search

browniebroke / pypackage-template

A project template for Python package with heavy use of Github actions
MIT License
60 stars 17 forks source link

chore(deps): update pre-commit hook pycqa/bandit to v1.7.5 #470

Closed renovate[bot] closed 1 year ago

renovate[bot] commented 1 year ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
PyCQA/bandit repository patch 1.7.4 -> 1.7.5

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

Release Notes

PyCQA/bandit ### [`v1.7.5`](https://togithub.com/PyCQA/bandit/releases/tag/1.7.5) [Compare Source](https://togithub.com/PyCQA/bandit/compare/1.7.4...1.7.5) ##### What's Changed - Add an example screen shot of Bandit to README by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/847](https://togithub.com/PyCQA/bandit/pull/847) - Bad link to screen shot by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/848](https://togithub.com/PyCQA/bandit/pull/848) - Use a constant for weak hashes by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/850](https://togithub.com/PyCQA/bandit/pull/850) - Group location line with code output by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/822](https://togithub.com/PyCQA/bandit/pull/822) - Fix line range using Python 3.8 end_lineno by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/821](https://togithub.com/PyCQA/bandit/pull/821) - Add classifier to indicate Py3 only by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/853](https://togithub.com/PyCQA/bandit/pull/853) - Removal of blacklist call B309 httpsconnection by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/858](https://togithub.com/PyCQA/bandit/pull/858) - Remove blacklist call check for os.tempnam by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/859](https://togithub.com/PyCQA/bandit/pull/859) - Indiciate hash type in message by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/860](https://togithub.com/PyCQA/bandit/pull/860) - Add the httpx module check for verify by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/861](https://togithub.com/PyCQA/bandit/pull/861) - Add doc for hashlib plugin by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/862](https://togithub.com/PyCQA/bandit/pull/862) - Make use of rich for progress bar by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/863](https://togithub.com/PyCQA/bandit/pull/863) - Replace `toml` with `tomli` by [@​mkniewallner](https://togithub.com/mkniewallner) in [https://github.com/PyCQA/bandit/pull/829](https://togithub.com/PyCQA/bandit/pull/829) - Fix up B109 and B111 removed plugins docs by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/864](https://togithub.com/PyCQA/bandit/pull/864) - add check for "requests" calls without timeout by [@​mschfh](https://togithub.com/mschfh) in [https://github.com/PyCQA/bandit/pull/743](https://togithub.com/PyCQA/bandit/pull/743) - Fix for build breaks in format job by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/869](https://togithub.com/PyCQA/bandit/pull/869) - Add license and contributing links to docs by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/867](https://togithub.com/PyCQA/bandit/pull/867) - Remove redundant word Bandit in titles of sections by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/873](https://togithub.com/PyCQA/bandit/pull/873) - Add request for feedback via 👍 by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/871](https://togithub.com/PyCQA/bandit/pull/871) - Add a Discord link to the docs by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/870](https://togithub.com/PyCQA/bandit/pull/870) - Adding logging.config.listen() plugin with examples by [@​raj3shp](https://togithub.com/raj3shp) in [https://github.com/PyCQA/bandit/pull/874](https://togithub.com/PyCQA/bandit/pull/874) - Removal of ghugo by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/881](https://togithub.com/PyCQA/bandit/pull/881) - Remove redundant pip line by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/884](https://togithub.com/PyCQA/bandit/pull/884) - Corrected documentation on configuration by [@​a-takahashi223](https://togithub.com/a-takahashi223) in [https://github.com/PyCQA/bandit/pull/868](https://togithub.com/PyCQA/bandit/pull/868) - Start testing against Python 3.11 by [@​mkniewallner](https://togithub.com/mkniewallner) in [https://github.com/PyCQA/bandit/pull/887](https://togithub.com/PyCQA/bandit/pull/887) - Add myself to sponsor list by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/885](https://togithub.com/PyCQA/bandit/pull/885) - Add Discord link to README by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/875](https://togithub.com/PyCQA/bandit/pull/875) - Update action versions in Actions workflows ([#​890](https://togithub.com/PyCQA/bandit/issues/890)) by [@​mportesdev](https://togithub.com/mportesdev) in [https://github.com/PyCQA/bandit/pull/893](https://togithub.com/PyCQA/bandit/pull/893) - Add dependency review action by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/891](https://togithub.com/PyCQA/bandit/pull/891) - Fix an unclosed tag in HTML formatter by [@​mportesdev](https://togithub.com/mportesdev) in [https://github.com/PyCQA/bandit/pull/896](https://togithub.com/PyCQA/bandit/pull/896) - 'Test plugin listing' in docs incorrectly pointing B612 to plugin ref of B102 by [@​rajaramsrn](https://togithub.com/rajaramsrn) in [https://github.com/PyCQA/bandit/pull/897](https://togithub.com/PyCQA/bandit/pull/897) - Make small fixes in docs by [@​mportesdev](https://togithub.com/mportesdev) in [https://github.com/PyCQA/bandit/pull/899](https://togithub.com/PyCQA/bandit/pull/899) - Specify semver range for Python 3.11 by [@​mportesdev](https://togithub.com/mportesdev) in [https://github.com/PyCQA/bandit/pull/901](https://togithub.com/PyCQA/bandit/pull/901) - Add another bad example of yaml load by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/905](https://togithub.com/PyCQA/bandit/pull/905) - Add releases link in "Version control integration" by [@​travisjungroth](https://togithub.com/travisjungroth) in [https://github.com/PyCQA/bandit/pull/909](https://togithub.com/PyCQA/bandit/pull/909) - Update version of dependency-review-action by [@​mportesdev](https://togithub.com/mportesdev) in [https://github.com/PyCQA/bandit/pull/911](https://togithub.com/PyCQA/bandit/pull/911) - Avoid redundant message if debug on by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/913](https://togithub.com/PyCQA/bandit/pull/913) - Remove invalid checking on hashlib by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/914](https://togithub.com/PyCQA/bandit/pull/914) - Add some missing curve types by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/920](https://togithub.com/PyCQA/bandit/pull/920) - add jsonpickle deserialization blacklist by [@​SugarP1g](https://togithub.com/SugarP1g) in [https://github.com/PyCQA/bandit/pull/707](https://togithub.com/PyCQA/bandit/pull/707) - Fix reading the number argument from config file by [@​KAUTH](https://togithub.com/KAUTH) in [https://github.com/PyCQA/bandit/pull/923](https://togithub.com/PyCQA/bandit/pull/923) - Add end_col_offset if available by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/851](https://togithub.com/PyCQA/bandit/pull/851) - Enhancement Proposal: Plugin "assert_used" config-skip snippet by [@​marianomartinelli](https://togithub.com/marianomartinelli) in [https://github.com/PyCQA/bandit/pull/695](https://togithub.com/PyCQA/bandit/pull/695) - Blacklist pandas read_pickle and add functional test for it by [@​jaspersival](https://togithub.com/jaspersival) in [https://github.com/PyCQA/bandit/pull/710](https://togithub.com/PyCQA/bandit/pull/710) - Docs for request without timeout has dead link by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/925](https://togithub.com/PyCQA/bandit/pull/925) - Add case for global exec by [@​tonybaloney](https://togithub.com/tonybaloney) in [https://github.com/PyCQA/bandit/pull/570](https://togithub.com/PyCQA/bandit/pull/570) - Fix a false positive condition yaml_load by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/927](https://togithub.com/PyCQA/bandit/pull/927) - Fix issue [#​453](https://togithub.com/PyCQA/bandit/issues/453) jinja2 template select_autoescape when using jinja2.select_autoescape by [@​kinow](https://togithub.com/kinow) in [https://github.com/PyCQA/bandit/pull/454](https://togithub.com/PyCQA/bandit/pull/454) - Adding tarfile.extractall() plugin with examples by [@​yilmi](https://togithub.com/yilmi) in [https://github.com/PyCQA/bandit/pull/549](https://togithub.com/PyCQA/bandit/pull/549) - Check for deprecated TLS 1.1 by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/928](https://togithub.com/PyCQA/bandit/pull/928) - weak_cryptographic_key assumes positional arg by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/930](https://togithub.com/PyCQA/bandit/pull/930) - Fix filename of B202 in docs by [@​mportesdev](https://togithub.com/mportesdev) in [https://github.com/PyCQA/bandit/pull/932](https://togithub.com/PyCQA/bandit/pull/932) - Remove python 2 reference in docs by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/933](https://togithub.com/PyCQA/bandit/pull/933) - Pass correct number of arguments to match the `%s` placeholders. by [@​mportesdev](https://togithub.com/mportesdev) in [https://github.com/PyCQA/bandit/pull/934](https://togithub.com/PyCQA/bandit/pull/934) - Fixup some invalid pickle testing by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/924](https://togithub.com/PyCQA/bandit/pull/924) - Fix json and yaml formatters to respect num lines by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/929](https://togithub.com/PyCQA/bandit/pull/929) - Fix AttributeError on detect of tuple assign condition by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/931](https://togithub.com/PyCQA/bandit/pull/931) - \[docs] Mention `exclude_dirs` option available in TOML and YAML by [@​bittner](https://togithub.com/bittner) in [https://github.com/PyCQA/bandit/pull/876](https://togithub.com/PyCQA/bandit/pull/876) - Typo fix by [@​PermanAtayev](https://togithub.com/PermanAtayev) in [https://github.com/PyCQA/bandit/pull/945](https://togithub.com/PyCQA/bandit/pull/945) - remove py2 exec example in docs by [@​clavedeluna](https://togithub.com/clavedeluna) in [https://github.com/PyCQA/bandit/pull/947](https://togithub.com/PyCQA/bandit/pull/947) - Add official Python 3.11 support by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/964](https://togithub.com/PyCQA/bandit/pull/964) - DOC: Add explanation on how to use pre-commit with config file by [@​phofl](https://togithub.com/phofl) in [https://github.com/PyCQA/bandit/pull/968](https://togithub.com/PyCQA/bandit/pull/968) - Fix breaking build due to new tox by [@​ericwb](https://togithub.com/ericwb) in [https://github.com/PyCQA/bandit/pull/983](https://togithub.com/PyCQA/bandit/pull/983) - Correct build status badge in README by [@​gliptak](https://togithub.com/gliptak) in [https://github.com/PyCQA/bandit/pull/980](https://togithub.com/PyCQA/bandit/pull/980) - Improve detecting SQL injections in f-strings by [@​kfrydel](https://togithub.com/kfrydel) in [https://github.com/PyCQA/bandit/pull/917](https://togithub.com/PyCQA/bandit/pull/917) - Improve handling nosec for multi-line strings by [@​kfrydel](https://togithub.com/kfrydel) in [https://github.com/PyCQA/bandit/pull/915](https://togithub.com/PyCQA/bandit/pull/915) - Check for github action updates monthly by [@​jlosito](https://togithub.com/jlosito) in [https://github.com/PyCQA/bandit/pull/989](https://togithub.com/PyCQA/bandit/pull/989) - Added a bit more `project_urls` by [@​KOLANICH](https://togithub.com/KOLANICH) in [https://github.com/PyCQA/bandit/pull/985](https://togithub.com/PyCQA/bandit/pull/985) ##### New Contributors - [@​mschfh](https://togithub.com/mschfh) made their first contribution in [https://github.com/PyCQA/bandit/pull/743](https://togithub.com/PyCQA/bandit/pull/743) - [@​raj3shp](https://togithub.com/raj3shp) made their first contribution in [https://github.com/PyCQA/bandit/pull/874](https://togithub.com/PyCQA/bandit/pull/874) - [@​a-takahashi223](https://togithub.com/a-takahashi223) made their first contribution in [https://github.com/PyCQA/bandit/pull/868](https://togithub.com/PyCQA/bandit/pull/868) - [@​mportesdev](https://togithub.com/mportesdev) made their first contribution in [https://github.com/PyCQA/bandit/pull/893](https://togithub.com/PyCQA/bandit/pull/893) - [@​rajaramsrn](https://togithub.com/rajaramsrn) made their first contribution in [https://github.com/PyCQA/bandit/pull/897](https://togithub.com/PyCQA/bandit/pull/897) - [@​travisjungroth](https://togithub.com/travisjungroth) made their first contribution in [https://github.com/PyCQA/bandit/pull/909](https://togithub.com/PyCQA/bandit/pull/909) - [@​SugarP1g](https://togithub.com/SugarP1g) made their first contribution in [https://github.com/PyCQA/bandit/pull/707](https://togithub.com/PyCQA/bandit/pull/707) - [@​KAUTH](https://togithub.com/KAUTH) made their first contribution in [https://github.com/PyCQA/bandit/pull/923](https://togithub.com/PyCQA/bandit/pull/923) - [@​marianomartinelli](https://togithub.com/marianomartinelli) made their first contribution in [https://github.com/PyCQA/bandit/pull/695](https://togithub.com/PyCQA/bandit/pull/695) - [@​jaspersival](https://togithub.com/jaspersival) made their first contribution in [https://github.com/PyCQA/bandit/pull/710](https://togithub.com/PyCQA/bandit/pull/710) - [@​kinow](https://togithub.com/kinow) made their first contribution in [https://github.com/PyCQA/bandit/pull/454](https://togithub.com/PyCQA/bandit/pull/454) - [@​yilmi](https://togithub.com/yilmi) made their first contribution in [https://github.com/PyCQA/bandit/pull/549](https://togithub.com/PyCQA/bandit/pull/549) - [@​PermanAtayev](https://togithub.com/PermanAtayev) made their first contribution in [https://github.com/PyCQA/bandit/pull/945](https://togithub.com/PyCQA/bandit/pull/945) - [@​clavedeluna](https://togithub.com/clavedeluna) made their first contribution in [https://github.com/PyCQA/bandit/pull/947](https://togithub.com/PyCQA/bandit/pull/947) - [@​phofl](https://togithub.com/phofl) made their first contribution in [https://github.com/PyCQA/bandit/pull/968](https://togithub.com/PyCQA/bandit/pull/968) - [@​gliptak](https://togithub.com/gliptak) made their first contribution in [https://github.com/PyCQA/bandit/pull/980](https://togithub.com/PyCQA/bandit/pull/980) - [@​kfrydel](https://togithub.com/kfrydel) made their first contribution in [https://github.com/PyCQA/bandit/pull/917](https://togithub.com/PyCQA/bandit/pull/917) - [@​jlosito](https://togithub.com/jlosito) made their first contribution in [https://github.com/PyCQA/bandit/pull/989](https://togithub.com/PyCQA/bandit/pull/989) - [@​KOLANICH](https://togithub.com/KOLANICH) made their first contribution in [https://github.com/PyCQA/bandit/pull/985](https://togithub.com/PyCQA/bandit/pull/985) **Full Changelog**: https://github.com/PyCQA/bandit/compare/1.7.4...1.7.5

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • [ ] If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.