build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.41.9 to 1.41.11 by dependabot[bot] · Pull Request #280 · iggy/botkube

dependabot · 2026-06-04T00:26:51Z

Bumps github.com/aws/aws-sdk-go-v2 from 1.41.9 to 1.41.11.

Commits

fa369bd Release 2026-06-03
960ee4d Regenerated Clients
4b6df8b Update endpoints model
30b15dd Update API model
e8c72af enable schema-serde (#3421)
b4d02c5 Release 2026-06-02
48e375b Regenerated Clients
b8a4fc1 Update API model
e8627b4 Merge pull request #3430 from aws/fix-remove-ioutil
4e258a3 chore: update changelog description per review
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/aws/aws-sdk-go-v2](https://github.com/aws/aws-sdk-go-v2) from 1.41.9 to 1.41.11. - [Release notes](https://github.com/aws/aws-sdk-go-v2/releases) - [Commits](aws/aws-sdk-go-v2@v1.41.9...v1.41.11) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go-v2 dependency-version: 1.41.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-06-04T00:31:58Z

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Errors	Warnings	Elapsed time
✅ COPYPASTE	jscpd	yes	no	no	9.54s
⚠️ REPOSITORY	checkov	yes	40	no	55.95s
⚠️ REPOSITORY	devskim	yes	1	no	3.43s
✅ REPOSITORY	dustilock	yes	no	no	0.03s
✅ REPOSITORY	gitleaks	yes	no	no	12.24s
✅ REPOSITORY	git_diff	yes	no	no	0.12s
✅ REPOSITORY	grype	yes	no	no	95.11s
✅ REPOSITORY	kingfisher	yes	no	no	9.36s
❌ REPOSITORY	osv-scanner	yes	1	no	78.54s
✅ REPOSITORY	secretlint	yes	no	no	5.14s
✅ REPOSITORY	syft	yes	no	no	12.03s
✅ REPOSITORY	trivy	yes	no	no	31.35s
✅ REPOSITORY	trivy-sbom	yes	no	no	21.78s
✅ REPOSITORY	trufflehog	yes	no	no	4.22s

Detailed Issues

❌ REPOSITORY / osv-scanner - 1 error

Scanning dir .
Starting filesystem walk for root: /
Scanned go.mod file and found 260 packages
Scanned examples/src/go.mod file and found 9 packages
Scanned test/go.mod file and found 167 packages
End status: 260 dirs visited, 1040 inodes visited, 3 Extract calls, 76.294104ms elapsed, 76.294395ms wall time
Filtered 1 local/unscannable package/s from the scan.
Failed to run code analysis (govulncheck) on 'test/go.mod' because govulncheck: loading packages: err: exit status 1: stderr: go: updates to go.mod needed; to update it:
	go mod tidy

(the Go toolchain is required)

Total 3 packages affected by 8 known vulnerabilities (0 Critical, 0 High, 0 Medium, 0 Low, 8 Unknown) from 1 ecosystem.
8 vulnerabilities can be fixed.

+------------------------------+------+-----------+---------+---------+---------------+---------------------+
| OSV URL                      | CVSS | ECOSYSTEM | PACKAGE | VERSION | FIXED VERSION | SOURCE              |
+------------------------------+------+-----------+---------+---------+---------------+---------------------+
| https://osv.dev/GO-2026-5037 |      | Go        | stdlib  | 1.25.10 | 1.25.11       | examples/src/go.mod |
| https://osv.dev/GO-2026-5039 |      | Go        | stdlib  | 1.25.10 | 1.25.11       | examples/src/go.mod |
| https://osv.dev/GO-2026-5037 |      | Go        | stdlib  | 1.26.3  | 1.26.4        | go.mod              |
| https://osv.dev/GO-2026-5038 |      | Go        | stdlib  | 1.26.3  | 1.26.4        | go.mod              |
| https://osv.dev/GO-2026-5039 |      | Go        | stdlib  | 1.26.3  | 1.26.4        | go.mod              |
| https://osv.dev/GO-2026-5037 |      | Go        | stdlib  | 1.26.3  | 1.26.4        | test/go.mod         |
| https://osv.dev/GO-2026-5038 |      | Go        | stdlib  | 1.26.3  | 1.26.4        | test/go.mod         |
| https://osv.dev/GO-2026-5039 |      | Go        | stdlib  | 1.26.3  | 1.26.4        | test/go.mod         |
+------------------------------+------+-----------+---------+---------+---------------+---------------------+

⚠️ REPOSITORY / checkov - 40 errors

steps[4](Run chart-testing)
	File: /.github/workflows/publish-chart.yml:42-48
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(process-chart).steps[5](Package chart)
	File: /.github/workflows/publish-chart.yml:47-55
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(process-chart).steps[6](Log in to GHCR)
	File: /.github/workflows/publish-chart.yml:54-62
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(process-chart).steps[7](Push chart to GHCR (OCI))
	File: /.github/workflows/publish-chart.yml:61-68
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[1]
	File: /.github/workflows/publish-chart.yml:22-28
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[2](Update Chart Version in YAML Files)
	File: /.github/workflows/publish-chart.yml:27-40
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[3](Set up chart-testing)
	File: /.github/workflows/publish-chart.yml:39-43
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[4](Run chart-testing)
	File: /.github/workflows/publish-chart.yml:42-48
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[5](Package chart)
	File: /.github/workflows/publish-chart.yml:47-55
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[6](Log in to GHCR)
	File: /.github/workflows/publish-chart.yml:54-62
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(process-chart).steps[7](Push chart to GHCR (OCI))
	File: /.github/workflows/publish-chart.yml:61-68
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[1]
	File: /.github/workflows/publish-chart.yml:22-28
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[2](Update Chart Version in YAML Files)
	File: /.github/workflows/publish-chart.yml:27-40
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[3](Set up chart-testing)
	File: /.github/workflows/publish-chart.yml:39-43
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[4](Run chart-testing)
	File: /.github/workflows/publish-chart.yml:42-48
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[5](Package chart)
	File: /.github/workflows/publish-chart.yml:47-55
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[6](Log in to GHCR)
	File: /.github/workflows/publish-chart.yml:54-62
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(process-chart).steps[7](Push chart to GHCR (OCI))
	File: /.github/workflows/publish-chart.yml:61-68
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[1]
	File: /.github/workflows/publish-chart.yml:22-28
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[2](Update Chart Version in YAML Files)
	File: /.github/workflows/publish-chart.yml:27-40
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[3](Set up chart-testing)
	File: /.github/workflows/publish-chart.yml:39-43
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[4](Run chart-testing)
	File: /.github/workflows/publish-chart.yml:42-48
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[5](Package chart)
	File: /.github/workflows/publish-chart.yml:47-55
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[6](Log in to GHCR)
	File: /.github/workflows/publish-chart.yml:54-62
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(process-chart).steps[7](Push chart to GHCR (OCI))
	File: /.github/workflows/publish-chart.yml:61-68
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(workflow-metadata)
	File: /.github/workflows/cut-new-release.yml:18-55
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(release-branch)
	File: /.github/workflows/cut-new-release.yml:55-101
Check: CKV_GHA_6: "Found artifact build without evidence of cosign sbom attestation in pipeline"
	PASSED for resource: jobs
	File: /.github/workflows/cut-new-release.yml:17-101
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(workflow-metadata)
	File: /.github/workflows/cut-new-release.yml:18-55
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(release-branch)
	File: /.github/workflows/cut-new-release.yml:55-101
Check: CKV_GHA_5: "Found artifact build without evidence of cosign sign execution in pipeline"
	PASSED for resource: jobs
	File: /.github/workflows/cut-new-release.yml:17-101
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(workflow-metadata)
	File: /.github/workflows/cut-new-release.yml:18-55
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(release-branch)
	File: /.github/workflows/cut-new-release.yml:55-101
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(workflow-metadata)
	File: /.github/workflows/cut-new-release.yml:18-55
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(release-branch)
	File: /.github/workflows/cut-new-release.yml:55-101
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(workflow-metadata).steps[1]
	File: /.github/workflows/cut-new-release.yml:24-30
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(workflow-metadata).steps[2](Extract)
	File: /.github/workflows/cut-new-release.yml:29-55
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(release-branch).steps[1]
	File: /.github/workflows/cut-new-release.yml:59-66
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(release-branch).steps[2](Set git 'user.name' and 'user.email')
	File: /.github/workflows/cut-new-release.yml:65-71
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(release-branch).steps[3](Add note for previous version)
	File: /.github/workflows/cut-new-release.yml:70-96
Check: CKV_GHA_3: "Suspicious use of curl with secrets"
	PASSED for resource: jobs(release-branch).steps[4](Create a release branch)
	File: /.github/workflows/cut-new-release.yml:95-101
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(workflow-metadata).steps[1]
	File: /.github/workflows/cut-new-release.yml:24-30
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(workflow-metadata).steps[2](Extract)
	File: /.github/workflows/cut-new-release.yml:29-55
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(release-branch).steps[1]
	File: /.github/workflows/cut-new-release.yml:59-66
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(release-branch).steps[2](Set git 'user.name' and 'user.email')
	File: /.github/workflows/cut-new-release.yml:65-71
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(release-branch).steps[3](Add note for previous version)
	File: /.github/workflows/cut-new-release.yml:70-96
Check: CKV_GHA_2: "Ensure run commands are not vulnerable to shell injection"
	PASSED for resource: jobs(release-branch).steps[4](Create a release branch)
	File: /.github/workflows/cut-new-release.yml:95-101
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(workflow-metadata).steps[1]
	File: /.github/workflows/cut-new-release.yml:24-30
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(workflow-metadata).steps[2](Extract)
	File: /.github/workflows/cut-new-release.yml:29-55
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(release-branch).steps[1]
	File: /.github/workflows/cut-new-release.yml:59-66
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(release-branch).steps[2](Set git 'user.name' and 'user.email')
	File: /.github/workflows/cut-new-release.yml:65-71
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(release-branch).steps[3](Add note for previous version)
	File: /.github/workflows/cut-new-release.yml:70-96
Check: CKV_GHA_4: "Suspicious use of netcat with IP address"
	PASSED for resource: jobs(release-branch).steps[4](Create a release branch)
	File: /.github/workflows/cut-new-release.yml:95-101
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(workflow-metadata).steps[1]
	File: /.github/workflows/cut-new-release.yml:24-30
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(workflow-metadata).steps[2](Extract)
	File: /.github/workflows/cut-new-release.yml:29-55
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(release-branch).steps[1]
	File: /.github/workflows/cut-new-release.yml:59-66
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(release-branch).steps[2](Set git 'user.name' and 'user.email')
	File: /.github/workflows/cut-new-release.yml:65-71
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(release-branch).steps[3](Add note for previous version)
	File: /.github/workflows/cut-new-release.yml:70-96
Check: CKV_GHA_1: "Ensure ACTIONS_ALLOW_UNSECURE_COMMANDS isn't true on environment variables"
	PASSED for resource: jobs(release-branch).steps[4](Create a release branch)
	File: /.github/workflows/cut-new-release.yml:95-101
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	PASSED for resource: on(Publish main helm chart)
	File: /.github/workflows/publish-chart.yml:14-18
Check: CKV_GHA_7: "The build output cannot be affected by user parameters other than the build entry point and the top-level source location. GitHub Actions workflow_dispatch inputs MUST be empty. "
	FAILED for resource: on(Finalize release)
	File: /.github/workflows/finalize-release.yml:6-12

		6  |       version:
		7  |         type: string
		8  |         description: Version of the release to finalize (e.g. v0.15.0)
		9  |         required: true
		10 | 
		11 | env:
		12 |   git-user: github-actions[bot]

Check: CKV_GHA_7: "The build output cannot be affected by user parameters other than the build entry point and the top-level source location. GitHub Actions workflow_dispatch inputs MUST be empty. "
	FAILED for resource: on(Cut a new release)
	File: /.github/workflows/cut-new-release.yml:6-12

		6  |       version:
		7  |         type: string
		8  |         description: Version of the next release (e.g. v0.15.0)
		9  |         required: true
		10 | 
		11 | env:
		12 |   git-user: github-actions[bot]

Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Process chart)
	File: /.github/workflows/process-chart.yml:0-1
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Release)
	File: /.github/workflows/release.yml:0-1
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Prepare next release candidate)
	File: /.github/workflows/next-rc.yml:0-1
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Branch build)
	File: /.github/workflows/branch-build.yml:41-42
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Finalize release)
	File: /.github/workflows/finalize-release.yml:0-1
Check: CKV2_GHA_1: "Ensure top-level permissions are not set to write-all"
	FAILED for resource: on(Cut a new release)
	File: /.github/workflows/cut-new-release.yml:0-1

(Truncated to last 13333 characters out of 143214)

⚠️ REPOSITORY / devskim - 1 error

evSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"hack/target/serve-plugins/main.go"},"region":{"startLine":16,"startColumn":66,"endLine":16,"endColumn":75,"charOffset":334,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"internal/source/kubernetes/recommendation/ingress_backend_service_valid.go"},"region":{"startLine":59,"startColumn":7,"endLine":59,"endColumn":11,"charOffset":2041,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/config_test.go"},"region":{"startLine":29,"startColumn":62,"endLine":29,"endColumn":71,"charOffset":1061,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/discord.go"},"region":{"startLine":353,"startColumn":4,"endLine":353,"endColumn":8,"charOffset":10980,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/discord.go"},"region":{"startLine":188,"startColumn":3,"endLine":188,"endColumn":7,"charOffset":6161,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/discord.go"},"region":{"startLine":27,"startColumn":3,"endLine":27,"endColumn":7,"charOffset":588,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/slack_renderer_test.go"},"region":{"startLine":50,"startColumn":30,"endLine":50,"endColumn":39,"charOffset":1426,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/manager_remote_test.go"},"region":{"startLine":178,"startColumn":44,"endLine":178,"endColumn":48,"charOffset":5351,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/manager_remote_test.go"},"region":{"startLine":130,"startColumn":45,"endLine":130,"endColumn":49,"charOffset":4049,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/manager_remote_test.go"},"region":{"startLine":68,"startColumn":51,"endLine":68,"endColumn":55,"charOffset":2006,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/mattermost.go"},"region":{"startLine":358,"startColumn":4,"endLine":358,"endColumn":8,"charOffset":11218,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/mattermost.go"},"region":{"startLine":47,"startColumn":3,"endLine":47,"endColumn":7,"charOffset":1269,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/mattermost.go"},"region":{"startLine":28,"startColumn":3,"endLine":28,"endColumn":7,"charOffset":581,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS112852","level":"note","message":{"text":"Go - Hard-coded SSL/TLS Protocol"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/grpcx/credentials.go"},"region":{"startLine":47,"startColumn":39,"endLine":47,"endColumn":51,"charOffset":1393,"charLength":12,"snippet":{"text":"VersionTLS13","rendered":{"text":"VersionTLS13","markdown":"`VersionTLS13`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Cryptography.Protocol.TLS.Hard-Coded"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/slack_socket.go"},"region":{"startLine":250,"startColumn":9,"endLine":250,"endColumn":13,"charOffset":8620,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/bot/slack_socket.go"},"region":{"startLine":32,"startColumn":3,"endLine":32,"endColumn":7,"charOffset":769,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/plugin.go"},"region":{"startLine":70,"startColumn":6,"endLine":70,"endColumn":10,"charOffset":2150,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/plugin.go"},"region":{"startLine":36,"startColumn":5,"endLine":36,"endColumn":9,"charOffset":1012,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/config.go"},"region":{"startLine":262,"startColumn":59,"endLine":262,"endColumn":63,"charOffset":8611,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/config.go"},"region":{"startLine":214,"startColumn":64,"endLine":214,"endColumn":68,"charOffset":7021,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS162092","level":"note","message":{"text":"Do not leave debug code in production"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/testdata/TestLoadConfigSuccess/config.golden.yaml"},"region":{"startLine":153,"startColumn":18,"endLine":153,"endColumn":27,"charOffset":3376,"charLength":9,"snippet":{"text":"localhost","rendered":{"text":"localhost","markdown":"`localhost`"}},"sourceLanguage":"yaml"}}}],"properties":{"tags":["Hygiene.Network.AccessingLocalhost"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/config/redacted.go"},"region":{"startLine":12,"startColumn":4,"endLine":12,"endColumn":8,"charOffset":207,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/formatx/space_table.go"},"region":{"startLine":28,"startColumn":3,"endLine":28,"endColumn":7,"charOffset":517,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/execute/executor.go"},"region":{"startLine":149,"startColumn":6,"endLine":149,"endColumn":10,"charOffset":4950,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":".github/workflows/branch-build.yml"},"region":{"startLine":16,"startColumn":27,"endLine":16,"endColumn":31,"charOffset":318,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"yaml"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"cmd/botkube-agent/main.go"},"region":{"startLine":251,"startColumn":4,"endLine":251,"endColumn":8,"charOffset":8508,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}},{"ruleId":"DS176209","level":"note","message":{"text":"Suspicious comment"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"pkg/api/source/grpc_adapter.go"},"region":{"startLine":175,"startColumn":7,"endLine":175,"endColumn":11,"charOffset":5454,"charLength":4,"snippet":{"text":"TODO","rendered":{"text":"TODO","markdown":"`TODO`"}},"sourceLanguage":"go"}}}],"properties":{"tags":["Hygiene.Comment.Suspicious"],"DevSkimSeverity":"ManualReview","DevSkimConfidence":"High"}}],"columnKind":"utf16CodeUnits"}]}

(Truncated to last 13333 characters out of 24930)

Notices

📣 MegaLinter 9.5.0 is out! Discover the new features and security recommendations in the release announcement. (Skip this info by defining SECURITY_SUGGESTIONS: false)

See detailed reports in MegaLinter artifacts
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

Show us your support by starring ⭐ the repository

dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jun 4, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.41.9 to 1.41.11#280

build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.41.9 to 1.41.11#280
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/aws/aws-sdk-go-v2-1.41.11

dependabot Bot commented on behalf of github Jun 4, 2026

Uh oh!

github-actions Bot commented Jun 4, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 4, 2026

Uh oh!

github-actions Bot commented Jun 4, 2026

❌MegaLinter analysis: Error

Detailed Issues

Notices

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants