chore(deps): update checkov-minor
This MR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| bridgecrewio/checkov | minor |
2.4.48 -> 2.5.18
|
|
| bridgecrewio/checkov | repository | minor |
2.3.358 -> 2.5.20
|
| checkov | minor |
2.4.48 -> 2.5.20
|
Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.
Release Notes
bridgecrewio/checkov (bridgecrewio/checkov)
v2.5.18
Feature
- general: Adds GHA support for skip-frameworks, skip-cve-package & output-bc-ids flags - #5619
- terraform: Ensure that the SQL database is zone-redundant - #5540
- terraform: Ensure the Azure Event Hub Namespace is zone redundant - #5538
Bug Fix
- bicep: enforce encryption flag to be string for CKV_AZURE_97 - #5669
- terraform_plan: Add provisioners to TF Plan parser - #5622
v2.5.15
Feature
- terraform: Support for merge func inside jsondecode - #5656
Bug Fix
- sca: make the abs path to be correcnt - #5660
v2.5.13
Feature
- arm: implement CKV_AZURE_103 for ARM - #5527
- arm: implement CKV_AZURE_96 for ARM - #5506
- arm: implement CKV_AZURE_97 for ARM - #5515
Bug Fix
- terraform: Added a check to make sure dynamic "blocks" are of the expected type - #5642
- terraform: update CKV_AWS_339 valid EKS versions - #5652
v2.5.11
Feature
- sca: giving file path on relative the the current dir for cases there is no either specified root_folder and the is no repo scan dir - #5654
v2.5.10
Feature
- terraform: support scanning of Terraform managed modules instead of downloading them - #5635
Bug Fix
- terraform: Fixing issues with checks CKV_AZURE_226 & CKV_AZURE_227 - #5638
v2.5.9
Feature
- sca: support case where there are no cves suppressions - #5636
v2.5.8
Feature
- general: Remove code upload for on-prem integrations - #5624
v2.5.6
Feature
Bug Fix
- terraform_plan: add azurerm_portal_dashboard to jsonify list - #5618
- terraform: check if the dynamic name is one of the resources block - #5607
v2.5.3
Breaking Change
- general: remove Python 3.7 - #5605
- graph: remove CHECKOV_CREATE_GRAPH env var to control graph creation - #5606
Bug Fix
- dockerfile: fix Docker image scan - #5617
- openapi: Take into account that security is at the root level of your OpenAPI specification. - #5603
- terraform: stop CKV_GCP_43 crashing when not a string - #5561
v2.4.61
Bug Fix
- terraform: fix upload resource_subgraph_maps - #5615
Platform
- terraform: Upload resource subgraph map - #5612
v2.4.59
Platform
- terraform: fix in subgraphs uploads - #5610
v2.4.58
Platform
- terraform: upload tf sub graphs - #5596
v2.4.57
Feature
- terraform: Ensure ephemeral disks are used for OS disks - #5584
- terraform: Ensure that App Service plan is zone redundant - #5577
- terraform: Ensure that the AKS cluster encrypt temp disks, caches, and data flows between Compute and Storage resources - #5588
v2.4.55
Feature
- general: Add image referencer rustworkx support - #5564
- general: Add rustworkx support - #5595
- terraform: Adding 2 new AWS policies - #5599
- terraform: simply IMDSv2 checks - #5601
v2.4.51
Feature
Bug Fix
- terraform: Adding missing null checks - #5589
v2.4.50
Feature
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.