Skip to content

chore(deps): update dependency checkov to v3.2.109

Soos requested to merge renovate/checkov-patch into main

This MR contains the following updates:

Package Update Change
checkov patch 3.2.91 -> 3.2.109

Release Notes

bridgecrewio/checkov (checkov)

v3.2.109

Compare Source

v3.2.108

Compare Source

Bug Fix
  • sast: don't scan hidden files - #​6349

v3.2.107

Compare Source

Bug Fix
  • terraform: Handle registry modules with a version in CKF_TF_2 - #​6354

v3.2.106

Compare Source

Feature
  • arm: Ensure Databricks Workspace data plane to control plane co… - #​6319
  • general: TF and ARM - Ensure that Databricks Workspaces enable… - #​6313
  • secrets: Bump detect-secrets - #​6346

v3.2.105

Compare Source

Feature
  • arm: add AppServiceJavaVersion - #​6258
  • arm: add CKV_AZURE_145 to check that the function app uses the latest version of TLS encryption - #​6323
  • arm: add CKV_AZURE_218 to ensure that Application Gateway defines secure protocols for in transit communicationApp gw defines secure protocols - #​6320
  • arm: add CKV_AZURE_54 to ensure Enforce a minimal Tls version for the server - #​6270
  • arm: add CKV_AZURE_71 to Ensure that Managed identity provider is enabled for web apps - #​6272
  • arm: add CKV_AZURE_72 to ensure that remote debugging is not enabled for app services - #​6281
  • arm: AzureDefenderOStorage - #​6269
  • arm: MySQLPublicAccessDisabled-Azure MySQL: Restrict Public Access - #​6263
  • arm: StorageSyncPublicAccessDisabled - #​6331
  • secrets: eliminate false positives in entropy keyword combinator detector - #​6327
Bug Fix
  • ansible: fix ansible resource id in local graph - #​6344
  • secrets: fix entropy type - #​6347

v3.2.104

Compare Source

v3.2.103

Compare Source

v3.2.102

Compare Source

v3.2.101

Compare Source

v3.2.100

Compare Source

Feature
  • sast: TS-legacy-checks - #​6311
  • secrets: entropy limit as env variable - #​6332

v3.2.99

Compare Source

v3.2.98

Compare Source

Bug Fix
  • terraform: Remove invalid CIDRs in CKV2_AWS_44 - #​6301

v3.2.97

Compare Source

Feature
  • arm: add CKV_AZURE_73 to ensure that Automation account variables are encrypted - #​6271
  • arm: add CKV_AZURE_76 to ensure that Azure Batch account uses key vault to encrypt data - #​6280
  • arm: add FunctionAppDisallowCORS - password correctness check - #​6248
  • arm: ARM FunctionAppHttpVersionLatest policy - #​6244
  • arm: CKV_AZURE_74 to Ensure that Azure Data Explorer (Kusto) uses disk encryption - #​6273
  • arm: MSSQLServerMinTLSVersion - #​6245

v3.2.96

Compare Source

v3.2.95

Compare Source

Bug Fix
  • terraform: handle module source tag ref when it is not the first parameter - #​6314

v3.2.94

Compare Source

Bug Fix
  • sast: fix random test sast js - #​6315
Platform
  • general: Double-Encode URI for RelayState Parameter - #​6302

v3.2.93

Compare Source

v3.2.92

Compare Source

Feature
  • sast: CDK TypeScript policies - #​6161
  • terraform: add check for tf module versioned tag - #​6213
Bug Fix
  • secrets: secret_filter_block_list filter by file name and suffixes - #​6285
  • secrets: secret_filter_block_list filter by file name and suffixes 2 - #​6306
Platform
  • general: Fix policy.name to use the spaces as specified on CLI. - #​6296

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Edited by Soos

Merge request reports