This repository has been archived by the owner on Oct 24, 2023. It is now read-only.
merge main checkov #5
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* create bom report when extra_resources is not empty * added tests
* create bom report when extra_resources is not empty * added tests
* adjust Docker labels * remove None links in GitLab SAST output * fix typing
…ombinator (#4385) * extract new detector_utils file from entropy keyword combinator * move import to type checking block * fix according to comments * add detector utils fixes * fix according to comments * change type hint --------- Co-authored-by: Max Amelchenko <mamelchenko@paloaltonetworks.com> Co-authored-by: gruebel <anton.gruebel@gmail.com>
…ombinator (#4385) * extract new detector_utils file from entropy keyword combinator * move import to type checking block * fix according to comments * add detector utils fixes * fix according to comments * change type hint --------- Co-authored-by: Max Amelchenko <mamelchenko@paloaltonetworks.com> Co-authored-by: gruebel <anton.gruebel@gmail.com>
* add workdir info to secrets scanner * switch path to str --------- Co-authored-by: Max Amelchenko <mamelchenko@paloaltonetworks.com>
* add workdir info to secrets scanner * switch path to str --------- Co-authored-by: Max Amelchenko <mamelchenko@paloaltonetworks.com>
* fix compact json output * pin GHA macOS runner version to 11 * upper bound kustomize version to 4
…g set (#4316) * Fix CKV_AWS_157 CloudFormation false positive for Aurora instances * Add comment to explain Aurora logic * Fix import * Update comments with link to AWS docs * Change MultiAZ test for Aurora to UNKNOWN * Fix DBInstanceClass for Aurora * Fix expected 2 blank lines linting error * Remove fields that failed linting since they are not applicable to Aurora * fix linting --------- Co-authored-by: Anton Grübel <anton.gruebel@gmail.com>
…t statement (#4398) * Render dynamic foreach/count statement * CR fixes + UT foe build_sub_graph * CR fixes * Lint fix
fix flake8 issue
* support kustomize v5 * fix wrong command * nosec subprocess
leverage freezegun to freeze time for a test
* fix in PathSchemeDefineHTTP check * fix in GoogleKMSKeyIsPublic check * fix in ECRPolicy check --------- Co-authored-by: Anton Grübel <anton.gruebel@gmail.com>
* fix in PathSchemeDefineHTTP check * fix in GoogleKMSKeyIsPublic check * fix in ECRPolicy check --------- Co-authored-by: Anton Grübel <anton.gruebel@gmail.com>
add GH token to setup-kustomize action
* SQS check is all wrong * remove unused import * adjust check --------- Co-authored-by: Anton Grübel <anton.gruebel@gmail.com>
…ng wildcards for resource types leads to crash (#4408) Update base_check_registry.py to resolve Issue #4407 Update base_check_registry.py to resolve Issue #4407 Verify `entity` has a value (not the None placeholder when `Type` is not available in the template) before trying to string-match Co-authored-by: Anton Grübel <anton.gruebel@gmail.com>
retire CKV_AWS_128 in favour of CKV_AWS_162
…4418) fix getting the module for resource with the name module
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
Description
Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change.
Fixes # (issue)
New/Edited policies (Delete if not relevant)
Description
Include a description of what makes it a violation and any relevant external links.
Fix
How does someone fix the issue in code and/or in runtime?
Checklist: