Merge branch 'master' into dependabot/pip/mkdocs-monorepo-plugin-1.1.0

codacy · Jan 9, 2024 · 45c0a74 · 45c0a74
2 parents 1cdb1a6 + 49d2d97
commit 45c0a74
Show file tree

Hide file tree

Showing 7 changed files with 76 additions and 47 deletions.
diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml
@@ -13,7 +13,7 @@ jobs:
 
       - name: Check for broken links
         id: lychee
-        uses: lycheeverse/lychee-action@v1.8.0
+        uses: lycheeverse/lychee-action@v1.9.0
         with:
           args: --verbose ./docs/**/*.md ./submodules/chart/docs/**/*.md
           jobSummary: true

diff --git a/docs/faq/troubleshooting/we-no-longer-have-access-to-this-repository.md b/docs/faq/troubleshooting/we-no-longer-have-access-to-this-repository.md
@@ -17,7 +17,7 @@ If you renamed the repository or moved it to a different account on the Git prov
 
 !!! info "This section applies only to GitLab and Bitbucket"
 
-Codacy uses SSH keys to clone your private repositories. Depending on the level of access that the user configuring the repository on Codacy has on the remote Git provider, an SSH key can be added either:
+On GitLab and Bitbucket organizations, Codacy uses SSH keys to clone your private repositories. Depending on the level of access that the user configuring the repository on Codacy has on the remote Git provider, an SSH key can be added either:
 
 -   Directly to the repository itself, if the user has permissions to add SSH keys to the repository
 -   To the user account, if the user only has read or commit permissions on the repository
@@ -30,7 +30,7 @@ If the user that initially configured the repository on Codacy was using a user
     This is only possible if the user configuring the integration with the remote Git provider has administrator access to the repository. Otherwise, this operation will fail. Alternatively, you can do this process manually by copying the SSH key.
 
     !!! note
-        If [your repository is using submodules on Codacy](../../repositories-configure/using-submodules.md), add a new SSH user key to your git provider account instead.
+        If [your repository is using submodules on Codacy](../../repositories-configure/using-submodules.md), add a new SSH user key to your Git provider account instead.
 
     ![Generate new key](images/we-no-longer-have-access-to-this-repository-new-key.png)
 

diff --git a/docs/getting-started/supported-languages-and-tools.md b/docs/getting-started/supported-languages-and-tools.md
@@ -72,7 +72,7 @@ The table below lists all languages that Codacy supports and the corresponding t
       <td><a href="https://github.com/bridgecrewio/checkov/">Checkov</a></td>
       <td>-</td>
       <td><a href="https://github.com/bridgecrewio/checkov/">Checkov</a>,
-          <a href="https://trivy.dev">Trivy</a><a href="#yaml-only"> <sup>2</sup></a></td>
+          <a href="https://trivy.dev">Trivy</a> <a href="#yaml-only"><sup>2</sup></a></td>
       <td>-</td>
       <td>-</td>
       <td>-</td>
@@ -88,7 +88,7 @@ The table below lists all languages that Codacy supports and the corresponding t
     </tr>
     <tr>
       <td>C</td>
-      <td><a href="https://clang.llvm.org/extra/clang-tidy/">Clang-Tidy</a><a href="#client-side"><sup>3</sup></a>,
+      <td><a href="https://clang.llvm.org/extra/clang-tidy/">Clang-Tidy</a> <a href="#client-side"><sup>3</sup></a>,
           <a href="http://cppcheck.sourceforge.net/">Cppcheck</a>,
           <a href="https://dwheeler.com/flawfinder/">Flawfinder</a>,
           <a href="https://semgrep.dev/">Semgrep</a> <a href="#semgrep"><sup>1</sup></a></td>
@@ -100,8 +100,8 @@ The table below lists all languages that Codacy supports and the corresponding t
     </tr>
     <tr>
       <td>C++</td>
-      <td><a href="https://clang.llvm.org/extra/clang-tidy/">Clang-Tidy</a><a href="#client-side"><sup>3</sup></a>,
-          <a href="http://cppcheck.sourceforge.net/">Cppcheck</a><a href="#cppcheck-misra"><sup>4</sup></a>,
+      <td><a href="https://clang.llvm.org/extra/clang-tidy/">Clang-Tidy</a> <a href="#client-side"><sup>3</sup></a>,
+          <a href="http://cppcheck.sourceforge.net/">Cppcheck</a> <a href="#cppcheck-misra"><sup>4</sup></a>,
           <a href="https://dwheeler.com/flawfinder/">Flawfinder</a>,
           <a href="https://semgrep.dev/">Semgrep</a> <a href="#semgrep"><sup>1</sup></a></td>
       <td>-</td>
@@ -149,7 +149,7 @@ The table below lists all languages that Codacy supports and the corresponding t
     </tr>
     <tr>
       <td>Dart</td>
-      <td><a href="https://github.com/dart-lang/sdk/tree/main/pkg/analyzer_cli">dartanalyzer</a><a href="#dart-limitations"><sup>5</sup></a></td>
+      <td><a href="https://github.com/dart-lang/sdk/tree/main/pkg/analyzer_cli">dartanalyzer</a> <a href="#dart-limitations"><sup>5</sup></a></td>
       <td>-</td>
       <td><a href="https://trivy.dev">Trivy</a></td>
       <td><a href="https://trivy.dev">Trivy</a>, scans <br><code>pubspec.yaml</code> (pub)</td>
@@ -187,12 +187,12 @@ The table below lists all languages that Codacy supports and the corresponding t
     </tr>
     <tr>
       <td>Go</td>
-      <td><a href="https://gitlab.com/opennota/check">aligncheck</a><a href="#client-side"><sup>3</sup></a>,
-          <a href="https://github.com/tsenart/deadcode">deadcode</a><a href="#client-side"><sup>3</sup></a>,
-          <a href="https://github.com/securego/gosec">Gosec</a><a href="#client-side"><sup>3</sup></a>,
+      <td><a href="https://gitlab.com/opennota/check">aligncheck</a> <a href="#client-side"><sup>3</sup></a>,
+          <a href="https://github.com/tsenart/deadcode">deadcode</a> <a href="#client-side"><sup>3</sup></a>,
+          <a href="https://github.com/securego/gosec">Gosec</a> <a href="#client-side"><sup>3</sup></a>,
           <a href="https://github.com/mgechev/revive">Revive</a>,
           <a href="https://semgrep.dev/">Semgrep</a> <a href="#semgrep"><sup>1</sup></a>,
-          <a href="https://staticcheck.io/">Staticcheck</a><a href="#client-side"><sup>3</sup></a></td>
+          <a href="https://staticcheck.io/">Staticcheck</a> <a href="#client-side"><sup>3</sup></a></td>
       <td>-</td>
       <td><a href="https://trivy.dev">Trivy</a></td>
       <td><a href="https://trivy.dev">Trivy</a>, scans <br><code>go.mod</code> and <code>go.sum</code> (mod)</td>
@@ -212,7 +212,7 @@ The table below lists all languages that Codacy supports and the corresponding t
       <td>Helm</td>
       <td>-</td>
       <td>-</td>
-      <td><a href="https://trivy.dev">Trivy</a><a href="#yaml-only"> <sup>2</sup></a></td>
+      <td><a href="https://trivy.dev">Trivy</a> <a href="#yaml-only"><sup>2</sup></a></td>
       <td>-</td>
       <td>-</td>
       <td>-</td>
@@ -222,13 +222,13 @@ The table below lists all languages that Codacy supports and the corresponding t
       <td><a href="https://checkstyle.sourceforge.io/">Checkstyle</a>,
           <a href="https://pmd.github.io/">PMD</a>,
           <a href="https://semgrep.dev/">Semgrep</a> <a href="#semgrep"><sup>1</sup></a>,
-          <a href="https://spotbugs.github.io/">SpotBugs</a><a href="#client-side"><sup>3</sup></a></td>
+          <a href="https://spotbugs.github.io/">SpotBugs</a> <a href="#client-side"><sup>3</sup></a></td>
       <td>-</td>
       <td><a href="https://pmd.github.io/">PMD</a>,
           <a href="https://trivy.dev">Trivy</a></td>
       <td>-</td>
       <td><a href="https://pmd.github.io/pmd/pmd_userdocs_cpd.html">PMD CPD</a></td>
-      <td><a href="https://pmd.github.io/">PMD</a></td>
+      <td><a href="https://pmd.github.io/">PMD</a> <a href="#complexity-limitations"><sup>6</sup></a></td>
     </tr>
     <tr>
       <td>JavaScript</td>
@@ -239,7 +239,7 @@ The table below lists all languages that Codacy supports and the corresponding t
       <td><a href="https://trivy.dev">Trivy</a></td>
       <td><a href="https://trivy.dev">Trivy</a>, scans <br><code>package.json</code> and <code>package-lock.json</code> (npm), <br><code>yarn.lock</code> (Yarn) </td>
       <td><a href="https://pmd.github.io/pmd/pmd_userdocs_cpd.html">PMD CPD</a></td>
-      <td><a href="https://eslint.org/">ESLint</a></td>
+      <td><a href="https://eslint.org/">ESLint</a> <a href="#complexity-limitations"><sup>6</sup></a></td>
     </tr>
     <tr>
       <td>JSON</td>
@@ -275,7 +275,7 @@ The table below lists all languages that Codacy supports and the corresponding t
       <td><a href="https://github.com/bridgecrewio/checkov/">Checkov</a></td>
       <td>-</td>
       <td><a href="https://github.com/bridgecrewio/checkov/">Checkov</a>,
-          <a href="https://trivy.dev">Trivy</a><a href="#yaml-only"> <sup>2</sup></a></td>
+          <a href="https://trivy.dev">Trivy</a> <a href="#yaml-only"><sup>2</sup></a></td>
       <td>-</td>
       <td>-</td>
       <td>-</td>
@@ -300,7 +300,7 @@ The table below lists all languages that Codacy supports and the corresponding t
     </tr>
     <tr>
       <td>Objective-C</td>
-      <td><a href="https://clang.llvm.org/extra/clang-tidy/">Clang-Tidy</a><a href="#client-side"><sup>3</sup></a></td>
+      <td><a href="https://clang.llvm.org/extra/clang-tidy/">Clang-Tidy</a> <a href="#client-side"><sup>3</sup></a></td>
       <td>-</td>
       <td>-</td>
       <td>-</td>
@@ -369,15 +369,15 @@ The table below lists all languages that Codacy supports and the corresponding t
       <td><a href="https://github.com/rubik/radon">Radon</a></td>
     </tr>
     <tr>
-      <td>Ruby<a href="#ruby-31"><sup>6</sup></a></td>
+      <td>Ruby <a href="#ruby-31"><sup>7</sup></a></td>
       <td><a href="https://brakemanscanner.org/">Brakeman</a>,
           <a href="https://github.com/rubocop/rubocop">RuboCop</a>,
           <a href="https://semgrep.dev/">Semgrep</a> <a href="#semgrep"><sup>1</sup></a></td>
       <td>-</td>
       <td><a href="https://trivy.dev">Trivy</a></td>
       <td><a href="https://trivy.dev">Trivy</a>, scans <br><code>Gemfile.lock</code> (Bundler) </td>
       <td><a href="https://github.com/seattlerb/flay">Flay</a></td>
-      <td><a href="https://github.com/rubocop/rubocop">RuboCop</a></td>
+      <td><a href="https://github.com/rubocop/rubocop">RuboCop</a> <a href="#complexity-limitations"><sup>6</sup></a></td>
     </tr>
     <tr>
       <td>Rust</td>
@@ -402,7 +402,7 @@ The table below lists all languages that Codacy supports and the corresponding t
       <td><a href="https://github.com/codacy/codacy-scalameta">Codacy Scalameta Pro</a>,
           <a href="http://www.scalastyle.org/">Scalastyle</a>,
           <a href="https://semgrep.dev/">Semgrep</a> <a href="#semgrep"><sup>1</sup></a>,
-          <a href="https://spotbugs.github.io/">SpotBugs</a><a href="#client-side"><sup>3</sup></a></td>
+          <a href="https://spotbugs.github.io/">SpotBugs</a> <a href="#client-side"><sup>3</sup></a></td>
       <td>-</td>
       <td>-</td>
       <td>-</td>
@@ -437,7 +437,7 @@ The table below lists all languages that Codacy supports and the corresponding t
       <td>-</td>
       <td><a href="https://trivy.dev">Trivy</a>, scans <br><code>Package.resolved</code> (SwiftPM) </td>
       <td><a href="https://pmd.github.io/pmd/pmd_userdocs_cpd.html">PMD CPD</a></td>
-      <td><a href="https://github.com/realm/SwiftLint">SwiftLint</a><a href="#swiftlint-complexity"><sup>7</sup></a></td>
+      <td><a href="https://github.com/realm/SwiftLint">SwiftLint</a><a href="#swiftlint-complexity"><sup>8</sup></a> <a href="#complexity-limitations"><sup>6</sup></a></td>
     </tr>
     <tr>
       <td>Terraform</td>
@@ -467,11 +467,11 @@ The table below lists all languages that Codacy supports and the corresponding t
       <td><a href="https://trivy.dev">Trivy</a></td>
       <td><a href="https://trivy.dev">Trivy</a>, scans <br><code>package.json</code> and <code>package-lock.json</code> (npm), <br><code>yarn.lock</code> (Yarn) </td>
       <td><a href="https://github.com/kucherenko/jscpd">jscpd</a></td>
-      <td><a href="https://eslint.org/">ESLint</a></td>
+      <td><a href="https://eslint.org/">ESLint</a> <a href="#complexity-limitations"><sup>6</sup></a></td>
     </tr>
     <tr>
       <td>Unity</td>
-      <td><a href="https://github.com/microsoft/Microsoft.Unity.Analyzers">Unity Roslyn Analyzers</a><a href="#client-side"><sup>3</sup></a></td>
+      <td><a href="https://github.com/microsoft/Microsoft.Unity.Analyzers">Unity Roslyn Analyzers</a> <a href="#client-side"><sup>3</sup></a></td>
       <td>-</td>
       <td>-</td>
       <td>-</td>
@@ -540,8 +540,9 @@ The table below lists all languages that Codacy supports and the corresponding t
 <sup><span id="client-side">3</span></sup>: Supported as a [client-side tool](../repositories-configure/local-analysis/client-side-tools.md).  
 <sup><span id="cppcheck-misra">4</span></sup>: Currently, Cppcheck only supports [checking the MISRA guidelines for C](https://cppcheck.sourceforge.io/misra.php).  
 <sup><span id="dart-limitations">5</span></sup>: Currently, Codacy only supports including the packages [lints](https://pub.dev/packages/lints) and [<span class="skip-vale">flutter_lints</span>](https://pub.dev/packages/flutter_lints) on dartanalyzer configuration files.  
-<sup><span id="ruby-31">6</span></sup>: Currently, Codacy doesn't support any static code analysis tool for [Ruby 3.1](https://www.ruby-lang.org/en/news/2021/12/25/ruby-3-1-0-released/).  
-<sup><span id="swiftlint-complexity">7</span></sup>: Supports [reporting warnings or errors](https://realm.github.io/SwiftLint/cyclomatic_complexity.html) on functions above specific complexity thresholds. Enable the rule **Cyclomatic Complexity** on the [Code patterns page](../repositories-configure/configuring-code-patterns.md), or use a [configuration file](https://realm.github.io/SwiftLint/index.html#configuration) to customize the thresholds.  
+<sup><span id="complexity-limitations">6</span></sup>: Doesn't calculate [the number of methods and the complexity per method](../repositories/files.md#file-details) for each file.  
+<sup><span id="ruby-31">7</span></sup>: Currently, Codacy doesn't support any static code analysis tool for [Ruby 3.1](https://www.ruby-lang.org/en/news/2021/12/25/ruby-3-1-0-released/).  
+<sup><span id="swiftlint-complexity">8</span></sup>: Supports [reporting warnings or errors](https://realm.github.io/SwiftLint/cyclomatic_complexity.html) on functions above specific complexity thresholds. Enable the rule **Cyclomatic Complexity** on the [Code patterns page](../repositories-configure/configuring-code-patterns.md), or use a [configuration file](https://realm.github.io/SwiftLint/index.html#configuration) to customize the thresholds.  
 <sup><span id="suggest-fixes">🔧</span></sup>: Supports [suggesting fixes](../repositories-configure/integrations/github-integration.md#suggest-fixes) for identified issues.
 
 ## Docker images of supported tools

diff --git a/docs/getting-started/which-permissions-does-codacy-need-from-my-account.md b/docs/getting-started/which-permissions-does-codacy-need-from-my-account.md
@@ -63,15 +63,15 @@ If you log in with GitHub, Codacy requires the following [app permissions](https
       <td>Read & Write</td>
       <td>Codacy sets the status of commits according to the result of code analysis.</td>
     </tr>
-    <tr>
-      <td>Administration</td>
-      <td>Read & Write</td>
-      <td><a href="#why-does-codacy-ask-for-permission-to-create-ssh-keys">Codacy creates an SSH key</a> on the repository to allow cloning and integrating with your repository.</td>
-    </tr>
     <tr>
       <td>Contents</td>
       <td>Read-Only</td>
-      <td>Codacy accesses repository contents to provide faster code coverage analysis and as part of an initiative to use GitHub App tokens instead of SSH keys when cloning repositories for code quality analysis.</td>
+      <td>Codacy retrieves repository contents to get installation access tokens when integrating with your repositories and clone them, and for code coverage analysis.<br/><strong>Codacy requests this permission since September 2023.</strong> Make sure an organization owner <a href="https://docs.github.com/en/apps/using-github-apps/reviewing-and-modifying-installed-github-apps">approves Codacy GitHub App updated permissions</a> on your GitHub organization.</td>
+    </tr>
+    <tr>
+      <td>Administration</td>
+      <td>Read & Write</td>
+      <td>This permission <strong>will soon be removed</strong> and is currently used as a fallback mechanism when the Contents permission isn't available. In this case, Codacy <a href="#why-does-codacy-ask-for-permission-to-create-ssh-keys">creates an SSH key on the repository</a> to allow cloning and integrating with your repository.<br/>To ensure Codacy keeps working correctly, make sure an organization owner <a href="https://docs.github.com/en/apps/using-github-apps/reviewing-and-modifying-installed-github-apps">approves Codacy GitHub App updated permissions</a> on your GitHub organization.</td>
     </tr>
     <tr>
       <td colspan="3"><strong>Organization permissions:</strong></td>
@@ -206,8 +206,16 @@ If you need to use an integration that you have previously revoked, log in again
 
 ## Why does Codacy ask for permission to create SSH keys?
 
+!!! note
+    **GitHub only:** Codacy will soon start using [installation access tokens](https://docs.github.com/en/apps/creating-github-apps/authenticating-with-a-github-app/generating-an-installation-access-token-for-a-github-app#about-installation-access-tokens) instead of SSH keys to integrate with your GitHub repositories and clone them. SSH keys are currently used as a fallback mechanism when the [Contents permission](#github-cloud) isn't available.
+
+    To ensure Codacy keeps working correctly, make sure an organization owner [approves Codacy GitHub App updated permissions](https://docs.github.com/en/apps/using-github-apps/reviewing-and-modifying-installed-github-apps) on your GitHub organization.
+
 When you add a private repository to Codacy, Codacy uses the integration with your Git provider to create a new SSH key on the repository. Codacy then uses that SSH key every time it needs to clone the repository.
 
-**Codacy only adds read-only SSH keys** and can't access any of your existing SSH keys. You have full control over which organizations and repositories Codacy is authorized to access, and you can also [revoke the keys created by Codacy at any time](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/reviewing-your-deploy-keys). Codacy doesn't change the contents or member privileges of any repository you authorize it to analyze.<!--NOTE Even though this section applies to all Git providers, we're only providing a link to the GitHub docs for the sake of simplicity.-->
+**Codacy only adds read-only SSH keys** and can't access any of your existing SSH keys. You have full control over which organizations and repositories Codacy is authorized to access. Codacy doesn't change the contents or member privileges of any repository you authorize it to analyze.
 
 We understand the desire for security and privacy and find that the SSH protocol is preferable to HTTPS as it separates Codacy's access rights from the one of the users.
+
+!!! tip
+    You can revoke the keys created by Codacy at any time. See [GitHub](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/reviewing-your-deploy-keys), [GitLab](https://docs.gitlab.com/ee/user/project/deploy_keys/), or [Bitbucket](https://support.atlassian.com/bitbucket-cloud/docs/configure-repository-settings/) documentation for further details.
diff --git a/docs/repositories-configure/images/repository-remove.png b/docs/repositories-configure/images/repository-remove.png
diff --git a/docs/repositories-configure/removing-your-repository.md b/docs/repositories-configure/removing-your-repository.md
@@ -16,4 +16,7 @@ To delete your repository from Codacy:
     ![Removing your repository](images/repository-remove.png)
 
     !!! note
-        For added security, after you remove the repository from Codacy you can delete the webhooks and SSH keys related to this Codacy repository from your Git provider to prevent their reuse.
+        For added security, after you remove the repository from Codacy you can delete from your Git provider the resources related to this Codacy repository to prevent their reuse:
+
+        -   Webhooks
+        -   SSH keys <!--TODO PLUTO-811 Add "(GitLab and Bitbucket only)"-->