Update dependency bandit to v1.7.4 #152

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merged

Kircheneer merged 1 commit into develop from renovate/bandit-1.x-lockfile

Sep 27, 2022

Contributor

renovate bot commented Sep 21, 2022

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
bandit (source, changelog)	`1.7.1` -> `1.7.4`

Release Notes

PyCQA/bandit

`v1.7.4`

What's Changed

Fix traceback in hashlib_insecure_functions by @ericwb in https://github.com/PyCQA/bandit/pull/834
Add version 1.7.3 to dropdown by @ericwb in https://github.com/PyCQA/bandit/pull/833
core/config: Fix ConfigError missing argument if toml is missing by @Holzhaus in https://github.com/PyCQA/bandit/pull/845
Add 1.7.4 in issue template by @ericwb in https://github.com/PyCQA/bandit/pull/846

New Contributors

@Holzhaus made their first contribution in https://github.com/PyCQA/bandit/pull/845

Full Changelog: PyCQA/bandit@1.7.3...1.7.4

`v1.7.3`

What's Changed

Rely on toml conditionally by @sigmavirus24 in https://github.com/PyCQA/bandit/pull/780
Update issue template with latest versions by @ericwb in https://github.com/PyCQA/bandit/pull/783
Delete release-drafter.yml by @ericwb in https://github.com/PyCQA/bandit/pull/781
Use released version of gh-action-pypi-publish by @ericwb in https://github.com/PyCQA/bandit/pull/784
Update publish-to-pypi.yml by @ericwb in https://github.com/PyCQA/bandit/pull/785
Delete releasenotes directory (more openstack leftovers) by @ericwb in https://github.com/PyCQA/bandit/pull/786
[docs] Add Getting Started chapter (migrate from README) by @bittner in https://github.com/PyCQA/bandit/pull/773
Including CWE information by @julianthome in https://github.com/PyCQA/bandit/pull/613
Removal of the CWEMAP dict by @ericwb in https://github.com/PyCQA/bandit/pull/789
Fix up warnings in output of tox by @ericwb in https://github.com/PyCQA/bandit/pull/793
Avoid printing metrics as float point numbers by @ericwb in https://github.com/PyCQA/bandit/pull/794
Add functional test of snmp_security_check by @ericwb in https://github.com/PyCQA/bandit/pull/791
Disable individual tests by @mikespallino in https://github.com/PyCQA/bandit/pull/597
Change up how CWE is formatted by @ericwb in https://github.com/PyCQA/bandit/pull/788
Check value of usedforsecurity for hashlib by @ericwb in https://github.com/PyCQA/bandit/pull/798
Remove redundant Python 3.6 code by @ericwb in https://github.com/PyCQA/bandit/pull/802
Add new plugin to check use of pyghmi by @ericwb in https://github.com/PyCQA/bandit/pull/803
Check for hardcoded passwords in class attributes by @noliverio in https://github.com/PyCQA/bandit/pull/766
Better hashlib check for Python 3.9 by @ericwb in https://github.com/PyCQA/bandit/pull/805
Fix references to the default branch name by @ericwb in https://github.com/PyCQA/bandit/pull/810
Cleanup the README by @ericwb in https://github.com/PyCQA/bandit/pull/809
Show usage with no arguments by @ericwb in https://github.com/PyCQA/bandit/pull/814
Respect color environment variables if set by @ericwb in https://github.com/PyCQA/bandit/pull/813
Cannot seek stdin on pipe by @tylerwince in https://github.com/PyCQA/bandit/pull/496
Test on operating systems we can support by @ericwb in https://github.com/PyCQA/bandit/pull/804
Fix up some warnings and errors in docs by @ericwb in https://github.com/PyCQA/bandit/pull/817
Fix root doc for readthedocs by @ericwb in https://github.com/PyCQA/bandit/pull/818
Use versioned links to docs by @ericwb in https://github.com/PyCQA/bandit/pull/819
Use CWE link in HTML formatter by @ericwb in https://github.com/PyCQA/bandit/pull/825
Improve performance of linerange by @Krock21rus in https://github.com/PyCQA/bandit/pull/629
Inaccurate message in hashlib check by @ericwb in https://github.com/PyCQA/bandit/pull/827
Target Python >= 3.7 in pre-commit hooks by @mkniewallner in https://github.com/PyCQA/bandit/pull/830
Center the bandit logo in readme by @ericwb in https://github.com/PyCQA/bandit/pull/823
Build of artifact fails if raw directive used by @ericwb in https://github.com/PyCQA/bandit/pull/831

New Contributors

@bittner made their first contribution in https://github.com/PyCQA/bandit/pull/773
@julianthome made their first contribution in https://github.com/PyCQA/bandit/pull/613
@noliverio made their first contribution in https://github.com/PyCQA/bandit/pull/766
@Krock21rus made their first contribution in https://github.com/PyCQA/bandit/pull/629

Full Changelog: PyCQA/bandit@1.7.2...1.7.3

`v1.7.2`

What's Changed

Fix broken reported URL link for B107 by @bagerard in https://github.com/PyCQA/bandit/pull/751
test_help_arg: remove assert on 'optional arguments' by @mikelolasagasti in https://github.com/PyCQA/bandit/pull/752
Create FUNDING.yml by @ericwb in https://github.com/PyCQA/bandit/pull/774
Start using auto-formatters by @sigmavirus24 in https://github.com/PyCQA/bandit/pull/754
Drop end-of-life Python 3.5 by @ericwb in https://github.com/PyCQA/bandit/pull/746
Drop end-of-life Python 3.6 by @ericwb in https://github.com/PyCQA/bandit/pull/777
Fixup typo by @spagh-eddie in https://github.com/PyCQA/bandit/pull/769
Fix README.rst by @stannum-l in https://github.com/PyCQA/bandit/pull/365
Added snmp_security check plugin for various SNMP checks by @Jed-Giblin in https://github.com/PyCQA/bandit/pull/403
Remove leftover openstack code by @ericwb in https://github.com/PyCQA/bandit/pull/778
Correctly define extras in setup.cfg by @mkniewallner in https://github.com/PyCQA/bandit/pull/755

New Contributors

@bagerard made their first contribution in https://github.com/PyCQA/bandit/pull/751
@mikelolasagasti made their first contribution in https://github.com/PyCQA/bandit/pull/752
@sigmavirus24 made their first contribution in https://github.com/PyCQA/bandit/pull/754
@spagh-eddie made their first contribution in https://github.com/PyCQA/bandit/pull/769
@Jed-Giblin made their first contribution in https://github.com/PyCQA/bandit/pull/403
@mkniewallner made their first contribution in https://github.com/PyCQA/bandit/pull/755

Full Changelog: PyCQA/bandit@1.7.1...1.7.2

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.


          Update dependency bandit to v1.7.4

be441e4

renovate bot requested review from glennmatthews, Kircheneer and chadell as code owners

September 21, 2022 12:41

renovate bot added the dependencies label

glennmatthews approved these changes

View reviewed changes

Kircheneer merged commit a672325 into develop

renovate bot deleted the renovate/bandit-1.x-lockfile branch

September 27, 2022 14:05

itdependsnetworks pushed a commit to itdependsnetworks/diffsync that referenced this pull request


          Update dependency bandit to v1.7.4 (networktocode#152)

62d57f9

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

Kircheneer pushed a commit that referenced this pull request


          Update dependency bandit to v1.7.4 (#152)

a334528

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels