-
-
Notifications
You must be signed in to change notification settings - Fork 894
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS Codecommit URLs marked as suspisious #1805
Comments
Thanks for reporting. I presume that trying to set It seems you have control over the GitPython dependency, so I'd assume there is control over what's called and how. A possible course of action would be to explicitly allow |
Same here. I received the warning and I was able to circumvent it with |
I think in order to do this correctly, GitPython would have to respect the configuration, which probably is setup to allow Special exceptions for |
I have a terraform module code as below -
I am running static code analysis tool checkov which has a dependency of gitpython >=3.1.30
failed to get git::codecommit::us-east-1://test?ref=v1.0.0 because of The
codecommit::
protocol looks suspicious, useallow_unsafe_protocols=True
to allow it.Gitpython complains that the codecommit url is not safe. If I manually install gitpython 3.1.29 then the below error doesnt show but it conflicts with checkov dependency
The text was updated successfully, but these errors were encountered: