chore(deps): update pre-commit hook bridgecrewio/checkov to 3.2.381 (#61)

renovate[bot] · web-flow · commit 17cc9f444702 · 2025-03-06T10:46:29.000+01:00
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [bridgecrewio/checkov](https://redirect.github.com/bridgecrewio/checkov) | repository | patch | `3.2.357` -> `3.2.381` | Note: The `pre-commit` manager in Renovate is not supported by the `pre-commit` maintainers or community. Please do not report any problems there, instead [create a Discussion in the Renovate repository](https://redirect.github.com/renovatebot/renovate/discussions/new) if you have any questions. --- ### Release Notes <details> <summary>bridgecrewio/checkov (bridgecrewio/checkov)</summary> ### [`v3.2.381`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#32381---2025-03-05) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.380...3.2.381) ##### Bug Fix - **general:** prevent connected_node attribute from being overriden - [#&#8203;7032](https://redirect.github.com/bridgecrewio/checkov/pull/7032) - **secrets:** ckv_secret\_80 filtering fix - [#&#8203;7037](https://redirect.github.com/bridgecrewio/checkov/pull/7037) ### [`v3.2.380`](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.379...3.2.380) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.379...3.2.380) ### [`v3.2.379`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#32379---2025-03-03) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.378...3.2.379) ##### Feature - **terraform:** Add azure DB checks for flexible server private endpoints - [#&#8203;7030](https://redirect.github.com/bridgecrewio/checkov/pull/7030) ### [`v3.2.378`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#32378---2025-02-27) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.377...3.2.378) ##### Bug Fix - **secrets:** Remove CKV_SECRET\_80 instead of CKV_SECRET\_6 - [#&#8203;7029](https://redirect.github.com/bridgecrewio/checkov/pull/7029) ### [`v3.2.377`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#32377---2025-02-25) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.376...3.2.377) ##### Feature - **terraform:** adding 3 policies & tests - [#&#8203;7011](https://redirect.github.com/bridgecrewio/checkov/pull/7011) ##### Bug Fix - **cloudformation:** Handle subs in CKV_AWS\_384 - [#&#8203;7022](https://redirect.github.com/bridgecrewio/checkov/pull/7022) - **secrets:** Fix Duplicated Violation in line bug - [#&#8203;7027](https://redirect.github.com/bridgecrewio/checkov/pull/7027) - **terraform:** Fixed CKV2\_GCP\_10 to exclude non http triggered cloud functions from security_level requirement - [#&#8203;7008](https://redirect.github.com/bridgecrewio/checkov/pull/7008) - **terraform:** Handle new resource type for CKV_GCP\_73 - [#&#8203;7023](https://redirect.github.com/bridgecrewio/checkov/pull/7023) ### [`v3.2.376`](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.375...3.2.376) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.375...3.2.376) ### [`v3.2.375`](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.374...3.2.375) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.374...3.2.375) ### [`v3.2.374`](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.372...3.2.374) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.373...3.2.374) ### [`v3.2.373`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#32373---2025-02-24) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.372...3.2.373) ##### Bug Fix - **terraform:** CKV_GCP\_74, CKV_GCP\_76 incorrectly enforced for REGIONAL and GLOBAL managed proxy networks - [#&#8203;7002](https://redirect.github.com/bridgecrewio/checkov/pull/7002) ### [`v3.2.372`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#32372---2025-02-18) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.371...3.2.372) ##### Feature - **terraform:** Add multiple checks - [#&#8203;7016](https://redirect.github.com/bridgecrewio/checkov/pull/7016) ##### Bug Fix - **terraform:** Postgres latest stable version - [#&#8203;7015](https://redirect.github.com/bridgecrewio/checkov/pull/7015) ### [`v3.2.371`](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.370...3.2.371) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.370...3.2.371) ### [`v3.2.370`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#32370---2025-02-13) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.369...3.2.370) ##### Bug Fix - **general:** Handle ECS enhanced container insights - [#&#8203;7001](https://redirect.github.com/bridgecrewio/checkov/pull/7001) ### [`v3.2.369`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#32369---2025-02-10) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.368...3.2.369) ##### Bug Fix - **terraform:** Multiple check fixes - [#&#8203;6999](https://redirect.github.com/bridgecrewio/checkov/pull/6999) ### [`v3.2.368`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#32368---2025-02-06) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.367...3.2.368) ##### Feature - **general:** fix proxy access from git and registry loader - [#&#8203;6992](https://redirect.github.com/bridgecrewio/checkov/pull/6992) ### [`v3.2.367`](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.366...3.2.367) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.366...3.2.367) ### [`v3.2.366`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#32366---2025-02-05) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.365...3.2.366) ##### Bug Fix - **bicep:** Add bicep specific for CKV_AZURE\_25 since ARM implementation fails - [#&#8203;6996](https://redirect.github.com/bridgecrewio/checkov/pull/6996) - **terraform:** CKV_AZURE\_249 & CKV_AWS\_358 - better support for OIDC 'repo' detection regex and conditions order - [#&#8203;6994](https://redirect.github.com/bridgecrewio/checkov/pull/6994) ### [`v3.2.365`](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.364...3.2.365) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.364...3.2.365) ### [`v3.2.364`](https://redirect.github.com/bridgecrewio/checkov/blob/HEAD/CHANGELOG.md#32364---2025-02-04) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.363...3.2.364) ##### Bug Fix - **terraform:** CKV_AWS\_339 - Add EKS platform version 1.32 to allowed lists of versions - [#&#8203;6988](https://redirect.github.com/bridgecrewio/checkov/pull/6988) ### [`v3.2.363`](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.362...3.2.363) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.362...3.2.363) ### [`v3.2.362`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/3.2.362) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.361...3.2.362) #### Bug Fix - **secrets:** Multiple matching groups are being caught as regex separated by | sign - [#&#8203;6967](https://redirect.github.com/bridgecrewio/checkov/pull/6967) - **secrets:** Remove both random and base64 entropy secrets finding - [#&#8203;6969](https://redirect.github.com/bridgecrewio/checkov/pull/6969) #### Platform - **general:** Backfill more eval keys - [#&#8203;6970](https://redirect.github.com/bridgecrewio/checkov/pull/6970) ### [`v3.2.361`](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.360...3.2.361) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.360...3.2.361) ### [`v3.2.360`](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.359...3.2.360) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.359...3.2.360) ### [`v3.2.359`](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.358...3.2.359) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.358...3.2.359) ### [`v3.2.358`](https://redirect.github.com/bridgecrewio/checkov/releases/tag/3.2.358) [Compare Source](https://redirect.github.com/bridgecrewio/checkov/compare/3.2.357...3.2.358) #### Feature - **general:** Add env var for policy metadata - [#&#8203;6979](https://redirect.github.com/bridgecrewio/checkov/pull/6979) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/schubergphilis/mcaf-github-workflows).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
diff --git a/sync-root/.pre-commit-config.yaml b/sync-root/.pre-commit-config.yaml
@@ -25,7 +25,7 @@ repos:
       - id: terraform_docs
       - id: terraform_validate
   - repo: https://github.com/bridgecrewio/checkov.git
-    rev: 3.2.357
+    rev: 3.2.381
     hooks:
       - id: checkov
         verbose: false
