Skip to content

Commit

Permalink
Bump bandit from 1.7.8 to 1.7.9 (#84)
Browse files Browse the repository at this point in the history 
Bumps [bandit](https://github.com/PyCQA/bandit) from 1.7.8 to 1.7.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/PyCQA/bandit/releases">bandit's
releases</a>.</em></p>
<blockquote>
<h2>1.7.9</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump docker/build-push-action from 5.1.0 to 5.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1117">PyCQA/bandit#1117</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1119">PyCQA/bandit#1119</a></li>
<li>New logo for Bandit based on raccoon by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1121">PyCQA/bandit#1121</a></li>
<li>Start testing on Python 3.13 by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1122">PyCQA/bandit#1122</a></li>
<li>Bump docker/build-push-action from 5.2.0 to 5.3.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1123">PyCQA/bandit#1123</a></li>
<li>Bump docker/setup-buildx-action from 3.1.0 to 3.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1124">PyCQA/bandit#1124</a></li>
<li>Bump docker/login-action from 3.0.0 to 3.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1125">PyCQA/bandit#1125</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1126">PyCQA/bandit#1126</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1127">PyCQA/bandit#1127</a></li>
<li>Bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1130">PyCQA/bandit#1130</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1131">PyCQA/bandit#1131</a></li>
<li>Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1132">PyCQA/bandit#1132</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1133">PyCQA/bandit#1133</a></li>
<li>Updates banner logo so it renders well in dark mode by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1134">PyCQA/bandit#1134</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1135">PyCQA/bandit#1135</a></li>
<li>Add a sponsor section to README by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1137">PyCQA/bandit#1137</a></li>
<li>Ensure sarif extra is included as part of doc build by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1139">PyCQA/bandit#1139</a></li>
<li>Bump docker/login-action from 3.1.0 to 3.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1142">PyCQA/bandit#1142</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1143">PyCQA/bandit#1143</a></li>
<li>[pre-commit.ci] pre-commit autoupdate by <a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1145">PyCQA/bandit#1145</a></li>
<li>Guard against empty call argument list by <a
href="https://github.com/ericwb"><code>@​ericwb</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1146">PyCQA/bandit#1146</a></li>
<li>Bump docker/build-push-action from 5.3.0 to 5.4.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1144">PyCQA/bandit#1144</a></li>
<li>Support <code>configfile</code> in <code>.bandit</code> file by <a
href="https://github.com/bersbersbers"><code>@​bersbersbers</code></a>
in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1052">PyCQA/bandit#1052</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/pre-commit-ci"><code>@​pre-commit-ci</code></a>
made their first contribution in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1119">PyCQA/bandit#1119</a></li>
<li><a
href="https://github.com/bersbersbers"><code>@​bersbersbers</code></a>
made their first contribution in <a
href="https://redirect.github.com/PyCQA/bandit/pull/1052">PyCQA/bandit#1052</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/PyCQA/bandit/compare/1.7.8...1.7.9">https://github.com/PyCQA/bandit/compare/1.7.8...1.7.9</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/PyCQA/bandit/commit/691f465b4bac758ea1d6dfa9b57d3881a12954fd"><code>691f465</code></a>
Support <code>configfile</code> in <code>.bandit</code> file (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1052">#1052</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/f1a397e848540c6a51318a53c6ace14d8d05a145"><code>f1a397e</code></a>
Bump docker/build-push-action from 5.3.0 to 5.4.0 (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1144">#1144</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/049eba08c90c86404d16ed71e5f109dfddf459cd"><code>049eba0</code></a>
Guard against empty call argument list (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1146">#1146</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/ad56c78f1e2f7d56fb3f75e8c2d78da85292d0e0"><code>ad56c78</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1145">#1145</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/2dd4cb53c25045cc8544681efd1ebe4adcf63dca"><code>2dd4cb5</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1143">#1143</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/313cae756a351ca3e7b6a183fe87a92b9d56ea22"><code>313cae7</code></a>
Bump docker/login-action from 3.1.0 to 3.2.0 (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1142">#1142</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/3fa1e257a864b03d621b8de1425ff69dda7d1736"><code>3fa1e25</code></a>
Ensure sarif extra is included as part of doc build (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1139">#1139</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/8b659fb9b72ed7f6ae5d2a0c60e941af71b859cd"><code>8b659fb</code></a>
Add a sponsor section to README (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1137">#1137</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/30cada51620d274b8191393d12ae04e2807c9a37"><code>30cada5</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1135">#1135</a>)</li>
<li><a
href="https://github.com/PyCQA/bandit/commit/dbb41618888046f09bc30e9a32cd6e45bcb5a582"><code>dbb4161</code></a>
Updates banner logo so it renders well in dark mode (<a
href="https://redirect.github.com/PyCQA/bandit/issues/1134">#1134</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/PyCQA/bandit/compare/1.7.8...1.7.9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bandit&package-manager=pip&previous-version=1.7.8&new-version=1.7.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] committed Jun 18, 2024
1 parent 9478002 commit 028070e
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion linter-requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
bandit==1.7.8
bandit==1.7.9
black==24.4.2
flake8==7.1.0
isort==5.13.2
Expand Down

0 comments on commit 028070e

Please sign in to comment.