Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
[//]: # "
PR Title
We use the title to create changelog automatically and therefore only allow specific prefixes
- break: to indicate a breaking change, this supersedes any of the other types
- feat: to indicate new features or checks
- fix: to indicate a bugfix or handling of edge cases of existing checks
- docs: to indicate an update to our documentation
- chore: to indicate adjustments to workflow files or dependency updates
- platform: to indicate a change needed for the platform
Each prefix should be accompanied by a scope that specifies the targeted framework. If uncertain, use 'general'.
#
Allowed prefixs:
ansible|argo|arm|azure|bicep|bitbucket|circleci|cloudformation|dockerfile|github|gha|gitlab|helm|kubernetes|kustomize|openapi|sast|sca|secrets|serverless|terraform|general|graph|terraform_plan|terraform_json
#
ex.
feat(terraform): add CKV_AWS_123 to ensure that VPC Endpoint Service is configured for Manual Acceptance
"
Description
Bump secrets
Checklist:
[x] I have performed a self-review of my own code
[ ] I have commented my code, particularly in hard-to-understand areas
[ ] I have made corresponding changes to the documentation
[x] I have added tests that prove my feature, policy, or fix is effective and works
[x] New and existing tests pass locally with my changes
Generated description
Below is a concise technical summary of the changes proposed in this PR:
Update the bc-detect-secrets dependency from version 1.5.22 to 1.5.24 across multiple files, including Pipfile, Pipfile.lock, and setup.py. This change ensures that the project uses the latest version of the bc-detect-secrets package, which is crucial for maintaining up-to-date security checks. The update involves modifying the version numbers and associated hash values in the lock files to reflect the new version.
<table><tr><th>Topic</th><th>Details</th><tr><td><a href=https://baz.co/changes/bridgecrewio/checkov/6853?tool=ast&topic=Dependency+Update>Dependency Update</a>
</td><td>Update the <code>bc-detect-secrets</code> dependency to the latest version to ensure up-to-date security checks.<details><summary>Modified files (3)</summary><ul><li>Pipfile</li>
Pipfile.lock
setup.py
Latest Contributors(2)
User
Commit
Date
Saarett@users.noreply....
chore-general-Fix-depe...
November 12, 2024
tomerlevi1983@gmail.com
feat-general-remove-sp...
November 12, 2024
This pull request is reviewed by Baz. Join @tsmithv11 and the rest of your team on (Baz).
User description
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
[//]: # "
PR Title
"
Description
Bump secrets
Checklist:
Generated description
Below is a concise technical summary of the changes proposed in this PR:
Update the
bc-detect-secretsdependency from version 1.5.22 to 1.5.24 across multiple files, includingPipfile,Pipfile.lock, andsetup.py. This change ensures that the project uses the latest version of thebc-detect-secretspackage, which is crucial for maintaining up-to-date security checks. The update involves modifying the version numbers and associated hash values in the lock files to reflect the new version.Latest Contributors(2)