New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(deps): update dependency bandit to v1.7.6 #175

Merged

ryshu merged 1 commit into alpha from renovate/bandit-1.7.x-lockfile

Dec 12, 2023

Contributor

renovate bot commented Dec 9, 2023

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
bandit (source, changelog)	`1.7.5` -> `1.7.6`

Release Notes

PyCQA/bandit (bandit)

`v1.7.6`

What's Changed

Update bug report to include version 1.7.5 by @ericwb in https://github.com/PyCQA/bandit/pull/993
Render Python 3.10 in drop down correctly by @ericwb in https://github.com/PyCQA/bandit/pull/997
Remove checks for Python2 urllib by @ericwb in https://github.com/PyCQA/bandit/pull/999
Improper detection of non-requests module by @ericwb in https://github.com/PyCQA/bandit/pull/1011
xmlrpclib replaced with xmlrpc in Python3 by @ericwb in https://github.com/PyCQA/bandit/pull/1012
language and linting updates by @marksmayo in https://github.com/PyCQA/bandit/pull/1015
Adds check for crypt module usage as weak hash by @ericwb in https://github.com/PyCQA/bandit/pull/1018
Switch to tox 4 by @mportesdev in https://github.com/PyCQA/bandit/pull/1020
Skip unnecessary pip install commands in the pythonpackage.yml workflow by @mportesdev in https://github.com/PyCQA/bandit/pull/1021
Update versions of used GitHub Actions by @mportesdev in https://github.com/PyCQA/bandit/pull/1024
Update pre-commit hooks by @mportesdev in https://github.com/PyCQA/bandit/pull/1026
Add random.Random to B311 checks by @shiftinv in https://github.com/PyCQA/bandit/pull/940
Add a copy button to all code snippets in docs by @ericwb in https://github.com/PyCQA/bandit/pull/1030
Replace pbr in favor of importlib by @ericwb in https://github.com/PyCQA/bandit/pull/1016
Switch from open collective to PSF by @ericwb in https://github.com/PyCQA/bandit/pull/1031
Make pre-commit run Bandit hook using a single process by @Klavionik in https://github.com/PyCQA/bandit/pull/1029
Remove support for Python 3.7 due to end-of-life by @ericwb in https://github.com/PyCQA/bandit/pull/1034
Update asserts.py documentation by @deronnax in https://github.com/PyCQA/bandit/pull/1036
Simplify wrap_file_object by @mportesdev in https://github.com/PyCQA/bandit/pull/1037
django_rawsql_used: support keyword arguments used in RawSQL by @kevinmarsh in https://github.com/PyCQA/bandit/pull/765
Avoid gitpyhon CVE-2022-24439 by @carlosduelo in https://github.com/PyCQA/bandit/pull/1048
Update blacklist call documentation by @costaparas in https://github.com/PyCQA/bandit/pull/1045
Support ignoring blacklists by name by @costaparas in https://github.com/PyCQA/bandit/pull/1046
Fix dependabot to update github actions by @ericwb in https://github.com/PyCQA/bandit/pull/1057
Bump actions/checkout from 3 to 4 by @dependabot in https://github.com/PyCQA/bandit/pull/1058
Fix for ReadtheDocs build by @ericwb in https://github.com/PyCQA/bandit/pull/1061
fix(plugins/B507): also detect class instances by @mkniewallner in https://github.com/PyCQA/bandit/pull/1064
Use mirror repository for black pre-commit hook by @mportesdev in https://github.com/PyCQA/bandit/pull/1070
Add official support of Python 3.12 by @ericwb in https://github.com/PyCQA/bandit/pull/1068
Fix crash on pyproject.toml without bandit config by @javajawa in https://github.com/PyCQA/bandit/pull/1073
refactor: remove importlib-metadata fallback by @mkniewallner in https://github.com/PyCQA/bandit/pull/1066
Fixes for sphinx build by @ericwb in https://github.com/PyCQA/bandit/pull/1063

New Contributors

@marksmayo made their first contribution in https://github.com/PyCQA/bandit/pull/1015
@shiftinv made their first contribution in https://github.com/PyCQA/bandit/pull/940
@Klavionik made their first contribution in https://github.com/PyCQA/bandit/pull/1029
@deronnax made their first contribution in https://github.com/PyCQA/bandit/pull/1036
@kevinmarsh made their first contribution in https://github.com/PyCQA/bandit/pull/765
@carlosduelo made their first contribution in https://github.com/PyCQA/bandit/pull/1048
@costaparas made their first contribution in https://github.com/PyCQA/bandit/pull/1045
@dependabot made their first contribution in https://github.com/PyCQA/bandit/pull/1058
@javajawa made their first contribution in https://github.com/PyCQA/bandit/pull/1073

Full Changelog: PyCQA/bandit@1.7.5...1.7.6

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

renovate bot force-pushed the renovate/bandit-1.7.x-lockfile branch from 6551c34 to 2b1235d Compare

December 9, 2023 14:02


          feat(deps): update dependency bandit to v1.7.6

94d1265

renovate bot force-pushed the renovate/bandit-1.7.x-lockfile branch from 2b1235d to 94d1265 Compare

December 9, 2023 14:03

ryshu merged commit 7178844 into alpha

7 checks passed

renovate bot deleted the renovate/bandit-1.7.x-lockfile branch

December 12, 2023 07:14

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet