OSGeo / grass

GRASS GIS - free and open-source geospatial processing engine
https://grass.osgeo.org
Other
852 stars 310 forks source link

CI(deps): Update dependency bandit to v1.7.10 #4370

Closed renovate[bot] closed 1 month ago

renovate[bot] commented 1 month ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
bandit (source, changelog) 1.7.9 -> 1.7.10 age adoption passing confidence

Release Notes

PyCQA/bandit (bandit) ### [`v1.7.10`](https://redirect.github.com/PyCQA/bandit/releases/tag/1.7.10) [Compare Source](https://redirect.github.com/PyCQA/bandit/compare/1.7.9...1.7.10) #### What's Changed - Bump docker/build-push-action from 5.4.0 to 6.0.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1147](https://redirect.github.com/PyCQA/bandit/pull/1147) - Suggested small refactors in assignments by [@​ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1150](https://redirect.github.com/PyCQA/bandit/pull/1150) - Performance improvement in blacklist function by [@​ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1148](https://redirect.github.com/PyCQA/bandit/pull/1148) - Add test for usage of FTP_TLS by [@​ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1149](https://redirect.github.com/PyCQA/bandit/pull/1149) - New check: B113: TrojanSource - Bidirectional control characters by [@​Lucas-C](https://redirect.github.com/Lucas-C) in [https://github.com/PyCQA/bandit/pull/757](https://redirect.github.com/PyCQA/bandit/pull/757) - Bump docker/build-push-action from 6.0.0 to 6.1.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1152](https://redirect.github.com/PyCQA/bandit/pull/1152) - feat(plugins): add support for `httpx` in `B113` by [@​mkniewallner](https://redirect.github.com/mkniewallner) in [https://github.com/PyCQA/bandit/pull/1060](https://redirect.github.com/PyCQA/bandit/pull/1060) - Nit: remove unused variable by [@​ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1153](https://redirect.github.com/PyCQA/bandit/pull/1153) - Add recent releases to version choice in bug report by [@​ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1151](https://redirect.github.com/PyCQA/bandit/pull/1151) - Bump docker/build-push-action from 6.1.0 to 6.2.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1155](https://redirect.github.com/PyCQA/bandit/pull/1155) - Bump docker/build-push-action from 6.2.0 to 6.3.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1157](https://redirect.github.com/PyCQA/bandit/pull/1157) - Bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1156](https://redirect.github.com/PyCQA/bandit/pull/1156) - Bump docker/setup-buildx-action from 3.4.0 to 3.5.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1158](https://redirect.github.com/PyCQA/bandit/pull/1158) - Bump docker/login-action from 3.2.0 to 3.3.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1159](https://redirect.github.com/PyCQA/bandit/pull/1159) - Bump docker/build-push-action from 6.3.0 to 6.5.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1160](https://redirect.github.com/PyCQA/bandit/pull/1160) - Bump docker/setup-buildx-action from 3.5.0 to 3.6.1 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1163](https://redirect.github.com/PyCQA/bandit/pull/1163) - Bump docker/build-push-action from 6.5.0 to 6.6.1 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1166](https://redirect.github.com/PyCQA/bandit/pull/1166) - Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1165](https://redirect.github.com/PyCQA/bandit/pull/1165) - Bump docker/build-push-action from 6.6.1 to 6.7.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1168](https://redirect.github.com/PyCQA/bandit/pull/1168) - Use consistent file naming of docs by [@​ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1170](https://redirect.github.com/PyCQA/bandit/pull/1170) - Pytorch Load / Save Plugin by [@​lukehinds](https://redirect.github.com/lukehinds) in [https://github.com/PyCQA/bandit/pull/1114](https://redirect.github.com/PyCQA/bandit/pull/1114) #### New Contributors - [@​Lucas-C](https://redirect.github.com/Lucas-C) made their first contribution in [https://github.com/PyCQA/bandit/pull/757](https://redirect.github.com/PyCQA/bandit/pull/757) **Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.9...1.7.10

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.



This PR was generated by Mend Renovate. View the repository job log.