Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
I'm experiencing an issue where Checkov fails to detect a secret in my local.env file. Specifically, the secret SYSTEM_PASSWORD: hello_123 (and other similar passwords) is not being flagged by Checkov.
@nigarnajafli
The entropy here is too low. The problem is in some languages “password = hello_123” the “hello_123” could be a variable not the password itself, so going off just “password” would be very noisy.
Hi. Example SYSTEM_PASSWORD: hello_123
I'm experiencing an issue where Checkov fails to detect a secret in my local.env file. Specifically, the secret SYSTEM_PASSWORD: hello_123 (and other similar passwords) is not being flagged by Checkov.