKING] Upgrade JSDOM to v22 (#​13825)
• [@jest/environment-jsdom-abstract] Introduce new package which abstracts over the jsdom environment, allowing usage of custom versions of JSDOM (#​14717)
• [jest-environment-node] Update jest environment with dispose symbols Symbol (#​14888 & #​14909)
• [expect, @​jest/expect] [BREAKING] Add type inference for function parameters in CalledWith assertions (#​15129)
• [@jest/expect-utils] Properly compare all types of TypedArrays (#​15178)
• [@jest/fake-timers] [BREAKING] Upgrade @sinonjs/fake-timers to v13 (#​14544 & #​15470)
• [@jest/fake-timers] Exposing new modern timers function advanceTimersToFrame() which advances all timers by the needed milliseconds to execute callbacks currently scheduled with requestAnimationFrame (#​14598)
• [jest-matcher-utils] Add SERIALIZABLE_PROPERTIES to allow custom serialization of objects (#​14893)
• [jest-mock] Add support for the Explicit Resource Management proposal to use the using keyword with jest.spyOn(object, methodName) (#​14895)
• [jest-reporters] Add support for DEC mode 2026 (#​15008)
• [jest-resolver] Support file:// URLs as paths (#​15154)
• [jest-resolve,jest-runtime,jest-resolve-dependencies] Pass the conditions when resolving stub modules (#​15489)
• [jest-runtime] Exposing new modern timers function jest.advanceTimersToFrame() from @jest/fake-timers (#​14598)
• [jest-runtime] Support import.meta.filename and import.meta.dirname (available from Node 20.11) (#​14854)
• [jest-runtime] Support import.meta.resolve (#​14930)
• [jest-runtime] [BREAKING] Make it mandatory to pass globalConfig to the Runtime constructor (#​15044)
• [jest-runtime] Add unstable_unmockModule (#​15080)
• [jest-runtime] Add onGenerateMock transformer callback for auto generated callbacks (#​15433 & #​15482)
• [jest-runtime] [BREAKING] Use vm.compileFunction over vm.Script (#​15461)
• [@jest/schemas] Upgrade @sinclair/typebox to v0.34 (#​15450)
• [@jest/types] test.each(): Accept a readonly (as const) table properly (#​14565)
• [@jest/types] Improve argument type inference passed to test and describe callback functions from each tables (#​14920)
• [jest-snapshot] [BREAKING] Add support for Error causes in snapshots (#​13965)
• [jest-snapshot] Support Prettier 3 (#​14566)
• [@jest/util-snapshot] Extract utils used by tooling from jest-snapshot into its own package (#​15095)
• [pretty-format] [BREAKING] Do not render empty string children ('') in React plugin (#​14470)

Fixes

• [expect] Show AggregateError to display (#​15346)
• [*] Replace exit with exit-x (#​15399)
• [babel-plugin-jest-hoist] Use denylist instead of the deprecated blacklist for Babel 8 support (#​14109)
• [babel-plugin-jest-hoist] Do not rely on buggy Babel behaviour (#​15415)
• [expect] Check error instance type for toThrow/toThrowError (#​14576)
• [expect] Improve diff for failing expect.objectContaining (#​15038)
• [expect] Use Array.isArray to check if an array is an Array (#​15101)
• [expect] Fix Error cause assertion errors (#​15339)
• [jest-changed-files] Print underlying errors when VCS commands fail (#​15052)
• [jest-changed-files] Abort sl root call if output resembles a steam locomotive (#​15053)
• [jest-circus] [BREAKING] Prevent false test failures caused by promise rejections handled asynchronously (#​14315)
• [jest-circus] Replace recursive makeTestResults implementation with iterative one (#​14760)
• [jest-circus] Omit expect.hasAssertions() errors if a test already has errors (#​14866)
• [jest-circus, jest-expect, jest-snapshot] Pass test.failing tests when containing failing snapshot matchers (#​14313)
• [jest-circus] Concurrent tests now emit jest circus events at the correct point and in the expected order. (#​15381)
• [jest-cli] [BREAKING] Validate CLI flags that require arguments receives them (#​14783)
• [jest-config] Make sure to respect runInBand option (#​14578)
• [jest-config] Support testTimeout in project config (#​14697)
• [jest-config] Support coverageReporters in project config (#​14697)
• [jest-config] Allow reporters in project config (#​14768)
• [jest-config] Allow Node16/NodeNext/Bundler moduleResolution in project's tsconfig (#​14739)
• [@jest/create-cache-key-function] Correct the return type of createCacheKey (#​15159)
• [jest-each] Allow $keypath templates with null or undefined values (#​14831)
• [@jest/expect-utils] Fix comparison of DataView (#​14408)
• [@jest/expect-utils] [BREAKING] exclude non-enumerable in object matching (#​14670)
• [@jest/expect-utils] Fix comparison of URL (#​14672)
• [@jest/expect-utils] Check Symbol properties in equality (#​14688)
• [@jest/expect-utils] Catch circular references within arrays when matching objects (#​14894)
• [@jest/expect-utils] Fix not addressing to Sets and Maps as objects without keys (#​14873)
• [jest-haste-map] Fix errors or clobbering with multiple hasteImplModulePaths (#​15522)
• [jest-leak-detector] Make leak-detector more aggressive when running GC (#​14526)
• [jest-runtime] Properly handle re-exported native modules in ESM via CJS (#​14589)
• [jest-runtime] Refactor _importCoreModel so required core module is consistent if modified while loading (#​15077)
• [jest-schemas, jest-types] [BREAKING] Fix type of testFailureExitCode config option(#​15232)
• [jest-util] Make sure isInteractive works in a browser (#​14552)
• [pretty-format] [BREAKING] Print ArrayBuffer and DataView correctly (#​14290)
• [pretty-format] Fixed a bug where "anonymous custom elements" were not being printed as expected. (#​15138)
• [jest-cli] When specifying paths on the command line, only match against the relative paths of the test files (#​12519)
  • [BREAKING] Changes testPathPattern configuration option to testPathPatterns, which now takes a list of patterns instead of the regex.
  • [BREAKING] --testPathPattern is now --testPathPatterns
  • [BREAKING] Specifying testPathPatterns when programmatically calling watch must be specified as new TestPathPatterns(patterns), where TestPathPatterns can be imported from @jest/pattern
• [jest-reporters, jest-runner] Unhandled errors without stack get correctly logged to console (#​14619)
• [jest-util] Always load mjs files with import (#​15447)
• [jest-worker] Properly handle a circular reference error when worker tries to send an assertion fails where either the expected or actual value is circular (#​15191)
• [jest-worker] Properly handle a BigInt when worker tries to send an assertion fails where either the expected or actual value is BigInt (#​15191)
• [expect] Resolve issue where ObjectContaining matched non-object values. #​15463.
  • Adds a conditional/check to ensure the argument passed to expect is an object.
  • Add unit tests for new ObjectContaining behavior.
  • Remove invalid/wrong test case assertions for ObjectContaining.
• [jest-worker] Addresses incorrect state on exit (#​15610)

Performance

• [*] [BREAKING] Bundle all of Jest's modules into index.js (#​12348, #​14550 & #​14661)
• [jest-haste-map] Only spawn one process to check for watchman installation (#​14826)
• [jest-runner] Better cleanup source-map-support after test to resolve (minor) memory leak (#​15233)
• [jest-resolver] Migrate resolve and resolve.exports to unrs-resolver (#​15619)
• [jest-circus, jest-environment-node, jest-repl, jest-runner, jest-util] Cleanup global variables on environment teardown to reduce memory leaks (#​15215 & #​15636 & #​15643)

Chore & Maintenance

• [jest-environment-jsdom, jest-environment-jsdom-abstract] Increased version of jsdom to ^26.0.0 (#​15325CVE-2024-37890)
• [*] Increase version of micromatch to ^4.0.7 (#​15082)
• [*] [BREAKING] Drop support for Node.js versions 14, 16, 19, 21 and 23 (#​14460, #​15118, #​15623, #​15640)
• [*] [BREAKING] Drop support for [email protected], minimum version is now 5.4 (#​14542, #​15621)
• [*] Depend on exact versions of monorepo dependencies instead of ^ range (#​14553)
• [*] [BREAKING] Add ESM wrapper for all of Jest's modules (#​14661)
• [*] [BREAKING] Upgrade to glob@10 (#​14509)
• [*] Use TypeError over Error where appropriate (#​14799)
• [docs] Fix typos in CHANGELOG.md and packages/jest-validate/README.md (#​14640)
• [docs] Don't use alias matchers in docs (#​14631)
• [babel-jest, babel-preset-jest] [BREAKING] Increase peer dependency of @babel/core to ^7.11 (#​14109)
• [babel-jest, @​jest/transform] Update babel-plugin-istanbul to v6 (#​15156)
• [babel-plugin-jest-hoist] Move unnecessary dependencies to devDependencies (#​15010)
• [expect] [BREAKING] Remove .toBeCalled(), .toBeCalledTimes(), .toBeCalledWith(), .lastCalledWith(), .nthCalledWith(), .toReturn(), .toReturnTimes(), .toReturnWith(), .lastReturnedWith(), .nthReturnedWith() and .toThrowError() matcher aliases (#​14632)
• [jest-cli, jest-config, @​jest/types] [BREAKING] Remove deprecated --init argument (#​14490)
• [jest-config, @​jest/core, jest-util] Upgrade ci-info (#​14655)
• [jest-mock] [BREAKING] Remove MockFunctionMetadataType, MockFunctionMetadata and SpyInstance types (#​14621)
• [@jest/reporters] Upgrade istanbul-lib-source-maps (#​14924)
• [jest-schemas] Upgrade @sinclair/typebox (#​14775)
• [jest-transform] Upgrade write-file-atomic (#​14274)
• [jest-util] Upgrade picomatch to v4 (#​14653 & #​14885)
• [docs] Append to NODE_OPTIONS, not overwrite ([#​14730](https://redirect.github.com/jestjs/jest/pull/14730))
• [docs] Updated .toHaveBeenCalled() documentation to correctly reflect its functionality (#​14842)
• [docs] Link NestJS documentation on testing with Jest (#​14940)
• [docs] Revised documentation for .toHaveBeenCalled() to accurately depict its functionality. (#​14853)
• [docs] Removed ExpressJS reference link from documentation due to dead link (#​15270)
• [docs] Correct broken links in docs (#​15359)

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, on day 1 of the month ( * 0-3 1 * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

🦙 MegaLinter status: ⚠️ WARNING

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	18		0	0	0.22s
✅ BASH	bash-exec	7		0	0	0.02s
✅ BASH	shellcheck	4		0	0	0.19s
⚠️ BASH	shfmt	7		1	0	0.01s
✅ CSHARP	csharpier	3		0	0	1.85s
✅ CSHARP	roslynator	1		0	0	18.36s
✅ CSS	stylelint	1		0	0	1.23s
✅ DOCKERFILE	hadolint	5		0	0	0.12s
✅ EDITORCONFIG	editorconfig-checker	439		0	0	8.28s
✅ ENV	dotenv-linter	1		0	0	0.0s
✅ GROOVY	npm-groovy-lint	8		0	0	19.01s
✅ HTML	djlint	2		0	0	1.47s
✅ HTML	htmlhint	2		0	0	0.4s
✅ JAVA	checkstyle	64		0	0	8.72s
✅ JSON	jsonlint	53		0	0	0.55s
⚠️ JSON	prettier	53		1	0	4.83s
✅ JSON	v8r	53		0	0	33.78s
⚠️ MARKDOWN	markdownlint	23		255	0	1.59s
✅ PYTHON	bandit	1		0	0	1.6s
✅ PYTHON	black	1		0	0	1.02s
✅ PYTHON	flake8	1		0	0	0.8s
✅ PYTHON	isort	1		0	0	0.43s
✅ PYTHON	mypy	1		0	0	10.85s
✅ PYTHON	ruff	1		0	0	0.02s
✅ REPOSITORY	checkov	yes		no	no	37.69s
✅ REPOSITORY	gitleaks	yes		no	no	2.68s
✅ REPOSITORY	git_diff	yes		no	no	0.34s
✅ REPOSITORY	kics	yes		no	no	48.2s
✅ REPOSITORY	secretlint	yes		no	no	2.79s
✅ REPOSITORY	syft	yes		no	no	5.73s
⚠️ REPOSITORY	trivy	yes		1	no	19.7s
✅ REPOSITORY	trivy-sbom	yes		no	no	40.79s
✅ REPOSITORY	trufflehog	yes		no	no	6.4s
✅ XML	xmllint	4		0	0	0.91s
⚠️ YAML	prettier	122		1	2	2.23s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

• Click here to request the new flavor

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	14		0	0	0.32s
✅ BASH	bash-exec	7		0	0	0.06s
✅ BASH	shellcheck	4		0	0	0.31s
⚠️ BASH	shfmt	7		1	0	0.01s
✅ CSHARP	csharpier	3		0	0	2.33s
⚠️ CSHARP	roslynator	1		1	0	12.66s
✅ CSS	stylelint	1		0	0	2.24s
✅ DOCKERFILE	hadolint	5		0	0	0.2s
✅ EDITORCONFIG	editorconfig-checker	435		0	0	11.68s
✅ ENV	dotenv-linter	1		0	0	0.01s
⚠️ GROOVY	npm-groovy-lint	8		0	20	25.92s
✅ HTML	djlint	2		0	0	1.83s
✅ HTML	htmlhint	2		0	0	0.31s
⚠️ JAVA	checkstyle	64		0	90	9.0s
✅ JSON	jsonlint	53		0	0	0.33s
✅ JSON	prettier	53		0	0	4.34s
✅ JSON	v8r	53		0	0	30.91s
⚠️ MARKDOWN	markdownlint	23		273	0	2.01s
✅ PYTHON	bandit	1		0	0	2.54s
✅ PYTHON	black	1		0	0	1.25s
✅ PYTHON	flake8	1		0	0	0.86s
✅ PYTHON	isort	1		0	0	0.43s
✅ PYTHON	mypy	1		0	0	13.17s
✅ PYTHON	ruff	1		0	0	0.02s
✅ REPOSITORY	gitleaks	yes		no	no	1.1s
✅ REPOSITORY	git_diff	yes		no	no	0.31s
⚠️ REPOSITORY	kics	yes		no	119	55.28s
✅ REPOSITORY	secretlint	yes		no	no	5.82s
✅ REPOSITORY	syft	yes		no	no	12.48s
⚠️ REPOSITORY	trivy	yes		13	no	15.85s
✅ REPOSITORY	trivy-sbom	yes		no	no	6.87s
✅ REPOSITORY	trufflehog	yes		no	no	11.79s
✅ XML	xmllint	4		0	0	1.07s
✅ YAML	prettier	118		0	0	2.28s

Detailed Issues

⚠️ JAVA / checkstyle - 90 warnings

warning: First sentence of Javadoc is missing an ending period.

warning: First sentence of Javadoc is missing an ending period.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Line is longer than 100 characters (found 103).

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: First sentence of Javadoc is missing an ending period.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Line is longer than 100 characters (found 107).

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: First sentence of Javadoc is missing an ending period.

warning: Line is longer than 100 characters (found 115).

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Line is longer than 100 characters (found 220).

warning: Line is longer than 100 characters (found 104).

warning: Line is longer than 100 characters (found 117).

warning: Line is longer than 100 characters (found 154).

warning: Line is longer than 100 characters (found 111).

warning: Line is longer than 100 characters (found 128).

warning: Line is longer than 100 characters (found 142).

warning: Missing a Javadoc comment.

warning: Line is longer than 100 characters (found 104).

warning: Line is longer than 100 characters (found 132).

warning: Line is longer than 100 characters (found 141).

warning: 90 warnings emitted

⚠️ REPOSITORY / kics - 119 warnings

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/notify/tests/e2e/docker-compose.yaml:56:1
   │
56 │   maildev:
   │ ^^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/query/tests/e2e/docker-compose.yaml:28:1
   │
28 │   tester:
   │ ^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
  ┌─ src/query/tests/e2e/docker-compose.yaml:2:1
  │
2 │   query:
  │ ^^^^^^^^
  │
  = Container Capabilities Unrestricted
  = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/list/frontend/tests/e2e/docker-compose.yaml:59:1
   │
59 │   keycloak:
   │ ^^^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/list/frontend/deploy/docker-compose.dev.yml:53:1
   │
53 │   fhir-pseudonymizer:
   │ ^^^^^^^^^^^^^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/list/frontend/tests/e2e/docker-compose.yaml:44:1
   │
44 │   loader:
   │ ^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/notify/tests/e2e/docker-compose.yaml:33:1
   │
33 │   tester:
   │ ^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
    ┌─ docker-compose/docker-compose.staging.yaml:230:1
    │
230 │   list:
    │ ^^^^^^^
    │
    = Container Capabilities Unrestricted
    = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/query/tests/e2e/docker-compose.yaml:45:1
   │
45 │   broadsea-atlasdb:
   │ ^^^^^^^^^^^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
    ┌─ docker-compose/docker-compose.staging.yaml:211:1
    │
211 │   notify:
    │ ^^^^^^^^^
    │
    = Container Capabilities Unrestricted
    = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/list/frontend/deploy/docker-compose.dev.yml:28:1
   │
28 │   jaeger:
   │ ^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/list/frontend/deploy/docker-compose.dev.yml:38:1
   │
38 │   keycloak:
   │ ^^^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
  ┌─ src/list/frontend/tests/e2e/docker-compose.yaml:2:1
  │
2 │   list:
  │ ^^^^^^^
  │
  = Container Capabilities Unrestricted
  = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

(Truncated to 5714 characters out of 37150)

⚠️ MARKDOWN / markdownlint - 273 errors

CHANGELOG.md:5 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:9:121 MD013/line-length Line length [Expected: 120; Actual: 232]
CHANGELOG.md:10:121 MD013/line-length Line length [Expected: 120; Actual: 220]
CHANGELOG.md:13 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:24 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:25 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:30 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:31 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:45 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:52 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:53 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:56:121 MD013/line-length Line length [Expected: 120; Actual: 220]
CHANGELOG.md:59 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:60 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:66:121 MD013/line-length Line length [Expected: 120; Actual: 241]
CHANGELOG.md:73 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:74 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:81:121 MD013/line-length Line length [Expected: 120; Actual: 220]
CHANGELOG.md:86 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:91 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:92 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:105:121 MD013/line-length Line length [Expected: 120; Actual: 229]
CHANGELOG.md:106:121 MD013/line-length Line length [Expected: 120; Actual: 228]
CHANGELOG.md:109:121 MD013/line-length Line length [Expected: 120; Actual: 237]
CHANGELOG.md:122 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:125:121 MD013/line-length Line length [Expected: 120; Actual: 224]
CHANGELOG.md:127 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:128 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:132 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:133 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:139 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:140 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Features"]
CHANGELOG.md:144 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:145 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:151 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:152 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:158 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:159 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Features"]
CHANGELOG.md:163 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:164 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:167:121 MD013/line-length Line length [Expected: 120; Actual: 219]
CHANGELOG.md:168:121 MD013/line-length Line length [Expected: 120; Actual: 221]
CHANGELOG.md:169:121 MD013/line-length Line length [Expected: 120; Actual: 228]
CHANGELOG.md:170:121 MD013/line-length Line length [Expected: 120; Actual: 220]
CHANGELOG.md:171:121 MD013/line-length Line length [Expected: 120; Actual: 232]
CHANGELOG.md:177:121 MD013/line-length Line length [Expected: 120; Actual: 233]
CHANGELOG.md:180 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:181 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Documentation"]
CHANGELOG.md:185 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:186 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:207:121 MD013/line-length Line length [Expected: 120; Actual: 228]
CHANGELOG.md:209:121 MD013/line-length Line length [Expected: 120; Actual: 230]
CHANGELOG.md:211:121 MD013/line-length Line length [Expected: 120; Actual: 232]
CHANGELOG.md:212:121 MD013/line-length Line length [Expected: 120; Actual: 232]
CHANGELOG.md:213:121 MD013/line-length Line length [Expected: 120; Actual: 234]
CHANGELOG.md:215:121 MD013/line-length Line length [Expected: 120; Actual: 237]
CHANGELOG.md:216:121 MD013/line-length Line length [Expected: 120; Actual: 237]
CHANGELOG.md:217:121 MD013/line-length Line length [Expected: 120; Actual: 237]
CHANGELOG.md:218:121 MD013/line-length Line length [Expected: 120; Actual: 239]
CHANGELOG.md:219:121 MD013/line-length Line length [Expected: 120; Actual: 239]
CHANGELOG.md:220:121 MD013/line-length Line length [Expected: 12

(Truncated to 5714 characters out of 26039)

⚠️ GROOVY / npm-groovy-lint - 20 warnings

note: Class should be marked with one of @GrailsCompileStatic, @CompileStatic or @CompileDynamic
 = Check that classes are explicitely annotated with either @GrailsCompileStatic, @CompileStatic or @CompileDynamic

note: Class should be marked with one of @GrailsCompileStatic, @CompileStatic or @CompileDynamic
 = Check that classes are explicitely annotated with either @GrailsCompileStatic, @CompileStatic or @CompileDynamic

note: The String 'spring-boot-loader' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:71:24
   │
71 │             intoLayer("spring-boot-loader") {
   │                        ^^^^^^^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'org/springframework/boot/loader/**' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:72:26
   │
72 │                 include("org/springframework/boot/loader/**")
   │                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'application' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:74:24
   │
74 │             intoLayer("application")
   │                        ^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'module-dependencies' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:77:24
   │
77 │             intoLayer("module-dependencies") {
   │                        ^^^^^^^^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'org.miracum:*:*' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:78:26
   │
78 │                 include("org.miracum:*:*")
   │                          ^^^^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'dependencies' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:80:24
   │
80 │             intoLayer("dependencies")
   │                        ^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'dependencies' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:82:25
   │
82 │         layerOrder = [ "dependencies", "spring-boot-loader", "module-dependencies", "application" ]
   │                         ^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'spring-boot-loader' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:82:41
   │
82 │         layerOrder = [ "dependencies", "spring-boot-loader", "module-dependencies", "application" ]
   │                                         ^^^^^^^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'module-dependencies' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:82:63
   │
82 │         layerOrder = [ "dependencies", "spring-boot-loader", "module-dependencies", "application" ]
   │                                                               ^^^^^^^^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'application' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:82:86
   │
82 │         layerOrder = [ "dependencies", "spring-boot-loader", "module-dependencies", "application" ]
   │                                                                                      ^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: Class should be marked with one of @GrailsCompileStatic, @CompileStatic or @CompileDynamic
 = Check that classes are explicitely annotated with ei

(Truncated to 5714 characters out of 7255)

⚠️ CSHARP / roslynator - 1 error

Results of roslynator linter (version 0.10.2.0)
See documentation on https://megalinter.io/9.1.0/descriptors/csharp_roslynator/
-----------------------------------------------

❌ [ERROR] tests/chaos/tester/tester.csproj
    Loading project 'tests/chaos/tester/tester.csproj'...
    Analyze 'tester'
    System.AggregateException: One or more errors occurred. (Could not load file or assembly 'System.Composition.AttributedModel, Version=9.0.0.8, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'. The system cannot find the file specified.
    )
     ---> System.IO.FileNotFoundException: Could not load file or assembly 'System.Composition.AttributedModel, Version=9.0.0.8, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'. The system cannot find the file specified.
    
    File name: 'System.Composition.AttributedModel, Version=9.0.0.8, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a'
       at System.ModuleHandle.ResolveType(QCallModule module, Int32 typeToken, IntPtr* typeInstArgs, Int32 typeInstCount, IntPtr* methodInstArgs, Int32 methodInstCount, ObjectHandleOnStack type)
       at System.ModuleHandle.ResolveTypeHandle(Int32 typeToken, RuntimeTypeHandle[] typeInstantiationContext, RuntimeTypeHandle[] methodInstantiationContext)
       at System.Reflection.RuntimeModule.ResolveType(Int32 metadataToken, Type[] genericTypeArguments, Type[] genericMethodArguments)
       at System.Reflection.CustomAttribute.FilterCustomAttributeRecord(MetadataToken caCtorToken, MetadataImport& scope, RuntimeModule decoratedModule, MetadataToken decoratedToken, RuntimeType attributeFilterType, Boolean mustBeInheritable, ListBuilder`1& derivedAttributes, RuntimeType& attributeType, IRuntimeMethodInfo& ctorWithParameters, Boolean& isVarArg)
       at System.Reflection.CustomAttribute.AddCustomAttributes(ListBuilder`1& attributes, RuntimeModule decoratedModule, Int32 decoratedMetadataToken, RuntimeType attributeFilterType, Boolean mustBeInheritable, ListBuilder`1 derivedAttributes)
       at System.Reflection.CustomAttribute.GetCustomAttributes(RuntimeModule decoratedModule, Int32 decoratedMetadataToken, Int32 pcaCount, RuntimeType attributeFilterType)
       at System.Reflection.CustomAttribute.GetCustomAttributes(RuntimeType type, RuntimeType caType, Boolean inherit)
       at System.Attribute.GetCustomAttributes(MemberInfo element, Type attributeType, Boolean inherit)
       at Roslynator.AnalyzerAssembly.Load(Assembly analyzerAssembly, Boolean loadAnalyzers, Boolean loadFixers, String language) in /_/src/Workspaces.Core/AnalyzerAssembly.cs:line 129
       at Roslynator.AnalyzerLoader.GetAnalyzersAndFixers(Project project, Boolean loadFixers) in /_/src/Workspaces.Core/AnalyzerLoader.cs:line 112
       at Roslynator.AnalyzerLoader.GetAnalyzers(Project project) in /_/src/Workspaces.Core/AnalyzerLoader.cs:line 55
       at Roslynator.Diagnostics.CodeAnalyzer.AnalyzeProjectCoreAsync(Project project, CancellationToken cancellationToken) in /_/src/Workspaces.Core/Diagnostics/CodeAnalyzer.cs:line 124
       at Roslynator.Diagnostics.CodeAnalyzer.AnalyzeProjectAsync(Project project, CancellationToken cancellationToken) in /_/src/Workspaces.Core/Diagnostics/CodeAnalyzer.cs:line 99
       at Roslynator.CommandLine.AnalyzeCommand.ExecuteAsync(ProjectOrSolution projectOrSolution, CancellationToken cancellationToken) in /_/src/CommandLine/Commands/AnalyzeCommand.cs:line 73
       at Roslynator.CommandLine.MSBuildWorkspaceCommand`1.ExecuteAsync(String path, MSBuildWorkspace workspace, CancellationToken cancellationToken) in /_/src/CommandLine/Commands/MSBuildWorkspaceCommand.cs:line 164
       at Roslynator.CommandLine.MSBuildWorkspaceCommand`1.ExecuteAsync(IEnumerable`1 paths, String msbuildPath, IEnumerable`1 properties) in /_/src/CommandLine/Commands/MSBuildWorkspaceCommand.cs:line 89
       at Roslynator.CommandLine.Program.AnalyzeAsync(AnalyzeCommandLineOptions options) in /_/src/CommandLine/Program.cs:line 346
       --- End of inner exception stack trace ---
       at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
       at Roslynator.CommandLine.Program.<>c.<Main>b__0_3(MSBuildCommandLineOptions options) in /_/src/CommandLine/Program.cs:line 175
       at CommandLine.ParserResultExtensions.MapResult[T1,T2,TResult](ParserResult`1 result, Func`2 parsedFunc1, Func`2 parsedFunc2, Func`2 notParsedFunc)
       at Roslynator.CommandLine.Program.Main(String[] args) in /_/src/CommandLine/Program.cs:line 169

⚠️ BASH / shfmt - 1 error

diff src/gradlew.orig src/gradlew
--- src/gradlew.orig
+++ src/gradlew
@@ -71,15 +71,15 @@
 
 # Need this for daisy-chained symlinks.
 while
-	APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
-	[ -h "$app_path" ]
+  APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
+  [ -h "$app_path" ]
 do
-	ls=$(ls -ld "$app_path")
-	link=${ls#*' -> '}
-	case $link in         #(
-	/*) app_path=$link ;; #(
-	*) app_path=$APP_HOME$link ;;
-	esac
+  ls=$(ls -ld "$app_path")
+  link=${ls#*' -> '}
+  case $link in         #(
+  /*) app_path=$link ;; #(
+  *) app_path=$APP_HOME$link ;;
+  esac
 done
 
 # This is normally unused
@@ -92,14 +92,14 @@
 MAX_FD=maximum
 
 warn() {
-	echo "$*"
+  echo "$*"
 } >&2
 
 die() {
-	echo
-	echo "$*"
-	echo
-	exit 1
+  echo
+  echo "$*"
+  echo
+  exit 1
 } >&2
 
 # OS specific support (must be 'true' or 'false').
@@ -116,47 +116,47 @@
 
 # Determine the Java command to use to start the JVM.
 if [ -n "$JAVA_HOME" ]; then
-	if [ -x "$JAVA_HOME/jre/sh/java" ]; then
-		# IBM's JDK on AIX uses strange locations for the executables
-		JAVACMD=$JAVA_HOME/jre/sh/java
-	else
-		JAVACMD=$JAVA_HOME/bin/java
-	fi
-	if [ ! -x "$JAVACMD" ]; then
-		die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
-	fi
+  if [ -x "$JAVA_HOME/jre/sh/java" ]; then
+    # IBM's JDK on AIX uses strange locations for the executables
+    JAVACMD=$JAVA_HOME/jre/sh/java
+  else
+    JAVACMD=$JAVA_HOME/bin/java
+  fi
+  if [ ! -x "$JAVACMD" ]; then
+    die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+  fi
 else
-	JAVACMD=java
-	if ! command -v java >/dev/null 2>&1; then
-		die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
-	fi
+  JAVACMD=java
+  if ! command -v java >/dev/null 2>&1; then
+    die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+  fi
 fi
 
 # Increase the maximum file descriptors if we can.
 if ! "$cygwin" && ! "$darwin" && ! "$nonstop"; then
-	case $MAX_FD in #(
-	max*)
-		# In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
-		# shellcheck disable=SC2039,SC3045
-		MAX_FD=$(ulimit -H -n) ||
-			warn "Could not query maximum file descriptor limit"
-		;;
-	esac
-	case $MAX_FD in #(
-	'' | soft) : ;; #(
-	*)
-		# In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
-		# shellcheck disable=SC2039,SC3045
-		ulimit -n "$MAX_FD" ||
-			warn "Could not set maximum file descriptor limit to $MAX_FD"
-		;;
-	esac
+  case $MAX_FD in #(
+  max*)
+    # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+    # shellcheck disable=SC2039,SC3045
+    MAX_FD=$(ulimit -H -n) ||
+      warn "Could not query maximum file descriptor limit"
+    ;;
+  esac
+  case $MAX_FD in #(
+  '' | soft) : ;; #(
+  *)
+    # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+    # shellcheck disable=SC2039,SC3045
+    ulimit -n "$MAX_FD" ||
+      warn "Could not set maximum file descriptor limit to $MAX_FD"
+    ;;
+  esac
 fi
 
 # Collect all arguments for the java command, stacking in reverse order:
@@ -169,34 +169,34 @@
 
 # For Cygwin or MSYS, switch paths to Windows format before running java
 if "$cygwin" || "$msys"; then
-	APP_HOME=$(cygpath --path --mixed "$APP_HOME")
-
-	JAVACMD=$(cygpath --unix "$JAVACMD")
-
-	# Now convert the arguments - kludge to limit ourselves to /bin/sh
-	for arg; do
-		if
-			case $arg in #(
-			-*) false ;; # don't mess with options #(
-			/?*)
-				t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath
-				[ -e "$t" ]
-				;; #(
-			*) false ;;
-			esac
-		then
-			arg=$(cygpath --path --ignore --mixed "$arg")
-		fi
-		# Roll the args list around exactly as many times as the number of
-		# args, so each arg winds up back in the position where it started, but
-		# possibly modified.
-		#
-		# NB: a `for` loop captures its iteration list before it begins, so
-		# changing the positional parameters here affects neither the number of
-		# iterations, nor the values presented in `arg`.
-		shift              # remove old arg
-		set -- "$@" "$arg" # push replacement arg
-	done
+  APP_HOME=$(cygpath --path --mixed "$APP_HOME")
+
+  JAVACMD=$(cygpath --unix "$JAVACMD")
+
+  # Now convert the arguments - kludge to limit ourselves to /bin/sh
+  for arg; do
+    if
+      case $arg in #(
+      -*) false ;; # don't mess with options #(
+      /?*)
+        t=${arg#/} t=/${t%%/*} # looks like a POSIX filepath
+        [ -e "$t" ]
+        ;; #(
+      *) false ;;
+      esac
+    then
+      arg=$(cygpath --path --ignore --mixed "$arg")
+    fi
+    # Roll the args list around exactly as many times as the number of
+    # args, so each arg winds up back in the position where it started, but
+    # possibly modified.
+    #
+    # NB: a `for` loop captures its iteration list before it begins, so
+    # changing the positional parameters here affects neither the number of
+    # iterations, nor the values presented in `arg`.
+    shift              # remove old arg
+    set -- "$@" "$arg" # push replacement arg
+  done
 fi
 
 # Add default JVM options here. You can also use JAV

(Truncated to 5714 characters out of 6627)

⚠️ REPOSITORY / trivy - 13 errors

error: Package: form-data
Installed Version: 2.3.3
Vulnerability CVE-2025-7783
Severity: CRITICAL
Fixed Version: 2.5.4, 3.0.4, 4.0.4
Link: [CVE-2025-7783](https://avd.aquasec.com/nvd/cve-2025-7783)
    ┌─ src/list/frontend/tests/e2e/package-lock.json:922:1
    │  
922 │ ╭     "node_modules/form-data": {
923 │ │       "version": "2.3.3",
924 │ │       "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz",
925 │ │       "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==",
    · │
935 │ │       }
936 │ │     },
    │ ╰^
    │  
    = form-data: Unsafe random function in form-data
    = Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution (HPP). This vulnerability is associated with program files lib/form_data.Js.
      
      This issue affects form-data: < 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3.

error: Package: @react-native-community/cli
Installed Version: 10.2.2
Vulnerability CVE-2025-11953
Severity: CRITICAL
Fixed Version: 20.0.0, 19.1.2, 18.0.1, 17.0.1
Link: [CVE-2025-11953](https://avd.aquasec.com/nvd/cve-2025-11953)
     ┌─ src/list/package-lock.json:6528:1
     │  
6528 │ ╭     "node_modules/@react-native-community/cli": {
6529 │ │       "version": "10.2.2",
6530 │ │       "license": "MIT",
6531 │ │       "optional": true,
     · │
6556 │ │       }
6557 │ │     },
     │ ╰^
     │  
     = @react-native-community/cli-server-api: Command injection in React Native CLI
     = The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server and run arbitrary executables. On Windows, the attackers can also execute arbitrary shell commands with fully controlled arguments.

error: Package: braces
Installed Version: 2.3.2
Vulnerability CVE-2024-4068
Severity: HIGH
Fixed Version: 3.0.3
Link: [CVE-2024-4068](https://avd.aquasec.com/nvd/cve-2024-4068)
      ┌─ src/list/package-lock.json:20731:1
      │  
20731 │ ╭     "node_modules/jscodeshift/node_modules/braces": {
20732 │ │       "version": "2.3.2",
20733 │ │       "license": "MIT",
20734 │ │       "optional": true,
      · │
20749 │ │       }
20750 │ │     },
      │ ╰^
      │  
      = braces: fails to limit the number of characters it can handle
      = The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.

error: Package: cross-spawn
Installed Version: 6.0.5
Vulnerability CVE-2024-21538
Severity: HIGH
Fixed Version: 7.0.5, 6.0.6
Link: [CVE-2024-21538](https://avd.aquasec.com/nvd/cve-2024-21538)
      ┌─ src/list/package-lock.json:13833:1
      │  
13833 │ ╭     "node_modules/execa/node_modules/cross-spawn": {
13834 │ │       "version": "6.0.5",
13835 │ │       "devOptional": true,
13836 │ │       "license": "MIT",
      · │
13846 │ │       }
13847 │ │     },
      │ ╰^
      │  
      = cross-spawn: regular expression denial of service
      = Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.

error: Package: cross-spawn
Installed Version: 7.0.3
Vulnerability CVE-2024-21538
Severity: HIGH
Fixed Version: 7.0.5, 6.0.6
Link: [CVE-2024-21538](https://avd.aquasec.com/nvd/cve-2024-21538)
      ┌─ src/list/package-lock.json:11442:1
      │  
11442 │ ╭     "node_modules/cross-spawn": {
11443 │ │       "version": "7.0.3",
11444 │ │       "devOptional": true,
11445 │ │       "license": "MIT",
      · │
11453 │ │       }
11454 │ │     },
      │ ╰^
      │  
      = cross-spawn: regular expression denial of service
      = Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.

error: Package: ws
Installed Version: 6.2.2
Vulnerability CVE-2024-37890
Severity: HIGH
Fixed Version: 5.2.4, 6.2.3, 7.5.10, 8.17.1
Link: [CVE-2024-37890](https://avd.aquasec.com/nvd/cve-2024-37890)
      ┌─ src/list/package-lock.json:29093:1
      │  
29093 │ ╭     "node_modules/ws": {
29094 │ │       "version": "6.2.2",
29095 │ │       "license": "MIT",
29096 │ │       "optional": true,
      · │
29099 │ │       }
29100 │ │     },
      │ ╰^
      │  
      = nodejs-ws: denial of service when handling a request with many HTTP headers
      = ws is an open source WebSocket client and server for Node.js. A request with a number of headers exceeding theserver.maxHeadersCount threshold could be used to crash a ws server. The vulnerability was fixed in [email protected] (e55e510) and backported to [email protected] (22c2876), [email protected] (eeb76d3), and [email protected] (4abd8f6). In vulnerable versions of ws, the issue can be mitigated in the following ways: 1. Reduce the maximum allowed length of the request headers using the --max-http-header-size=size and/or the maxHeaderSize options so that no more headers than the server.maxHeadersCount limit can be sent

(Truncated to 5714 characters out of 9756)

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx [email protected] --custom-flavor-setup --custom-flavor-linters PYTHON_BLACK,PYTHON_FLAKE8,PYTHON_ISORT,PYTHON_BANDIT,PYTHON_MYPY,PYTHON_RUFF,ACTION_ACTIONLINT,BASH_EXEC,BASH_SHELLCHECK,BASH_SHFMT,CSHARP_CSHARPIER,CSHARP_ROSLYNATOR,CSS_STYLELINT,DOCKERFILE_HADOLINT,EDITORCONFIG_EDITORCONFIG_CHECKER,ENV_DOTENV_LINTER,GROOVY_NPM_GROOVY_LINT,HTML_DJLINT,HTML_HTMLHINT,JAVA_CHECKSTYLE,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_KICS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,XML_XMLLINT,YAML_PRETTIER