Skip to main content

Checkov

Pro Plan Feature

This feature is available exclusively as part of the Pro plan and is not included in the Lite plan. Please refer to our pricing page for more information about our plans and features.

Checkov is a static code analysis tool for scanning Infrastructure as Code (IaC) files for misconfigurations.

Files

Checkov will run on files with the following files and extensions:

  • .tf
  • .yml
  • .yaml
  • .json
  • .template
  • .bicep
  • .hcl
  • bower.json
  • build.gradle
  • build.gradle.kts
  • go.sum
  • gradle.properties
  • METADATA
  • npm-shrinkwrap.json
  • package.json
  • package-lock.json
  • pom.xml
  • requirements.txt
  • Dockerfile
  • .dockerfile
  • Dockerfile.*
  • .csproj
  • yarn.lock
  • Gemfile
  • Gemfile.lock
  • go.mod
  • paket.dependencies
  • paket.lock
  • packages.config
  • composer.json
  • composer.lock

Configuration

CodeRabbit will include on the following severity levels based on the profile selected:

Chill

  • HIGH
  • CRITICAL

Assertive

  • MEDIUM
  • HIGH
  • CRITICAL
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy