PyCQA/bandit (bandit)
### [`v1.7.10`](https://redirect.github.com/PyCQA/bandit/releases/tag/1.7.10)
[Compare Source](https://redirect.github.com/PyCQA/bandit/compare/1.7.9...1.7.10)
#### What's Changed
- Bump docker/build-push-action from 5.4.0 to 6.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1147](https://redirect.github.com/PyCQA/bandit/pull/1147)
- Suggested small refactors in assignments by [@ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1150](https://redirect.github.com/PyCQA/bandit/pull/1150)
- Performance improvement in blacklist function by [@ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1148](https://redirect.github.com/PyCQA/bandit/pull/1148)
- Add test for usage of FTP_TLS by [@ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1149](https://redirect.github.com/PyCQA/bandit/pull/1149)
- New check: B113: TrojanSource - Bidirectional control characters by [@Lucas-C](https://redirect.github.com/Lucas-C) in [https://github.com/PyCQA/bandit/pull/757](https://redirect.github.com/PyCQA/bandit/pull/757)
- Bump docker/build-push-action from 6.0.0 to 6.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1152](https://redirect.github.com/PyCQA/bandit/pull/1152)
- feat(plugins): add support for `httpx` in `B113` by [@mkniewallner](https://redirect.github.com/mkniewallner) in [https://github.com/PyCQA/bandit/pull/1060](https://redirect.github.com/PyCQA/bandit/pull/1060)
- Nit: remove unused variable by [@ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1153](https://redirect.github.com/PyCQA/bandit/pull/1153)
- Add recent releases to version choice in bug report by [@ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1151](https://redirect.github.com/PyCQA/bandit/pull/1151)
- Bump docker/build-push-action from 6.1.0 to 6.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1155](https://redirect.github.com/PyCQA/bandit/pull/1155)
- Bump docker/build-push-action from 6.2.0 to 6.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1157](https://redirect.github.com/PyCQA/bandit/pull/1157)
- Bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1156](https://redirect.github.com/PyCQA/bandit/pull/1156)
- Bump docker/setup-buildx-action from 3.4.0 to 3.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1158](https://redirect.github.com/PyCQA/bandit/pull/1158)
- Bump docker/login-action from 3.2.0 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1159](https://redirect.github.com/PyCQA/bandit/pull/1159)
- Bump docker/build-push-action from 6.3.0 to 6.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1160](https://redirect.github.com/PyCQA/bandit/pull/1160)
- Bump docker/setup-buildx-action from 3.5.0 to 3.6.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1163](https://redirect.github.com/PyCQA/bandit/pull/1163)
- Bump docker/build-push-action from 6.5.0 to 6.6.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1166](https://redirect.github.com/PyCQA/bandit/pull/1166)
- Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1165](https://redirect.github.com/PyCQA/bandit/pull/1165)
- Bump docker/build-push-action from 6.6.1 to 6.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1168](https://redirect.github.com/PyCQA/bandit/pull/1168)
- Use consistent file naming of docs by [@ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1170](https://redirect.github.com/PyCQA/bandit/pull/1170)
- Pytorch Load / Save Plugin by [@lukehinds](https://redirect.github.com/lukehinds) in [https://github.com/PyCQA/bandit/pull/1114](https://redirect.github.com/PyCQA/bandit/pull/1114)
#### New Contributors
- [@Lucas-C](https://redirect.github.com/Lucas-C) made their first contribution in [https://github.com/PyCQA/bandit/pull/757](https://redirect.github.com/PyCQA/bandit/pull/757)
**Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.9...1.7.10
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR contains the following updates:
1.7.9
->1.7.10
Release Notes
PyCQA/bandit (bandit)
### [`v1.7.10`](https://redirect.github.com/PyCQA/bandit/releases/tag/1.7.10) [Compare Source](https://redirect.github.com/PyCQA/bandit/compare/1.7.9...1.7.10) #### What's Changed - Bump docker/build-push-action from 5.4.0 to 6.0.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1147](https://redirect.github.com/PyCQA/bandit/pull/1147) - Suggested small refactors in assignments by [@ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1150](https://redirect.github.com/PyCQA/bandit/pull/1150) - Performance improvement in blacklist function by [@ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1148](https://redirect.github.com/PyCQA/bandit/pull/1148) - Add test for usage of FTP_TLS by [@ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1149](https://redirect.github.com/PyCQA/bandit/pull/1149) - New check: B113: TrojanSource - Bidirectional control characters by [@Lucas-C](https://redirect.github.com/Lucas-C) in [https://github.com/PyCQA/bandit/pull/757](https://redirect.github.com/PyCQA/bandit/pull/757) - Bump docker/build-push-action from 6.0.0 to 6.1.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1152](https://redirect.github.com/PyCQA/bandit/pull/1152) - feat(plugins): add support for `httpx` in `B113` by [@mkniewallner](https://redirect.github.com/mkniewallner) in [https://github.com/PyCQA/bandit/pull/1060](https://redirect.github.com/PyCQA/bandit/pull/1060) - Nit: remove unused variable by [@ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1153](https://redirect.github.com/PyCQA/bandit/pull/1153) - Add recent releases to version choice in bug report by [@ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1151](https://redirect.github.com/PyCQA/bandit/pull/1151) - Bump docker/build-push-action from 6.1.0 to 6.2.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1155](https://redirect.github.com/PyCQA/bandit/pull/1155) - Bump docker/build-push-action from 6.2.0 to 6.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1157](https://redirect.github.com/PyCQA/bandit/pull/1157) - Bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1156](https://redirect.github.com/PyCQA/bandit/pull/1156) - Bump docker/setup-buildx-action from 3.4.0 to 3.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1158](https://redirect.github.com/PyCQA/bandit/pull/1158) - Bump docker/login-action from 3.2.0 to 3.3.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1159](https://redirect.github.com/PyCQA/bandit/pull/1159) - Bump docker/build-push-action from 6.3.0 to 6.5.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1160](https://redirect.github.com/PyCQA/bandit/pull/1160) - Bump docker/setup-buildx-action from 3.5.0 to 3.6.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1163](https://redirect.github.com/PyCQA/bandit/pull/1163) - Bump docker/build-push-action from 6.5.0 to 6.6.1 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1166](https://redirect.github.com/PyCQA/bandit/pull/1166) - Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1165](https://redirect.github.com/PyCQA/bandit/pull/1165) - Bump docker/build-push-action from 6.6.1 to 6.7.0 by [@dependabot](https://redirect.github.com/dependabot) in [https://github.com/PyCQA/bandit/pull/1168](https://redirect.github.com/PyCQA/bandit/pull/1168) - Use consistent file naming of docs by [@ericwb](https://redirect.github.com/ericwb) in [https://github.com/PyCQA/bandit/pull/1170](https://redirect.github.com/PyCQA/bandit/pull/1170) - Pytorch Load / Save Plugin by [@lukehinds](https://redirect.github.com/lukehinds) in [https://github.com/PyCQA/bandit/pull/1114](https://redirect.github.com/PyCQA/bandit/pull/1114) #### New Contributors - [@Lucas-C](https://redirect.github.com/Lucas-C) made their first contribution in [https://github.com/PyCQA/bandit/pull/757](https://redirect.github.com/PyCQA/bandit/pull/757) **Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.9...1.7.10Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.