Skip to content

build(deps): bump checkov from 3.3.2 to 3.3.5 in /aws-cli#949

Merged
github-actions[bot] merged 1 commit into
mainfrom
dependabot/pip/aws-cli/checkov-3.3.5
Jul 6, 2026
Merged

build(deps): bump checkov from 3.3.2 to 3.3.5 in /aws-cli#949
github-actions[bot] merged 1 commit into
mainfrom
dependabot/pip/aws-cli/checkov-3.3.5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps checkov from 3.3.2 to 3.3.5.

Release notes

Sourced from checkov's releases.

3.3.5

Feature

  • general: fix danger node version - #7589

Bug Fix

  • general: retry kustomize/helm install to survive transient GitHub failures - #7591
  • terraform: CKV_AZURE_190 override singular get_expected_value - #7592
Changelog

Sourced from checkov's changelog.

3.3.5 - 2026-06-29

Feature

  • general: fix danger node version - #7589

Bug Fix

  • general: retry kustomize/helm install to survive transient GitHub failures - #7591
  • terraform: CKV_AZURE_190 override singular get_expected_value - #7592
Commits
  • 07a94fe Merge a5dfacf9f3fb4d597825bfbbb9794ee44431fb96 into 0896e312b080f94b4be25fd45...
  • b257af8 fix(terraform): CKV_AZURE_190 override singular get_expected_value (#7592)
  • 0896e31 feat(general): fix danger node version (#7589)
  • f47b0cd fix(general): retry kustomize/helm install to survive transient GitHub failur...
  • 2e66fad feat(general): fix danger node version (#7589)
  • 6b8a613 feat(general): fix danger node version (#7589)
  • 63dad53 chore: update release notes
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [checkov](https://github.com/bridgecrewio/checkov) from 3.3.2 to 3.3.5.
- [Release notes](https://github.com/bridgecrewio/checkov/releases)
- [Changelog](https://github.com/bridgecrewio/checkov/blob/main/CHANGELOG.md)
- [Commits](bridgecrewio/checkov@3.3.2...3.3.5)

---
updated-dependencies:
- dependency-name: checkov
  dependency-version: 3.3.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jul 6, 2026
@github-actions github-actions Bot added the build [Conventional Commits] Changes that affect the build system or external dependencies label Jul 6, 2026
@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

License Issues

aws-cli/requirements.txt

PackageVersionLicenseIssue Type
checkov3.3.5NullUnknown License
Allowed Licenses: 0BSD, Apache-2.0, BSD-2-Clause, BSD-3-Clause, CC0-1.0, MIT, MIT-0

OpenSSF Scorecard

PackageVersionScoreDetails
pip/checkov 3.3.5 🟢 7
Details
CheckScoreReason
Maintained🟢 1030 commit(s) out of 30 and 7 issue activity out of 30 found in the last 90 days -- score normalized to 10
Code-Review🟢 311 out of last 30 changesets reviewed before merge -- score normalized to 3
Vulnerabilities🟢 10no vulnerabilities detected
CII-Best-Practices⚠️ 2badge detected: in_progress
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
Token-Permissions⚠️ 0non read-only tokens detected in GitHub workflows
Security-Policy🟢 10security policy file detected
License🟢 10license file detected
Dependency-Update-Tool🟢 10update tool detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Fuzzing⚠️ 0project is not fuzzed
SAST🟢 10SAST tool is run on all commits
Binary-Artifacts🟢 10no binaries found in the repo
Packaging🟢 10publishing workflow detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0

Scanned Files

  • aws-cli/requirements.txt

@github-actions github-actions Bot enabled auto-merge (squash) July 6, 2026 13:44
@github-actions github-actions Bot merged commit 19d8929 into main Jul 6, 2026
55 checks passed
@github-actions github-actions Bot deleted the dependabot/pip/aws-cli/checkov-3.3.5 branch July 6, 2026 14:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

build [Conventional Commits] Changes that affect the build system or external dependencies dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants