github-actions[bot]
commented
2 months ago Integration Test Results
20 testsβ Β±0βββ20 :white_check_mark: Β±0βββ7s :stopwatch: -1s β1 suites Β±0ββββ0 :zzz: Β±0β β1 filesββ Β±0ββββ0 :x: Β±0β
Results for commit 3e0abc1e.βΒ± Comparison against base commit 54391f6c.
:recycle: This comment has been updated with latest results.
This PR contains the following updates:
==2.2.330->==2.5.20Release Notes
bridgecrewio/checkov (checkov)
### [`v2.5.20`](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.19...2.5.20) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.19...2.5.20) ### [`v2.5.19`](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.18...2.5.19) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.18...2.5.19) ### [`v2.5.18`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.5.18) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.17...2.5.18) #### Feature - **general:** Adds GHA support for skip-frameworks, skip-cve-package & output-bc-ids flags - [#5619](https://redirect.github.com/bridgecrewio/checkov/pull/5619) - **terraform:** Ensure that the SQL database is zone-redundant - [#5540](https://redirect.github.com/bridgecrewio/checkov/pull/5540) - **terraform:** Ensure the Azure Event Hub Namespace is zone redundant - [#5538](https://redirect.github.com/bridgecrewio/checkov/pull/5538) #### Bug Fix - **bicep:** enforce encryption flag to be string for CKV_AZURE\_97 - [#5669](https://redirect.github.com/bridgecrewio/checkov/pull/5669) - **terraform_plan:** Add provisioners to TF Plan parser - [#5622](https://redirect.github.com/bridgecrewio/checkov/pull/5622) ### [`v2.5.17`](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.16...2.5.17) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.16...2.5.17) ### [`v2.5.16`](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.15...2.5.16) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.15...2.5.16) ### [`v2.5.15`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.5.15) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.14...2.5.15) #### Feature - **terraform:** Support for merge func inside jsondecode - [#5656](https://redirect.github.com/bridgecrewio/checkov/pull/5656) #### Bug Fix - **sca:** make the abs path to be correcnt - [#5660](https://redirect.github.com/bridgecrewio/checkov/pull/5660) ### [`v2.5.14`](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.13...2.5.14) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.13...2.5.14) ### [`v2.5.13`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.5.13) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.12...2.5.13) #### Feature - **arm:** implement CKV_AZURE\_103 for ARM - [#5527](https://redirect.github.com/bridgecrewio/checkov/pull/5527) - **arm:** implement CKV_AZURE\_96 for ARM - [#5506](https://redirect.github.com/bridgecrewio/checkov/pull/5506) - **arm:** implement CKV_AZURE\_97 for ARM - [#5515](https://redirect.github.com/bridgecrewio/checkov/pull/5515) #### Bug Fix - **terraform:** Added a check to make sure dynamic "blocks" are of the expected type - [#5642](https://redirect.github.com/bridgecrewio/checkov/pull/5642) - **terraform:** update CKV_AWS\_339 valid EKS versions - [#5652](https://redirect.github.com/bridgecrewio/checkov/pull/5652) ### [`v2.5.12`](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.11...2.5.12) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.11...2.5.12) ### [`v2.5.11`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.5.11) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.10...2.5.11) #### Feature - **sca:** giving file path on relative the the current dir for cases there is no either specified root_folder and the is no repo scan dir - [#5654](https://redirect.github.com/bridgecrewio/checkov/pull/5654) ### [`v2.5.10`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.5.10) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.9...2.5.10) #### Feature - **terraform:** support scanning of Terraform managed modules instead of downloading them - [#5635](https://redirect.github.com/bridgecrewio/checkov/pull/5635) #### Bug Fix - **terraform:** Fixing issues with checks CKV_AZURE\_226 & CKV_AZURE\_227 - [#5638](https://redirect.github.com/bridgecrewio/checkov/pull/5638) ### [`v2.5.9`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.5.9) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.8...2.5.9) #### Feature - **sca:** support case where there are no cves suppressions - [#5636](https://redirect.github.com/bridgecrewio/checkov/pull/5636) ### [`v2.5.8`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.5.8) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.7...2.5.8) #### Feature - **general:** Remove code upload for on-prem integrations - [#5624](https://redirect.github.com/bridgecrewio/checkov/pull/5624) ### [`v2.5.7`](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.6...2.5.7) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.6...2.5.7) ### [`v2.5.6`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.5.6) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.5...2.5.6) #### Feature - **arm:** implement CKV_AZURE\_95 for ARM - [#5500](https://redirect.github.com/bridgecrewio/checkov/pull/5500) - **general:** Added source and target to edge data - [#5621](https://redirect.github.com/bridgecrewio/checkov/pull/5621) #### Bug Fix - **terraform_plan:** add azurerm_portal_dashboard to jsonify list - [#5618](https://redirect.github.com/bridgecrewio/checkov/pull/5618) - **terraform:** check if the dynamic name is one of the resources block - [#5607](https://redirect.github.com/bridgecrewio/checkov/pull/5607) ### [`v2.5.5`](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.4...2.5.5) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.4...2.5.5) ### [`v2.5.4`](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.3...2.5.4) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.3...2.5.4) ### [`v2.5.3`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.5.3) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.2...2.5.3) #### Breaking Change - **general:** remove Python 3.7 - [#5605](https://redirect.github.com/bridgecrewio/checkov/pull/5605) - **graph:** remove CHECKOV_CREATE_GRAPH env var to control graph creation - [#5606](https://redirect.github.com/bridgecrewio/checkov/pull/5606) #### Bug Fix - **dockerfile:** fix Docker image scan - [#5617](https://redirect.github.com/bridgecrewio/checkov/pull/5617) - **openapi:** Take into account that security is at the root level of your OpenAPI specification. - [#5603](https://redirect.github.com/bridgecrewio/checkov/pull/5603) - **terraform:** stop CKV_GCP\_43 crashing when not a string - [#5561](https://redirect.github.com/bridgecrewio/checkov/pull/5561) ### [`v2.5.2`](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.1...2.5.2) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.1...2.5.2) ### [`v2.5.1`](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.0...2.5.1) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.5.0...2.5.1) ### [`v2.5.0`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.61...2.5.0) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.61...2.5.0) ### [`v2.4.61`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.61) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.60...2.4.61) #### Bug Fix - **terraform:** fix upload resource_subgraph_maps - [#5615](https://redirect.github.com/bridgecrewio/checkov/pull/5615) #### Platform - **terraform:** Upload resource subgraph map - [#5612](https://redirect.github.com/bridgecrewio/checkov/pull/5612) ### [`v2.4.60`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.59...2.4.60) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.59...2.4.60) ### [`v2.4.59`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.59) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.58...2.4.59) #### Platform - **terraform:** fix in subgraphs uploads - [#5610](https://redirect.github.com/bridgecrewio/checkov/pull/5610) ### [`v2.4.58`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.58) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.57...2.4.58) #### Platform - **terraform:** upload tf sub graphs - [#5596](https://redirect.github.com/bridgecrewio/checkov/pull/5596) ### [`v2.4.57`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.57) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.56...2.4.57) #### Feature - **terraform:** Ensure ephemeral disks are used for OS disks - [#5584](https://redirect.github.com/bridgecrewio/checkov/pull/5584) - **terraform:** Ensure that App Service plan is zone redundant - [#5577](https://redirect.github.com/bridgecrewio/checkov/pull/5577) - **terraform:** Ensure that the AKS cluster encrypt temp disks, caches, and data flows between Compute and Storage resources - [#5588](https://redirect.github.com/bridgecrewio/checkov/pull/5588) ### [`v2.4.56`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.55...2.4.56) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.55...2.4.56) ### [`v2.4.55`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.55) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.54...2.4.55) #### Feature - **general:** Add image referencer rustworkx support - [#5564](https://redirect.github.com/bridgecrewio/checkov/pull/5564) - **general:** Add rustworkx support - [#5595](https://redirect.github.com/bridgecrewio/checkov/pull/5595) - **terraform:** Adding 2 new AWS policies - [#5599](https://redirect.github.com/bridgecrewio/checkov/pull/5599) - **terraform:** simply IMDSv2 checks - [#5601](https://redirect.github.com/bridgecrewio/checkov/pull/5601) ### [`v2.4.54`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.53...2.4.54) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.53...2.4.54) ### [`v2.4.53`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.52...2.4.53) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.52...2.4.53) ### [`v2.4.52`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.51...2.4.52) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.51...2.4.52) ### [`v2.4.51`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.51) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.50...2.4.51) #### Feature - **arm:** CKV_AZURE\_88 convert to arm check - [#5465](https://redirect.github.com/bridgecrewio/checkov/pull/5465) - **arm:** implement CKV_AZURE\_149 for ARM - [#5496](https://redirect.github.com/bridgecrewio/checkov/pull/5496) #### Bug Fix - **terraform:** Adding missing null checks - [#5589](https://redirect.github.com/bridgecrewio/checkov/pull/5589) ### [`v2.4.50`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.50) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.49...2.4.50) #### Feature - **general:** add rustworkx ([#5511](https://redirect.github.com/bridgecrewio/checkov/issues/5511)) - [#5565](https://redirect.github.com/bridgecrewio/checkov/pull/5565) - **general:** Revert add rustworkx ([#5565](https://redirect.github.com/bridgecrewio/checkov/issues/5565))" - [#5594](https://redirect.github.com/bridgecrewio/checkov/pull/5594) ### [`v2.4.49`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.48...2.4.49) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.48...2.4.49) ### [`v2.4.48`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.48) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.47...2.4.48) #### Platform - **general:** expose retry and timeout configuration for interaction with the platform - [#5585](https://redirect.github.com/bridgecrewio/checkov/pull/5585) ### [`v2.4.47`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.47) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.46...2.4.47) #### Feature - **sca:** creating alias mapping for javascript - [#5567](https://redirect.github.com/bridgecrewio/checkov/pull/5567) - **sca:** creating alias mapping for javascript - [#5582](https://redirect.github.com/bridgecrewio/checkov/pull/5582) - **sca:** revert creating alias mapping for javascript - [#5581](https://redirect.github.com/bridgecrewio/checkov/pull/5581) #### Bug Fix - **general:** fix print to encode in windows - [#5572](https://redirect.github.com/bridgecrewio/checkov/pull/5572) - **terraform:** Nested source_module_objects with missing foreach key - [#5580](https://redirect.github.com/bridgecrewio/checkov/pull/5580) ### [`v2.4.46`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.45...2.4.46) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.45...2.4.46) ### [`v2.4.45`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.44...2.4.45) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.44...2.4.45) ### [`v2.4.44`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.43...2.4.44) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.43...2.4.44) ### [`v2.4.43`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.42...2.4.43) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.42...2.4.43) ### [`v2.4.42`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.41...2.4.42) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.41...2.4.42) ### [`v2.4.41`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.40...2.4.41) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.40...2.4.41) ### [`v2.4.40`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.39...2.4.40) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.39...2.4.40) ### [`v2.4.39`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.39) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.38...2.4.39) #### Feature - **arm:** implement CKV2\_AZURE\_27 for arm - [#5534](https://redirect.github.com/bridgecrewio/checkov/pull/5534) - **terraform:** Add new policy for deprecated runtimes - [#5555](https://redirect.github.com/bridgecrewio/checkov/pull/5555) - **terraform:** Ensure Event Hub Namespace uses at least TLS 1.2 - [#5535](https://redirect.github.com/bridgecrewio/checkov/pull/5535) - **terraform:** Ensure that the Ledger feature is enabled on database that requires cryptographic proof and nonrepudiation of data integrity - [#5541](https://redirect.github.com/bridgecrewio/checkov/pull/5541) ### [`v2.4.38`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.37...2.4.38) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.37...2.4.38) ### [`v2.4.37`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.36...2.4.37) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.36...2.4.37) ### [`v2.4.36`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.36) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.35...2.4.36) #### Feature - **general:** add rustworkx - [#5511](https://redirect.github.com/bridgecrewio/checkov/pull/5511) #### Bug Fix - **terraform:** Module from_dict func to static func - [#5562](https://redirect.github.com/bridgecrewio/checkov/pull/5562) ### [`v2.4.35`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.34...2.4.35) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.34...2.4.35) ### [`v2.4.34`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.33...2.4.34) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.33...2.4.34) ### [`v2.4.33`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.33) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.32...2.4.33) #### Feature - **general:** attempt to fix overload in loaders and add tests - [#5549](https://redirect.github.com/bridgecrewio/checkov/pull/5549) - **general:** remove 3.7 integ. test - [#5556](https://redirect.github.com/bridgecrewio/checkov/pull/5556) - **general:** remove line to force code change - [#5558](https://redirect.github.com/bridgecrewio/checkov/pull/5558) - **terraform:** add check Neptune DB clusters should be configured to copy tags to snapshots - [#5552](https://redirect.github.com/bridgecrewio/checkov/pull/5552) - **terraform:** add CKV_AWS\_361 to ensure Neptune DB cluster has adequate backup retention - [#5548](https://redirect.github.com/bridgecrewio/checkov/pull/5548) #### Bug Fix - **terraform:** Fix external_modules_source_map serialization - [#5546](https://redirect.github.com/bridgecrewio/checkov/pull/5546) ### [`v2.4.32`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.32) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.31...2.4.32) #### Feature - **terraform:** add check for Neptune DB clusters IAM database auth enabled - [#5545](https://redirect.github.com/bridgecrewio/checkov/pull/5545) - **terraform:** add CKV_AWS\_360 to ensure backup retention period on AWS Document DB - [#5547](https://redirect.github.com/bridgecrewio/checkov/pull/5547) ### [`v2.4.31`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.30...2.4.31) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.30...2.4.31) ### [`v2.4.30`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.30) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.29...2.4.30) #### Feature - **terraform:** add public network checks for Azure Function and Web Apps - [#5533](https://redirect.github.com/bridgecrewio/checkov/pull/5533) ### [`v2.4.29`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.29) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.28...2.4.29) #### Feature - **arm:** Implement CKV_AZURE\_111 in ARM - [#5528](https://redirect.github.com/bridgecrewio/checkov/pull/5528) - **arm:** implement CKV_AZURE\_134 for ARM - [#5518](https://redirect.github.com/bridgecrewio/checkov/pull/5518) - **arm:** implement CKV_AZURE\_160 for arm - [#5526](https://redirect.github.com/bridgecrewio/checkov/pull/5526) - **arm:** implement CKV_AZURE\_89 for ARM - [#5529](https://redirect.github.com/bridgecrewio/checkov/pull/5529) #### Bug Fix - **terraform:** CKV_AWS\_208 bug fix - [#5512](https://redirect.github.com/bridgecrewio/checkov/pull/5512) ### [`v2.4.28`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.27...2.4.28) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.27...2.4.28) ### [`v2.4.27`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.27) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.26...2.4.27) #### Feature - **general:** Check module download - [#5525](https://redirect.github.com/bridgecrewio/checkov/pull/5525) - **general:** Check module download and quit on failure - [#5523](https://redirect.github.com/bridgecrewio/checkov/pull/5523) ### [`v2.4.26`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.25...2.4.26) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.25...2.4.26) ### [`v2.4.25`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.25) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.24...2.4.25) #### Feature - **arm:** Implement CKV_AZURE\_101 for ARM - [#5516](https://redirect.github.com/bridgecrewio/checkov/pull/5516) - **arm:** implement CKV_AZURE\_107 for arm - [#5514](https://redirect.github.com/bridgecrewio/checkov/pull/5514) - **arm:** implement CKV_AZURE\_113 for ARM - [#5510](https://redirect.github.com/bridgecrewio/checkov/pull/5510) ### [`v2.4.24`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.23...2.4.24) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.23...2.4.24) ### [`v2.4.23`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.22...2.4.23) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.22...2.4.23) ### [`v2.4.22`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.22) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.21...2.4.22) #### Feature - **arm:** implement CKV_AZURE\_112 for arm - [#5507](https://redirect.github.com/bridgecrewio/checkov/pull/5507) - **arm:** implement CKV_AZURE\_40 for ARM - [#5499](https://redirect.github.com/bridgecrewio/checkov/pull/5499) - **arm:** implement CKV_AZURE\_58 for ARM - [#5497](https://redirect.github.com/bridgecrewio/checkov/pull/5497) - **arm:** implement CKV_AZURE\_94 for arm - [#5508](https://redirect.github.com/bridgecrewio/checkov/pull/5508) #### Bug Fix - **helm:** Changed error message to failure to better differentiate problems - [#5517](https://redirect.github.com/bridgecrewio/checkov/pull/5517) - **terraform_json:** correctly parse data blocks in Terraform JSON - [#5509](https://redirect.github.com/bridgecrewio/checkov/pull/5509) - **terraform:** continue processing of TF modules in the same file - [#5503](https://redirect.github.com/bridgecrewio/checkov/pull/5503) - **terraform:** fix error type - [#5513](https://redirect.github.com/bridgecrewio/checkov/pull/5513) ### [`v2.4.21`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.20...2.4.21) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.20...2.4.21) ### [`v2.4.20`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.19...2.4.20) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.19...2.4.20) ### [`v2.4.19`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.18...2.4.19) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.18...2.4.19) ### [`v2.4.18`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.18) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.17...2.4.18) #### Feature - **arm:** implement CKV_AZURE\_100 for arm - [#5490](https://redirect.github.com/bridgecrewio/checkov/pull/5490) - **arm:** implement CKV_AZURE\_114 for arm - [#5489](https://redirect.github.com/bridgecrewio/checkov/pull/5489) - **arm:** implement CKV_AZURE\_130 for arm - [#5485](https://redirect.github.com/bridgecrewio/checkov/pull/5485) - **arm:** implement CKV_AZURE\_151 for arm - [#5484](https://redirect.github.com/bridgecrewio/checkov/pull/5484) #### Bug Fix - **arm:** correctly handle json files with comments and output parsing errors - [#5495](https://redirect.github.com/bridgecrewio/checkov/pull/5495) ### [`v2.4.17`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.16...2.4.17) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.16...2.4.17) ### [`v2.4.16`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.15...2.4.16) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.15...2.4.16) ### [`v2.4.15`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.14...2.4.15) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.14...2.4.15) ### [`v2.4.14`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.14) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.13...2.4.14) #### Feature - **arm:** CKV_AZURE\_66 implement config logging check for arm - [#5464](https://redirect.github.com/bridgecrewio/checkov/pull/5464) - **arm:** convert CKV_AZURE\_65 to arm - [#5467](https://redirect.github.com/bridgecrewio/checkov/pull/5467) - **arm:** Implement CKV_AZURE\_109 in arm - [#5483](https://redirect.github.com/bridgecrewio/checkov/pull/5483) - **arm:** implement CKV_AZURE\_63 for arm - [#5475](https://redirect.github.com/bridgecrewio/checkov/pull/5475) - **arm:** implement CKV_AZURE\_80 in arm - [#5476](https://redirect.github.com/bridgecrewio/checkov/pull/5476) - **secrets:** fix resource in git history scan - [#5482](https://redirect.github.com/bridgecrewio/checkov/pull/5482) #### Bug Fix - **terraform:** extend CKV2\_AWS\_5 to include aws_appstream_fleet ([#5487](https://redirect.github.com/bridgecrewio/checkov/issues/5487)) - [#5491](https://redirect.github.com/bridgecrewio/checkov/pull/5491) ### [`v2.4.13`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.12...2.4.13) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.12...2.4.13) ### [`v2.4.12`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.11...2.4.12) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.11...2.4.12) ### [`v2.4.11`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.10...2.4.11) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.10...2.4.11) ### [`v2.4.10`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.10) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.9...2.4.10) #### Feature - **arm:** migrate check CKV_AZURE\_50 to arm - [#5453](https://redirect.github.com/bridgecrewio/checkov/pull/5453) - **arm:** translate tf CKV_AZURE\_93 check to arm - [#5450](https://redirect.github.com/bridgecrewio/checkov/pull/5450) - **kubernetes:** Added new endpoint for both helm and kustomize - [#5481](https://redirect.github.com/bridgecrewio/checkov/pull/5481) #### Bug Fix - **dockerfile:** consider platform flag in CKV_DOCKER\_7 - [#5468](https://redirect.github.com/bridgecrewio/checkov/pull/5468) - **kustomize:** support kubectl 1.28+ - [#5480](https://redirect.github.com/bridgecrewio/checkov/pull/5480) ### [`v2.4.9`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.8...2.4.9) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.8...2.4.9) ### [`v2.4.8`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.7...2.4.8) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.7...2.4.8) ### [`v2.4.7`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.7) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.6...2.4.7) #### Feature - **secrets:** handle non iac secrets FP - [#5478](https://redirect.github.com/bridgecrewio/checkov/pull/5478) ### [`v2.4.6`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.6) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.5...2.4.6) #### Bug Fix - **terraform:** Replaced / with os.pathsep to support windows better in terraform runner - [#5473](https://redirect.github.com/bridgecrewio/checkov/pull/5473) #### Documentation - **terraform:** make jq default - [#5462](https://redirect.github.com/bridgecrewio/checkov/pull/5462) ### [`v2.4.5`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.5) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.4...2.4.5) #### Bug Fix - **terraform:** Fix for-each/count updating inner for each index for every child resource - [#5463](https://redirect.github.com/bridgecrewio/checkov/pull/5463) ### [`v2.4.4`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.4) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.3...2.4.4) #### Platform - **sca:** Filter IR FW upload results by supportedIrFw list - [#5448](https://redirect.github.com/bridgecrewio/checkov/pull/5448) ### [`v2.4.3`](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.2...2.4.3) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.2...2.4.3) ### [`v2.4.2`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.2) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.1...2.4.2) #### Feature - **dockerfile:** Add CKV2\_DOCKER\_17 for chpasswd - [#5441](https://redirect.github.com/bridgecrewio/checkov/pull/5441) #### Bug Fix - **kustomize:** Fix kustomize ignoring external policy dir command line options - [#5436](https://redirect.github.com/bridgecrewio/checkov/pull/5436) ### [`v2.4.1`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.4.1) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.4.0...2.4.1) #### Feature - **terraform:** Remove old tf parser - [#5420](https://redirect.github.com/bridgecrewio/checkov/pull/5420) #### Bug Fix - **terraform:** ensure TFModule is created properly in definition context - [#5446](https://redirect.github.com/bridgecrewio/checkov/pull/5446) ### [`v2.4.0`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.366...2.4.0) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.366...2.4.0) ### [`v2.3.366`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.365...2.3.366) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.365...2.3.366) ### [`v2.3.365`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.3.365) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.364...2.3.365) #### Feature - **terraform:** Removed most usages of enable_nested_modules - [#5415](https://redirect.github.com/bridgecrewio/checkov/pull/5415) ### [`v2.3.364`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.3.364) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.363...2.3.364) #### Feature - **sca:** update spdx-tools dep to version 0.8.0 and lower bound it - [#5431](https://redirect.github.com/bridgecrewio/checkov/pull/5431) - **terraform:** Add **address** field on vertices even if render_variables is set to False - [#5434](https://redirect.github.com/bridgecrewio/checkov/pull/5434) #### Bug Fix - **terraform:** add new attached resource possibility to CKV2\_AWS\_23 [#5424](https://redirect.github.com/bridgecrewio/checkov/issues/5424) - [#5429](https://redirect.github.com/bridgecrewio/checkov/pull/5429) - **terraform:** fix ordering issue in CKV_AWS\_358 - [#5425](https://redirect.github.com/bridgecrewio/checkov/pull/5425) ### [`v2.3.363`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.362...2.3.363) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.362...2.3.363) ### [`v2.3.362`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.361...2.3.362) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.361...2.3.362) ### [`v2.3.361`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.3.361) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.360...2.3.361) #### Bug Fix - **arm:** improve CKV_AZURE\_24 check - [#5427](https://redirect.github.com/bridgecrewio/checkov/pull/5427) ### [`v2.3.360`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.3.360) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.359...2.3.360) #### Bug Fix - **general:** Fix empty credentials file issue - [#5421](https://redirect.github.com/bridgecrewio/checkov/pull/5421) ### [`v2.3.359`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.358...2.3.359) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.358...2.3.359) ### [`v2.3.358`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23358---2023-08-06) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.357...2.3.358) ##### Feature - **secrets:** Make non-entropy signatures take precedence over entropy signatures - [#5412](https://redirect.github.com/bridgecrewio/checkov/pull/5412) ##### Bug Fix - **terraform:** Remove DMS S3 check CKV_AWS\_299 - [#5413](https://redirect.github.com/bridgecrewio/checkov/pull/5413) ### [`v2.3.357`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.356...2.3.357) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.356...2.3.357) ### [`v2.3.356`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23356---2023-08-03) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.355...2.3.356) ##### Feature - **terraform:** Github Actions OIDC trust policy check - [#5402](https://redirect.github.com/bridgecrewio/checkov/pull/5402) ### [`v2.3.355`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.354...2.3.355) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.354...2.3.355) ### [`v2.3.354`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23354---2023-08-02) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.353...2.3.354) ##### Feature - **general:** allow `--var-file` to be passed as environment variable - [#5406](https://redirect.github.com/bridgecrewio/checkov/pull/5406) - **terraform:** Add new policy to ensure AWS Transfer server only allows secure protocols - [#5409](https://redirect.github.com/bridgecrewio/checkov/pull/5409) ##### Platform - **general:** remove obsolete run config fallback API call - [#5404](https://redirect.github.com/bridgecrewio/checkov/pull/5404) ##### Documentation - **gha:** Update setup-python version in GitHub Actions.md - [#5393](https://redirect.github.com/bridgecrewio/checkov/pull/5393) ### [`v2.3.353`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.352...2.3.353) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.352...2.3.353) ### [`v2.3.352`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.351...2.3.352) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.351...2.3.352) ### [`v2.3.351`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23351---2023-08-01) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.350...2.3.351) ##### Feature - **terraform:** new serialization methods for module and block - [#5391](https://redirect.github.com/bridgecrewio/checkov/pull/5391) ##### Bug Fix - **terraform:** pr for upgrade-checkov - [#5400](https://redirect.github.com/bridgecrewio/checkov/pull/5400) ### [`v2.3.350`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.349...2.3.350) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.349...2.3.350) ### [`v2.3.349`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23349---2023-07-31) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.348...2.3.349) ##### Bug Fix - **terraform:** add TFDefinitionKey to get_entity_context_and_evaluations - [#5392](https://redirect.github.com/bridgecrewio/checkov/pull/5392) - **terraform:** consider new domain attribute in CKV2\_AWS\_19 - [#5383](https://redirect.github.com/bridgecrewio/checkov/pull/5383) ### [`v2.3.348`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.347...2.3.348) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.347...2.3.348) ### [`v2.3.347`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23347---2023-07-27) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.346...2.3.347) ##### Feature - **sca:** support composer.json - [#5382](https://redirect.github.com/bridgecrewio/checkov/pull/5382) - **terraform:** Use new function to create multi graph instead of single graph - [#5375](https://redirect.github.com/bridgecrewio/checkov/pull/5375) ##### Platform - **general:** Implement SSO Relay State Parameter in Checkov Output Links - [#5217](https://redirect.github.com/bridgecrewio/checkov/pull/5217) ### [`v2.3.346`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.345...2.3.346) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.345...2.3.346) ### [`v2.3.345`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.344...2.3.345) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.344...2.3.345) ### [`v2.3.344`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.343...2.3.344) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.343...2.3.344) ### [`v2.3.343`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23343---2023-07-26) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.342...2.3.343) ##### Feature - **sca:** fix package line numbers - [#5376](https://redirect.github.com/bridgecrewio/checkov/pull/5376) ##### Bug Fix - **terraform:** Fix CKV_AWS\_104 to support new values - [#5377](https://redirect.github.com/bridgecrewio/checkov/pull/5377) ### [`v2.3.342`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.341...2.3.342) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.341...2.3.342) ### [`v2.3.341`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.340...2.3.341) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.340...2.3.341) ### [`v2.3.340`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.3.340) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.339...2.3.340) #### Feature - **general:** enrich terraform definitions context key - [#5350](https://redirect.github.com/bridgecrewio/checkov/pull/5350) #### Bug Fix - **terraform:** fix get module name - foreach or count - [#5373](https://redirect.github.com/bridgecrewio/checkov/pull/5373) ### [`v2.3.339`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.338...2.3.339) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.338...2.3.339) ### [`v2.3.338`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23338---2023-07-23) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.337...2.3.338) ##### Feature - **terraform:** add new function to create module and definitions with tests - [#5362](https://redirect.github.com/bridgecrewio/checkov/pull/5362) - **terraform:** GCP Ensure IAM Workload identity is restricted - [#5369](https://redirect.github.com/bridgecrewio/checkov/pull/5369) ##### Bug Fix - **general:** fix inline suppression collection inside lists - [#5370](https://redirect.github.com/bridgecrewio/checkov/pull/5370) ### [`v2.3.337`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.336...2.3.337) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.336...2.3.337) ### [`v2.3.336`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.335...2.3.336) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.335...2.3.336) ### [`v2.3.335`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23335---2023-07-20) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.334...2.3.335) ##### Bug Fix - **terraform:** leverage read_file_with_any_encoding to safely look for modules - [#5360](https://redirect.github.com/bridgecrewio/checkov/pull/5360) ### [`v2.3.334`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23334---2023-07-19) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.333...2.3.334) ##### Feature - **general:** Add resource code filter to all checkov loggers - [#5356](https://redirect.github.com/bridgecrewio/checkov/pull/5356) - **general:** Infrastructure for custom code logger filter - [#5346](https://redirect.github.com/bridgecrewio/checkov/pull/5346) ##### Bug Fix - **kustomize:** Avoid index error when calculating file path - [#5357](https://redirect.github.com/bridgecrewio/checkov/pull/5357) ### [`v2.3.333`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.332...2.3.333) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.332...2.3.333) ### [`v2.3.332`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.331...2.3.332) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.331...2.3.332) ### [`v2.3.331`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23331---2023-07-18) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.330...2.3.331) ##### Feature - **openapi:** Add CKV_OPENAPI\_21 - [#5268](https://redirect.github.com/bridgecrewio/checkov/pull/5268) ##### Bug Fix - **secrets:** handle regex error in custom secrets gracefully - [#5355](https://redirect.github.com/bridgecrewio/checkov/pull/5355) ##### Documentation - **general:** update docs about installation guidelines - [#5352](https://redirect.github.com/bridgecrewio/checkov/pull/5352) ### [`v2.3.330`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.329...2.3.330) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.329...2.3.330) ### [`v2.3.329`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23329---2023-07-17) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.328...2.3.329) ##### Feature - **github:** Add ability for External checks with git branch - [#5337](https://redirect.github.com/bridgecrewio/checkov/pull/5337) - **sca:** add fix command and code for indirect deps - [#5347](https://redirect.github.com/bridgecrewio/checkov/pull/5347) ##### Bug Fix - **kubernetes:** No dups when extracting images - [#5339](https://redirect.github.com/bridgecrewio/checkov/pull/5339) ### [`v2.3.328`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.327...2.3.328) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.327...2.3.328) ### [`v2.3.327`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.326...2.3.327) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.326...2.3.327) ### [`v2.3.326`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23326---2023-07-16) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.325...2.3.326) ##### Feature - **sca:** add fix code and command to cve report - [#5333](https://redirect.github.com/bridgecrewio/checkov/pull/5333) - **sca:** fix code block array structure - [#5338](https://redirect.github.com/bridgecrewio/checkov/pull/5338) ##### Bug Fix - **general:** properly encode non supported chars in SARIF uri field - [#5336](https://redirect.github.com/bridgecrewio/checkov/pull/5336) ##### Documentation - **sca:** Add SCA skip comments to docs - [#5330](https://redirect.github.com/bridgecrewio/checkov/pull/5330) ### [`v2.3.325`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.324...2.3.325) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.324...2.3.325) ### [`v2.3.324`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.3.324) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.323...2.3.324) #### Bug Fix - **kustomize:** Added support for case where no parents are found for the relative fie path - [#5332](https://redirect.github.com/bridgecrewio/checkov/pull/5332) - **terraform:** Update CKV2\_AWS\_12 for the new defaults - [#5203](https://redirect.github.com/bridgecrewio/checkov/pull/5203) ### [`v2.3.323`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.322...2.3.323) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.322...2.3.323) ### [`v2.3.322`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.321...2.3.322) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.321...2.3.322) ### [`v2.3.321`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23321---2023-07-13) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.320...2.3.321) ##### Feature - **kustomize:** Support child k8s resources inside kustomize origin annotations - [#5328](https://redirect.github.com/bridgecrewio/checkov/pull/5328) ### [`v2.3.320`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23320---2023-07-12) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.319...2.3.320) ##### Bug Fix - **kustomize:** Checked for existence of caller_file_path in definitions_raw - [#5324](https://redirect.github.com/bridgecrewio/checkov/pull/5324) - **openapi:** Fix ws for CKV_OPENAPI\_20 - [#5317](https://redirect.github.com/bridgecrewio/checkov/pull/5317) - **terraform:** CKV_AWS\_342 - managed rules have predefined actions - [#5322](https://redirect.github.com/bridgecrewio/checkov/pull/5322) ### [`v2.3.319`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.318...2.3.319) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.318...2.3.319) ### [`v2.3.318`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23318---2023-07-10) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.317...2.3.318) ##### Feature - **general:** support UTF-16 and other encodings in multiple frameworks - [#5308](https://redirect.github.com/bridgecrewio/checkov/pull/5308) - **kustomize:** add back reverted kustomize annotations and update build github action to use github runners - [#5316](https://redirect.github.com/bridgecrewio/checkov/pull/5316) - **kustomize:** Add origin annotations to calculate bases of kustomize checks - [#5298](https://redirect.github.com/bridgecrewio/checkov/pull/5298) ### [`v2.3.317`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.316...2.3.317) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.316...2.3.317) ### [`v2.3.316`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23316---2023-07-09) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.315...2.3.316) ##### Feature - **secrets:** Improve the entropy keyword combinator secret scanner - [#5307](https://redirect.github.com/bridgecrewio/checkov/pull/5307) ##### Bug Fix - **openapi:** Fix CKV_OpenAPI\_20 - [#5302](https://redirect.github.com/bridgecrewio/checkov/pull/5302) - **terraform:** fix invalid value in CKV_AWS\_304 - [#5301](https://redirect.github.com/bridgecrewio/checkov/pull/5301) - **terraform:** support new field in CKV2\_AWS\_3 - [#5304](https://redirect.github.com/bridgecrewio/checkov/pull/5304) ### [`v2.3.315`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.314...2.3.315) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.314...2.3.315) ### [`v2.3.314`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23314---2023-07-06) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.313...2.3.314) ##### Feature - **dockerfile:** add ARM build for K8s container image - [#5293](https://redirect.github.com/bridgecrewio/checkov/pull/5293) - **general:** Add checkov.spec to enable PyInstaller - [#5281](https://redirect.github.com/bridgecrewio/checkov/pull/5281) ##### Bug Fix - **terraform:** remove CKV2\_AZURE\_18 check and improve CKV2\_AZURE\_1 - [#5294](https://redirect.github.com/bridgecrewio/checkov/pull/5294) ### [`v2.3.313`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.312...2.3.313) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.312...2.3.313) ### [`v2.3.312`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23312---2023-07-05) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.311...2.3.312) ##### Platform - **general:** use sca inline suppressions - [#5285](https://redirect.github.com/bridgecrewio/checkov/pull/5285) ### [`v2.3.311`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.3.311) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.310...2.3.311) #### Feature - **openapi:** New OpenAPI check CKV_OPENAPI\_20 - [#5253](https://redirect.github.com/bridgecrewio/checkov/pull/5253) ### [`v2.3.310`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23310---2023-07-02) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.309...2.3.310) ##### Bug Fix - **terraform:** remove deprecated check CKV_GCP\_67 - [#5275](https://redirect.github.com/bridgecrewio/checkov/pull/5275) ##### Documentation - **general:** Add csv to output - [#5273](https://redirect.github.com/bridgecrewio/checkov/pull/5273) ### [`v2.3.309`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23309---2023-06-29) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.308...2.3.309) ##### Feature - **graph:** add experimental debug output for graph check evaluation - [#5257](https://redirect.github.com/bridgecrewio/checkov/pull/5257) ##### Bug Fix - **general:** revert add composer files to supported package files - [#5269](https://redirect.github.com/bridgecrewio/checkov/pull/5269) ##### Platform - **general:** add composer files to supported package files - [#5263](https://redirect.github.com/bridgecrewio/checkov/pull/5263) ### [`v2.3.308`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.307...2.3.308) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.307...2.3.308) ### [`v2.3.307`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.306...2.3.307) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.306...2.3.307) ### [`v2.3.306`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.3.306) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.305...2.3.306) #### Feature - **terraform:** add module check for commit hash revision usage - [#5261](https://redirect.github.com/bridgecrewio/checkov/pull/5261) #### Bug Fix - **openapi:** add security definition type validation into CKV_OPENAPI\_9 - [#5262](https://redirect.github.com/bridgecrewio/checkov/pull/5262) - **secrets:** fix secrets omit crash when value is not string - [#5260](https://redirect.github.com/bridgecrewio/checkov/pull/5260) - **terraform:** ignore local modules in CKV_TF\_1 - [#5264](https://redirect.github.com/bridgecrewio/checkov/pull/5264) ### [`v2.3.305`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.304...2.3.305) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.304...2.3.305) ### [`v2.3.304`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.303...2.3.304) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.303...2.3.304) ### [`v2.3.303`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23303---2023-06-26) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.302...2.3.303) ##### Bug Fix - **arm:** consider encryption property in CKV_AZURE\_2 - [#5254](https://redirect.github.com/bridgecrewio/checkov/pull/5254) ### [`v2.3.302`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23302---2023-06-25) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.301...2.3.302) ##### Bug Fix - **terraform:** add missing AWS RDS CA certificate identifiers for aws_db_instance resource - [#5247](https://redirect.github.com/bridgecrewio/checkov/pull/5247) ### [`v2.3.301`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23301---2023-06-22) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.300...2.3.301) ##### Feature - **general:** remove log from parallel common - [#5244](https://redirect.github.com/bridgecrewio/checkov/pull/5244) ##### Platform - **general:** Fix local repo generated name if ends with / - [#5243](https://redirect.github.com/bridgecrewio/checkov/pull/5243) ### [`v2.3.300`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.299...2.3.300) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.299...2.3.300) ### [`v2.3.299`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/2.3.299) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.298...2.3.299) #### Feature - **terraform:** ensure kms key policy is defined - [#5235](https://redirect.github.com/bridgecrewio/checkov/pull/5235) #### Bug Fix - **sca:** fix wrongly invoked Image Referencer scanning when scanning a single file - [#5237](https://redirect.github.com/bridgecrewio/checkov/pull/5237) - **terraform_plan:** add terraform plan vertices to terraform graph if not exist - [#5230](https://redirect.github.com/bridgecrewio/checkov/pull/5230) ### [`v2.3.298`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.297...2.3.298) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.297...2.3.298) ### [`v2.3.297`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.296...2.3.297) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.296...2.3.297) ### [`v2.3.296`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23296---2023-06-19) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.295...2.3.296) ##### Bug Fix - **dockerfile:** negative `is_dockerfile()` lookup on `.dockerignore` suffix - [#5219](https://redirect.github.com/bridgecrewio/checkov/pull/5219) - **terraform:** fix empty value issue for CKV_GIT\_4 - [#5222](https://redirect.github.com/bridgecrewio/checkov/pull/5222) ##### Documentation - **graph:** add jsonpath custom policy example - [#5221](https://redirect.github.com/bridgecrewio/checkov/pull/5221) ### [`v2.3.295`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.294...2.3.295) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.294...2.3.295) ### [`v2.3.294`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23294---2023-06-15) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.293...2.3.294) ##### Feature - **gha:** add skip_path flag to GHA and allow multiple values in var_file - [#5213](https://redirect.github.com/bridgecrewio/checkov/pull/5213) - **sca:** add root package name and version to csv sbom - [#5211](https://redirect.github.com/bridgecrewio/checkov/pull/5211) ### [`v2.3.293`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.292...2.3.293) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.292...2.3.293) ### [`v2.3.292`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#23292---2023-06-14) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.291...2.3.292) ##### Feature - **arm:** Handle another structure for SQL retention policy - [#5210](https://redirect.github.com/bridgecrewio/checkov/pull/5210) ##### Bug Fix - **secrets:** limit line length for custom secrets - [#5208](https://redirect.github.com/bridgecrewio/checkov/pull/5208) - **terraform:** Update GCP checks for plan files - [#5197](https://redirect.github.com/bridgecrewio/checkov/pull/5197) ### [`v2.3.291`](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.290...2.3.291) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/2.3.290...2.3.291) ### [`v2.3.290`](https://redirect.github.comConfiguration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.