Closed dependabot[bot] closed 6 months ago
✅ No vulnerabilities or license issues found.
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 18.39%. Comparing base (
a4cefc8
) to head (11798d4
). Report is 1 commits behind head on main.:exclamation: Current head 11798d4 differs from pull request most recent head ee230a6. Consider uploading reports for the commit ee230a6 to get more accurate results
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
A newer version of bandit exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.
Bumps bandit from 1.7.6 to 1.7.7.
Release notes
Sourced from bandit's releases.
Commits
4c5b3c8
Downsize the org:repo name (#1104)3f86e84
Remove markdown formatting in reStructuredText formatted README (#1103)ff7ed4b
Introduce Official Bandit Images (#1088)99ddf6b
Bump actions/dependency-review-action from 3 to 4 (#1101)22c75a8
Rework GitPython dependency to be an extra for bandit-baseline (#1099)12e14f6
Prepend ./ for files specified as CLI args (#1094)0779eb0
Add random.randbytes to blacklist calls (#1096)7129108
Fix up issues found running Bandit on itself (#1093)c2bd6d6
Create a security policy (#1091)a78cafe
Add tidelift to the sponsor funding list (#1089)You can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show