UPDATE: wip/py-checkov to new version: 1.0.684

2021-01-04 16:22:01 +01:00 · 2021-01-04 16:22:01 +01:00 · 887ddd099b
parent fd082cb269
commit 887ddd099b
5 changed files with 62 additions and 29 deletions
--- a/py-checkov/DESCR
+++ b/py-checkov/DESCR
@ -1,8 +1,23 @@
-Checkov is a static code analysis tool for infrastructure-as-code.
-It scans cloud infrastructure provisioned using Terraform,
-Cloudformation, Kubernetes, Serverless or ARM Templates and
-detects security and compliance misconfigurations.
-Checkov also powers Bridgecrew, the developer-first platform that
-codifies and streamlines cloud security throughout the development
-lifecycle. Bridgecrew identifies, fixes, and prevents misconfigurations
-in cloud resources and infrastructure-as-code files
+TODO: Adjust the following lines from README.md
+
+[![checkov](https://raw.githubusercontent.com/bridgecrewio/checkov/master/docs/web/images/checkov_by_bridgecrew.png)](#)
+       
+[![Maintained by Bridgecrew.io](https://img.shields.io/badge/maintained%20by-bridgecrew.io-blueviolet)](https://bridgecrew.io/?utm_source=github&utm_medium=organic_oss&utm_campaign=checkov)
+[![build status](https://github.com/bridgecrewio/checkov/workflows/build/badge.svg)](https://github.com/bridgecrewio/checkov/actions?query=workflow%3Abuild)
+[![security status](https://github.com/bridgecrewio/checkov/workflows/security/badge.svg)](https://github.com/bridgecrewio/checkov/actions?query=event%3Apush+branch%3Amaster+workflow%3Asecurity) 
+[![code_coverage](https://raw.githubusercontent.com/bridgecrewio/checkov/master/coverage.svg?sanitize=true)](https://github.com/bridgecrewio/checkov/actions?query=workflow%3Acoverage)
+[![docs](https://img.shields.io/badge/docs-passing-brightgreen)](https://www.checkov.io/documentation?utm_source=github&utm_medium=organic_oss&utm_campaign=checkov)
+[![PyPI](https://img.shields.io/pypi/v/checkov)](https://pypi.org/project/checkov/)
+[![Python Version](https://img.shields.io/github/pipenv/locked/python-version/bridgecrewio/checkov)](#)
+[![Terraform Version](https://img.shields.io/badge/tf-%3E%3D0.12.0-blue.svg)](#)
+[![Downloads](https://pepy.tech/badge/checkov)](https://pepy.tech/project/checkov)
+[![slack-community](https://slack.bridgecrew.io/badge.svg)](https://slack.bridgecrew.io/?utm_source=github&utm_medium=organic_oss&utm_campaign=checkov)
+
+
+**Checkov** is a static code analysis tool for infrastructure-as-code.
+
+It scans cloud infrastructure provisioned using [Terraform](https://terraform.io/), [Cloudformation](https://aws.amazon.com/cloudformation/), [Kubernetes](https://kubernetes.io/), [Serverless](https://www.serverless.com/) or [ARM Templates](https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/overview) and detects security and compliance misconfigurations.
+ 
+
+Checkov also powers [**Bridgecrew**](https://bridgecrew.io/?utm_source=github&utm_medium=organic_oss&utm_campaign=checkov), the developer-first platform that codifies and streamlines cloud security throughout the development lifecycle. Bridgecrew identifies, fixes, and prevents misconfigurations in cloud resources and infrastructure-as-code files. 
+...
--- a/py-checkov/Makefile
+++ b/py-checkov/Makefile
@ -1,6 +1,6 @@
 # $NetBSD$

-DISTNAME=	checkov-1.0.674
+DISTNAME=	checkov-1.0.684
 PKGNAME=	${PYPKGPREFIX}-${DISTNAME}
 CATEGORIES=	devel python
 MASTER_SITES=	${MASTER_SITE_PYPI:=c/checkov/}
@ -13,24 +13,27 @@ LICENSE=	apache-2.0
 PYTHON_VERSIONS_INCOMPATIBLE+=	27
 PYTHON_VERSIONS_INCOMPATIBLE+=	36

-DEPENDS+=	${PYPKGPREFIX}-packaging>=19.2:../../devel/py-packaging
-DEPENDS+=	${PYPKGPREFIX}-colorama>=0.4.3:../../comms/py-colorama
-DEPENDS+=	${PYPKGPREFIX}-termcolor>=1.1.0:../../devel/py-termcolor
-DEPENDS+=	${PYPKGPREFIX}-gitpython>=3.1.7:../../devel/py-gitpython
-DEPENDS+=	${PYPKGPREFIX}-semantic_version>=2.8.5:../../devel/py-semantic_version
-DEPENDS+=	${PYPKGPREFIX}-six>=1.15.0:../../lang/py-six
-DEPENDS+=	${PYPKGPREFIX}-tqdm>=4.49.0:../../misc/py-tqdm
-DEPENDS+=	${PYPKGPREFIX}-boto3>=1.12.43:../../net/py-boto3
-DEPENDS+=	${PYPKGPREFIX}-jmespath>=0.10.0:../../textproc/py-jmespath
-DEPENDS+=	${PYPKGPREFIX}-tabulate>=0.8.6:../../textproc/py-tabulate
-DEPENDS+=	${PYPKGPREFIX}-yaml>=5.1:../../textproc/py-yaml
+
+BUILD_DEPENDS+=	${PYPKGPREFIX}-test>=5.3.10:../../devel/py-test
+BUILD_DEPENDS+=	${PYPKGPREFIX}-coverage>=5.3:../../devel/py-coverage
+BUILD_DEPENDS+=	${PYPKGPREFIX}-coverage-badge>=1.0.1:../../wip/py-coverage-badge
+BUILD_DEPENDS+=	${PYPKGPREFIX}-bandit>=1.7.0:../../wip/py-bandit
 DEPENDS+=	${PYPKGPREFIX}-bc-python-hcl2>=0.3.1:../../wip/py-bc-python-hcl2
 DEPENDS+=	${PYPKGPREFIX}-deep-merge>=0.0.4:../../wip/py-deep-merge
+DEPENDS+=	${PYPKGPREFIX}-tabulate>=0.8.6:../../textproc/py-tabulate
+DEPENDS+=	${PYPKGPREFIX}-colorama>=0.4.3:../../comms/py-colorama
+DEPENDS+=	${PYPKGPREFIX}-termcolor>=1.1.0:../../devel/py-termcolor
 DEPENDS+=	${PYPKGPREFIX}-junit-xml>=1.9:../../wip/py-junit-xml
 DEPENDS+=	${PYPKGPREFIX}-dpath>=1.5.0:../../wip/py-dpath
+DEPENDS+=	${PYPKGPREFIX}-yaml>=5.1:../../textproc/py-yaml
+DEPENDS+=	${PYPKGPREFIX}-boto3>=1.12.43:../../net/py-boto3
+DEPENDS+=	${PYPKGPREFIX}-gitpython>=3.1.7:../../devel/py-gitpython
+DEPENDS+=	${PYPKGPREFIX}-six>=1.15.0:../../lang/py-six
+DEPENDS+=	${PYPKGPREFIX}-jmespath>=0.10.0:../../textproc/py-jmespath
+DEPENDS+=	${PYPKGPREFIX}-tqdm>=4.49.0:../../misc/py-tqdm
 DEPENDS+=	${PYPKGPREFIX}-update-checker-[0-9]*:../../wip/py-update-checker
-DEPENDS+=	${PYPKGPREFIX}-requests>=1.2.0:../../devel/py-requests
-DEPENDS+=	${PYPKGPREFIX}-urllib3>=1.25.10:../../www/py-urllib3
+DEPENDS+=	${PYPKGPREFIX}-semantic_version>=2.8.5:../../devel/py-semantic_version
+#DEPENDS+=	${PYPKGPREFIX}-packaging>=19.2:../../devel/py-packaging

 post-extract:
 	${MV} ${WRKSRC}/bin/checkov ${WRKSRC}/bin/checkov${PYVERSSUFFIX}
--- a/py-checkov/PLIST
+++ b/py-checkov/PLIST
@ -197,6 +197,9 @@ ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/APIGatewayXray.pyo
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/AbsSecurityGroupUnrestrictedIngress.py
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/AbsSecurityGroupUnrestrictedIngress.pyc
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/AbsSecurityGroupUnrestrictedIngress.pyo
+${PYSITELIB}/checkov/cloudformation/checks/resource/aws/AthenaWorkgroupConfiguration.py
+${PYSITELIB}/checkov/cloudformation/checks/resource/aws/AthenaWorkgroupConfiguration.pyc
+${PYSITELIB}/checkov/cloudformation/checks/resource/aws/AthenaWorkgroupConfiguration.pyo
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/AuroraEncryption.py
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/AuroraEncryption.pyc
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/AuroraEncryption.pyo
@ -212,6 +215,9 @@ ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/CloudtrailEncryption.pyo
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/CloudtrailLogValidation.py
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/CloudtrailLogValidation.pyc
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/CloudtrailLogValidation.pyo
+${PYSITELIB}/checkov/cloudformation/checks/resource/aws/CloudwatchLogGroupEncryption.py
+${PYSITELIB}/checkov/cloudformation/checks/resource/aws/CloudwatchLogGroupEncryption.pyc
+${PYSITELIB}/checkov/cloudformation/checks/resource/aws/CloudwatchLogGroupEncryption.pyo
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/DAXEncryption.py
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/DAXEncryption.pyc
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/DAXEncryption.pyo
@ -347,6 +353,9 @@ ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/SecurityGroupUnrestricte
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/SecurityGroupUnrestrictedIngress3389.py
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/SecurityGroupUnrestrictedIngress3389.pyc
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/SecurityGroupUnrestrictedIngress3389.pyo
+${PYSITELIB}/checkov/cloudformation/checks/resource/aws/WAFEnabled.py
+${PYSITELIB}/checkov/cloudformation/checks/resource/aws/WAFEnabled.pyc
+${PYSITELIB}/checkov/cloudformation/checks/resource/aws/WAFEnabled.pyo
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/__init__.py
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/__init__.pyc
 ${PYSITELIB}/checkov/cloudformation/checks/resource/aws/__init__.pyo
@ -863,6 +872,9 @@ ${PYSITELIB}/checkov/terraform/checks/resource/aws/AthenaDatabaseEncryption.pyo
 ${PYSITELIB}/checkov/terraform/checks/resource/aws/AthenaWorkgroupConfiguration.py
 ${PYSITELIB}/checkov/terraform/checks/resource/aws/AthenaWorkgroupConfiguration.pyc
 ${PYSITELIB}/checkov/terraform/checks/resource/aws/AthenaWorkgroupConfiguration.pyo
+${PYSITELIB}/checkov/terraform/checks/resource/aws/AuroraEncryption.py
+${PYSITELIB}/checkov/terraform/checks/resource/aws/AuroraEncryption.pyc
+${PYSITELIB}/checkov/terraform/checks/resource/aws/AuroraEncryption.pyo
 ${PYSITELIB}/checkov/terraform/checks/resource/aws/CloudfrontDistributionEncryption.py
 ${PYSITELIB}/checkov/terraform/checks/resource/aws/CloudfrontDistributionEncryption.pyc
 ${PYSITELIB}/checkov/terraform/checks/resource/aws/CloudfrontDistributionEncryption.pyo
@ -878,6 +890,9 @@ ${PYSITELIB}/checkov/terraform/checks/resource/aws/CloudtrailLogValidation.pyo
 ${PYSITELIB}/checkov/terraform/checks/resource/aws/CloudtrailMultiRegion.py
 ${PYSITELIB}/checkov/terraform/checks/resource/aws/CloudtrailMultiRegion.pyc
 ${PYSITELIB}/checkov/terraform/checks/resource/aws/CloudtrailMultiRegion.pyo
+${PYSITELIB}/checkov/terraform/checks/resource/aws/CloudwatchLogGroupEncryption.py
+${PYSITELIB}/checkov/terraform/checks/resource/aws/CloudwatchLogGroupEncryption.pyc
+${PYSITELIB}/checkov/terraform/checks/resource/aws/CloudwatchLogGroupEncryption.pyo
 ${PYSITELIB}/checkov/terraform/checks/resource/aws/CodeBuildProjectEncryption.py
 ${PYSITELIB}/checkov/terraform/checks/resource/aws/CodeBuildProjectEncryption.pyc
 ${PYSITELIB}/checkov/terraform/checks/resource/aws/CodeBuildProjectEncryption.pyo
--- a/py-checkov/distinfo
+++ b/py-checkov/distinfo
@ -1,7 +1,7 @@
 $NetBSD$

-SHA1 (checkov-1.0.674.tar.gz) = 1bd2d695e7c54dae652de536e0d6054d7ba67e6b
-RMD160 (checkov-1.0.674.tar.gz) = 281f733338f3d1bb4ab5391288adee244776e400
-SHA512 (checkov-1.0.674.tar.gz) = d9c29174d53b319798fe5b354f6ff65c1bf415c74ff011e8452198d3b1a2b73d10b01d7c89cbe11bc5ef768a5d61bbc1e5e9bf0cb7a97722e61eed3c53c6da06
-Size (checkov-1.0.674.tar.gz) = 153228 bytes
-SHA1 (patch-setup.py) = 9bbc504993d950a10596bc8cb3a2f81c52219fea
+SHA1 (checkov-1.0.684.tar.gz) = e6857d857e78d6714632bb2c8ce89516fa20f9f1
+RMD160 (checkov-1.0.684.tar.gz) = c6fe4858851139b59ecabe0990f7ec6d983c3781
+SHA512 (checkov-1.0.684.tar.gz) = 1a6f20dd351c8b470ae1eb5a56350b42881a3174da687b7c8ff885a2da53bccfbae4eb7051f4b062a3dade71b957477ec501b4855a57d40c118230057bf98acb
+Size (checkov-1.0.684.tar.gz) = 154023 bytes
+SHA1 (patch-setup.py) = 09f95cfd23f40dcfd4c04805be371eb13a7125ca
--- a/py-checkov/patches/patch-setup.py
+++ b/py-checkov/patches/patch-setup.py
@ -1,6 +1,6 @@
 $NetBSD$

--- setup.py.orig	2020-12-08 19:14:16.000000000 +0000
+--- setup.py.orig	2020-12-31 08:39:27.000000000 +0000
 +++ setup.py
@@ -1,6 +1,7 @@
 #!/usr/bin/env python
@ -10,7 +10,7 @@ $NetBSD$
 from importlib import util
 from os import path
 
-@@ -100,7 +101,7 @@ setup(
+@@ -59,7 +60,7 @@ setup(
     author_email="meet@bridgecrew.io",
     url="https://github.com/bridgecrewio/checkov",
     packages=setuptools.find_packages(exclude=["tests*","integration_tests*"]),