Update bandit to 1.7.8

[pyup-bot]

This PR updates bandit from 1.6.2 to 1.7.8.

Changelog

1.7.8

What's Changed
* Incorrect tag naming in readme by lukehinds in https://github.com/PyCQA/bandit/pull/1105
* Utilize PyPI's trusted publishing by ericwb in https://github.com/PyCQA/bandit/pull/1107
* Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 by dependabot in https://github.com/PyCQA/bandit/pull/1109
* Add 1.7.7 to versions of bug template by ericwb in https://github.com/PyCQA/bandit/pull/1110
* Use datetime to avoid updating copyright year by ericwb in https://github.com/PyCQA/bandit/pull/1112
* filter data is safe for tarfile extractall by etienneschalk in https://github.com/PyCQA/bandit/pull/1111
* Bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by dependabot in https://github.com/PyCQA/bandit/pull/1115
* [B605] Add functions that are vulnerable to shell injection. by shihai1991 in https://github.com/PyCQA/bandit/pull/1116
* Add a SARIF output formatter by ericwb in https://github.com/PyCQA/bandit/pull/1113

New Contributors
* etienneschalk made their first contribution in https://github.com/PyCQA/bandit/pull/1111
* shihai1991 made their first contribution in https://github.com/PyCQA/bandit/pull/1116

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.7...1.7.8

1.7.7

What's Changed
* Add the new release to bandit versions of bug template by ericwb in https://github.com/PyCQA/bandit/pull/1075
* Bump actions/setup-python from 4 to 5 by dependabot in https://github.com/PyCQA/bandit/pull/1076
* Handle variant in how policy is passed in paramiko by ericwb in https://github.com/PyCQA/bandit/pull/1078
* Flag str.replace as possible sql injection by costaparas in https://github.com/PyCQA/bandit/pull/1044
* defusedxml: Show correct module name by kajinamit in https://github.com/PyCQA/bandit/pull/1081
* Add tidelift to the sponsor funding list by ericwb in https://github.com/PyCQA/bandit/pull/1089
* Create a security policy by ericwb in https://github.com/PyCQA/bandit/pull/1091
* Fix up issues found running Bandit on itself by ericwb in https://github.com/PyCQA/bandit/pull/1093
* Add random.randbytes to blacklist calls by ericwb in https://github.com/PyCQA/bandit/pull/1096
* Prepend ./ for files specified as CLI args by ericwb in https://github.com/PyCQA/bandit/pull/1094
* Rework GitPython dependency to be an extra for bandit-baseline by ericwb in https://github.com/PyCQA/bandit/pull/1099
* Bump actions/dependency-review-action from 3 to 4 by dependabot in https://github.com/PyCQA/bandit/pull/1101
* Introduce Official Bandit Images by lukehinds in https://github.com/PyCQA/bandit/pull/1088
* Remove markdown formatting in reStructuredText formatted README by ericwb in https://github.com/PyCQA/bandit/pull/1103
* Downsize the org:repo name by lukehinds in https://github.com/PyCQA/bandit/pull/1104

New Contributors
* kajinamit made their first contribution in https://github.com/PyCQA/bandit/pull/1081

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.6...1.7.7

1.7.6

What's Changed
* Update bug report to include version 1.7.5 by ericwb in https://github.com/PyCQA/bandit/pull/993
* Render Python 3.10 in drop down correctly by ericwb in https://github.com/PyCQA/bandit/pull/997
* Remove checks for Python2 urllib by ericwb in https://github.com/PyCQA/bandit/pull/999
* Improper detection of non-requests module by ericwb in https://github.com/PyCQA/bandit/pull/1011
* xmlrpclib replaced with xmlrpc in Python3 by ericwb in https://github.com/PyCQA/bandit/pull/1012
* language and linting updates by marksmayo in https://github.com/PyCQA/bandit/pull/1015
* Adds check for crypt module usage as weak hash by ericwb in https://github.com/PyCQA/bandit/pull/1018
* Switch to tox 4 by mportesdev in https://github.com/PyCQA/bandit/pull/1020
* Skip unnecessary `pip install` commands in the pythonpackage.yml workflow by mportesdev in https://github.com/PyCQA/bandit/pull/1021
* Update versions of used GitHub Actions by mportesdev in https://github.com/PyCQA/bandit/pull/1024
* Update pre-commit hooks by mportesdev in https://github.com/PyCQA/bandit/pull/1026
* Add `random.Random` to B311 checks by shiftinv in https://github.com/PyCQA/bandit/pull/940
* Add a copy button to all code snippets in docs by ericwb in https://github.com/PyCQA/bandit/pull/1030
* Replace pbr in favor of importlib by ericwb in https://github.com/PyCQA/bandit/pull/1016
* Switch from open collective to PSF by ericwb in https://github.com/PyCQA/bandit/pull/1031
* Make pre-commit run Bandit hook using a single process by Klavionik in https://github.com/PyCQA/bandit/pull/1029
* Remove support for Python 3.7 due to end-of-life by ericwb in https://github.com/PyCQA/bandit/pull/1034
* Update asserts.py documentation by deronnax in https://github.com/PyCQA/bandit/pull/1036
* Simplify `wrap_file_object` by mportesdev in https://github.com/PyCQA/bandit/pull/1037
* django_rawsql_used: support keyword arguments used in `RawSQL` by kevinmarsh in https://github.com/PyCQA/bandit/pull/765
* Avoid gitpyhon CVE-2022-24439 by carlosduelo in https://github.com/PyCQA/bandit/pull/1048
* Update blacklist call documentation by costaparas in https://github.com/PyCQA/bandit/pull/1045
* Support ignoring blacklists by name by costaparas in https://github.com/PyCQA/bandit/pull/1046
* Fix dependabot to update github actions by ericwb in https://github.com/PyCQA/bandit/pull/1057
* Bump actions/checkout from 3 to 4 by dependabot in https://github.com/PyCQA/bandit/pull/1058
* Fix for ReadtheDocs build by ericwb in https://github.com/PyCQA/bandit/pull/1061
* fix(plugins/B507): also detect class instances by mkniewallner in https://github.com/PyCQA/bandit/pull/1064
* Use mirror repository for black pre-commit hook by mportesdev in https://github.com/PyCQA/bandit/pull/1070
* Add official support of Python 3.12 by ericwb in https://github.com/PyCQA/bandit/pull/1068
* Fix crash on pyproject.toml without bandit config by javajawa in https://github.com/PyCQA/bandit/pull/1073
* refactor: remove `importlib-metadata` fallback by mkniewallner in https://github.com/PyCQA/bandit/pull/1066
* Fixes for sphinx build by ericwb in https://github.com/PyCQA/bandit/pull/1063

New Contributors
* marksmayo made their first contribution in https://github.com/PyCQA/bandit/pull/1015
* shiftinv made their first contribution in https://github.com/PyCQA/bandit/pull/940
* Klavionik made their first contribution in https://github.com/PyCQA/bandit/pull/1029
* deronnax made their first contribution in https://github.com/PyCQA/bandit/pull/1036
* kevinmarsh made their first contribution in https://github.com/PyCQA/bandit/pull/765
* carlosduelo made their first contribution in https://github.com/PyCQA/bandit/pull/1048
* costaparas made their first contribution in https://github.com/PyCQA/bandit/pull/1045
* dependabot made their first contribution in https://github.com/PyCQA/bandit/pull/1058
* javajawa made their first contribution in https://github.com/PyCQA/bandit/pull/1073

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.5...1.7.6

1.7.5

What's Changed
* Add an example screen shot of Bandit to README by ericwb in https://github.com/PyCQA/bandit/pull/847
* Bad link to screen shot by ericwb in https://github.com/PyCQA/bandit/pull/848
* Use a constant for weak hashes by ericwb in https://github.com/PyCQA/bandit/pull/850
* Group location line with code output by ericwb in https://github.com/PyCQA/bandit/pull/822
* Fix line range using Python 3.8 end_lineno by ericwb in https://github.com/PyCQA/bandit/pull/821
* Add classifier to indicate Py3 only by ericwb in https://github.com/PyCQA/bandit/pull/853
* Removal of blacklist call B309 httpsconnection by ericwb in https://github.com/PyCQA/bandit/pull/858
* Remove blacklist call check for os.tempnam by ericwb in https://github.com/PyCQA/bandit/pull/859
* Indiciate hash type in message by ericwb in https://github.com/PyCQA/bandit/pull/860
* Add the httpx module check for verify by ericwb in https://github.com/PyCQA/bandit/pull/861
* Add doc for hashlib plugin by ericwb in https://github.com/PyCQA/bandit/pull/862
* Make use of rich for progress bar by ericwb in https://github.com/PyCQA/bandit/pull/863
* Replace `toml` with `tomli` by mkniewallner in https://github.com/PyCQA/bandit/pull/829
* Fix up B109 and B111 removed plugins docs by ericwb in https://github.com/PyCQA/bandit/pull/864
* add check for "requests" calls without timeout by mschfh in https://github.com/PyCQA/bandit/pull/743
* Fix for build breaks in format job by ericwb in https://github.com/PyCQA/bandit/pull/869
* Add license and contributing links to docs by ericwb in https://github.com/PyCQA/bandit/pull/867
* Remove redundant word Bandit in titles of sections by ericwb in https://github.com/PyCQA/bandit/pull/873
* Add request for feedback via 👍 by ericwb in https://github.com/PyCQA/bandit/pull/871
* Add a Discord link to the docs by ericwb in https://github.com/PyCQA/bandit/pull/870
* Adding logging.config.listen() plugin with examples by raj3shp in https://github.com/PyCQA/bandit/pull/874
* Removal of ghugo by ericwb in https://github.com/PyCQA/bandit/pull/881
* Remove redundant pip line by ericwb in https://github.com/PyCQA/bandit/pull/884
* Corrected documentation on configuration by a-takahashi223 in https://github.com/PyCQA/bandit/pull/868
* Start testing against Python 3.11 by mkniewallner in https://github.com/PyCQA/bandit/pull/887
* Add myself to sponsor list by ericwb in https://github.com/PyCQA/bandit/pull/885
* Add Discord link to README by ericwb in https://github.com/PyCQA/bandit/pull/875
* Update action versions in Actions workflows (890) by mportesdev in https://github.com/PyCQA/bandit/pull/893
* Add dependency review action by ericwb in https://github.com/PyCQA/bandit/pull/891
* Fix an unclosed <b> tag in HTML formatter by mportesdev in https://github.com/PyCQA/bandit/pull/896
* 'Test plugin listing' in docs incorrectly pointing B612 to plugin ref of B102 by rajaramsrn in https://github.com/PyCQA/bandit/pull/897
* Make small fixes in docs by mportesdev in https://github.com/PyCQA/bandit/pull/899
* Specify semver range for Python 3.11 by mportesdev in https://github.com/PyCQA/bandit/pull/901
* Add another bad example of yaml load by ericwb in https://github.com/PyCQA/bandit/pull/905
* Add releases link in "Version control integration" by travisjungroth in https://github.com/PyCQA/bandit/pull/909
* Update version of dependency-review-action by mportesdev in https://github.com/PyCQA/bandit/pull/911
* Avoid redundant message if debug on by ericwb in https://github.com/PyCQA/bandit/pull/913
* Remove invalid checking on hashlib by ericwb in https://github.com/PyCQA/bandit/pull/914
* Add some missing curve types by ericwb in https://github.com/PyCQA/bandit/pull/920
* add jsonpickle deserialization blacklist by SugarP1g in https://github.com/PyCQA/bandit/pull/707
* Fix reading the number argument from config file by KAUTH in https://github.com/PyCQA/bandit/pull/923
* Add end_col_offset if available by ericwb in https://github.com/PyCQA/bandit/pull/851
* Enhancement Proposal: Plugin "assert_used" config-skip snippet by marianomartinelli in https://github.com/PyCQA/bandit/pull/695
* Blacklist pandas read_pickle and add functional test for it by jaspersival in https://github.com/PyCQA/bandit/pull/710
* Docs for request without timeout has dead link by ericwb in https://github.com/PyCQA/bandit/pull/925
* Add case for global exec by tonybaloney in https://github.com/PyCQA/bandit/pull/570
* Fix a false positive condition yaml_load by ericwb in https://github.com/PyCQA/bandit/pull/927
* Fix issue 453 jinja2 template select_autoescape when using jinja2.select_autoescape by kinow in https://github.com/PyCQA/bandit/pull/454
* Adding tarfile.extractall() plugin with examples by yilmi in https://github.com/PyCQA/bandit/pull/549
* Check for deprecated TLS 1.1 by ericwb in https://github.com/PyCQA/bandit/pull/928
* weak_cryptographic_key assumes positional arg by ericwb in https://github.com/PyCQA/bandit/pull/930
* Fix filename of B202 in docs by mportesdev in https://github.com/PyCQA/bandit/pull/932
* Remove python 2 reference in docs by ericwb in https://github.com/PyCQA/bandit/pull/933
* Pass correct number of arguments to match the `%s` placeholders. by mportesdev in https://github.com/PyCQA/bandit/pull/934
* Fixup some invalid pickle testing by ericwb in https://github.com/PyCQA/bandit/pull/924
* Fix json and yaml formatters to respect num lines by ericwb in https://github.com/PyCQA/bandit/pull/929
* Fix AttributeError on detect of tuple assign condition by ericwb in https://github.com/PyCQA/bandit/pull/931
* [docs] Mention `exclude_dirs` option available in TOML and YAML by bittner in https://github.com/PyCQA/bandit/pull/876
* Typo fix by PermanAtayev in https://github.com/PyCQA/bandit/pull/945
* remove py2 exec example in docs by clavedeluna in https://github.com/PyCQA/bandit/pull/947
* Add official Python 3.11 support by ericwb in https://github.com/PyCQA/bandit/pull/964
* DOC: Add explanation on how to use pre-commit with config file by phofl in https://github.com/PyCQA/bandit/pull/968
* Fix breaking build due to new tox by ericwb in https://github.com/PyCQA/bandit/pull/983
* Correct build status badge in README by gliptak in https://github.com/PyCQA/bandit/pull/980
* Improve detecting SQL injections in f-strings by kfrydel in https://github.com/PyCQA/bandit/pull/917
* Improve handling nosec for multi-line strings by kfrydel in https://github.com/PyCQA/bandit/pull/915
* Check for github action updates monthly by jlosito in https://github.com/PyCQA/bandit/pull/989
* Added a bit more `project_urls` by KOLANICH in https://github.com/PyCQA/bandit/pull/985

New Contributors
* mschfh made their first contribution in https://github.com/PyCQA/bandit/pull/743
* raj3shp made their first contribution in https://github.com/PyCQA/bandit/pull/874
* a-takahashi223 made their first contribution in https://github.com/PyCQA/bandit/pull/868
* mportesdev made their first contribution in https://github.com/PyCQA/bandit/pull/893
* rajaramsrn made their first contribution in https://github.com/PyCQA/bandit/pull/897
* travisjungroth made their first contribution in https://github.com/PyCQA/bandit/pull/909
* SugarP1g made their first contribution in https://github.com/PyCQA/bandit/pull/707
* KAUTH made their first contribution in https://github.com/PyCQA/bandit/pull/923
* marianomartinelli made their first contribution in https://github.com/PyCQA/bandit/pull/695
* jaspersival made their first contribution in https://github.com/PyCQA/bandit/pull/710
* kinow made their first contribution in https://github.com/PyCQA/bandit/pull/454
* yilmi made their first contribution in https://github.com/PyCQA/bandit/pull/549
* PermanAtayev made their first contribution in https://github.com/PyCQA/bandit/pull/945
* clavedeluna made their first contribution in https://github.com/PyCQA/bandit/pull/947
* phofl made their first contribution in https://github.com/PyCQA/bandit/pull/968
* gliptak made their first contribution in https://github.com/PyCQA/bandit/pull/980
* kfrydel made their first contribution in https://github.com/PyCQA/bandit/pull/917
* jlosito made their first contribution in https://github.com/PyCQA/bandit/pull/989
* KOLANICH made their first contribution in https://github.com/PyCQA/bandit/pull/985

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.4...1.7.5

1.7.4

What's Changed
* Fix traceback in hashlib_insecure_functions by ericwb in https://github.com/PyCQA/bandit/pull/834
* Add version 1.7.3 to dropdown by ericwb in https://github.com/PyCQA/bandit/pull/833
* core/config: Fix ConfigError missing argument if toml is missing by Holzhaus in https://github.com/PyCQA/bandit/pull/845
* Add 1.7.4 in issue template by ericwb in https://github.com/PyCQA/bandit/pull/846

New Contributors
* Holzhaus made their first contribution in https://github.com/PyCQA/bandit/pull/845

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.3...1.7.4

1.7.3

What's Changed
* Rely on toml conditionally by sigmavirus24 in https://github.com/PyCQA/bandit/pull/780
* Update issue template with latest versions by ericwb in https://github.com/PyCQA/bandit/pull/783
* Delete release-drafter.yml by ericwb in https://github.com/PyCQA/bandit/pull/781
* Use released version of gh-action-pypi-publish by ericwb in https://github.com/PyCQA/bandit/pull/784
* Update publish-to-pypi.yml by ericwb in https://github.com/PyCQA/bandit/pull/785
* Delete releasenotes directory (more openstack leftovers) by ericwb in https://github.com/PyCQA/bandit/pull/786
* [docs] Add Getting Started chapter (migrate from README) by bittner in https://github.com/PyCQA/bandit/pull/773
* Including CWE information by julianthome in https://github.com/PyCQA/bandit/pull/613
* Removal of the CWEMAP dict by ericwb in https://github.com/PyCQA/bandit/pull/789
* Fix up warnings in output of tox by ericwb in https://github.com/PyCQA/bandit/pull/793
* Avoid printing metrics as float point numbers by ericwb in https://github.com/PyCQA/bandit/pull/794
* Add functional test of snmp_security_check by ericwb in https://github.com/PyCQA/bandit/pull/791
* Disable individual tests by mikespallino in https://github.com/PyCQA/bandit/pull/597
* Change up how CWE is formatted by ericwb in https://github.com/PyCQA/bandit/pull/788
* Check value of usedforsecurity for hashlib by ericwb in https://github.com/PyCQA/bandit/pull/798
* Remove redundant Python 3.6 code by ericwb in https://github.com/PyCQA/bandit/pull/802
* Add new plugin to check use of pyghmi by ericwb in https://github.com/PyCQA/bandit/pull/803
* Check for hardcoded passwords in class attributes by noliverio in https://github.com/PyCQA/bandit/pull/766
* Better hashlib check for Python 3.9 by ericwb in https://github.com/PyCQA/bandit/pull/805
* Fix references to the default branch name by ericwb in https://github.com/PyCQA/bandit/pull/810
* Cleanup the README by ericwb in https://github.com/PyCQA/bandit/pull/809
* Show usage with no arguments by ericwb in https://github.com/PyCQA/bandit/pull/814
* Respect color environment variables if set by ericwb in https://github.com/PyCQA/bandit/pull/813
* Cannot seek stdin on pipe by tylerwince in https://github.com/PyCQA/bandit/pull/496
* Test on operating systems we can support by ericwb in https://github.com/PyCQA/bandit/pull/804
* Fix up some warnings and errors in docs by ericwb in https://github.com/PyCQA/bandit/pull/817
* Fix root doc for readthedocs by ericwb in https://github.com/PyCQA/bandit/pull/818
* Use versioned links to docs by ericwb in https://github.com/PyCQA/bandit/pull/819
* Use CWE link in HTML formatter by ericwb in https://github.com/PyCQA/bandit/pull/825
* Improve performance of linerange by Krock21rus in https://github.com/PyCQA/bandit/pull/629
* Inaccurate message in hashlib check by ericwb in https://github.com/PyCQA/bandit/pull/827
* Target Python >= 3.7 in pre-commit hooks by mkniewallner in https://github.com/PyCQA/bandit/pull/830
* Center the bandit logo in readme by ericwb in https://github.com/PyCQA/bandit/pull/823
* Build of artifact fails if raw directive used by ericwb in https://github.com/PyCQA/bandit/pull/831

New Contributors
* bittner made their first contribution in https://github.com/PyCQA/bandit/pull/773
* julianthome made their first contribution in https://github.com/PyCQA/bandit/pull/613
* noliverio made their first contribution in https://github.com/PyCQA/bandit/pull/766
* Krock21rus made their first contribution in https://github.com/PyCQA/bandit/pull/629

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.2...1.7.3

1.7.2

What's Changed
* Fix broken reported URL link for B107 by bagerard in https://github.com/PyCQA/bandit/pull/751
* test_help_arg: remove assert on 'optional arguments' by mikelolasagasti in https://github.com/PyCQA/bandit/pull/752
* Create FUNDING.yml by ericwb in https://github.com/PyCQA/bandit/pull/774
* Start using auto-formatters by sigmavirus24 in https://github.com/PyCQA/bandit/pull/754
* Drop end-of-life Python 3.5 by ericwb in https://github.com/PyCQA/bandit/pull/746
* Drop end-of-life Python 3.6 by ericwb in https://github.com/PyCQA/bandit/pull/777
* Fixup typo by spagh-eddie in https://github.com/PyCQA/bandit/pull/769
* Fix README.rst by stannum-l in https://github.com/PyCQA/bandit/pull/365
* Added snmp_security check plugin for various SNMP checks by Jed-Giblin in https://github.com/PyCQA/bandit/pull/403
* Remove leftover openstack code by ericwb in https://github.com/PyCQA/bandit/pull/778
* Correctly define extras in `setup.cfg` by mkniewallner in https://github.com/PyCQA/bandit/pull/755

New Contributors
* bagerard made their first contribution in https://github.com/PyCQA/bandit/pull/751
* mikelolasagasti made their first contribution in https://github.com/PyCQA/bandit/pull/752
* sigmavirus24 made their first contribution in https://github.com/PyCQA/bandit/pull/754
* spagh-eddie made their first contribution in https://github.com/PyCQA/bandit/pull/769
* Jed-Giblin made their first contribution in https://github.com/PyCQA/bandit/pull/403
* mkniewallner made their first contribution in https://github.com/PyCQA/bandit/pull/755

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.1...1.7.2

1.7.1

What's Changed
* Specify output_file encoding as utf-8 by Brcrwilliams in https://github.com/PyCQA/bandit/pull/364
* Specify language_version in .pre-commit-hooks.yaml by jdufresne in https://github.com/PyCQA/bandit/pull/670
* Clearer message for subprocess module use by ericwb in https://github.com/PyCQA/bandit/pull/667
* Add the column offset to the issue model by tonybaloney in https://github.com/PyCQA/bandit/pull/618
* Show column offset on all formatters by ericwb in https://github.com/PyCQA/bandit/pull/673
* More complete removal of Python2 code by ericwb in https://github.com/PyCQA/bandit/pull/674
* Small syntax and formatting cleanup by ericwb in https://github.com/PyCQA/bandit/pull/676
* Updates to address docstring code scan issues, add flake8 configuration by asears in https://github.com/PyCQA/bandit/pull/671
* More cleanup of license headers by ericwb in https://github.com/PyCQA/bandit/pull/679
* Replace http with https URLs by ericwb in https://github.com/PyCQA/bandit/pull/680
* Add default labels to issues by ericwb in https://github.com/PyCQA/bandit/pull/681
* Prevent creation of blank issues by ericwb in https://github.com/PyCQA/bandit/pull/682
* Include the line number when using HTML output format by aludwin1 in https://github.com/PyCQA/bandit/pull/683
* Add support for Python 3.9 by ericwb in https://github.com/PyCQA/bandit/pull/650
* Add numeric options for severity and confidence by nathanstocking in https://github.com/PyCQA/bandit/pull/702
* 694 Bandit fails when using importlib with named arguments by maciejstromich in https://github.com/PyCQA/bandit/pull/701
* Add license to package installation metadata by RobbeSneyders in https://github.com/PyCQA/bandit/pull/705
* Mock part of python 3.x by ericwb in https://github.com/PyCQA/bandit/pull/685
* Remove statement about Py3 by ericwb in https://github.com/PyCQA/bandit/pull/713
* Use new issue template format by ericwb in https://github.com/PyCQA/bandit/pull/717
* Fix syntax error in bug report by ericwb in https://github.com/PyCQA/bandit/pull/718
* Remove steps in reproduce section by ericwb in https://github.com/PyCQA/bandit/pull/719
* Fix syntax errors in bug report by ericwb in https://github.com/PyCQA/bandit/pull/720
* document that random.choices() isn't secure either by taybin in https://github.com/PyCQA/bandit/pull/728
* PEP-518 support: configure bandit via pyproject.toml by orsinium in https://github.com/PyCQA/bandit/pull/401
* Always use a Loader in yaml.load by ericwb in https://github.com/PyCQA/bandit/pull/745
* fix reading initial values from .bandit by alipqb in https://github.com/PyCQA/bandit/pull/722

New Contributors
* Brcrwilliams made their first contribution in https://github.com/PyCQA/bandit/pull/364
* jdufresne made their first contribution in https://github.com/PyCQA/bandit/pull/670
* tonybaloney made their first contribution in https://github.com/PyCQA/bandit/pull/618
* asears made their first contribution in https://github.com/PyCQA/bandit/pull/671
* aludwin1 made their first contribution in https://github.com/PyCQA/bandit/pull/683
* nathanstocking made their first contribution in https://github.com/PyCQA/bandit/pull/702
* RobbeSneyders made their first contribution in https://github.com/PyCQA/bandit/pull/705
* taybin made their first contribution in https://github.com/PyCQA/bandit/pull/728
* orsinium made their first contribution in https://github.com/PyCQA/bandit/pull/401
* alipqb made their first contribution in https://github.com/PyCQA/bandit/pull/722

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.0...1.7.1

1.7.0

What's Changed
* Use GitHub Action badge for build by ericwb in https://github.com/PyCQA/bandit/pull/651
* Remove universal support on the wheel by ericwb in https://github.com/PyCQA/bandit/pull/655
* Give some tips on how to resolve B101 in the doc by xuhdev in https://github.com/PyCQA/bandit/pull/616
* Remove blacklist call to input() by ericwb in https://github.com/PyCQA/bandit/pull/662
* Create CODEOWNERS by ericwb in https://github.com/PyCQA/bandit/pull/661

New Contributors
* xuhdev made their first contribution in https://github.com/PyCQA/bandit/pull/616

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.6.3...1.7.0

1.6.3

What's Changed
* Replace setattr by tylerwince in https://github.com/PyCQA/bandit/pull/493
* Fix 3.8 errors by tylerwince in https://github.com/PyCQA/bandit/pull/509
* get_url returns different urls calling twice (bug 506) by ehooo in https://github.com/PyCQA/bandit/pull/507
* fix B603 docstring by graingert in https://github.com/PyCQA/bandit/pull/524
* --exit-zero option by maciejstromich in https://github.com/PyCQA/bandit/pull/510
* fix the documentation file README.rst  by MrDolev in https://github.com/PyCQA/bandit/pull/533
* Cleanup comments after 510 by florczakraf in https://github.com/PyCQA/bandit/pull/532
* Update test requirements to latest versions by ericwb in https://github.com/PyCQA/bandit/pull/535
* Remove obsolete "sudo" keyword. by jugmac00 in https://github.com/PyCQA/bandit/pull/538
* Remove unused bindep.txt file by ericwb in https://github.com/PyCQA/bandit/pull/539
* Revert "Revert "Update python documentation links for version 3 counterparts"" by ericwb in https://github.com/PyCQA/bandit/pull/540
* Add several ini options for .bandit file by vuolter in https://github.com/PyCQA/bandit/pull/508
* Add type checking to name node of hashlib_new by teeann in https://github.com/PyCQA/bandit/pull/516
* Add more missing ini options by ericwb in https://github.com/PyCQA/bandit/pull/541
* Add shelve to the pickle blacklists by auscompgeek in https://github.com/PyCQA/bandit/pull/542
* Fix readme file on Extending Bandit on list things by MrDolev in https://github.com/PyCQA/bandit/pull/534
* Add official support of Python 3.8 by ericwb in https://github.com/PyCQA/bandit/pull/547
* update README to add info about badge by zachvalenta in https://github.com/PyCQA/bandit/pull/482
* Fix docs for B610,B611,B703 by amacfie in https://github.com/PyCQA/bandit/pull/555
* Use SPDX license identifier instead of bulky headers by ericwb in https://github.com/PyCQA/bandit/pull/530
* Add a section explaining "nosec" by exhuma in https://github.com/PyCQA/bandit/pull/554
* replace 'then' with 'than' by pwoolvett in https://github.com/PyCQA/bandit/pull/557
* Add sha1 to the list of insecure hashes by ericwb in https://github.com/PyCQA/bandit/pull/561
* Use GitHub Actions to run CI by ericwb in https://github.com/PyCQA/bandit/pull/565
* Ignore common directories by default by ericwb in https://github.com/PyCQA/bandit/pull/544
* Add push and pull request to GH Action trigger by ericwb in https://github.com/PyCQA/bandit/pull/567
* Add contributing file by Glyphack in https://github.com/PyCQA/bandit/pull/572
* Fix contributing typo by Glyphack in https://github.com/PyCQA/bandit/pull/582
* [DOC] Support python3 venv creation by look4regev in https://github.com/PyCQA/bandit/pull/583
* Cleanup some typos in recent contributor guide by ericwb in https://github.com/PyCQA/bandit/pull/585
* Fix colorama not being disabled after being used by adambenali in https://github.com/PyCQA/bandit/pull/586
* Fix typo for activating venv by bavedarnow in https://github.com/PyCQA/bandit/pull/590
* Bump pyyaml by dosisod in https://github.com/PyCQA/bandit/pull/588
* Update CODE_OF_CONDUCT.md by ericwb in https://github.com/PyCQA/bandit/pull/591
* Resolve 'NoneType' object has no attribute 'id'Traceback in django_mark_safe by ehooo in https://github.com/PyCQA/bandit/pull/598
* [FIX] blacklist: fix typo in import_ftplib by Yenthe666 in https://github.com/PyCQA/bandit/pull/601
* Add release notes project URL by scop in https://github.com/PyCQA/bandit/pull/610
* Drop Python2 build, test, and install by ericwb in https://github.com/PyCQA/bandit/pull/615
* Fix  noqa rendering in docs by DrGFreeman in https://github.com/PyCQA/bandit/pull/645
* Don't show progress information on --quiet by fniessink in https://github.com/PyCQA/bandit/pull/641
* Add skip configuration to assert_used by wilbertom in https://github.com/PyCQA/bandit/pull/633
* GitHub Action to publish to Test PyPI by ericwb in https://github.com/PyCQA/bandit/pull/652
* Add workflow to publish to PyPI by ericwb in https://github.com/PyCQA/bandit/pull/653

New Contributors
* graingert made their first contribution in https://github.com/PyCQA/bandit/pull/524
* MrDolev made their first contribution in https://github.com/PyCQA/bandit/pull/533
* florczakraf made their first contribution in https://github.com/PyCQA/bandit/pull/532
* jugmac00 made their first contribution in https://github.com/PyCQA/bandit/pull/538
* vuolter made their first contribution in https://github.com/PyCQA/bandit/pull/508
* teeann made their first contribution in https://github.com/PyCQA/bandit/pull/516
* auscompgeek made their first contribution in https://github.com/PyCQA/bandit/pull/542
* zachvalenta made their first contribution in https://github.com/PyCQA/bandit/pull/482
* amacfie made their first contribution in https://github.com/PyCQA/bandit/pull/555
* exhuma made their first contribution in https://github.com/PyCQA/bandit/pull/554
* pwoolvett made their first contribution in https://github.com/PyCQA/bandit/pull/557
* Glyphack made their first contribution in https://github.com/PyCQA/bandit/pull/572
* look4regev made their first contribution in https://github.com/PyCQA/bandit/pull/583
* adambenali made their first contribution in https://github.com/PyCQA/bandit/pull/586
* bavedarnow made their first contribution in https://github.com/PyCQA/bandit/pull/590
* dosisod made their first contribution in https://github.com/PyCQA/bandit/pull/588
* Yenthe666 made their first contribution in https://github.com/PyCQA/bandit/pull/601
* scop made their first contribution in https://github.com/PyCQA/bandit/pull/610
* DrGFreeman made their first contribution in https://github.com/PyCQA/bandit/pull/645
* fniessink made their first contribution in https://github.com/PyCQA/bandit/pull/641
* wilbertom made their first contribution in https://github.com/PyCQA/bandit/pull/633

**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.6.2...1.6.3

Links

• PyPI: https://pypi.org/project/bandit
• Changelog: https://data.safetycli.com/changelogs/bandit/
• Docs: https://bandit.readthedocs.io/