chore(deps): update dependency checkov to v3.2.183
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| checkov | patch |
3.2.150 -> 3.2.183
|
Release Notes
bridgecrewio/checkov (checkov)
v3.2.183
Feature
- terraform_plan: support tf_plan after_unknown enrichment - #6517
Bug Fix
- secrets: small fix for filtering - #6562
Platform
- general: pass repo ID to runconfig - #6560
v3.2.182
v3.2.181
v3.2.180
v3.2.179
Feature
- arm: add CKV_AZURE_206 to ensure that Storage Accounts use replication - #6524
- arm: BCE-33785 Support Azure Synapse Analytics policies - #6513
v3.2.178
v3.2.177
Bug Fix
- sast: fix cdk policies - #6552
v3.2.176
v3.2.175
Feature
- arm: AzureSearchSQLQueryUpdates - #6543
v3.2.174
Feature
- arm: add CKV_AZURE_172 to ensure autorotation of Secrets Store CSI Driver secrets for AKS clusters - #6533
- arm: add CKV_AZURE_173 to ensure that API management uses at least TLS 1.2 - #6478
- arm: AppServicePlanZoneRedundant - #6472
- arm: AzureSearchSLAIndex - #6530
- arm: SQLDatabaseZoneRedundant - #6515
- azure: add new policies for Azure Synapse - #6520
- general: update detect secrets package - #6535
v3.2.173
v3.2.172
v3.2.171
Feature
- arm: add CKV_AZURE_171 to ensure that AKS cluster upgrade channel is chosen - #6532
- arm: add CKV_AZURE_175 to ensure that Web PubSub uses a SKU with an SLA - #6523
- arm: add CKV_AZURE_178 to ensure that linux VM enables SSH with keys for secure communication - #6486
- arm: add CKV_AZURE_85 to ensure that Azure Defender is set to On for Kubernetes - #6279
- arm: CKV_AZURE_99 to Ensure Cosmos DB accounts have restricted access - #6498
- arm: DataFactoryNoPublicNetworkAccess - #6479
- arm: DataLakeStoreEncryption - #6516
- arm: EventHubNamespaceMinTLS12 - #6485
Bug Fix
- openapi: [CKV_OPENAPI_3] Prevent false-positive when checking for http+!basic - #6406
- terraform_json: support locals block in CDKTF output - #6452
- terraform: Deprecate CKV2_AWS_67 - #6529
v3.2.170
v3.2.169
v3.2.168
v3.2.167
v3.2.166
v3.2.165
v3.2.164
Documentation
- general: Add Python note - #6521
v3.2.163
Feature
- arm: add CKV_AZURE_174 to ensure that API management public access is disabled - #6480
- arm: AppServicePHPVersion - #6436
- arm: AppServicePublicAccessDisabled - #6467
- arm: KeyVaultEnablesPurgeProtection - #6465
- arm: PubsubSpecifyIdentity - #6483
v3.2.162
v3.2.161
v3.2.160
v3.2.159
Bug Fix
-
arm: fix CKV_AZURE_78:
siteConfigobject should be underproperties- #6477 - general: Mypy issues - #6510
- terraform: ignore comment out modules - #6507
v3.2.158
v3.2.157
v3.2.156
Feature
- arm: add CKV_AZURE_129 Ensure that MariaDB server enables geo-redundant backups - #6427
- arm: add CKV_AZURE_137 Ensure ACR admin account is disabled - #6430
- arm: add CKV_AZURE_139 Ensure ACR set to disable public networking - #6428
- arm: add CKV_AZURE_166 Ensure container image quarantine, scan, and mark images verified - #6431
- arm: add CKV_AZURE_168 to ensure that Azure Kubernetes Cluster (AKS) nodes should use a minimum number of 50 pods - #6385
- arm: add CKV_AZURE_45 to ensure that no sensitive credentials are exposed in VM custom_data - #6422
- arm: add CKV_AZURE_70 to ensure that Function apps is only accessible over HTTPS - #6457
- arm: ARM AppServiceSlotDebugDisabled - CKV_AZURE_155 - #6453
- arm: ARM AppServiceSlotHTTPSOnly - #6454
- arm: ARM VnetLocalDNS - #6424
- arm: PostgressSQLGeoBackupEnabled - #6456
- arm: StorageAccountName - #6426
- secrets: dont filter secrets - #6508
Bug Fix
- azure: fix description of CKV_AZURE_236 - #6503
- kubernetes: Fix CKV_K8S_31 for CronJobs - #6506
- sca: fix parsing json with comments - #6509
- terraform: CKV_AWS_339 add Kubernetes 1.30 to AWS EKS version checks - #6353
- terraform: remove print from CKV_AWS_364 - #6504
v3.2.155
v3.2.154
v3.2.153
v3.2.152
v3.2.151
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.
Edited by Soos