checkov icon indicating copy to clipboard operation
checkov copied to clipboard
verified publisher icon bridgecrewio

fix: regex issue on the skip path

Open quixoticmonk opened this issue 4 months ago • 2 comments

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

Description

This PR fixes a regex compilation error in the Terraform module finder when using character classes in --skip-path patterns. The issue occurred when users provided regex patterns with character classes (like [a-z0-9-]+) in the excluded_paths parameter, causing the module finder to crash with a regex compilation error.

The fix changes the regex handling approach from compiling all patterns into a single regex to compiling each pattern individually and handling invalid regex patterns by skipping them.

Fixes #7290

Should the test structure be changed to use a terraform configuration from a directory than inline?

Checklist:

  • [X] I have performed a self-review of my own code
  • [X] I have commented my code, particularly in hard-to-understand areas
  • [ ] I have made corresponding changes to the documentation
  • [X] I have added tests that prove my feature, policy, or fix is effective and works
  • [ ] New and existing tests pass locally with my changes

quixoticmonk avatar Sep 07 '25 17:09 quixoticmonk

Thanks for the contribution @quixoticmonk! Could you rebase your branch so the tests will run? I could do it for you just didn't want to cause conflicts in your side :)

bo156 avatar Sep 10 '25 11:09 bo156

@quixoticmonk I see that the unit tests failed here, could you push a fix? 🧪

bo156 avatar Sep 17 '25 08:09 bo156