checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

APACHE-2.0 License

Downloads
4.3M
Stars
6.8K
Committers
400
View Code on GitHub Visit Website
Ecosystems: Terraform, Kubernetes, Azure, Amazon Web Services

Bot releases are visible (Hide)

checkov - 3.2.28

Published by github-actions[bot] 8 months ago

Bug Fix

  • sca: handling unknown severity - #6055
  • terraform: Add Condition exceptions CKV_AWS_70 - #6044
  • terraform: Add k8s 1.29 to CKV_AWS_339 - #6056
checkov - 3.2.26

Published by github-actions[bot] 8 months ago

Bug Fix

  • sast: fetch sast custom policieis - #6040
checkov - 3.2.25

Published by github-actions[bot] 8 months ago

Feature

  • terraform: Added support for try function in evaluate_terraform - #6043
checkov - 3.2.24

Published by github-actions[bot] 8 months ago

Feature

  • cloudformation: add CFN policies for MSK - #6021
checkov - 3.2.23

Published by github-actions[bot] 8 months ago

Bug Fix

  • terraform: support vertex reference based on foreach key - #6039
checkov - 3.2.22

Published by github-actions[bot] 8 months ago

Bug Fix

  • terraform: CKV_AWS_308 - checked if caching was enabled and only then check for encryption of cache - #6034
checkov - 3.2.21

Published by github-actions[bot] 8 months ago

Bug Fix

  • sast: fix cdk checks path - #6029
checkov - 3.2.20

Published by github-actions[bot] 8 months ago

Bug Fix

  • graph: remove SCA runner v1 - re-enable - #6024
checkov - 3.2.19

Published by github-actions[bot] 9 months ago

Feature

  • general: Implement authentication retry mechanism - #6022
  • sast: add danger rule - #6012
checkov - 3.2.17

Published by github-actions[bot] 9 months ago

Bug Fix

  • general: downgrade botocore dependency - #6016
  • graph: remove SCA runner v1 - #6005
  • terraform: Deleted deprecated check CKV_GCP_19 - #6010
checkov - 3.2.12

Published by github-actions[bot] 9 months ago

Bug Fix

  • general: downgrade boto3 - #6011
  • terraform: fix check CKV2_AZURE_10 - #6009
checkov - 3.2.8

Published by github-actions[bot] 9 months ago

Feature

  • secrets: bump bc-detect-secrets to version 1.5.4 - #5998
checkov - 3.2.7

Published by github-actions[bot] 9 months ago

Feature

  • azure: create arm check StorageAccountMinimumTlsVersion CKV_AZURE_236 - #5986
  • sast: add dataflow to output - #5987

Bug Fix

  • terraform: Correctly relace foreach_value inside _update_attributes for complex cases - #5994
checkov - 3.2.3

Published by github-actions[bot] 9 months ago

Bug Fix

  • terraform: find explicit lockout fail actions for s3 - #5943
checkov - 3.2.2

Published by github-actions[bot] 9 months ago

Feature

  • sca: persist support logs for sub processes - #5988
checkov - 3.2.1

Published by github-actions[bot] 9 months ago

Bug Fix

  • sast: summarize errors - #5977
checkov - 3.2.0

Published by github-actions[bot] 9 months ago

Bug Fix

  • terraform: and cdk/cloudformation: inconsistent naming of AWS resources in checks - #5966

Platform

  • general: remove igraph - #5781
checkov - 3.1.70

Published by github-actions[bot] 9 months ago

Bug Fix

  • terraform: Manually fixed test for loading terraform registry to be with commit hash instead of version tag - #5971
checkov - 3.1.69

Published by github-actions[bot] 9 months ago

Bug Fix

  • sast: replaced TBD with owasp and removed "sast engine" - #5959
  • terraform: External module test - #5963
checkov - 3.1.67

Published by github-actions[bot] 9 months ago

Feature

  • sast: Add policies to executable - #5955
Package Rankings
Top 9.86% on Proxy.golang.org
Top 0.86% on Pypi.org
Badges
Extracted from project README
checkov Maintained by Prisma Cloud build status security status code_coverage docs PyPI Python Version Terraform Version Downloads Docker Pulls slack-community Open in Gitpod