pip(deps-dev): bump bandit from 1.7.1 to 1.7.2 #205

dependabot · 2022-01-26T08:00:01Z

Bumps bandit from 1.7.1 to 1.7.2.

Release notes

1.7.2

What's Changed

Fix broken reported URL link for B107 by @bagerard in PyCQA/bandit#751

test_help_arg: remove assert on 'optional arguments' by @mikelolasagasti in PyCQA/bandit#752

Create FUNDING.yml by @ericwb in PyCQA/bandit#774

Start using auto-formatters by @sigmavirus24 in PyCQA/bandit#754

Drop end-of-life Python 3.5 by @ericwb in PyCQA/bandit#746

Drop end-of-life Python 3.6 by @ericwb in PyCQA/bandit#777

Fixup typo by @spagh-eddie in PyCQA/bandit#769

Fix README.rst by @stannum-l in PyCQA/bandit#365

Added snmp_security check plugin for various SNMP checks by @Jed-Giblin in PyCQA/bandit#403

Remove leftover openstack code by @ericwb in PyCQA/bandit#778

Correctly define extras in setup.cfg by @mkniewallner in PyCQA/bandit#755

New Contributors

@bagerard made their first contribution in PyCQA/bandit#751

@mikelolasagasti made their first contribution in PyCQA/bandit#752

@sigmavirus24 made their first contribution in PyCQA/bandit#754

@spagh-eddie made their first contribution in PyCQA/bandit#769

@Jed-Giblin made their first contribution in PyCQA/bandit#403

@mkniewallner made their first contribution in PyCQA/bandit#755

Full Changelog: PyCQA/bandit@1.7.1...1.7.2

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

codecov · 2022-01-26T08:11:08Z

Codecov Report

Merging #205 (92fe5b2) into develop (55c896c) will not change coverage.
The diff coverage is n/a.

❗ Current head 92fe5b2 differs from pull request most recent head 7d0385c. Consider uploading reports for the commit 7d0385c to get more accurate results

@@           Coverage Diff            @@
##           develop     #205   +/-   ##
========================================
  Coverage    74.50%   74.50%           
========================================
  Files           27       27           
  Lines         3652     3652           
========================================
  Hits          2721     2721           
  Misses         931      931

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 346ca2d...7d0385c. Read the comment docs.

Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.1 to 1.7.2. - [Release notes](https://github.com/PyCQA/bandit/releases) - [Commits](PyCQA/bandit@1.7.1...1.7.2) --- updated-dependencies: - dependency-name: bandit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>