checkov

Bug Fix

• sast: change the path for taint mode match - #5953
• sast: fix report with only reachability - #5951

Platform

• general: Change SAST enforcement rule to weaknesses - #5950
• general: handle weaknesses rename - #5954

Bug Fix

• sast: Fix serialize for sast report with taint mode - #5949

Bug Fix

• general: allow colorama version >=0.4.3,<0.5.0 in setup - #5944

Bug Fix

• sast: fix relative paths in sast cdk reports - #5932
• sast: fix sast cdk code location paths - #5938
• terraform: CKV_GCP_79 Upgrade CloudSQL SQLSERVER major version to 2022 - #5936
• terraform: Improved bad performance pathlib check - #5939

Bug Fix

• general: fix multiprocess abilities - #5887
• general: fixing hidden dependencies & state breaking tests - #5911
• general: Reenabling cdk-integration-tests - #5922

Bug Fix

• terraform: Support "pass_prefix_list" for SG ingress rules correctly - #5918

Bug Fix

• general: temporary disable runtime config - #5921

Feature

• terraform: node pools should be configured separately from a cl… - #5916

Bug Fix

• terraform: handle no action in aws_dlm_lifecycle_policy - #5905

• no noteworthy changes

Feature

• sast: Add sast metadata to sast report - #5910
• terraform: Add various vertex related policies - #5898

Bug Fix

• sast: persist empty sast report for cdk - #5909
• terraform: Fix typo Customer Managed Key - #5900

Feature

• terraform: CLI output - add indication if repository was discovered In a running environment - #5908

Bug Fix

• sast: add missing field in MatchMetadata - #5907

Feature

• sast: add dataflow to checkov report from sast - #5892

Feature

• terraform: add CKV2_AZURE_47, ensure storage account is configured without blob anonymous access - #5888
• terraform: Ensure SES Configuration Set enforces TLS usage - #5891

Bug Fix

• terraform: pod security policy removed in GKE 1.25 - #5675

Feature

• sast: Split sast and cdk reports - #5889

Bug Fix

• terraform: Fix CKV_Azure_234 - #5886

Feature

• terraform_plan: Add PY graph checks for tf plan - #5875

Bug Fix

• terraform: Remove CKV_AWS_188 as dupe - #5884

Feature

• sast: add integration test platform report - #5856
• sast: python Cdk policies batch 3 - #5820
• sast: python Cdk policies batch 4 - #5857

Bug Fix

• sast: add save local sast report to run integration script - #5863

Feature

• terraform: Used parallel run to run all split_graph iterations - #5840

Feature

• general: anchor cyclonedx to last non breaking version - #5846
• general: Revert pipfile lock changes - #5848
• sast: add back commented checks - #5851

Bug Fix

• sast: fix reachability with no regular matches - #5847
• sca: not printing reachability data for lines without cves - #5849

Feature

• terraform: fix for check VPCPeeringRouteTableOverlyPermissive and add tests - #5837

Bug Fix

• sast: fix sast report format - #5811

Feature

• secrets: used 10 characters in secret violation - #5835